Sital999
commented
1 week ago Secret key is added for every agent. This secret_key is only provided to the respective user or to the admin. A new token is generated in frontend using secret_token and network_name by encoding in base64. This key is then used on docker command to run docker container for agent.
It shouldn't be possible for non-admin users to be able to run somebody else's agent. For that we need an agent specific secret on the docker command.