Appearance
Fresh
docker pass
Back
docker pass
Copy as Markdown
Open MarkdownAsk Docs AIClaudeOpen in Claude
| Description | Manage your local OS keychain secrets. | | Usage | docker pass set|get|ls|rm |
Experimental
This command is experimental.
Experimental features are intended for testing and feedback as their functionality or design may change between releases without warning or can be removed entirely in a future release.
Description
Docker Pass is a helper that allows you to store secrets securely in your local OS keychain and inject them into containers later.
On Windows: Uses the Windows Credential Manager API.
On macOS: Uses macOS Keychain services API.
On Linux: org.freedesktop.secrets API (requires DBus and gnome-keyring or kdewallet to be installed).
Examples
Using keychain secrets in containers
Create a secret:
console
$ docker pass set GH_TOKEN=123456789Creating a secret from STDIN:
console
echo 123456789 > token.txt
cat token.txt | docker pass set GH_TOKENRun a container that uses the secret:
console
$ docker run -e GH_TOKEN= -dt --name demo busyboxInspect your secret from inside the container
console
$ docker exec demo sh -c 'echo $GH_TOKEN'
123456789Explicitly assigning a secret to another environment variable:
console
$ docker run -e GITHUB_TOKEN=se://GH_TOKEN -dt --name demo busyboxSubcommands
| Command | Description |
|---|---|
docker pass get | Get a secret |
docker pass ls | List secrets |
docker pass rm | Remove a secret |
docker pass set | Set a secret |