Potential Bug: Admin Credentials Set via Env Variables are not picked up even when docker container is brought down and up again


I am using Docker along with Docker Compose v2.5.0 to test whether the this is actually a bug within grafana or the compose CLI.

I provisioned the GF_SECURITY_ADMIN_USER and GF_SECURITY_ADMIN_PASSWORD via an .env file into the docker-compose.yml file.

Initial checks show that the password is accepted and I am able to login into Grafana.


  1. I bring the container down
  2. change the GF_SECURITY_ADMIN_PASSWORD to something else
  3. re-generate the docker-compose.yml file to accept the updated env var
  4. Bring the container up

The new password is not accepted into the container, and I still have to use the old credentials to login

The only possible solution is that I have purge my docker volume to accept the new password, which is not the right thing to do, because the volume might contain data that should not be deleted.

I have created a repository that one can use to reproduce the bug


  1. I did docker inspect <container_name> to see if the container picked the changed password as env var and it does :white_check_mark:
  2. I exec'd into the running grafana container using docker compose exec -it grafana /bin/bash and typed env and it still had the changed env variable :white_check_mark:

but the running instance has not actually picked up the change.

This seems like a bug. If it is not it should be clearly stated in the documentation that the env variable is not adaptable after initialization.

linking to the ongoing github issue: