How do I run the eval $(envkey-source) command in

I want to run a command, eval $(envkey-source) for setting certain environment variables using envkey. I install it, set my ENVKEY variable and then try to import all the environment variables. I do this all via Docker. However, docker is giving an error in this command:

Step 31/35 : RUN     eval $(envkey-source)
 ---> Running in 6a9ebf1ede96
/bin/sh: 1: export: : bad variable name
The command '/bin/sh -c eval $(envkey-source)' returned a non-zero code: 2

I tried reading the documentation of envkey but they tell nothing about Docker.

I have installed envkey using following commands:

ENV     ENVKEY=yada_yada
RUN     curl -s https://raw.githubusercontent.com/envkey/envkey-source/master/install.sh | bash

Until here, all goes well. I get verbose of suggestions on the console about how to run the envkey to get all the environment variables set. The problem comes on this side:

RUN     eval $(envkey-source)

The error:

Step 31/35 : RUN     eval $(envkey-source)
 ---> Running in 6a9ebf1ede96
/bin/sh: 1: export: : bad variable name
The command '/bin/sh -c eval $(envkey-source)' returned a non-zero code: 2

You can't do this, for a couple of reasons. The envkey documentation eventually links to an example in their GitHub which you might find informative.

Each Dockerfile RUN command runs a new shell in a new container. In particular, environment variables set within a RUN command are lost after it exits. Any form of RUN export ... is a no-op. If variables are static you can set them using the ENV directive, but in this case where you're running a program that needs to generate them dynamically, you need another approach.

A typical pattern here is to use a shell script as your container's ENTRYPOINT. That does some initial setup and then replaces itself with the container's CMD. Since the CMD runs in the same shell environment as the rest of the script, you can do dynamic variable setup here. The script might look like:

#!/bin/sh
eval "$(envkey-source)"
exec "$@"

The other thing to keep in mind here is that anyone can docker inspect your image and get its environment variables back out, or docker run imagename /usr/bin/env. If you could run envkey-source in the Dockerfile then the environment variables would be available in the image in clear text, which defeats the purpose. Even embedding the key in the image effectively leaks it. You should pass this at runtime using a docker run -e option or a Docker Compose environment: key, relaying it from the host's environment.