Issues resolutions requiring manual application

Issues resolutions requiring manual application


Before proceeding with the manual steps below, verify that you have performed the steps described in Apply maintenance updates.

[34268] Security improvement for Docker containers

Enhanced the Docker Salt formula to support Docker secrets and improve the Docker containers security. The improvement applies automatically when applying maintenance updates. However, the secrets are still visible in plain text when running docker service inspect because Docker Swarm keeps the previous specification for a rollback. To remove it, follow the steps below:

To update the Docker Swarm configuration:

  1. Log in to the Salt Master node.

  2. Run the following commands:

    for service in gerrit_db gerrit_server jenkins_slave01 jenkins_slave02 jenkins_slave03 ldap_server; do
      salt -C 'I@jenkins:client and I@docker:client and not I@salt:master' "docker service update ${service} --force"
    for service in dashboard_grafana monitoring_alerta; do
      salt -C 'I@docker:swarm:role:master and I@prometheus:server' "docker service update ${service} --force"