How to demonize an NPM app , firstly why to demonize?
Well, an app process could have a life cycle and a support for its management, like init.d, upstart, etc..
NPM comes has its nice facility tool called "PM2"
https://github.com/Unitech/pm2
It is super cool , it restarts the app, every time it crashes, kill -9 <pid> what ever.
I ran into a situation , where i forgot that i orchestrated my NPM app with this PM2 tool, and could not find a reason why i have a port conflict.
I found that i have this app running, tracked the parent process, which is re-spinning this app, on my kill -9.
And have to do a "$ pm2 stopall"
Thursday, September 15, 2016
Application secrets management
All applications uses secrets
Android Key Store
https://developer.android.com/training/articles/keystore.html
Distelli
https://www.distelli.com/blog/keeping-your-application-secrets-safe
https://www.distelli.com/docs/kb/using-secure-package-with-secrets
Update:
Referenfce : https://changelog.com/podcast/239
- user name / password
- database connection strings
- TLS Certificate / Key
- Application specific content , etc...
Configurations of any kind (.ini, .yaml, .xml, etc ..), even the OS configuration for application tuning, MUST be versioned and most of the time the packaging bundles the application with specific configuration, this is not a good practice.
Storing secrets in build time is a big flaw. Likewise storing secrets in ENV's is also a security issue.
Secrets better be on a separate service, from which applications pull specific version of relevant secret data.
Storing secrets in build time is a big flaw. Likewise storing secrets in ENV's is also a security issue.
Secrets better be on a separate service, from which applications pull specific version of relevant secret data.
References
AWS, EC2 Container
https://blogs.aws.amazon.com/security/post/Tx2B3QUWAA7KOU/How-to-Manage-Secrets-for-Amazon-EC2-Container-Service-Based-Applications-by-Usi
AWS, EC2 Container
https://blogs.aws.amazon.com/security/post/Tx2B3QUWAA7KOU/How-to-Manage-Secrets-for-Amazon-EC2-Container-Service-Based-Applications-by-Usi
https://infinum.co/the-capsized-eight/articles/hiding-secrets-in-vault
Why secrets store / vault do not have user interface???
https://feedback.azure.com/forums/170024-additional-services/suggestions/12370134-please-consider-user-interface-for-azure-key-vault
Azure Key Vault ( KV)
https://blogs.technet.microsoft.com/kv/
Android Key Store
https://developer.android.com/training/articles/keystore.html
Distelli
https://www.distelli.com/blog/keeping-your-application-secrets-safe
https://www.distelli.com/docs/kb/using-secure-package-with-secrets
Update:
Referenfce : https://changelog.com/podcast/239
Subscribe to:
Posts (Atom)