Forum Discussion

Former Member's avatar
Former Member
3 years ago

Secrets as environment variables in docker-compose files

I always want to make everything easier, and since I did see 1password supported secrets, I was wondering if its possible to use this with docker-compose (not hosting it, but using it as environment variables in composer files?).

It seems like its only Kubernites / K8 integration, but maybe someone have come up with a different way to do it?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

secrets management

1 Reply

  • Former Member's avatar
    Former Member
    3 years ago

    Hi @alekslyse, thanks for reaching out and for your interest in using secrets with 1Password!

    Based on your question there are a couple of options that could work for you; both involve the 1Password CLI (docs: https://developer.1password.com/docs/cli/).

    op inject

    • This command injects secrets into a config file. This allows you to pass in a templated config file with secret references and receive back a resolved config file with the actual secrets substituted in place.
    • Docs with examples of how to use the command and how to use the secret reference syntax in templated config files - https://developer.1password.com/docs/cli/reference/commands/inject/
    • You should also check out the Docker Compose docs on setting environment variables, specifically the "CLI - Substitute with --env-file" section - https://docs.docker.com/compose/environment-variables/set-environment-variables/#cli
    • An example of what this could look like:

    ```sh

    use the ref.env file (containing secret references) as input, and output the resolved secrets to the .env file

    op inject -i ref.env -o .env

    pass the .env file with resolved secrets to docker-compose

    docker-compose —env-file .env up -d

    remove the .env file from the disk

    rm .env
    ```

    op run

    • This command passes secrets as environment variables to a process. You could use it to pass env vars from your local machine directly to the Docker container.
    • Docs with examples of how to use the command and how to use the secret reference syntax - https://developer.1password.com/docs/cli/reference/commands/run/
    • You should also check out the Docker Compose docs on setting environment variables, specifically the "CLI - Set environment variables with docker compose run --env" section - https://docs.docker.com/compose/environment-variables/set-environment-variables/#set-environment-variables-with-docker-compose-run---env
    • An example of what this could look like:

    ```sh

    note that the resolved secrets need to be specified by variable name when passing them to docker-compose as env vars

    op run —env-file .env — docker-compose run -e SECRET1=$SECRET1 -e SECRET2=$SECRET2 web python console.py
    ```

    I hope that these suggestions help! Please let us know if you run into any issues.

    -- Dustin