1

I have a service that sends emails. I'd rather not to keep my Gmail password in any file. After googling I found that I can provide environment variables to the containers with --build-arg param while building them.

The Dockerfile file

FROM node:latest
ARG buildtime_variable=default_value
ENV env_var_name=$buildtime_variable
...
CMD [ "node", "dist/server.js" ]

The build command

$ docker build --build-arg buildtime_variable=new_value .

List environment variables in running container

$ docker exec app env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=38dd21dbeda3
NODE_VERSION=11.10.0
YARN_VERSION=1.13.0
env_var_name=default_value
HOME=/root

Why as a result the env_var_name still equal to default_value or how I can inject the new_value to the container?

Thanks a lot for each answer!

Simon Borsky
  • 4,979
  • 2
  • 22
  • 20
  • 3
    `--build-arg` should cause whatever string is passed into it to be persisted in the image forever, and it can be fairly easily retrieved via `docker history`. It’s not the answer you’re looking for. – David Maze Feb 25 '19 at 19:30
  • 1
    The two usual answers are to inject an environment variable with `docker run -e`, or to put it in a config file injected with `docker run -v`. Both will leave bread crumbs that are visible to other users with root-level access, including anyone who can run any Docker command. There are more serious/involved/complex/secure answers too. – David Maze Feb 25 '19 at 22:05

1 Answers1

2

Just use the docker-compose instead of docker command:

docker-compose build --build-arg buildtime_variable=new_value <container name>

Enjoy!

Simon Borsky
  • 4,979
  • 2
  • 22
  • 20