Summary
Deployment audit found multiple P0 security and readiness gaps in docker-compose defaults.
Findings
P0 APISIX Admin API exposed externally with permissive allowlist and static admin key.
Evidence: docker-compose.yml:23, quickstart/configs/apisix/apisix_conf/config.yaml:17, :20, :24
P0 APISIX Dashboard exposed externally with default weak credentials.
Evidence: docker-compose.yml:35, quickstart/configs/apisix/dashboard_conf/conf.yaml:5, :8, :39, :40
P0 Hydra runs in --dev while admin/public ports are exposed.
Evidence: docker-compose.yml:42, docker-compose.yml:45
P0 Hydra login/consent/logout URLs point to container-loopback 127.0.0.1 and can break OAuth flow.
Evidence: quickstart/configs/hydra/hydra.yml:13, :14, :15
P0 MySQL root remote access with weak default password and host port mapping.
Evidence: docker-compose.yml:71, :72, :76
P0 etcd exposed without auth/TLS, risking service discovery poisoning.
Evidence: docker-compose.yml:96, :101, :102
P0 dependency readiness not gated; service init panics under cold-start races.
Evidence: docker-compose.ms.yml:17, :18, :19, pkg/gorm/gorm.go:209, :230
P0 event stack assumes Kafka readiness without startup guard.
Evidence: quickstart/configs/config.yaml:21, :22, event/kafka/kafka.go:128, :130
P1 Hydra depends on migration container start, not migration completion.
Evidence: docker-compose.yml:52, :53, :60, :63
P1 Redis health check uses unauthenticated PING while password is configured.
Evidence: docker-compose.yml:81, :83
Suggested Direction
Restrict exposed ports and rotate secrets.
Enforce auth/TLS for control planes and data stores.
Add health-gated dependency orchestration.
Summary
Deployment audit found multiple P0 security and readiness gaps in docker-compose defaults.
Findings
P0APISIX Admin API exposed externally with permissive allowlist and static admin key.docker-compose.yml:23,quickstart/configs/apisix/apisix_conf/config.yaml:17,:20,:24P0APISIX Dashboard exposed externally with default weak credentials.docker-compose.yml:35,quickstart/configs/apisix/dashboard_conf/conf.yaml:5,:8,:39,:40P0Hydra runs in--devwhile admin/public ports are exposed.docker-compose.yml:42,docker-compose.yml:45P0Hydra login/consent/logout URLs point to container-loopback127.0.0.1and can break OAuth flow.quickstart/configs/hydra/hydra.yml:13,:14,:15P0MySQL root remote access with weak default password and host port mapping.docker-compose.yml:71,:72,:76P0etcd exposed without auth/TLS, risking service discovery poisoning.docker-compose.yml:96,:101,:102P0dependency readiness not gated; service init panics under cold-start races.docker-compose.ms.yml:17,:18,:19,pkg/gorm/gorm.go:209,:230P0event stack assumes Kafka readiness without startup guard.quickstart/configs/config.yaml:21,:22,event/kafka/kafka.go:128,:130P1Hydra depends on migration container start, not migration completion.docker-compose.yml:52,:53,:60,:63P1Redis health check uses unauthenticated PING while password is configured.docker-compose.yml:81,:83Suggested Direction