I’ll start:

When I was first learning to use Docker, I didn’t realize that most tutorials that include a database don’t configure the database to persist. Imagine my surprise when I couldn’t figure out why the database kept getting wiped!

  • RandomDevOpsDude@programming.devM
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Be really careful when building images that require secrets for build configuration. Secrets can be passed in as build args, but you MUST UNSET THEM IN THE DOCKERFILE and then repass them in as environment variables at runtime (or else you are leaking your secrets with your image).

    Also, image != container. Image is the thing you publish to a registry (e.g. dockerhub). Container is an instance of an image.

    • Nyefan@programming.dev
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      This is no longer true with buildkit - you can use the --secret to securely pass a secret in as an argument.

      • RandomDevOpsDude@programming.devM
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Thanks for sharing! I will need to look deeper into build kit. Containers aren’t my main artifacts, unfortunately, so I am still building them the ways of old, sounds like.