Use environment variables with sensible information in Docker Hub autobuild
Docker Hub has a section in the "Build configurations" section to specify build environment variables:
The problem is that the value of the variable appears in clear text, which makes this mechanism unsuitable for variables holding sensitive information (e.g. passwords).
I was thinking in something similar to the secrets mechanism in GitHub which allow to define variables which value is seen only one time (in the moment of creating them) but can be latter used in GitHub Actions as many times as you want.
Is there a way to define build variables in Docker Hub without showing the value in the interface? Or any other suitable workaround?
Given that it seems there is no solution to this in the dockerhub space, I have opted for the workaround of solving it with a GitAction. Something like this:
name: Publish Docker image (master)
on:
push:
branches:
- master
jobs:
build-and-push:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_TEF_USERNAME }}
password: ${{ secrets.DOCKERHUB_TEF_TOKEN }}
- name: Build Docker image
run: docker build -t telefonicaiot/fiware-orion:latest --build-arg GIT_REV_ORION=master --build-arg REPO_ACCESS_TOKEN=${{ secrets.REPO_ACCESS_TOKEN }} --no-cache -f docker/Dockerfile .
- name: Push Docker image
run: docker push telefonicaiot/fiware-orion:latest
Where secrets.REPO_ACCESS_TOKEN holds the secret that I cannot use at dockerhub.
- Website Swagger api's after Deploying to Docker Desktop not viewable
- Does one need one repository per docker image?
- Docker : exec /usr/bin/sh: exec format error
- Suddenly unable to automatically build docker image from dockerhub stored in bitbucket repo
- Docker push use of closed network connection
- Docker push - net/http: TLS handshake timeout
- docker push error "denied: requested access to the resource is denied"
- denied: requested access to the resource is denied when I try to push my Docker image to my DockerHub repository
- How to login to Docker Hub on the command line?
- Docker Authentication required error when pulling image from dockerhub
- Docker cloud agent - Can I use local image instead of publishing to Docker hub
- Can I build arm32 docker files with dockerhub
- Is there a way to get the Docker Hub username of the current user?
- Error response from daemon: Get "https://registry-1.docker.io/v2/": proxyconnect tcp: dial tcp: lookup proxy.example.com on 8.8.8.8:53: no such host
- Proper way to build a CICD pipeline with Docker images and docker-compose
- How can I increase the amount of available memory available Solr in a Docker container?
- Use environment variables with sensible information in Docker Hub autobuild
- Using jupyterhub/jupyterhub in docker hub get error
- Getting rate limited when trying to create K3D cluster with local registry (registry image pulls from Dockerhub)
- Pulling dockerhub image in github action failing
- DockerHub: sha digest doesn't match
- Dockerhub: listing all available versions of a given image?
- How to determine the Docker image ID for a tag via Docker Hub API?
- buildx failed with: error: cache export feature is currently not supported for docker driver
- Where does docker images pulled from registry gets stored locally?
- Limits on Docker hub for number of repositories
- Docker: How do I pull a specific build-id?
- Why do images like `cloudnativelabs/whats-my-ip` not run on Cloud Run?
- How many docker image we push to one private repository?
- How to create User/Database in script for Docker Postgres