Reputation: 1885
Docker env vars + Heroku; Heroku requires ENV while local build requires ARG
My understanding of Heroku's Docker container-registry CLI was that it was a wrapper around the Docker cli.
When I build locally I'll use, for example: docker build -f Dockerfile.example --build-arg SECRET_KEY=abc. And I'll have set ARG SECRET_KEY in my Dockerfile.example.
However if I want to push up to heroku's docker container-registry, I found out that I need to declare ENV SECRET_KEY=abc in my Dockerfile.example, and then run the command heroku container:push example --recursive.
Why is the case? What sets them apart? Isn't hardcoding the ENV bad security practice? Does Heroku offer a way around this?
Upvotes: 7
Views: 1999
Answers (2)
Reputation: 393
The config vars (per app) override whatever values you hard-code in the Dockerfile. Put a placeholder value in your Dockerfile (personal favotite: notsecret) and set the actual secret values on the Heroku UI or CLI.
Upvotes: 0
Reputation: 433
You can run something like
heroku container:push web --arg SECRET_KEY=xxxSecret123
In that way, You don't have to feed information in your Dockerfile directly.
Upvotes: 5
Related Questions
- Building Docker Images with heroku.yml (failed to bind to port)
- Transmit Heroku environment variables to Docker instance
- Heroku multiple build-time config vars
- How can I pass heroku config vars to docker build?
- Heroku: docker entrypoint not found
- Verfying existance and correctance of Heroku config vars
- Heroku (Docker) PORT environment variable in nginx
- Heroku Docker Deploy build args
- Can not use Heroku CLI in a Docker environment
- the docker container `heroku run` command with arguments returns "not found"