I think we should improve that to help discoverability;
- [ ] Add a "build secrets" or "working with secrets in your builds" tile.
- [ ] Cross-reference the "build secrets" section from both the [`--mount type=secret`](https://docs.docker.com/reference/dockerfile/#run---mounttypesecret), and [`docker build --secret`](https://docs.docker.com/reference/cli/docker/buildx/build/#secret) sections.
- [ ] Consider adding language-specific examples in the "getting started" sections (or elsewhere?), which, for Go, could include details about working with private modules (and provide links to Go's documentation on this as well).
- [ ] Consider adding warnings to sections mentioned above about _NOT_ using `ARG` for secrets (users are still tempting to do so).
- [ ] :question: do we need some "do's / dont's" in the ["security" section](https://docs.docker.com/security/for-developers/access-tokens/)? (also see https://github.com/moby/moby/issues/13490)
thaJeztah
commented
8 months ago
Description
While writing an answer to the discussion above, I noticed that the "build secrets" section is a bit hard to discover;
The "build overview" page has no tile for "secrets", so users will need to discover it from the "building" images navigation:
Neither the
--mount type=secret, nor thedocker build --secretflag cross-references the "build secrets" section.I think we should improve that to help discoverability;