README
docker-secret
Utility for retrieving docker secrets.
Usage
Given that you have created secrets for your docker swarm
printf "myUsername" | docker secret create USERNAME -
printf "mySuperSecret" | docker secret create PASSWORD -
You can retrieve secrets via the following methods:
secrets
Loads secrets defined in the /run/secrets
directory. To load from a different directory, refer to getSecrets(dir)
.
import { secrets } from "docker-secret";
// Use secrets in your app.
mongoose.connect(`mongodb://${secrets.USERNAME}:${secrets.PASSWORD}@mongodb/mydb`);
getSecrets(dir)
You can read secrets from a directory you define. This is useful for loading secrets from a different directory during development.
import { join } from "path";
import { getSecrets } from "docker-secret";
// Without typings
const secrets = getSecrets(process.env.SECRET_DIR);
secrets.USERNAME // no error
secrets.PASSWORD // no error
secrets.RANDOM // no error
// With typings
type Credentials = {
USERNAME: string;
PASSWORD: string;
};
const secrets = getSecrets<Credentials>(process.env.SECRET_DIR);
secrets.USERNAME // no error
secrets.PASSWORD // no error
secrets.RANDOM // error
// You can also call the function without any argument to load secrets from `/run/secrets` by default.
const secrets = getSecrets<Credentials>();
getSecret(key)
You can also use a utility function getSecret(key)
if you wish:
// imported `getSecret` also loads secrets from the `/run/secrets`.
import { getSecret } from "docker-secret"
const username = getSecret("USERNAME");
const password = getSecret("PASSWORD");
You can define your own getSecret
function like the following:
import { join } from "path";
import { getSecretFactory } from "docker-secret";
const secrets = getSecrets(join(__dirname, "secrets"));
const getSecret = getSecretFactory(secrets);
const username = getSecret("USERNAME");
const password = getSecret("PASSWORD");