Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Secrets as environment variables in docker-compose files
I always want to make everything easier, and since I did see 1password supported secrets, I was wondering if its possible to use this with docker-compose (not hosting it, but using it as environment ...
1P_Blake
Community Manager
Community ManagerHey PennyOakfield ! 👋 Thanks for reaching out and for your interest in using secrets with 1Password!
Based on your question there are a couple of options that could work for you; both involve the 1Password CLI (docs: https://developer.1password.com/docs/cli/).
op inject
- This command injects secrets into a config file. This allows you to pass in a templated config file with secret references and receive back a resolved config file with the actual secrets substituted in place.
- Docs with examples of how to use the command and how to use the secret reference syntax in templated config files - https://developer.1password.com/docs/cli/reference/commands/inject/
- You should also check out the Docker Compose docs on setting environment variables, specifically the "CLI - Substitute with --env-file" section - https://docs.docker.com/compose/environment-variables/set-environment-variables/#cli
- An example of what this could look like:
# use the ref.env file (containing secret references) as input, and output the resolved secrets to the .env file
op inject -i ref.env -o .env
# pass the .env file with resolved secrets to docker-compose
docker-compose —env-file .env up -d
# remove the .env file from the disk
rm .envop run
- This command passes secrets as environment variables to a process. You could use it to pass env vars from your local machine directly to the Docker container.
- Docs with examples of how to use the command and how to use the secret reference syntax - https://developer.1password.com/docs/cli/reference/commands/run/
- You should also check out the Docker Compose docs on setting environment variables, specifically the "CLI - Set environment variables with docker compose run --env" section - https://docs.docker.com/compose/environment-variables/set-environment-variables/#set-environment-variables-with-docker-compose-run---env
- An example of what this could look like:
# note that the resolved secrets need to be specified by variable name when passing them to docker-compose as env vars
op run —env-file .env — docker-compose run -e SECRET1=$SECRET1 -e SECRET2=$SECRET2 web python console.pyI hope that these suggestions help! Please let us know if you run into any issues.
