SSH agent forward into docker container on macOS

Preface

I am used to git ssh remote URL, in case of public and private repositories either from GitHub or gitlab (those projects are either contributed or authored by me). Beside in my current company (Zitelab ApS), we have our gitlab enterprise edition server which is hosted into our own cloud and most of the repositories are internally accessible by our team exclusively. The main reason for using ssh remote URL is to avoid entering username and password at each time of push, pull (required over https remote URL)

Why SSH agent for docker container

For me as a new macOS user, for the first time, I faced problem while trying to clone some of the repositories from the inside docker container. My idea was to copy my local ssh key pair into container´s .ssh directory (not secure huh!) and help from the great teacher Google found many solutions for me like Pass local machine’s SSH key to docker container, Using SSH keys inside docker container and so on, however honestly speaking I was not able to implement the ssh key pair copying idea (may not be tried so hard, because I found a better and safe idea later?)

Finally took the idea of ssh agent forwarding (which method I used already in the vagrant based machine). In my opinion, this approach is the best fit for fulfilling my purpose at least.

Configure SSH agent forward in Mac Machine

I refer ´host´ as my development machine it-self and ´guest´ is referred to the docker container. Ignore this the step if you have already.

Setup Host Machine´s ssh config (~/.ssh/config) (Optional)

Example wildcard(*) applicable for all host
Host *
     ForwardAgent yes
     IdentityFile ~/.ssh/id_rsa
Example Certain Host
Host gitlab.com
     ForwardAgent yes
     IdentityFile ~/.ssh/id_rsa_gitlab
Example Certain IP ranges
Host 192.168.*
ForwardAgent yes
IdentityFile ~/.ssh/id_rsa_gitlab

Setup in Docker-compose file

docker-compose.yml

version: '3'
services:
  my_service_name:
    build: .
    environment:
      - SSH_AUTH_SOCK="${SSH_AUTH_SOCK}"
    volumes:
      - ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK}

Enable SSH Forwarding directly from docker command

docker run --rm -t -i  -v $SSH_AUTH_SOCK:${SSH_AUTH_SOCK} -e SSH_AUTH_SOCK=${SSH_AUTH_SOCK}  <your container tag>

Disclaimer

My machine is MacBook pro 15 2109 and with Mojave OS (at the time of writing), However, I saw on the internet some complaints about not working properly but in my case, it is working perfectly.

References

  1. Can we re-use the OSX ssh-agent socket in a container?

MySQL Connector C API (libmysqlclient) install and configure in MacOS

Preface

I am the mad (maybe fool) guy who doesn’t prefer to install services (like MySQL, PostgreSQL and so on) into development machine, instead using docker containers, this way gives me a lot of flexibilities, for example, I could have multiple versions of MySQL servers (each version could be project-specific depends on requirements), besides no unnecessary processes are running in my development machine.

This writing for those concerns who don’t have MySQL server installed into MacOS powered development machine (like MacBook Pro) but need to work with MySQL connection through programming languages (i.e Python in my case). Bellows are focused on ´MySQL-Python´, ´mysqlclient´ installation problems and solutions. If you have MySQL server installed through Homebrew, we don’t expect you are facing any connection related problem.

Prerequisite

As a requirement of my solution, I assume you already have Homebrew installed on your machine, other than going to the official site about to installl it, should be pretty easy.

OpenSSL

Make sure you have OpenSSL installed and the path is added in bash and/or zsh profile. Try (which openssl) to check if already available. Other than installed and configure it.

brew install openssl

echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile 

echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.zshrc (if you are using zsh)

Install and Configure MySQL connector C API

Install through Homebrew

brew install mysql-connector-c

Configure mysql_config

  1. Find the file location by using the command ls -la `which mysql_config`
  2. Open the file with sudo privileges by any editor.
  3. Find #Create options and comment in libs="$libs -l "
  4. Add libs="$libs -lmysqlclient -lssl -lcrypto" and save

Update bash and/or zsh profile

echo 'export LDFLAGS="-L/usr/local/opt/openssl/lib"' >> ~/.bash_profile 

echo 'export CPPFLAGS="-I/usr/local/opt/openssl/include"' >> ~/.bash_profile 


# if you have zsh
echo 'export LDFLAGS="-L/usr/local/opt/openssl/lib"' >> ~/.zshrc 

echo 'export CPPFLAGS="-I/usr/local/opt/openssl/include"' >> ~/.zshrc

Some Common errors could be solved

Collecting mysqlclient   Using cached 
https://files.pythonhosted.org/packages/ec/fd/83329b9d3e14f7344d1cb31f128e6dbba70c5975c9e57896815dbb1988ad/mysqlclient-1.3.13.tar.gz
     Complete output from command python setup.py egg_info:     
Traceback (most recent call last):       File "<string>", line 1, in <module>       
File "/private/var/folders/h3/sff7td1d6pg5v5qsm5xf31q80000gn/T/pip-install-ki9z7ln9/mysqlclient/setup.py", line 18, in <module>         metadata, options = get_config()       

File "/private/var/folders/h3/sff7td1d6pg5v5qsm5xf31q80000gn/T/pip-install-ki9z7ln9/mysqlclient/setup_posix.py", line 60, in get_config         libraries = [dequote(i[2:]) for i in libs if i.startswith('-l')]       
File "/private/var/folders/h3/sff7td1d6pg5v5qsm5xf31q80000gn/T/pip-install-ki9z7ln9/mysqlclient/setup_posix.py", line 60, in <listcomp>         libraries = [dequote(i[2:]) for i in libs if i.startswith('-l')]       
File "/private/var/folders/h3/sff7td1d6pg5v5qsm5xf31q80000gn/T/pip-install-ki9z7ln9/mysqlclient/setup_posix.py", line 13, in dequote         
raise Exception("Wrong MySQL configuration: maybe https://bugs.mysql.com/bug.php?id=86971 ?")     
Exception: Wrong MySQL configuration: maybe https://bugs.mysql.com/bug.php?id=86971 ?

References

  1. MySQLClient instal error: “raise Exception(”Wrong MySQL configuration: maybe https://bugs.mysql.com/bug.php?id”
  2. pip3 install mysqlclient fails on macOS
  3. MySQL Bug #86971 mysql_config –libs of mysql-connector/c 6.1.0 on macOS is wrong