我正在尝试为docker机密中通常声明的MySQL容器和spring boot应用程序的数据库密码设置环境变量。
echo "db_secured_password" | docker secret create secret -
这是配置文件:
spring boot应用程序的-> application.yml
db:
name: my-db
host: localhost
port: 3306
username: root
password: /run/secrets/db-root-password
spring:
application:
name: core-backend
datasource:
url: jdbc:mysql://${db.host}:${db.port}/${db.name}
username: ${db.username}
password: ${db.password}
用于docker swarm模式下的docker堆栈-> docker-compose.yml
version: '3.1'
services:
mysql-db:
container_name: mysql-db
image: mysql:8.0.12
deploy:
restart_policy:
condition: on-failure
volumes:
- ./data/mysql:/var/lib/mysql
- ./conf/mysql/my.cnf:/etc/mysql/conf.d/my.cnf
environment:
- MYSQL_ROOT_PASSWORD=/run/secrets/db-root-password
- MYSQL_DATABASE=my_db
ports:
- "3306:3306"
secrets:
- db-root-password
spring-boot-app:
container_name: spring-boot-app
image: spring-boot-app:local
environment:
- DB_PASSWORD=/run/secrets/db-root-password
# Also tried adding with the file as property name
# - DB_PASSWORD_FILE=/run/secrets/db-root-password
ports:
- "8080:8080"
environment:
HOST_NAME: localhost
secrets:
- db-root-password
depends_on:
- mysql-db
secrets:
db-root-password:
external: true
我使用以下命令运行docker堆栈:
docker stack deploy --with-auth-registry -c docker-compose.yml test-stack
我无法确切获得
db-root-password属性的值 在春季启动应用程序。当我检查db-root-password的值时 的值为/run/secrets/db-root-password。
是否缺少某些内容? 如果要以其他方式覆盖环境变量的值?
答案 0 :(得分:2)
我们通过使用“ printf”而不是“ echo”解决了相同的问题,echo的问题是它将在docker secret中留下换行符。您可以参考docker secret create => https://docs.docker.com/engine/reference/commandline/secret_create/
中的示例我还有一个示例,可以将docker机密直接加载到spring属性中,例如“ spring.datasource.password” => https://github.com/kwonghung-YIP/spring-boot-docker-secret
答案 1 :(得分:0)
我认为您需要从机密文件中装入密码,请在https://docs.docker.com/engine/swarm/secrets/#build-support-for-docker-secrets-into-your-images此处查看示例“在撰写中使用机密”