#Mount secret as env variable in container

1 messages · Page 1 of 1 (latest)

steel parcel
#

I would like to mount some secrets as plaintext env variables in a container. What is the best way to do that? I have tried with with_secret_variable, but the variable is still a secret in the container.

Is this the best way to go?

dag.container()
# .with_secret_variable(name="SINGULARITY_DOCKER_USERNAME", secret=username)
# .with_secret_variable(name="SINGULARITY_DOCKER_PASSWORD", secret=password)
.with_env_variable(
    name="SINGULARITY_DOCKER_USERNAME", value=await username.plaintext()
)
.with_env_variable(
    name="SINGULARITY_DOCKER_PASSWORD", value=await password.plaintext()
)
brazen knot
#

@steel parcel with_secret_variable is the way to go

#

Dagger won't print the content of the variable in the UI for security reasons, but your commands will be able to access the plaintext value of the secret by reading the ENV_VAR