C2C Blog post: Deploying public keys in Docker containers

docker-entrypoint.sh

#!/bin/sh

# Deploy users keys as X509 public keys to SSL_DIR
SSL_DIR=/etc/puppetlabs/mcollective/clients /go/bin/github_pki

# Deploy user keys as an authorized_keys file
AUTHORIZED_KEYS=/root/.ssh/authorized_keys /go/bin/github_pki

docker-run.sh

$ docker run -e AUTHORIZED_KEYS=/root/.ssh/authorized_keys \
             -e SSL_DIR=/etc/test/ssl \
             -e GITHUB_ORG="myorg" \
             -e GITHUB_TEAM="mypals" \
             -e GITHUB_USERS="otheruser" \
             -e GITHUB_TOKEN=398d6d326a546d40f3f1ef93345d1fc5ee0f0j38 \
             mydockerimage
run-parts: executing /docker-entrypoint.d/25-populate-ssl-clients.sh
time="2016-03-22T09:45:52Z" level=info msg="Adding users for team mypals" 
time="2016-03-22T09:45:52Z" level=info msg="Adding user bob" 
time="2016-03-22T09:45:52Z" level=info msg="Adding user alice" 
time="2016-03-22T09:45:52Z" level=info msg="Adding individual user otheruser" 
time="2016-03-22T09:45:53Z" level=info msg="Getting keys for user bob" 
time="2016-03-22T09:45:53Z" level=info msg="Getting keys for user alice" 
time="2016-03-22T09:45:53Z" level=info msg="Getting keys for user otheruser"
time="2016-03-22T09:45:59Z" level=info msg="Generating /root/.ssh/authorized_keys" 
time="2016-03-22T09:45:59Z" level=info msg="Dumping X509 keys to /etc/puppetlabs/mcollective/clients" 
time="2016-03-22T09:45:59Z" level=info msg="Converting key bob/1325852 to X509" 
time="2016-03-22T09:45:59Z" level=info msg="Converting key alice/123756 to X509" 
time="2016-03-22T09:45:59Z" level=info msg="Converting key alice/7845928 to X509" 
time="2016-03-22T09:45:59Z" level=info msg="Converting key otheruser/8540586 to X509"

Dockerfile

FROM debian:jessie

ENV GOPATH=/go
RUN apt-get update && apt-get install -y golang-go git \
  && go get github.com/camptocamp/github_pki \
  && apt-get autoremove -y golang-go git \
  && rm -rf /var/lib/apt/lists/*