mirror of
https://github.com/pawelmalak/flame.git
synced 2024-12-21 01:01:30 +03:00
added integration for docker secrets
This commit is contained in:
parent
4c1c0087c7
commit
7a8808df4f
@ -1,4 +1,9 @@
|
|||||||
version: '3'
|
version: "3"
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
password:
|
||||||
|
file: ./secrets/password
|
||||||
|
|
||||||
services:
|
services:
|
||||||
flame:
|
flame:
|
||||||
image: pawelmalak/flame
|
image: pawelmalak/flame
|
||||||
@ -7,6 +12,8 @@ services:
|
|||||||
- /path/to/data:/app/data
|
- /path/to/data:/app/data
|
||||||
ports:
|
ports:
|
||||||
- 5005:5005
|
- 5005:5005
|
||||||
|
secrets:
|
||||||
|
- password
|
||||||
environment:
|
environment:
|
||||||
- PASSWORD=flame_password
|
- PASSWORD_FILE=/run/secrets/password
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
1
.docker/secrets/password
Normal file
1
.docker/secrets/password
Normal file
@ -0,0 +1 @@
|
|||||||
|
flame_docker_secret_password
|
@ -70,6 +70,10 @@ services:
|
|||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
```
|
```
|
||||||
|
|
||||||
|
##### Docker Secrets
|
||||||
|
|
||||||
|
All environment variables set can be overwritten by appending `_FILE` to the variable value.For example, you can use `PASSWORD_FILE` to pass through a docker secret instead of `PASSWORD`. If both `PASSWORD` and `PASSWORD_FILE` are set, the docker secret will take precedent. An example using docker secrets is available in [here](.docker/docker-compose.yml).
|
||||||
|
|
||||||
#### Skaffold
|
#### Skaffold
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
|
4219
package-lock.json
generated
4219
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@ -22,6 +22,7 @@
|
|||||||
"axios": "^0.24.0",
|
"axios": "^0.24.0",
|
||||||
"colors": "^1.4.0",
|
"colors": "^1.4.0",
|
||||||
"concurrently": "^6.3.0",
|
"concurrently": "^6.3.0",
|
||||||
|
"docker-secret": "^1.2.3",
|
||||||
"dotenv": "^10.0.0",
|
"dotenv": "^10.0.0",
|
||||||
"express": "^4.17.1",
|
"express": "^4.17.1",
|
||||||
"jsonwebtoken": "^8.5.1",
|
"jsonwebtoken": "^8.5.1",
|
||||||
|
@ -1,7 +1,9 @@
|
|||||||
const initConfig = require('./initConfig');
|
const initConfig = require('./initConfig');
|
||||||
const initFiles = require('./initFiles');
|
const initFiles = require('./initFiles');
|
||||||
|
const initSecrets = require('./initSecrets');
|
||||||
|
|
||||||
const initApp = async () => {
|
const initApp = async () => {
|
||||||
|
initSecrets();
|
||||||
await initFiles();
|
await initFiles();
|
||||||
await initConfig();
|
await initConfig();
|
||||||
};
|
};
|
||||||
|
15
utils/init/initSecrets.js
Normal file
15
utils/init/initSecrets.js
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
const { getSecrets } = require('docker-secret');
|
||||||
|
const Logger = require('../Logger');
|
||||||
|
const logger = new Logger();
|
||||||
|
|
||||||
|
const initSecrets = () => {
|
||||||
|
const secrets = getSecrets();
|
||||||
|
|
||||||
|
for (const property in secrets) {
|
||||||
|
const upperProperty = property.toUpperCase();
|
||||||
|
process.env[upperProperty] = secrets[property];
|
||||||
|
logger.log(`${upperProperty} was overwritten with docker secret value`, 'WARN');
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
module.exports = initSecrets;
|
Loading…
Reference in New Issue
Block a user