I save all secret data into AWS Parameter Store, my app run with docker-compose and I try to evaluate aws ssm get-parameters just inside docker-compose.yaml:
version: "3.7"
services:
db:
image: postgres
restart: always
volumes:
- /home/ec2-user/dbdata:/var/lib/postgresql/data
environment:
POSTGRES_USER: $$(aws ssm get-parameters --name DB_USERNAME --region eu-north-1 --output text --query Parameters[].Value)
POSTGRES_PASSWORD: $$(aws ssm get-parameters --name DB_PASSWORD --region eu-north-1 --output text --with-decryption --query Parameters[].Value)
POSTGRES_DB: $$(aws ssm get-parameters --name DB_NAME --region eu-north-1 --output text --query Parameters[].Value)
ports:
- 5432:5432
auth:
build: .
restart: always
environment:
DB_ENDPOINT: $$(aws ssm get-parameters --name DB_ENDPOINT --region eu-north-1 --output text --query Parameters[].Value)
DB_USERNAME: $$(aws ssm get-parameters --name DB_USERNAME --region eu-north-1 --output text --query Parameters[].Value)
DB_PASSWORD: $$(aws ssm get-parameters --name DB_PASSWORD --region eu-north-1 --output text --with-decryption --query Parameters[].Value)
JWT_KEY: $$(aws ssm get-parameters --name JWT_KEY --region eu-north-1 --output text --query Parameters[].Value)
JWT_EXPIRED: $$(aws ssm get-parameters --name JWT_EXPIRED --region eu-north-1 --output text --query Parameters[].Value)
depends_on:
- db
links:
- db
ports:
- 80:80
But construction $$(<command>) doesn't work.
Instead of expected values from the parameter store, I'm getting
$(get-parameters --name DB_ENDPOINT --region eu-north-1 --output text
--query Parameters[].Value)
I know how to do this with prepare a script like export MY_VAR="$(get-parameters ...)" that is understood.
But the question is can I fetch Parameter Store values just in docker-compose.yaml if yes, how?
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
