enable ssh agent

[bkk-bcd]

Fixes merge conflicts and defects in #336

Will enable https://docs.docker.com/develop/develop-images/build_enhancements/#using-ssh-to-access-private-data-in-builds

For example with the following starlark snippet:

"settings": {
    "registry": "xxx.dkr.ecr.us-east-1.amazonaws.com",
    "repo": "drone-test-build-docker",
    "dockerfile": "Dockerfile.python",
    "custom_dns": "169.254.169.253",
    "ssh_agent": "default",
},
"environment": {
    "SSH_KEY": {
        "from_secret": "SSH_KEY",
    },
}

And using the following Dockerfile:

FROM python:3.9.0-slim

RUN apt-get update && apt-get install -y  \
    git \
    openssh-client \
    && rm -rf /var/lib/apt/lists/*

RUN mkdir -p -m 0600 ~/.ssh && \
    ssh-keyscan github.com >> ~/.ssh/known_hosts

WORKDIR /workspace

RUN --mount=type=ssh git clone [email protected]:someorg/somerepo.git

Please note as in this example its expected that a private, base64 encoded, ssh key is provided in the SSH_KEY environment variable. You should use drone secret mechanisms accordingly.

[bkk-bcd]

@tphoney can you take a look?

[RickCraig]

Hi @bkk-bcd,

We really appreciate the effort you've put into this PR, and it's something we would like to support in Drone. We plan to implement this is a slightly different way. We will be using your PR as a guide.

I've added this is an item to our backlog, and will prioritize it based on the overall vision of CI & Drone at Harness.

In the meantime you can continue to use the fork and decide whether you would like to use our implementation when it's released in the future.

Again thanks for the effort, much appreciated!

[bkk-bcd]

Look forward to seeing that happen, hopefully soon 😉

[bkk-bcd]

@RickCraig did a solution for this get incorporated into drone master?

[thematrixdev]

Have the --ssh been implemented?

I have tried for two weeks but still cannot get it work.

[jimsheldon]

@thematrixdev the comments in https://github.com/drone-plugins/drone-docker/pull/382 might help