-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathsecrets_entrypoint_tasks.sh
More file actions
executable file
·27 lines (21 loc) · 1.05 KB
/
secrets_entrypoint_tasks.sh
File metadata and controls
executable file
·27 lines (21 loc) · 1.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/bin/bash
set -e
# This script is taken from https://aws.amazon.com/blogs/security/how-to-manage-secrets-for-amazon-ec2-container-service-based-applications-by-using-amazon-s3-and-docker/
# and is used to set up app secrets in ECS without exposing them as widely as using ECS env vars directly would.
# Check that the environment variable has been set correctly
if [ -z "$SECRETS_BUCKET_NAME" ]; then
echo >&2 'error: missing SECRETS_BUCKET_NAME environment variable'
exit 1
fi
# Load the S3 secrets file contents into the environment variables
export $(aws s3 cp s3://${SECRETS_BUCKET_NAME}/secrets - | grep -v '^#' | xargs)
# Decode base64-encoded secrets that may contain special characters
if [ -n "$JWT_ID_SECRETS" ]; then
export JWT_ID_SECRETS=$(echo "$JWT_ID_SECRETS" | base64 -d)
fi
echo "Running migrations before start if necessary..."
composer doctrine:cache:clear:live
composer doctrine:migrate:live || exit 3
echo "Starting task..."
# Call the normal CLI entry-point script, passing on script name and any other arguments
docker-php-entrypoint "$@"