akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 7 Packages Projects Releases Wiki Activity
Files
b606e5c1ff746aa4fc5ecb389109d8c8c0e3a5c6
Charon/docs/plans/current_spec.md
GitHub Actions 978f698570 fix(security): remove hardcoded encryption keys from docker compose files 
Replace hardcoded CHARON_ENCRYPTION_KEY with environment variable
substitution using Docker Compose required variable syntax.

docker-compose.playwright.yml: use ${CHARON_ENCRYPTION_KEY:?...}
docker-compose.e2e.yml: use ${CHARON_ENCRYPTION_KEY:?...}
e2e-tests.yml: add ephemeral key generation per CI run
.env.test.example: document the requirement prominently
Security: The old key exists in git history and must never be used
in production. Each CI run now generates a unique ephemeral key.

Refs: OWASP A02:2021 - Cryptographic Failures
2026-01-25 03:50:12 +00:00

47 lines
1.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Security Fix: Remove Hardcoded Encryption Keys from Docker Compose Files
**Plan ID**: SEC-2026-001
**Status**: ✅ IMPLEMENTED
**Priority**: Critical (Security)
**Created**: 2026-01-25
**Implemented By**: Management Agent
---
## Summary
Removed hardcoded encryption keys from Docker Compose test files and implemented ephemeral key generation in CI workflows.
## Changes Applied
| File | Change |
|------|--------|
| `.docker/compose/docker-compose.playwright.yml` | Replaced hardcoded key with `${CHARON_ENCRYPTION_KEY:?...}` |
| `.docker/compose/docker-compose.e2e.yml` | Replaced hardcoded key with `${CHARON_ENCRYPTION_KEY:?...}` |
| `.github/workflows/e2e-tests.yml` | Added ephemeral key generation step |
| `.env.test.example` | Added prominent documentation |
## Security Notes
- The old key `ucDWy5ScLubd3QwCHhQa2SY7wL2OF48p/c9nZhyW1mA=` exists in git history
- This key should **NEVER** be used in any production environment
- Each CI run now generates a unique ephemeral key
## Testing
```bash
# Verify compose fails without key
unset CHARON_ENCRYPTION_KEY
docker compose -f .docker/compose/docker-compose.playwright.yml config 2>&1
# Expected: "CHARON_ENCRYPTION_KEY is required"
# Verify compose succeeds with key
export CHARON_ENCRYPTION_KEY=$(openssl rand -base64 32)
docker compose -f .docker/compose/docker-compose.playwright.yml config
# Expected: Valid YAML output
```
## References
- **OWASP**: [A02:2021 Cryptographic Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures/)
Reference in New Issue View Git Blame Copy Permalink