Passing files from Google Cloud Container Builder to Docker build task
Dockerfile COPY
can use multiple <src>
resources, but the paths of files and directories will be interpreted as relative to the source of the context of the build.
That is your current path where you execute the docker build .
command.
In your case, if /root/.ssh is mounted when the Dockerfile executes its step, a simple RUN cp /root/.ssh/... /destination/path
would be enough.
However, you cannot mount a volume at docker build
time (see moby issue 14080), so check this solution: a multi-stage build can help.
Ok, I managed to do what was referenced in the answer and comments above. here's what I did. Note that I had my id_rsa and known_hosts file in the volume /root/.ssh, as the question author posted. I assume he got to his state by following this article: https://cloud.google.com/container-builder/docs/access-private-github-repos
In my cloudbuild.yaml: After cloning my repo, but before the docker build, I added this step:
- name: 'gcr.io/cloud-builders/git'
entrypoint: 'bash'
args:
- '-c'
- cp /root/.ssh/{id_rsa,known_hosts} .
volumes:
- name: 'ssh'
path: /root/.ssh
then, in the Dockerfile:
COPY id_rsa /root/.ssh/id_rsa
COPY known_hosts /root/.ssh/known_hosts
RUN eval $(ssh-agent) && \
echo -e "StrictHostKeyChecking no" >> /etc/ssh/ssh_config && \
ssh-add /root/.ssh/id_rsa
Note, I'm not worried about the keys living in my container, because I'm using multi-stage builds.