[Feature] Replace secrets in compose
hades200082 opened this issue Β· comments
π Feature Description
As a Devops admin, I'd like to deploy via docker-compose using environment variables for secrets, to automate deployments with secrets.
β Goals
- Replace secrets in the generated compose file with environment variables
- Provide an optional export of the environment variables and their generated values
π§° Possible Solution
- Secrets in docker-compose files should be replaced with environment variables. e.g.
${SERVICE_PASSWORD_RABBITMQ}
- A command line option to generate a .env file containing the secrets as environment variables should be available
- The format of the environment variable names should be customisable around the service name. e.g.
${<ENV_PREFIX>_[SERVICENAME]_<ENV_SUFFIX>}
where[SERVICENAME]
is the name given to the service and the prefix/sufix are added either from config in Aspire or from command line arguments in Aspirate.
For example...
version: "3.8"
services:
aspire-dashboard:
container_name: "aspire-dashboard"
image: "mcr.microsoft.com/dotnet/nightly/aspire-dashboard:8.0.0-preview.5"
environment:
DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS: "true"
ports:
- target: 18888
published: 18888
- target: 18889
published: 4317
restart: unless-stopped
amqp-transport:
container_name: "amqp-transport"
image: "rabbitmq:3-management"
environment:
RABBITMQ_DEFAULT_USER: "guest"
RABBITMQ_DEFAULT_PASS: ${SERVICE_PASSWORD_AMQP-TRANSPORT}
OTEL_EXPORTER_OTLP_ENDPOINT: "http://aspire-dashboard:4317"
volumes:
- "test-apphost-amqp-transport-data:/var/lib/rabbitmq"
ports:
- target: 5672
published: 5672
- target: 15672
published: 15672
restart: unless-stopped
volumes:
test-apphost-amqp-transport-data: {}
π§ Blocked by
- Nothing as far as I can tell
Probably worth looking at how Coolify handles environment variables to auto-generate things too: https://coolify.io/docs/knowledge-base/add-a-service