features: getting ssh-add -l : error fetching identities: communication with agent failed (from within devcontainer with common-utils/docker-from-docker)

I read an issue about gpg-agent forwarding not working. In that issue there was discussion that the agent used was the incorrect one. Basically, when using remote + devcontainer the “local” or the “remote” agent can be use by the container to connect to.

In my case, the keys are at my “remote” agent. My windows “ssh-agent” was not even running.

I then started my windows ssh-agent and the output of the ssh-add -l changed to “The agent has no identities”.

So I think the issue I am having here is that the devcontainer internal ssh-agent forward system is connecting to the local Windows vscode ssh-agent when in my case I would like it to connect to my remote linux ssh-agent which has the SSH key…

For now I think I could just add the key in my windows and it will work, but I would like to have some control on which agent, local or remote the ssh-agent within my devcontainer connects to in that scenario.

https://github.com/microsoft/vscode-remote-release/issues/7814

it is my understanding that the feature docker-from-docker adds the bind and entrypoint statements, as such I do not need to.

I did the following modification based on your comments:

devcontainer.json:

{
    "dockerComposeFile": "docker-compose.yml",
    "service": "krypton-c-env",
    "workspaceFolder": "/work/libaos",
    "shutdownAction": "stopCompose",
    "remoteUser": "aos-dev",
    "remoteEnv": {
        "LOCAL_WORKSPACE_FOLDER": "${localWorkspaceFolder}"
    },
    "features": {
        "ghcr.io/devcontainers/features/common-utils:1": {
            "username": "aos-dev",
            "uid": "10000",
            "gid": "10001",
            "installZsh": false,
            "installOhMyZsh": false,
            "upgradePackages": true,
            "nonFreePackages": false
        },
        "ghcr.io/devcontainers/features/docker-from-docker:1": {

        }
    },
    "postCreateCommand": "conan profile detect && ./build.sh",
    "extensions": [
        "atlassian.atlascode", "ms-vscode.cpptools", "numaru.vscode-ceedling-test-adapter",
        "twxs.cmake", "ms-azuretools.vscode-docker", "ms-vscode.cpptools-extension-pack",
        "ban.troff", "SonkengMaldini.conanlight", "afri-bit.vsconan",
        "ryanluker.vscode-coverage-gutters"
    ]
}

docker-compose.yml

version: '3'
services:
  krypton-c-env:
    build: .

    init: true
    privileged: true
    
    # Mounts the project folder to '/workspace'. While this file is in .devcontainer,
    # mounts are relative to the first file in the list, which is a level up.
    volumes:
    - ${LOCAL_WORKSPACE_FOLDER:-../}:/work/libaos

    # [Optional] Required for ptrace-based debuggers like C++, Go, and Rust
    cap_add:
      - SYS_PTRACE
    security_opt:
      - seccomp:unconfined

#    user: aos-dev
    command: sleep infinity

Dockerfile

FROM ubuntu:20.04

# Enable new "BUILDKIT" mode for Docker CLI
ENV DOCKER_BUILDKIT=1

# Remove apt-get prompt for timezone
ENV TZ=America/Los_Angeles
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

RUN export DEBIAN_FRONTEND=noninteractive \
    && apt-get update && apt-get install -y --no-install-recommends \
        build-essential \
        git \
        ruby \
        bash-completion \
        wget \
        ca-certificates \
        python3-pip \
        clang-tidy \
    # Clean up
    && apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/* /tmp/library-scripts/

# Install kitware repo to get latest CMake (required wget)
RUN wget -qO /etc/apt/trusted.gpg.d/kitware-key.asc https://apt.kitware.com/keys/kitware-archive-latest.asc \
    && echo "deb https://apt.kitware.com/ubuntu/ focal main" | tee /etc/apt/sources.list.d/kitware.list \
    export DEBIAN_FRONTEND=noninteractive \
    && apt-get update && apt-get install -y --no-install-recommends \
        cmake \
    # Clean up
    && apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/* /tmp/library-scripts/

# Install ninja to get fast build
RUN wget -qO /usr/local/bin/ninja.gz https://github.com/ninja-build/ninja/releases/latest/download/ninja-linux.zip \
    && gunzip /usr/local/bin/ninja.gz \
    && chmod a+x /usr/local/bin/ninja

# Install ceedling (required ruby) to run automated tests
RUN gem install ceedling

# Install conan
RUN pip install conan==2.0.0b6

Hi,

I have renamed the options in my devcontainer.json file but I still, see the same problem. If I create a file, I do see the correct uid/gid assigned to it.

Yet thanks for this info, I had failed to notice the change in the option keyword.