How to read values from local file into Docker-compose environment variables?

Question

I'm trying to inject my AWS Credentials from my local ~/.aws/credentials file into a Docker container by setting environment variables in my docker-compose.yml file.

But I don't know how to read the credentials from the local file into the the docker-compose file. How can I do it??

Here is what my AWS credentials file looks like:

$ cat ~/.aws/credentials
[default]
aws_access_key_id = AK_FAKE_KEY_88RD3PNY
aws_secret_access_key = BividQsWW_FAKE_KEY_MuB5VAAsQNJtSxQQyDY2C

Here is what my the relevant part of my Docker compose file looks like:

  my_service:
    build: .
    image: my_image
    environment:
         - AWS_ACCESS_KEY_ID=<What should I put here?>
         - AWS_SECRET_ACCESS_KEY=<What should I put here?>

Answer 1

IMHO, generally speaking, it's not a good idea to hard-code home directory in docker-compose.yml, it's not going to be portable for others. I'll not object to having ~/.aws/credentials though since it's a convention that everyone will follow

my_service:
    build: .
    image: my_image
    environment:
         - AWS_ACCESS_KEY_ID
         - AWS_SECRET_ACCESS_KEY
    volumes:
         - ~/.aws:/root/.aws:ro

This docker-compose.yml will be flexible enough that it depends on the setting of the machine, either the credential file or the environment variables will be used.

Answer 2

Does it need to be from your credentials file?

You could create ~/aws_env_creds containing

AWS_ACCESS_KEY_ID=AK_FAKE_KEY_88RD3PNY
AWS_SECRET_ACCESS_KEY=BividQsWW_FAKE_KEY_MuB5VAAsQNJtSxQQyDY2C

And then

my_service:
  build: .
  image: my_image
  env_file:
    - ~/aws_env_creds