Docker，从bitbucket私有存储库中获取

Docker，从bitbucket私有存储库中获取

我们有一个关于bitbucket jb_common的项目，地址 bitbucket.org/company/jb_common 我正在尝试运行一个容器，该容器将从另一个私有存储库 bitbucket.org/company/jb_utils

Dockerfile：

FROM golang

# create a working directory

WORKDIR /app

# add source code

COPY . .

### ADD ssh keys for bitbucket

ARG ssh_prv_key

ARG ssh_pub_key

RUN apt-get update && apt-get install -y ca-certificates git-core ssh

RUN mkdir -p /root/.ssh && \

chmod 0700 /root/.ssh && \

echo "StrictHostKeyChecking no " > /root/.ssh/config && ls /root/.ssh/config

RUN echo "$ssh_prv_key" > /root/.ssh/id_rsa && \

echo "$ssh_pub_key" > /root/.ssh/id_rsa.pub && \

chmod 600 /root/.ssh/id_rsa && \

chmod 600 /root/.ssh/id_rsa.pub

RUN git config --global url."git@bitbucket.org:".insteadOf "https://bitbucket.org/" && cat /root/.gitconfig

RUN cat /root/.ssh/id_rsa

RUN export GOPRIVATE=bitbucket.org/company/

RUN echo "${ssh_prv_key}"

RUN go get bitbucket.org/company/jb_utils

RUN cp -R .env.example .env && ls -la /app

#RUN go mod download

RUN go build -o main .

RUN cp -R /app/main /main

### Delete ssh credentials

RUN rm -rf /root/.ssh/

ENTRYPOINT [ "/main" ]

并有 bitbucket-pipelines.yml

image: python:3.7.4-alpine3.10

pipelines:

branches:

master:

- step:

services:

- docker

caches:

- pip

script:

- echo $SSH_PRV_KEY

- pip3 install awscli

- IMAGE="$AWS_IMAGE_PATH/jb_common"

- TAG=1.0.${BITBUCKET_BUILD_NUMBER}

- aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $AWS_IMAGE_PATH

- aws ecr list-images --repository-name "jb_common" --region $AWS_DEFAULT_REGION

- docker build -t $IMAGE:$TAG --build-arg ssh_prv_key="$(echo $SSH_PRV_KEY)" --build-arg ssh_pub_key="$(echo $SSH_PUB_KEY)" .

- docker push $IMAGE:$TAG

宝慕林4294392

浏览 146回答 1

1回答

开满天机

解决！！！管道当前不支持环境变量中的换行符，因此 base-64 通过运行以下内容对私钥进行编码：将结果输出到变量的 bitbucket 存储库变量。我编辑我的 bitbucket-pipelines.yml 到：base64 -w 0 < private_keyimage: python:3.7.4-alpine3.10pipelines:   branches:     master:       - step:           services:             - docker           caches:             - pip           script:             - apk add --update coreutils             - mkdir -p ~/.ssh             - (umask  077 ; echo $SSH_PRV_KEY | base64 --decode > ~/.ssh/id_rsa)             - pip3 install awscli             - IMAGE="$AWS_IMAGE_PATH/jb_common"             - TAG=1.0.${BITBUCKET_BUILD_NUMBER}             - aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $AWS_IMAGE_PATH                      - aws ecr list-images --repository-name "jb_common" --region $AWS_DEFAULT_REGION             - docker build -t $IMAGE:$TAG --build-arg ssh_prv_key="$(cat ~/.ssh/id_rsa)"  .             - docker push $IMAGE:$TAG

0

0

随时随地看视频慕课网APP

相关分类

Go