Search code examples
dockerbuildpermissionsdockerfilessh-agent

Dockerfile: Permission denied during build when running ssh-agent on /tmp

So I'm trying to create an image, which adds a SSH private key to /tmp, runs ssh-agent on it, does a git clone and then deletes the key again.

This is the idea I'm trying to accomplish

Dockerfile:

FROM node:4.2.4
MAINTAINER Me

CMD ["/bin/bash"]

ENV GIT_SSL_NO_VERIFY=1
ENV https_proxy="httpsproxy"
ENV http_proxy="httpproxy"
ENV no_proxy="exceptions"

ADD projectfolder/key /tmp/
RUN ssh-agent /tmp

WORKDIR /usr/src/app

RUN git clone git@gitlab.private.address:something/target.git

RUN rm /tmp/key

WORKDIR /usr/src/app/target

RUN npm install

EXPOSE 3001

Now the problem lies within the build-process. I use the following command to build:

docker build -t samprog/targetimage:4.2.4 -f projectfolder/dockerfile .

The layers up to "ADD projectfolder/key /tmp/" work just fine, though the "RUN ssh-agent /tmp" layer doesn't want to cooperate.

Error code:

Step 9 : RUN ssh-agent /tmp/temp
 ---> Running in d2ed7c8870ae
/tmp: Permission denied
The command '/bin/sh -c ssh-agent /tmp' returned a non-zero code: 1

Any ideas? Since I thought it was a permission issue, where the directory was already created by the parent image, I created a /tmp/temp and put the key in there. Doesn't work either, same error.

I'm using Docker version 1.10.3 on SLES12 SP1

Solution

  • I did it. What I did is, I got rid of ssh-agent. I simply copied the ~/.ssh- directory of my docker-host into the /root/.ssh of the image and it worked.

    Do not use the ~ though, copy the ~/.ssh-directory inside the projectfolder first and then with the dockerfile inside the container.

    Final dockerfile looked as follows:

    FROM node:4.2.4
MAINTAINER me

CMD["/bin/bash"]

ENV GIT_SSL_NO_VERIFY=1
ENV https_proxy="httpsproxy"
ENV http_proxy="httpproxy"
ENV no_proxy="exceptions"

ADD projectfolder/.ssh /root/.ssh

WORKDIR /usr/src/app

RUN git clone git@gitlab.private.address:something/target.git

RUN rm -r /root/.ssh

WORKDIR /urs/src/app/target

RUN npm set registry http://local-npm-registry
RUN npm install

EXPOSE 3001

    The dockerfile still has to be improved on efficiency and stuff, but it works! Eureka!

    The image now has to be squashed and it should be safe to use, though we only use it in our local registry.