And when I look at the mounted secrets in running container the permission looks like below:
ls -l /run/secrets/
-rw-r--r-- 1 1000 1000 1931 Jan 7 11:52 rabbitmq_cert.pem
-rw------- 1 1000 1000 5174 Jan 7 19:19 rabbitmq_private_cert_key.pem
-rw-r--r-- 1 1000 1000 1960 Jan 6 18:43 rabbitmq_root_ca.pem
For secret- rabbitmq_private_cert_key.pem only root user has read access. I’m not able understand why docker is giving different permission to a specific secret? Mode value does not seems to have any impact on mounted secret file.
My docker version is: 20.10.1
I’ll appreciate any help.
The long syntax is not supported during docker-compose deployments. You should have received a warning per secret… With docker-compose the mode of each file on the host will be retained. The long syntax works as expected with docker swarm (=docker stack deploy) deployments.