search

mikeizbicki / cmc-csci143

big data course materials
41 stars 76 forks source link

Production Credentials #429

Closed henrylong612 closed 9 months ago

henrylong612 commented 9 months ago

Hi @mikeizbicki,

I am looking at the part of the homework instructions that says:

IMPORTANT: Many security breaches are caused by developers uploading credentials into public git repositories. See this post for examples. If any of your production credentials are uploaded to github, you will receive a -2 on the assignment. This is not -2 points off your grade, this is a NEGATIVE TWO POINTS TOTAL... committing private credentials to a public repo would cause your company to lose potentially millions of dollars, and so is worse than doing nothing at all. I strongly recommend creating a .gitignore file to prevent this from happening on accident. In these instructions, the production credentials are located in the file .env.prod.db. So this file should not be uploaded to github, but all the other files should be.

I have created the .gitignore file with the following:

.env.prod.db
.env.prod

*.swp
*.swo
*.swn
*.swm

Yet there are still plenty of other places in the tutorial where we include our production credentials, like in docker-compose.yml. How would/should I go about removing these?

mikeizbicki commented 9 months ago

My solution doesn't have any production credentials in docker-compose.yml, and I just checked the tutorial and I didn't see any credentials in their final docker-compose.yml. So I'm not sure what you're referring to there.

But to clarify the grading policy: You will only receive a -2 on the assignment if the file .env.prod.db is included in the final repo. If the credentials leak through something else, I might decide to deduct a penalty for an incorrect submission, but it won't result in negative points.

henrylong612 commented 9 months ago

Hi @mikeizbicki,

In the tutorial, the final docker-compose.yml file appears to have lines that look like this:

environment:
      - POSTGRES_USER=hello_flask
      - POSTGRES_PASSWORD=hello_flask
      - POSTGRES_DB=hello_flask_dev

I don't see anywhere in the tutorial where this is edited out. Am I missing something?

Best, Henry

oliver-ricken commented 9 months ago

Hey @henrylong612,

I also noticed the password in the docker-compose.yml file, and had similar thoughts. From what I understand, the POSTGRES_PASSWORD in the docker-compose.yml file is not contained within a production environment, and so is okay to upload to GitHub.

I think @mikeizbicki is specifically referring to production credentials when he talks about receiving a -2 on the HW. As mentioned in the lab recording video from yesterday (at around minute 47:15), "production credentials are never things that you would want to include in a .yaml file... you would always include them in an environment file (such as .env.dev)."

Hopefully this helps clarify your question above. I had the same thoughts as you, and then stumbled upon this section in the video last night, which helped me understand the distinction between production credentials and passwords contained within different environments.

Feel free to jump in if I missed anything, @mikeizbicki :)

mikeizbicki commented 9 months ago

@oliver-ricken is correct.

The tutorial as written happens to use the same password for the prod and dev databases. But in general, a different, much stronger password would be used for production. I'd be happy to chat more about the difference in person with anyone interested.

henrylong612 commented 9 months ago

Wonderful. Thank you @oliver-ricken and @mikeizbicki for the clarification!