[Maintenance] [Security] Avoid username and password in variables #511
Description
Avoid to use ENV variables for username and passwords.
See this page for more details.
On the image level, there is no issue because the variables are empty by default but, at the container level, those credentials can be seen by any user who can inspect a container.
Strategy:
- Deprecate those variables and remove them from Dockerfile (will still be usable), offer a way to pass a "credential" file.
- Eventually remove those variables (don't use them in run script)
This will happen across more than one release.