Hi all, I have never asked a question before on DEV.to, but it's about time. I just joined a new project and while trying to get set up, docker-compose up hangs.
Upon inspection of the code, I realised the problem is simply that the package repo we're trying to clone inside the image is a private one.
Without using personal access tokens or whatnot, how would one go about it? The things I'd love to avoid, if possible, are:
- user input neede (eg: "export your ssh key before setting all of this up")
- intermediate throwaway image with the ssh details in it
The private repo is on bitbucket, that allows to have a Server SSH key in read-only mode to authorise other apps, but that still means (I think?) I'd have to use and share that key somehow.
The app that is trying to pull that package is private as well, so I suspect that shouldn't be an issue, but does not seem solid enough to me.
Thoughts?
Top comments (2)
For Bitbucket you do need an access token. I recommend that you create a bot user and generate an access token for it using one of the following formats:
https://<botusername>:<access_token>@bitbucket.org/<myorg>/<myproject>/get/<ref>.zip
git+https://<botusername>:<access_token>@bitbucket.org/<myorg>/<myproject>.git@<ref>
One of my colleagues wrote a pretty thorough article about various options: revsys.com/tidbits/using-private-p...
Why not a mounted volume? Each developer use its own SSH key, clone repo on host and then run docker compose up with mounted volume?