This commit introduces secure Docker secrets integration for the ResetData
API key, enabling CHORUS to read sensitive configuration from mounted secret
files instead of environment variables.
## Key Changes:
**Security Enhancement:**
- Modified `pkg/config/config.go` to support reading ResetData API key from
Docker secret files using `getEnvOrFileContent()` pattern
- Enables secure deployment with `RESETDATA_API_KEY_FILE` pointing to
mounted secret file instead of plain text environment variables
**Container Deployment:**
- Added `Dockerfile.simple` for optimized Alpine-based deployment using
pre-built static binaries (chorus-agent)
- Updated `docker-compose.yml` with proper secret mounting configuration
- Fixed container binary path to use new `chorus-agent` instead of deprecated
`chorus` wrapper
**WHOOSH Integration:**
- Critical for WHOOSH wave-based auto-scaling system integration
- Enables secure credential management in Docker Swarm deployments
- Supports dynamic scaling operations while maintaining security standards
## Technical Details:
The ResetData configuration now supports both environment variable fallback
and Docker secrets:
```go
APIKey: getEnvOrFileContent("RESETDATA_API_KEY", "RESETDATA_API_KEY_FILE")
```
This change enables CHORUS to participate in WHOOSH's wave-based scaling
architecture while maintaining production-grade security for API credentials.
## Testing:
- Verified successful deployment in Docker Swarm environment
- Confirmed CHORUS agent initialization with secret-based configuration
- Validated integration with BACKBEAT and P2P networking components
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
2578876eeb