I have a docker image that can run in two modes DEV and PROD. Dev is insecure (e.g does not validate for credentials, CORS is allowed etc’) while PROD is secure.
Is there a safe method (e.g by leveraging environment variable, docker config, docker secrets…) to set the flag in the created container to PROD and be reasonable sure it can not be later set to DEV by an adversary, resulting a security breach?
Obviously having a single file mounted read-only is not the same as having the whole rootfs mounted read-only. Though, you will want to combine both (and secrets for sensitve data as well) to still have the possibility to have individual configurations, don’t you?
It is a bad habit to create a new image per stage. You want to have a fixed image that your transport thru you stages. Of course the image should have a usuful default configuration in place, so that mounting a configs or secrets is not required, but allows to optionaly replace the default configuration with an environment specific one.