I'm trying to avoid checking in any sensitive data while making it easy for other people to run this locally. My question is what is the most secure possible solution that is automated (minimal manual steps for users of the file)? Time of implementation is less of a concern. Use Docker secrets and docker stack deploy and store the key in docker secrets (CON: docker stack deploy has no support for docker volumes yet. (CONS: probably lots of work, maybe other issues?) (CONS: see 2)ĭockerise something like run that up first, add the key and use that within the node containers to get the latest key. I've looked around for a solution and none seem very easy/non hackyĬopy the key in and squash (CONS: not sure how I do this in a docker-compose file) Ĭopy the key in on the build step and add to image. If you don’t have it installed already, it will prompt you to install it. On Mavericks (10.9) or above you can do this simply by trying to run git from the Terminal the very first time. The easiest is probably to install the Xcode Command Line Tools. I understand this doesn't work because I don't have the deploy key I use on my local system in the Docker context. There are several ways to install Git on a Mac. However when I try to use this with my docker-compose setup it fails on the npm install step, in the build stage. My use case is that I have multiple express micro-services that use the same middleware and I would like to create a different repo in the format of an npm module for each middleware.Įvery repo is a private repo and can have a deploy key attached (can be different keys or the same)Īll of this works OK locally.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |