upstream/terraform-provider-docker
1
0
Fork 0
mirror of https://github.com/kreuzwerker/terraform-provider-docker.git synced 2025-12-24 00:29:46 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
terraform-provider-docker/website/docs/r/secret.html.markdown
Manuel Vogel dc824c1030
Feat/swarm 4 new resources (#40) 
Adds docker swarm features to the provider for the Docker Engine 17.09.1 and API Version 1.32. 

The spec is close to the API. By default, the swarm services are fire and forget. A converging config implements the features of the docker cli to ensure a service and all its replicas are up and running. Furthermore, service can have configs, secrets, networks, mounts and be added to a network.
2018-05-16 18:00:04 +02:00

1.7 KiB
Raw Blame History

layout page_title sidebar_current description
docker Docker: docker_secret docs-docker-resource-secret Manages the secrets of a Docker service in a swarm.

docker_secret

Manages the secrets of a Docker service in a swarm.

Example Usage

Basic

# Creates a secret
resource "docker_secret" "foo_secret" {
  name = "foo_secret"
  data = "ewogICJzZXJsaasIfQo="
}

Update secret with no downtime

To update a secret, Terraform will destroy the existing resource and create a replacement. To effectively use a docker_secret resource with a docker_service resource, it's recommended to specify create_before_destroy in a lifecycle block. Provide a unique name attribute, for example with one of the interpolation functions uuid or timestamp as shown in the example below. The reason is moby-35803.

resource "docker_secret" "service_secret" {
  name = "${var.service_name}-secret-${replace(timestamp(),":", ".")}"
  data = "${base64encode(data.template_file.service_secret_tpl.rendered)}"

  lifecycle {
    ignore_changes = ["name"]
    create_before_destroy = true
  }
}
resource "docker_service" "service" {
   # ...
   secrets = [
    {
      secret_id   = "${docker_secret.service_secret.id}"
      secret_name = "${docker_secret.service_secret.name}"
      file_name   = "/root/configs/configs.json"
    },
  ]
}

Argument Reference

The following arguments are supported:

  • name - (Required, string) The name of the Docker secret.
  • data - (Required, string) The base64 encoded data of the secret.

Attributes Reference

The following attributes are exported in addition to the above configuration:

  • id (string)