From c95f23fe42e9fe36287b6ea4ff505bcc48b253d8 Mon Sep 17 00:00:00 2001
From: baloola <baloola-mu@hotmail.com>
Date: Tue, 20 Oct 2020 11:20:22 +0200
Subject: [PATCH] adding docker secret to operator guide

---
 README.md                                      |  2 ++
 documentation/operator-guide/configuration.rst | 16 ++++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/README.md b/README.md
index ec20c42b..9333a429 100644
--- a/README.md
+++ b/README.md
@@ -244,6 +244,8 @@ sftp -P 2222 eox@127.0.0.1
 You will log in  into`/home/eox/data` directory which contains the 2 logging directories : `to/panda` and `from/fepd`
 
  **NOTE:**  The mounted directory that you are directed into is *`/home/user`*, where `user` is the username, hence when changing the username in the `.conf` file, the `sftp` mounted volumes path in `docker-compse.<collection>.yml` must change respectivly.
+
+Once a product is registered, a xml report that contains `WMS` and `WCS` getCapabilities links is generated and saved in the same volume which `to/panda` is mounted to, once you successfuly sftp into the "sftp image" you can navigate to the generated reports.
  
 
 # Documentation
diff --git a/documentation/operator-guide/configuration.rst b/documentation/operator-guide/configuration.rst
index 578bd680..ff600788 100644
--- a/documentation/operator-guide/configuration.rst
+++ b/documentation/operator-guide/configuration.rst
@@ -212,6 +212,22 @@ These are the internal access credentials for the database:
 * ``DB_PORT``
 * ``DB_NAME``
 
+Sensitive variables
+^^^^^^^^^^^^^^^^^^^
+
+Since environment variables include credentials that are considered sensitive,
+avoiding their exposure inside ``.env`` files would be the right practice.
+In order to manage transmiting sensitive data securely into the respective containers,
+docker secrets with the values of these variables should be created. currently, three 
+variables shall be passed as secrets before deploying the swarm:
+``OS_PASSWORD``,  ``OS_PASSWORD_DOWNLOAD`` and ``DJANGO_PASSWORD``.
+An example of creating ``OS_PASSWORD`` as secret using the following comand : 
+
+.. code-block:: bash
+
+  printf "<password_value>" | docker secret create OS_PASSWORD -
+
+
 Configuration Files
 -------------------
 
-- 
GitLab