ssh key for interaction with git

[rtmie]

Both agent and server will need to interact with a remote SCM system, e.g. git/gerrit and hence will need to register a key with that repository. Go application software does not support configuration of ssh key as part of Material config for pipeline.

One work around for this is a server environment is to create ssh key for the go user and register those keys for a go user in the e.g. gerrit system.

What is the view on how this should be delivered for container version? Options would be:

1. Build ssh key generation into docker image
2. Check for key at startup and generate if absent.
3. Add reference to external key url somewhere and add as environment variable
4. can be done today for agent in "child build" -from gocd/gocd-agent, but not in server as VOLUME command locks down /var/go.
5. could be done with a a simple check at start of go-server-start.sh

show_msg "Checking for ssh key ..." if [ ! -f /var/go/.ssh/id_rsa ] || [ ! -f /var/go/.ssh/id_rsa.pub ]; then show_msg "No ssh key found. Generating ..." ssh-keygen -t rsa -N "" -f /var/go/.ssh/id_rsa fi

I suspect there is also possible a third solution using some kind of sidecar container to do do git/gerrit interaction and and act as a data container to the server/agent (but that is beyond my current docker knowledge :-) )

Would a PR for option 2 be acceptable?

[zabil]

@rtmie sorry for the delay, but yeah option 2 is acceptable.