Inject build arguments | Build | Northflank Application docs

Build /

Inject build arguments

Available on combined and build services.

Build arguments (ARG) can be set to be passed to the Docker container at build-time. These can be set for individual builds on the build arguments page or set as project secrets to be applied to all or specific builds in a project.
Build arguments editor in the Northflank application

Although unlikely, some buildpacks may override your build arguments.

If using a Dockerfile, build arguments will be passed to the Dockerfile on build via the --build-arg flag. They do not persist in the built image and are set as key-value pairs. Variables must be declared in the Dockerfile with ARG before being accessed. For example, a variable set as PACKAGES=npm-cache can be accessed in the Dockerfile by declaring the ARG:

# or initialise with a default value:
# ARG PACKAGES=default_value

RUN echo "Using: ${PACKAGES}"

Build arguments can be set as key-value pairs, or as JSON in the following format:

    "KEY_1": "value1",
    "KEY_2": "value2"

An .env file can also be uploaded and edited using the following format:


Add a secret file to a build

You can include secret files which can be accessed during the build process. To add a secret file, paste or upload the content in the secret file editor on the environment page of a build service, combined service, or a job that builds from a repository.

Secret files in builds are accessed differently from secret files in deployed containers; instead of being injected relative to the build root, they are relative to the repository root. Secret files in builds also cannot overwrite files in the repository, for example a repository with data/config.json would fail to build if you added a secret file with the path /data/config.json.

If you reference a secret file in your Dockerfile it is relative to the build context, not the container root. This also means that the secret file path needs to take the build context into account when you add the file to Northflank. If you want to access a secret file while using the build context /frontend, the file path must be set to /frontend/data/config.json to access it with the path COPY ./data/config.json . in the Dockerfile.

The table below gives examples of how a path would be set and accessed in various contexts:

Secret file mount pathBuild contextSecret file relative to build contextDockerfile COPY exampleFile location in build after WORKDIR app; COPY ${file} .
/secrets/my-secret/./secrets/my-secretCOPY ./secrets/my-secret ./app/my-secret
/secrets/my-secret/frontendsecret outside of build contextsecret outside of build contextsecret outside of build context
/frontend/secrets/my-secret/frontend./secrets/my-secretCOPY ./secrets/my-secret ./app/my-secret

© 2023 Northflank Ltd. All rights reserved.