At the moment the mysql password is read from an env variable MYSQL_ENV_MYSQL_PASSWORD
I'm not using the MYSQL_ENV_MYSQL_PASSWORD or MYSQL_ENV_MYSQL_ROOT_PASSWORD env vars for setting passwords, instead I am using the alternative environment variables that end _FILE and poiint to a locally mounted secret file containing the password instead for better security.
Docker Secrets
As an alternative to passing sensitive information via environment variables, _FILE may be appended to the previously listed environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in /run/secrets/ files. For example:
$ docker run --name some-mysql -e MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql-root -d mysql:tag
Currently, this is only supported for MYSQL_ROOT_PASSWORD, MYSQL_ROOT_HOST, MYSQL_DATABASE, MYSQL_USER, and MYSQL_PASSWORD.
Would it be possible to add support for checking for these _FILE environment variables and if present, obtaining the the password from the file they point to instead - as this will then allow me to continue to use secrets, which I'd quite like to continue doing.
At the moment the mysql password is read from an env variable
MYSQL_ENV_MYSQL_PASSWORDI'm not using the
MYSQL_ENV_MYSQL_PASSWORDorMYSQL_ENV_MYSQL_ROOT_PASSWORDenv vars for setting passwords, instead I am using the alternative environment variables that end _FILE and poiint to a locally mounted secret file containing the password instead for better security.This is described here (excerpt below): https://hub.docker.com/_/mysql/
Would it be possible to add support for checking for these _FILE environment variables and if present, obtaining the the password from the file they point to instead - as this will then allow me to continue to use secrets, which I'd quite like to continue doing.