Secrets in Docker: How to Manage Keys - podcast episode cover

Secrets in Docker: How to Manage Keys

Programming Tech Brief By HackerNoon
Jun 08, 20268 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

This story was originally published on HackerNoon at: https://hackernoon.com/secrets-in-docker-how-to-manage-keys.
This article walks through the places a secret leaks in a normal Docker workflow, how to check for each one, and the two patterns that actually keep keys out
Check more stories related to programming at: https://hackernoon.com/c/programming. You can also check exclusive content about #docker, #docker-image, #docker-containers, #docker-security, #docker-compose, #secret-leaks, #how-to-manage-keys, #hackernoon-top-story, and more.

This story was written by: @tnawaz. Learn more about this writer by checking @tnawaz's about page, and for more stories, please visit hackernoon.com.

This article walks through the places a secret leaks in a normal Docker workflow, how to check for each one, and the two patterns that actually keep keys out: BuildKit secret mounts for build time, and runtime injection for everything else. The examples use the local agent stack from my earlier Compose article, because it is a realistic case.

For the best experience, listen in Metacast app for iOS or Android