Labeling Docker Images With Commit SHA (Interpolate Environmental Variables In codeship-services.yml)



As part of our workflow, we will like to label our Docker images with the HEAD commit SHA so that our user can trace our Docker images to specific commit in our GH account. Here’s an example of what it looks like on I’m unsure how to achieve this with Codeship Pro. AFAICT, the codeship-services.yml file doesn’t interpolate environment variables.

What I’m hoping to achieve is this:

# codeship-services.yml
    image: myimage
    dockerfile: Dockerfile
      VCS_REF: ${HEAD_COMMIT_SHA} # specify this in .env file like docker-compose, but it's currently not working
# Dockerfile
LABEL org.label-schema.vcs-ref=$VCS_REF \

Any thoughts on how I can achieve this? This a blocker to our workflow.


PS FWIW AFAIK, the CI_* environmental variables are only available at runtime, right?


EDIT: I solved a similar problem, check my thread: How to write a build environment variable value into a image



I think we are talking about different things. I don’t want the CI_* environmental variable to be written to a file for runtime usage. Rather, I want the commit SHA to be baked into the image as labels so that when I do docker inspect <image>, the commit SHA will appear as a label.


The reason you can’t see the error is a bug on our end, we’re got it in our queue to fix. What’s happening is that your encrypted env is failing to parse - it either contains invalid characters or is encrypted with the wrong key.

Sorry for the trouble, there should be a very clear error message around this.