Rootless docker importing keys

Is there anyway to inject keys into the studio without resorting to volume mounts?

This is the scenario I am running into:

  1. I am running Gitlab-Runners inside a Docker Executor.
  2. I spin up an image with hab cli and docker cli.
  3. I run this inside the Docker Executor
export HAB_ORIGIN=ci
hab origin key generate "${HAB_ORIGIN}"
hab studio -D --no-tty run 'source .studiorc-ci && build /path/to/'
  1. I am presented with this error:
   hab-studio: Importing 'ci' secret origin key
✗✗✗ Crypto error: No revisions found for ci sig key
Error exporting ci key

I did generate the key beforehand. The one problem, I did notice is that the docker --volume mounts are /hab/cache/keys from the base host where the docker sock was originally created. Not from within the gitlab runner docker executor …

So now I’m at a loss on how I can inject this without resorting to any volume mounts.

Btw I think I’m doing this Gitlab Runner in a Docker container to spin up Habitat in a Docker container the wrong way. Even if I solve the key issue, I still have to volume mount my source code into that new container to build the plan.

I think I read somewhere that these rootless hab studios were intended for K8s and Container environments — now I’m not so sure if this is possible as it currently is.

If I was able to spin up my own Docker sock and share that with the new container that would be one way. Although I think that also seems bad too.