Y
Hacker News
new
|
ask
|
show
|
jobs
by
hiddew
234 days ago
> For stuff like security keys you should typically add them as build args, not as content in the image.
Do not use build arguments for anything secret. The values are committed into the image layers.
1 comments
never_inline
233 days ago
Yep. The only valid usecase I think of is using the secret for something else, eg connecting to an internal package registry, in which case the secret mounts may help.
link