Fly Secrets and Docker Compose workflow

user55 · December 1, 2021, 9:29am

Hello friends.

I’ve got an issue concerning fly secrets and setting up a workflow with docker-compose

I’ve got my app suite set up in docker compose the way I expect it to work on fly.io.

However, I’ve my app is set up to consume a secret provided by fly in the $WHATEVER format. But it seems that docker compose ignores all ENV vars that begin with that character. I can’t seem to get docker compose to pass in my nice secure $DATABASE_URL. All other ENV vars work just as fine, as demonstrated below.

DOCKER_COMPOSE:

  user_service:
    environment:
      PORT: 3001
      POSTGRES_PORT: 5432
      NODE_ENV: production
      CLIENT_URL: http://0.0.0.0:3002
      EMAIL_FROM: games@kenny.wtf
      $DATABASE_URL: "postgresql://postgres:postgres@postgres:5432/postgres?schema=public"

DOCKERFILE:

ENTRYPOINT echo "hello world" && echo "$EMAIL_FROM" && pnpm prisma migrate deploy && node dist/index.js

OUTPUT:

user_service_1  | hello world
user_service_1  | games@kenny.wtf

kurt · December 1, 2021, 10:13pm

If I understand the question right, you have DATABASE_URL set as a system environment variable, and you want the Docker Compose service to use the system environment variable? If that’s what you’re after, try this:

user_service:
    environment:
      PORT: 3001
      POSTGRES_PORT: 5432
      NODE_ENV: production
      CLIENT_URL: http://0.0.0.0:3002
      EMAIL_FROM: games@kenny.wtf
      DATABASE_URL: "$DATABASE_URL"

user55 · December 5, 2021, 1:52pm

Not quite. I want to replicate the behavior of my image as it would be in the fly environment, which has secret env vars, like $DATABASE_URL. I’d like to pass to docker $DATABASE_URL from docker-compose.yml

However, docker-compose is not able to pass env vars with such a initial character.

Is it possible to change the secret ENV in fly so that it doesn’t use such an initial character… something like SECRET_DATABASE_URL, perhaps?

charsleysa · December 5, 2021, 11:01pm

Hi @user55

Environment variables shouldn’t have $ prepended to them when declaring them, only when using them in bash or files that support environment variable interpolation.

AFAIK, fly doesn’t declare any environment variables anywhere that start with $, only locations where an environment is used does it have $.

e.g.

export MY_ENV_VAR="hello world"
echo $MY_ENV_VAR

Is it possible you’ve misread an example?

user55 · December 8, 2021, 10:17am

@charsleysa the docs state that fly secrets will have this $ appended:

But I think the docs just confused me. Changing the app to read the env var without the $ worked in the end

kurt · December 9, 2021, 2:03am

Oh yes, that’s not clear at all. You reference environment variables with a $ character. You set them without. So something like this works in bash:

export DATABASE_URL="postgres://etc"
echo $DATABASE_URL

Topic		Replies	Views
I'm having a hard time passing env variables to Dockerfile when using GitHub actions	3	1271	October 18, 2021
Environment variables set by flyctl secrets Questions / Help	32	3902	May 8, 2023
Secrets with non-standard names Questions / Help	2	245	March 22, 2023
accessing a fly secret (DATABASE_URL) from Github actions Questions / Help postgres	2	616	February 10, 2023
Build secret in Dockerfile not found Build debugging	11	567	October 9, 2023

Fly Secrets and Docker Compose workflow

Related Topics