Build secret with NextJs and Docker

Questions / Help Build debugging
1

Hello,

This issue may have already been discussed in some topics, but it remains unclear and difficult to understand why Fly.io does not support secrets during builds.


Let me show you my setup :

In Github Secrets :
image

In GitHub Action:

image
image798×355 33.9 KB

In the Dockerfile:

image
image733×357 34 KB

And in case, in Fly Secrets:

image
image1031×104 8.97 KB


Let’s try to build first locally (before to build in the CI):

flyctl deploy \                                                                            main * ] 1:43 pm
          --config packages/bo/fly.toml \  
          --build-secret NEXT_PUBLIC_BO_BACK=https://apps.fly.dev/ \
          -a app-bo

When Docker builds run:

image
image1185×162 19.9 KB

The variable is empty despite the --build-secret NEXT_PUBLIC_BO_BACK=https://apps.fly.dev/ in the fly deploy command line

I added logs in the app at startup, but the variable is empty:

image
image454×124 28.1 KB

How can I make that work?

best

3

echo NEXT_PUBLIC_BO_BACK=$NEXT_PUBLIC_BO_BACK

Note that that will evaluate $NEXT_PUBLIC_BO_BACK as a Docker ARG, not as an environment variable. Even if you escape the $, you aren’t running a shell so you won’t get expansion.

I tried launching from a directory containing a single Dockerfile:

FROM ubuntu:latest
RUN --mount=type=secret,id=NEXT_PUBLIC_BO_BACK \
  NEXT_PUBLIC_BO_BACK="$(cat /run/secrets/NEXT_PUBLIC_BO_BACK)" \
  env > /etc/secret
CMD [ 'sleep', 'infinity' ]

Ran

fly deploy --build-secret NEXT_PUBLIC_BO_BACK=testdata

And then:

% fly console -C "cat /etc/secret" | grep NEXT_PUBLIC   
Connecting to fdaa:0:d445:a7b:2d6:32aa:6b1a:2...
NEXT_PUBLIC_BO_BACK=testdata
1 Like
4

Thank you

5

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.