We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Description
When building with a secret, that secret is empty if an environment variable exists with a name matching the id of the secret.
Steps to reproduce the issue:
Dockerfile
FROM busybox RUN --mount=type=secret,id=FOO \ echo $FOO && \ ls -al /run/secrets && \ echo -n "/run/secrets/FOO is: " && \ cat /run/secrets/FOO && \ echo ""
echo -n "SECRET" >bar
$ env -u FOO buildah build --secret "id=FOO,src=bar" . STEP 1/2: FROM busybox STEP 2/2: RUN --mount=type=secret,id=FOO echo $FOO && ls -al /run/secrets && echo -n"/run/secrets/FOO is: " && cat /run/secrets/FOO && echo "" total 4 drwxr-xr-x 1 root root 6 Jan 18 20:11 . drwxr-xr-x 1 root root 40 Jan 18 20:11 .. -r-------- 1 root root 7 Jan 18 20:11 FOO /run/secrets/FOO is: SECRET COMMIT
FOO=ABCD buildah build --secret "id=FOO,src=bar" . STEP 1/2: FROM busybox STEP 2/2: RUN --mount=type=secret,id=FOO echo $FOO && ls -al /run/secrets && echo -n "/run/secrets/FOO is: " && cat /run/secrets/FOO && echo "" total 0 drwxr-xr-x 1 root root 6 Jan 18 20:13 . drwxr-xr-x 1 root root 40 Jan 18 20:13 .. -r-------- 1 root root 0 Jan 18 20:13 FOO /run/secrets/FOO is: COMMIT
Output of rpm -q buildah or apt list buildah:
rpm -q buildah
apt list buildah
$ readlink (which buildah) /nix/store/b9x0ibs6p4ylqkng007z0wv36b7vd24s-buildah-wrapper-1.33.2/bin/buildah
Output of buildah version:
buildah version
buildah version Version: 1.33.2 Go Version: go1.21.5 Image Spec: 1.1.0-rc.5 Runtime Spec: 1.1.0 CNI Spec: 1.0.0 libcni Version: v1.1.2 image Version: 5.29.0 Git Commit: Built: Mon Dec 31 20:00:00 1979 OS/Arch: linux/amd64 BuildPlatform: linux/amd64
Output of podman version if reporting a podman build issue:
podman version
podman build
Client: Podman Engine Version: 4.8.3 API Version: 4.8.3 Go Version: go1.21.5 Built: Mon Dec 31 20:00:00 1979 OS/Arch: linux/amd64
Output of cat /etc/*release:
cat /etc/*release
DISTRIB_CODENAME=uakari DISTRIB_DESCRIPTION="NixOS 24.05 (Uakari)" DISTRIB_ID=nixos DISTRIB_RELEASE="24.05" LSB_VERSION="24.05 (Uakari)" BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues" BUILD_ID="24.05.20240117.842d9d8" DOCUMENTATION_URL="https://nixos.org/learn.html" HOME_URL="https://nixos.org/" ID=nixos LOGO="nix-snowflake" NAME=NixOS PRETTY_NAME="NixOS 24.05 (Uakari)" SUPPORT_URL="https://nixos.org/community.html" VERSION="24.05 (Uakari)" VERSION_CODENAME=uakari VERSION_ID="24.05"
Output of uname -a:
uname -a
Linux build 6.7.0 #1-NixOS SMP PREEMPT_DYNAMIC Sun Jan 7 20:18:38 UTC 2024 x86_64 GNU/Linux
Output of cat /etc/containers/storage.conf:
cat /etc/containers/storage.conf
cat /etc/containers/storage.conf [storage] driver = "overlay" graphroot = "/var/lib/containers/storage" runroot = "/run/containers/storage"
The text was updated successfully, but these errors were encountered:
@ashley-cui any thoughts?
Sorry, something went wrong.
Might be a bug? I'll take a look
A friendly reminder that this issue had no activity for 30 days.
ashley-cui
No branches or pull requests
Description
When building with a secret, that secret is empty if an environment variable exists with a name matching the id of the secret.
Steps to reproduce the issue:
Dockerfile
using a secretOutput of
rpm -q buildah
orapt list buildah
:Output of
buildah version
:Output of
podman version
if reporting apodman build
issue:Output of
cat /etc/*release
:Output of
uname -a
:Output of
cat /etc/containers/storage.conf
:The text was updated successfully, but these errors were encountered: