How to make a Docker image of a Node app that uses a private file that requires ssh

Asked

Viewed 50 times

2

Following this guide from the Node.js website to create a Docker image for a Node application, everything works except when you have a private repository for a certain npm package, such as the following snippet from package.json:

"dependencies": {
  (...)
  "um-certo-pacote": "git+ssh://[email protected]:/algum/diretorio/um-certo-pacote.git",
  (...)

The server that has Repo stores the ssh key of the computer that requests to clone the package. Locally everything works, but when it comes to build, it doesn’t work because Docker doesn’t have access to ssh key.

$ docker build -t nbkhope/meu-aplicativo --add-host=algumlugar.com:123.45.67.89 .

I have searched several places and tried to copy the file with the ssh public key, but this is not recommended due to security reasons. So what’s the way to make this business work safely, without exposing secrets?

Follow the Dockerfile:

FROM node:6
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 8080
CMD ["npm", "start"]
node.js docker npm

1 answer

0

Hello, I see two options,

  1. Before building, download the package, which will then be available to build

  2. Adding a key in a multi-stage build, where one stage adds the key and downloads, and the other copies the package without adding the key

FROM node:6 as base
WORKDIR /usr/src/app
COPY package*.json ./

FROM base as builder # esta imagem nao recebera tag, e ficara no sistema marcada como <none>
# Adcionar chave, seja por copia de arquivo ou variavel de ambiente
RUN npm install

FROM base as final #esta será a imagem final
COPY . .
COPY --from builder <diretório de pacotes> <diretório de pacotes>
EXPOSE 8080
CMD ["npm", "start"]

Browser other questions tagged node.js docker npm

You are not signed in. Login or sign up in order to post.