0

I've got Dockerfile:

FROM prom/prometheus
RUN rm -f /etc/prometheus/prometheus.yml
ADD config/ /etc/prometheus/
RUN echo $ACTUATOR_PASSWORD > /etc/prometheus/actuator_password

And docker-compose that contains:

  prometheus:
    image: szastarek/food-delivery-prometheus
    container_name: prometheus
    environment:
      - ACTUATOR_PASSWORD=iN09KtaW59dqeRylgZFV4aSZ
    ports:
      - "9090:9090"
    command:
      - "--config.file=/etc/prometheus/prometheus.yml"
      - "--storage.tsdb.path=/prometheus"
      - "--web.console.libraries=/usr/share/prometheus/console_libraries"
      - "--web.console.templates=/usr/share/prometheus/consoles"
    networks:
      food-delivery-net:
        aliases:
          - "prometheus"

The problem is with actuator_password file that is creating in dockerfile. The file should contain a password that is passed in environment variable but it's empty. So how can I create file inside docker container that will contain password passed in env?

Improve this question

2 Answers 2

Reset to default
2

the following line will only be run once during the build

RUN echo $ACTUATOR_PASSWORD > /etc/prometheus/actuator_password

which makes it a Build-Arg and if you want to have the password set statically in your image then you need to pass the password as an argument see: https://docs.docker.com/compose/compose-file/#args

see also: https://vsupalov.com/docker-env-vars/

But if you want the password to be dynamic and passed into the container via environment: you will need to add a script which reads the environment-variable ACTUATOR_PASSWORD at startup and adds it to /etc/prometheus/actuator_password before the prometheus process starts. This is usally done by adding or editing the entrypoint

e.g. ENTRYPOINT [ "/entrypoint.sh" ]

// entrypoint.sh
add_substitute_password
exec /bin/prometheus $@
Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

now I'm getting /usr/local/bin/entrypoint.sh: exec: line 3: /bin/echo secret > /etc/prometheus/actuator_password: not found. So it looks like ADD config/ /etc/prometheus/ is ignored or it execute after ENTRYPOINT?
I'm guessing /etc/prometheus/actuator_password doesn't exist. Can you verify by RUN ls -l /etc/prometheus/ ?
yes but it looks like whole /etc/prometheus doesn't exist. I've left only that line in entrypoint: exec "/bin/prometheus --config.file=/etc/prometheus/prometheus.yml" and in Dockerfile I still have: ADD config/ /etc/prometheus/. But the error says /etc/prometheus/prometheus.yml doesn't exist
this is the output of ls command: /usr/local/bin/entrypoint.sh: exec: line 4: /bin/sh ls -l /etc/prometheus/: not found
can you do a docker build --no-cache . ? I just tried to build from your Dockerfile and had to add USER root before ADD config/ /etc/prometheus/
|
1

The "environment" section of the compose file defines environment variables to define on a container run from the image. The Dockerfile defines steps to build that image, before you get to running it as a container. It's the difference between a build time and runtime setting.

To set an environment variable in the Dockerfile, you need to define either an ENV which will be persistent both during the build into the containers that are deployed from that image, or an ARG that can be adjusted from the build command and only applies during that stage of the build and not into containers that are later deployed from that image.

See the Dockerfile documentation for more details:

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.