Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[pipelines] Provide access to secrets inside Docker builds #10990

Closed
enricopesce opened this issue Oct 20, 2020 · 7 comments
Closed

[pipelines] Provide access to secrets inside Docker builds #10990

enricopesce opened this issue Oct 20, 2020 · 7 comments
Labels
@aws-cdk/pipelines CDK Pipelines library closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2

Comments

@enricopesce
Copy link

enricopesce commented Oct 20, 2020
edited
Loading

❓ Customize the docker build phase

image

I need to implement some environment variables on the DockerAsset stages but these are automatically created by pipelines.

How can I customize these?

Thank you!!
@enricopesce enricopesce added guidance Question that needs advice or information. needs-triage This issue or PR still needs to be triaged. labels Oct 20, 2020
@github-actions github-actions bot added the @aws-cdk/pipelines CDK Pipelines library label Oct 20, 2020
@hoegertn
Copy link
Contributor

Can you elaborate on your use case? What env variables do you need to set?

@enricopesce
Copy link
Author

enricopesce commented Oct 21, 2020
edited
Loading

On the Docker build phase I need to pass credentials to PHP composer tool for downloading private dependencies.

Generally I'm looking for a customization of the build phase for passing the build args.

@hoegertn
Copy link
Contributor

hoegertn commented Oct 21, 2020
edited
Loading

Ok I understand, but building assets and so images should happen in the synth phase, shouldn't it?

Otherwise, this is related to #10999

@enricopesce
Copy link
Author

enricopesce commented Oct 21, 2020
edited
Loading

yes! another problem is the impossibility to retrieve secrets values on the assets build phase

Usually, I used the CodeBuild spec file with the env sequence, but in this scenario, I don't have control of these DockeAssets CodeBuilìd instances.

Thank you

@rix0rrr
Copy link
Contributor

rix0rrr commented Nov 2, 2020

There is currently no way to do that, sorry.

@rix0rrr rix0rrr added effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p1 and removed guidance Question that needs advice or information. labels Nov 2, 2020
@rix0rrr rix0rrr changed the title [pipelines] customized assets phase [pipelines] credentials in build and docker assets Nov 2, 2020
@rix0rrr rix0rrr added this to the [GA] CDK Pipelines milestone Nov 2, 2020
@SomayaB SomayaB removed the needs-triage This issue or PR still needs to be triaged. label Nov 2, 2020
@rix0rrr rix0rrr changed the title [pipelines] credentials in build and docker assets [pipelines] Provide access to secrets inside Docker builds Jan 7, 2021
@rix0rrr rix0rrr added p2 and removed p1 labels Mar 19, 2021
@rix0rrr rix0rrr removed this from the [GA] CDK Pipelines milestone May 7, 2021
@rix0rrr rix0rrr removed their assignment Jun 3, 2021
@github-actions
Copy link

github-actions bot commented Jun 3, 2022

This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

@github-actions github-actions bot added closing-soon This issue will automatically close in 4 days unless further comments are made. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. and removed closing-soon This issue will automatically close in 4 days unless further comments are made. labels Jun 3, 2022
@github-actions github-actions bot closed this as completed Jun 8, 2022
@ulyr
Copy link

ulyr commented Apr 9, 2024
edited
Loading

If you need to do this there's a way
you can pass an environment variable to the asset build stage in the pipeline definition and then pass that environment variable onto the actual docker build that's going to build your containers by using build secrets that take their values from the environment.
kind of a hacky, no so straight forward solution but it works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/pipelines CDK Pipelines library closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@rix0rrr @hoegertn @enricopesce @ulyr @SomayaB