#docker (2019-01)
All things docker
Archive: https://archive.sweetops.com/docker/
2019-01-03
docker hub is down
2019-01-23
hey, question.. I have a git repo with submodules of our app repos. in this directory i’ve got docker-compose.yaml file.
Is it possible to use context to a git repo just for the Dockerfile, but when building make it use the local folder from submodule? I want to do docker-compose build app
- get dockerfile / entrypoint file from repo
- build image by copying things from submodule
ping me in a few hours if you don’t get a response
ok
Ok, so it sounds like you’re having trouble pulling submodules from private git repo inside of Docker?
If so, see this:
2019-01-24
oh thanks
@i5okie let me know if you get that working. I haven’t tried it yet, but looks cool!
@tamsky have you tried this?
reading right now
I just upgraded my Docker Desktop on OSX to 2.0.0.2 to test this. The secrets file stuff works with “experimental features” enabled. The ssh_agent stuff, not so much.
experimental features flag
What happened when you tried using the SSH agent stuff?
# make ssh
export DOCKER_BUILDKIT=1
docker build --ssh default -f Dockerfile.ssh .
[+] Building 2.4s (9/9) FINISHED
=> [internal] load build definition from Dockerfile.ssh 0.0s
=> => transferring dockerfile: 334B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> resolve image config for docker.io/docker/dockerfile:experimental 1.0s
=> CACHED <docker-image://docker.io/docker/dockerfile:experimental@sha256:2220efe9582e00cd8f6bbee8f4566e34d7f0388c0e10f2> 0.0s
=> [internal] load metadata for docker.io/library/alpine:latest 0.0s
=> [1/4] FROM docker.io/library/alpine 0.0s
=> CACHED [2/4] RUN apk add --no-cache openssh-client git 0.0s
=> CACHED [3/4] RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan github.com >> ~/.ssh/known_hosts 0.0s
=> ERROR [4/4] RUN ssh-add -l 0.6s
------
> [4/4] RUN ssh-add -l:
#9 0.397 Could not open a connection to your authentication agent.
------
rpc error: code = Unknown desc = executor failed running [/bin/sh -c ssh-add -l]: exit code: 2
https://github.com/mariusgrigaitis/docker-mac-ssh-auth-sock
might be a workable hack for interactive use, but buildkit docker build can’t use that hack.
basically OSX socket sharing isn’t supported yet:
iheartradio[1] has gotten around this entire mess using multiple stages and ephemerally tagged local images:
- download source
docker run … ; docker commitusing a different author’s ssh-agent forwarding hack[2] - followed by a final
docker buildwhich can build the source and do what it wants with the artifacts.
[1] https://github.com/iheartradio/docker-node [2] https://github.com/avsm/docker-ssh-agent-forward
oh interesting using multistage like that
also, for folks following along from home, here’s the “check if your setup is experimental”:
# docker info | grep -i Experimental
Experimental: true
2019-01-28
and here lies my error:
=> [4/4] RUN ssh-add -l:
#9 0.397 Could not open a connection to your authentication agent.
------
rpc error: code = Unknown desc = executor failed running [/bin/sh -c ssh-add -l]: exit code: 2
RUN command should read RUN --mount=type=ssh ssh-add -l | tee /hello
working build output from OSX:
# ( export DOCKER_BUILDKIT=1 && docker build --ssh default -f Dockerfile.ssh . )
[+] Building 1.6s (10/10) FINISHED
=> [internal] load .dockerignore 0.4s
=> => transferring context: 2B 0.0s
=> [internal] load build definition from Dockerfile.ssh 0.7s
=> => transferring dockerfile: 41B 0.0s
=> resolve image config for docker.io/docker/dockerfile:experimental 0.0s
=> CACHED <docker-image://docker.io/docker/dockerfile:experimental> 0.0s
=> [internal] load metadata for docker.io/library/alpine:latest 0.0s
=> [1/4] FROM docker.io/library/alpine 0.0s
=> CACHED [2/4] RUN apk add --no-cache openssh-client git 0.0s
=> CACHED [3/4] RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan github.com >> ~/.ssh/known_hosts 0.0s
=> CACHED [4/4] RUN --mount=type=ssh ssh-add -l | tee /hello 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:7dcdf95d6e1745d9c12ca89b2209fd58fe7417c93acb1e3e5ce35a20ff544b14 0.0s
/hello does get populated, so we finally have a cross platform solution for the agent
and for folks who want to know more about how “Docker for Mac” works… I found this great, and very detailed, post about it:
2019-01-30
how do you guys handle the ordered_placement_strategy in a ecs service module, from an input perspective (passing a list of maps or map) when passing several strategies? I couldn’t find an example in cloudposse ecs service modules