Skip to content

Commit

Permalink
mount the SSH_AUTH_SOCK socket for ssh-agent
Browse files Browse the repository at this point in the history 
Mount the SSH_AUTH_SOCK into the docker-dev-shell container
to propagate the SSH agent credentials and allow git access
to servers/repositories which require the ssh credentials.

The added volume mapping in 'docker run' applies only if
${SSH_AUTH_SOCK} is not empty.
For Mac with Docker or Rancher Desktop, map
/run/host-services/ssh-auth.sock, for the other cases /
standard Linux, use the value of $SSH_AUTH_SOCK.

Issue #11544 - addresses the second checkbox:
ssh-add -l shows the same ssh keys as in the "outside" user session.

Signed-off-by: Dmitry Savintsev <dsavints@gmail.com>
  • Loading branch information
@dmitris
dmitris committed Feb 28, 2025
1 parent a4ee018 commit 31b067d
Showing 1 changed file with 18 additions and 0 deletions.
18 changes: 18 additions & 0 deletions bin/docker-dev-shell
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,23 @@ if [ "$#" -gt "1" ]; then
CONTAINER_ARGS=("${@:2}")
fi

SSH_MOUNT_ARGS=()
# Detect if running on Mac with Docker Desktop or Rancher Desktop
if [[ -n "$SSH_AUTH_SOCK" ]] && [[ "$OSTYPE" == "darwin"* ]] && \
{ [ -e "/run/host-services/ssh-auth.sock" ] || [ -d "/Applications/Docker.app" ] || [ -d "/Applications/Rancher Desktop.app" ]; }; then
# Mac with Docker/Rancher Desktop configuration
SSH_MOUNT_ARGS+=("-v")
SSH_MOUNT_ARGS+=("/run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock")
SSH_MOUNT_ARGS+=("-e")
SSH_MOUNT_ARGS+=("SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock")
elif [[ -n "$SSH_AUTH_SOCK" ]]; then
# Standard Linux configuration with SSH_AUTH_SOCK non-empty
SSH_MOUNT_ARGS+=("-v")
SSH_MOUNT_ARGS+=("$SSH_AUTH_SOCK:/tmp/ssh-auth.sock")
SSH_MOUNT_ARGS+=("-e")
SSH_MOUNT_ARGS+=("SSH_AUTH_SOCK=/tmp/ssh-auth.sock")
fi

echo "$(tput setaf 2)=> running docker development shell$(tput sgr0)"
CODE_DIR="/home/dependabot"
touch .core-bash_history
Expand Down Expand Up @@ -257,6 +274,7 @@ docker run --rm -ti \
-v "$(pwd)/updater/Gemfile:$CODE_DIR/dependabot-updater/Gemfile" \
-v "$(pwd)/updater/lib:$CODE_DIR/dependabot-updater/lib" \
-v "$(pwd)/updater/spec:$CODE_DIR/dependabot-updater/spec" \
"${SSH_MOUNT_ARGS[@]}" \
--name "$CONTAINER_NAME" \
--env "LOCAL_GITHUB_ACCESS_TOKEN=$LOCAL_GITHUB_ACCESS_TOKEN" \
--env "DEPENDABOT_TEST_ACCESS_TOKEN" \
Expand Down

0 comments on commit 31b067d

Please sign in to comment.