docker pass (original) (raw)

Availability: Beta

Requires: Docker Desktop 4.54 and later

Experimental

This command is experimental.

Experimental features are intended for testing and feedback as their functionality or design may change between releases without warning or can be removed entirely in a future release.

Docker Pass is a helper that allows you to store secrets securely in your local OS keychain and inject them into containers later.

On Windows: Uses the Windows Credential Manager API.

On macOS: Uses macOS Keychain services API.

On Linux: org.freedesktop.secrets API (requires DBus and gnome-keyring orkdewallet to be installed).

Using keychain secrets in containers

Create a secret:

Creating a secret from STDIN:

Run a container that uses the secret:

Inspect your secret from inside the container

Explicitly assigning a secret to another environment variable: