Configuring applications to consume secrets

In previous chapters, we have used an entrypoint script to add support for features such as injecting secrets at container startup, however an equally valid (and actually better and more secure) approach is to configure your application to natively support your secrets management strategy.

In the case of Docker secrets, this is very straightforward, given that the secrets are mounted at a well-known location (/run/secrets) in the local filesystem of the container. The following demonstrates modifying the src/todobackend/settings_release.py file in the todobackend repository to support Docker secrets, which, as you should recall, are the settings we pass to our app service, as specified by the environment ...

Get Docker on Amazon Web Services now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.