Gogs cloning with ssh and Docker

[bluebaroncanada]

Just wondering how one might go about retrieving libraries with an ssh key using the Docker container. We use exclusively ssh for getting our packages using Gogs. So our repository definitions look like:

  "repositories": [    {  "type": "git",  "url": "[email protected]:xxx/xxx.git" }  ],

and then on our systems we have ~/.ssh/configs to permit access over that url.

Right now when I try to grab packages, I'm getting

  [RuntimeException]
  Failed to execute git clone --mirror '[email protected]:xxx/xxx.git' '/composer/cache/vcs/git-git.xxx.com-xxx.git/'
  Cloning into bare repository '/composer/cache/vcs/git-git.xxx.xxx.git'...
  Warning: Permanently added 'xxx' (ECDSA)
   to the list of known hosts.
  Permission denied (publickey).
  fatal: Could not read from remote repository.
  Please make sure you have the correct access rights
  and the repository exists.

, which is understandable because I haven't configured any key for accessing the git server.

[crzdeveloper]

It seems that satis tries to use an SSH key which is inside the docker container and that key is not known to the Gogs server. You can grant that key read-only access or so.

In more sophisticated cases you can pass the SSH key pair of your host machine into the container using volumes:

docker run -t --rm \
-v /home/USER/.ssh/id_rsa.pub:/home/satis/.ssh/id_rsa.pub \
-v /home/USER/.ssh/id_rsa:/home/satis/.ssh/id_rsa \
.....

If the SSH key has a passphrase, you need to first of all add that key into the SSH agent (on host machine):

ssh-add

and then pass the SSH agent socket into the docker container:

docker run -t --rm \
-v $(dirname $SSH_AUTH_SOCK):$(dirname $SSH_AUTH_SOCK) \
-e SSH_AUTH_SOCK=$SSH_AUTH_SOCK \
any-docker-image-name \
ssh-add -L