Currently a bit of a shitshow. Need to handle db passwords, flask secret key, password salts, LDAP info (ie. my scripps username and password) - all of which I've stuffed into YAML masquerading as docker config files to avoid repetition of secrets which are required when running a container and within the application. And then I started writing tests for IP2 and of course now this too needs to be stored somewhere which makes automatic test running easy.
Looking at implementing vault, running it in it's own container and accessing through an exposed port.
Currently a bit of a shitshow. Need to handle db passwords, flask secret key, password salts, LDAP info (ie. my scripps username and password) - all of which I've stuffed into YAML masquerading as docker config files to avoid repetition of secrets which are required when running a container and within the application. And then I started writing tests for IP2 and of course now this too needs to be stored somewhere which makes automatic test running easy.
Looking at implementing vault, running it in it's own container and accessing through an exposed port.
For now tests will just be annoying to run.