-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(aws-ecr-assets): Allow docker image assets to access private data in builds #12062
Comments
Any thoughts on this? |
We will happily accept a contribution for this. Sounds reasonable to support. |
This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
@deadcore can you explain why
|
The ultimate goal here is not to consume an SSH key as a variable in a Using
Desired command is:
|
This was implemented in #26356 That said, I'm not able to get this to work with v2.92.0. Deploying with ecr_assets.DockerImageAsset(
self,
"my-image",
build_ssh="default",
platform=ecr_assets.Platform.LINUX_AMD64,
directory=".",
) produces
On Heads up @JackWBoynton @mrgrain |
Thanks for the catch! Have a PR for the fix |
PR #26846 merged. Closing this issue. Feel free to open if issue still exist. |
|
The docker build command has a
--ssh
option to allow the Docker Engine to forward SSH agent connections. This is useful if you have private assets stored somewhere which are required in the build (for example private git repositories referenced by cargo)The proposal is to allow the flag
--ssh
with a value to passed to the docker build command outside ofbuild_args
(which CDK already supports but does not support this use case). For example my build command would look like this:docker build --ssh default -t foobar .
Use Case
This is useful if you have private assets stored somewhere which are required in the build (for example private git repositories referenced by cargo)
Cargo for example looks like this:
Proposed Solution
The simplest thought I could think of is:
or to allow full support of the SSH forwarding ability in Docker:
Other
This is a 🚀 Feature Request
The text was updated successfully, but these errors were encountered: