Fix for secret path mounting

OWASP · Feb 2, 2025 · ca088a2 · ca088a2
1 parent 724228e
commit ca088a2
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -31,7 +31,7 @@ RUN mkdir -p /app
 # Use a separate RUN command for --mount
 RUN --mount=type=secret,id=mysecret \
     export SECRET_VALUE=$(cat /run/secrets/mysecret) && \
-    echo $SECRET_VALUE >> /app/secret.txt
+    echo $SECRET_VALUE >> /var/run/secrets2/secret.txt
 
 COPY --chown=wrongsecrets .github/scripts/ /var/tmp/helpers
 COPY --chown=wrongsecrets .github/scripts/.bash_history /home/wrongsecrets/

diff --git a/pom.xml b/pom.xml
@@ -11,7 +11,7 @@
 
   <groupId>org.owasp</groupId>
   <artifactId>wrongsecrets</artifactId>
-  <version>1.10.2-SNAPSHOT</version>
+  <version>local-test-SNAPSHOT</version>
 
   <name>OWASP WrongSecrets</name>
   <description>Examples with how to not use secrets</description>

diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge52.java b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge52.java
@@ -19,7 +19,7 @@ public class Challenge52 extends FixedAnswerChallenge {
   private static final Logger log = LoggerFactory.getLogger(Challenge52.class);
   private final String dockerMountsecret;
 
-  public Challenge52(@Value("$challengedockermtsecret") String dockerMountsecret) {
+  public Challenge52(@Value("${chalenge_docker_mount_secret}") String dockerMountsecret) {
     this.dockerMountsecret = dockerMountsecret;
   }
 

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -79,7 +79,7 @@ management.endpoint.health.probes.enabled=true
 management.health.livenessState.enabled=true
 management.health.readinessState.enabled=true
 management.endpoints.web.exposure.include=auditevents,info,health
-challengedockermtsecret=/app
+chalenge_docker_mount_secret=/var/run/secrets2
 #---
 spring.config.activate.on-profile=kubernetes-vault
 wrongsecretvalue=wrongsecret