What mean 'unsupported external secret'?

[evorios]

subj

[draksha22]

Hey @evorios can you please elaborate what is your issue?

[evorios]

I run following commands and get described error:

docker swarm init
docker secret create ./src/my_secret

./src/my_secret contain only bytes.

Enviroment: win10

[draksha22]

/assign

[ulyssessouza]

@evorios From docker secret create --help:

Usage:  docker secret create [OPTIONS] SECRET [file|-] 
...

So it looks like your command is missing the secret's name before the file.

[evorios]

Sorry, my bad. Executed command looks like: docker secret create my_secret ./src/my_secret

[vivekvedant]

Description:

Unable to added external secrets using docker-compose

Output of error

Output of secrets in docker

container containing secrets

grafana:
    image: grafana/grafana:8.3.3
    container_name: grafana
    volumes:
      - ./monitoring/grafana_data:/var/lib/grafana
      - ./monitoring/grafana/provisioning/dashboards:/etc/grafana/provisioning/dashboards
      - ./monitoring/grafana/provisioning/datasources:/etc/grafana/provisioning/datasources
    environment:
      - GF_SECURITY_ADMIN_USER_FILE=/run/secrets/grafana_username
      - GF_SECURITY_ADMIN_PASSWORD_FILE=/run/secrets/grafana_password
      - GF_USERS_ALLOW_SIGN_UP=false
    restart: unless-stopped
    expose:
      - 3000
    networks:
      - monitor-net
    depends_on:
      - prometheus
      - caddy
      - pushgateway
      - cadvisor
      - nodeexporter
    labels:
      org.label-schema.group: "monitoring"
    secrets:
      - grafana_username
      - grafana_password
secrets:
  grafana_username:
    external: true
  grafana_password:
    external: true

[ndeloof]

Docker Compose is targeting raw engine (not swarm mode) so does not support secrets created on swarm. Engine does not support secrets, so compose only can be used with "pseudo-secrets" as bind mounts. To deploy a compose file to a Swarm cluster, you must use docker stack command.