dockerbuilddockerfiledocker-secrets

How to mount secret file in docker image build & use variable from secret file in Dockerfile to authenticate a command?


Can someone please provide an example of the following command:

DOCKER_BUILDKIT=1 docker build --secret:id=mysecret,src=/local/secret ...

I don't know how to access the variables from secret file after mounting.

For example: I want to set Proxy using the secret passed and run an install command


Solution

  • Your secret would be mounted as /run/secrets/mysecret which can be accessed using the cat command. The RUN command might look something like below:

    RUN --mount=type=secret,id=mysecret \
        cat /run/secrets/mysecret
    

    A more complete example below:

    FROM node:16
    
    WORKDIR /app
    
    RUN --mount=type=secret,id=USERNAME \
        cat /run/secrets/USERNAME > /app/username.txt
    
    DOCKER_BUILDKIT=1 docker build --secret id=USERNAME,src=username.txt -t node:16-secret .
    
    docker run --rm -it node:16-secret cat username.txt
    

    You can refer this answer for an example of using the mounted secret in a curl command