CLI: Management & Diagnostics
DSO provides comprehensive management and diagnostic commands for monitoring, inspecting, and troubleshooting your deployments.
Commands
fetch
Retrieve secrets from the running agent or list all defined secrets.
docker dso fetch
docker dso fetch <secret-name>
export
Export resolved secrets to a local file for CI/testing.
docker dso export --format env --output .env.resolved
Formats: env, json, yaml
inspect
View environment variables and secret mounts with automatic masking.
docker dso inspect <container-id>
watch
Real-time monitor of secret rotations and container lifecycle events.
docker dso watch
docker dso watch --debug
docker dso watch --strategy rolling
logs
View systemd journald or REST API agent logs with filtering.
docker dso logs -f
docker dso logs --tail 100
docker dso logs --level error
docker dso logs --since 10m -f
validate
Verify dso.yaml configuration syntax and schema compliance.
docker dso validate
diff
Compare local configuration against deployed stack structure.
docker dso diff
docker dso diff my-stack
version
Display DSO binary version number and build information.
docker dso version
Common Workflows
Daily Monitoring
# Check recent logs
docker dso logs --since 24h --level warn,error
# Monitor for changes
docker dso watch &
Debugging Issues
# Inspect container
docker dso inspect myapp_api_1
# Validate configuration
docker dso validate
# Check secrets
docker dso fetch
Configuration Migration
# Export current secrets
docker dso export --format json --output backup.json
# Validate new config
docker dso validate --config dso.new.yaml
# Compare changes
docker dso diff
Best Practices
- ✓Monitor continuously in production:
docker dso watch & - ✓Validate before deployment:
docker dso validate - ✓Regular backup of secrets with
docker dso export - ✓Inspect containers after changes to verify injection