DO NOT USE THIS DIRECTLY

[maviterlikli]

There are volume mounts from your Windows user's directory to containers. Anyone cannot be sure that the code running in the container is not malicious and by mounting ~/.aspnet/https and ~/.microsoft/usersecrets you are giving access to your critical files. This is a critical security issue and you should change the following volume definitions in docker-compose.override.yaml

version: '3.4'
services:
 eshopwebmvc:
   environment:
     - ASPNETCORE_ENVIRONMENT=Docker
     - ASPNETCORE_URLS=http://+:8080
   ports:
     - "5106:8080"
   volumes:
     - ~/.aspnet/https:/root/.aspnet/https:ro
     - ~/.microsoft/usersecrets:/root/.microsoft/usersecrets:ro
 eshoppublicapi:
   environment:
     - ASPNETCORE_ENVIRONMENT=Docker
     - ASPNETCORE_URLS=http://+:8080
   ports:
     - "5200:8080"
   volumes:
     - ~/.aspnet/https:/root/.aspnet/https:ro
     - ~/.microsoft/usersecrets:/root/.microsoft/usersecrets:ro
  

A better version of the docker-compose.override.yaml is below which does not use bind mounts but volumes managed by Docker itself.

version: '3.4'
services:
 eshopwebmvc:
   environment:
     - ASPNETCORE_ENVIRONMENT=Docker
     - ASPNETCORE_URLS=http://+:8080
   ports:
     - "5106:8080"
   volumes:
     - aspnet-https:/root/.aspnet/https:ro
     - microsoft-usersecrets:/root/.microsoft/usersecrets:roo
 eshoppublicapi:
   environment:
     - ASPNETCORE_ENVIRONMENT=Docker
     - ASPNETCORE_URLS=http://+:8080
   ports:
     - "5200:8080"
   volumes:
     - aspnet-https:/root/.aspnet/https:ro
     - microsoft-usersecrets:/root/.microsoft/usersecrets:ro
volumes:
  aspnet-https:
  microsoft-usersecrets: