API & Integrations

Docker container for CLI

12min
description the /docker directory contains a docker configuration for running the passwork cli in a containerized environment this is particularly useful for ci/cd pipelines in continuous integration systems receiving clone a python connector from the github where docker is located ssh git clone git\@github com\ passwork me/passwork python git https git clone https //github com/passwork me/passwork python git go to docker directory shell cd /passwork python/docker/ building the docker image shell docker build t passwork cli using the docker container basic usage run the passwork cli container by passing the necessary credentials as environment variables shell docker run it rm \\ e passwork host="https //your passwork instance com" \\ e passwork token="your access token" \\ e passwork master key="your master key" \\ passwork cli exec password id "password id" env using docker compose copy and change the file name to docker compose yml based on the example shell # you can edit docker compose yml if necessary cp docker compose example yml docker compose yml copy and change the file name to env based on the example shell # specify your credentials in env cp env example env start using docker compose shell docker compose run rm passwork cli exec password id "password id" env example output shell docker compose run rm passwork cli exec password id "67ff59139b0d5d96310084c5" env warn\[0000] /opt/passwork python connector/docker/docker compose yaml the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion hostname=d6ec78fda6e0 home=/home/passwork gpg key=a035c8c19219ba821ecea86b64e628f8d684696d python sha256=849da87af4df137710c1796e276a955f7a85c9f971081067c8f565d15c352a09 passwork refresh token=yt7ldssd4qjzqczikk/3dgdqynwb2erodwn3aovd14e= passwork token=lzs8abjoa3wlve+bqvzxhufsqlc7xmxkip+9hmu+800= term=xterm path=/usr/local/bin /usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin lang=c utf 8 passwork host=https //passwork example com passwork master key=1lzymbmt8mqyj1cdcyizhdzlhgyejvbmauoohb1yyxujnlidbdvgk8h4mwksaxhzvqzys9drsrzoofbdvs5wbq== python version=3 11 12 pwd=/app mongodb password=p\@ssw0rd examples retrieve a password and use it in a command shell docker run it rm \\ e passwork host="https //your passwork com" \\ e passwork token="your token" \\ e passwork master key="your master key" \\ passwork cli exec password id "db password id" mysql h db host u admin p "$db password" db name if client side encryption is not used, remove the line — e passwork master key="your master key" \\ make a direct api call shell docker run it rm \\ e passwork host="https //your passwork com" \\ e passwork token="your token" \\ e passwork master key="your master key" \\ passwork cli api method get endpoint "v1/vaults" if client side encryption is not used, remove the line — e passwork master key="your master key" \\ using in bitbucket pipelines add the following to your bitbucket pipelines yml file shell pipelines default \ step name deploy with passwork credentials image passwork cli script \ passwork cli exec password id "deploy credentials" /deploy sh services \ docker caches \ docker alternatively, use a container image from a registry shell pipelines default \ step name deploy with passwork credentials image your registry com/passwork cli\ latest script \ passwork cli exec password id "deploy credentials" /deploy sh security considerations the docker container runs as a non root user to improve security; always use secure environment variables to store credentials in ci/cd pipelines