Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proposal: Support secrets mounted as files #579

Closed
vladaionescu opened this issue Dec 4, 2020 · 4 comments
Closed

Proposal: Support secrets mounted as files #579

vladaionescu opened this issue Dec 4, 2020 · 4 comments
Assignees
@alexcb
Labels
help:feedback-requested Issue requests feedback type:proposal A proposal for a new feature
Projects
Roadmap (deprecated, please use the c...

Comments

@vladaionescu
Copy link
Member

Currently secrets are env vars in Earthly. There are many situations where files are preferable.
@vladaionescu vladaionescu added the type:proposal A proposal for a new feature label Dec 4, 2020
@vladaionescu vladaionescu mentioned this issue Dec 4, 2020
Closed
@vladaionescu vladaionescu added the help:feedback-requested Issue requests feedback label Dec 5, 2020
@alexcb
Copy link
Collaborator

alexcb commented Dec 22, 2020

This is being worked on in #654

@alexcb
Copy link
Collaborator

alexcb commented May 4, 2021

Here's a working example of this:

Earthfile:

FROM alpine:latest

mytarget:
    RUN --mount type=secret,id=+secrets/key,target=/mykey echo "the secret key is $(cat /mykey)"

example run:

$ earthly --no-cache --secret key="cret cret cret cret cret" +mytarget
           buildkitd | Found buildkit daemon as docker container (earthly-buildkitd)
       alpine:latest | --> Load metadata linux/amd64
               +base | --> FROM alpine:latest
               +base | [██████████] resolve docker.io/library/alpine:latest@sha256:69e70a79f2d41ab5d637de98c1e0b055206ba40a8145e7bddb55ccc04e13cf8f ... 100%
           +mytarget | --> RUN echo "the secret key is $(cat /mykey)"
           +mytarget | the secret key is cret cret cret cret cret
              output | --> exporting outputs
              output | [██████████] sending tarballs ... 100%
=================================== SUCCESS ====================================

@alexcb alexcb closed this as completed May 4, 2021
@vladaionescu
Copy link
Member Author

Wonder if such an example should be shown in our docs somewhere too.

@vladaionescu
Copy link
Member Author

Needs docs

@vladaionescu vladaionescu reopened this Oct 25, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alexcb alexcb

Labels
help:feedback-requested Issue requests feedback type:proposal A proposal for a new feature
Projects
No open projects
Roadmap (deprecated, please use the c...
GA
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vladaionescu @alexcb