I follow this example https://github.com/dagger/dagger/pull/5661 but i am not able to make it works
#Dockerfile mount secret does not work anymore
signal scarab
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
// initialize Dagger client
defer dag.Close()
sshKey, ok := os.LookupEnv("SSH_KEY")
if !ok {
panic(errors.New("key SSH_KEY not found"))
}
_, err := dag.Container().Build(dag.Host().Directory("./data"), dagger.ContainerBuildOpts{
Secrets: []*dagger.Secret{dag.SetSecret("ssh-key", sshKey)},
}).Sync(ctx)
if err != nil {
t.Error(err)
}
}```
FROM golang:1.19-bullseye
RUN --mount=type=secret,id=ssh-key cat /run/secrets/ssh-key```
lime olive
```func TestTrySecret(t *testing.T) {
ctx, cancel := context.WithCancel(cont...
did the same code work on an earlier version of Dagger?
signal scarab
Not sure but reading this issue[https://github.com/dagger/dagger/issues/5242] i suppose yes
signal scarab
did the same code work on an earlier version of Dagger?
With version v0.9.10 surely works
The latest working version is v0.9.11
proven crane
๐ this still works in the latest version. There's currently an issue which doesn't display the output of the Dockerfile builds https://github.com/dagger/dagger/issues/7113 but secrets are effectively passed to your docker builds
cc @signal scarab
signal scarab
๐ this still works in the latest version. There's currently an issue which doe...
Are you sure? With 0.11.5 i get file not found
proven crane
Are you sure? With 0.11.5 i get file not found
I'm quite positive, let me try an example ๐
signal scarab
I'm quite positive, let me try an example ๐
I have opend an issue: https://github.com/dagger/dagger/issues/7522; you can find an usable project linked
proven crane
I have opend an issue: https://github.com/dagger/dagger/issues/7522; you can fin...
thx, checking this in a bit ๐
proven crane
just did a quick test using the SDK and it effectively seems to not work. cc @plush stratus
I'll try if using module is the same thing a bit later ๐
signal scarab
Ok, thank you
proven crane
@signal scarab think I just found the issue. Can you try removing the # syntax=docker/dockerfile:1.4 and see if that helps please?
found a test in the engine that's actually testing the secrets feature here: https://github.com/dagger/dagger/blob/main/core/integration/directory_test.go#L861-L877
after trying a bit, I could make it work by removing that #syntax directive in your Dockerfile
It's something we should fix since it should work with that directive regardless. Would you mind updating the issue if you can validate that removing that line actually fixes your issue please ๐ ?
signal scarab
It's something we should fix since it should work with that directive regardless...
Ok, it works, i changed the issue. Do you have an idea on how to resolve actual issue?
proven crane
Ok, it works, i changed the issue. Do you have an idea on how to resolve actual ...
I think I do. Probably @plush stratus has better understanding what needs to be changed given that he knows the buildkit codebase better.
Justin, TL;DR. Seems like Dagger's Dockerfile (dockerfile.v0 buildkit frontend) support seems to misbehave if your dockerfile has directives. Skimming at the buildkit code I found this: https://github.com/moby/buildkit/blob/03d2f9fc4074ea8bf36cea2db8d0829f5442864b/frontend/dockerfile/builder/build.go#L60 which IIUC, seems to forward the docker build to the gateway.v0 FE if the Dockerfile has any directives?
Just verifying if Dagger should be doing the same thing
plush stratus
Sorry, yeah this sounds like something is wrong with the secret translation layer we have