search

digitalocean / doctl

The official command line interface for the DigitalOcean API.
https://docs.digitalocean.com/reference/doctl/
Apache License 2.0
3.26k stars 397 forks source link

Dockerfile does not support SSH #310

Closed ulfgebhardt closed 5 years ago

ulfgebhardt commented 6 years ago

The Dockerfile of this Repository does not allow the usage of the SSH command!

Openssh is missing.

here is a working example:

FROM alpine:3.5

ENV DOCTL_VERSION=1.8.0

RUN apk add --no-cache curl openssh

RUN mkdir /root/.ssh/

ARG HOST_IP
RUN ssh-keyscan -H $HOST_IP >> /root/.ssh/known_hosts

ARG SSH_KEY
RUN echo "$SSH_KEY" > /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa

ARG SSH_KEY_PUB
RUN echo "$SSH_KEY_PUB" > /root/.ssh/id_rsa.pub
RUN chmod 600 /root/.ssh/id_rsa.pub

RUN mkdir /lib64 && ln -s /lib/libc.musl-x86_64.so.1 /lib64/ld-linux-x86-64.so.2

WORKDIR /app

RUN curl -L https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-amd64.tar.gz  | tar xz

ENTRYPOINT ["./doctl"]

Src: https://github.com/demokratie-live/democracy-development/blob/master/doctl

And here is how you buidl and call it (./doctl referes to the dockerfile):

docker build -t doctl --build-arg SSH_KEY="$(cat ./ssh_key)" --build-arg SSH_KEY_PUB="$(cat ./ssh_key.pub)" --build-arg HOST_IP="${DIGITAL_OCEAN_ALPHA_HOST}" - < ./doctl
docker run --rm -e DIGITALOCEAN_ACCESS_TOKEN="${DIGITALOCEAN_ACCESS_TOKEN}" doctl compute ssh ${DIGITALOCEAN_ALPHA_SERVER_DROPLET_NAME} --ssh-user ${DIGITALOCEAN_ALPHA_SERVER_USER} --ssh-command "cd ~/democracy-development && ./deploy-production.sh $TRAVIS_TAG"

src: https://github.com/demokratie-live/democracy-development/blob/master/.travis.yml#L78

Please correct your docker file to at least include the openssh package - even better would be to provide something like the above as seperate file including instructions

jonleibowitz commented 5 years ago

This is generally unrecommended:

https://blog.docker.com/2014/06/why-you-dont-need-to-run-sshd-in-docker/

ulfgebhardt commented 5 years ago

@jonleibowitz The documentation you linked is about docker, not doctl.

Even the linked documentation uses SSH to connect to the host:

What about remote access?
If you need to enter a container from a remote host, you have (at least) two ways to do it:

SSH into the Docker host, and use nsenter;
SSH into the Docker host, where a special key with force a specific command (namely,nsenter).

I am referring to the docu of doctl

doctl also simplifies actions without an API endpoint. For instance, it allows you to SSH to your Droplet by name:

doctl compute ssh <droplet-name>

See: https://github.com/digitalocean/doctl#examples

And this is not working out of the box, even tho it is documented, since the openssh package is missing. In the dockerfile provided in this issue the openssh package is installed.

RUN apk add --no-cache curl openssh

Possibly related Issues: