I'm using secrets to manage username, password, and dbname with a Docker stack using Postgres as a DB. I now want to use the healthcheck feature that Docker provides.
docker-compose.yml:
x-db-secrets: &db_secrets
- psql_user
- psql_pass
- psql_dbname
services:
db:
image: postgres:13.1
volumes:
- postgres_data:/var/lib/postgresql/data/
environment:
- POSTGRES_USER_FILE=/run/secrets/psql_user
- POSTGRES_DB_FILE=/run/secrets/psql_dbname
- POSTGRES_PASSWORD_FILE=/run/secrets/psql_pass
secrets: *db_secrets
healthcheck:
test: pg_isready -U myuser -d db_prod
interval: 10s
timeout: 3s
retries: 3
(... other services...)
volumes:
postgres_data:
static_content:
media_content:
secrets:
psql_user:
external: true
psql_pass:
external: true
psql_dbname:
external: true
As can be noted in the healthcheck:
section, I'm exposing the db username & the dbname with the healthcheck. My question (with some follow-up based on the answer):
Thoughts? Workaround?
Additional details:
So this can be done by using a .env
file and slightly modifiying your docker-compose.yml
file.
POSTGRES_HOST=db
POSTGRES_USER=root
POSTGRES_PASSWORD=password
POSTGRES_DB=dev
services:
db:
image: postgres:13.1
volumes:
- postgres_data:/var/lib/postgresql/data/
env_file:
- .env
secrets: *db_secrets
healthcheck:
test: ["CMD-SHELL", "sh -c 'pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}'"]
interval: 10s
timeout: 3s
retries: 3