Skip to content

Secrets

The docker-compose setup initiates a container dedicated to secrets storage and retrieval. This is a REST API with two endpoints, one for reading secrets and one for writing secrets. Secrets are stored on your Cobra Database server within the Data/Secrets/ directory, relative to the docker-compose file location. The encryption key is also located in the same directory.

This architecture significantly enhances the efficiency of secrets management across your services by centralizing secret storage. Instead of duplicating secrets across multiple locations, each service communicates with the secret service to access necessary secrets such as database credentials. This method not only simplifies management but also reinforces the security posture by minimizing exposure.

Modifying Secrets

Should you need to modify existing secrets, the process is designed to be as intuitive as possible:

Update Secrets: To set a new secret, visit http://localhost:21300/ to access the Swagger UI. This interface allows you to securely update secrets by specifying:

  • Authorization: Press the Authorize button to authorize. Use the MASTER_KEY, it should match the one found in the .env file.
  • Key Parameter: The name of the secret you wish to change.
  • Value Parameter: The value for your secret.