ashb commented on a change in pull request #9129:
URL: https://github.com/apache/airflow/pull/9129#discussion_r435277393
##########
File path: Dockerfile.ci
##########
@@ -340,6 +308,23 @@ RUN if [[ -n "${ADDITIONAL_PYTHON_DEPS}" ]]; then \
pip install ${ADDITIONAL_PYTHON_DEPS}; \
fi
+RUN \
+ export AWSCLI_IMAGE="amazon/aws-cli:latest" && \
+ export AZURECLI_IMAGE="mcr.microsoft.com/azure-cli:latest" && \
+ export GCLOUD_IMAGE="gcr.io/google.com/cloudsdktool/cloud-sdk:latest" && \
+ echo -e "\
+ alias aws=\"docker run --rm -it -v /root/.aws:/root/.aws ${AWSCLI_IMAGE}\"
\n\
Review comment:
> If you run `breeze --forward-credentials` it will mount your
"${HOME}/.aws" to the breeze container's /root/.aws and from there it will be
further mounted to the "aws" image. This means that you can use your host
credentials and they will survive Breeze restart.
Is this docker-in-docker, or mounting /var/run/docker.sock from the host.
If it's the latter: this will not work. All volume mounts are resolved from
the host:
```
airflow ❯ touch ~/.aws/example
airflow ❯ docker run -ti -v /var/run/docker.sock:/var/run/docker.sock -v
$HOME/.aws:/root/.aws docker:latest sh
/ # echo container 1 -- "breeze"
container 1 -- breeze
/ # ls -altr /root/.aws/example
-rw-r--r-- 1 1000 1000 0 Jun 4 13:51 /root/.aws/example
/ # hostname
4b4a523958cb
/ # docker run -ti -v /var/run/docker.sock:/var/run/docker.sock -v
/root/.aws/.aws:/root/.aws docker:latest sh
/ # echo container 2 - cloud tools
container 2 - cloud tools
/ # hostname
dcae57c09ea4
/ # ls -altr /root/.aws
total 18
drwxr-xr-x 2 root root 2 Jun 4 13:55 .
drwx------ 3 root root 4 Jun 4 13:55 ..
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
