I am building a project which requires some dependencies on private python repositories. This repo has inside a submodule which also points out to a private repo. I can fetch it on my machine using an ssh key which is not convenient inside a container.
In my dockerfile, I am blocking on this step:
RUN pip3 install wheel \
&& pip3 wheel git+https://${GITHUB_TOKEN}@github.com/owner/repo.git@master \
--wheel-dir=/svc/wheels
It can fetch repo without problem but cannot handle the submodule. I guess pip resolves the URL and doesn't pass the token initially transferred.
I don't really know how to workaround the issue. I could have the folder locally and copy it, or setup a private pip repo I'd access during build time (if it's possible), or use ssh keys inside the container (sounds like a terrible approach to me).
Is there any "standard way to do it" ? If not what would you suggest?
EDIT1: this seems like a git issue as git clone --recursive doesn't work neither
Rather than passing ${GITHUB_TOKEN) on the command line, you should be able to configure that into a .netrc file as described e.g. in this answer.
Your Dockerfile would include something like:
RUN echo machine github.com login ${GITHUB_TOKEN} > ~/.netrc
RUN pip3 install wheel \
&& pip3 wheel git+https://github.com/owner/repo.git@master \
--wheel-dir=/svc/wheels