NixiN/ssh-agent-action
2
0
Fork 0
mirror of https://github.com/webfactory/ssh-agent.git synced 2024-11-21 16:50:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

docs: update Dockerfile recommendation for local builds

Browse source
This commit is contained in:
znorgaard 2024-07-24 14:29:47 -07:00
parent dc588b651f
commit 551655aaa9
No known key found for this signature in database
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
README.md
View file

@ -156,10 +156,12 @@ Workflow:
Dockerfile: Dockerfile:
To prevent errors when building the docker image locally, copy a file which is guaranteed to exist (such as the Dockerfile) along with `root-config`.
Additionally, before running the `sed` command, confirm the existence of the `/root/.ssh/config` file.
```Dockerfile ```Dockerfile
# Copy the two files in place and fix different path/locations inside the Docker image COPY Dockerfile root-config* /root/
COPY root-config /root/ RUN if [ -f "/root/.ssh/config" ]; then sed 's|/home/runner|/root|g' -i.bak /root/.ssh/config; fi
RUN sed 's|/home/runner|/root|g' -i.bak /root/.ssh/config
``` ```
Keep in mind that the resulting Docker image now might contain these customized Git and SSH configuration files! Your private SSH keys are never written to files anywhere, just loaded into the SSH agent and forwarded into the container. The config files might, however, give away details about your build or development process and contain the names and URLs of your (private) repositories. You might want to use a multi-staged build to make sure these files do not end up in the final image. Keep in mind that the resulting Docker image now might contain these customized Git and SSH configuration files! Your private SSH keys are never written to files anywhere, just loaded into the SSH agent and forwarded into the container. The config files might, however, give away details about your build or development process and contain the names and URLs of your (private) repositories. You might want to use a multi-staged build to make sure these files do not end up in the final image.