[@nx-tools/nx-container:build] `secret-files` option ignores env variables

[tannerleslie]

The secret-files option for @nx-tools/nx-container:build seemingly ignores environment variables.

I have a target defined like

    "docker-build": {
      "dependsOn": ["build"],
      "executor": "@nx-tools/nx-container:build",
      "options": {
        "target": "production",
        "build-args": ["NODE_VERSION"],
        "context": "dist/{projectRoot}",
        "engine": "docker",
        "file": "{projectRoot}/Dockerfile",
        "load": true,
        "secret-files": ["npmrc=$HOME_DIR/.npmrc"],
        "metadata": {
          "images": ["kafka-consumers"],
          "tags": ["type=raw,value=latest"]
        }
      }
    }

and $HOME_DIR is defined in my .env file at the workspace root like

HOME_DIR=/Users/tanner.leslie

But running the target like this results in the error secret file $HOME_DIR/.npmrc not found, not respecting the env variable, and build fails trying to access the secret.

I am using "@nx-tools/nx-container": "^6.0.1" and "nx": "19.2.3"

Not sure if this is a bug or a feature request but I'd love to be able to use this.

[Ribosom]

I have the same problem.

I had a look at the code, and if I understand it correctly interpolate which would do that, is only called if secrets is used and not secret-files.

See:

https://github.com/gperdomor/nx-tools/blob/fb7adcdbf8206fa7c99d0dfed52aae799199c2bc/plugins/nx-container/src/executors/build/engines/docker/buildx.ts#L64-L71

edit: but maybe I am wrong and interpolate does only interpolate things in curly braces and not with $.

[gperdomor]

Hi folks… thank you for reporting this… I will try to take a look during the weekend ❤️

[gperdomor]

@tannerleslie @Ribosom Hi again folks... Try version 6.0.4 please and let me know 🙏🏻

[Ribosom]

@gperdomor Thank you! Worked for me.

[gperdomor]

Perfect, I'm glad to hear that..