-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨ Add support to secret env #110
✨ Add support to secret env #110
Conversation
I was wondering what we were going to do in docker/build-push-action. Perhaps you were thinking of a new |
Yes @crazy-max, a new input option must be created. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM thanks
Thanks @crazy-max. |
@vinicius73 Updated the toolkit on build push action repo docker/build-push-action#875 if you're willing to contribute for the follow-up 🙏 |
@vinicius73 I was wondering why you could not use the -
name: Build
uses: docker/build-push-action@v4
with:
context: .
secrets: |
"AWS_ACCESS_KEY_ID=${{ env.AWS_ACCESS_KEY_ID }}" |
Hi @crazy-max, unfortunately I don't have direct access to the action. I am only able to pass some arguments to this workflow, and inside that it will call docker build action with my arguments. Inside my dockerfile I must use the aws credentials, that credentials are loaded in runtime in a previous step. Because of that I can't pass a environment variable as secret argument. |
Then how do you set secrets when calling this reusable workflow? |
The AWS creadentials are dinamic and generated with https://github.com/aws-actions/configure-aws-credentials |
Sure but it still needs to be specified in our action that you want to use envs as secrets. Can you post your workflow please? |
Allow to use environment variables as secret during docker build.
Eventually we need pass some environment variables to docker build to allow interactions with dynamic sources like AWS.
Those environment variables are avaible after some previous github actions steps, like
configure-aws-credentials
I use the docker/build-push-action action in a very strict environment, is encapsulated by other actions who I don't have access directly.
This change (and another change in build-push-action) will unlock this limitation and solve the problem.