I am using Docker along with Docker Compose v2.5.0 to test whether the this is actually a bug within grafana or the compose CLI.
I provisioned the
GF_SECURITY_ADMIN_PASSWORD via an
.env file into the
Initial checks show that the password is accepted and I am able to login into Grafana.
- I bring the container down
- change the
GF_SECURITY_ADMIN_PASSWORDto something else
- re-generate the
docker-compose.ymlfile to accept the updated env var
- Bring the container up
The new password is not accepted into the container, and I still have to use the old credentials to login
The only possible solution is that I have purge my docker volume to accept the new password, which is not the right thing to do, because the volume might contain data that should not be deleted.
I have created a repository that one can use to reproduce the bug
- I did
docker inspect <container_name>to see if the container picked the changed password as env var and it does
exec'd into the running grafana container using
docker compose exec -it grafana /bin/bashand typed
envand it still had the changed env variable
but the running instance has not actually picked up the change.
This seems like a bug. If it is not it should be clearly stated in the documentation that the env variable is not adaptable after initialization.