Mirrored_Repos/docker-atlassian-confluence-server
1
0
Fork 0
mirror of https://bitbucket.org/atlassian-docker/docker-atlassian-confluence-server.git synced 2024-08-30 18:22:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename env var

Browse Source
This commit is contained in:
Yevhen Ivantsov
2023-08-11 15:08:14 +10:00
parent e21958b4dc
commit 7e0d472f81
3 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -338,11 +338,11 @@ management technology, and is beyond the scope of this documentation.
The unset function is executed in the entrypoint. Set to `false` if you want to allow passing
sensitive environment variables to Confluence container.
* `ATL_WHITELIST_SENSITIVE_ENV_VARS`
* `ATL_ALLOWLIST_SENSITIVE_ENV_VARS`
**WARNING:** When using this property, the values to sensitive environment variables will be available in clear text on the host OS. As such, this data may be exposed to users or processes running on the host OS.
Define a comma separated list of environment variables containing keywords 'PASS', 'SECRET' or 'TOKEN' to be ignored by the unset function which is executed in the entrypoint. The function uses `^` regex. For example, if you set `ATL_WHITELIST_SENSITIVE_ENV_VARS="PATH_TO_SECRET_FILE"`, all variables starting with `PATH_TO_SECRET_FILE` will be whitelisted.
Define a comma separated list of environment variables containing keywords 'PASS', 'SECRET' or 'TOKEN' to be ignored by the unset function which is executed in the entrypoint. The function uses `^` regex. For example, if you set `ATL_ALLOWLIST_SENSITIVE_ENV_VARS="PATH_TO_SECRET_FILE"`, all variables starting with `PATH_TO_SECRET_FILE` will not be unset.
## Advanced Configuration

2
shared-components

Submodule shared-components updated: 7e24220763...821a0fbca0

6
tests/test_image.py
View File

@ -608,7 +608,7 @@ def test_skip_unset_secure_vars(docker_cli, image, run_user):
if rpat.search(line):
raise EOFError(f"Found unexpected log line '{var_unset_log_line}'")
def test_skip_default_whitelisted_secure_vars(docker_cli, image, run_user):
def test_skip_default_allowlist_secure_vars(docker_cli, image, run_user):
environment = {
'AWS_WEB_IDENTITY_TOKEN_FILE': '/path/to/file',
'com_atlassian_db_config_password_ciphers_algorithm_javax_crypto_foor_bar': '/path/to/file'
@ -627,12 +627,12 @@ def test_skip_default_whitelisted_secure_vars(docker_cli, image, run_user):
print(line)
raise EOFError(f"Found unexpected log line")
def test_skip_custom_whitelisted_secure_vars(docker_cli, image, run_user):
def test_skip_custom_allowlist_secure_vars(docker_cli, image, run_user):
environment = {
'MY_TOKEN': 'tokenvalue',
'SECRET': 'secretvalue',
'MY_PASS': 'passvalue',
'ATL_WHITELIST_SENSITIVE_ENV_VARS': 'MY_TOKEN, MY_PASS',
'ATL_ALLOWLIST_SENSITIVE_ENV_VARS': 'MY_TOKEN, MY_PASS',
}
container = docker_cli.containers.run(image, detach=True, user=run_user, environment=environment, ports={PORT: PORT})
wait_for_state(STATUS_URL, expected_state='FIRST_RUN')