[Feature] Add Docker Secrets support #275
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Implementation of Docker Secrets for
BORG
Environment VariablesRelated to Ticket #47 and PR #246, a possible implementation of Docker Secrets is provided here. This implementation has been rigorously tested and documented. A key feature is that the use of standard environment variables within Docker commands or
docker-compose.yml
files is preserved. This ensures that those who do not wish to use Docker Secrets can continue to operate as before.Functionality
The function iterates through all environment variables that begin with
BORG
, such asBORG_PASSPHRASE
. It then looks for variables that end with_FILE
. The contents of such a_FILE
variable are written to a new variable, the name of which excludes the_FILE
suffix.Note
This implementation prioritizes Secrets over regularly set variables.
Debugging
@grantbevis for testing purposes, debugging capabilities have been added. To enable debugging, set the environment variable
DEBUG_SECRETS=true
.Permissions
The script also works when the Docker-required
chmod 600
permissions are set on the secret files.Testing
Test 1
Environment:
Result:
Test 2
Environment:
Result:
Test 3
Environment:
Result:
Test 4
Environment:
Result:
Test 5
Environment:
Result: