Dockerizing godoc for private repositories // Brad Erickson

If you have private libraries, then you will want to run a private godoc instance to make the documentation more accessible.

Recommended next steps:

Add AuthN/AuthZ directly or with an auth proxy.
Trigger CI jobs from master branch merges of documented projects.

build.sh

#!/bin/bash

SSH_PRIVATE_KEY_FILE=$(find ~/.ssh | grep id_ | grep -v pub | head -n1)

docker build -t org/godoc --build-arg SSH_PRIVATE_KEY="$(cat ${SSH_PRIVATE_KEY_FILE})"

Dockerfile

FROM golang:1.11-alpine3.8 as build

# Pass the SSH_PRIVATE_KEY as an ARG
ARG SSH_PRIVATE_KEY
RUN mkdir /root/.ssh/ \
&&  echo "${SSH_PRIVATE_KEY}" > /root/.ssh/id_rsa \
&&  chmod 400 /root/.ssh/id_rsa \
&&  touch /root/.ssh/known_hosts \
&&  apk add --update \
    openssh-client \
    git \
&&  git config --global --add url."git@github.com:".insteadOf "https://github.com/" \
&&  ssh-keyscan github.com >> /root/.ssh/known_hosts \
&&  go get golang.org/x/tools/cmd/godoc

# Organization projects in a separate layer.
RUN go get \
    github.com/organization/project1 \
    github.com/organization/project2

# Separate build stage to not leak the SSH key.
FROM golang:1.11-alpine3.8
COPY --from=build /go/bin /go/bin
# Copying only the organization repos.
COPY --from=build /go/src/github.com/organization /go/src/github.com/organization

EXPOSE 8080
CMD ["godoc", "-http", ":8080"]