How to use github token in Dockerfile that is built in GitHub Actions and trying to clone private repository?

12.3k views Asked by At

Here's my GitHub Action step. PRIVATE_REQUIREMENT_OWNER_TOKEN secret is already created and contains GitHub token with full repo scope:

  - name: Build docker image
    id: docker_build
    uses: docker/build-push-action@v2
    with:
      push: false
      context: .
      tags: 'username/image:latest'
      secrets: |
        "github_token=${{ secrets.PRIVATE_REQUIREMENT_OWNER_TOKEN }}"

Here's a line in requirements.txt that contains a link to the private repository and trying to be installed while building a docker image from Dockerfile during the step above:

git+ssh://[email protected]/username/private-repository

The line has been added to the Dockerfile

RUN --mount=type=secret,id=github_token pip install https://$(cat /run/secrets/github_token)@github.com/username/private-repository.git

that throws following error in GitHub Actions:

#11 [ 6/12] RUN --mount=type=secret,id=PRIVATE_REQUIREMENT_OWNER_TOKEN_SECRET pip install https://$(cat /run/secrets/PRIVATE_REQUIREMENT_OWNER_TOKEN_SECRET)@github.com/username/private-repository.git
#11 sha256:b3d88dd9813db3257b15f53f1eb5a4c593c69ff98ec03cc4d70d564df1a1f7f6
#11 0.697 Collecting https://****@github.com/vassilyvv/django-sinbad.git
#11 0.790   ERROR: HTTP error 404 while getting https://****@github.com/username/private-repository
.git
#11 0.791 ERROR: Could not install requirement https://****@github.com/username/private-repository
.git because of HTTP error 404 Client Error: Not Found for url: https://github.com/username/private-repository
 for URL https://****@github.com/username/private-repository.git

But when I'm trying to use the same token to clone a repository on the local machine, it goes well:

git clone https://<token>@github.com/username/private-repository.git

I completely have no idea how to use this github_token to successfully clone the private repository mentioned above.

My goal is to clone the private GitHub repository while building a docker image from Dockerfile in GitHub Actions. And I almost sure that I already performed some wrong steps. Please help!

1

There are 1 answers

1
Robin Raju On BEST ANSWER

I see this as a problem with the git URL provided to pip. If you need to install a python package from a private git repository, you may use the following format.

pip install git+https://<PERSONAL_ACCESS_TOKEN>@github.com/username/private-repo.git

So in your case, it will be:

pip install git+https://$(cat /run/secrets/github_token)@github.com/username/private-repository.git

See: https://pip.pypa.io/en/stable/cli/pip_install/#git