gentle-umbrella-55872
05/10/2024, 10:58 AMmicroscopic-river-74022
05/10/2024, 10:58 AMmicroscopic-river-74022
05/10/2024, 10:59 AM--secret
build argument using Garden, you can use the extraFlags
field in your build specification. Here is an example:
yaml
kind: Build
name: my-build
type: container
spec:
extraFlags:
- --secret=id=my-token,src=./my-token.txt
In this example, my-token
is the ID of the secret, and ./my-token.txt
is the source file containing the secret. This command is equivalent to the Docker command docker build --secret id=my-token,src=./my-token.txt .
.
From your Dockerfile, you can reference the secret like so:
Dockerfile
RUN --mount=type=secret,id=my-token \
set "//<registry>/:_authToken=$(cat /run/secrets/my-token)"
Please note that Kubernetes secrets can only be used at runtime, not as buildArgs
for Docker builds. Also, using secrets as buildArgs
is considered a bad practice and a security risk.
For more information, you can refer to the Garden documentation () on how to add Docker specific flags to the build command.
Sources:
- Github Issue (open): [FEATURE]: Allow build time secrets ()
- Discord support thread: How to use an SSH Key inside a Dockerfile build on remote cluster-buildkit? ()
- Misc > FAQ > Builds > How do I add Docker specific flags to the build command? ()
----------------------
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
----------------------microscopic-river-74022
05/10/2024, 10:59 AMgentle-umbrella-55872
05/10/2024, 11:07 AMmicroscopic-river-74022
05/10/2024, 11:07 AMmicroscopic-river-74022
05/10/2024, 11:07 AM$HOME
) in the extraFlags
field of the Garden configuration.
Environment variables like $HOME
are not automatically expanded in the Garden configuration. This is because the configuration is defined in YAML, which doesn't support shell-style environment variable expansion.
If you need to reference files in the user's home directory during the build process, you might need to copy those files into the build context directory and reference them from there.
If you have more specific requirements, please provide more details so I can give a more accurate answer.
----------------------
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
----------------------microscopic-river-74022
05/10/2024, 11:07 AMbright-policeman-43626
05/10/2024, 5:38 PMbright-policeman-43626
05/10/2024, 5:40 PMbuild:
targetImage: development
buildArgs:
NPM_TOKEN: ${local.env.NPM_TOKEN}