Home Explore Blog Models CI



docker
13th chunk of `content/manuals/engine/swarm/secrets.md`
194da156b647a98780f20d2546065bb308b357d18f634acb000000010000098c
    uses shell expansion to do it all in a single step.

    ```console
    $ docker container exec <CONTAINER_ID> \
        bash -c 'mysqladmin --user=wordpress --password="$(< /run/secrets/old_mysql_password)" password "$(< /run/secrets/mysql_password)"'
    ```

    Or:

    ```console
    $ docker container exec $(docker ps --filter name=mysql -q) \
        bash -c 'mysqladmin --user=wordpress --password="$(< /run/secrets/old_mysql_password)" password "$(< /run/secrets/mysql_password)"'
    ```

4.  Update the `wordpress` service to use the new password, keeping the target
    path at `/run/secrets/wp_db_password`. This triggers a rolling restart of
    the WordPress service and the new secret is used.

    ```console
    $ docker service update \
         --secret-rm mysql_password \
         --secret-add source=mysql_password_v2,target=wp_db_password \
         wordpress    
    ```

5.  Verify that WordPress works by browsing to http://localhost:30000/ on any
    swarm node again. Use the WordPress username and password
    from when you ran through the WordPress wizard in the previous task.

    Verify that the blog post you wrote still exists, and if you changed any
    configuration values, verify that they are still changed.

6.  Revoke access to the old secret from the MySQL service and
    remove the old secret from Docker.

    ```console
    $ docker service update \
         --secret-rm mysql_password \
         mysql

    $ docker secret rm mysql_password
    ```


7.  Run the following commands to remove the WordPress service, the MySQL container,
    the `mydata` and `wpdata` volumes, and the Docker secrets:

    ```console
    $ docker service rm wordpress mysql

    $ docker volume rm mydata wpdata

    $ docker secret rm mysql_password_v2 mysql_root_password
    ```

## Build support for Docker Secrets into your images

If you develop a container that can be deployed as a service and requires
sensitive data, such as a credential, as an environment variable, consider
adapting your image to take advantage of Docker secrets. One way to do this is
to ensure that each parameter you pass to the image when creating the container
can also be read from a file.

Many of the Docker Official Images in the
[Docker library](https://github.com/docker-library/), such as the
[wordpress](https://github.com/docker-library/wordpress/)
image used in the above examples, have been updated in this way.
Title: Updating WordPress Password, Cleaning Up, and Building Support for Docker Secrets
Summary
This section guides users on updating the WordPress service to use the new MySQL password, verifying that WordPress functions correctly with the new password, and removing the old secret and associated resources like services, volumes, and secrets. It also emphasizes the importance of building Docker Secrets support into container images to securely manage sensitive data, highlighting how Docker Official Images like WordPress have been updated to accommodate secrets.