How to run or deploy an app with a git dependency to a private repo

Question

My application has a Git dependency to a private BitBucket repository.

  my_package:
    git:
      url: [email protected]:myuser/mypackage.git

When I run

gcloud --verbosity debug preview app run app.yaml

I get

Resolving dependencies...
Git error. Command: git clone --mirror [email protected]:myuser/my_package.git /root/.pub-cache/git/cache/my_package-6fe77906161a7a9252973e29e39a4149b75f9a7e
error: cannot run ssh: No such file or directory
fatal: unable to fork

I guess adding an ADD instruction to the Dockerfile would be a viable workaround.
The repo needs to be checked out to a local directory to make this work of course.

I tried:

FROM google/dart-runtime
ADD ../my_package ../my_package

https://docs.docker.com/reference/builder/#add says

The <src> path must be inside the context of the build; you cannot ADD 
../something /something, because the first step of a docker build is to
send the context directory (and subdirectories) to the docker daemon.

It seems I have to move the ..my_package directory into the my_app directory. This isn't beautiful :-(

When I add a bogus line to the Dockerfile run fails but if I add an ADD ... instruction it seems to be ignored entirely.

Answer 1

Update 2

My previous solution is still very inconvenient because I have to check in every time before I re-launch the app.

With great support I found a much more convenient solution. Instead of an symlink I mount the directory. See https://superuser.com/questions/842642 for more details. I don't know if and how this can work on other oSes (Win, OX X, ...)

I mount ../my_package to docker/my_package (instead of a symlink) and use this Dockerfile:

FROM google/dart

WORKDIR /app
ENV DART_SDK /usr/lib/dart

ADD dart_run.sh /dart_runtime/

RUN chmod 755 /dart_runtime/dart_run.sh && \
 chown root:root /dart_runtime/dart_run.sh

ADD pubspec.yaml /app/
ADD pubspec.lock /app/
ADD docker/my_package /my_package
RUN pub get
ADD . /app/
RUN pub get --offline

## Expose ports for debugger (5858), application traffic (8080)
## and the observatory (8181)
EXPOSE 8080 8181 5858

CMD []
ENTRYPOINT ["/dart_runtime/dart_run.sh"]

Update 1

It turns out just serving the .git directory of the checked out package though git-daemon is a much more convenient solution.
All I had to do was setting all up according to the docs at https://www.dartlang.org/cloud/ and use a git dependency in pubspec.yaml to this repo served by git-daemon.

  my_package:
    git:
      url: git://192.168.2.96/my_package
      ref: test

This url works when working locally and also within the Docker container.

Original

I can run my app with this Dockerfile

FROM google/dart

WORKDIR /app

RUN \
  apt-get update && \
  apt-get install -y openssh-client

ADD tool/bitbucket_deployment_key /root/.ssh/id_rsa

RUN \
  mkdir -p /root/.ssh && \
  echo "Host bitbucket.org" >> /root/.ssh/config && \
  echo "    StrictHostKeyChecking no" >> /root/.ssh/config && \
#  ssh-keyscan -t rsa -H bitbucket.org,131.103.20.167 >> /root/.ssh/known_hosts && \
  chmod 400 /root/.ssh/id_rsa && \
  eval $(ssh-agent) && \
  ssh-add /root/.ssh/id_rsa

RUN \
  git clone [email protected]:myuser/my_package.git /my_package --branch test && \
  rm /root/.ssh/id_rsa

#ENV DART_SDK /usr/lib/dart

ADD dart_run.sh /dart_runtime/

RUN chmod 755 /dart_runtime/dart_run.sh && \
  chown root:root /dart_runtime/dart_run.sh

ADD pubspec.yaml /app/
ADD pubspec.lock /app/
RUN pub get
ADD . /app/
RUN pub get --offline

# Expose ports for debugger (5858), application traffic (8080)
# and the observatory (8181)
EXPOSE 8080 8181 5858

CMD []
ENTRYPOINT ["/dart_runtime/dart_run.sh"]

I created id_rsa with ssh-keygen without a passphrase. This is the reason I delete the file from the image after the git clone command. It isn't used afterwards anyway.

In my BitBucket repo I added id_rsa.pub as a deployment key.

Answer 2

Apologies for adding this as an answer but am unable to comment without more reputation:

Please vote on google-cloud-sdk issue 93 if you would like this to be fixed:
https://code.google.com/p/google-cloud-sdk/issues/detail?id=93