feat(applications): add support for Docker build secrets

- Implement build secrets functionality for Dockerfile builds
- Add new `buildSecrets` field to application schema
- Update UI and backend to handle build-time secrets
- Modify Docker build process to support secret injection during build

apps/dokploy/components/dashboard/application/environment/show.tsx

@@ -11,6 +11,7 @@ import { z } from "zod";
 const addEnvironmentSchema = z.object({
 	env: z.string(),
 	buildArgs: z.string(),
+	buildSecrets: z.record(z.string(), z.string()),
 });
 
 type EnvironmentSchema = z.infer<typeof addEnvironmentSchema>;
@@ -36,6 +37,7 @@ export const ShowEnvironment = ({ applicationId }: Props) => {
 		defaultValues: {
 			env: data?.env || "",
 			buildArgs: data?.buildArgs || "",
+			buildSecrets: data?.buildSecrets || {},
 		},
 		resolver: zodResolver(addEnvironmentSchema),
 	});
@@ -44,6 +46,7 @@ export const ShowEnvironment = ({ applicationId }: Props) => {
 		mutateAsync({
 			env: data.env,
 			buildArgs: data.buildArgs,
+			buildSecrets: data.buildSecrets,
 			applicationId,
 		})
 			.then(async () => {
@@ -69,25 +72,63 @@ export const ShowEnvironment = ({ applicationId }: Props) => {
 						placeholder={["NODE_ENV=production", "PORT=3000"].join("\n")}
 					/>
 					{data?.buildType === "dockerfile" && (
-						<Secrets
-							name="buildArgs"
-							title="Build-time Variables"
-							description={
-								<span>
-									Available only at build-time. See documentation&nbsp;
-									<a
-										className="text-primary"
-										href="https://docs.docker.com/build/guide/build-args/"
-										target="_blank"
-										rel="noopener noreferrer"
-									>
-										here
-									</a>
-									.
-								</span>
-							}
-							placeholder="NPM_TOKEN=xyz"
-						/>
+						<>
+							<Secrets
+								name="buildArgs"
+								title="Build-time Variables"
+								description={
+									<span>
+										Available only at build-time. See documentation&nbsp;
+										<a
+											className="text-primary"
+											href="https://docs.docker.com/build/guide/build-args/"
+											target="_blank"
+											rel="noopener noreferrer"
+										>
+											here
+										</a>
+										.
+									</span>
+								}
+								placeholder="NPM_TOKEN=xyz"
+							/>
+							<Secrets
+								name="buildSecrets"
+								title="Build Secrets"
+								description={
+									<span>
+										Secrets available only during build-time and not in the
+										final image. See documentation&nbsp;
+										<a
+											className="text-primary"
+											href="https://docs.docker.com/build/building/secrets/"
+											target="_blank"
+											rel="noopener noreferrer"
+										>
+											here
+										</a>
+										.
+									</span>
+								}
+								placeholder="API_TOKEN=xyz"
+								transformValue={(value) => {
+									// Convert the string format to object
+									const lines = value.split("\n").filter((line) => line.trim());
+									return Object.fromEntries(
+										lines.map((line) => {
+											const [key, ...valueParts] = line.split("=");
+											return [key.trim(), valueParts.join("=").trim()];
+										}),
+									);
+								}}
+								formatValue={(value) => {
+									// Convert the object back to string format
+									return Object.entries(value as Record<string, string>)
+										.map(([key, val]) => `${key}=${val}`)
+										.join("\n");
+								}}
+							/>
+						</>
 					)}
 					<div className="flex flex-row justify-end">
 						<Button isLoading={isLoading} className="w-fit" type="submit">

apps/dokploy/drizzle/0072_milky_lyja.sql

@@ -0,0 +1,2 @@
+ALTER TABLE "application" ADD COLUMN "buildSecrets" text;--> statement-breakpoint
+ALTER TABLE "user_temp" DROP COLUMN "enableLogRotation";

apps/dokploy/drizzle/meta/_journal.json

@@ -505,6 +505,13 @@
       "when": 1741460060541,
       "tag": "0071_flaky_black_queen",
       "breakpoints": true
+    },
+    {
+      "idx": 72,
+      "version": "7",
+      "when": 1741481694393,
+      "tag": "0072_milky_lyja",
+      "breakpoints": true
     }
   ]
 }

apps/dokploy/server/api/routers/application.ts

@@ -298,6 +298,7 @@ export const applicationRouter = createTRPCRouter({
 			await updateApplication(input.applicationId, {
 				env: input.env,
 				buildArgs: input.buildArgs,
+				buildSecrets: input.buildSecrets,
 			});
 			return true;
 		}),