cloud66-oss/habitus

Credentials not working on OSX

Closed this issue · 2 comments

I try to build an image with ssh credentials, on OSX 10.12.
This is my build.yml:
build: version: 2016-03-14 steps: builder: name: marketplace dockerfile: Dockerfile secrets: id_rsa: type: file value: _env(HOME)/.ssh/id_rsa cleanup: commands: - rm -rf /root/.ssh/

Here my docker file commands:
RUN mkdir -p ~/.ssh ARG host RUN wget -O ~/.ssh/id_rsa http://$host:8080/v1/secrets/file/id_rsa RUN chmod 0600 ~/.ssh/id_rsa RUN ssh -T git@gitlab.****.net && rm ~/.ssh/id_rsa

ifconfig results :
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether f4:0f:24:0c:38:e7
inet6 fe80::142a:a297:6e50:72a3%en0 prefixlen 64 secured scopeid 0x4
inet 192.168.1.22 netmask 0xffffff00 broadcast 192.168.1.255
inet6 2a01:cb1d:221:cc00:1c44:6fee:8387:7d55 prefixlen 64 autoconf secured
inet6 2a01:cb1d:221:cc00:5550:3b8:773b:3000 prefixlen 64 deprecated autoconf temporary
inet6 2a01:cb1d:221:cc00:28e7:6b10:112c:7513 prefixlen 64 autoconf temporary
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
vboxnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:00
inet 192.168.99.1 netmask 0xffffff00 broadcast 192.168.99.255

The build command is :
sudo habitus --build host=192.168.99.1 --host=unix:///var/run/docker.sock --binding=0.0.0.0

My credentials are located in default location, ~/.ssh/id_rsa .
Here are the errors :
RUN wget -O ~/.ssh/id_rsa http://$host:8080/v1/secrets/file/id_rsa
---> Running in 8b4f47739147
converted 'http://192.168.99.1:8080/v1/secrets/file/id_rsa' (ANSI_X3.4-1968) -> 'http://192.168.99.1:8080/v1/secrets/file/id_rsa' (UTF-8)
--2017-04-23 13:40:16-- http://192.168.99.1:8080/v1/secrets/file/id_rsa
Connecting to 192.168.99.1:8080... failed: Connection refused.

I tried a lot of syntax to get it worked with no success.

looks like 192.168.99.1 is not reachable from the building container. can you see if you can hit the endpoint from outside the container.

will mark this ticket as a bug

duplicate: #65

with the new version of habitus you need to enable secrets with the option --secrets=true