- Docker
- Docker Compose
Docker
Docker Compose
How to use Infisical to inject environment variables into services defined in your Docker Compose file.
Prerequisites:
- Set up and add envars to Infisical Cloud
Configure the Infisical CLI for each service
Follow this guide to configure the Infisical CLI for each service that you wish to inject environment variables into; you’ll have to update the Dockerfile of each service.
Generate Infisical Tokens
Generate a unique Infisical Token for each service.
Add Infisical Tokens to your Docker Compose file
For each service you want to inject secrets into, set an environment variable called INFISICAL_TOKEN
equal to a unique identifier variable.
In the example below, we set INFISICAL_TOKEN_FOR_WEB
and INFISICAL_TOKEN_FOR_API
as the INFISICAL_TOKEN
for the services.
# Example Docker Compose file
services:
web:
build: .
image: example-service-1
environment:
- INFISICAL_TOKEN=${INFISICAL_TOKEN_FOR_WEB}
api:
build: .
image: example-service-2
environment:
- INFISICAL_TOKEN=${INFISICAL_TOKEN_FOR_API}
Export shell variables
Next, set the shell variables you defined in your compose file. This can be done manually or via your CI/CD environment. Once done, it will be used to populate the corresponding INFISICAL_TOKEN
in your Docker Compose file.
#Example
# Token refers to the token we generated in step 2 for this service
export INFISICAL_TOKEN_FOR_WEB=<token>
# Token refers to the token we generated in step 2 for this service
export INFISICAL_TOKEN_FOR_API=<token>
# Then run your compose file in the same terminal.
docker-compose ...