Passing files from Google Cloud Container Builder to Docker build task

Dockerfile COPY can use multiple <src> resources, but the paths of files and directories will be interpreted as relative to the source of the context of the build.

That is your current path where you execute the docker build . command.

In your case, if /root/.ssh is mounted when the Dockerfile executes its step, a simple RUN cp /root/.ssh/... /destination/path would be enough.

However, you cannot mount a volume at docker build time (see moby issue 14080), so check this solution: a multi-stage build can help.


Ok, I managed to do what was referenced in the answer and comments above. here's what I did. Note that I had my id_rsa and known_hosts file in the volume /root/.ssh, as the question author posted. I assume he got to his state by following this article: https://cloud.google.com/container-builder/docs/access-private-github-repos

In my cloudbuild.yaml: After cloning my repo, but before the docker build, I added this step:

- name: 'gcr.io/cloud-builders/git' entrypoint: 'bash' args: - '-c' - cp /root/.ssh/{id_rsa,known_hosts} . volumes: - name: 'ssh' path: /root/.ssh

then, in the Dockerfile:

COPY id_rsa /root/.ssh/id_rsa COPY known_hosts /root/.ssh/known_hosts RUN eval $(ssh-agent) && \ echo -e "StrictHostKeyChecking no" >> /etc/ssh/ssh_config && \ ssh-add /root/.ssh/id_rsa

Note, I'm not worried about the keys living in my container, because I'm using multi-stage builds.