我正在构建一个React应用程序,并使用Docker和Jenkins进行生产部署... 我如何为这个静态应用程序安全地提供环境变量?
这是我的Dockerfile:
# stage 1: build the react app
FROM node:10.15.0 as react-build
WORKDIR /app
COPY . /app
ARG REACT_APP_API_ENTRYPOINT
ARG REACT_APP_CONNECT_URI
ARG REACT_APP_CONNECT_CLIENT_ID
ARG REACT_APP_CONNECT_SECRET
ARG REACT_APP_CONNECT_CALLBACK_URL
RUN yarn
ENV NODE_ENV=production
ENV REACT_APP_API_ENTRYPOINT=${REACT_APP_API_ENTRYPOINT}
ENV REACT_APP_CONNECT_URI=${REACT_APP_CONNECT_URI}
ENV REACT_APP_CONNECT_CLIENT_ID=${REACT_APP_CONNECT_CLIENT_ID}
ENV REACT_APP_CONNECT_SECRET=${REACT_APP_CONNECT_SECRET}
ENV REACT_APP_CONNECT_CALLBACK_URL=${REACT_APP_CONNECT_CALLBACK_URL}
RUN yarn run -s build
# Stage 2: build the production environment
FROM openresty/openresty:alpine
COPY deploy/files/nginx.conf /etc/nginx/conf.d/default.conf
COPY --from=react-build /app /usr/local/openresty/nginx/html
# forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /usr/local/openresty/nginx/logs/access.log && \
ln -sf /dev/stderr /usr/local/openresty/nginx/logs/error.log
EXPOSE 8000
ENTRYPOINT ["nginx", "-g", "daemon off;"]
目前的构建流程会暴露那些变量 :(