Open spannercode opened 1 week ago
Secret key
is added for every agent. This secret_key
is only provided to the respective user
or to the admin
. A new token is generated in frontend using secret_token
and network_name
by encoding in base64. This key is then used on docker command to run docker container for agent.
It shouldn't be possible for non-admin users to be able to run somebody else's agent. For that we need an agent specific secret on the docker command.