On Sun, Feb 21, 2016 at 8:05 AM, Thanuja Uruththirakodeeswaran < [email protected]> wrote:
> Hi All, > > Currently I'm working on $subject by running cipher tool and user will be > able to build a docker image for a wso2 product which will have secured > password in config files. > > In order to do the subject, we need to add cipher-tool.properties, > cipher-text.properties and password-tmp file templates to puppet module. I > thought of encrypting the passwords using the cipher tool after we execute > puppet apply in Docker files [1]. > Yes IMO this is the best option. Docker image build process use puppet for configuring the product, once the configuration is done run secure vault and secure all credentials. When the container starts we will need to send the password either using an environment variable (in Docker) or via a K8S secret (in K8S) and create the password text file. Then we can start the server. Thanks > > Applying secure vault while building the docker image will be easy and > efficient way compared to manually running the cipher tool and updating > puppet module templates before building the docker image. > > I'll update this thread about the progress. Highly appreciate your > suggestions on this. > > [1]. > https://github.com/wso2/kubernetes-artifacts/blob/master/wso2esb/docker/Dockerfile#L40 > > Thanks. > > -- > Thanuja Uruththirakodeeswaran > Software Engineer > WSO2 Inc.;http://wso2.com > lean.enterprise.middleware > > mobile: +94 774363167 > -- *Imesh Gunaratne* Senior Technical Lead WSO2 Inc: http://wso2.com T: +94 11 214 5345 M: +94 77 374 2057 W: http://imesh.gunaratne.org Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
