I’m currently using Docker secrets to clone a private (GitLab) repo in my Dockerfile during the CI build.
gitlab-ci.yml
...
DOCKER_BUILDKIT=1 docker build --secret id=credentials,src=secrets.json --pull -t $CI_REGISTRY_IMAGE:$version .
...
secrets.json
{
"gitlab_username":"myusername",
"gitlab_token":"my_personal_access_token"
}
Dockerfile
RUN --mount=type=secret,id=credentials,required \
git clone https://$(cat /run/secrets/credentials | jq -r '."gitlab_username"'):$(cat /run/secrets/credentials | jq -r '."gitlab_token"')@gitlab.com/myusername/myrepo.git --branch=develop /var/www/
How can I clone a private repo (in my Dockerfile) without having to have the secrets.json file in the docker build repo?