recipe-maintainers/lasuite-docs
0
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

working with secrets

Browse Source
This commit is contained in:
notplants
2025-11-04 14:20:01 -05:00
parent 8bda1893f3
commit 761320788b
3 changed files with 7 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
abra-entrypoint.sh
View File

@ -1,12 +1,9 @@
#!/bin/sh #!/bin/sh
set -e set -e
echo "++ running new entrypoint"
ORIGINAL_ENTRYPOINT="$1" ORIGINAL_ENTRYPOINT="$1"
shift shift
echo "++ original entrypoint: ${ORIGINAL_ENTRYPOINT}"
[ -f /run/secrets/postgres_password ] && export DB_PASSWORD="$(cat /run/secrets/postgres_password)" [ -f /run/secrets/postgres_password ] && export DB_PASSWORD="$(cat /run/secrets/postgres_password)"
[ -f /run/secrets/postgres_password ] && export POSTGRES_PASSWORD="$(cat /run/secrets/postgres_password)" [ -f /run/secrets/postgres_password ] && export POSTGRES_PASSWORD="$(cat /run/secrets/postgres_password)"
[ -f /run/secrets/django_secret_key ] && export DJANGO_SECRET_KEY="$(cat /run/secrets/django_secret_key)" [ -f /run/secrets/django_secret_key ] && export DJANGO_SECRET_KEY="$(cat /run/secrets/django_secret_key)"
@ -16,10 +13,6 @@ echo "++ original entrypoint: ${ORIGINAL_ENTRYPOINT}"
[ -f /run/secrets/oidc_rp_client_secret ] && export OIDC_RP_CLIENT_SECRET="$(cat /run/secrets/oidc_rp_client_secret)" [ -f /run/secrets/oidc_rp_client_secret ] && export OIDC_RP_CLIENT_SECRET="$(cat /run/secrets/oidc_rp_client_secret)"
[ -f /run/secrets/collaboration_server_secret ] && export COLLABORATION_SERVER_SECRET="$(cat /run/secrets/collaboration_server_secret)" [ -f /run/secrets/collaboration_server_secret ] && export COLLABORATION_SERVER_SECRET="$(cat /run/secrets/collaboration_server_secret)"
echo "++ command: ${@}"
echo "++ env: "
printenv
# --- Execute the original entrypoint and command --- # --- Execute the original entrypoint and command ---
if [ -n "$ORIGINAL_ENTRYPOINT" ] && [ "$ORIGINAL_ENTRYPOINT" != "null" ]; then if [ -n "$ORIGINAL_ENTRYPOINT" ] && [ "$ORIGINAL_ENTRYPOINT" != "null" ]; then
exec "$ORIGINAL_ENTRYPOINT" "$@" exec "$ORIGINAL_ENTRYPOINT" "$@"

1
abra.sh
View File

@ -9,6 +9,7 @@ environment() {
[ -f /run/secrets/postgres_password ] && export POSTGRES_PASSWORD="$(cat /run/secrets/postgres_password)" [ -f /run/secrets/postgres_password ] && export POSTGRES_PASSWORD="$(cat /run/secrets/postgres_password)"
[ -f /run/secrets/django_secret_key ] && export DJANGO_SECRET_KEY="$(cat /run/secrets/django_secret_key)" [ -f /run/secrets/django_secret_key ] && export DJANGO_SECRET_KEY="$(cat /run/secrets/django_secret_key)"
[ -f /run/secrets/minio_root_password ] && export MINIO_ROOT_PASSWORD="$(cat /run/secrets/minio_root_password)" [ -f /run/secrets/minio_root_password ] && export MINIO_ROOT_PASSWORD="$(cat /run/secrets/minio_root_password)"
[ -f /run/secrets/minio_root_password ] && export AWS_S3_SECRET_ACCESS_KEY="$(cat /run/secrets/minio_root_password)"
[ -f /run/secrets/django_superuser_password ] && export DJANGO_SUPERUSER_PASSWORD="$(cat /run/secrets/django_superuser_password)" [ -f /run/secrets/django_superuser_password ] && export DJANGO_SUPERUSER_PASSWORD="$(cat /run/secrets/django_superuser_password)"
[ -f /run/secrets/oidc_rp_client_secret ] && export OIDC_RP_CLIENT_SECRET="$(cat /run/secrets/oidc_rp_client_secret)" [ -f /run/secrets/oidc_rp_client_secret ] && export OIDC_RP_CLIENT_SECRET="$(cat /run/secrets/oidc_rp_client_secret)"
[ -f /run/secrets/collaboration_server_secret ] && export COLLABORATION_SERVER_SECRET="$(cat /run/secrets/collaboration_server_secret)" [ -f /run/secrets/collaboration_server_secret ] && export COLLABORATION_SERVER_SECRET="$(cat /run/secrets/collaboration_server_secret)"

12
compose.yml
View File

@ -103,12 +103,12 @@ services:
- backend - backend
environment: environment:
<<: [*common-env, *postgres-env, *yprovider-env] <<: [*common-env, *postgres-env, *yprovider-env]
# healthcheck: healthcheck:
# test: ["CMD", "python", "manage.py", "check"] test: ["CMD", "/abra-entrypoint.sh", "python", "manage.py", "check"]
# interval: 15s interval: 15s
# timeout: 30s timeout: 30s
# retries: 20 retries: 20
# start_period: 10s start_period: 10s
command: ["gunicorn", "-c", "/usr/local/etc/gunicorn/impress.py", "impress.wsgi:application"] command: ["gunicorn", "-c", "/usr/local/etc/gunicorn/impress.py", "impress.wsgi:application"]
entrypoint: ["/abra-entrypoint.sh", "/usr/local/bin/entrypoint"] entrypoint: ["/abra-entrypoint.sh", "/usr/local/bin/entrypoint"]
configs: configs: