Build Secrets not available Dockerfile Nextjs Github Action

Questions / Help
,
1

Dockerfile for a Nextjs app deployed via Github Actions

FROM node:20-alpine AS base

# Stage 1: Install dependencies
FROM base AS deps
WORKDIR /app
COPY package.json yarn.lock ./
RUN yarn install --frozen-lockfile

# Stage 2: Build the application
FROM base AS builder
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY . .

RUN --mount=type=secret,id=AUTH0_SECRET \
  AUTH0_SECRET="$(cat /run/secrets/AUTH0_SECRET)" >> .env

RUN yarn build

# Stage 3: Production server
FROM base AS runner
WORKDIR /app
ENV NODE_ENV=production
COPY --from=builder /app/.next/standalone ./
COPY --from=builder /app/.next/static ./.next/static

EXPOSE 3000
CMD ["node", "server.js"]

fly-deploy.yml


name: Fly Deploy
on:
  push:
    branches:
      - main
jobs:
  deploy:
    name: Deploy app
    runs-on: ubuntu-latest
    concurrency: deploy-group
    steps:
      - uses: actions/checkout@v4
      - uses: superfly/flyctl-actions/setup-flyctl@master
      - run: flyctl deploy --remote-only
        env:
          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}

Not really sure why but it seems the run/secrets/SECRET_NAME is not being populated. I have set Secrets in the dashboard. I see the list of secrets when running fly secrets list using the fly CLI.

#12 0.152 cat: can't open '/run/secrets/AUTH0_SECRET': No such file or directory
2

I don’t see any build secrets there: fly deploy · Fly Docs

3

Sorry, I may have misunderstood the docs then. Based on your comment I infer that in order to have any build secrets I need to be able to pass them in via the fly-deploy.yml, which means I would have to add secrets to Github. I do not understand the purpose of Fly Secrets then

4

fly secrets are intended for the deployment machine(s).

1 Like
6

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.