Add an SSH key to Velocity

If your container image includes dependencies that require a SSH key to be added at build time, you can facilitate that process within Velocity by adding your SSH key(s) as build args via the Velocity Setup Wizard.

Adding SSH keys to container images

The established best practice for including a local SSH key in a container is to use your local SSH Agent to inject the key at buildtime, so that the key itself won't be present in the final, built image as a security measure.

SSH Agent

A background process on your machine that manages SSH keys.

You can confirm that your SSH agent is running, or start it if it isn't running, with the following command:

eval "$(ssh-agent -s)"

You can then add an existing, local SSH key to the agent with the following command:

ssh-add /path/to/your/private-key

Dockerfile syntax

With the above in place, you can then add a SSH key to your container image via the SSH agent with the following syntax:

# Dockerfile
...
# Add your SSH key using --mount=type=ssh
RUN --mount=type=ssh,id=sshkey git clone git@github.com:user/private-repo.git /app

Local Docker build command

Then, to add the default SSH key from your local SSH agent during a local build, you'll need to include the following in your docker build command:

docker build ... --ssh=default ...

Adding a SSH key to a Velocity-built image

With the above in place, you can simply select either the default SSH key in the Velocity Run Configuration Wizard, or you can select a different SSH key from the dropdown provided.

Adding multiple SSH keys to a Velocity-built image

To add multiple SSH keys into a Velocity-built image, you can use the Build Args table provided in the Run Configuration Wizard, as follows: