There is an open issue on Docker Github Issues <https://github.com/docker/docker/issues/28513> . The permissions on the /var/go/.ssh aren't getting set even in my case and I believe it's a problem with docker. The permissions for a user created in a parent container (go:go) are being forgotten or not applied for some reason.
If anybody has been able to solve this problem please let me know. I have been struggling with the go user permissions hell for the past 2 days too. On Thursday, October 6, 2016 at 1:52:10 AM UTC-5, Zabil C M wrote: > Hey Chris, > > If you have docker running on your machine with the "$HOME/.ssh" folder > setup up to connect successfully to your authenticated git repo. > You can quickly test this by creating a data volume container > > $ docker create --name authenticated -v $HOME/.ssh:/var/go/.ssh > gocd/gocd-server:16.10.0 > > and using the data volume container while running your GoCD server > container > > $ docker run --volumes-from authenticated -p 8154:8154 -p 8153:8153 > gocd/gocd-server:16.10.0 > > Your issue might be with the ssh keys set up. > > To make it simpler, create data containers from the right ".ssh" after > verifying that it works outside of docker and use them while running the > server or agents. > > > On Mon, Oct 3, 2016 at 4:47 PM, Chris Forbes <[email protected] > <javascript:>> wrote: > >> Thank you for your response, Jay. >> >> I followed your steps to ensure I hadn't missed anything. Unfortunately, >> it still isn't working. I'll try once more going from scratch and see if >> anything plays out differently. >> >> Chris >> >> >> On Sunday, October 2, 2016 at 4:12:59 AM UTC+1, Jay wrote: >>> >>> Hi, >>> >>> Make sure you've properly chowned those directories and files. Keep in >>> mind that you have to either run those commands you've mentioned as the >>> "go" user, or establish those files in that .ssh folder and then chown them >>> with "go:go". If you're running inside a docker container, as I believe you >>> are, it's pretty easy to set up this process as an entry-point script. I >>> also believe you'll always have to chown that .ssh directory so that the >>> container go user can access them. I believe it's also pretty safe to >>> pre-populate your git servers public ssh host keys and simply cat them into >>> the known_hosts file. This way you don't have to accept them and these will >>> rarely change. I've already got a working solution in place, so I'll >>> provide some highlights here, since that's all I can do. >>> >>> * gather your git servers public ssh keys with command "ssh-keyscan -p >>> 22 [host | addrlist namelist] ...". Make sure you use any git server >>> aliases here. >>> * the go server home can be figured out programatically with this >>> command: GO_HOME=$( getent passwd "go" | cut -d: -f6 ) >>> * create folder ${GO_HOME}/.ssh with chmod 700 and chown go:go >>> * generate a pair of keys if they don't already exist: ssh-keygen -q -t >>> rsa -C "gocd-server" -N '' -f "$GO_ID_RSA_FILE" >>> * add your pub key to gitlab >>> * cat your git servers pub ssh keys >>> into ${GO_HOME}/.ssh/known_hosts, chmod 0644 the file >>> * chown the entire /var/go, or just /var/go/.ssh if you prefer >>> >>> All these steps should work with the .ssh folder bind-mounted. >>> >>> Hope you get something working soon. >>> >>> Jay >>> >>> >>> On Friday, September 30, 2016 at 4:23:50 AM UTC-7, Chris Forbes wrote: >>>> >>>> I'm trying to set up GoCD for the first time on Linux (CentOS 7) with >>>> the official GoCD Server Docker container. Documentation for this is very >>>> scarce as I'm sure you are aware. I'm having a lot of difficulties getting >>>> the server to use the SSH key correctly. I've tried a number of suggested >>>> solutions with no luck. >>>> >>>> Some of the things I have tried: >>>> >>>> - Mount the instance ssh folder as a volume to `/var/go/.ssh` >>>> - Create a `config` file in the container to specifically target >>>> the `id_rsa` file >>>> - Run `ssh -T -vvv [email protected]` on the instance and the >>>> container to validate the key >>>> >>>> But still, clicking "Check Connection" results in the error: >>>> >>>> --- ERROR --- >>>>> STDERR: Host key verification failed. >>>>> STDERR: fatal: Could not read from remote repository. >>>>> STDERR: >>>>> STDERR: Please make sure you have the correct access rights >>>>> STDERR: and the repository exists. >>>>> --- >>>>> >>>>> >>>> Could someone that has done this be so kind as to list the steps >>>> required to make this work? Or point me at a detailed blog post/write up >>>> of >>>> how to do this? We are keen to give GoCD a try, but being unable to use >>>> Git >>>> with SSH is a deal breaker. >>>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "go-cd" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
