Merge pull request #12689 from chris-crone/build-secrets

Update build secrets documentation

develop/develop-images/build_enhancements.md

@@ -113,10 +113,10 @@ $ docker build --progress=plain .
 
 The new syntax features in `Dockerfile` are available if you override the default
 frontend. To override the default frontend, set the first line of the
-`Dockerfile` as a comment with a specific frontend image: 
+`Dockerfile` as a comment with a specific frontend image:
 
 ```dockerfile
-# syntax=<frontend image>, e.g. # syntax=docker/dockerfile:1
+# syntax=<frontend image>, e.g. # syntax=docker/dockerfile:1.2
 ```
 
 The examples on this page use features that are available in `docker/dockerfile`
@@ -146,11 +146,12 @@ For example, with a secret piece of information stored in a text file:
 $ echo 'WARMACHINEROX' > mysecret.txt
 ```
 
-Within a Dockerfile that uses BuildKit frontend `docker/dockerfile:1.2` or up,
-the secret can be accessed using the `--mount` option:
+And with a Dockerfile that specifies use of a BuildKit frontend
+`docker/dockerfile:1.2`, the secret can be accessed when performing a `RUN`:
 
 ```dockerfile
-# syntax=docker/dockerfile:1
+# syntax=docker/dockerfile:1.2
+
 FROM alpine
 
 # shows secret from default secret location:
@@ -160,6 +161,7 @@ RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret
 RUN --mount=type=secret,id=mysecret,dst=/foobar cat /foobar
 ```
 
+The secret needs to be passed to the build using the `--secret` flag.
 This Dockerfile is only to demonstrate that the secret can be accessed. As you
 can see the secret printed in the build output. The final image built will not
 have the secret file: