Documentation Index
Fetch the complete documentation index at: https://infisical.com/docs/llms.txt
Use this file to discover all available pages before exploring further.
The Infisical CLI can be added to Dockerfiles to fetch secrets from Infisical and make them available as environment variables within containers at runtime.
Prerequisites:
Dockerfile Modification
Follow the instructions for your specific Linux distribution to add the Infisical CLI to your Dockerfile.RUN apk add --no-cache bash sudo wget && wget -qO- \
'https://artifacts-cli.infisical.com/setup.apk.sh' | sh \
&& apk add infisical
RUN curl -1sLf \
'https://artifacts-cli.infisical.com/setup.rpm.sh' | sh \
&& yum install -y infisical
RUN apt-get update && apt-get install -y bash curl && curl -1sLf \
'https://artifacts-cli.infisical.com/setup.deb.sh' | bash \
&& apt-get update && apt-get install -y infisical
CMD ["infisical", "run", "--", "[your service start command]"]
Launch
Spin up your container with the docker run command and feed in your Infisical Token.docker run --env INFISICAL_TOKEN=<your_infisical_token> <DOCKER-IMAGE>
Example Dockerfile
# Select your base image (based on your Linux distribution, e.g., Alpine, Debian, Ubuntu, etc.)
FROM alpine
# Add the Infisical CLI to your Dockerfile (choose the appropriate block based on your base image)
RUN apk add --no-cache bash sudo wget && wget -qO- \
'https://artifacts-cli.infisical.com/setup.apk.sh' | sh \
&& apk add infisical
# Install any additional dependencies or packages your service requires
# RUN <additional commands for your service>
# Copy your service files to the container
COPY . /app
# Set the working directory
WORKDIR /app
# Modify the start command of your Dockerfile
CMD ["infisical", "run", "--", "npm run start"]
Dockerfile Modifications
Follow the instructions for your specific Linux distributions to add the Infisical CLI to your Dockerfiles.RUN apk add --no-cache bash sudo wget && wget -qO- \
'https://artifacts-cli.infisical.com/setup.apk.sh' | sh \
&& apk add infisical
RUN curl -1sLf \
'https://artifacts-cli.infisical.com/setup.rpm.sh' | sh \
&& yum install -y infisical
RUN apt-get update && apt-get install -y bash curl && curl -1sLf \
'https://artifacts-cli.infisical.com/setup.deb.sh' | bash \
&& apt-get update && apt-get install -y infisical
CMD ["infisical", "run", "--", "[your service start command]"]
Example Dockerfile
# Select your base image (based on your Linux distribution, e.g., Alpine, Debian, Ubuntu, etc.)
FROM alpine
# Add the Infisical CLI to your Dockerfile (choose the appropriate block based on your base image)
RUN apk add --no-cache bash sudo wget && wget -qO- \
'https://artifacts-cli.infisical.com/setup.apk.sh' | sh \
&& apk add infisical
# Install any additional dependencies or packages your service requires
# RUN <additional commands for your service>
# Copy your service files to the container
COPY . /app
# Set the working directory
WORKDIR /app
# Modify the start command of your Dockerfile
CMD ["infisical", "run", "--", "[your service start command]"]
Docker Compose File Modification
For each service you want to inject secrets into, set an environment variable called INFISICAL_TOKEN equal to a unique identifier variable. For example:services:
api:
build: .
image: example-service-2
environment:
- INFISICAL_TOKEN=${INFISICAL_TOKEN_FOR_API}
...
Export shell variables
Next, set the shell variables you defined in your compose file. Continuing from the previous example:export INFISICAL_TOKEN_FOR_API=<your_infisical_token>
Launch
Spin up your containers with the docker-compose up command.Your containers should now be running with the secrets from Infisical available inside as environment variables.
