Re: [go-cd] Mount .ssh from EFS to the container (from the image gocd/gocd-server:v22.3.0)

[Chad Wilson]

To add onto the many options here, if you only need the SSH keys to be used
by Git for clones etc, you can entirely customise how GIT uses SSH using
the *GIT_SSH_COMMAND* env var
;
set at the container level.

GIT_SSH_COMMAND="ssh -i /path/to/your/private/key"

Then you can put the private key anywhere you like (including /godata - not
just the home dir) which the GoCD server/agent has access to (as long as it
has the right file permissions (400 or 600) and is readable by
`go`/UID=1000 user, as Ram notes).

-Chad

On Tue, May 7, 2024 at 11:11 PM Sriram Narayanan 
wrote:

>
>
> On Mon, May 6, 2024 at 3:30 AM Jason Smyth  wrote:
>
>> Hi Satya,
>>
>> A possible workaround to the limitation is updating the server image and
>> adding a symlink that points ~/.ssh/ to wherever you want to actually mount
>> the data.
>>
>> I have never experimented with using a symlink for the .ssh directory,
>> though, so this may not work.
>>
>
> I haven't tried this yet, but one would explore adding a custom shell
> script at the /docker-entrypoint.d/ mount point which could create such a
> symlink
>
> Nice tip, Jason.
>
>
>>
>> Hope this helps,
>> Jason
>>
>>
>> On Sunday 28 April 2024 at 12:12:16 UTC-4 Sriram Narayanan wrote:
>>
>>> On Sat, Apr 27, 2024 at 7:10 PM Satya Elipe  wrote:
>>>
 Thank you Sriram.

 So, ".ssh" folder mounting will be separate from the rest of the data
 (/godata, for plugins, pipelines, db etc)...so there would be two separate
 mount points into the container ?

 I'm using ECS at the moment and not kubernetes, so my task definition
 will have two mount points like below:

 ```

 "mountPoints": [
 {
 "sourceVolume": "efs_id:/godata",

 "containerPath": "/godata"
 },
 {
 "sourceVolume": "efs_id:/godata/.ssh",

 "containerPath": "/home/go/.ssh"
 }
 ],

 ```

 So mounting /godata and efs_id:/godata/.ssh from EFS into the
 container at /godata and /home/go/.ssh locations respectively (per
 above code) seems to work.

 In this case entry_point.sh from the base image is able to
 map/consider and execute them properly, hence the server is up and running
 and functioning properly.

 Is that the way it has to be, I think the github repo for gocd server
 says that I guess, but perhaps I feel that extra mount point just for .ssh
 is overkill and if .ssh can also be entertained by entry_point.sh from one
 single mount point /godata in my case, that would be great ?

 If I do not mount .ssh into /home/go/.ssh separately into the container
 - things seem to fail complaining that "key verification failed", I'm not
 sure whether I'm still missing something here.

>>>
>>> Hey, I had got caught by surprise earlier during the "elastic agent"
>>> discussions and had assumed that you must be using EKS. Sorry, my bias had
>>> clouded my judgement then. Thankfully Chad and you cleared that up.
>>>
>>> ssh by default checks ~/.ssh/ for the keys. Within the GoCD server and
>>> agent containers, this home (~) is the /home/go directory, and hence we
>>> mount the .ssh folder there. There are use cases where the keys are made
>>> available via a different network share and not mixed with configurations
>>> that regular GoCD admins would have access to, and hence being able to
>>> mount from a separate place to ~/.ssh is helpful. You could always place
>>> the .ssh directory along side other directories that would get to godata,
>>> while also explicitly specifying a mount to /home/go. At present, GoCD does
>>> not have a configuration option to point it to a private key at a path
>>> other than ~/ssh
>>>
>>> https://docs.gocd.org/current/faq/docker_container_ssh_keys.html
>>>
>>>

 Many thanks
 Satya

 On Thu, Apr 25, 2024 at 3:31 PM Sriram Narayanan 
 wrote:

>
>
> On Thu, Apr 25, 2024 at 10:16 PM Satya Elipe 
> wrote:
>
>> Hi all
>>
>> Wonder, what's the way around to mount .ssh from EFS into the gocd
>> base container (from the image gocd/gocd-server:v22.3.0).
>>
>>
>> We have saved all our content into EFS under /godata and maps that
>> into the container as /godata.
>>
>>
>> We are using gocd/gocd-server:v22.3.0.
>>
>>
>> It all runs good, mapping was fine too but just one thing that’s not
>> happening is “.ssh” folder.
>>
>>
>> I have .ssh with all required keys in EFS under /godata and /godata
>> within the container also has .ssh but not /go-working-dir.
>>
>>
>> Is that supported, am I mis-configuring it, or do we need to handle
>> that outside of the base image ?
>>
>

Re: [go-cd] Mount .ssh from EFS to the container (from the image gocd/gocd-server:v22.3.0)

[Sriram Narayanan]

On Mon, May 6, 2024 at 3:30 AM Jason Smyth  wrote:

> Hi Satya,
>
> A possible workaround to the limitation is updating the server image and
> adding a symlink that points ~/.ssh/ to wherever you want to actually mount
> the data.
>
> I have never experimented with using a symlink for the .ssh directory,
> though, so this may not work.
>

I haven't tried this yet, but one would explore adding a custom shell
script at the /docker-entrypoint.d/ mount point which could create such a
symlink

Nice tip, Jason.


>
> Hope this helps,
> Jason
>
>
> On Sunday 28 April 2024 at 12:12:16 UTC-4 Sriram Narayanan wrote:
>
>> On Sat, Apr 27, 2024 at 7:10 PM Satya Elipe  wrote:
>>
>>> Thank you Sriram.
>>>
>>> So, ".ssh" folder mounting will be separate from the rest of the data
>>> (/godata, for plugins, pipelines, db etc)...so there would be two separate
>>> mount points into the container ?
>>>
>>> I'm using ECS at the moment and not kubernetes, so my task definition
>>> will have two mount points like below:
>>>
>>> ```
>>>
>>> "mountPoints": [
>>> {
>>> "sourceVolume": "efs_id:/godata",
>>>
>>> "containerPath": "/godata"
>>> },
>>> {
>>> "sourceVolume": "efs_id:/godata/.ssh",
>>>
>>> "containerPath": "/home/go/.ssh"
>>> }
>>> ],
>>>
>>> ```
>>>
>>> So mounting /godata and efs_id:/godata/.ssh from EFS into the container
>>> at /godata and /home/go/.ssh locations respectively (per above code) seems
>>> to work.
>>>
>>> In this case entry_point.sh from the base image is able to map/consider
>>> and execute them properly, hence the server is up and running and
>>> functioning properly.
>>>
>>> Is that the way it has to be, I think the github repo for gocd server
>>> says that I guess, but perhaps I feel that extra mount point just for .ssh
>>> is overkill and if .ssh can also be entertained by entry_point.sh from one
>>> single mount point /godata in my case, that would be great ?
>>>
>>> If I do not mount .ssh into /home/go/.ssh separately into the container
>>> - things seem to fail complaining that "key verification failed", I'm not
>>> sure whether I'm still missing something here.
>>>
>>
>> Hey, I had got caught by surprise earlier during the "elastic agent"
>> discussions and had assumed that you must be using EKS. Sorry, my bias had
>> clouded my judgement then. Thankfully Chad and you cleared that up.
>>
>> ssh by default checks ~/.ssh/ for the keys. Within the GoCD server and
>> agent containers, this home (~) is the /home/go directory, and hence we
>> mount the .ssh folder there. There are use cases where the keys are made
>> available via a different network share and not mixed with configurations
>> that regular GoCD admins would have access to, and hence being able to
>> mount from a separate place to ~/.ssh is helpful. You could always place
>> the .ssh directory along side other directories that would get to godata,
>> while also explicitly specifying a mount to /home/go. At present, GoCD does
>> not have a configuration option to point it to a private key at a path
>> other than ~/ssh
>>
>> https://docs.gocd.org/current/faq/docker_container_ssh_keys.html
>>
>>
>>>
>>> Many thanks
>>> Satya
>>>
>>> On Thu, Apr 25, 2024 at 3:31 PM Sriram Narayanan 
>>> wrote:
>>>


 On Thu, Apr 25, 2024 at 10:16 PM Satya Elipe 
 wrote:

> Hi all
>
> Wonder, what's the way around to mount .ssh from EFS into the gocd
> base container (from the image gocd/gocd-server:v22.3.0).
>
>
> We have saved all our content into EFS under /godata and maps that
> into the container as /godata.
>
>
> We are using gocd/gocd-server:v22.3.0.
>
>
> It all runs good, mapping was fine too but just one thing that’s not
> happening is “.ssh” folder.
>
>
> I have .ssh with all required keys in EFS under /godata and /godata
> within the container also has .ssh but not /go-working-dir.
>
>
> Is that supported, am I mis-configuring it, or do we need to handle
> that outside of the base image ?
>

 At a high level, the .ssh folder should be mounted into /home/go.
 e.g. docker run -v /path/to/godata:/godata -v /path/to/home-dir:/home/go
 gocd/gocd-server:v23.5.0
 IMPORTANT: You must set the user ID of the files within .ssh to 1000.
 This is the user ID of the gocd process within the container.

 See:
 https://github.com/gocd/docker-gocd-server?tab=readme-ov-file#mounting-volumes

 Given that you are using Kubernetes, please see the Helm chart
 documentation here
 https://github.com/gocd/helm-chart/blob/master/gocd/README.md

 It provides info on just about every configurable attribute for the
 GoCD server and the agent.

 Of particular importance for you are these two attributes:
 

Re: [go-cd] Mount .ssh from EFS to the container (from the image gocd/gocd-server:v22.3.0)

[Jason Smyth]

Hi Satya,

A possible workaround to the limitation is updating the server image and 
adding a symlink that points ~/.ssh/ to wherever you want to actually mount 
the data.

I have never experimented with using a symlink for the .ssh directory, 
though, so this may not work.

Hope this helps,
Jason


On Sunday 28 April 2024 at 12:12:16 UTC-4 Sriram Narayanan wrote:

> On Sat, Apr 27, 2024 at 7:10 PM Satya Elipe  wrote:
>
>> Thank you Sriram.
>>
>> So, ".ssh" folder mounting will be separate from the rest of the data 
>> (/godata, for plugins, pipelines, db etc)...so there would be two separate 
>> mount points into the container ? 
>>
>> I'm using ECS at the moment and not kubernetes, so my task definition 
>> will have two mount points like below:
>>
>> ```
>>
>> "mountPoints": [
>> {
>> "sourceVolume": "efs_id:/godata",
>>
>> "containerPath": "/godata"
>> },
>> {
>> "sourceVolume": "efs_id:/godata/.ssh",
>>
>> "containerPath": "/home/go/.ssh"
>> }
>> ],
>>
>> ```
>>
>> So mounting /godata and efs_id:/godata/.ssh from EFS into the container 
>> at /godata and /home/go/.ssh locations respectively (per above code) seems 
>> to work. 
>>
>> In this case entry_point.sh from the base image is able to map/consider 
>> and execute them properly, hence the server is up and running and 
>> functioning properly.
>>
>> Is that the way it has to be, I think the github repo for gocd server 
>> says that I guess, but perhaps I feel that extra mount point just for .ssh 
>> is overkill and if .ssh can also be entertained by entry_point.sh from one 
>> single mount point /godata in my case, that would be great ?
>>
>> If I do not mount .ssh into /home/go/.ssh separately into the container - 
>> things seem to fail complaining that "key verification failed", I'm not 
>> sure whether I'm still missing something here.
>>
>
> Hey, I had got caught by surprise earlier during the "elastic agent" 
> discussions and had assumed that you must be using EKS. Sorry, my bias had 
> clouded my judgement then. Thankfully Chad and you cleared that up.
>
> ssh by default checks ~/.ssh/ for the keys. Within the GoCD server and 
> agent containers, this home (~) is the /home/go directory, and hence we 
> mount the .ssh folder there. There are use cases where the keys are made 
> available via a different network share and not mixed with configurations 
> that regular GoCD admins would have access to, and hence being able to 
> mount from a separate place to ~/.ssh is helpful. You could always place 
> the .ssh directory along side other directories that would get to godata, 
> while also explicitly specifying a mount to /home/go. At present, GoCD does 
> not have a configuration option to point it to a private key at a path 
> other than ~/ssh
>
> https://docs.gocd.org/current/faq/docker_container_ssh_keys.html
>  
>
>>
>> Many thanks
>> Satya
>>
>> On Thu, Apr 25, 2024 at 3:31 PM Sriram Narayanan  
>> wrote:
>>
>>>
>>>
>>> On Thu, Apr 25, 2024 at 10:16 PM Satya Elipe  wrote:
>>>
 Hi all 

 Wonder, what's the way around to mount .ssh from EFS into the gocd base 
 container (from the image gocd/gocd-server:v22.3.0).


 We have saved all our content into EFS under /godata and maps that into 
 the container as /godata.


 We are using gocd/gocd-server:v22.3.0.


 It all runs good, mapping was fine too but just one thing that’s not 
 happening is “.ssh” folder.


 I have .ssh with all required keys in EFS under /godata and /godata 
 within the container also has .ssh but not /go-working-dir.


 Is that supported, am I mis-configuring it, or do we need to handle 
 that outside of the base image ?

>>>
>>> At a high level, the .ssh folder should be mounted into /home/go. 
>>> e.g. docker run -v /path/to/godata:/godata -v /path/to/home-dir:/home/go 
>>> gocd/gocd-server:v23.5.0
>>> IMPORTANT: You must set the user ID of the files within .ssh to 1000. 
>>> This is the user ID of the gocd process within the container.
>>>
>>> See: 
>>> https://github.com/gocd/docker-gocd-server?tab=readme-ov-file#mounting-volumes
>>>
>>> Given that you are using Kubernetes, please see the Helm chart 
>>> documentation here 
>>> https://github.com/gocd/helm-chart/blob/master/gocd/README.md
>>>
>>> It provides info on just about every configurable attribute for the GoCD 
>>> server and the agent.
>>>
>>> Of particular importance for you are these two attributes:
>>> server.persistence.subpath.homego
>>> agent.persistence.subpath.homego
>>>
>>> Please see that document and jot down your action plan since you will 
>>> need to provide the SSH keys to the server _and_ the agent containers.
>>>
>>> IMPORTANT: You must set the user ID of the files within .ssh to 1000. 
>>> This is the user ID of the gocd process 

Re: [go-cd] Mount .ssh from EFS to the container (from the image gocd/gocd-server:v22.3.0)

[Sriram Narayanan]

On Sat, Apr 27, 2024 at 7:10 PM Satya Elipe  wrote:

> Thank you Sriram.
>
> So, ".ssh" folder mounting will be separate from the rest of the data
> (/godata, for plugins, pipelines, db etc)...so there would be two separate
> mount points into the container ?
>
> I'm using ECS at the moment and not kubernetes, so my task definition will
> have two mount points like below:
>
> ```
>
> "mountPoints": [
> {
> "sourceVolume": "efs_id:/godata",
>
> "containerPath": "/godata"
> },
> {
> "sourceVolume": "efs_id:/godata/.ssh",
>
> "containerPath": "/home/go/.ssh"
> }
> ],
>
> ```
>
> So mounting /godata and efs_id:/godata/.ssh from EFS into the container
> at /godata and /home/go/.ssh locations respectively (per above code) seems
> to work.
>
> In this case entry_point.sh from the base image is able to map/consider
> and execute them properly, hence the server is up and running and
> functioning properly.
>
> Is that the way it has to be, I think the github repo for gocd server says
> that I guess, but perhaps I feel that extra mount point just for .ssh is
> overkill and if .ssh can also be entertained by entry_point.sh from one
> single mount point /godata in my case, that would be great ?
>
> If I do not mount .ssh into /home/go/.ssh separately into the container -
> things seem to fail complaining that "key verification failed", I'm not
> sure whether I'm still missing something here.
>

Hey, I had got caught by surprise earlier during the "elastic agent"
discussions and had assumed that you must be using EKS. Sorry, my bias had
clouded my judgement then. Thankfully Chad and you cleared that up.

ssh by default checks ~/.ssh/ for the keys. Within the GoCD server and
agent containers, this home (~) is the /home/go directory, and hence we
mount the .ssh folder there. There are use cases where the keys are made
available via a different network share and not mixed with configurations
that regular GoCD admins would have access to, and hence being able to
mount from a separate place to ~/.ssh is helpful. You could always place
the .ssh directory along side other directories that would get to godata,
while also explicitly specifying a mount to /home/go. At present, GoCD does
not have a configuration option to point it to a private key at a path
other than ~/ssh

https://docs.gocd.org/current/faq/docker_container_ssh_keys.html


>
> Many thanks
> Satya
>
> On Thu, Apr 25, 2024 at 3:31 PM Sriram Narayanan 
> wrote:
>
>>
>>
>> On Thu, Apr 25, 2024 at 10:16 PM Satya Elipe 
>> wrote:
>>
>>> Hi all
>>>
>>> Wonder, what's the way around to mount .ssh from EFS into the gocd base
>>> container (from the image gocd/gocd-server:v22.3.0).
>>>
>>>
>>> We have saved all our content into EFS under /godata and maps that into
>>> the container as /godata.
>>>
>>>
>>> We are using gocd/gocd-server:v22.3.0.
>>>
>>>
>>> It all runs good, mapping was fine too but just one thing that’s not
>>> happening is “.ssh” folder.
>>>
>>>
>>> I have .ssh with all required keys in EFS under /godata and /godata
>>> within the container also has .ssh but not /go-working-dir.
>>>
>>>
>>> Is that supported, am I mis-configuring it, or do we need to handle that
>>> outside of the base image ?
>>>
>>
>> At a high level, the .ssh folder should be mounted into /home/go.
>> e.g. docker run -v /path/to/godata:/godata -v /path/to/home-dir:/home/go
>> gocd/gocd-server:v23.5.0
>> IMPORTANT: You must set the user ID of the files within .ssh to 1000.
>> This is the user ID of the gocd process within the container.
>>
>> See:
>> https://github.com/gocd/docker-gocd-server?tab=readme-ov-file#mounting-volumes
>>
>> Given that you are using Kubernetes, please see the Helm chart
>> documentation here
>> https://github.com/gocd/helm-chart/blob/master/gocd/README.md
>>
>> It provides info on just about every configurable attribute for the GoCD
>> server and the agent.
>>
>> Of particular importance for you are these two attributes:
>> server.persistence.subpath.homego
>> agent.persistence.subpath.homego
>>
>> Please see that document and jot down your action plan since you will
>> need to provide the SSH keys to the server _and_ the agent containers.
>>
>> IMPORTANT: You must set the user ID of the files within .ssh to 1000.
>> This is the user ID of the gocd process within the container.
>>
>>
>>
>>>
>>> Many thanks in advance !
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "go-cd" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to go-cd+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/go-cd/CADKEDRrQOX11i951ZPiUYeOdMqThbCoZG7_WAqgBJFg1BxqxfQ%40mail.gmail.com
>>> 

Re: [go-cd] Mount .ssh from EFS to the container (from the image gocd/gocd-server:v22.3.0)

[Satya Elipe]

Thank you Sriram.

So, ".ssh" folder mounting will be separate from the rest of the data
(/godata, for plugins, pipelines, db etc)...so there would be two separate
mount points into the container ?

I'm using ECS at the moment and not kubernetes, so my task definition will
have two mount points like below:

```

"mountPoints": [
{
"sourceVolume": "efs_id:/godata",

"containerPath": "/godata"
},
{
"sourceVolume": "efs_id:/godata/.ssh",

"containerPath": "/home/go/.ssh"
}
],

```

So mounting /godata and efs_id:/godata/.ssh from EFS into the
container at /godata
and /home/go/.ssh locations respectively (per above code) seems to work.

In this case entry_point.sh from the base image is able to map/consider and
execute them properly, hence the server is up and running and
functioning properly.

Is that the way it has to be, I think the github repo for gocd server says
that I guess, but perhaps I feel that extra mount point just for .ssh is
overkill and if .ssh can also be entertained by entry_point.sh from one
single mount point /godata in my case, that would be great ?

If I do not mount .ssh into /home/go/.ssh separately into the container -
things seem to fail complaining that "key verification failed", I'm not
sure whether I'm still missing something here.

Many thanks
Satya

On Thu, Apr 25, 2024 at 3:31 PM Sriram Narayanan 
wrote:

>
>
> On Thu, Apr 25, 2024 at 10:16 PM Satya Elipe 
> wrote:
>
>> Hi all
>>
>> Wonder, what's the way around to mount .ssh from EFS into the gocd base
>> container (from the image gocd/gocd-server:v22.3.0).
>>
>>
>> We have saved all our content into EFS under /godata and maps that into
>> the container as /godata.
>>
>>
>> We are using gocd/gocd-server:v22.3.0.
>>
>>
>> It all runs good, mapping was fine too but just one thing that’s not
>> happening is “.ssh” folder.
>>
>>
>> I have .ssh with all required keys in EFS under /godata and /godata
>> within the container also has .ssh but not /go-working-dir.
>>
>>
>> Is that supported, am I mis-configuring it, or do we need to handle that
>> outside of the base image ?
>>
>
> At a high level, the .ssh folder should be mounted into /home/go.
> e.g. docker run -v /path/to/godata:/godata -v /path/to/home-dir:/home/go
> gocd/gocd-server:v23.5.0
> IMPORTANT: You must set the user ID of the files within .ssh to 1000. This
> is the user ID of the gocd process within the container.
>
> See:
> https://github.com/gocd/docker-gocd-server?tab=readme-ov-file#mounting-volumes
>
> Given that you are using Kubernetes, please see the Helm chart
> documentation here
> https://github.com/gocd/helm-chart/blob/master/gocd/README.md
>
> It provides info on just about every configurable attribute for the GoCD
> server and the agent.
>
> Of particular importance for you are these two attributes:
> server.persistence.subpath.homego
> agent.persistence.subpath.homego
>
> Please see that document and jot down your action plan since you will need
> to provide the SSH keys to the server _and_ the agent containers.
>
> IMPORTANT: You must set the user ID of the files within .ssh to 1000. This
> is the user ID of the gocd process within the container.
>
>
>
>>
>> Many thanks in advance !
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "go-cd" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to go-cd+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/go-cd/CADKEDRrQOX11i951ZPiUYeOdMqThbCoZG7_WAqgBJFg1BxqxfQ%40mail.gmail.com
>> 
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "go-cd" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to go-cd+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/go-cd/CANiY96aM47Ck0vc%3D1BnjnMd%2BT9eu4BKokLqLXMG0mNAezT2V_A%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to go-cd+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/go-cd/CADKEDRoj%2BrFqeT%2B3%2BF_TYnOn6C03kTJyzDzdtChoDOEc_BWxzg%40mail.gmail.com.

Re: [go-cd] Mount .ssh from EFS to the container (from the image gocd/gocd-server:v22.3.0)

[Sriram Narayanan]

On Thu, Apr 25, 2024 at 10:16 PM Satya Elipe  wrote:

> Hi all
>
> Wonder, what's the way around to mount .ssh from EFS into the gocd base
> container (from the image gocd/gocd-server:v22.3.0).
>
>
> We have saved all our content into EFS under /godata and maps that into
> the container as /godata.
>
>
> We are using gocd/gocd-server:v22.3.0.
>
>
> It all runs good, mapping was fine too but just one thing that’s not
> happening is “.ssh” folder.
>
>
> I have .ssh with all required keys in EFS under /godata and /godata within
> the container also has .ssh but not /go-working-dir.
>
>
> Is that supported, am I mis-configuring it, or do we need to handle that
> outside of the base image ?
>

At a high level, the .ssh folder should be mounted into /home/go.
e.g. docker run -v /path/to/godata:/godata -v /path/to/home-dir:/home/go
gocd/gocd-server:v23.5.0
IMPORTANT: You must set the user ID of the files within .ssh to 1000. This
is the user ID of the gocd process within the container.

See:
https://github.com/gocd/docker-gocd-server?tab=readme-ov-file#mounting-volumes

Given that you are using Kubernetes, please see the Helm chart
documentation here
https://github.com/gocd/helm-chart/blob/master/gocd/README.md

It provides info on just about every configurable attribute for the GoCD
server and the agent.

Of particular importance for you are these two attributes:
server.persistence.subpath.homego
agent.persistence.subpath.homego

Please see that document and jot down your action plan since you will need
to provide the SSH keys to the server _and_ the agent containers.

IMPORTANT: You must set the user ID of the files within .ssh to 1000. This
is the user ID of the gocd process within the container.



>
> Many thanks in advance !
>
> --
> You received this message because you are subscribed to the Google Groups
> "go-cd" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to go-cd+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/go-cd/CADKEDRrQOX11i951ZPiUYeOdMqThbCoZG7_WAqgBJFg1BxqxfQ%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to go-cd+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/go-cd/CANiY96aM47Ck0vc%3D1BnjnMd%2BT9eu4BKokLqLXMG0mNAezT2V_A%40mail.gmail.com.

[go-cd] Mount .ssh from EFS to the container (from the image gocd/gocd-server:v22.3.0)

[Satya Elipe]

Hi all

Wonder, what's the way around to mount .ssh from EFS into the gocd base
container (from the image gocd/gocd-server:v22.3.0).


We have saved all our content into EFS under /godata and maps that into the
container as /godata.


We are using gocd/gocd-server:v22.3.0.


It all runs good, mapping was fine too but just one thing that’s not
happening is “.ssh” folder.


I have .ssh with all required keys in EFS under /godata and /godata within
the container also has .ssh but not /go-working-dir.


Is that supported, am I mis-configuring it, or do we need to handle that
outside of the base image ?


Many thanks in advance !

-- 
You received this message because you are subscribed to the Google Groups 
"go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to go-cd+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/go-cd/CADKEDRrQOX11i951ZPiUYeOdMqThbCoZG7_WAqgBJFg1BxqxfQ%40mail.gmail.com.