I have a Dockerfile that uses secrets and I can successfully build the image using docker build. However, when I try to build the same image using docker-compose build I get the error:
ERROR: Dockerfile parse error line 4: Unknown flag: mount
This occurs on Ubuntu 20.04LTS (Docker version 18.09.6, build 481bc77, docker-compose version 1.20.0-rc2, build 8c4af54).
On RHEL 7.9 (Docker version 20.10.7 build f0df350, docker-compose version 1.29.2, build 5becea4c) a different error occurs:
[2/2] RUN --mount=type=secret,id=the_secret cat /run/secrets/the_secret:
#8 0.466 cat: /run/secrets/the_secret: No such file or directory
How can I use docker-compose to build my images that involve secrets?
Build using docker (works)
#!/bin/bash
export COMPOSE_DOCKER_CLI_BUILD=1
export DOCKER_BUILDKIT=1
echo "I have a secret" > secret.txt
docker build --secret id=the_secret,src=./secret.txt .
build using docker-compose (fails)
export COMPOSE_DOCKER_CLI_BUILD=1
export DOCKER_BUILDKIT=1
echo "I have a secret" > secret.txt
docker-compose build --no-cache test
Dockerfile
# syntax=docker/dockerfile:1.2
FROM python:3.8
RUN --mount=type=secret,id=the_secret cat /run/secrets/the_secret
docker-compose.yml
version: "3.6"
services:
test:
build: .
secrets:
- the_secret
secrets:
the_secret:
file: secret.txt
# syntax=docker/dockerfile:experimental. – Crescencontext: .rather thanbuild, but a fix for this in docker-compose came in April 2022, so you need to be using docker-compose 2.5.0+: - #72281271 The first answer in the above links out to the PRs in GitHub. – Gauguin