Example passing a secret value via an env var to a docker build.

env_var_secret.Dockerfile

# Run this example:
#
# mysecret=SECRET_VALUE docker build --secret id=mysecret,env=mysecret -f Dockerfile -t deleteme .
# 
FROM debian:trixie-slim

RUN <<EOF cat >> file
#!/bin/bash
if [[ -z "\${MYSECRET}" ]]; then
  echo "No MYSECRET env var!!!"
else
  echo "I can use MYSECRET here!"
fi
EOF

RUN chmod +x file

RUN cat file

RUN --mount=type=secret,id=mysecret MYSECRET=$(cat /run/secrets/mysecret) ./file