upstream/terraform-provider-docker
1
0
Fork 0
mirror of https://github.com/kreuzwerker/terraform-provider-docker.git synced 2025-12-22 07:39:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
terraform-provider-docker/docs/resources/secret.md
Manuel Vogel 6c796e15a5
feat/doc generation (#193) 
* chore: add tfplugindocs tool

* feat: add tfplugin doc dependency and make target

* chore: apply documentation generation

* docs(contributing): update for documentation generation

* fix: adapt website-lint target to new do folder

* docs(network): update ds descriptions

* docs: add template for index.md

* docs: add network resource generation

* chore(ci): updates paths for website checks

* docs: add plugin data source generation

* docs: add import cmd for network resource

* docs: add plugin resource generation

* feat: outlines remaining resources with example and import cmd

* feat: add descriptions to docs

* chore: add DevSkim ignores and fix capitalized errors

* docs: complete ds registry image

* docs: add container resource generation

* docs: add lables description to missing resources

* docs: remove computed:true from network data

so the list is rendered in the description

* Revert "docs: remove computed:true from network data"

This reverts commit dce9b7a5a2.

* docs: add docker image descriptions to generate the docs

* docs: add docker registry image descriptions to generate the docs

* docs: add docker service descriptions to generate the docs

* docs: add docker volume descriptions to generate the docs

* docs(index): clarifies description

so more docker resources are mentioned

* docs(network): fixes required and read-only attributes

so the ds can only be read by-name

* docs(plugin): clarifies the ds docs attributes

* docs: fix typo registry image ds

* docs(config): clarifies attributes and enhances examples

Provide a long example and import command

* fix(config): make data non-sensitive

Because only secrets data is

* docs(containter): clarifies attributes

and enhances examples with import

* docs(config): fix typo

* docs(image): clarifies attributes and remove import

* docs(network): clarifies attributes and adapts import

* docs(plugin): clarifies attributes and import

* docs(registry_image): clarifies attributes and removes import

* chore(secret): remove typo

* docs(service): clarifies attributes and import

* docs(volume): clarifies attributes and import

* fix: correct md linter rules after doc gen

* docs(volume): regenerated

* docs: add config custom template

* docs: add templates for all resources

* docs(config): templates all sections and examples

for better redability and structure

* docs(config): fix md linter

* docs(container): templates all sections and examples

* docs(image): templates all sections and examples

* docs(image): fix import resource by renaming

* docs(network): templates all sections and examples

* docs(service): templates all sections and examples

* docs(volume): templates all sections and examples

* fix(lint): replace website with doc directory

* fix(ci): link check file extension check

* fix: markdown links

* chore: remove old website folder

* chore: fix website-lint terrafmr dir and pattern

* fix: lint fix target website folder

* fix: website links

* docs(provider): update examples

with templates on auth and certs

* docs(provider): add tf-plugin-docs line

* docs(contributing): split doc generation section

* docs: final brush up for readability and structure

* chore(ci): add website-generation job

to see if files changed and it should run locally again

* chore(ci): remove explicit docker setup

from website lint because it's installed by default
2021-05-21 21:30:56 +09:00

2.2 KiB
Raw Blame History

page_title subcategory description
docker_secret Resource - terraform-provider-docker Manages the secrets of a Docker service in a swarm.

docker_secret (Resource)

Manages the secrets of a Docker service in a swarm.

Example Usage

Basic

resource "docker_secret" "foo" {
  name = "foo"
  data = base64encode("{\"foo\": \"s3cr3t\"}")
}

Update secret with no downtime

To update a secret, Terraform will destroy the existing resource and create a replacement. To effectively use a docker_secret resource with a docker_service resource, it's recommended to specify create_before_destroy in a lifecycle block. Provide a unique name attribute, for example with one of the interpolation functions uuid or timestamp as shown in the example below. The reason is moby-35803.

resource "docker_secret" "service_secret" {
  name = "${var.service_name}-secret-${replace(timestamp(), ":", ".")}"
  data = base64encode(
    templatefile("${path.cwd}/foo.secret.json.tpl",
      {
        secret = "s3cr3t"
      }
    )
  )

  lifecycle {
    ignore_changes        = ["name"]
    create_before_destroy = true
  }
}

resource "docker_service" "service" {
  # ...
  secrets = [
    {
      secret_id   = docker_secret.service_secret.id
      secret_name = docker_secret.service_secret.name
      file_name   = "/root/configs/configs.json"
    },
  ]
}

Schema

Required

  • data (String, Sensitive) Base64-url-safe-encoded secret data
  • name (String) User-defined name of the secret

Optional

  • id (String) The ID of this resource.
  • labels (Block Set) User-defined key/value metadata (see below for nested schema)

Nested Schema for labels

Required:

  • label (String) Name of the label
  • value (String) Value of the label

Import

Import is supported using the following syntax:

#!/bin/bash

# Docker secret cannot be imported as the secret data, once set, is never exposed again.