docker - 在没有任何漏洞的情况下如何在 dockerfile 中传递重要的凭据
问题描述
Dockerfile
FROM
ENV username = xyz
ENV password = abc
我在 ENV 指令中传递了用户名和密码,并获得了暴露敏感环境变量的漏洞。
我怎样才能减轻这个漏洞。是否有任何其他可能的方式来传递这些凭据。我正在使用 jenkins 构建图像,但在扭锁中获得了漏洞合规性。
这些凭据也很重要和必要。
解决方案
推荐阅读
- android - Android 11 background FCM with data only and screen off
- c - why can't I initialize a linked list like this?
- jmeter - JMeter altering values in .xls files using bean shell processor
- react-native - react native gesture touch point capture issue
- reactjs - Garden doesnt find services to deploy
- apache-spark - Right way to read stream from Kafka topic using checkpointLocation offsets
- woocommerce - Woocommerce: the shipping method is changed on checkout progress
- python - Is there a better way for mapping string with int
- twitter - how to get twitter summary card with Tweepy
- javascript - 无法更改变量内的值?