Feature request: Set environment variables in the build settings

[JesseTG]

No specific bugs, but I'd like to be able to set secret environment variables that are used in the singularity build process. This way, I can use Singularity Hub to build Singularity images that rely on privately-hosted registries like Nvidia GPU Cloud.

[vsoch]

I'm definitely open to ideas, but I can't be in the business of managing user secrets, it's too risky. Here is some thinking: https://medium.com/poka-techblog/the-best-way-to-store-secrets-in-your-app-is-not-to-store-secrets-in-your-app-308a6807d3ed

If you have ideas about how this might be done, I definitely want to help! My first thought is that it would be more logical to have this managed by a third party service (so shub isn't responsible) and then have it added as a plugin to the open source singularity registry, which we would plan to have take over for shub to allow this kind of thing.

[JesseTG]

The article makes some good points. It describes a third-party service, right? Why not use it?

[vsoch]

If you have an idea for how to do this and would like to PR to Singularity Registry with this feature, it would be a great addition for sure! --> https://github.com/singularityhub/sregistry

[JesseTG]

Would you then splice an implementation into Singularity Hub some how?

[vsoch]

I'd like to add builder "plugins" to Singularity Registry (Google Cloud being one of them), and have Singularity Registry replace Singularity Hub.

[vsoch]

If you want to open an issue on the sregistry repo there are lay down a (rough) plan, I'd be happy to get started working on this with you. :)

[vsoch]

Closing here, this issue belongs with sregistry. Singularity Hub is not in a position to serve private environment variables anytime soon.