I’m on a project where i have to minimize architecture security concerns.
I’ve built a whole micro-services infrastructure with docker containers. To secure the host machine side, the docker environment is in rootless mode. In addition, all the containers are running with non-root user.
I’m using docker compose secrets to allow some services to get access to connection credentials (password/token) required by other services.
The issue is that due to some constraints:
1- the rootless mode;
2- the fact that i am not able to define (on the host side) the convenient ownership of secret files so that, after user mapping, the secret file (in the container) gets owned by the user in the container;
i cannot use compose secrets without finding a way to change their ownership.
My leading solution is to run at the top beginning an alpine container with root user that will not hang at all, it will just:
1- create in a volume respective duplicate files of the secrets,
2- restrict access of those files to only needy users,
and then terminates.
But i am wondering; is that loosely ephemeral container nevertheless a security risk for the infrastructure in production as it stops running after about some ms and alpine image is without vulnerabilities?
Any point of view or response is the welcome.
And any idea, lightening and better practice suggestion is welcome too.
Thank you all.
You need to sign in to view this answers
Leave feedback about this