Python flask application access to docker secrets in a swarm

0 votes

I'm new to Docker and want to deploy a flask+gunicorn project. So far, I've got the following Dockerfile.

# Get official base image
FROM python:3.7-slim-buster

# Setting my working directory
RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app

# Setting my environment variables
ENV REDIS_HOST [...omit here...]
ENV REDIS_PORT [...omit here...]
ENV REDIS_DB_WHITELIST [...omit here...]
ENV MYSQL_HOST [...omit here...]
ENV MYSQL_PORT [...omit here...]
ENV MYSQL_DB_DUMMY [...omit here...]

# Copy project for later
COPY . /usr/src/app/

# Install dependencies
RUN pip install --upgrade pip
RUN pip install -r requirements.txt
RUN pip install gunicorn

EXPOSE 5000

RUN chmod +x ./entrypoint.sh
ENTRYPOINT ["sh", "entrypoint.sh"]

My docker-compose.yml has the following:

version: "3.9"

secrets:
  FLASK_SECRET_KEY:
    external: true
  MYSQL_USER:
    external: true
  MYSQL_PASSWORD:
    external: true

services:
  web:
    image: flask-app:v0.1.0
    environment:
      FLASK_SECRET_KEY_FILE: /run/secrets/FLASK_SECRET_KEY
      MYSQL_USER_FILE: /run/secrets/MYSQL_USER
      MYSQL_PASSWORD_FILE: /run/secrets/MYSQL_PASSWORD
    ports:
      - "5000:5000"
    secrets:
      - FLASK_SECRET_KEY
      - MYSQL_USER
      - MYSQL_PASSWORD

After doing some research, it appears that using the docker stack deploy —compose-file=docker-compose.yml flask-app command is the only way to get docker secrets. Obviously, I have three sensitive data to store in Docker secrets: FLASK SECRET KEY, MYSQL USER, and MYSQL PASSWORD. It turns out that the programme is failing to execute, and I'm guessing that mysql user = os.environ['MYSQL USER'] etc. in the python script is failing to access the environment variable.

I'm not sure how to get sensitive info from Docker secrets via Dockerfile or docker-compose.yml, and I'd appreciate it if someone could correct me if I'm incorrect.

Apr 20, 2022 in Docker by pranav
• 2,590 points
1,205 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.

Related Questions In Docker

0 votes
1 answer
0 votes
0 answers

How to invoke a Docker secret key in c# console application? I want a sample code for it.

Actually I want hide a salt key ...READ MORE

Mar 20, 2020 in Docker by anonymous
• 120 points
1,140 views
0 votes
1 answer

How to create a Docker swarm in Linux system?

Hi@akhtar, You need to initialize one node with ...READ MORE

answered Dec 24, 2020 in Docker by MD
• 95,460 points
626 views
0 votes
1 answer

How to create a service in Docker swarm?

Hi@akhtar, To create a service in Docker swarm, ...READ MORE

answered Dec 24, 2020 in Docker by MD
• 95,460 points
577 views
+4 votes
4 answers

How To Access a Service on Host From a Docker Container?

Adding to kalgi's answer, You can also ...READ MORE

answered Oct 16, 2018 in Docker by lina
• 8,220 points

edited Oct 16, 2018 by lina 34,134 views
+2 votes
1 answer
+2 votes
1 answer

Deploy Docker Containers from Docker Cloud

To solve this problem, I followed advice ...READ MORE

answered Sep 3, 2018 in AWS by Priyaj
• 58,020 points
2,714 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP