Docker - Clone the Source Code Into Docker Container securely

We already know there are many ways of getting the source code into the docker image. The COPY|ADD method, Volume way and using the RUN instruction are different ways of getting the source code into the docker container. The first and the last method allows the code to be available during docker build and volume way is available during the container runtime. The changes made will be available live to the running container in the volume way.

In this article we will see how we can securely pull the code from github using the Dockerfile RUN instruction. We will be using a Github OAuth token to access our repositories in an automated fashion in the Dockerfile

Create GITHUB OAuth Token - Using personal access tokens allows us to skip providing the username and password while making the request. This is a recommended approach to automating the automation of code. This is also an easier way then working with Ssh Keys.

In order to generate the OAuth token, go to your Github -> Settings -> applications -> generate new token. Github will ask for the access levels for the token. Choose the Repo level access permissions and generate the token. Save the token.

Using the Token - using the token is very easy. All we have to do is to provide the Github Url along with the token generated. From the Dockerfile, we can use the RUN instruction along with the Git clone as below,

RUN mkdir -p /home/app

RUN git clone -b master https://7dd7c748e8c0f376920911952fffc7210e03b6db:x-oauth-basic@github.com/jagadish12/SampleTest.git /myapp/

The syntax for the git clone is, git clone -b https://:x-oauth-basic@github.com/jagadish12/SampleTest.git /myapp/

All we have to do is to pass the token along with the github url. This way we can clone the private repo using secure way.