{
  "id": "cicd/dockerfile-buildkit-secret-not-found",
  "signature": "ERROR: failed to solve: failed to read secret 'my_secret': file not found or not a valid secret",
  "signature_zh": "错误：解析失败：读取密钥 'my_secret' 失败：文件未找到或不是有效密钥",
  "regex": "failed to read secret '[^']+': file not found or not a valid secret",
  "domain": "cicd",
  "category": "build_error",
  "subcategory": null,
  "root_cause": "Docker BuildKit could not locate the secret file specified via `--secret` flag because the path is incorrect, the file does not exist, or the secret is not properly mounted in the build context.",
  "root_cause_type": "generic",
  "root_cause_zh": "Docker BuildKit 无法找到通过 `--secret` 标志指定的密钥文件，因为路径不正确、文件不存在或密钥未正确挂载到构建上下文中。",
  "versions": [
    {
      "version": "Docker 24.0.7",
      "introduced": null,
      "deprecated": null,
      "removed": null,
      "behavior_change": null,
      "status": "active"
    },
    {
      "version": "Docker BuildKit 0.12.3",
      "introduced": null,
      "deprecated": null,
      "removed": null,
      "behavior_change": null,
      "status": "active"
    }
  ],
  "os_specific": {},
  "dead_ends": [
    {
      "action": "",
      "why_fails": "Copying a secret into the image defeats the purpose of BuildKit secrets, which are meant to avoid embedding secrets in layers; also, the file must be available at build time, not in the Dockerfile.",
      "fail_rate": 0.9,
      "condition": "",
      "sources": []
    },
    {
      "action": "",
      "why_fails": "If the source path is incorrect, BuildKit cannot resolve it; the secret must be an absolute path or relative to the build context root.",
      "fail_rate": 0.75,
      "condition": "",
      "sources": []
    }
  ],
  "workarounds": [
    {
      "action": "Ensure the secret file exists at the specified path before building: `echo \"my-secret-value\" > /tmp/my_secret && docker build --secret id=my_secret,src=/tmp/my_secret -t myimage .`",
      "success_rate": 0.95,
      "how": "Ensure the secret file exists at the specified path before building: `echo \"my-secret-value\" > /tmp/my_secret && docker build --secret id=my_secret,src=/tmp/my_secret -t myimage .`",
      "condition": "",
      "sources": []
    },
    {
      "action": "Use environment variables instead of files for secrets in CI: `DOCKER_BUILDKIT=1 docker build --secret id=my_secret,env=MY_SECRET_ENV -t myimage .` and set `MY_SECRET_ENV` in the CI environment.",
      "success_rate": 0.85,
      "how": "Use environment variables instead of files for secrets in CI: `DOCKER_BUILDKIT=1 docker build --secret id=my_secret,env=MY_SECRET_ENV -t myimage .` and set `MY_SECRET_ENV` in the CI environment.",
      "condition": "",
      "sources": []
    }
  ],
  "workarounds_zh": [
    "Ensure the secret file exists at the specified path before building: `echo \"my-secret-value\" > /tmp/my_secret && docker build --secret id=my_secret,src=/tmp/my_secret -t myimage .`",
    "Use environment variables instead of files for secrets in CI: `DOCKER_BUILDKIT=1 docker build --secret id=my_secret,env=MY_SECRET_ENV -t myimage .` and set `MY_SECRET_ENV` in the CI environment."
  ],
  "transition_graph": {
    "leads_to": [],
    "preceded_by": [],
    "frequently_confused_with": []
  },
  "official_doc_url": "https://docs.docker.com/build/buildkit/secret-build-args/",
  "official_doc_section": null,
  "error_code": null,
  "verification_tier": "ai_generated",
  "confidence": 0.86,
  "fix_success_rate": 0.9,
  "resolvable": "true",
  "first_seen": "2024-02-28",
  "last_confirmed": "2024-06-01",
  "last_updated": "2024-06-01",
  "evidence_count": 1,
  "tags": [],
  "locale": "en",
  "aliases": []
}