我正在尝试 pip 安装(通过conda env create
命令)来自 BitBucket 的自定义 python 包docker build
命令,无需输入 SSH 密码/密码。这个问题类似于这另一个问题 https://stackoverflow.com/questions/70027258/pip-install-custom-package-from-bitbucket-with-ssh-without-entering-ssh-password,但有所不同,因为错误发生在docker build
命令。
的environment.yml文件conda env create
命令(期间docker build
)看起来像这样:
name: my_app
channels:
- defaults
dependencies:
- pip=21.2.2
- python=3.8.11
- pip:
- git+ssh://[email protected] /cdn-cgi/l/email-protection/my_org/my_package_repo.git
- pandas==1.2.5
- python-dotenv==0.19.0
- xlrd==2.0.1
prefix: /usr/local/anaconda3/envs/my_app
当。。。的时候docker build
正在尝试在 Docker 映像内构建 conda 环境,我收到此错误:
Installing pip dependencies: ...working... Pip subprocess error:
Running command git clone -q 'ssh://****@bitbucket.org/my_org/my_package_repo.git' /tmp/pip-req-build-3t5mkmnw
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
WARNING: Discarding git+ssh://****@bitbucket.org/my_org/my_package_repo.git. Command errored out with exit status 128: git clone -q 'ssh://****@bitbucket.org/my_org/my_package_repo.git' /tmp/pip-req-build-3t5mkmnw Check the logs for full command output.
ERROR: Command errored out with exit status 128: git clone -q 'ssh://****@bitbucket.org/my_org/my_package_repo.git' /tmp/pip-req-build-3t5mkmnw Check the logs for full command output.
Ran pip subprocess with arguments:
['/opt/conda/envs/work_content/bin/python', '-m', 'pip', 'install', '-U', '-r', '/tmp/condaenv.9p_rq9_h.requirements.txt']
Pip subprocess output:
Collecting git+ssh://****@bitbucket.org/my_org/my_package_repo.git (from -r /tmp/condaenv.9p_rq9_h.requirements.txt (line 3))
Cloning ssh://****@bitbucket.org/my_org/my_package_repo.git to ./pip-req-build-3t5mkmnw
failed
CondaEnvException: Pip failed
当我在终端中并遵循中的答案时,此远程/自定义包安装成功参考StackOverflow问题 https://stackoverflow.com/questions/70027258/pip-install-custom-package-from-bitbucket-with-ssh-without-entering-ssh-password。但是,当我在运行之前尝试同样的事情时docker build
命令,我收到上面的错误。我假设这是因为 Docker 正在构建一个全新的操作系统映像,并且它不再具有我在终端中提供的 SSH RSA 密码。在构建过程中不提供密码的情况下如何解决此错误?
Update
根据当前答案之一的建议,我修改了我的Dockerfile
看起来像这样:
# syntax=docker/dockerfile:experimental
FROM continuumio/miniconda3:4.10.3
...
RUN apt-get install -y openssh-client git
RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan bitbucket.org >> ~/.ssh/known_hosts
RUN --mount=type=ssh git clone gi[email protected] /cdn-cgi/l/email-protection:my_org/my_package_repo.git /tmp/my_package_repo
The --mount
命令在以下位置创建存储库的本地副本/tmp
目录。所以现在conda环境.yml文件需要更改为pip install
从该本地目录,如下所示:
name: my_app
channels:
- defaults
dependencies:
- pip=21.2.2
- python=3.8.11
- pip:
- /tmp/my_package_repo
- pandas==1.2.5
- python-dotenv==0.19.0
- xlrd==2.0.1
prefix: /usr/local/anaconda3/envs/my_app
...我正在运行docker build
使用如下命令进行处理:
eval $(ssh-agent); ssh-add ~/.ssh/id_rsa
DOCKER_BUILDKIT=1 docker build --ssh default .
The eval
上面的命令是在 Docker 构建开始之前手动输入我的 SSH 密码。这DOCKER_BUILDKIT=1
在......面前docker build
命令强制 Docker 使用 Docker Buildkit 进行构建,这是RUN --mount=type=ssh git clone
Dockerfile 中的命令。这个解决方案现在对我有用。这并不完全是下面答案中的内容,所以我想我应该与社区分享。我会将指向我这个方向的答案标记为正确答案。