From env variables to Docker secrets
12 Factor-app
The 3rd item of the 12 factors application manifesto tells us to store the configuration in the environnement.
It also provides example of what this includes:
- Resource handles to the database, Memcached, and other backing services
- Credentials to external services such as Amazon S3 or Twitter
- Per-deploy values such as the canonical hostname for the deploy
We can wonder if this approach is still recommended today, and exempt of risk. In this article we will consider a simple application and see how it needs to be modified to handle such sensitive pieces of information in a safer way.
Applications running in a Docker world
In the last few years, we saw a lot of changes in a way applications are developed and deployed. Mainly because of the huge adoption of the Docker platform, applications are now mainly following the micro-services architecture: they are made of several services (sometimes tons of…