DATABASE_URL hard-coded in docker-compose.yml
albertinator opened this issue · 1 comments
Expected behavior
Expect services.app
in docker-compose.yml
to source environment variables from .env
.
Actual behavior
It was surprising to see that our DATABASE_URL
was directly added to the services.app.environment
property (hard-coded) when the docker-compose.yml
was generated by lumber
.
Failure Logs
Not a failure, just a security concern because many users likely will create a Git repo out of this and the docker-compose.yml
would part of that codebase with a DATABASE_URL
hard-coded in.
I wouldn't have known this if I didn't thoroughly inspect every file generated by lumber
.
Context
- Lumber Package Version: 3.6.0
- Database Dialect: PostgreSQL
- Database Version: 11.6
A new version of lumber has just been released thanks to your suggestion: #464 (comment) 🎉
Thank you for your feedback! 🙏
Feel free to re-open this issue if you have any issue!