Summary

Current docker-compose configuration exposes password in a versioned git file.

Steps to reproduce

git clone the project.

modify your password in docker-compose

first if you want to pull, it will complain (you have existing changes).

and you can add / share in next push !

What is the current bug behavior?

password is in a versioned git file

What is the expected correct behavior?

we should ignore the password file

Possible fixes

https://stackoverflow.com/questions/42139605/how-do-you-manage-secret-values-with-docker-compose-v3-1

Discuss the solution above please.