Learn how to pass secrets to your docker container at run time.
--env-file
flag of docker run
command.
Rather than giving the flag a file path to your env file, you’ll use the Infisical CLI to create a virtual file path.
For this method to function as expected, you must have a bash shell (for processing substitution) and the Infisical CLI installed in the environment where you will be running the docker run
command.
infisical login
for local development.INFISICAL_TOKEN
. If set, it’ll attempt to use it for authentication.
infisical login --method=universal-auth
command to directly obtain a universal auth access token and set it as an environment variable.
infisical login
command and instead use a machine identity.docker run
command with Infisical CLI to point to your secrets.
Under the hood, this command will fetch secrets from Infisical and serve them as a file to the --env-file
flag.
export
command, click here