7

I want to pass environment variables that is readable by applications spin up by docker-compose up.

What is the proper way of using docker-compose up with varying configuration settings?

I don't want to use .env & environment: config as the environment variables are changing frequently & it is insecure to save tokens in a file.

docker-compose run -e does work a bit, but loses many. It does not map the ports that defined in docker-compose.yml services. Also multiple services are defined in docker-compose.yml and I don't want to use depends_on just because docker-compose up doesn't work.

Let's say I define service in docker-compose.yml

    service-a:
        build:
          context: .
          dockerfile: DockerfileA
        command: node serviceA.js

In my serviceA.js, I simply use the environment variable:

console.log("This is ", process.env.KEY, "running in service A");

When I run docker-compose run -e KEY=DockerComposeRun service-a I do get the environment variable KEY read by serviceA.js

This is  DockerComposeRun running in service A

However I could only get one single service running.

I could have use environment: in docker-compose.yml

environment:
  - KEY=DockerComposeUp

But in my use case, each docker compose would have different environment variable values, meaning I would need to edit the file each time before I do docker-compose.

Also, not only single service would use the same environment variable, .env even done a better job, but it is not desired.

There doesn't seem to be a way to do the same for docker-compose up I have tried KEY=DockerComposeUp docker-compose up, but what I get is undefined .

Export doesn't work for me as well, it seems they are all about using environment variable for docker-compose.yml instead of for the applications in container

Improve this question

2 Answers 2

Reset to default
4

To safely pass sensitive configuration data to your containers you can use Docker secrets. Everything passed through Secrets is encrypted.

You can create and manage secrets using the commands below:

docker secret create
docker secret inspect
docker secret ls
docker secret rm

And use them in your docker-compose file, either referring to existing secrets (external) or use a file:

secrets:
  my_first_secret:
    file: ./secret_data
  my_second_secret:
    external: true
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This seems interesting! Thanks for letting me know, I'll look into it ;)
4

You can use environment like this:

    service-a:
        build:
          context: .
          dockerfile: DockerfileA
        command: node serviceA.js
        environment:
            KEY=DockerComposeRun

Refer at: https://docs.docker.com/compose/environment-variables/

Improve this answer

1 Comment

Hi, as I mentioned, I don't want some environment variables to be written into files, including docker-compose.yml because they are frequently changing at each instances of docker compose and it is insecure.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.