From 509b6b5e8bc9b88b7974a150d4f13cee48856865 Mon Sep 17 00:00:00 2001
From: 3wc <3wc@doesthisthing.work>
Date: Thu, 4 Apr 2024 11:29:05 -0300
Subject: [PATCH] Add docker entrypoint for loading secrets

---
 docker-entrypoint.sh | 32 ++++++++++++++++++++++++++++++++
 payload/Dockerfile   |  4 +++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 docker-entrypoint.sh

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
new file mode 100644
index 0000000..33a2d8b
--- /dev/null
+++ b/docker-entrypoint.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+set -eu
+
+file_env() {
+  local var="$1"
+  local fileVar="${var}_FILE"
+  local def="${2:-}"
+
+  if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+    echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+    exit 1
+  fi
+
+  local val="$def"
+  if [ "${!var:-}" ]; then
+    val="${!var}"
+  elif [ "${!fileVar:-}" ]; then
+    val="$(< "${!fileVar}")"
+  fi
+
+  export "$var"="$val"
+  unset "$fileVar"
+}
+
+file_env "TOKEN"
+file_env "MONGODB_PASSWORD"
+file_env "PAYLOAD_SECRET"
+
+export MONGODB_URI="mongodb://$MONGODB_USER:$MONGODB_PASSWORD@$MONGODB_HOST:$MONGODB_PORT"
+
+"$@"
diff --git a/payload/Dockerfile b/payload/Dockerfile
index 1383e1e..dcac330 100644
--- a/payload/Dockerfile
+++ b/payload/Dockerfile
@@ -26,4 +26,6 @@ COPY --from=build /build/tsconfig.json ./tsconfig.json
 COPY --from=build /build/dist ./dist
 COPY --from=build /build/build ./build
 EXPOSE 3000
-CMD ["yarn", "serve"]
\ No newline at end of file
+COPY docker-entrypoint.sh /
+ENTRYPOINT /docker-entrypoint.sh
+CMD ["yarn", "serve"]