From 2f5c103d77eea8134d7bf5b2f796e57b1fcca95e Mon Sep 17 00:00:00 2001 From: sireeshajonnalagadda Date: Wed, 11 Jun 2025 09:31:33 +0000 Subject: [PATCH] mounting secrets including feature --- .../.devcontainer/Dockerfile | 24 +++++++++++++++++++ .../.devcontainer/devcontainer.json | 20 ++++++++++++++++ .../.devcontainer/docker-compose.override.yml | 7 ++++++ .../.devcontainer/docker-compose.yml | 17 +++++++++++++ .../.devcontainer/secret.txt | 1 + 5 files changed, 69 insertions(+) create mode 100644 src/test/configs/compose-Dockerfile-secrets/.devcontainer/Dockerfile create mode 100644 src/test/configs/compose-Dockerfile-secrets/.devcontainer/devcontainer.json create mode 100644 src/test/configs/compose-Dockerfile-secrets/.devcontainer/docker-compose.override.yml create mode 100644 src/test/configs/compose-Dockerfile-secrets/.devcontainer/docker-compose.yml create mode 100644 src/test/configs/compose-Dockerfile-secrets/.devcontainer/secret.txt diff --git a/src/test/configs/compose-Dockerfile-secrets/.devcontainer/Dockerfile b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/Dockerfile new file mode 100644 index 000000000..67b4d87cc --- /dev/null +++ b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/Dockerfile @@ -0,0 +1,24 @@ +# Use a basic image +FROM ubuntu:20.04 + +# Install required utilities +RUN apt-get update && apt-get install -y curl + +# Use the secret and set the environment variable +RUN --mount=type=secret,id=some-secret \ + echo "The secret is $SOME_SECRET" > /output.txt +RUN export SOME_SECRET=$(cat /secret.txt) && \ + echo "The secret is $SOME_SECRET" > /output.txt && \ + echo "SOME_SECRET=$SOME_SECRET" >> /etc/environment + + # Copy the rest of the application +COPY . /app + +# Set the working directory +WORKDIR /app + +# Expose port for application +EXPOSE 80 + +# Start the application (e.g., a simple HTTP server) +CMD ["python3", "-m", "http.server", "80"] diff --git a/src/test/configs/compose-Dockerfile-secrets/.devcontainer/devcontainer.json b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/devcontainer.json new file mode 100644 index 000000000..48cc74e60 --- /dev/null +++ b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/devcontainer.json @@ -0,0 +1,20 @@ +{ + "name": "My DevContainer", + "dockerComposeFile": [ + "./docker-compose.yml", + "./docker-compose.override.yml" + ], + "build": { + "dockerfile": "Dockerfile", + "args": { + "DOCKER_BUILDKIT": "1" + } + }, + "service": "my-service", + "features": { + "docker-in-docker": { + "version": "latest", + "installDockerBuildx": true + } + } +} diff --git a/src/test/configs/compose-Dockerfile-secrets/.devcontainer/docker-compose.override.yml b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/docker-compose.override.yml new file mode 100644 index 000000000..d974b1134 --- /dev/null +++ b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/docker-compose.override.yml @@ -0,0 +1,7 @@ +version: '3.8' + +services: + my-service: + build: + secrets: + - some-secret diff --git a/src/test/configs/compose-Dockerfile-secrets/.devcontainer/docker-compose.yml b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/docker-compose.yml new file mode 100644 index 000000000..89200f94b --- /dev/null +++ b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/docker-compose.yml @@ -0,0 +1,17 @@ +version: '3.8' + +services: + my-service: + build: + context: . + dockerfile: Dockerfile + image: my-image + environment: + - MY-SECRET=${SOME_SECRET} + ports: + - "8080:80" + +secrets: + some-secret: + file: ./secret.txt + diff --git a/src/test/configs/compose-Dockerfile-secrets/.devcontainer/secret.txt b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/secret.txt new file mode 100644 index 000000000..39e6424dd --- /dev/null +++ b/src/test/configs/compose-Dockerfile-secrets/.devcontainer/secret.txt @@ -0,0 +1 @@ +supersecretvalue