feat(infra): Docker-compose configuration and environment-specific security guards for Beta deployment to Test environment #56
@@ -72,8 +72,28 @@ public static class DbInitializer
|
|||||||
|
|
||||||
var adminPassword = configuration?["Nexus:AdminPassword"]
|
var adminPassword = configuration?["Nexus:AdminPassword"]
|
||||||
|
mjasin marked this conversation as resolved
|
|||||||
?? configuration?["NEXUS_ADMIN_PASSWORD"]
|
?? configuration?["NEXUS_ADMIN_PASSWORD"]
|
||||||
?? Environment.GetEnvironmentVariable("NEXUS_ADMIN_PASSWORD")
|
?? Environment.GetEnvironmentVariable("NEXUS_ADMIN_PASSWORD");
|
||||||
?? "Admin123!";
|
|
||||||
|
var env = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT")
|
||||||
|
?? Environment.GetEnvironmentVariable("DOTNET_ENVIRONMENT")
|
||||||
|
?? "Development";
|
||||||
|
var isDevelopment = string.Equals(env, "Development", StringComparison.OrdinalIgnoreCase);
|
||||||
|
|
||||||
|
if (string.IsNullOrEmpty(adminPassword))
|
||||||
|
{
|
||||||
|
if (!isDevelopment)
|
||||||
|
{
|
||||||
|
throw new InvalidOperationException(
|
||||||
|
"CRITICAL SECURITY ERROR: Admin password is NOT configured! " +
|
||||||
|
"In non-Development environments (e.g. Test/Production), the admin password must be explicitly set " +
|
||||||
|
"via configuration ('Nexus:AdminPassword' or 'NEXUS_ADMIN_PASSWORD') or environment variables. " +
|
||||||
|
"Seeding aborted to prevent insecure credentials fallback.");
|
||||||
|
}
|
||||||
|
|
||||||
|
Console.WriteLine("[Seeder] WARNING: Admin password is not set. Falling back to default weak password 'Admin123!' in Development environment.");
|
||||||
|
adminPassword = "Admin123!";
|
||||||
|
}
|
||||||
|
|
||||||
adminUser.PasswordHash = passwordHasher.HashPassword(adminUser, adminPassword);
|
adminUser.PasswordHash = passwordHasher.HashPassword(adminUser, adminPassword);
|
||||||
|
|
||||||
dbContext.Users.Add(adminUser);
|
dbContext.Users.Add(adminUser);
|
||||||
|
|||||||
Reference in New Issue
Block a user
🔴 Blocking — Triple-layer fallback exposes hardcoded default credential in production
The current fallback chain
Nexus:AdminPassword→NEXUS_ADMIN_PASSWORD(fromIConfiguration) →Environment.GetEnvironmentVariable("NEXUS_ADMIN_PASSWORD")→"Admin123!"is dangerous. IfNEXUS_ADMIN_PASSWORDis not injected at container startup (e.g. operator error, mis-spelled var), the process will silently seed the admin account with"Admin123!"without any warning — a critical security regression in Test/Prod.The
Environment.GetEnvironmentVariablecall is also redundant becauseIConfigurationin ASP.NET Core already reads environment variables. You only need two keys, and the final fallback must only be allowed inDevelopment.Suggested fix:
🔴 Blocking — Still unresolved. Silent credential fallback in non-Development environments.
This code is identical to the original. The
"Admin123!"default will still be reached silently in Test/Production ifNEXUS_ADMIN_PASSWORDis absent (e.g. from a typo in the.envfile or a missing Docker secret). Thedocker-compose.test.ymldoes enforce${NEXUS_ADMIN_PASSWORD:?...}at the compose level, but this C# fallback provides a false safety net that can be triggered by non-compose deployments (e.g., directkubectl apply).Please add the environment check before applying the fallback:
This also eliminates the redundant
Environment.GetEnvironmentVariablecall, sinceIConfigurationalready reads env vars.