I'm trying to set up a development container in VS Code, but I'm running into a problem where it keeps mounting the SSH agent, GPG agents, and Git settings from my Mac. I really want to isolate the container from my local GPG and SSH keys completely.
I'm using a straightforward Dockerfile based on Debian and including git, openssh-client, and gnupg, along with a Docker Compose file. I've attempted to set various environment variables like SSH_AUTH_SOCK, GPG_AGENT_INFO, GPG_TTY, and GNUPGHOME in the Dockerfile, docker-compose.yml, and .devcontainer.json, but nothing seems to work! My container can still access my local keys by running ssh-add -L and gpg -k, and it's super frustrating!
Any advice on how to avoid this issue would be greatly appreciated! Just to clarify, I'm really looking to resolve the problem with VS Code leaking my host settings into the dev container, not necessarily making the project work. Thanks in advance!
2 Answers
If you're looking for ultimate isolation, have you thought about running it inside a VM instead? That way, you can keep everything completely separate from your host machine.
Remember that Docker on macOS runs the containers in a VM, so that might be part of why you're experiencing this.
I can relate! I'm having the opposite issue—my dev containers refuse to forward my SSH agent (I use 1Password). It's frustrating not having that accessibility when setting things up.
I usually run everything on Docker, so I could manage without the .devcontainer feature and use Docker Compose as before. I'm trying to set this project up to share it across teams for easier collaboration. Unfortunately, not everyone is familiar with Docker commands, which leads to issues, particularly when they forget to run npm install from the container and end up having problems with package compatibility. So, trying to keep it simple with VS Code for them is a must!