I have gone through all the examples I could find online for building docker container based applications. I would want to run two services running in two docker containers:
- A windows container running ASP.NET
- A windows container running SQL Server
Easy job and many examples. However, in all examples you need to use SQL authentication and to provide a hard-coded SA password as an environment variable when running the SQL server container. You also need to hard code the SA password into the connection string in the ASP.Net code (or also provide it in some other manner in a configuration file, etc.)
Bottom line in all examples the password is hard-coded somewhere.
In most applications we develop now, we actually use windows authentication instead or use a grouped managed service account instead. But as far as I know, you cannot add a windows container to a domain, thus the SQL server is not part of the windows domain so I don't see a way to use windows authentication here.
So does any one have an alternative to hard-coding passwords this way ?
Windows authentication is automatically enabled in Windocks SQL Server containers. See here for more details. The SQL Server containers created in Windocks are SQL Server named instances created automatically from the default SQL Service that is already installed on the Windows Server (2012 R2 or 2016). Any Windows accounts in the default instance are automatically enabled in the container instances.