Merge pull request #211 from abbiewade/feature-docker-secret-integration

Add integration for docker secrets

.docker/docker-compose.yml

@@ -1,4 +1,9 @@
-version: '3'
+version: "3"
+
+secrets:
+  password:
+    file: ./secrets/password
+
 services:
   flame:
     image: pawelmalak/flame
@@ -7,6 +12,8 @@ services:
       - /path/to/data:/app/data
     ports:
       - 5005:5005
+    secrets:
+      - password
     environment:
-      - PASSWORD=flame_password
+      - PASSWORD_FILE=/run/secrets/password
     restart: unless-stopped

.docker/secrets/password

@@ -0,0 +1 @@
+flame_docker_secret_password

README.md

@@ -70,6 +70,10 @@ services:
     restart: unless-stopped
 ```
 
+##### Docker Secrets
+
+All environment variables set can be overwritten by appending `_FILE` to the variable value.For example, you can use `PASSWORD_FILE` to pass through a docker secret instead of `PASSWORD`. If both `PASSWORD` and `PASSWORD_FILE` are set, the docker secret will take precedent. An example using docker secrets is available in [here](.docker/docker-compose.yml).
+
 #### Skaffold
 
 ```sh

utils/init/index.js

@@ -1,7 +1,9 @@
 const initConfig = require('./initConfig');
 const initFiles = require('./initFiles');
+const initSecrets = require('./initSecrets');
 
 const initApp = async () => {
+  initSecrets();
   await initFiles();
   await initConfig();
 };

utils/init/initSecrets.js

@@ -0,0 +1,15 @@
+const { getSecrets } = require('docker-secret');
+const Logger = require('../Logger');
+const logger = new Logger();
+
+const initSecrets = () => {
+  const secrets = getSecrets();
+
+  for (const property in secrets) {
+    const upperProperty = property.toUpperCase();
+    process.env[upperProperty] = secrets[property];
+    logger.log(`${upperProperty} was overwritten with docker secret value`, 'WARN');
+  }
+};
+
+module.exports = initSecrets;