OK, excited about the docker functionality in 2.8 and got it to do... most of my containers. But I'm having a little pickle with a few which rely on private repos. I was able to get docker-buildkit functionality working with

pants.toml

and

[docker]
env_vars=["DOCKER_BUILDKIT=1", "SSH_AUTH_SOCK"]

...so that I could get

mount=type=ssh

working for ssh authentication, and that's where we go a bit wrong. Running under pants, dockerfiles with

RUN --mount=type=ssh

don't seem to work, even though in the generated

__run.sh

includes the required

#!/bin/bash
# This command line should execute the same process as pants did internally.
export DOCKER_BUILDKIT=1 SSH_AUTH_SOCK=/tmp/path/to/ssh/agent/sock
cd /tmp/process-directory-tmp
/usr/bin/docker build -t $'my-tag' -f my-dockerfile .

if I

cd

to that directory and run

__run.sh

, everything builds. If I

pants package my-docker-target

, which is what generated that file, it doesn't build and gives an ssh key error when downloading custom requirements from a private github repo. Anything we can do about that? Am I missing a flag or is this a problem with the docker backend?

Cool. Sounds like an issue with the docker backend. But I’m puzzled as to why the

__run.sh

script works, when it doesn’t when running with

./pants

.. I’ll dig into this a bit, but I’ll certainly need some assistance, as I’ve no experience with using ssh auth sock et al.

No real problem, and thanks for looking into it; glad to provide as much as possible (it's friday night here as well, so I totally get it). No rush on this. Our existing non-pants build scripts keep building just fine, but I was really excited that with pants we can at least attempt building docker containers in parallel (which is something I've desired for a while).

Please write tickets, that would be great.