SSH agent forwarding during docker build

by

For Docker 18.09 and newer

You can use new features of Docker to forward your existing SSH agent connection or a key to the builder. This enables for example to clone your private repositories during build.

Steps:

First set environment variable to use new BuildKit

export DOCKER_BUILDKIT=1

Then create Dockerfile with new (experimental) syntax:

# syntax=docker/dockerfile:experimental

FROM alpine

# install ssh client and git
RUN apk add --no-cache openssh-client git

# download public key for github.com
RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan github.com >> ~/.ssh/known_hosts

# clone our private repository
RUN --mount=type=ssh git clone [email protected]:myorg/myproject.git myproject

And build image with

docker build --ssh default .

Read more about it here: https://medium.com/@tonistiigi/build-secrets-and-ssh-forwarding-in-docker-18-09-ae8161d066

Leave a Comment