secure-environment

command module
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 20, 2017 License: Apache-2.0 Imports: 13 Imported by: 0

README

secure-environment - A loader for secure environments

Forked from virtru/secure-environment.

Introduction

This tool is intended to be used on the start up of a Docker container to securely fetch and decrypt environment variables stored in S3 and encrypted with a KMS key. The included secure-entrypoint.sh script can be used along with the secure-environment binary.

How it works

The docker-entrypoint.sh script acts as an entrypoint for the Docker container. The script then calls the secure-environment binary to write a sourceable shell script to stdout that contains exported environment variables.

Setting up the Docker container

To use this with Convox, you need to set the label convox.environment.secure=true to true on the services you intend to secure.

On your Docker container the secure-entrypoint.sh in the scripts folder of this repository and the latest Linux binary of the secure-environment executable should be copied into your Docker image at the following locations:

secure-environment -> /usr/sbin/secure-environment
secure-entrypoint -> /usr/sbin/secure-entrypoint.sh

Finally, you need to set the ENTRYPOINT on your Dockerfile to this:

ENTRYPOINT ["/usr/sbin/secure-entrypoint.sh"]

See https://github.com/convox-examples/secure-env-example for example usage.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.