mrmarble/opsd
One Password secret driver for docker swarm
22
This project provides a Docker plugin to use OnePassword as a secrets provider. It allows Docker containers to securely access secrets stored in OnePassword. The plugin uses the OnePassword Connect API to retrieve secrets and provide them to Docker containers.
The plugin can be configured using the following environment variables:
OP_CONNECT_HOST
: The OnePassword Connect (hostdefault: http://localhost:8080
)OP_CONNECT_TOKEN
: The OnePassword Connect tokenOP_VAULT_NAME
: The OnePassword vault used for secrets (default: docker
)Set up the OnePassword Connect and Sync services using Docker Compose, follow the instructions in the OnePassword Connect documentation.
docker-compose up -d # There is a docker-compose.yml file in the root of this repository
Install the plugin
docker plugin install mrmarble/opsd:latest OP_CONNECT_HOST=<one password connect api host> OP_CONNECT_TOKEN=<your_token> OP_VAULT_NAME=<vault where secrets are stored>
Create a secret in OnePassword
op item create --category=password --title=my-app-secrets --vault=docker 'MY_SECRET[password]=supersecretpassword'
Create a Docker secret using the plugin
docker secret create --driver mrmarble/opsd:latest -l item=my-app-secrets MY_SECRET
Use the secret in a service
docker service create --secret MY_SECRET --name my-app my-app-image
This project is licensed under the MIT License. See the LICENSE file for details.
docker plugin install mrmarble/opsd