Allow passing secret enviroment variables to build #1703
Comments
|
The first part is implemented in master #1534 . for second use |
|
Did not know about #1534, thanks! But I still think it'd be nice not to have to use |
|
@tonistiigi @rittneje is this part of the BuildKit feature of Docker CLI? If so, it isn't mentioned in the documentation. |
|
As I understand it, this feature is only present in master and has yet to be officially released. |
|
@tonistiigi @rittneje appreciate if so, appreciate if you could confirm when this feature will be available with Docker. |
|
was vendored into docker cli in docker/cli#2656 |
|
@tonistiigi : Would you be able to let us know whether you have any idea of merging this to 19.03 branch so that it will be available in 19.03.x release ? |
|
@hasinthaindrajee probably will not happen as the next release is already in beta. |
|
It would be really nice if |
|
Perhaps I was looking in the wrong place, but is |
|
@lindhe I'd say you are looking in the wrong place, I went to the Dockerfile reference which says if you're using BuildKit, then look at the BuildKit reference, but it's not documented there either. So as far as I can tell.. it's entirely undocumented. @tonistiigi can you confirm? |
Currently, you can pass file-based secrets to
docker buildvia--secretandRUN --mount. However, often our secrets are actually environment variables, such as a username and password. We can work around this limitation by writing the environment variable to some file, passing that file a secret, mounting it in theRUNstep, and then reading the file into an environment variable. However, this is very awkward.I think it would be better if these environment variables could be passed in directly as secrets. Something like this:
RUN --env=USERNAME --env=PASSWORD ...(These flag names are just for demonstration purposes. I am open to whatever names you think would make the most sense.)
The text was updated successfully, but these errors were encountered: