mnonnenmacher
commented
5 months ago Related to #316.
Open mmurto opened 7 months ago
mnonnenmacher
commented
5 months ago Related to #316.
mnonnenmacher
commented
3 months ago To add to the confusion, there are also two secrets providers: One to provide secrets for the configuration, and one to provide secrets associated to organizations, products, and repositories. This lead to #582 which was fixed by #703.
When running the Docker images, it is currently not completely clear what should be configured and how. For example, are file based secret providers required for just running the services? If a secret provider is required for running the services and not only for storing secrets for repositories to be analyzed, why is this required instead of only using environment variables?
I recently made some changes to the Docker Compose file, where I use the secret provider, but if the same could be done with pure environment variables, that would probably be better and more flexible for different deployment options.