From 17c7afc51db15b3ebfc5f01a14a4a40f4ab1c899 Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Tue, 10 Dec 2024 15:20:01 +1100 Subject: [PATCH] chore: add password entrypoint to keycloak and api db --- services/api-db/Dockerfile | 2 ++ services/api-db/Dockerfile.mysql | 2 ++ services/api-db/password-entrypoint.bash | 11 +++++++++++ services/keycloak-db/Dockerfile | 2 ++ services/keycloak-db/Dockerfile.mysql | 2 ++ services/keycloak-db/password-entrypoint.bash | 11 +++++++++++ 6 files changed, 30 insertions(+) create mode 100644 services/api-db/password-entrypoint.bash create mode 100644 services/keycloak-db/password-entrypoint.bash diff --git a/services/api-db/Dockerfile b/services/api-db/Dockerfile index 9f9a4e0788..57ecf32b8f 100644 --- a/services/api-db/Dockerfile +++ b/services/api-db/Dockerfile @@ -12,6 +12,8 @@ COPY ./legacy-migration-scripts/* /legacy-migration-scripts/ RUN chown -R mysql /legacy-migration-scripts/ \ && /bin/fix-permissions /legacy-migration-scripts/ +# replace the generate-env script with our password, since generate-env only adds a domain which isnt valid in this image +COPY password-entrypoint.bash /lagoon/entrypoints/55-generate-env.sh RUN sed -i 's/mariadb-init-complete/startup-init-complete/g' /lagoon/entrypoints/9999-mariadb-init.bash USER mysql diff --git a/services/api-db/Dockerfile.mysql b/services/api-db/Dockerfile.mysql index 372e9ea41c..e77db81364 100644 --- a/services/api-db/Dockerfile.mysql +++ b/services/api-db/Dockerfile.mysql @@ -11,6 +11,8 @@ COPY ./legacy-migration-scripts/* /legacy-migration-scripts/ RUN chown -R mysql /legacy-migration-scripts/ \ && /bin/fix-permissions /legacy-migration-scripts/ +# replace the generate-env script with our password, since generate-env only adds a domain which isnt valid in this image +COPY password-entrypoint.bash /lagoon/entrypoints/55-generate-env.sh COPY mysql-init.bash /lagoon/entrypoints/9999-mysql-init.bash USER mysql diff --git a/services/api-db/password-entrypoint.bash b/services/api-db/password-entrypoint.bash new file mode 100644 index 0000000000..1064d2c36f --- /dev/null +++ b/services/api-db/password-entrypoint.bash @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +set -eo pipefail + +if [ ${API_DB_PASSWORD+x} ]; then + if [ "${LAGOON}" == "mysql" ]; then + export MYSQL_PASSWORD=${API_DB_PASSWORD} + else + export MARIADB_PASSWORD=${API_DB_PASSWORD} + fi +fi \ No newline at end of file diff --git a/services/keycloak-db/Dockerfile b/services/keycloak-db/Dockerfile index da3035388a..81bb03972c 100644 --- a/services/keycloak-db/Dockerfile +++ b/services/keycloak-db/Dockerfile @@ -13,6 +13,8 @@ ENV MARIADB_DATABASE=keycloak \ COPY my_query-cache.cnf /etc/mysql/conf.d/my_query-cache.cnf USER root +# replace the generate-env script with our password, since generate-env only adds a domain which isnt valid in this image +COPY password-entrypoint.bash /lagoon/entrypoints/55-generate-env.sh RUN sed -i 's/mariadb-init-complete/startup-init-complete/g' /lagoon/entrypoints/9999-mariadb-init.bash RUN fix-permissions /etc/mysql/conf.d/ USER mysql diff --git a/services/keycloak-db/Dockerfile.mysql b/services/keycloak-db/Dockerfile.mysql index 5a51cd3b08..c941c0439f 100644 --- a/services/keycloak-db/Dockerfile.mysql +++ b/services/keycloak-db/Dockerfile.mysql @@ -13,6 +13,8 @@ ENV MYSQL_DATABASE=keycloak \ # MYSQL_COLLATION=utf8_general_ci USER root +# replace the generate-env script with our password, since generate-env only adds a domain which isnt valid in this image +COPY password-entrypoint.bash /lagoon/entrypoints/55-generate-env.sh COPY mysql-init.bash /lagoon/entrypoints/9999-mysql-init.bash USER mysql diff --git a/services/keycloak-db/password-entrypoint.bash b/services/keycloak-db/password-entrypoint.bash new file mode 100644 index 0000000000..2ada8a28b2 --- /dev/null +++ b/services/keycloak-db/password-entrypoint.bash @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +set -eo pipefail + +if [ ${KEYCLOAK_DB_PASSWORD+x} ]; then + if [ "${LAGOON}" == "mysql" ]; then + export MYSQL_PASSWORD=${KEYCLOAK_DB_PASSWORD} + else + export MARIADB_PASSWORD=${KEYCLOAK_DB_PASSWORD} + fi +fi \ No newline at end of file