It's 12020 and we finally have a supported way of using secrets when building docker containers.
Enable buildkit
and RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret.
Specify on the command line with docker build --secret id=mysecret,src=secret.txt
Useful for, say, go with netrc:
1RUN --mount=type=secret,id=netrc,dst=/root/.netrc go get example.com/my/private/repo
someone else can probably explain it better since I don't use ssh-agent
tldr is docker build --ssh ...:
1RUN --mount=type=ssh go get example.com/my/private/repo.git
still waiting for a way to mount build caches