I am providing poetry authentication using build secrets but it's not getting mounted to the environment, I copied and modified the example from the docker documentation.
export DOCKER_BUILDKIT=1
docker build \
--secret id=poetry_johndoe_auth_username,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME \
--secret id=poetry_johndoe_auth_password,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_PASSWORD \
-t example:latest .
In the dockerfile I am mounting to environment
RUN --mount=type=secret,id=poetry_johndoe_auth_username,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME \
--mount=type=secret,id=poetry_johndoe_auth_password,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_PASSWORD \
pip install -r /tmp/requirements.txt
The CI is returning following error
Dockerfile:17
--------------------
16 |
17 | >>> RUN --mount=type=secret,id=poetry_johndoe_auth_username,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME \
18 | >>> --mount=type=secret,id=poetry_johndoe_auth_password,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_PASSWORD \
19 | >>> pip install -r /tmp/requirements.txt
20 |
--------------------
ERROR: failed to solve: unexpected key 'env' in 'env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME'
I am providing poetry authentication using build secrets but it's not getting mounted to the environment, I copied and modified the example from the docker documentation.
export DOCKER_BUILDKIT=1
docker build \
--secret id=poetry_johndoe_auth_username,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME \
--secret id=poetry_johndoe_auth_password,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_PASSWORD \
-t example:latest .
In the dockerfile I am mounting to environment
RUN --mount=type=secret,id=poetry_johndoe_auth_username,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME \
--mount=type=secret,id=poetry_johndoe_auth_password,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_PASSWORD \
pip install -r /tmp/requirements.txt
The CI is returning following error
Dockerfile:17
--------------------
16 |
17 | >>> RUN --mount=type=secret,id=poetry_johndoe_auth_username,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME \
18 | >>> --mount=type=secret,id=poetry_johndoe_auth_password,env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_PASSWORD \
19 | >>> pip install -r /tmp/requirements.txt
20 |
--------------------
ERROR: failed to solve: unexpected key 'env' in 'env=POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME'
1 Answer
Reset to default 1Dockerfile's RUN --mount=type=secret does not support the env option in Dockerfiles.
You must read the secrets of your run command and assign them to docker ENVs via export.
Your DOCKER RUN command should look something like:
RUN --mount=type=secret,id=poetry_johndoe_auth_username \
--mount=type=secret,id=poetry_johndoe_auth_password \
export POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME=$(cat /run/secrets/poetry_johndoe_auth_username) && \
export POETRY_HTTP_BASIC_JOHNDOE_GITLAB_PASSWORD=$(cat /run/secrets/poetry_johndoe_auth_password) && \
pip install -r /tmp/requirements.txt
If you require them to be in .bashrc, you could:
RUN --mount=type=secret,id=poetry_johndoe_auth_username \
--mount=type=secret,id=poetry_johndoe_auth_password \
USERNAME="$(cat /run/secrets/poetry_johndoe_auth_username)" && \
PASSWORD="$(cat /run/secrets/poetry_johndoe_auth_password)" && \
echo "export POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME='$USERNAME'" >> /root/.bashrc && \
echo "export POETRY_HTTP_BASIC_JOHNDOE_GITLAB_PASSWORD='$PASSWORD'" >> /root/.bashrc && \
pip install -r /tmp/requirements.txt
As all secrets are stored as files, just reading themand exporting them should do the job. Something like
cat /run/secrets/poetry_johndoe_auth_username -> write to ENV -> POETRY_HTTP_BASIC_JOHNDOE_GITLAB_USERNAME