Description link
Foreword
reference:https://vsupalov.com/docker-build-time-env-values/
Many times, we need to join an environment variable in the docker mirror , I understand there are two kinds of ways to do
The first
Use docker run --env VARIABLE=VALUE image:tagdirect add a variable, suitable for direct use docker project launched
root@ubuntu:/home/vickey/test_build# docker run --rm -it --env TEST=2 ubuntu:latest
root@2bbe75e5d8c7:/# env |grep "TEST"
TEST=2The second
The use dockerfile ARGand ENVadd a variable, applies to not use docker runproject initiated command , such as k8s
ARG is only effective when building docker mirror (dockerfile a RUN command, etc.), and after the image created by the image starting container is invalid (with verification examples later). But you can use it with the ENV command after creating containers can also be effective.
ARG buildtime_variable=default_value # if not set default_value buildtime_variable would be set ''
ENV env_var_name=$buildtime_variableIn building the image, you may be used --build-arg buildtime_variable=other_valueto cover the value of the variable in dockerfiledefault_value
$ docker build --build-arg buildtime_variable=other_value --tag image:tagConstruction of multi-stage
But sometimes we just need a temporary environment variable or file, the final image is not needed for these variables, set the value of ARG and ENV will leave marks in Docker image, such as confidential information. Construction of multi-stage can be used to remove the image containing confidential information.
- dockerfile
FROM ubuntu as intermediate # 为第一阶段构建设置别名,在第二阶段引用
ARG TEST=deault_value # 设置环境变量
ENV ENV_TEST=$TEST # 设置环境变量
RUN echo test > /home/test.txt
RUN cat /home/test.txt # 查看文件是否正常
RUN env
RUN env |grep TEST # 查看环境变量是否已设置
FROM ubuntu
COPY --from=intermediate /home/test.txt /home/another_test.txt # 将第一阶段生成的文件拷贝到第二阶段镜像中
RUN cat /home/another_test.txt # 查看拷贝的文件是否正常
RUN env
RUN env |grep TEST # 查看环境变量是否已设置- Construction of multi-stage
root@ubuntu:/home/vickey/test_build# docker build --build-arg TEST=2 -t ubuntu:test-multi-build --no-cache -f ./dockerfile .
Sending build context to Docker daemon 2.56kB
Step 1/12 : FROM ubuntu as intermediate
---> 94e814e2efa8
Step 2/12 : ARG TEST=deault_value
---> Running in 7da9180a6311
Removing intermediate container 7da9180a6311
---> 7e8420f3ecf2
Step 3/12 : ENV ENV_TEST=$TEST
---> Running in 256788d179ce
Removing intermediate container 256788d179ce
---> 11cf4e0581d9
Step 4/12 : RUN echo test > /home/test.txt
---> Running in c84799ba3831
Removing intermediate container c84799ba3831
---> f578ca5fe373
Step 5/12 : RUN cat /home/test.txt
---> Running in dbf8272fd10c
test
Removing intermediate container dbf8272fd10c
---> 9f8720732878
Step 6/12 : RUN env
---> Running in 9050cd9e36c9
HOSTNAME=9050cd9e36c9
HOME=/root
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
TEST=2
PWD=/
ENV_TEST=2
Removing intermediate container 9050cd9e36c9
---> f1f4daf42cc0
Step 7/12 : RUN env |grep TEST
---> Running in 1cc7968144f5
TEST=2
ENV_TEST=2
Removing intermediate container 1cc7968144f5
---> c6d390887082
Step 8/12 : FROM ubuntu
---> 94e814e2efa8
Step 9/12 : COPY --from=intermediate /home/test.txt /home/another_test.txt
---> 27480a945fab
Step 10/12 : RUN cat /home/another_test.txt
---> Running in de1f5a999fe1
test
Removing intermediate container de1f5a999fe1
---> 16c630eb6b1b
Step 11/12 : RUN env
---> Running in d13becd5ae77
HOSTNAME=d13becd5ae77
HOME=/root
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/
Removing intermediate container d13becd5ae77
---> ea52a6e9a7b2
Step 12/12 : RUN env |grep TEST
---> Running in 7ef585772e9a
The command '/bin/sh -c env |grep TEST' returned a non-zero code: 1And when the comment corresponding to step dockerfile constructed from the output can be seen, environment variables, and files the first stage, after copying the files in the second stage, the environment has changed is not copied (given the last step, because the environment variable is not exist), just to achieve the results we want --- the environment variable confidential information deleted while retaining the file we want.
The second method of authentication instance (negligible)
- Creating a dockerfile and at least one file in the same directory
root@ubuntu:/home/vickey/test_build# tree -L 2
.
├── dockerfile
└── whatever
0 directories, 2 files
root@ubuntu:/home/vickey/test_build# cat dockerfile
FROM ubuntudockfile
FROM ubuntu- docker building Mirror
root@ubuntu:/home/vickey/test_build# docker build --build-arg TEST=1 -t ubuntu:test-build -f ./dockerfile .
Sending build context to Docker daemon 2.56kB
Step 1/1 : FROM ubuntu
---> 94e814e2efa8
[Warning] One or more build-args [TEST] were not consumed
Successfully built 94e814e2efa8
Successfully tagged ubuntu:test-build
root@ubuntu:/home/vickey/test_build# docker images |grep test-build
ubuntu test-build 94e814e2efa8 3 months ago 88.9MB- Start a container mirror
root@ubuntu:/home/vickey/test_build# docker run --rm -it ubuntu:test-build
root@383c30a1d6f5:/# env
HOSTNAME=383c30a1d6f5
PWD=/
HOME=/root
TERM=xterm
SHLVL=1
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
_=/usr/bin/env
root@383c30a1d6f5:/# env|grep "TEST"
root@383c30a1d6f5:/# We found no build mirroring --build-arg TEST=1incoming variable, because there is a time to build [Warning] One or more build-args [TEST] were not consumed, need to refer to the dockfile inside TESTjob.
- In dockerfile added variables
FROM ubuntu
ARG TEST- Rebuild and create a container
root@ubuntu:/home/vickey/test_build# docker build --build-arg TEST=1 -t ubuntu:test-build -f ./dockerfile .
Sending build context to Docker daemon 2.56kB
Step 1/2 : FROM ubuntu
---> 94e814e2efa8
Step 2/2 : ARG TEST
---> Running in f9ccda7b3a4b
Removing intermediate container f9ccda7b3a4b
---> dc95b444ffc5
Successfully built dc95b444ffc5
Successfully tagged ubuntu:test-build
root@ubuntu:/home/vickey/test_build# docker run --rm -it ubuntu:test-build
root@370dd8b3d2ca:/# env
... ignore...
root@370dd8b3d2ca:/# env|grep "TEST"
root@370dd8b3d2ca:/# Found no warning, but still no variables TEST, since ARG valid only when building docker Mirror, mirror on creating and using invalid after the start of the image container . But with ENVinstructions to use it after you create the container can also be effective. The following is added ENVto see
- Added dockerfile
ENV
FROM ubuntu
ARG TEST
ENV ENV_TEST=$TEST- Construction of the container and start again
root@ubuntu:/home/vickey/test_build# docker build --build-arg TEST=1 -t ubuntu:test-build -f ./dockerfile .
Sending build context to Docker daemon 2.56kB
Step 1/3 : FROM ubuntu
---> 94e814e2efa8
Step 2/3 : ARG TEST
---> Using cache
---> dc95b444ffc5
Step 3/3 : ENV ENV_TEST=$TEST
---> Running in d8cd0014b36b
Removing intermediate container d8cd0014b36b
---> ebd198fcb586
Successfully built ebd198fcb586
Successfully tagged ubuntu:test-build
root@ubuntu:/home/vickey/test_build# docker run --rm -it ubuntu:test-build
root@f9dd6cf0bb47:/# env|grep "TEST"
ENV_TEST=1Well, then dockerfile the ARG variable TESThas been passed ENV variables ENV_TESTa. We can already use docker build upon the incoming variables.