Mount Secure Build-Time Secrets with Docker and Docker Compose

Avoid leaking build-time secrets in your Docker images such as API keys or tokens. Hit the subscribe button to receive more videos like this! REFERENCE LINKS --------------------------------------------------- ► https://nickjanetakis.com/blog/mount-secure-build-time-secrets-with-docker-and-docker-compose COURSES --------------------------------------------------- Courses I've created that focus on web dev and deployment topics. ► https://nickjanetakis.com/courses/ THE TOOLS I USE / GEAR --------------------------------------------------- ► https://nickjanetakis.com/blog/the-tools-i-use FOLLOW ME ELSEWHERE --------------------------------------------------- ► Twitter: https://twitter.com/nickjanetakis ► GitHub: https://github.com/nickjj TIMESTAMPS --------------------------------------------------- 0:00 -- Intro 0:37 -- A couple of use cases 1:43 -- An insecure way with build ARGs 6:14 -- Make sure BuildKit is enabled 6:49 -- Mounting a secure env variable secret 11:26 -- Does it actually work? 14:04 -- Passing it as an env var for a command 15:12 -- Adding multiple secrets 16:02 -- Mounting files instead of env vars 18:43 -- Using Docker Compose for secret env vars 23:13 -- Using Docker Compose for secret files and configs