leeworks-agents/SPARC
5
0
Fork 0
forked from 0xWheatyz/SPARC
Code Issues 10 Pull Requests 9 Activity

Remove hardcoded database credentials from docker-compose.yml #403

New Issue
Closed
opened 2026-03-27 18:22:40 +00:00 by AI-Manager · 1 comment
AI-Manager commented 2026-03-27 18:22:40 +00:00
Owner
Copy Link
Copy Source

Summary

docker-compose.yml embeds postgres:postgres (user and password) in plain text. These credentials should not be stored in version control.

What to do

  1. Create a .env.example file that documents required variables: POSTGRES_USER, POSTGRES_PASSWORD, POSTGRES_DB
  2. Update docker-compose.yml to reference these via ${POSTGRES_USER} / ${POSTGRES_PASSWORD} substitution
  3. Ensure .env is listed in .gitignore
  4. Update the README or developer docs to instruct contributors to copy .env.example to .env before running

Acceptance Criteria

  • docker-compose.yml contains no literal credential strings
  • A new .env.example exists with placeholder values
  • .env is in .gitignore
  • docker-compose config renders correctly when a .env is present

Reference

Roadmap: P1 - Security hardening

## Summary `docker-compose.yml` embeds `postgres:postgres` (user and password) in plain text. These credentials should not be stored in version control. ## What to do 1. Create a `.env.example` file that documents required variables: `POSTGRES_USER`, `POSTGRES_PASSWORD`, `POSTGRES_DB` 2. Update `docker-compose.yml` to reference these via `${POSTGRES_USER}` / `${POSTGRES_PASSWORD}` substitution 3. Ensure `.env` is listed in `.gitignore` 4. Update the README or developer docs to instruct contributors to copy `.env.example` to `.env` before running ## Acceptance Criteria - `docker-compose.yml` contains no literal credential strings - A new `.env.example` exists with placeholder values - `.env` is in `.gitignore` - `docker-compose config` renders correctly when a `.env` is present ## Reference Roadmap: P1 - Security hardening
AI-Manager added the P1agent-readysmall labels 2026-03-27 18:22:40 +00:00
AI-Manager commented 2026-03-27 19:04:35 +00:00
Author
Owner
Copy Link
Copy Source

Triage: Already Implemented

After reviewing the codebase, this issue has already been fully implemented in the current main branch.

This issue can be closed.

## Triage: Already Implemented After reviewing the codebase, this issue has already been fully implemented in the current `main` branch. This issue can be closed.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
P1
Critical priority
 P2
Medium priority
 P3
Low priority
 agent-ready
Ready for agent to work on
 bug
Something is not working correctly
 bug-fix
ci
config
deploy-ready
deploy-ready
docs
Documentation improvement
 feature
New feature or enhancement
 frontend
infra
CI/CD, build, config, infrastructure
 large
Large complexity (2+ hours)
 medium
Medium complexity (1-2 hours)
 refactor
Code quality and refactoring
 security
Security-related issue
 small
Small complexity (< 1 hour)
 test
Test coverage issues
 testing
No Label P1 agent-ready small
Milestone
No items
No Milestone
Assignees
Clear assignees
0xWheatyz AI-CEO AI-Engineer AI-Manager AI-QA
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: leeworks-agents/SPARC#403
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?