Building Docker Images

Building Docker images with Pro and Web requires an additional step to add the private hex repo. Passing the fingerprint and password in as build arguments isn't secure, and you should use buildkit's secret support instead if possible.

Reference the secrets within in your Dockerfile by mounting it within a RUN command:

RUN --mount=type=secret,id=oban_key_fingerprint \
    --mount=type=secret,id=oban_license_key \
    mix hex.repo add oban \
      --fetch-public-key "$(cat /run/secrets/oban_key_fingerprint)" \
      --auth-key "$(cat /run/secrets/oban_license_key)"

Then, at build time, pass the fingerprint and license through using the --secret flag:

docker build \
  --secret id=oban_key_fingerprint,env=OBAN_KEY_FINGERPRINT \
  --secret id=oban_license_key,env=OBAN_LICENSE_KEY .