We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
https://blog.philip-huang.tech/?page=blog_docker_ssh_docker-multi-stage-build
最近剛好有一個專案在建構的時候需要存取多個私有庫,然而直接把 ssh key 帶入映像檔中會有安全性疑慮,同時也要避免 ssh key 出現在 image layer 中,這時候可以借助 multi-stage build 來達到要求。
Dockerfile撰寫
用語法From foo as bar來幫映像檔取小名
From foo as bar
FROM python:3.8 as build-system
並且可以在一同個 Dockerfile 內建置暫存映像檔,我們可以在這個階段進行ssh操作,最終這個image會被銷毀
FROM build-system as intermediate
最後回到一開始的image,並且把暫存映像檔中的檔案複製回主要的image
FROM build-system as runtime COPY --from=intermediate /server /server
FROM build-system as runtime
COPY --from=intermediate /server /server
完整的範例如下:
FROM python:3.8 as build-system COPY . /server WORKDIR
The text was updated successfully, but these errors were encountered:
No branches or pull requests
https://blog.philip-huang.tech/?page=blog_docker_ssh_docker-multi-stage-build
最近剛好有一個專案在建構的時候需要存取多個私有庫,然而直接把 ssh key 帶入映像檔中會有安全性疑慮,同時也要避免 ssh key 出現在 image layer 中,這時候可以借助 multi-stage build 來達到要求。
用語法
From foo as bar來幫映像檔取小名並且可以在一同個 Dockerfile 內建置暫存映像檔,我們可以在這個階段進行ssh操作,最終這個image會被銷毀
最後回到一開始的image,並且把暫存映像檔中的檔案複製回主要的image
完整的範例如下:
The text was updated successfully, but these errors were encountered: