0

I have a weird case where i have a secret.env file where i set all my environment variables as such:

secret.env

export TWITTER_CONSUMER_KEY="something"
export TWITTER_CONSUMER_SECRET="something"

Then i built a docker file to export all the variables and run the app as such:

FROM python:3.8-slim-buster

# Set the working directory to /app
WORKDIR /app

# Copy the current directory contents into the container at /app
ADD . /app

# Install the dependencies
RUN pip install -r requirements.txt

RUN find . -name \*.pyc -delete

# Export all variables
RUN /bin/bash -c "source secret.env";

# tell the port number the container should expose
EXPOSE 8083

# run the command
ENTRYPOINT ["python", "run.py"]

However, this is throwing a key error:

$ docker run --name fortweet --rm -i -t fortweet:latest bash
Traceback (most recent call last):
  File "run.py", line 1, in <module>
    from app import socketio, app
  File "/app/app/__init__.py", line 65, in <module>
    app = create_app()
  File "/app/app/__init__.py", line 38, in create_app
    my_settings = settings.TwitterSettings.get_instance()
  File "/app/app/setup/settings.py", line 47, in get_instance
    TwitterSettings()
  File "/app/app/setup/settings.py", line 14, in __init__
    self.consumer_key = os.environ["TWITTER_CONSUMER_KEY"]
  File "/usr/local/lib/python3.8/os.py", line 675, in __getitem__
    raise KeyError(key) from None
KeyError: 'TWITTER_CONSUMER_KEY'

When i run this on my windows, it works fine!

Can someone please help me on this ?

Mervin Hemaraju
  • 1,921
  • 2
  • 22
  • 71
  • 1
    Does https://stackoverflow.com/questions/39597925/how-do-i-set-environment-variables-during-the-build-in-docker help? It seems that you're meant to set environment variables for a Docker session using built-in Dockerfile functionality. – Karl Knechtel Dec 05 '20 at 22:25
  • 1
    You can use `docker run --env-file secret.env ...` as per https://docs.docker.com/engine/reference/commandline/run/#set-environment-variables--e---env---env-file – jkr Dec 05 '20 at 22:31
  • @Karl This looks great but if i set my keys in my dockerfile and when i push it to Github, it will be visible to the public which might be an issue – Mervin Hemaraju Dec 05 '20 at 22:35
  • 2
    `RUN source ...` will never set environment variables that last beyond the current `RUN` step; see [How to source a script with environment variables in a docker build process?](https://stackoverflow.com/questions/55921914/how-to-source-a-script-with-environment-variables-in-a-docker-build-process). For credentials that can't be included in the image, though, you'll need something like `docker run --env-file` as @jakub suggests. – David Maze Dec 05 '20 at 22:57
  • @jakub thank you for this! It works just fine. If you put it as an answer i will accept it :) – Mervin Hemaraju Dec 06 '20 at 09:36

1 Answers1

1

You can use docker run --env-file secret.env ... to set environment variables at runtime. See the docker run documentation for more info.

Sourcing a file in one RUN command will not persist after that RUN exits. You also should not store secrets in the Docker image. It is more safe to leave them out at build time and to apply them at runtime.

jkr
  • 17,119
  • 2
  • 42
  • 68