Experiment with using Docker Secrets (but not in Swarm mode) #119
Comments
|
|
ok. so it means that, it is "as secure" as using environment variables, but, provides a seamless path to a secure implementation, if going from Compose to Swarm. That might not be very compelling unless we know people are using Docker Swarm. |
|
Another alternative to using Swarm to just manage secrets in Docker Compose could be to investigate using an external Vault system to manage secrets in Docker Compose eg: Hashicorp Vault or Mozilla SOPS. If it's feasible then perhaps just a Howto Wiki Page in the ckan-docker repo would be helpful for people wanting a more secure Docker environment |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Following on from conversations with pwalsh I will investigate how using Docker secrets (while not in Docker Swarm mode) give's any advantage over the PR: #76
For reference:
https://docs.docker.com/compose/use-secrets/
https://gist.github.com/brianjbayer/966769aa0b00bb95b266827862dd511e
docker/compose#4368
The text was updated successfully, but these errors were encountered: