Watchtower: Does watchtower support setting password from docker secrets file?

Created on 4 May 2020  ·  10Comments  ·  Source: containrrr/watchtower

Due to some of my other containers now requiring sensitive data be passed through docker secret variables, I was wondering if watchtower supported use of docker secrets -- specifically:

Is there an equivalent of
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=

with something similar to
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD_FILE=/run/secret/watchtower_notification_email_server_password_secret

From my testing, it doesn't seem like my notation with the docker secrets file specified works as I get an error message from the container that username/password not accepted by the smtp server.

Medium Available Question

Most helpful comment

Hey @kevdogg! PR = Pull Request, which means I've uploaded my code for @simskij to look at and merge into the other code, if he agrees with what I've done. After that we'll still need to create a new version of the Docker image which actually uses that code before you can use it as-is.

You can also build a new Docker image yourself from the source code, but that might be a bit too technical.

All 10 comments

Hi @kevdogg,

Not currently, but I would be more than happy to assist with reviews and suggestions in case anyone would like to have a stab at providing a PR.

Best,
Simme

I will look into this! @kevdogg, would the /run/secret/watchtower_notification_email_server_password_secret file contain the plaintext password or do you expect a different format there?

It would contain the plaintext format.

On Sat, May 9, 2020 at 5:44 PM Sebastiaan Tammer notifications@github.com
wrote:

I will look into this! @kevdogg https://github.com/kevdogg, would the
/run/secret/watchtower_notification_email_server_password_secret file
contain the plaintext password or do you expect a different format there?


You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/containrrr/watchtower/issues/532#issuecomment-626245258,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/ABH75V3PZ3IANBPJWAID2SDRQXMERANCNFSM4MYW76ZQ
.

PR is up :partying_face:

PR is up? Sorry I don't understand the meaning however I did checkout your link. I believe this addition is still awaiting approval? I tried the following:

```
secrets:
watchtower_notification_email_server_secret:
file: ./watchtower_notification_email_server.secret

services:
watchtower:
image: containrrr/watchtower:latest
...
...
environment:
- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=/run/secrets/watchtower_notification_email_server_secret

```

but it didn't seem to work

Hey @kevdogg! PR = Pull Request, which means I've uploaded my code for @simskij to look at and merge into the other code, if he agrees with what I've done. After that we'll still need to create a new version of the Docker image which actually uses that code before you can use it as-is.

You can also build a new Docker image yourself from the source code, but that might be a bit too technical.

This has now been merged into master. @kevdogg; If you want to try it out, it should be available in the latest-dev image, otherwise it will be included in the next release. 👍

Thanks for the inclusion

Btw @simskij and @tammert, this should probably be provided for shoutrrr aswell? I'm thinking just allowing the URL to set from a file should cover the usage, right?

Btw @simskij and @tammert, this should probably be provided for shoutrrr aswell? I'm thinking just allowing the URL to set from a file should cover the usage, right?

Agreed. Can you create an appropriate issue? I’m thinking one url per row, do y’all agree?

Was this page helpful?
0 / 5 - 0 ratings