Docker 加载键“/root/.ssh/id_rsa":格式无效 [英] Docker Load key "/root/.ssh/id_rsa": invalid format

问题描述

我正在尝试克隆其中包含子模块的存储库.主仓库可以很好地克隆，但是当我在 dockerfile 中执行 git submodule update --init --recursive 时，子模块会抛出错误.

I am trying to clone a repo that has submodules in it. The main repo is cloning fine but when I do git submodule update --init --recursive in the dockerfile the submodules throws and error.

fatal: clone of 'git@github.com:jkeys089/lua-resty-hmac.git' into submodule path '/tmp/third-party/lua-resty-hmac' failed
Failed to clone 'third-party/lua-resty-hmac'. Retry scheduled
Cloning into '/tmp/third-party/lua-resty-jwt'...
load pubkey "/root/.ssh/id_rsa": invalid format
Warning: Permanently added the RSA host key for IP address '140.82.118.3' to the list of known hosts.
Load key "/root/.ssh/id_rsa": invalid format
git@github.com: Permission denied (publickey).

在图片中我有这个

# authorise ssh host
RUN mkdir /root/.ssh/ 
    && chmod 700 /root/.ssh 
    && ssh-keyscan github.com > /root/.ssh/known_hosts

# add key and set permission
RUN echo "${SSH_PRIVATE_KEY}" >> /root/.ssh/id_rsa 
    && echo "$ssh_pub_key" > /root/.ssh/id_rsa.pub 
    && chmod 600 /root/.ssh/id_rsa.pub 
    && chmod 600 /root/.ssh/id_rsa

我无法控制子模块.我不确定是否可以从 git@github.com 更改为 https 以获取子模块.

I have no control of the submodules. I am not sure if I can change from git@github.comto https to get submodules.

我什至尝试过使用 GITHUB_TOKEN 路由

I even tried using the GITHUB_TOKEN route

# start up git and clone
RUN git config --global url."https://${GITHUB_TOKEN}@github.com/".insteadOf "https://github.com/" 
    && git clone https://github.com/GluuFederation/gluu-gateway.git /tmp 
    && cd /tmp/ 
    && git submodule update --init --recursive

下面是构建命令的一部分.build --build-arg GITHUB_TOKEN=${GITHUB_TOKEN} --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)" --build-arg ssh_pub_key="$(cat ~/.ssh/id_rsa.pub)"

And below is the part of the build command. build --build-arg GITHUB_TOKEN=${GITHUB_TOKEN} --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)" --build-arg ssh_pub_key="$(cat ~/.ssh/id_rsa.pub)"

请帮忙解决这个问题.这非常令人沮丧.:(

Please help out on this. It's very frustrating. :(

推荐答案

如果key是invalid format"，尝试用旧 PEM 格式.

If the key is "invalid format", try and regenerate it with the old PEM format.

ssh-keygen -m PEM -t rsa -P "" 

确保将公钥添加到您的 GitHub 帐户以进行正确的身份验证.

Make sure to add the public key to your GitHub account for proper authentication.

OP Shammir 增加了 在评论中:

我认为问题是在构建过程中没有任何内容从主机复制到 docker 映像.

I think the issue is that nothing is being copied from host machine to docker image during build.

在docker build --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)" 返回空"，Shammir 使用 dockito/vault管理私钥，但也将其配置为AddKeysToAgent":如果私钥不受密码保护(如我上面的命令)，则不需要这样做

In "docker build --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)" returning empty", Shammir uses dockito/vault to manage the private key, but also configure it to "AddKeysToAgent": that is not needed if the private key is not passphrase protected (as in my command above)

这篇关于Docker 加载键“/root/.ssh/id_rsa":格式无效的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！