Build arguments

Docker build arguments and static service environment variables

Build arguments are key-value pairs that are used to initialize a build with either docker-compose or static service environment variables. A static service is any service that doesn't require a container. Visit our guide to static service deployment for more details.

Build arguments can be global and used for all your applications, or specific to a single application.

You can add global build arguments to your Account Settings under the Builds tab. Add secret environment variables only relevant to a single application to App Settings in the "Advanced Settings" section to prevent exposing them to other containers.

Add account-level build arguments

Navigate to Account Settings screen by clicking the sliders icon in the upper right. Select the Builds tab.

An example use case for global build arguments is an API key for a static build.

Using secrets as build arguments

Environment variables and environment-specific variables are not accessible in the docker build step, so you need to use build arguments as explained in this guide.

In Docker, regular build arguments using the ARG=SOMEVAL format are stored in the Docker image and can be retrieved if someone has access to your image or repository. This may not be a problem for private images unless you store private keys or sensitive information that should not be exposed, even internally.

To safely access secrets in Docker builds, Release recommends using Docker secrets. To access the secret, you need to make some changes to your Dockerfile.


Now change it to look like this:

RUN --mount=type=secret,id=API_TOKEN API_TOKEN=$(cat /run/secrets/API_TOKEN) \

Add application-level build arguments

Navigate to App Settings. Select Advanced Settings. Toggle open the "App-Level Build Args" section. The application-specific build arguments will override the account-wide build argument settings.

Last updated