Versions Compared

Old Version 1

changes.mady.by.user Mirco Hoffmann (Unlicensed)

Saved on

compared with

New Version 2

changes.mady.by.user Mirco Hoffmann (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
${env:VARIABLE_NAME}

...

When you have created downloaded your configuration then. It should look something like this.

...

Set the environment variables in your system

Now you just have to set the environment variables in your system.

Using docker secrets in the agent configuration

Adjust agent configuration (AgentConfig.yaml)

Docker secrets are mounted into the container as files. In the agent's configuration we just need to enter where it can find it.
https://docs.docker.com/engine/swarm/secrets/#about-secrets

Code Block
${file:UTF-8:/run/secrets/<secret-name>}

...

When you have downloaded your configuration. It should look something like this.

Code Block
type: AWS
agentToken: 12:96c0c848-67b7-40e9-9d9a-64089ed309fb
accessKey: ${file:UTF-8:/run/secrets/awsProdAccessKey}
secretAccessKey: ${file:UTF-8:/run/secrets/awsProdSecretAccessKey}
region: eu-central-1
stage: test

Create docker secrets

The first thing you need to do is enable Swarm mode if you are not already using it.

https://docs.docker.com/engine/swarm/

Code Block
docker swarm init

After that, you can create your secrets.

Code Block
echo "myAccessKey" | docker secret create awsProdAccessKey -
Code Block
echo "mySecretAccessKey" | docker secret create awsProdSecretAccessKey -

Adjust the agent (docker-compose.yml)

After that, we need to make a few changes in docker-compose. First, we need to remove the container_name. This is not supported in Swarm mode.

After that, we need to tell docker which Secrets to use for this service (lines 11-13) and where they are located (lines 15-19).

Code Block
version: '3.3'
services:

  controlplane-agent-aws:
    image: apiida/controlplane-agent
    environment:
      - 'backendUrl=wss://mirco.backend.obsidian.local'
      - 'gateway-config=/workspace/awsConfig.yaml'
    volumes:
      - ./awsConfig.yaml:/workspace/awsConfig.yaml:rw
    secrets:
     - awsProdAccessKey
     - awsProdSecretAccessKey
      
secrets:
  awsProdAccessKey:
    external: true
  awsProdSecretAccessKey:
    external: true

Now we can start our agent

Code Block
docker stack deploy --compose-file=docker-compose.yml apiida