FeatureRequest: Use docker variables for managing services #482
Comments
rdxmb
changed the title
|
There are 2 different things here:
|
|
I just learned about build-args and I agree that it was very complicated and not terribly helpful. The dockerfile must "opt-in" to accept build args, which is mentioned in the documentation but not easy to notice. This was not obvious for me and I wasted an hour trying to figure out why my build args were not having any effect. There's little advantage that I can see from just putting "ENV FOO bar" directly in the dockerfile. (My use case, I was trying to provide an SSH private key for building against private gems. Turns out that build args are preserved in docker history, which is great for reproducibility, but how exactly does one get secrets into a build and not leak them into the image?) |
|
There's no way to store secrets in the image without them being accessible. |
|
You can't, that's pretty clear in retrospect |
|
In openshift, it's actually different! There is a build and buildconfig primitive |
At the moment, the existing of e.g. SSH is hard-coded in https://github.com/phusion/baseimage-docker/blob/master/image/buildconfig . If the service will run or not is defined by the existing of the file
/etc/services/sshd/downThis also means:
--build-arghttps://docs.docker.com/engine/reference/commandline/build/#set-build-time-variables---build-arg has no effect.--build-vars.RUN_SSH=0which could be read by the init-scripts (and move run-scripts from/to /etc/services.disabled) within the init-processes.
The text was updated successfully, but these errors were encountered: