Docker secrets security

saltedcarpaccio · January 5, 2021, 12:47am

Yes, it sounds like HashiCorp vault is more in line with what I am looking for. Though when people talk about using secrets for python they suggest hardcoding the secret path into the application.

I basically did what this website said with my docker-compose file.

Reading about secrets here, one of the users suggests after running the docker compose with the secrets
to " Now your app can access the secret file at /run/secrets/secrets_yaml . You can either hardcode this path in your application or create a symbolic link."
This is the part I’m having trouble with. If you hardcode the path into the application then someone else can just go access it later, since the secrets are readonly files within an image?

Topic		Replies	Views
Best Practise : Storing Private Key in Image for encrypting user data and save them to DB when running (--SECRET , ENV , ARG ) General docker , build , swarm	1	2354	December 18, 2022
How are secrets encrypted on disk, in Docker Swarm? Swarm swarm	1	1280	November 18, 2022
How do you troubleshoot secrets? General	3	663	February 16, 2024
Secrets in docker swarm General	1	703	September 19, 2017
Secrets in clear-text on Swarm Host Swarm	3	1845	March 10, 2019

Docker secrets security

Related topics