working on secrets

compose.yml

@@ -5,9 +5,9 @@
 x-common-env: &common-env
   DJANGO_CONFIGURATION: Production
   DJANGO_ALLOWED_HOSTS: "*"
-  DJANGO_SECRET_KEY:
+  XX_DJANGO_SECRET_KEY:
   DJANGO_SETTINGS_MODULE: impress.settings
-  DJANGO_SUPERUSER_PASSWORD:
+  XX_DJANGO_SUPERUSER_PASSWORD:
   # Logging
   # Set to DEBUG level for dev only
   LOGGING_LEVEL_HANDLERS_CONSOLE:
@@ -38,7 +38,7 @@ x-common-env: &common-env
   OIDC_OP_TOKEN_ENDPOINT:
   OIDC_OP_USER_ENDPOINT:
   OIDC_RP_CLIENT_ID:
-  OIDC_RP_CLIENT_SECRET:
+  XX_OIDC_RP_CLIENT_SECRET:
   OIDC_RP_SIGN_ALGO:
   OIDC_RP_SCOPES:
   LOGIN_REDIRECT_URL:
@@ -113,6 +113,11 @@ services:
       timeout: 30s
       retries: 20
       start_period: 10s
+    entrypoint: /abra-lasuite-entrypoint.sh
+    configs:
+      - source: abra_lasuite_entrypoint
+        target: /abra-lasuite-entrypoint.sh
+        mode: 0555
 
   celery:
     image: lasuite/impress-backend:v3.4.2
@@ -121,6 +126,11 @@ services:
     command: ["celery", "-A", "impress.celery_app", "worker", "-l", "INFO"]
     environment:
       <<: [*common-env, *postgres-env, *yprovider-env]
+    entrypoint: /abra-lasuite-entrypoint.sh
+    configs:
+      - source: abra_lasuite_entrypoint
+        target: /abra-lasuite-entrypoint.sh
+        mode: 0555
 
   y-provider:
     image: lasuite/impress-y-provider:v3.4.2
@@ -229,3 +239,17 @@ configs:
   pg_backup:
     name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
     file: pg_backup.sh
+  abra_lasuite_entrypoint:
+    name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION}
+    file: entrypoint.sh
+
+secrets:
+  django_secret_key:
+    external: true
+    name: ${STACK_NAME}_django_secret_key_${SECRET_DJANGO_SECRET_KEY_VERSION}
+  oidc_rp_client_secret:
+    external: true
+    name: ${STACK_NAME}_oidc_rp_client_secret_${SECRET_OIDC_RP_CLIENT_SECRET_VERSION}
+  django_superuser_password:
+    external: true
+    name: ${STACK_NAME}_django_superuser_password_${SECRET_DJANGO_SUPERUSER_PASSWORD_VERSION}