Railway up using stale version of Dockerfile
gustavovalverde
FREEOP

3 months ago

I've been deploying new versions of my Dockerfiles and no matter the changes I do, when I use; for examle railway up apps/web --path-as-root --service web it just reuses whatever previous version of the Dockerfile I had, and it doesn't use the latest changes of my local Dockerfile. It seems to be doing a very aggresive caching somehow.

Project: a86ddee5-5f77-4b8c-aad3-6100e3b7575e

This is an example

I removed the caching, re-deploy and it stills complains about that line

Using NO_CACHE=1 did not solve this

Solved

22 Replies

gustavovalverde
FREEOP

3 months ago

This is an example

I removed the caching, re-deploy and it stills complains about that line


3 months ago

Hey there <:salute:1137099685417451530>

I believe this is why it's failing https://github.com/gustavovalverde/zentity/blob/feat/web3-fhevm-integration/apps/web/Dockerfile#L81


3 months ago

Railway only supports --mount=type=cache


3 months ago

The error message could be better, but I think that's the problem.


gustavovalverde
FREEOP

3 months ago

Oh, I previously had issues with bind mounts, I did not realize that there was also an issue with secrets. So it's basically that the only supported ones are cache (and only with the specific Railway format).


3 months ago

If you enable the Metal Build, it shows a better message:

dockerfile invalid: flag '--mount=type=secret,id=better_auth_secret,required=true' is missing a type=cache argument (other mount types are not supported) at Line 56

1453748262908592000


3 months ago

That's correct


gustavovalverde
FREEOP

3 months ago

Thank you @CrisOG!!


3 months ago

Glad to help <:salute:1137099685417451530>


3 months ago

!s


Status changed to Solved crisog 3 months ago


3 months ago

Sorry I closed this too early. Let me know if this works!


gustavovalverde
FREEOP

3 months ago

My remaining question is if Railway supports build time secrets for Dockerfiles


3 months ago

Yes it does


gustavovalverde
FREEOP

3 months ago

That specific approach to mount the secret is to avoid the secret being part of the build history, and thus avoiding someone using docker inspect and being able to view it afterwards. So maybe my remaining option is just having a Dockerfile.railway specifically to deploy to Railway; if I'm understanding correctly


3 months ago

We only support environment variables at build time via ARG


gustavovalverde
FREEOP

3 months ago

Then using secrets through an environment variable is only supported in an unsecure way; considering the --mount=type=secret is not supported.


3 months ago

I understand the concern, and you would be right about it being insecure, but only if you hosted your image on a service like ghcr or Dockerhub, but we are building your image on our build machines and storing it in our private registry that only our machines that run your workloads have access to.


gustavovalverde
FREEOP

3 months ago

Yes, I do understand that. That's I stated that the workaround for Railway seems to be using an additional Dockerfile (Dockerfile.railway); considering that this image will also be published in other registries.


3 months ago

Yep that would be the best approach.


gustavovalverde
FREEOP

3 months ago

Perfect. Thank you both!


3 months ago

No problem! anything else I can help with?


gustavovalverde
FREEOP

3 months ago

All good.


Loading...