DO NOT USE: project uses ~/.ssh dir into docker container.

[clemens-tolboom]

What happened

I had to as advised by OPS to revoke all my pub keys (60 servers) as the Docker container used my keys.

Why

The docker-composer.yml mount several directories of which ~/.ssh. I guess for good reasons to build the project within the container to minimize the hassle with environment settings.

taller-test/docker-compose.yml

Line 36 in 580208a

- $HOME/.ssh:/drupal/.ssh

Awesome project

Don't get me wrong as sharing this project is great. I hope to contribute to it.

Resolution

• It was (obviously) my bad not reading/understanding the docker-compose.yml file and understanding the makefile.
• But the README.md should have a warning too.
• Mounting a .ssh-taller instead of .ssh would at least trigger losts of people.

[lucasconstantino]

@clemens-tolboom as it is the case on other issues, I think this project uses a very opinionated building and container system which should probably get simplified to a minimum. This SSH logic is pretty much disposable.

@sebas5384 we must try and simplify these config.

[sebas5384]

Hey @clemens-tolboom ! thanks for the heads-up! in this case the .ssh is only being used to facilitate the developers to ssh or make usage of their git inside the container, which is always local since we never build the image and sent it to anywhere.

Having said that, as @lucasconstantino mention we need to reduce the opinion of our docker stack, and I'll be taking a look at that this week 👍
For now we can just remove the mounting stuff.

[lucasconstantino]

@sebas5384 I guess we can close this issue now?

[clemens-tolboom]

The commit in 93100e3 removes the issue but I guess will block the build process as it will hit the github pull limit https://developer.github.com/v3/rate_limit/ . I'm not sure although I hit it once with a composer project iirc. Not sure and not time to test (deadline)