Using SSH in a Docker container (Windows) - git-clone

Starting from the microsoft/aspnetcore docker image, I was able to install chocolatey and then use chocolatey to install some other software:
open-ssh
git
Now I want to clone a repo from our Bitbucket server:
I added the Bitbucket server to the known_hosts file (and even ssh'd into the server from the container to double-check)
I added my Bitbucket ssh key, which I've been using successfully on my machine and used successfully from an Ubuntu container
I added a config file in my user's .ssh directory to tell git to use my ssh key
I expect to be able to use git clone ssh://git#<host>/<path to repo>, but this command always fails with the following error:
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository
exists.
I got this to work in an Ubuntu container with the following command:
ssh-agent sh -c 'ssh-add /home/bamboo/.ssh/id_rsa; git clone ssh://git#<host>/<path to repo>', but this command seemingly does nothing on the Windows container. I never get any feedback from ssh-agent so I am unsure if Open-SSH is even working or if there are known issues of Open-SSH in Windows containers? I do get feedback from ssh-add saying that my key was successfully added, but still I am unable to clone my git repo.
Has anybody been able to successfully do this in Windows containers? It works on my Windows machine but I'm not using Open-SSH, I'm using the Git Bash tools, which don't work in the Windows container. This is all very confusing because all the information on this topic pertains to Ubuntu containers and the resolutions all involve Unix commands that I don't have available in the Windows container.
Another strange thing I notice is that cloning using HTTP doesn't work either, instead I get the following error:
error: failed to execute prompt script (exit code 66) fatal: could not
read Password for 'http://(user)#(host)': No error

I got a little help from the Git for Windows people who suggested I use the verbose flag with the ssh command, i.e. ssh -vvvvv <host>. This showed that the config file I had in my user's .ssh directory had some extra permissions, indicated by an error message:
debug3: Bad permissions. Try removing permissions for user: S-1-5-11 on file C:\Users\ContainerAdministrator/.ssh/config
Using the icacls utility I was able to remove those permissions, which allowed the config file to be used.

Related

Using docker context to a mac

I had been trying to create a context to deploy a few containers from my main Mac to another another but I have been getting a weird error.
So, I have two Macs, one iMac (Late 2013) (here will be called Enterprise) and one Macbook Pro (Mid 2015) (here will be called Defiant). Defiant is my main computer and I want to deploy my container to Enterprise in order to not overload Defiant memory. I have been working with docker context to achieve that. Currently, I have Enterprise running Docker v20.10.16 and Defiant running v20.10.16.
I have created the context on Defiant and after I run the docker context use enterprise and when I run docker container ls I get the following error:
error during connect: Get "http://docker.example.com/v1.24/containers/json": command [ssh -l rafaelguerra -- Enterprise.local docker system dial-stdio] has exited with exit status 127, please make sure the URL is valid, and Docker 18.09 or later is installed on the remote host: stderr=zsh:1: command not found: docker
Does anyone know how to make it work?
Thanks
UPDATE:
Weird thing I just found out, when logged into Enterprise and run echo $PATH returns /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin however when I run ssh rafaelguerra#enterprise.local 'echo $PATH' I got the following /usr/bin:/bin:/usr/sbin:/sbin
I don't have a clue for a reason for this.
I found the reason for the problem, all commands docker run are run within ssh not with a permanent ssh session. So, zsh does not load the correct PATH when the command is run within the ssh. Therefore, the only thing I need to do was setting the correct PATH inside of the ~/.zshenv file and everything is working now.

MISP instance through docker on raspberry pi running Ubuntu 20.04 server

Thanks so much in advance for taking the time to read/provide any advice here.
So, I am trying to get an instance of MISP running through docker. The hardware I have it running on is a raspberry pi 4 running Ubuntu 20.04 (server edition).
I thought I installed all software dependencies, but being new to using docker, perhaps I haven't. I'm using this repository for the docker image: https://github.com/MISP/misp-docker
After running the command sudo docker-compose up after copying the .env file to the root directory, I get the error that I am going to post an image of below along with the text of the error for easy copy/pasting
ERROR: Service 'web' failed to build: The command '/bin/sh -c bash INSTALL_NODB.sh -A -u' returned a non-zero code: 1
ERROR MESSAGE SCREENSHOT
Once again, thank you all for any and all help! Please let me know if I can provide any more information!
Looks like this may be an issue that was closed in May of 2021 https://github.com/MISP/MISP/issues/7375. That Docker image has an INSTALL_NODB.sh that was initially committed in March 2021 https://github.com/MISP/misp-docker/commit/1e2f18f2c1211e382bd8df5371b1d3d718dad061. Since it was added before that fix the container may not include the fix for rpi that was added in the main repo. To verify, you can check if the output of uname -m is in this support map from the script used by the docker image https://github.com/MISP/misp-docker/blob/master/web/INSTALL_NODB.sh#L3070. If it isn't, then you would need this fix implemented in the docker image.
aarch64 isn't a supported architecture. There's a pull request on the repository that adds it, so you can add that change to your local repository like this (from a command line in the misp-docker repository):
git remote add fukusuket https://github.com/fukusuket/misp-docker.git
git fetch fukusuket
git merge fukusuket/hotfix/build-error-on-m1-mac -m "add aarch64 support"
Hopefully the pull request will be accepted soon and then you can go back to using the unaltered MISP git repository.

Docker proxy settings in docker toolbox

We are using Windows OS 7 to develop an application using tech stack viz. docker, spring, java8, gradle etc. We have installed the docker toolbox on our machine.
Now the base image is located in our docker repository of our organization. But the docker is not able to identify the host.
We are able to connect to our repository from docker installed on a linux machine. In that case we have made changes in these 2 files viz.
1.
/etc/systemd/system/docker.service.d/daemon.conf
here we have added http_proxy and https_proxy.
2.
/etc/docker/daemon.json
here we have mentioned the host name as
{"insecure-registries":["<host-name>"]}
But we are not able to find these files in docker tool-box in windows 7.
Please let us know how to resolve this issue.
We are getting the following error in dockerBuildImage gradle task currently wherein it is not able to download the base image.
:dockerBuildImage FAILED
FAILURE: Build failed with an exception.
* What went wrong:
Execution failed for task ':dockerBuildImage'.
> Could not build image: Get https:<host-name>/v2/: x509: certificate signed by unknown authority
Please advise.
The following worked for me in docker toolbox
change the file /var/lib/boot2docker/profile to include following text:
--insecure-registry=<host1-name>
export "NO_PROXY=<host-name>"
export HTTP_PROXY=<value>
export HTTPS_PROXY=<value>
Then restart the docker-machine to make these changes visible.

How to copy file from SSH remote host to Jenkins Server. sshpass doesn't work

How to copy file from SSH remote host to Jenkins Server?
I've found one solution here:
How to copy file from SSH remote host to Jenkins Server
But when I try sshpass in Execute shell step - nothing happens. Nothing in Console output.
Can somebody advise, maybe there is some plugin for this purpose?
the reason in my case was that I had wrong paths. When I corrected paths in script, everything has just worked fine.

send files or execute commands over ssh

Jenkins is running on windows machine and I am trying to copy files from windows to unix as a build step.
SSH sever details has been configured in the global configuration and connected successfully.
kindly share the Exec command to copy files from windows to unix
You need some kind of ssh client on your windows. I suggest Winscp, which is simple, easy and fast.
Winscp is a GUI application but as you want to run something from Jenkins you need to have a command line tool. Good news is that you can run Winscp in command line. Then the following steps should answer your question:
Install Winscp on the Windows machine.
Add your Winscp installation path (sth like C:\Program Files (x86)\WinSCP) to your system environment path variable
Now you should be able to run winscp command in windows command prompt
The command below will copy the file, you should read winscp manual for more details:
winscp root:password#UNIX_MACHINE_IP /command "put c:/PATH_TO_FILE_ON_WINDOWS /home/PATH_TO_TARGET_ON_UNIX"
There is a Jenkins plugin that might fit your needs:
https://wiki.jenkins-ci.org/display/JENKINS/Publish+Over+SSH+Plugin
It uses Java SSH library so no need to install another SSH client.
To copy files using PuTTY or any unix shell powered with SSH from windows, run this command.
scp /path/to/file.ext user#m192.168.0.100:/Destiny/path
To run commands in your remote computer just connect to it with:
ssh user#192.168.0.100
Customize the user, the IP and authenticate with the properly password.

Resources