Hostname not guaranteed static

[cwatsonc]

My organization has been experimenting with https://github.com/jelhub/scimgateway as a provisioning solution hosted and connected to MS Azure AAD. We found some limitations with the code and will make recommendations to correct these. This can apply to any cloud provider hosted solution and not just MS Azure.

The first problem we encountered is with the secrets management strategy chosen. With cloud fabric solutions you might not be guaranteed a static hostname be delivered to your app -- this is the case with MS Azure and any strategies used that rely on a static hostname should have a strategy to mitigate the fact when not be guaranteed static.

In the config recovery code (lib/utils.js) we added:

var myhost = process.env.hostname_deg || require('os').hostname();
var chi = require('path').basename(configFile) + myhost;

To ensure a static value on MS Azure this is required.

The hostname_deg value must be set on the environment variables prior to execution.

[jelhub]

New version 0.4.5 now use machine-id instead of hostname and this id should be unique within the OS installation.

Password encryption seed may also be overridden by setting environment variables before starting the gateway. Setting environment variable SEED will override the default machine-id based password seed.

[cwatsonc]

verified working in 0.4.5