docker-ssh-agent-forward icon indicating copy to clipboard operation
docker-ssh-agent-forward copied to clipboard

Published 20 hours ago verified publisher icon uber-common

configurable bind mount, for docker-compose support

Open aripringle opened this issue 5 years ago • 5 comments

aripringle avatar Jun 25 '19 22:06 aripringle

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Jun 25 '19 22:06 CLAassistant

@aripringle I'm trying your solution but I keep getting an error when I try to run my container with docker-compose.

Cannot create container for service web: invalid mount config for type "bind": bind source path does not exist: /Users/myUser/.pinata-ssh-agent

my docker-compose.yml looks like this:

version: '3.3'

services:
 ...

  web:
    image: ecomm:latest
    command: bundle exec foreman start -f Procfile.development
    ports:
      - "5000:5000"
    links:
      - db
      - redis
    environment:
      - REDIS_URL=redis://cache
      - SSH_AUTH_SOCK=/ssh-agent/ssh-agent.sock
    volumes:
      - type: bind
        source: ${HOME}/.pinata-ssh-agent
        target: /ssh-agent
      - .:/myapp  

# Names our volume
volumes:
  my-db:

Can you give me a hand?

hecbuma avatar Jan 22 '20 22:01 hecbuma

@hecbuma Two things should need to happen here:

  1. As mentioned in my README changes, .pinata-ssh.env file that declares VOLUME_TYPE=bind. Quick command for that should be: echo 'VOLUME_TYPE=bind' > ~/.pinata-ssh.env

  2. As described in the original README, you'll need to run pinata-ssh-forward on every boot of your machine.

After doing these two steps (presuming you're using the changes from this PR), you should find a .pinata-ssh-agent directory created in your home dir, at which point your docker-compose config should work.

Hope that helps!

aripringle avatar Jan 23 '20 00:01 aripringle

@aripringle ok I was in the wrong branch 🙃 now I switched to docker-compose-support and the folder is created correctly.

Now I'm trying to bring up my container with docker-compose and for a test, I'm trying to ssh into GitHub just to confirm the agent is being forwarded but I keep getting permission denied

Step 3/9 : RUN ssh -T [email protected]
 ---> Running in dcf1f92f0530
Warning: Permanently added the RSA host key for IP address '140.82.114.3' to the list of known hosts.
[email protected]: Permission denied (publickey).

Do you have another way to confirm is it working?

hecbuma avatar Jan 23 '20 01:01 hecbuma

@aripringle ok nevermind I was doing it wrong trying to use the volume and the socket on the build. I remove that from my Dockerfile and let the container build, after that I tried to ssh to GitHub and worked.

Thanks!

$ docker-compose run web ssh -T [email protected]
Starting e-dd_db_1 ... done
Starting cache       ... done
Warning: Permanently added the RSA host key for IP address '192.30.253.113' to the list of known hosts.
Hi XXX! You've successfully authenticated, but GitHub does not provide shell access.

hecbuma avatar Jan 23 '20 16:01 hecbuma