GoogleCloudPlatform / cloud-code-vscode

Cloud Code for Visual Studio Code: Issues, Documentation and more
Other
420 stars 112 forks source link

Support mounting Docker build-time secrets #848

Open joshtemple opened 1 year ago

joshtemple commented 1 year ago

Use case I need to mount my application default credentials as a Docker secret at build time so I can use the Artifact Registry keyring helper to install private Python packages from Artifact Registry when building my image.

To do this with plain Docker at the terminal, I mount my application default credentials as a Docker build secret:

docker build . \
    --secret id=google_application_credentials,src=/Users/me/.config/gcloud/application_default_credentials.json

However, I don't see any way to do this with Cloud Code in VSCode or otherwise.

It seems skaffold.yaml already supports the secrets argument, but it doesn't seem that the skaffold init command being run in the background has a documented way to pass to the secrets part of the Skaffold config.

Feature Enable passing a secret from launch.json, through skaffold.yaml so it will work with the Cloud Run emulation.

davidponder commented 1 year ago

Hello!

Thanks for submitting this feature request; I've triaged and added some labels so we can hop on it ASAP!

Thanks! David

michaelk-kipnis commented 6 months ago

Hey @davidponder,

Is there any update on this one? maybe a workaround?

Thanks, Michael.