## Week 18: Docker Security

6. Managing Secrets (Environment Variables)

    A "secret" is any sensitive data, like an API key, database password, or encryption key.
    - Best Practice: Never hardcode secrets directly into your source code or Dockerfile. Doing so embeds them in the image layer, making them retrievable by anyone with access to the image.

    - Initial Solution: Use Environment Variables (ENVs). You set these variables when you run the container, and your Python application reads them from the environment (e.g., using `os.environ['MY_SECRET_KEY']`).
        - Note: For true production security, more advanced tools like Docker Secrets or Kubernetes Secrets are used, but environment variables are the necessary starting point.

    - Implementation:
        - In Dockerfile (for non-secrets): Use `ENV PORT=8000` for configuration settings.
        - At Runtime (for secrets): Use the `-e` flag with `docker run`: `docker run -e API_KEY=abc-123 my-image`.

7. Non-Root User Principle
    
    This is a critical security best practice for Docker images.
    - Problem: By default, the application inside a container runs as the root user. If a hacker manages to exploit a vulnerability in your application and break out of the container (a "container breakout"), they would have root privileges on the host machineâ€”a catastrophic failure.
    - Solution: Follow the Principle of Least Privilege by creating a dedicated, non-root user inside the container and switching to it before running the application.
    - Dockerfile Instructions:
        - `RUN groupadd -r appuser && useradd -r -g appuser appuser` (Creates a new user and group).
        - `USER appuser` (Switches the user for all subsequent commands, including CMD).
    - This ensures that the running process has the minimal necessary permissions, limiting the potential damage of a security exploit.