Support for docker build --secret for build-time docker secrets. (original) (raw)

Is your feature request related to a problem? Please describe.
https://medium.com/@tonistiigi/build-secrets-and-ssh-forwarding-in-docker-18-09-ae8161d066 described how to provide secret mounts available at build times.

docker build --secret id=mysite.key,src=path/to/mysite.key .

Can be referenced during docker build:

RUN --mount=type=secret,id=mysite.key,required

docker compose build command: https://docs.docker.com/compose/compose-file/#build currently has no support for the secrets section

Describe the solution you'd like
build command should allow referencing the secrets defined in the same docker-compose file

Describe alternatives you've considered
The alternatives is to use secret-containing file contents as build arguments. The solution is cumbersome since the secret has to be splatted so it can become available for Dockerfile commands which may cause it to become part of a docker layer, i.e it may leak the secret value.

Additional context
Add any other context or screenshots about the feature request here.