Automatize management of docker confgs and secrets
Docker-compose secrets and configs.
Automatize management of docker confgs and secrets.
docoseco [CONFIG_ROOT_DIR] < docker-compose.template.yaml > docker-compose.yaml CONFIG_ROOT_DIR Root directory for file search (default: .)
It reads docker-compose yaml from stdin, updates all config and secret names with corresponding file content hashsums and writes result to stdout.
Docker-compose configs and secrets are immutable by design. So, when config or secret is created from file via
docker stack deploy, it's impossible to update the file and deploy in the same way again. For example:
# docker-compose.yaml version: "3.8" services: redis: image: redis:latest configs: - source: my_config target: /redis_config configs: my_config: file: ./my_config.txt
If, after the initial deployment,
my_config.txt is changed, the next deployment attempt will fail.
The common workaround is creating a new config, when a source file changes. This is done by changing config name:
# docker-compose.yaml ... configs: my_config: name: my_config-2 # Changing name creates new docker config file: ./my_config.txt # This file was changed
To avoid manual management of config names, numerical suffix might be replaced by a file content hashsum, which can be automatically calculated.
# docker-compose.yaml ... configs: my_config: name: my_config-bee414b86ee02806b17104813d44eea4 # Auto-generated config name file: ./my_config.txt # This file was changed
Release history Release notifications | RSS feed
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.