I have a simple docker compose that makes use of a secret. However I have been unable to access the secret. The logs show the /run/secrets/username
being passed in the server but not the actual username. What's wrong with my setup? How do I get the secret value from DB_USERNAME within my service?
version: "3.9"
services:
...
bank-microservice:
image: ${IMAGE_BANK}
restart: on-failure
networks:
- backend
expose:
- 80
secrets:
- username
environment:
- DB_USERNAME=/run/secrets/username
env_file:
- ./env/microservice.env
depends_on:
- db
secrets:
username:
file: ./secrets/username
...
Setting a secret only exposes that value at a filesystem location under /run/secrets
. If you want to get that value into a variable, you would need to do that yourself as part of your container startup.
For example, an ENTRYPOINT
script like that this would make /run/secrets/username
available as DB_USERNAME
:
#!/bin/sh
if [ -f /run/secrets/username ]; then
export DB_USERNAME=$(cat /run/secrets/username)
fi
exec "$@"