Cocolabs-SAS / cocorico-docker

The official Cocorico docker image that give you the ability to run Cocorico out of the box.
https://www.cocolabs.io/
MIT License
23 stars 48 forks source link

The client secret and default creds are leaked #40

Open yevh opened 3 years ago

yevh commented 3 years ago

Hi there,

I found that client secret and default creds are leaked in the following parameters.yml:

https://github.com/Cocolabs-SAS/cocorico-docker/blob/master/files/init/parameters.yml

Be secure!

cocolabssas commented 3 years ago

Hi Yevh,

This docker image has been done to be used on development environments and to facilitate the developer works on Cocorico. From this point of view there is no credential leaks.

Thanks anyway!