- β¦
Original video by Nick Janetakis:
Avoid leaking build-time secrets in your Docker images such as API keys or tokens.
Hit the subscribe button to receive more videos like this!
REFERENCE LINKS
---------------------------------------------------
βΊ https://nickjanetakis.com/blog/mount-secure-build-time-secrets-with-docker-and-docker-compose
COURSES
---------------------------------------------------
Courses Iβve created that focus on web dev and deployment topics.
βΊ https://nickjanetakis.com/courses/
THE TOOLS I USE / GEAR
---------------------------------------------------
βΊ https://nickjanetakis.com/blog/the-tools-i-use
FOLLOW ME ELSEWHERE
---------------------------------------------------
βΊ Twitter: https://twitter.com/nickjanetakis
βΊ GitHub: https://github.com/nickjj
TIMESTAMPS
---------------------------------------------------
0:00 β Intro
0:37 β A couple of use cases
1:43 β An insecure way with build ARGs
6:14 β Make sure BuildKit is enabled
6:49 β Mounting a secure env variable secret
11:26 β Does it actually work?
14:04 β Passing it as an env var for a command
15:12 β Adding multiple secrets
16:02 β Mounting files instead of env vars
18:43 β Using Docker Compose for secret env vars
23:13 β Using Docker Compose for secret files and configs