-
-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docker - allow use of secrets when using Docker Swarm #2890
base: master
Are you sure you want to change the base?
Conversation
… so they can be passed in using docker swarm supported secrets
@@ -33,11 +56,33 @@ else | |||
START_MYSQL=${START_MYSQL:-true} | |||
fi | |||
|
|||
# Initialize values that might be stored in a file | |||
file_env 'DATABASE_PASSWORD' ${HUGINN_DATABASE_PASSWORD:-${DATABASE_PASSWORD:-password}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This passes the default value taken from the original variable definition from Line 85 (now commented out)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This might need to be defined for every var depending on the behavior when passing in values via other means (env vars, .evn-file, etc)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This might need to be defined for every var depending on the behavior when passing in values via other means (env vars, .evn-file, etc)
this appears to not be a problem, though I can't say I fully understand why it's not a problem. But in my testing I changed variable not passed to the file_env
function just fine via the different methods.
|
This PR modifies
docker/scripts/setup_env
to allow a user to pass sensitive data via Docker Secrets, which when used reference a file within the container at/run/secrets/
This method leverages code from the mysql docker which achieves the same objective.
An example use would be