Paste environment variables with docker-compose command

Question

Im want to paste environment variables, which contain passwords for AWS services, through the docker-compose command.

Tried to find a solution, but i find only answers suggesting to use the .env file. This isnt a solution for me, as the file will still contain sensitive informations and will be pushed to git.

One part of the docker-compose.yml looks like this:

example.server:
image: ${DOCKER_REGISTRY-}exampleserver
container_name: exampleserver
build:
  context: ..
  dockerfile: src/Web/Example.Server/Dockerfile
  args:
    ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
    ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD

We paste the artifactory args through the docker-compose command line:

docker-compose --profile test build --build-arg ARTIFACTORY_USERNAME="some username" --build-arg ARTIFACTORY_PASSWORD="some password"

Now i added the environments to the yml file:

example.server:
image: ${DOCKER_REGISTRY-}exampleserver
container_name: exampleserver
build:
  context: ..
  dockerfile: src/Web/Example.Server/Dockerfile
  args:
    ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
    ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD
environment:
    - AWSKey=someKey
    - AWSBucketName=someName
    - AWSSecretKey=someSecretKey

This works. The environment variables can be seen in example.server when docker has build the image.

But as the keys are hardcoded inside the docker-compose.yml, i want to paste them through the docker-compose command. The same way, we are pasting the password for the artifactory.

Is it possible?

Do the answers to [What is the best way to pass AWS credentials to a Docker container?](https://stackoverflow.com/questions/36354423/what-is-the-best-way-to-pass-aws-credentials-to-a-docker-container) help you? This includes [an example of passing through environment variables from the host](/a/54165790), and I think [this shorter syntax](/a/65888692) also works in Compose. You should do something similar with your Artifactory credentials – do not compromise them by publishing them in your image. — David Maze, Mar 09 '23 at 13:50
@DavidMaze thanks. I already had a look at the answers from the first two links before. The syntax -e, which you mention in your third link, does not work in docker-compose command. Also tried it. — Beardy, Mar 09 '23 at 14:11
Not the `docker run -e` option _per se_, but you can put a variable name with no value in an [`environment:`](https://docs.docker.com/compose/compose-file/compose-file-v3/#environment) list and it will be passed through from the host. — David Maze, Mar 09 '23 at 14:28

score 0 · Accepted Answer · answered Mar 13 '23 at 10:55

This is working:

example.server:
image: ${DOCKER_REGISTRY-}exampleserver
container_name: exampleserver
build:
  context: ..
  dockerfile: src/Web/Example.Server/Dockerfile
  args:
    ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
    ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD
environment:
  - AWSKey
  - AWSBucketName=SomeAWSBucketName
  - AWSSecretKey

The BucketName value is not sensitive information so i added it directly to the Docker-Compose.yml file. For the other 2 environments im using this command:

docker-compose --profile test build --build-arg ARTIFACTORY_USERNAME="SOME USERNAMER" --build-arg ARTIFACTORY_PASSWORD="SOME PASSWORD"  --build-arg AWSAccessKey="SOME AWSACCESSKEY" --build-arg AWSSecretAccessKey="SOME AWSSECRETACCESSKEY"  --build-arg LOCAL_CONTAINERS=True

Paste environment variables with docker-compose command

1 Answers1