secret files are not persisted

[mzihlmann]

Actual behavior

When mounting a secret from an input file --secret=id=netrc,src=/dont/use/.netrc and then later mounted

RUN rm /dont/use/.netrc
RUN --mount=type=secret,id=netrc,env=SECRET,target=/root/.netrc

The run statement tries to mount the secret from the input path /dont/use/netrc instead of from some persistent directory.

Expected behavior
Before build, kaniko should copy all referenced secret files into /kaniko dir, persist them, and then mount from there. s.t. secret mounts work whether the original is present or not.

[mzihlmann]

hmmm this is not straightforward to simulate as opposed to my real world use-case, where i create a file from an env variable. In the integration tests we mount the files, so I can't remove them.