Docker

Guide for using Garnet with Docker

Below we describe two methods of configuring Docker using Garnet.

For using Garnet in CI and production environments, it is recommended that you use Service Keys. You can read more on configuring service keys on this page.

Method 1: In the Dockerfile

To fetch environment variables in your Docker container during build or run time, you can use the Garnet CLI which requires the GARNET_SERVICE_KEY environment variable. To run CMD commands in Docker using Garnet, you can use garnet run followed by your command as shown below. For reference, you can use this Dockerfile:

FROM alpine
# Install cURL (if not installed)
RUN apk add -U curl
# Install the Garnet CLI
RUN curl -LO https://garnet.jfrog.io/artifactory/garnet-release/garnet-v0.1.0-linux-amd64
RUN chmod +x ./garnet-v0.1.0-linux-amd64
RUN mv ./garnet-v0.1.0-linux-amd64 /usr/bin/garnet
# Fetched variables can be viewed using the env command, for testing.
# In a real use case, this can be replaced with an actual command e.g. npm start
CMD garnet run --service-key=${GARNET_SERVICE_KEY} -- env

You can build the container normally, for example:

docker build -t garnet-alpine-test .

Once the image is built, you can run the container as follows:

Production
Local dev/testing
Production

Assumes GARNET_SERVICE_KEY is provided in the CI/CD or production environment

docker run -ti --env GARNET_SERVICE_KEY="$GARNET_SERVICE_KEY" garnet-alpine-test
Local dev/testing

Assumes GARNET_SERVICE_KEY is set in the local environment

docker run -ti --init --env GARNET_SERVICE_KEY="$GARNET_SERVICE_KEY" garnet-alpine-test

Method 2: Using Docker Build Args

To fetch environment variables in your Docker image layers during build time, you can use the Garnet CLI which requires the GARNET_SERVICE_KEY environment variable instantiated as an ARG. For example, you can use this Dockerfile:

FROM alpine
# Install cURL (if not installed)
RUN apk add -U curl
# Install the Garnet CLI
RUN curl -LO https://garnet.jfrog.io/artifactory/garnet-release/garnet-v0.1.0-linux-amd64
RUN chmod +x ./garnet-v0.1.0-linux-amd64
RUN mv ./garnet-v0.1.0-linux-amd64 /usr/bin/garnet
# Pass Garnet service key as arg
ARG GARNET_SERVICE_KEY
ENV GARNET_SERVICE_KEY $GARNET_SERVICE_KEY
# Fetched variables can be viewed using the env command, for testing.
# In a real use case, this can be replaced with an actual command e.g. npm start
CMD garnet run --service-key=${GARNET_SERVICE_KEY} -- env

To supply environment variables to the container during the Docker build process, you can use Docker build args. In the below command, we will be using Garnet itself to supply the required env variables:

garnet run garnet-credentials/default -- docker build -t garnet-alpine-test . --build-arg GARNET_SERVICE_KEY

Note: the above command assumes that you have the GARNET_SERVICE_KEYenv variable saved in a project named garnet-credentials in the default environment. You can replace it with your own project and environment using the following scheme:garnet run <project-name>/<scope> -- <cmd>