From bda5cb5f50eafa775695d7395133d87373fcd227 Mon Sep 17 00:00:00 2001 From: Tudor Stanciu Date: Mon, 21 Nov 2022 19:57:05 +0200 Subject: [PATCH] remove secrets from source code --- Chatbot.Api/Dockerfile | 4 +++- Chatbot.Api/appsettings.json | 6 +++--- Notes.txt | 8 ++++---- build.sh | 2 +- buildx.sh | 4 +++- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/Chatbot.Api/Dockerfile b/Chatbot.Api/Dockerfile index 3890ea1..8e9d05b 100644 --- a/Chatbot.Api/Dockerfile +++ b/Chatbot.Api/Dockerfile @@ -26,13 +26,15 @@ WORKDIR /app COPY --from=publish /app/publish . ENV urls="http://*:80" -ENV ConnectionStrings__DatabaseConnection="***REMOVED***" ENV TZ=Europe/Bucharest RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone ARG APP_VERSION=0.0.0.0 ENV APP_VERSION=${APP_VERSION} +ARG DATABASE_CONNECTION +ENV ConnectionStrings__DatabaseConnection=${DATABASE_CONNECTION} + #Workaround to lower the TLS level in container for old sql server version RUN sed -i 's/TLSv1.2/TLSv1.0/g' /etc/ssl/openssl.cnf diff --git a/Chatbot.Api/appsettings.json b/Chatbot.Api/appsettings.json index 42fcb76..020baa7 100644 --- a/Chatbot.Api/appsettings.json +++ b/Chatbot.Api/appsettings.json @@ -1,7 +1,7 @@ { "urls": "http://*:5055", "ConnectionStrings": { - "DatabaseConnection": "***REMOVED***" + "DatabaseConnection": "Server=##########;Database=##########;User Id=##########;Password=##########;MultipleActiveResultSets=true" }, "Logging": { "LogLevel": { @@ -12,7 +12,7 @@ }, "AllowedHosts": "*", "Credentials": { - "UserName": "***REMOVED***", - "Password": "***REMOVED***" + "UserName": "**********", + "Password": "**********" } } diff --git a/Notes.txt b/Notes.txt index fff0cb5..44a5062 100644 --- a/Notes.txt +++ b/Notes.txt @@ -1,7 +1,7 @@ -Basic ***REMOVED*** +Basic ********** ############################################################################################## -Azure DevOps Repository Password: ***REMOVED*** +Azure DevOps Repository Password: ********** ############################################################################################## Docker commands: ***************** @@ -18,14 +18,14 @@ Push image to registry: docker tag chatbot-api:1.0.5 cloud.canister.io:5000/tstanciu/chatbot:api-1.0.5 --login to registry -docker login --username=tstanciu --password="***REMOVED***" cloud.canister.io:5000 +docker login --username=tstanciu --password="**********" cloud.canister.io:5000 --push image docker push cloud.canister.io:5000/tstanciu/chatbot:api-1.0.5 Pull image from registry --login to registry with readonly rights -docker login --username=deploy+tstanciu --password=***REMOVED*** cloud.canister.io:5000 +docker login --username=deploy+tstanciu --password=********** cloud.canister.io:5000 --pull image docker pull cloud.canister.io:5000/tstanciu/chatbot:api-1.0.5 diff --git a/build.sh b/build.sh index d3f6913..323970f 100644 --- a/build.sh +++ b/build.sh @@ -3,7 +3,7 @@ echo "Welcome!" version="1.0.0" -localRegistryPass="***REMOVED***" +localRegistryPass="**********" echo "Create docker image with version $version." docker image build -t "chatbot-api:$version" -f "Chatbot.Api/Dockerfile" . diff --git a/buildx.sh b/buildx.sh index ac2b321..254dda0 100644 --- a/buildx.sh +++ b/buildx.sh @@ -3,7 +3,8 @@ echo "Welcome!" version="1.0.1" platform="linux/amd64,linux/arm64" -localRegistryPass="***REMOVED***" +localRegistryPass="**********" +databaseConnection="#########" echo "Login to alpine-nexus registry." docker login --username=admin --password=$localRegistryPass alpine-nexus:8500 @@ -11,6 +12,7 @@ docker login --username=admin --password=$localRegistryPass alpine-nexus:8500 echo "Create docker image with version $version for platform $platform" docker buildx build \ --build-arg APP_VERSION=$version \ + --build-arg DATABASE_CONNECTION=$databaseConnection \ --platform $platform \ --output=type=image,push=true,registry.insecure=true \ --push \