How do I inject project environment variable into run cmd

I’m trying to inject a private ssh key into a docker build command as a build argument but I cannot seem to get it to work.

- run:
    name: Docker build and push
    command: |
      docker build \
        --build-arg COMMIT_REF=${CIRCLE_SHA1} \
        --build-arg BUILD_DATE=`date -u +”%Y-%m-%dT%H:%M:%SZ”` \
        --build-arg SSH_KEY="$PROJECT_SSH_KEY" \
        -t eu.gcr.io/${PROJECT_ID}/${PROJECT_NAME}:${CIRCLE_SHA1} .

I constantly get permission denied errors.
My problem is very similar to SSH keys in Dockerfile
PROJECT_ID and PROJECT_NAME are environment variables supplied in the yaml file just above. I can’t for the life of me get the ssh key to be injected properly.

I’ve tried without the run: echo $PRO... command above and just using SSH_KEY=$PROJECT_SSH_KEY but that doesn’t work either. Any help appreciated.

Ok so adding an ssh key as a project secret seems impossible as the formatting comes out wrong and it keeps failing. Using the way described here I could at least get it to authorise if I ssh’d into the container.

Took me awhile to realise that the footprint is the string appended to the id_rsa file. In other words
“SO:ME:FIN:G:ER:PR:IN:T” becomes id_rsa_somefingerprint. Would be nice if they mentioned this in the docs. Initially looking at this file I thought it was a random string.

- add_ssh_keys:
    fingerprints:
    - "SO:ME:FIN:G:ER:PR:IN:T"
- run:
    name: Docker build and push
    command: |
      docker build \
        --build-arg COMMIT_REF=${CIRCLE_SHA1} \
        --build-arg BUILD_DATE=`date -u +”%Y-%m-%dT%H:%M:%SZ”` \
        --build-arg SSH_KEY="$(cat ~/.ssh/id_rsa_somefingerprint)" \
        -t eu.gcr.io/${PROJECT_ID}/${PROJECT_NAME}:${CIRCLE_SHA1} .

Solution ends up looking like the above.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.