a month ago
Hello all, following the Railway documentation I've configured my project to build from the following Dockerfile:
ARG DOCKER_TAG=latest
FROM rob93c/stickerify:$DOCKER_TAG
ARG STICKERIFY_TOKEN
ARG LOG_LEVEL
ARG CONCURRENT_PROCESSES
ENV STICKERIFY_TOKEN=$STICKERIFY_TOKEN \
LOG_LEVEL=$LOG_LEVEL \
CONCURRENT_PROCESSES=$CONCURRENT_PROCESSESBut this results in a warning issued by Docker:
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "STICKERIFY_TOKEN") (line 3)(https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/)
details: Sensitive data should not be used in the ARG or ENV commands
Given the documentation doesn't mention how to handle secrets inside Dockerfile, I was wondering what's the best practice on Railway.
1 Replies
a month ago
ARG is the only way, we don't support secret mounts for Dockerfiles yet.