Use git-credentials in a docker container

General
1

I’m trying to do git operations inside a docker container (via compose) but the git system can’t authenticate and hangs as outlined in Running `git fetch --shallow-since` to fetch commit author log causes hang on Buildkite runners · Issue #212 · KnapsackPro/knapsack_pro-ruby · GitHub

It looks like the git credential may be exposed via an ENV var as outlined at how do you use git-credentials inside a Dockerfile? · Issue #58 · buildkite/elastic-ci-stack-s3-secrets-hooks · GitHub but how does one use that correctly to do git operations on the pipeline repo from within the docker container.

Your help is appreciated :)

2

Hi @cam.allen :wave:

Welcome to the community!

This is a great question. You’re correct in that the credential.helper is stored as an environment variable GIT_CONFIG_PARAMETERS in the job environment. It may be as simple as ensuring that environment variable is properly passed into the container. If you are using the docker-compose plugin, you can set the propagate-environment option on the plugin config to true, and this should propagate the variables set in the job environment into the container.

If that still isn’t working, it may be helpful for us to have a look at some example builds. If you’d like us to take a look at those builds, you can reach out to support@buildkite.com and we’ll be happy to continue troubleshooting there as well!

I’m also curious - why are you needing to perform git operations within the container? Are you not able to perform those operations outside the container in the job environment, and then mount the directories into the container?

3

Thanks for the prompt response - I have already set the propagate-environment: true compose plugin setting while testing previously.

Re the git operations - the issue is with a dependency that runs in our test CI suite as linked in the original post, Running `git fetch --shallow-since` to fetch commit author log causes hang on Buildkite runners · Issue #212 · KnapsackPro/knapsack_pro-ruby · GitHub. That code wants to build a list of authors when it’s running inside the container and while it determines how to split the CI test runs out across parallel nodes, and I can’t control that code behaviour sadly.

I’ll email support with the specific builds I have that behaviour on to help debug.