nodejs/nodebestpractices
1
0
Fork 0
mirror of https://github.com/goldbergyoni/nodebestpractices.git synced 2025-10-28 03:25:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

First draft of avoiding secrets2

Browse Source
This commit is contained in:
Yoni
2020-06-07 21:50:01 +03:00
parent 95218010cc
commit 40a50c4560
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
sections/docker/avoid-build-time-secrets.md
View File

@ -30,11 +30,11 @@ RUN --mount=type=secret,id=npm,target=/root/.npmrc npm ci
<br/><br/>
### Code Example Building securely using multi-stage build
<details>
<summary><strong>Dockerfile</strong></summary>
```
FROM node:12-slim AS build
@ -88,4 +88,7 @@ CMD ["node","index.js"]
From the blog, [Alexandra Ulsh](https://www.alexandraulsh.com/2019/02/24/docker-build-secrets-and-npmrc/?fbclid=IwAR0EAr1nr4_QiGzlNQcQKkd9rem19an9atJRO_8-n7oOZXwprToFQ53Y0KQ)
> In November 2018 Docker 18.09 introduced a new --secret flag for docker build. This allows us to pass secrets from a file to our Docker builds. These secrets arent saved in the final Docker image, any intermediate images, or the image commit history. With build secrets, you can now securely build Docker images with private npm packages without build arguments and multi-stage builds.
```
```