Secure Docker Compose Configuration by Using .env File

[jayanth-kumar-morem]

Currently, our Docker Compose configuration contains sensitive information such as the PostgreSQL username and password. This information is directly written in the docker-compose.yml file, which is not a secure practice and could lead to accidental exposure of these details.

To enhance the security of our setup, we should move these sensitive details to a separate .env.sample file. Docker Compose automatically reads from a .env.sample file in the same directory as the docker-compose.yml file, if it exists.

Tasks:

1. Create a .env.sample file in the same directory as the docker-compose.yml file.
2. Move the POSTGRES_USER and POSTGRES_PASSWORD environment variables from the docker-compose.yml file to the .env.sample file.
3. Update the docker-compose.yml file to reference these variables from the .env.sample file.
4. Update the documentation to instruct users to create their own .env.sample file with their specific details.

Acceptance Criteria:

1. The docker-compose.yml file no longer contains the POSTGRES_USER and POSTGRES_PASSWORD environment variables directly.
2. The .env.sample file is created and contains the POSTGRES_USER and POSTGRES_PASSWORD environment variables.

[PrathameshTheurkar]

hi @jayanth-kumar-morem can you assign this task to me I would like to contribute to this .

[PrathameshTheurkar]

Pull request #104:

[PrathameshTheurkar]

@jayanth-kumar-morem can u plz check my Pull request #104 and kindly merge it .

[singhalkarun]

@PiyushRaj927 to pick this.

• Add a sample.env and accept POSTGRES_USERNAME and POSTGRES_PASSWORD
• Image Tag can be accepted from env