From bd379ab78f645ad1558becd96ea3332158b8c7b2 Mon Sep 17 00:00:00 2001 From: mickey-mikey <149929346+mickey-mikey@users.noreply.github.com> Date: Sat, 11 Jul 2026 17:18:01 +1000 Subject: [PATCH 1/2] compose: note that secrets require Linux containers --- content/manuals/compose/how-tos/use-secrets.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/content/manuals/compose/how-tos/use-secrets.md b/content/manuals/compose/how-tos/use-secrets.md index 2afec05e530c..82ee231992a8 100644 --- a/content/manuals/compose/how-tos/use-secrets.md +++ b/content/manuals/compose/how-tos/use-secrets.md @@ -19,6 +19,10 @@ Environment variables are often available to all processes, and it can be diffic Secrets are mounted as a file in `/run/secrets/` inside the container. +> [!NOTE] +> +> Secrets are supported on Linux containers only. Compose delivers each secret by bind-mounting a single file into the container, and Windows containers support bind-mounting directories only. For Windows containers, bind-mount a directory containing the secret file instead. + Getting a secret into a container is a two-step process. First, define the secret using the [top-level secrets element in your Compose file](/reference/compose-file/secrets.md). Next, update your service definitions to reference the secrets they require with the [secrets attribute](/reference/compose-file/services.md#secrets). Compose grants access to secrets on a per-service basis. Unlike the other methods, this permits granular access control within a service container via standard filesystem permissions. From c9059acf909a16f23b79f857491c7319aad5b5bb Mon Sep 17 00:00:00 2001 From: mickey-mikey <149929346+mickey-mikey@users.noreply.github.com> Date: Sat, 11 Jul 2026 17:31:59 +1000 Subject: [PATCH 2/2] compose: drop workaround sentence from secrets platform note --- content/manuals/compose/how-tos/use-secrets.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/manuals/compose/how-tos/use-secrets.md b/content/manuals/compose/how-tos/use-secrets.md index 82ee231992a8..5fb86f06d9bc 100644 --- a/content/manuals/compose/how-tos/use-secrets.md +++ b/content/manuals/compose/how-tos/use-secrets.md @@ -21,7 +21,7 @@ Secrets are mounted as a file in `/run/secrets/` inside the contain > [!NOTE] > -> Secrets are supported on Linux containers only. Compose delivers each secret by bind-mounting a single file into the container, and Windows containers support bind-mounting directories only. For Windows containers, bind-mount a directory containing the secret file instead. +> Secrets are supported on Linux containers only. Compose delivers each secret by bind-mounting a single file into the container, and Windows containers support bind-mounting directories only. Getting a secret into a container is a two-step process. First, define the secret using the [top-level secrets element in your Compose file](/reference/compose-file/secrets.md). Next, update your service definitions to reference the secrets they require with the [secrets attribute](/reference/compose-file/services.md#secrets). Compose grants access to secrets on a per-service basis.