I am kinda new to Docker containers, so far I have used them, without making my own. Now we have the following scenario. We have one ASP.Net project with Postgres database. That project includes couple of sub-projects and libraries, which are stored in separate repos each. All our repos are in a local git server. We want to be able to develop this project in different OSes and environments, because some of our devs have Windows PCs, while other have Linux. We want everything to be unified and easy for the devs to use – assuming the developer will open VSCode and start the container and everything will work fine. And we want all the code to be inside the container volume – We want to end up with only one .devcontainer folder, which we keep in some git server, then the developer pulls it, opens it in VSCode and all the code and configurations are then pulled and built. First of all, is this possible?
Second – here is what I have tried so far. As I mentioned I added a .devcontainer folder. Inside it I have the following files:
devcontainer.json
// For format details, see https://aka.ms/devcontainer.json. For config options, see the
// README at: https://github.com/devcontainers/templates/tree/main/src/dotnet-postgres
{
"name": "My Container",
"dockerComposeFile": "docker-compose.yml",
"service": "app",
"workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
"features": {
"ghcr.io/devcontainers-contrib/features/apt-get-packages:1": {},
"ghcr.io/devcontainers-contrib/features/apt-packages:1": {},
"ghcr.io/devcontainers-contrib/features/bash-command:1": {}
},
"customizations": {
"vscode": {
"extensions": [
"ms-dotnettools.vscode-dotnet-runtime"
]
}
}
// Features to add to the dev container. More info: https://containers.dev/features.
// "features": {},
// Configure tool-specific properties.
// "customizations": {},
// Use 'forwardPorts' to make a list of ports inside the container available locally.
// "forwardPorts": [5000, 5001, 5432],
// "portsAttributes": {
// "5001": {
// "protocol": "https"
// }
// }
// Use 'postCreateCommand' to run commands after the container is created.
//"postCreateCommand":
// Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
// "remoteUser": "root"
}
docker-compose.yml
version: '3.8'
services:
app:
build:
context: .
dockerfile: Dockerfile
environment:
- SSH_AUTH_SOCK=/ssh-agent
volumes:
- ../..:/workspaces:cached
- ${SSH_AUTH_SOCK}:/ssh-agent # Forward local machine SSH key to docker
# Overrides default command so things don't shut down after the process ends.
command: sleep infinity
# Runs app on the same network as the database container, allows "forwardPorts" in devcontainer.json function.
network_mode: service:db
# Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
# user: root
# Use "forwardPorts" in **devcontainer.json** to forward an app port locally.
# (Adding the "ports" property to this file will not forward from a Codespace.)
db:
image: postgres:14.3
restart: unless-stopped
volumes:
- postgres-data:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
POSTGRES_DB: postgres
# Add "forwardPorts": ["5432"] to **devcontainer.json** to forward PostgreSQL locally.
# (Adding the "ports" property to this file will not forward from a Codespace.)
volumes:
postgres-data:
Dockerfile
FROM mcr.microsoft.com/devcontainers/dotnet:0-7.0
# [Optional] Uncomment this section to install additional OS packages.
RUN apt-get update && export DEBIAN_FRONTEND=noninteractive
&& apt-get -y install --no-install-recommends git
# Set the working directory to /workspace
WORKDIR /workspace
#For the test I am pulling only one repo but in reallity there should be many repos to be pulled.
RUN GIT_TRACE=1 git clone [email protected]:/home/myuser/repos/OneRepo.git
# [Optional] Uncomment this line to install global node packages.
# RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g <your-package-here>" 2>&1
As you can see, I want to pull the code in the Dockerfile (my assumption was that this will pull it inside the devcontainer volume). It starts to pull it but it has issues with the authentication. That is why I tried to forward the ssh-agent, but no luck. Tried to comment out the pull step and the container was started OK but when I open the Docker CLI and run ssh-add -l I am getting authentication error. On my host machine I am able to run that git clone command and pull the code with no issues. I have added the SSH key to the server so I don’t need authentication.
I hope my question was clear enough, but I will provide more details if needed or I have missed something.
Any help is greatly appreciated.
2
Answers
@VonC
Hey, thanks for your answer. I wanted to comment on it, but my comment will be too long so I am posting it as another answer.
I tried what you suggested but I am still getting the same unauthenticated errors. I added
GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=no -vvv"before thegit clonecommand in order to debug. Below is the whole debug log. The only line that worries me is:Could it be somehow related to the host machine config? The ssh agent should be working on it, I ran
ssh-add -land it lists correctly all the keys. Or do I need to install something additional on the devcontainer?Here is the full log:
You want a unified development environment across different OSes using Docker. Your environment is an ASP.NET project with a Postgres database, subprojects and libraries in separate repos.
You need your code and configurations inside a single
.devcontainerfolder, pulled and built when a developer starts the container in VSCode.To pull repos using SSH, the container must have access to SSH keys. Clone each repository within the Dockerfile or a script.
Your
devcontainer.jsonseems correct. Make sure theSSH_AUTH_SOCKis forwarded correctly (ENV SSH_AUTH_SOCK /ssh-agentin your Dockerfile, which should include an SSH client).Modify the Dockerfile to handle SSH keys and clone multiple repositories.
With
clone-repos.sh(assuming you have a fixed list of repositories to clone):For additional ideas, you can refer to
h4l/dev-container-docker-compose-volume-or-bind, which also uses a workspace in volume or bind mount.