Dagger 0.5.0 (2023-04-07)

• https://github.com/dagger/dagger/releases/tag/v0.5.0

• https://dagger.io/blog/dagger-0-5-0

New Dynamic Secrets API and more secure scrubbing

• https://dagger.io/blog/dagger-0-5-0

• https://docs.dagger.io/723462/use-secrets

Note

“Build pipelines and deployments that don’t need secrets are about as useful as deploying to /dev/null.

So with the new secrets API available with Dagger, my pipelines have gone from “fun idea” to “oh crap, we’re shipping to prod” and I couldn’t be more excited.

Finally I have a programmatic and composable build pipeline I can run anywhere. And I really mean anywhere.” –

David Flanagan, Founder, Rawkode Academy

Our new secrets API enables you to retrieve secrets however you like, including from external sources such as Vault, Scaleway, GCP, Azure, AWS, and others (using their pre-defined systems, SDKs or tools).

Then, you set them in your Dagger pipeline either as secret environment variables, or as mounted secret files.

What’s Next ?

We have more improvements planned to the secrets API.

For example, we’re working on improving our scrubbing strategy to further reduce the risk of leaks. We’re also exploring ways to give you more control over secret mounts, such as UID/GID and Linux filesystem rights.

If you’re using a Dockerfile and want to pass a secret during the build, we don’t support that yet, but have an issue open to fix it.

To learn more about our new secrets API, refer to our documentation, which includes several code samples to get you started quickly.

If you have feedback, please share your comments with us in Discord or create a GitHub issue.

Want to help us pick the next improvements to the secrets API? Vote on our latest discussion post .