使用docker-compose命令粘贴环境变量

huangapple go评论65阅读模式
英文:

Paste environment variables with docker-compose command

问题

我想通过docker-compose命令粘贴包含AWS服务密码的环境变量。

尝试寻找解决方案,但我只找到建议使用.env文件的答案。这对我来说不是解决方案,因为文件仍然包含敏感信息并将被推送到git。

docker-compose.yml的一部分如下:

example.server:
  image: ${DOCKER_REGISTRY-}exampleserver
  container_name: exampleserver
  build:
    context: ..
    dockerfile: src/Web/Example.Server/Dockerfile
    args:
      ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
      ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD

我们通过docker-compose命令行粘贴artifactory参数:

docker-compose --profile test build --build-arg ARTIFACTORY_USERNAME="some username" --build-arg ARTIFACTORY_PASSWORD="some password"

现在我已将环境添加到yml文件中:

example.server:
  image: ${DOCKER_REGISTRY-}exampleserver
  container_name: exampleserver
  build:
    context: ..
    dockerfile: src/Web/Example.Server/Dockerfile
    args:
      ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
      ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD
  environment:
    - AWSKey=someKey
    - AWSBucketName=someName
    - AWSSecretKey=someSecretKey

这有效。当docker构建图像时,可以在example.server中看到环境变量。

但由于密钥硬编码在docker-compose.yml中,我希望通过docker-compose命令粘贴它们。就像我们为artifactory密码粘贴一样。是否有可能?

英文:

Im want to paste environment variables, which contain passwords for AWS services, through the docker-compose command.

Tried to find a solution, but i find only answers suggesting to use the .env file. This isnt a solution for me, as the file will still contain sensitive informations and will be pushed to git.

One part of the docker-compose.yml looks like this:

example.server:
  image: ${DOCKER_REGISTRY-}exampleserver
  container_name: exampleserver
  build:
    context: ..
    dockerfile: src/Web/Example.Server/Dockerfile
    args:
      ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
      ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD

We paste the artifactory args through the docker-compose command line:

docker-compose --profile test build --build-arg ARTIFACTORY_USERNAME="some username" --build-arg ARTIFACTORY_PASSWORD="some password"

Now i added the environments to the yml file:

example.server:
  image: ${DOCKER_REGISTRY-}exampleserver
  container_name: exampleserver
  build:
    context: ..
    dockerfile: src/Web/Example.Server/Dockerfile
    args:
      ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
      ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD
  environment:
    - AWSKey=someKey
    - AWSBucketName=someName
    - AWSSecretKey=someSecretKey

This works. The environment variables can be seen in example.server when docker has build the image.

But as the keys are hardcoded inside the docker-compose.yml, i want to paste them through the docker-compose command. The same way, we are pasting the password for the artifactory.

Is it possible?

答案1

得分: 0

这部分的内容如下:

This is working:

example.server:
  image: ${DOCKER_REGISTRY-}exampleserver
  container_name: exampleserver
  build:
    context: ..
    dockerfile: src/Web/Example.Server/Dockerfile
    args:
      ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
      ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD
  environment:
    - AWSKey
    - AWSBucketName=SomeAWSBucketName
    - AWSSecretKey

BucketName的值不是敏感信息,因此我直接将其添加到Docker-Compose.yml文件中。对于其他两个环境,我使用以下命令:

docker-compose --profile test build --build-arg ARTIFACTORY_USERNAME="SOME USERNAMER" --build-arg ARTIFACTORY_PASSWORD="SOME PASSWORD"  --build-arg AWSAccessKey="SOME AWSACCESSKEY" --build-arg AWSSecretAccessKey="SOME AWSSECRETACCESSKEY"  --build-arg LOCAL_CONTAINERS=True
英文:

This is working:

example.server:
image: ${DOCKER_REGISTRY-}exampleserver
container_name: exampleserver
build:
  context: ..
  dockerfile: src/Web/Example.Server/Dockerfile
  args:
    ARTIFACTORY_USERNAME: ARTIFACTORY_USERNAME
    ARTIFACTORY_PASSWORD: ARTIFACTORY_PASSWORD
environment:
  - AWSKey
  - AWSBucketName=SomeAWSBucketName
  - AWSSecretKey

The BucketName value is not sensitive information so i added it directly to the Docker-Compose.yml file. For the other 2 environments im using this command:

docker-compose --profile test build --build-arg ARTIFACTORY_USERNAME="SOME USERNAMER" --build-arg ARTIFACTORY_PASSWORD="SOME PASSWORD"  --build-arg AWSAccessKey="SOME AWSACCESSKEY" --build-arg AWSSecretAccessKey="SOME AWSSECRETACCESSKEY"  --build-arg LOCAL_CONTAINERS=True

huangapple
  • 本文由 发表于 2023年3月9日 19:53:38
  • 转载请务必保留本文链接:https://go.coder-hub.com/75684254.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定