Comparative Analysis of Environment Variable Persistence: ENV vs RUN export in Dockerfile

Comparative Analysis of Environment Variable Persistence Mechanisms

During Docker image construction, the method of setting environment variables significantly impacts their availability in the final container. Although both the ENV instruction and RUN export command can set environment variables, their persistence mechanisms differ fundamentally.

Persistence Characteristics of ENV Instruction

The ENV instruction is Dockerfile's dedicated method for declaring environment variables. Variables set with ENV are persisted into the generated image. According to Docker official documentation, environment variables set via ENV will persist when a container is run from the resulting image. This persistence manifests in several aspects:

1. Variable values can be viewed using the docker inspect command
2. Variables can be overridden during container runtime using docker run --env <key>=<value>
3. Variables remain available in all subsequent build steps

Temporary Limitations of RUN export

In contrast, variables set with RUN export are only valid within the same build layer. This occurs because each Dockerfile instruction creates a new intermediate container, which is committed as an intermediate image. Variables set via export are not preserved in this process. As demonstrated in Docker GitHub issue 684, when attempting to extend PATH using RUN export PATH=$PATH:/foo/bar, subsequent docker run commands cannot see the /foo/bar path.

Experimental Verification and Analysis

The following Dockerfile example clearly demonstrates the differences between the two approaches:

FROM centos:6
ENV FOO=foofoo
RUN export BAR=barbar
RUN export BAZ=bazbaz && echo "$FOO $BAR $BAZ"

The output during the build process shows:

Step 4/4 : RUN export BAZ=bazbaz && echo "$FOO $BAR $BAZ"
 ---> Running in eb66196b238d
foofoo  bazbaz

From the output, three key observations can be made:

• The FOO variable (set via ENV) remains available in subsequent build steps
• The BAR variable (set via RUN export) becomes inaccessible in the next step
• The BAZ variable is set and used within the same RUN instruction, thus displaying correctly

Docker Image Layer Principles

The fundamental reason for this difference lies in Docker's image layer architecture. Each Dockerfile instruction creates a new image layer, and the persistence of environment variables depends on which layer they are recorded in:

1. Variables created with ENV instruction are recorded in image metadata, becoming part of the image
2. Variables set with RUN export exist only in the container environment during that instruction's execution
3. When a container is committed as an image, variables set via export are not included in the image

Practical Application Recommendations

Based on the above analysis, to ensure proper persistence of environment variables in Docker containers, it is recommended to:

1. Use ENV instruction to declare environment variables that need to be used across multiple build steps
2. Use export for temporary variables that are only used within a single RUN instruction
3. For critical system variables like PATH, prioritize using ENV to ensure availability during container runtime
4. Consider using ARG instruction in combination with ENV for build-time parameter passing

Conclusion

The differences between ENV and RUN export in Docker environment variable management reflect the layered nature of Docker image construction. Understanding these differences is crucial for writing efficient and reliable Dockerfiles. Proper use of the ENV instruction ensures environment variables remain available throughout the image's lifecycle, while misuse of RUN export may cause variables to become inaccessible at critical moments, affecting the normal operation of container functionality.