As a DevOps engineer I want to deploy Passbolt Pro via Docker by passing the subscription_key as an environment variable

Feature requests
1

Q1. What is the problem that you are trying to solve?
I am currently testing Passbolt Pro deployed in AWS (ALB, Fargate Service + EFS Share for persistency, RDS Aurora Postgres). So far there is only one thing that did not run smoothly and that is the subscription_key.txt. In Fargate it is not possible to mount single files, but only whole directories. The subscription key resides directly in /etc/passbolt which is already prepopulated with files by the installation which in turn means that I can’t place the file easily into the container.
For my small test insallation I found a workaround by changing the container command to first copy the file from some mounted directly into /etc/passbolt but I would consider this quite hacky and would prefer to not have this in a production environment.

Q2 - Who is impacted?
Most Docker/Container based deployments could benefit from this feature since it removes the need of an additional file (state).

Q3 - Why is it important and/or urgent?
For Docker/Container based deployments it is a best practice to not have state/files.

Q4 - What is your proposed solution? (optional)
Nice solutions would be:

  • pass the key directly via an environment variable
  • being able to set the path of the subscription_key file somehow.

Q5. Community support
People can vote for this idea to show traction:

  • :ok_woman: Must have: this is critical for me to have this
  • :raising_hand_woman: Should have: this is important for me to have this
  • :tipping_hand_woman: Could have: this could be nice to have
  • :no_good_woman: Won’t have: we should not schedule this (explain why)
0 voters

Orgiginal message before template

Hi,

I am currently testing Passbolt Pro deployed in AWS (ALB, Fargate Service + EFS Share for persistency, RDS Aurora Postgres). So far there is only one thing that did not run smoothly and that is the subscription_key.txt. In Fargate it is not possible to mount single files, but only whole directories. The subscription key resides directly in /etc/passbolt which means that I can’t place the file easily into the container.
For my small test insallation I found a workaround by changing the container command to first copy the file from some mounted directly into /etc/passbolt but I would consider this quite hacky. A nice solution would be to either pass the key directly via an environment variable or being able to set the path of the subscription_key file somehow.

so long.
Jörg

1 Like
2

It could be interesting and worth allowing passing the subscription key to a Docker secret.
@joerg could you follow the template of the feature request to make it easier for people and developers to understand what you demand and vote for it

3

@Termindiego25 Thanks, I had an open draft so I didn’t see the template at first. I updated the post but got an error about not being allowed to post polls. Do you happen to know whom to contact regarding this?
Edit: It works now. I am not entirely sure why but I also don’t care too much about that detail. :slight_smile: