Read fly secrets during Docker build

Is there a way to read fly secrets when doing fly deploy --dockerfile? My Sveltekit app needs to burn-in some of the variables:

RollupError: "API_URL" is not exported by "$env/static/private", imported by "src/routes/pools/[poolID]/photos/+server.ts".

Check out Build Secrets · Fly Docs.

@ray-chen that’s helpful! However I’m still unsure if I can do that with what’s in my fly secrets.

Ah sorry! I misread.

I’m not sure if there’s a way for you to access Fly secrets in the builder. There is no straightforward way to retrieve the secret value in plaintext, & they’re only available to apps at run-time.

Perhaps someone else with more knowledge can help! :slight_smile:

1 Like

If you haven’t considered flyctl to siphon off secrets, then:

# assuming flyctl auth is done and flyctl ssh token has been issued
flyctl ssh console -a myapp -C "printenv secret-name"

You shouldn’t but you can, so why not? But don’t. (:

Thanks for the suggestion. I’ve changed it to dynamically read the ENV var, instead of requiring it at build time.

1 Like