skip to Main Content

In my personal project, I try to deploy my backend spring boot with github actions and a Dockerfile

For more security, I save my properties in the Github secrets and in my Dockerfile, i get the configuration (url, username and password)

    - name: Build and push Docker image
    uses: docker/build-push-action@v2
    with:
      username: ${{ github.actor }}
      password: ${{ secrets.GITHUB_TOKEN }}
      push: true
      file: ./Dockerfile
      tags: ${{ env.REGISTRY }}/***
      build-args: |
        server_port=${{ secrets.SERVER_PORT_DEV }}
        url=${{ secrets.URL_DEV }}
        username=${{ secrets.USERNAME_DEV }}
        password=${{ secrets.PASSWORD_DEV }}

And my spring boot doesn’t run because the url, username and password are missing in my application.properties.
So, I try to cat the properties file in my github actions and here is what i got :

#11 0.281 # Secrets
#11 0.281 spring.datasource.url=
#11 0.281 spring.datasource.username=
#11 0.281 spring.datasource.password=

Do you have any idea why Github secrets are not read?
2nd more general question: is it good practice to use this method? Or are there better ones?

Thank you very much for your precious help and good day to all of you who would help me ๐Ÿ™‚

2

Answers


  1. Chosen as BEST ANSWER

    Yes, in my Dockerfile I have this informations :

    #Write the 3 args in a src/main/resources/application.properties file
    RUN echo "spring.datasource.url=${url}" >> src/main/resources/application.properties
    RUN echo "spring.datasource.username=${username}" >> src/main/resources/application.properties
    RUN echo "spring.datasource.password=${password}" >> src/main/resources/application.properties
    
    #Print the content of the file to check if it's ok
    RUN cat src/main/resources/application.properties
    

    I don't understand why my secrets doesn't in my file, i'm so confuse


  2. The "Set build-time variables (--build-arg)" docker build man page section includes:

    The ARG instruction lets Dockerfile authors define values that users can set at build-time using the --build-arg flag.
    This flag allows you to pass the build-time variables that are accessed like regular environment variables in the RUN instruction of the Dockerfile.
    Also, these values donโ€™t persist in the intermediate or final images like ENV values do.

    So make sure your Dockerfile includes:

    ARG server_port
    ARG url
    ARG username
    ARG password
    RUN echo "spring.datasource.url=${url}">>application.properties && 
        echo "spring.datasource.username=${username}">>application.properties && 
        echo "spring.datasource.password=${password}">>application.properties
    

    I don’t know if my syntax if incorrect or it’s a problem with the GitHub secrets reading.

    Actually, inside the Dockerfile, the GitHub Action secrets, like ${{ secrets.URL_DEV }} would not apply.
    Only ${url}, meaning the ARG name, would be available.

    So if you input text into application.properties in the Dockerfile, use the ARG variable names, not the GitHub Action secrets name.

    But when you call docker build (*outside the Dockerfile, since docker build uses the Dockerfile), then yes, use the GitHub Action secrets:

    docker build ----build-arg url=${{ secrets.URL_DEV }}
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search