Let’s imagine that we have docker stack which is configured by .yml file with 3 services - a,b and c. Also, there are a bunch of secrets that these services use. Two for the database, Azure service and some unique for each service. So, our .yml file looks like:
version: '3.4' services: a: image: a-image [...] secrets: -db.pwd -db.user -azure.secret_key -azure.public_key -a.secret_key1 -a.secret_key2 b: image: b-image [...] secrets: -db.pwd -db.user -b.secret_key1 -b.secret_key2 c: image: c-image [...] secrets: -db.pwd -db.user -azure.secret_key -azure.public_key -c.secret_key1 -c.secret_key2 secrets: db.pwd: external: true db.user: external: true azure.secret_key: external: true azure.public_key: external: true a.secret_key1: external: true a.secret_key2: external: true b.secret_key1: external: true b.secret_key2: external: true c.secret_key1: external: true c.secret_key2: external: true
As you can see some secrets are repeated in each service. docker-compose file has such thing as “Extension fields” - https://docs.docker.com/compose/compose-file/#extension-fields Is there any way how I can use this extension fields to avoid repeating of secrets? Something like this:
version: '3.4' x-common-db-secrets: &db-secrets - db.user - db.pwd x-common-azure-secrets: &azure-secrets - azure.public_key - azure.secret_key services: a: image: a-image [...] secrets: <<: *db-secrets <<: *azure-secrets - a.secret_key1 - a.secret_key2 b: image: b-image [...] secrets: <<: *db-secrets - b.secret_key1 - b.secret_key2 c: image: c-image [...] secrets: <<: *db-secrets <<: *azure-secrets - c.secret_key1 - c.secret_key2 secrets: [...]
I am using this extension fields for such way of sharing environment variables. But the structure required for parsing extension fields is map. And “secrets” section requires list. Have anyone ideas how to deal with it right?Please note that in future there can be added new secrets that will be used in old and new services for example, so the solution has to be flexible. I will be really appreciated to find an answer. Am searching an answer for any compose version 3.4+.