reiterl
commented
2 years ago Which ones?
Closed normanjaeckel closed 1 year ago
reiterl
commented
2 years ago Which ones?
reiterl
commented
2 years ago I have worked at the entrypoint( moved it, extract vars, add reading FILE vars). At the moment I think the situation should be okay.
normanjaeckel
commented
2 years ago I think https://github.com/OpenSlides/openslides-media-service/blob/openslides4-dev/scripts/entrypoint.sh#L6 is still wrong. The password should be read from secret file and not from env var directly. Please see the correspondent issue in datastore: https://github.com/OpenSlides/openslides-datastore-service/pull/164
normanjaeckel
commented
2 years ago See especially https://github.com/jsangmeister/openslides-datastore-service/blob/0847086340c56d737a14fd03cb08a3a9286becae/scripts/system/export-database-variables.sh how the datastore sets PGPASSWORD (which is silently used by the psql command).
jsangmeister
commented
2 years ago The variable is set in https://github.com/OpenSlides/openslides-media-service/blob/openslides4-dev/scripts/service_env.sh. But I agree that this should be done analogous to the datastore (especially should it not be possible to provide the password directly via an env var).
jsangmeister
commented
2 years ago
The entrypoint (https://github.com/OpenSlides/openslides-media-service/blob/openslides4-dev/entrypoint.sh) contains wrong environment vars. At least the postgres password should be read from secret file. Without this fix the prod setup would be broken.