Automatize management of docker confgs and secrets
Project description
Docoseco
Docker-compose secrets and configs.
Automatize management of docker confgs and secrets.
Usage
docoseco [CONFIG_ROOT_DIR] < docker-compose.template.yaml > docker-compose.yaml
CONFIG_ROOT_DIR Root directory for file search (default: .)
It reads docker-compose yaml from stdin, updates all config and secret names with corresponding file content hashsums and writes result to stdout.
Rationale
Docker-compose configs and secrets are immutable by design. So, when config or secret is created from file via
docker stack deploy
, it's impossible to update the file and deploy in the same way again. For example:
# docker-compose.yaml
version: "3.8"
services:
redis:
image: redis:latest
configs:
- source: my_config
target: /redis_config
configs:
my_config:
file: ./my_config.txt
If, after the initial deployment, my_config.txt
is changed, the next deployment attempt will fail.
The common workaround is creating a new config, when a source file changes. This is done by changing config name:
# docker-compose.yaml
...
configs:
my_config:
name: my_config-2 # Changing name creates new docker config
file: ./my_config.txt # This file was changed
To avoid manual management of config names, numerical suffix might be replaced by a file content hashsum, which can be automatically calculated.
# docker-compose.yaml
...
configs:
my_config:
name: my_config-bee414b86ee02806b17104813d44eea4 # Auto-generated config name
file: ./my_config.txt # This file was changed
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.