Docker
Docker
The Infisical CLI can be added to Dockerfiles to fetch secrets from Infisical and make them available as environment variables within containers at runtime.
Prerequisites:
- Have a project with secrets ready in Infisical Cloud.
- Create an Infisical Token scoped to an environment in your project in Infisical.
Dockerfile Modification
Follow the instructions for your specific Linux distribution to add the Infisical CLI to your Dockerfile.
RUN apk add --no-cache bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash \
&& apk add infisical
Next, modify the start command of your Dockerfile:
CMD ["infisical", "run", "--", "[your service start command]"]
Launch
Spin up your container with the docker run command and feed in your Infisical Token.
docker run --env INFISICAL_TOKEN=<your_infisical_token> <DOCKER-IMAGE>
Your containerized application should now be up and running with secrets from Infisical exposed as environment variables within your application’s process.
Example Dockerfile
# Select your base image (based on your Linux distribution, e.g., Alpine, Debian, Ubuntu, etc.)
FROM alpine
# Add the Infisical CLI to your Dockerfile (choose the appropriate block based on your base image)
RUN apk add --no-cache bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash \
&& apk add infisical
# Install any additional dependencies or packages your service requires
# RUN <additional commands for your service>
# Copy your service files to the container
COPY . /app
# Set the working directory
WORKDIR /app
# Modify the start command of your Dockerfile
CMD ["infisical", "run", "--", "npm run start"]
See also:
Was this page helpful?