Closed ikorolev93 closed 5 years ago
Issue-Label Bot is automatically applying the label bug
to this issue, with a confidence of 0.86. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!
Links: app homepage, dashboard and code for this bot.
--build-arg
is not intended to provide secret. Build-arg values are also visible via docker history
.
The right way is to port over docker build --secret
--build-arg is not intended to provide secret. Build-arg values are also visible via docker history.
I guess you are right, although it's not a problem in my case, since I use multi-stage Dockerfile, and only last stage history is saved. But of course, implementing --secret
would be awesome.
Dockerfile
:img build --build-arg SECRET=foo123 -t my-image .
: (notice howfoo123
is visible in the output)For comparison,
docker build --build-arg SECRET=foo123 -t my-image .
: