Getting secrets as ENV variables inside container

mhumeSF · March 16, 2018, 5:00pm

I think I’m taking one too many steps to do this, but I have 5 secrets I want to set as environment variables inside the container.

.drone.yml

pipeline:
  # Node image that builds node_modules, api, and single page web
  build:
    image: plugins/docker
    build_args_from_env:
      - one
      - two
      - three
      - four
      - five
    secrets:
      - one
      - two
      - three
      - four
      - five
 ...

And then in my Dockerfile I have:

FROM alpine

ARG ONE
ENV ONE $ONE
ARG TWO
ENV TWO $TWO
ARG THREE
ENV THREE $THREE
ARG FOUR
ENV FOUR $FOUR
ARG FIVE
ENV FIVE $FIVE

bradrydzewski · March 16, 2018, 5:18pm

I think build_args_from_env need to be capitalized, since all secrets are passed to the plugin as uppercase environment variables.

mhumeSF · March 16, 2018, 5:33pm

Oh, I think this is working as is, but wanted to confirm this was the most terse way of writing this

bradrydzewski · March 16, 2018, 5:40pm

Yes, that is the correct syntax. The system will not automatically pass secrets or environment variables to the docker build process, so you need to enumerate which secrets are exposed, just like you are doing.

mhumeSF · March 16, 2018, 6:04pm

Thanks for confirming!

Topic		Replies	Views
Docker build_args_from_env printed with plugins/docker 0.8 Drone Support	9	2322	September 16, 2019
Drone doesn't read the secrets setting as the environment variables Drone Support	2	1634	February 8, 2020
Passing Secrets as Build Arguments, plugins/Docker Drone Support	3	4994	January 21, 2019
[solved] Docker: build_args_from_env from secrets Drone Support	1	1037	December 13, 2020
Passing build-args to docker from secrets [v0.8.6] Drone Support	1	814	June 20, 2019

Getting secrets as ENV variables inside container

.drone.yml

Related topics