I am building a spring boot application using Kotlin + Firestore. I am using bootBuildImage command to build the Docker Image that I can use to deploy in Cloud Run. For security, I have the firebase key file defined in the application.properties file.
firebase.credential.path = secret/firebase-key.json
After the image is generated, when I run the application via docker run, application fails to start because it is not able to find the "secret/firebase-key.json" file.
I looked into documentation on how i can copy local files to the image, it did not find relevant result.
Is it possible to include property files like this in the image using bootBuildImage command? I am trying to avoid writing a Dockerfile and use bootBuildImage. TYIA
You don't want to put sensitive information into your container images. That would expose your sensitive information to anyone that has access to the container image. It also makes the container image less flexible as you're fixing it to only be used with that specific configuration.
The recommended approach for sensitive information is to map that into the container.
If you are using Kubernetes, you would use a secret and likely map that secret into the pod as a file. You could map it as an env variable too, Spring Boot makes consuming environment variables easy, but since you are referencing a file in your firebase.credential.path property, it would be easiest to map the secret into the pod at that location.
If you're running your container with Docker, you can do something similar with a volume map (environment variables are also possible, but again, for your case, a volume map probably makes more sense). That allows you to map an external file into the container at some arbitrary location, i.e. firebase.credential.path.