migrate from envvar to docker "secrets" #1362
Comments
|
I'm using docker swarm too, and I think docker secrets support for over-riding some env vars would solve my problem in a pretty clean way. I think it should be possible to just add a conditional actually, the same could be done for a docker config file... @solidnerd @r2evans what do you think? (PR coming :) ) |
|
see #1540 |
|
That looks really nice, @SvenDowideit. I look forward to playing with it. (I made one comment on the docs you added.) |
|
This issue has been automatically marked as stale because it has not had any activity for the last 60 days. It will be closed if no further activity occurs during the next 7 days. Thank you for your contributions. |
I'm curious what your take is on the use of docker "secrets". They tend to be used more for swarms, but there are some indications that they can be used elsewhere, either as a "swarm of 1" or even directly in
docker-compose.I see a few ways to deal with this:
/run/secrets/and applies them to the appropriate envvars. This is transitional in that current implementations will not break, but the envvars are still visible on the command line (including all passwords).runsecret_or_envvar()and setting up for it./run/secrets/. This takes a little less work than number 2, but is hard to justify to your subscribers/followers.I suggest number 2, and can work on a PR if you're interested. Because I tend to trail one major version (I'm on 9.5.5 right now), I don't know if my PR will have any issues with the current
master. I know you are swamped with Issues and PRs, so I will do the work if you are interested and will be able to merge it.The text was updated successfully, but these errors were encountered: