如何在.js入口点initdb文件中使用Docker机密?
我已经为管理员用户设置了机密,如下所示:
mongo:
/*...*/
secrets:
- MONGO_ROOT_USERNAME_SECRET
- MONGO_ROOT_PASSWORD_SECRET
environment:
MONGO_INITDB_ROOT_USERNAME_FILE: /var/run/secrets/MONGO_ROOT_USERNAME_SECRET
MONGO_INITDB_ROOT_PASSWORD_FILE: /var/run/secrets/MONGO_ROOT_PASSWORD_SECRET
MONGO_INITDB_DATABASE: myDb
volumes:
- ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
secrets:
MONGO_ROOT_USERNAME_SECRET:
file: secrets/mongo_root_username.txt
MONGO_ROOT_PASSWORD_SECRET:
file: secrets/mongo_root_password.txt
我是否可以同样地设置secrets/mongo_db_username.txt和密码,将其保密,然后以某种方式在我的mongo_init.js中使用它,
db.createUser(
{
user: "devUser", <---- want to use the secret here
pwd: "devPw", <---- want to use the secret here
roles: [
{
role: "readWrite",
db: "myDb"
}
]
}
)
编辑:
我找到了一种使用方法
let username = cat('/var/run/secrets/MONGO_DB_USERNAME_SECRET');
let password = cat('/var/run/secrets/MONGO_DB_PASSWORD_SECRET');
在我的初始JS文件中。但是,有没有更清洁的方法?