docker secret ls

Estimated reading time: 5 minutes


List secrets

Swarm This command works with the Swarm orchestrator.

Usage

$ docker secret ls [OPTIONS]

Refer to the options section for an overview of available OPTIONS for this command.

Description

Run this command on a manager node to list the secrets in the swarm.

For detailed information about using secrets, refer to manage sensitive data with Docker secrets.

Note

This is a cluster management command, and must be executed on a swarm manager node. To learn about managers and workers, refer to the Swarm mode section in the documentation.

For example uses of this command, refer to the examples section below.

Options

Name, shorthand Default Description
--filter , -f Filter output based on conditions provided
--format Pretty-print secrets using a Go template
--quiet , -q Only display IDs

Examples

$ docker secret ls

ID                          NAME                        CREATED             UPDATED
6697bflskwj1998km1gnnjr38   q5s5570vtvnimefos1fyeo2u2   6 weeks ago         6 weeks ago
9u9hk4br2ej0wgngkga6rp4hq   my_secret                   5 weeks ago         5 weeks ago
mem02h8n73mybpgqjf0kfi1n0   test_secret                 3 seconds ago       3 seconds ago

Filtering

The filtering flag (-f or --filter) format is a key=value pair. If there is more than one filter, then pass multiple flags (e.g., --filter "foo=bar" --filter "bif=baz")

The currently supported filters are:

  • id (secret’s ID)
  • label (label=<key> or label=<key>=<value>)
  • name (secret’s name)

id

The id filter matches all or prefix of a secret’s id.

$ docker secret ls -f "id=6697bflskwj1998km1gnnjr38"

ID                          NAME                        CREATED             UPDATED
6697bflskwj1998km1gnnjr38   q5s5570vtvnimefos1fyeo2u2   6 weeks ago         6 weeks ago

label

The label filter matches secrets based on the presence of a label alone or a label and a value.

The following filter matches all secrets with a project label regardless of its value:

$ docker secret ls --filter label=project

ID                          NAME                        CREATED             UPDATED
mem02h8n73mybpgqjf0kfi1n0   test_secret                 About an hour ago   About an hour ago

The following filter matches only services with the project label with the project-a value.

$ docker service ls --filter label=project=test

ID                          NAME                        CREATED             UPDATED
mem02h8n73mybpgqjf0kfi1n0   test_secret                 About an hour ago   About an hour ago

name

The name filter matches on all or prefix of a secret’s name.

The following filter matches secret with a name containing a prefix of test.

$ docker secret ls --filter name=test_secret

ID                          NAME                        CREATED             UPDATED
mem02h8n73mybpgqjf0kfi1n0   test_secret                 About an hour ago   About an hour ago

Format the output

The formatting option (--format) pretty prints secrets output using a Go template.

Valid placeholders for the Go template are listed below:

Placeholder Description
.ID Secret ID
.Name Secret name
.CreatedAt Time when the secret was created
.UpdatedAt Time when the secret was updated
.Labels All labels assigned to the secret
.Label Value of a specific label for this secret. For example {{.Label "secret.ssh.key"}}

When using the --format option, the secret ls command will either output the data exactly as the template declares or, when using the table directive, will include column headers as well.

The following example uses a template without headers and outputs the ID and Name entries separated by a colon (:) for all images:

$ docker secret ls --format "{{.ID}}: {{.Name}}"

77af4d6b9913: secret-1
b6fa739cedf5: secret-2
78a85c484f71: secret-3

To list all secrets with their name and created date in a table format you can use:

$ docker secret ls --format "table {{.ID}}\t{{.Name}}\t{{.CreatedAt}}"

ID                  NAME                      CREATED
77af4d6b9913        secret-1                  5 minutes ago
b6fa739cedf5        secret-2                  3 hours ago
78a85c484f71        secret-3                  10 days ago

Parent command

Command Description
docker secret Manage Docker secrets
Command Description
docker secret create Create a secret from a file or STDIN as content
docker secret inspect Display detailed information on one or more secrets
docker secret ls List secrets
docker secret rm Remove one or more secrets