MEDIAWIKI_DB_PASSWORD is required everytime the image is run, even though it is only required on install. This makes the image less secure by requiring the password to be stored both inside the image and in environment variables, requiring the password to be stored outside of the image, giving two vectors of attack to access the secret.
This is because MEDIAWIKI_DB_TYPE defaults to mysql, set -e is run, and php runs exit(1) if it fails to connect.
A workaround is to set MEDIAWIKI_DB_TYPE to something else. I'd like to make a pull request to either give this workaround in the README, or to not attempt to connect if the password is empty in the entrypoint.
MEDIAWIKI_DB_PASSWORDis required everytime the image is run, even though it is only required on install. This makes the image less secure by requiring the password to be stored both inside the image and in environment variables, requiring the password to be stored outside of the image, giving two vectors of attack to access the secret.This is because
MEDIAWIKI_DB_TYPEdefaults tomysql,set -eis run, and php runsexit(1)if it fails to connect.A workaround is to set
MEDIAWIKI_DB_TYPEto something else. I'd like to make a pull request to either give this workaround in the README, or to not attempt to connect if the password is empty in the entrypoint.However, is this design intentional?