Stack Overflow
Stack Overflow

Questions tagged [docker-secrets]

This is a tag for questions regarding Docker Secrets Management feature introduced in Docker 1.13

132 questions
114
votes
8 answers

how do you manage secret values with docker-compose v3.1?

Version 3.1 of the docker-compose.yml specification introduces support for secrets. I tried this: version: '3.1' services: a: image: tutum/hello-world secret: password: the_password b: image: tutum/hello-world $…
Eric
  • 16,003
  • 15
  • 87
  • 139
28
votes
6 answers

docker stack: setting environment variable from secrets

I was trying to set the password from secrets but it wasn't picking it up. Docker Server verions is 17.06.2-ce. I used the below command to set the secret: echo "abcd" | docker secret create password - My docker compose yml file looks like…
raj
  • 471
  • 1
  • 5
  • 12
20
votes
1 answer

Why is Docker Secrets more secure than environment variables?

I'm reading up on Docker Secrets and keep reading that the folks at Docker deliberately chose storing secrets in files under /run/secrets rather than going with environment variables. But nowhere have I been able to find an explanation as to why. So…
smeeb
  • 27,777
  • 57
  • 250
  • 447
19
votes
4 answers

Safe ways to specify postgres parameters for healthchecks in docker compose

I'm using secrets to manage username, password, and dbname with a Docker stack using Postgres as a DB. I now want to use the healthcheck feature that Docker provides. docker-compose.yml x-db-secrets: &db_secrets - psql_user - psql_pass -…
logicOnAbstractions
  • 2,178
  • 4
  • 25
  • 37
19
votes
2 answers

Why are Docker Secrets considered safe?

I read about docker swarm secrets and did also some testing. As far as I understood the secrets can replace sensitive environment variables provided in a docker-compose.yml file (e.g. database passwords). As a result when I inspect the…
Ralph
  • 4,500
  • 9
  • 48
  • 87
18
votes
1 answer

docker-compose secrets without swarm

I don't want to use docker secrets with swarm and I discovered that it's possible to do that. Basically docker just mounts /run/secrets inside docker container, but when I enter the newly built docker container and do echo $POSTGRES_PASSWORD_FILE I…
HereHere
  • 734
  • 1
  • 7
  • 24
18
votes
3 answers

docker secrets with non root user

I have a docker container run with a non root user for better security, but it seems it can't access the secrets I'm sharing with it: Importing account from "/run/secrets/authority.priv.json" failed: Permission denied (os error 13) I tried…
VsM
  • 710
  • 1
  • 10
  • 23
18
votes
3 answers

Docker compose - secrets Additional property secrets is not allowed

docker-compose --version docker-compose version 1.11.1, build 7c5d5e4 I have secret 'my_secret_data' added to my swarm cluster: The start of my compose file looks like: version: "3.1" secrets: my_secret_data: external: true services: …
Ronan Cunningham
  • 181
  • 1
  • 1
  • 3
17
votes
5 answers

How can I remotely connect to docker swarm?

Is it possible to execute commands on a docker swarm cluster hosted in cloud from my local mac? If yes, how? I want to execute command such as following on docker swarm from my local: docker create secret my-secret
docker…
Navdeep
  • 585
  • 2
  • 5
  • 17
16
votes
2 answers

Why do I need to be in Swarm mode to use Docker secrets?

I am playing around with a single container docker image. I would like to store my db password as a secret without using compose (having probs with that and Gradle for now). I thought I could still use secrets even without compose but when I try I…
Jackie
  • 21,969
  • 32
  • 147
  • 289
16
votes
0 answers

Docker-compose toolbox secrets files not mounting properly

I am trying to compose a stack using secrets for development, i use local files in docker/secrets/FILE_NAME I had this working in windows 10, but I'm struggling to get it to work under win7 toolbox. I get an error: Cannot create container for…
farghost
  • 231
  • 2
  • 10
14
votes
2 answers

Docker secrets passing as environment variable

I put the docker in swarm mode and did the following echo "'admin'" | docker secret create password - docker service create \ --network="host" \ --secret source=password,target=password \ -e PASSWORD='/run/secrets/password' \ I was not able…
Satyanvesh Muppaneni
  • 205
  • 2
  • 4
  • 11
7
votes
2 answers

How to Use Docker Build Secrets with Kaniko

Context Our current build system builds docker images inside of a docker container (Docker in Docker). Many of our docker builds need credentials to be able to pull from private artifact repositories. We've handled this with docker secrets..…
treekong
  • 111
  • 6
7
votes
0 answers

How to pass a Github Secret to a Dockerfile the secure way

I want to setup gcloud sdk within a docker build in a github action. Therefore i need to pass a service-account.json to the dockerfile. I know i can pass build arguments to the dockerfile and of course i can pass a Github secret here. But now i…
jo87casi
  • 411
  • 5
  • 15
7
votes
1 answer

How to set kubernetes secret key name when using --from-file other than filename?

Is there a way to set a kubernetes secret key name when using --from-file other than the filename? I have a bunch of different configuration files that I use as secrets.json within my containers. However, to organize my files, none of them are named…
Joel Magnuson
  • 313
  • 2
  • 10
1
2 3
8 9