[SOLVED] Getting "Additional property ssh is not allowed" error when specifying ssh-agent in docker-compose

Issue

I'm trying to build a Python docker image which pip installs from a private repository using ssh. The details of which are in a requirements.txt file.

I've spent a long time reading guides from StackOverflow as well as the official Docker documentation on the subject ...

https://docs.docker.com/develop/develop-images/build_enhancements/#using-ssh-to-access-private-data-in-builds https://docs.docker.com/compose/compose-file/build/#ssh

... and have come up with a Dockerfile which builds and runs fine when using:

$ docker build --ssh default -t build_tester .

However, when I try to do the same in a docker-compose.yml file, I get the following error:

$ docker-compose up

services.build-tester.build Additional property ssh is not allowed

This is the same even when enabling buildkit:

$ COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker-compose up

services.build-tester.build Additional property ssh is not allowed

Project structure

- docker-compose.yml
- build_files
  - Dockerfile
  - requirements.txt
  - app
    - app.py

Dockerfile

# syntax=docker/dockerfile:1.2

FROM python:bullseye as builder

RUN mkdir -p /build/
WORKDIR /build/

RUN apt-get update; \
    apt-get install -y git; \
    rm -rf /var/lib/apt/lists/*

RUN mkdir -p -m 0600 ~/.ssh; \
    ssh-keyscan -H github.com >> ~/.ssh/known_hosts

RUN python3 -m venv env; \
    env/bin/pip install --upgrade pip

COPY requirements.txt .
RUN --mount=type=ssh \
    env/bin/pip install -r requirements.txt; \
    rm requirements.txt

FROM python:slim as runner

RUN mkdir -p /app/
WORKDIR /app/

COPY --from=builder /build/ .
COPY app/ .

CMD ["env/bin/python", "app.py"]

docker-compose.yml

services:
  build-tester:
    container_name: build-tester
    image: build-tester
    build: 
      context: build_files
      dockerfile: Dockerfile
      ssh:
        - default

If I remove ...

ssh:
  - default

... the docker-compose up command builds the image OK but obviously doesn't run as app.py doesn't have the required packages installed from pip.

I'd really like to be able to get this working in this way if possible so any advice would be much appreciated.

Solution

OK - so ended up being a very simple fix... Just needed to ensure docker-compose was updated to version 2.6 on my Mac.

For some reason brew wasn't updating my docker cask properly so was still running a package from early Jan 2022. Seems --ssh compatibility was added sometime between then and now.

Answered By - joel

Answer Checked By - Pedro (WPSolving Volunteer)