Support SSH agent fwd for actionrunner on macos#245
Support SSH agent fwd for actionrunner on macos#245k-willowhawk wants to merge 1 commit intoStackStorm:masterfrom
Conversation
|
|
|
This is needed if packs are to be installed from private Git repos, and allows the action runner to leverage the SSH key forwarding agent from the host so we don't need to load private keys on disposable docker containers. The socket path is specific to macOS (newer versions at that). Reference I used to modify this: https://stackoverflow.com/questions/27036936/using-ssh-agent-with-docker-on-macos |
| environment: | ||
| - SSH_AUTH_SOCK=/ssh-agent | ||
| volumes: | ||
| - /run/host-services/ssh-auth.sock:/ssh-agent |
There was a problem hiding this comment.
Can you do something more generic?
On my linux box I have something like:
SSH_AUTH_SOCK=/tmp/ssh-XXXXXXs4KUHi/agent.1234
So, is there a way to avoid hard-coding this path?
There was a problem hiding this comment.
I don't know docker-compose very well, but would something like this work?
| - /run/host-services/ssh-auth.sock:/ssh-agent | |
| - ${SSH_AUTH_SOCK:-/run/host-services/ssh-auth.sock}:/ssh-agent |
There was a problem hiding this comment.
+1.
Another thought is how to make it optional?
I'm thinking that majority of the users might not need these volume mounts by default
So we avoid sharing the ssh auth socket with st2 unless configured.
4 participants
No description provided.