secret doesn't work yet

README.md

@@ -153,6 +153,7 @@
 - `%` means all entrant connections, while `localhost` means only localhost connections
 - [mysql commande line](https://mariadb.com/kb/en/mysql-command-line-client/)
 - [use mysql in script](https://stackoverflow.com/questions/59608632/mariadb-create-database-and-execute-sql-script-without-character-from-the)
+- [no need to use FLUSH PRIVILEGES after GRANT](https://stackoverflow.com/questions/36463966/mysql-when-is-flush-privileges-in-mysql-really-needed)
 
 	###### mariadb basic commands :
 	- create user :
@@ -161,7 +162,6 @@
 		use mysql;
 		CREATE USER 'some_user'@'%' IDENTIFIED BY 'some_pass';
 		GRANT ALL PRIVILEGES ON *.* TO 'some_user'@'%' WITH GRANT OPTION;
-		FLUSH PRIVILEGES;
 		```
 	- show users :
 		```
@@ -180,6 +180,14 @@
 		DROP DATABASE <name>;
 		```
 
+	###### use password in container :
+	- [with env variables in compose](https://docs.docker.com/compose/environment-variables/)
+	- [so discussion](https://stackoverflow.com/questions/22651647/docker-and-securing-passwords)
+	- [docker build --secret tag](https://docs.docker.com/develop/develop-images/build_enhancements/#new-docker-build-secret-information)
+	- [use secret with docker](https://www.rockyourcode.com/using-docker-secrets-with-docker-compose/)
+	- [use secret with docker SO](https://stackoverflow.com/questions/42139605/how-do-you-manage-secret-values-with-docker-compose-v3-1)
+
+
 #### php-fpm
 - [](https://en.wikipedia.org/wiki/FastCGI)
 

srcs/docker-compose.yml

@@ -8,20 +8,16 @@
 version: "3.8"
 
 services:
-
 # ---------------------------------
   test:
-
     build:
       context: ./requirements/test
       dockerfile: Dockerfile
     image: test
     container_name: mytest
-
 # ---------------------------------
   nginx:
-
-#    restart: on-failure
+    #restart: on-failure
     ports:
       - "80:80"
       - "443:443"
@@ -29,18 +25,20 @@ services:
       context: ./requirements/nginx
       dockerfile: Dockerfile
     image: nginx
-   # image: nginx_debian
     container_name: mynginx
-   # container_name: mynginx_debian
-
 # ---------------------------------
   mariadb:
-#    restart: on-failure
+    #restart: on-failure
     build:
       context: ./requirements/mariadb
       dockerfile: Dockerfile
     image: mariadb
     container_name: mymariadb
+    #--secret id=mysecret,src=mysecret.txt
+    secrets:
+      - my_secret
 
-# ---------------------------------
+secrets:
+  my_secret:
+    file: ./secret.txt
 

srcs/requirements/mariadb/Dockerfile

@@ -2,14 +2,19 @@ FROM debian:buster
 
 ARG DEBIAN_FRONTEND=noninteractive
 
+# docker build --secret tag : https://docs.docker.com/develop/develop-images/build_enhancements/#new-docker-build-secret-information)
+# use secret with docker : https://www.rockyourcode.com/using-docker-secrets-with-docker-compose/)
+RUN --mount=type=secret,id=my_secret cat /run/secrets/my_secret.txt
+#RUN cat /run/secrets/my_secret.txt
+
 RUN apt update && \
 	apt install -y mariadb-client mariadb-server && \
 	rm -rf /var/lib/apt/lists/* && \
 	\
 	service mysql start && \
-	mariadb --execute="create database db_hugo_test;" && \
-	mariadb --execute="create user 'u_hugo_test'@'localhost' identified by 'hello';" && \
-	mariadb --execute="grant all privileges on *.* to 'u_hugo_test'@'localhost' with grant option;"
+	mariadb --execute="CREATE DATABASE db_hugo_test;" && \
+	mariadb --execute="CREATE USER 'u_hugo_test'@'localhost' IDENTIFIED BY 'hello';" && \
+	mariadb --execute="GRANT ALL PRIVILEGES ON *.* TO 'u_hugo_test'@'localhost' with grant option;"
 
 CMD [ "mysqld" ]
 

srcs/secret.txt

@@ -0,0 +1 @@
+mon_super_mot_de_passe