Re: https://github.com/docker/for-mac/issues/410#issuecomment-537685529

Dockerfile-failing-ssh-agent-test

FROM ubuntu

RUN apt-get update && apt-get install -y openssh-client
RUN ssh-add -l 2>&1 | tee -a /tmp/ssh-agent.out || true
RUN cat /tmp/ssh-agent.out

output.md

Host system

# uname -v
Darwin Kernel Version 18.7.0: Tue Aug 20 16:57:14 PDT 2019; root:xnu-4903.271.2~2/RELEASE_X86_64

Use the above Dockerfile, in the traditional manner, and expect ssh-add to fail:

# docker build -f Dockerfile-failing-ssh-agent-test .
Sending build context to Docker daemon   25.6kB
Step 1/4 : FROM ubuntu
 ---> 2ca708c1c9cc
Step 2/4 : RUN apt-get update && apt-get install -y openssh-client
 ---> Using cache
 ---> 7be5e7cad803
Step 3/4 : RUN ssh-add -l 2>&1 | tee -a /tmp/ssh-agent.out || true
 ---> Running in 4e1653d22fd5
Could not open a connection to your authentication agent.
Removing intermediate container 4e1653d22fd5
 ---> 3e1669b2788f
Step 4/4 : RUN cat /tmp/ssh-agent.out
 ---> Running in f91c66ca745e
Could not open a connection to your authentication agent.
Removing intermediate container f91c66ca745e
 ---> 4183437ddc5d
Successfully built 4183437ddc5d

Add new RUN style command -- which is unsupported unless both DOCKER_BUILDKIT=1 && --ssh default are used.

# echo 'RUN --mount=type=ssh ssh-add -l > /tmp/ssh-agent-working.out' >> Dockerfile-failing-ssh-agent-test

Traditional invocation:

# docker build -f Dockerfile-failing-ssh-agent-test .
Sending build context to Docker daemon   25.6kB
Error response from daemon: Dockerfile parse error line 6: Unknown flag: mount

With only --ssh default flag:

# docker build --ssh default -f Dockerfile-failing-ssh-agent-test .
Sending build context to Docker daemon   25.6kB
Error response from daemon: Dockerfile parse error line 6: Unknown flag: mount

With only with DOCKER_BUILDKIT=1 env var:

# DOCKER_BUILDKIT=1 docker build -f Dockerfile-failing-ssh-agent-test .
[+] Building 0.1s (2/2) FINISHED                                                                                  
 => [internal] load .dockerignore                                                                            0.0s
 => => transferring context: 34B                                                                             0.0s
 => [internal] load build definition from Dockerfile-failing-ssh-agent-test                                  0.0s
 => => transferring dockerfile: 251B                                                                         0.0s
failed to solve with frontend dockerfile.v0: failed to create LLB definition: Dockerfile parse error line 6: Unknown flag: mount

With both DOCKER_BUILDKIT=1 && --ssh=default

# DOCKER_BUILDKIT=1 docker build -f Dockerfile-failing-ssh-agent-test --ssh default .
[+] Building 0.2s (2/2) FINISHED                                                                                  
 => [internal] load build definition from Dockerfile-failing-ssh-agent-test                                  0.0s
 => => transferring dockerfile: 60B                                                                          0.0s
 => [internal] load .dockerignore                                                                            0.0s
 => => transferring context: 34B                                                                             0.0s
failed to solve with frontend dockerfile.v0: failed to create LLB definition: Dockerfile parse error line 6: Unknown flag: mount

Add correct header at start of new Dockerfile-working

# echo "# syntax=docker/dockerfile:1.0-experimental" > Dockerfile-working
# cat Dockerfile-failing-ssh-agent-test >> Dockerfile-working

Demonstrate ssh-agent is now correctly working:

# DOCKER_BUILDKIT=1 docker build --ssh default -f Dockerfile-working .
[+] Building 4.7s (13/13) FINISHED                                                                                
 => [internal] load build definition from Dockerfile-working                                                 0.0s
 => => transferring dockerfile: 280B                                                                         0.0s
 => [internal] load .dockerignore                                                                            0.0s
 => => transferring context: 34B                                                                             0.0s
 => resolve image config for docker.io/docker/dockerfile:1.0-experimental                                    0.8s
 => CACHED docker-image://docker.io/docker/dockerfile:1.0-experimental@sha256:cbd6491240cc8894d25e366ba83da  0.0s
 => [internal] load build definition from Dockerfile-working                                                 0.0s
 => => transferring dockerfile: 280B                                                                         0.0s
 => [internal] load .dockerignore                                                                            0.0s
 => [internal] load metadata for docker.io/library/ubuntu:latest                                             0.0s
 => [1/5] FROM docker.io/library/ubuntu                                                                      0.0s
 => CACHED [2/5] RUN apt-get update && apt-get install -y openssh-client                                     0.0s
 => [3/5] RUN ssh-add -l 2>&1 | tee -a /tmp/ssh-agent.out || true                                            0.7s
 => [4/5] RUN cat /tmp/ssh-agent.out                                                                         0.8s
 => [5/5] RUN --mount=type=ssh ssh-add -l > /tmp/ssh-working-agent.out                                       0.7s
 => exporting to image                                                                                       0.0s 
 => => exporting layers                                                                                      0.0s
 => => writing image sha256:e041304e6fd655ab7729e075472e2aaface8bfd556d8865c78ccbb82e28f50a8                 0.0s

Demonstrate working output

# docker run --rm sha256:e041304e6fd655ab7729e075472e2aaface8bfd556d8865c78ccbb82e28f50a8 cat /tmp/ssh-agent-working.out
256 SHA256:<elided> <elided>@<elided> (<elided>)