Skip to content

Remove private keys that are generated on install / first run #555

New issue
New issue
Open
Open
Remove private keys that are generated on install / first run#555
Labels
connectSpecific to connect imagespackage-managerSpecific to Package Manager imagessecurityRelated to security or vulnerability managementworkbenchSpecific to workbench images
@colearendt

Description

@colearendt
colearendt
opened on Jun 6, 2023

Related to #550

We should remove secure-cookie-key and key.pem and friends from all of the instances when they are built

Alternatively, we could see if there is a nice way to stop the product from starting too... (setting an ARG, etc.)

### Tasks
- [ ] Add tests to ensure that secrets are not in images after build
- [ ] If necessary, stop products from starting on install by using an `ARG`
- [ ] If using `ARG`, make sure that licensing and directory permissions work on startup (and are tested)

Metadata

Metadata

Assignees

No one assigned

    Labels

    connectSpecific to connect imagespackage-managerSpecific to Package Manager imagessecurityRelated to security or vulnerability managementworkbenchSpecific to workbench images

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions