Feature Request: Add support for passing docker secret files #77
Labels
question
Further information is requested
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@SamuelHassine
I noticed that when attempting to pass sensitive information as secrets files in docker swarm. That the OpenCTI web application itself did not appear support passing credentials or sensitive api tokens in a secure manner.
The other services such as Minio and RabbitMQ support this, but OpenCTI's Environment variables do not support passing a file.
This leads to issues where if the secrets files have been passed to other services that support it and the same path to the secrets file is added as a value to OpenCTI's env variables, this leads to signature or password mismatch issues.
Some of the following are of issue:
I'm proposing to have Env variables appended with _FILE to support passing docker secrets, or maintaining the current environment variables with automatic detection of secret/config files.
The text was updated successfully, but these errors were encountered: