docker compose & azure key vault - passing secrets to a container on startup

Question

I am using docker-compose to create 5 containers that run my application. Two containers need credentials retrieve from Azure Key Vault (web.config passwords to access 3rd party service).

As I am committing this to a public repo I do not want to store any azure credentials in plain text in the docker-compose.yaml file when starting up each container.

Is there a better way to do this?

I am thinking to use https://github.com/mariotoffia/FluentDocker to grab the secrets and dynamically create each container - but wonder if there is a better way?

Can I use Azure Key Vault with Docker?

Is it easier to use Docker secrets?

Or something else?

score 3 · Accepted Answer · answered Aug 30 '18 at 12:12

Found this --> Passing secrets to a Docker container

Environment variables appear the preferred method - will need to run a prebuild script to fetch the secrets and then follow this

https://docs.docker.com/compose/environment-variables/

@Mods feel free to close as a duplicate

docker compose & azure key vault - passing secrets to a container on startup

1 Answers1