Closed nononsensetekkie closed 3 years ago
Further investigation revealed that Docker Compose failed to evaluate Bash command of the following form:
SSH_PRIVATE_KEY: "$$(base64 -w 0 < ~/.ssh/id_rsa_nifi_registry_test)"
SSH_KNOWN_HOSTS: "$$(base64 -w 0 < ~/.ssh/known_hosts)"
# or this form, which resulted in error
SSH_PRIVATE_KEY: "$(base64 -w 0 < ~/.ssh/id_rsa_nifi_registry_test)"
SSH_KNOWN_HOSTS: "$(base64 -w 0 < ~/.ssh/known_hosts)"
As shown in the debug log, the environment variables contained the string of the commands rather than the evaluated values.
nifi-registry_1 | SSH_KNOWN_HOSTS=$(base64 -w 0 < ~/.ssh/known_hosts)
nifi-registry_1 | SSH_PRIVATE_KEY=$(base64 -w 0 < ~/.ssh/id_rsa_nifi_registry_test)
In order to pass SSH key data successfully via docker-compose
, the evaluated value of the obfuscated key must be assigned to an environment variable before setting that variable to the environment variable to be specified in the docker-compose.yml
.
export OBFUSCATED_SSH_KEY=$(base64 -w 0 < ~/.ssh/id_rsa_nifi_registry_test)
export OBFUSCATED_KNOWN_HOSTS=$(base64 -w 0 < ~/.ssh/known_hosts)
In docker-compose.yml
:
environment:
SSH_PRIVATE_KEY: ${OBFUSCATED_SSH_KEY}
SSH_KNOWN_HOSTS: ${OBFUSCATED_KNOWN_HOSTS}
With this setup, the container was able to startup successfully.
I encountered the following error during
base64
decoding:base64: truncated base64 input
. See longer output below.My steps for testing the Docker image.
ssh-keygen -t rsa -b 4096 -N '' -C "nifi_registry_docker_test" -f id_rsa_nifi_registry_test
docker-compose.github.yml
as starting point.docker-compose up
Output with error below (similar error for using SSH mount point):
When the SSH key decoding from Base64 got truncated, it created cascading problems.
I ran a manual test in my local Cygwin environment and verified that the
base64
encoding and decoding steps are working properly for my generated SSH key.The problem seems to reside with the
base64
version in the Alpine base image.