v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/docker
Overview
11Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install docker

Table: docker_compose_secret - Query Docker Compose Secrets using SQL

Docker Compose is a tool for defining and running multi-container Docker applications. It uses YAML files to configure the application's services and performs the creation and start-up process of all the containers with a single command. Docker Compose Secrets are a resource that allows you to securely store sensitive information used by services in a Docker Compose project.

Table Usage Guide

The docker_compose_secret table provides insights into the secrets used in a Docker Compose project. As a developer or system administrator, you can explore secret-specific details through this table, including the secret name, service using the secret, and the file path of the secret. Utilize this table to manage and monitor the use of secrets across your Docker Compose projects, ensuring secure and efficient use of sensitive information.

Examples

Basic info

Explore which Docker Compose secrets are being used in your environment. This can help you manage and understand the configuration of your secrets, providing insights into your Docker Compose setup.

select
  name,
  file,
  environment,
  driver,
  template_driver
from
  docker_compose_secret;
select
  name,
  file,
  environment,
  driver,
  template_driver
from
  docker_compose_secret;

List the external configuration of secrets

Explore the external configuration of secrets in your Docker Compose setup to understand how they are managed and where they are stored. This is beneficial for assessing security measures and ensuring best practices are in place.

select
  name,
  file,
  driver,
  external ->> 'Name' as external_name,
  external ->> 'External' as external,
  external -> 'Extensions' as external_extensions
from
  docker_compose_secret;
select
  name,
  file,
  driver,
  json_extract(external, '$.Name') as external_name,
  json_extract(external, '$.External') as external,
  external as external_extensions
from
  docker_compose_secret;

List secrets with local driver

Discover the segments that utilize the local driver within the Docker Compose Secret. This is particularly beneficial to identify and manage secrets that are locally stored, aiding in security and configuration management.

select
  name,
  file,
  environment,
  driver,
  template_driver
from
  docker_compose_secret
where
  driver = 'local';
select
  name,
  file,
  environment,
  driver,
  template_driver
from
  docker_compose_secret
where
  driver = 'local';

List secrets without environment vars

Determine the areas in which Docker Compose secrets are not associated with any environment variables. This can be useful to identify potential misconfigurations or security risks within your Docker setup.

select
  name,
  file,
  driver,
  template_driver
from
  docker_compose_secret
where
  environment is null;
select
  name,
  file,
  driver,
  template_driver
from
  docker_compose_secret
where
  environment is null;

Schema for docker_compose_secret

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
drivertextDriver used for the secret.
driver_optsjsonbDriver options for the secret.
environmenttextEnvironment variable to use for the secret.
extensionsjsonbExtensions for the secret configuration.
externaljsonbExternal secret configuration.
filetextFile to use for the secret.
labelsjsonbLabels for the secret.
nametextName of the secret.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
template_drivertextTemplate driver used for the secret.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- docker

You can pass the configuration to the command with the --config argument:

steampipe_export_docker --config '<your_config>' docker_compose_secret