Secrets as environment variables in docker-compose files
I always want to make everything easier, and since I did see 1password supported secrets, I was wondering if its possible to use this with docker-compose (not hosting it, but using it as environment variables in composer files?).
It seems like its only Kubernites / K8 integration, but maybe someone have come up with a different way to do it?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Comments
-
Hi @alekslyse, thanks for reaching out and for your interest in using secrets with 1Password!
Based on your question there are a couple of options that could work for you; both involve the 1Password CLI (docs: https://developer.1password.com/docs/cli/).
op inject- This command injects secrets into a config file. This allows you to pass in a templated config file with secret references and receive back a resolved config file with the actual secrets substituted in place.
- Docs with examples of how to use the command and how to use the secret reference syntax in templated config files - https://developer.1password.com/docs/cli/reference/commands/inject/
- You should also check out the Docker Compose docs on setting environment variables, specifically the "CLI - Substitute with --env-file" section - https://docs.docker.com/compose/environment-variables/set-environment-variables/#cli
- An example of what this could look like:
# use the ref.env file (containing secret references) as input, and output the resolved secrets to the .env file op inject -i ref.env -o .env # pass the .env file with resolved secrets to docker-compose docker-compose —env-file .env up -d # remove the .env file from the disk rm .env
op run- This command passes secrets as environment variables to a process. You could use it to pass env vars from your local machine directly to the Docker container.
- Docs with examples of how to use the command and how to use the secret reference syntax - https://developer.1password.com/docs/cli/reference/commands/run/
- You should also check out the Docker Compose docs on setting environment variables, specifically the "CLI - Set environment variables with docker compose run --env" section - https://docs.docker.com/compose/environment-variables/set-environment-variables/#set-environment-variables-with-docker-compose-run---env
- An example of what this could look like:
# note that the resolved secrets need to be specified by variable name when passing them to docker-compose as env vars op run —env-file .env — docker-compose run -e SECRET1=$SECRET1 -e SECRET2=$SECRET2 web python console.py
I hope that these suggestions help! Please let us know if you run into any issues.
-- Dustin
0
