Ssh configuration is sometimes not properly copied

[ariep]

The entrypoint script tries to copy ssh configuration from /run/secrets/.ssh to /root/.ssh, but this breaks sometimes.

In my case, the files in /run/secrets/.ssh are mounted from a Kubernetes secret, and known_hosts and id_rsa are not regular files but symlinks to files in a hidden subdirectory:

ls -la /run/secrets/.ssh/
total 4
drwxrwxrwt    3 root     root           120 Jul  2 16:19 .
drwxr-xr-x    4 root     root          4096 Jul  2 16:20 ..
drwxr-xr-x    2 root     root            80 Jul  2 16:19 ..2021_07_02_14_19_51.635251303
lrwxrwxrwx    1 root     root            31 Jul  2 16:19 ..data -> ..2021_07_02_14_19_51.635251303
lrwxrwxrwx    1 root     root            13 Jul  2 16:19 id_rsa -> ..data/id_rsa
lrwxrwxrwx    1 root     root            18 Jul  2 16:19 known_hosts -> ..data/known_hosts

ls -l /run/secrets/.ssh/..2021_07_02_14_19_51.635251303/
total 8
-rw-------    1 root     root          2602 Jul  2 16:19 id_rsa
-rw-------    1 root     root           191 Jul  2 16:19 known_hosts

Now because entrypoint does a cp -r /run/secrets/.ssh/* /root/.ssh, the symlinks are not dereferenced during copying, and the hidden directory ..2021_07_02_14_19_51.635251303 and the hidden symlink ..data are not included in the glob expansion. The result is a couple of broken symlinks in /root/.ssh.

This would be fixed by either dereferencing the symlinks during copying (cp -L), or copying the whole /run/secrets/.ssh directory instead of only its non-hidden contents.

[djmaze]

Sorry for the late reply. I think I would be okay with just copying the whole directory (and adjusting the permissions). Are you able to create a PR for that?