This story was originally published on HackerNoon at:
https://hackernoon.com/secrets-in-docker-how-to-manage-keys.
This article walks through the places a secret leaks in a normal Docker workflow, how to check for each one, and the two patterns that actually keep keys out
Check more stories related to programming at:
https://hackernoon.com/c/programming.
You can also check exclusive content about
#docker,
#docker-image,
#docker-containers,
#docker-security,
#docker-compose,
#secret-leaks,
#how-to-manage-keys,
#hackernoon-top-story, and more.
This story was written by:
@tnawaz. Learn more about this writer by checking
@tnawaz's about page,
and for more stories, please visit
hackernoon.com.
This article walks through the places a secret leaks in a normal Docker workflow, how to check for each one, and the two patterns that actually keep keys out: BuildKit secret mounts for build time, and runtime injection for everything else. The examples use the local agent stack from my earlier Compose article, because it is a realistic case.