Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Add support for passing docker secret files #77

Open
CyberKaizen opened this issue Feb 19, 2023 · 0 comments
Open

Feature Request: Add support for passing docker secret files #77

CyberKaizen opened this issue Feb 19, 2023 · 0 comments

Comments

@CyberKaizen
Copy link

@SamuelHassine
I noticed that when attempting to pass sensitive information as secrets files in docker swarm. That the OpenCTI web application itself did not appear support passing credentials or sensitive api tokens in a secure manner.

The other services such as Minio and RabbitMQ support this, but OpenCTI's Environment variables do not support passing a file.

This leads to issues where if the secrets files have been passed to other services that support it and the same path to the secrets file is added as a value to OpenCTI's env variables, this leads to signature or password mismatch issues.

Some of the following are of issue:

  • APP__ADMIN__PASSWORD
  • MINIO__ACCESS_KEY
  • APP__ADMIN__TOKEN
  • MINIO__ACCESS_KEY
  • MINIO__SECRET_KEY
  • RABBITMQ__PASSWORD

I'm proposing to have Env variables appended with _FILE to support passing docker secrets, or maintaining the current environment variables with automatic detection of secret/config files.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CyberKaizen