Skip to content

Commit fd17b50

Browse files
tianontianon
committed
Add "file_env" support, especially for Docker secrets
This adds explicit support for the following: - `MYSQL_ROOT_PASSWORD_FILE` - `MYSQL_DATABASE_FILE` - `MYSQL_USER_FILE` - `MYSQL_PASSWORD_FILE`
1 parent 9584428 commit fd17b50

File tree

1 file changed

+27
-1
lines changed

1 file changed

+27
-1
lines changed

8.0/docker-entrypoint.sh

Lines changed: 27 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,28 @@ for arg; do
1818
esac
1919
done
2020

21+
# usage: file_env VAR [DEFAULT]
22+
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
23+
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
24+
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
25+
file_env() {
26+
local var="$1"
27+
local fileVar="${var}_FILE"
28+
local def="${2:-}"
29+
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
30+
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
31+
exit 1
32+
fi
33+
local val="$def"
34+
if [ "${!var:-}" ]; then
35+
val="${!var}"
36+
elif [ "${!fileVar:-}" ]; then
37+
val="$(< "${!fileVar}")"
38+
fi
39+
export "$var"="$val"
40+
unset "$fileVar"
41+
}
42+
2143
_check_config() {
2244
toRun=( "$@" --verbose --help )
2345
if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
@@ -52,6 +74,7 @@ if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
5274
DATADIR="$(_datadir "$@")"
5375

5476
if [ ! -d "$DATADIR/mysql" ]; then
77+
file_env 'MYSQL_ROOT_PASSWORD'
5578
if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
5679
echo >&2 'error: database is uninitialized and password option is not specified '
5780
echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
@@ -87,7 +110,7 @@ if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
87110
fi
88111

89112
if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
90-
MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
113+
export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
91114
echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
92115
fi
93116
"${mysql[@]}" <<-EOSQL
@@ -106,11 +129,14 @@ if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
106129
mysql+=( -p"${MYSQL_ROOT_PASSWORD}" )
107130
fi
108131

132+
file_env 'MYSQL_DATABASE'
109133
if [ "$MYSQL_DATABASE" ]; then
110134
echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}"
111135
mysql+=( "$MYSQL_DATABASE" )
112136
fi
113137

138+
file_env 'MYSQL_USER'
139+
file_env 'MYSQL_PASSWORD'
114140
if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
115141
echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}"
116142

0 commit comments

Comments
 (0)