4
我试图运行bower install泊坞窗容器内,在docker-compose.yml使用凉亭码头工人,容器内有私人回购依赖
相关的代码在docker-compose.yml的命令传递:
services:
assets:
build: ./src
command: >
sh -c '
bower install --allow-root;
'
bower.json具有以下依赖性:
{
"name": "projectname",
"version": "version",
"dependencies": {
"remote-repo": "ssh://[email protected]/repo.git#branch"
}
}
此远程回购是私人的。主机具有正确的SSH凭据以从该远程计算机上获取。
我试图从我的主机通过SSH凭据泊坞窗容器4种或5个不同的方式,但每一次尝试网我同样的错误消息:
docker_1 | bower repo#branch ECMDERR Failed to execute "git
ls-remote --tags --heads ssh://[email protected]/repo.git", exit code
of #128 Host key verification failed. fatal: Could not read from
remote repository. Please make sure you have the correct access
rights and the repository exists.
当我exec直接放入容器中,并尝试一个git克隆,它询问我是否确定要将远程端口添加到known_hosts,然后它会询问我的ssh密钥的密码(正如第一次尝试连接到远程端口时所预期的那样)。
我曾跟随这个计算器响应的步骤,试图绕过提示:https://stackoverflow.com/a/23411161/4736263
即使它通过ssh,我可以,添加下列步骤来我Dockerfile RUN下竟然抛开一切去命令:https://serverfault.com/questions/132970/can-i-automatically-add-a-new-host-to-known-hosts/316100#316100
目前的情况是,我的安装脚本(运行docker-compose up,除其他事项外),包括该行:
cp $HOME/.ssh/id_rsa src/id_rsa
而且我已经证实,id_rsa被正确拷贝到其中Dockerfile是(具体src我的应用程序内)
目录,我Dockerfile包含此:
# Make ssh dir
RUN mkdir /root/.ssh/
# Copy over private key, and set permissions
ADD id_rsa /root/.ssh/id_rsa
# Create known_hosts
RUN touch /root/.ssh/known_hosts
# Add remote's key
RUN ssh-keygen -R remoterepo.url
RUN ssh-keygen -R remoterepoIP
RUN ssh-keygen -R remoterepo.url,remoterepoIP
RUN ssh-keyscan -H remoterepo.url,remoterepoIP >> /root/.ssh/known_hosts
RUN ssh-keyscan -H remoterepoIP >> /root/.ssh/known_hosts
RUN ssh-keyscan -H remoterepo.url >> /root/.ssh/known_hosts
有没有什么办法让泊坞窗容器内的凉亭访问私人远程回购?我觉得我已经尝试了一切(我整个星期都在尝试不同的事情)。
