问题
I require files to be downloaded from AWS S3 during container build, however I've been unsuccessful to provide the AWS credentials to the build process without actually hardcoding them in the Dockerfile. I get the error:
docker fatal error: Unable to locate credentials
despite previously having executed:
aws configure
Moreover, I was not able to use --build-arg for this purpose.
My question: is it possible to have these credentials in build time without hardcoding them in the Dockerfile and if so how?
Thank you for your attention.
回答1:
Using the --build-arg flag is the correct way to do it, however you must use the ARG directive, not the ENV directive to specify them in your Dockerfile.
Here is an example Dockerfile that I have used with AWS credentials. It takes in the aws credentials as build arguments, including a default argument for the AWS_REGION build argument. It then performs a basic aws action, in this case logging into ecr.
FROM <base-image>:latest # an image I have that has `aws` installed
ARG AWS_ACCESS_KEY_ID
ARG AWS_SECRET_ACCESS_KEY
ARG AWS_REGION=us-west-2
RUN aws ecr get-login --no-include-email | bash
CMD ["npm", "start"]
You then build the image with the following command:
docker build -t testing --build-arg AWS_ACCESS_KEY_ID=<Your ID Here> \
--build-arg AWS_SECRET_ACCESS_KEY=<Your Key Here> .
Hope this helps.
来源:https://stackoverflow.com/questions/51824671/aws-credentials-in-dockerfile