[英]Use Github secrets in Dockerfile does not work with Github Actions
I have a Github Action to build image from a Dockerfile located in the same repo with the Github Action.我有一个 Github Action,可以从与 Github Action 位于同一仓库中的 Dockerfile 构建映像。
In the Dockerfile I use sensitive data so I chose to use Github Secrets.在 Dockerfile 中我使用敏感数据,所以我选择使用 Github Secrets。
Here is my Dockerfile:这是我的 Dockerfile:
From python:3.9.5
ARG NEXUS_USER
ARG NEXUS_PASS
RUN pip install --upgrade pip
RUN pip config set global.extra-index-url https://${NEXUS_USER}:${NEXUS_PASS}@<my nexus endpoint>
RUN pip config set global.trusted-host <my nexus endpoint>
COPY ./src/python /python-scripts
ENTRYPOINT [ "python", "/python-scripts/pipe.py" ]
Actions builds an image using this Dockerfile: Actions 使用此 Dockerfile 构建映像:
jobs:
docker:
runs-on: self-hosted
.
.
.
.
.
- name: build
run: |
docker build -t ${GITHUB_REPO} .
Action fails when calling the Github secrets from Dockerfile.从 Dockerfile 调用 Github 机密时操作失败。 What is the proper way to do that?
这样做的正确方法是什么? As you can see I tried to add ARG in Dockerfile but that didn't work as well.
如您所见,我尝试在 Dockerfile 中添加 ARG,但效果不佳。
Is not clear where you are calling secrets from the Dockerfile, BTW you could pass the credentials to the build command using the build-arg flag, like:不清楚您从 Dockerfile 调用机密的位置,顺便说一句,您可以使用 build-arg 标志将凭据传递给构建命令,例如:
docker build \
--build-arg "NEXUS_USER=${{ secrets.NEXUS_USER }}" \
--build-arg "NEXUS_PASS=${{ secrets.NEXUS_PASS }}" \
-t ${GITHUB_REPO} .
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.