Don’t leak your Docker image’s build secrets

By Itamar Turner-Trauring.

View original

Excerpt: Building a Docker image often involves installing packages or downloading code, and if you’re installing private code you often need to gain access with a secret: a password, a private key, a token. You don’t want those secrets to end up in the final image, though; if it’s in the image, anyone with …