I’m starting to develope with Docker and i have a problem. I want to create an image with some files inside it but i want to make these files private (noone that build from my image or run a container from it could modify/delete these files).
I have in my Dockerfile the next line:
COPY /src /src
So my doubt is how to make private the files under /src
Anything in your image will be in your image. Generally if you have secrets that you don’t want someone to read, then you would not include those in the image. Instead, you would provide them at runtime.
For example, my private SSL key and certificate probably doesn’t belong in a general purpose webserver image. I’d expect to share the ssl files in at runtime instead of buildtime:
docker run -v /path/to/secret/stuff:/certs -d -p 443:443 mywebserver
If you are talking about source code, then you are going to face this issue whether you use docker or not. In order for your code to execute, it must be present. One approach that is common is to use some sort of obfuscation element to make it difficult to read what your program does. The obfuscated code is what would get distributed.