我有一个本地开发人员。环境,我在其中使用 SQLAlchemy 连接到 SQL DB。我执行以下操作来获取秘密.env:
import os
from urllib.parse import quote_plus
import sqlalchemy as sa
from dotenv import load_dotenv
from sqlalchemy import create_engine
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import sessionmaker
load_dotenv()
SERVER = os.getenv("SERVER_NAME")
DATABASE = os.getenv("DB_NAME")
USERNAME = os.getenv("USERNAME")
PASSWORD = os.getenv("PASSWORD")
PORT = os.getenv("PORT", default=1433)
DRIVER = os.getenv("DRIVER")
# connect using parsed URL
odbc_str = 'DRIVER='+DRIVER+';SERVER='+SERVER+';PORT='+PORT + \
';DATABASE='+DATABASE+';UID='+USERNAME+';PWD='+PASSWORD
connect_str = 'mssql+pyodbc:///?odbc_connect=' + quote_plus(odbc_str)
# connect with sa url format
sa_url = f"mssql+pyodbc://{USERNAME}:{PASSWORD}@{SERVER}:{PORT}/{DATABASE}?driver={DRIVER}"
SQLALCHEMY_DATABASE_URL = connect_str
engine = create_engine(SQLALCHEMY_DATABASE_URL, echo=True, future=True)
SessionLocal = sessionmaker(
autocommit=False, autoflush=False, bind=engine, future=True)
Base = declarative_base()
当我在容器中运行我的应用程序时,它会失败,因为秘密变量是None. 我可以将.env文件添加到容器中吗?如果可以,如何添加?
我的 Dockerfile:
FROM python:3.8-slim-buster
EXPOSE 8000
# Keeps Python from generating .pyc files in the container
ENV PYTHONDONTWRITEBYTECODE=1
# Turns off buffering for easier container logging
ENV PYTHONUNBUFFERED=1
# build variables.
ENV DEBIAN_FRONTEND noninteractive
# install Microsoft SQL Server requirements.
ENV ACCEPT_EULA=Y
RUN apt-get update -y && apt-get update \
&& apt-get install -y --no-install-recommends curl gcc g++ gnupg unixodbc-dev
# Add SQL Server ODBC Driver 17 for Ubuntu 18.04
RUN curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - \
&& curl https://packages.microsoft.com/config/debian/10/prod.list > /etc/apt/sources.list.d/mssql-release.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends --allow-unauthenticated msodbcsql17 mssql-tools \
&& echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bash_profile \
&& echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bashrc
# Install pip requirements
COPY requirements.txt .
RUN python -m pip install -r requirements.txt
WORKDIR /app
COPY . /app
# Creates a non-root user with an explicit UID and adds permission to access the /app folder
# For more info, please refer to https://aka.ms/vscode-docker-python-configure-containers
RUN adduser -u 5678 --disabled-password --gecos "" appuser && chown -R appuser /app
USER appuser
# During debugging, this entry point will be overridden.
CMD ["gunicorn", "--bind", "0.0.0.0:8000", "-k", "uvicorn.workers.UvicornWorker", "main:app"]
我已经看过Docker Secrets文档,但我不太确定该怎么做。
你不会将它们保留在图像内。相反,您可以将 envfile 的内容docker run从外部传递给命令。
docker run --env-file=.env my-container
也可以单独传入环境变量:
docker run -e SERVER_NAME=... my-container
(您也可以使用-v挂载到环境文件中,但是执行上述操作确实没有意义。)
| 归档时间: |
|
| 查看次数: |
1937 次 |
| 最近记录: |