Invalid use of DOCKER_SECRET_REDIS_PASS

[hellkite500]

The env variable established in commit 30c48a3 contains the path to the secret file, not the secret itself, but several places in the service code assume that DOCKER_SECRET_REDIS_ is a valid env prefix for the password itself.

Current behavior

Services look for ENV variable DOCKER_SECRET_REDIS_PASS assuming it is the password.

Expected behavior

Either DOCKER_SECRET_REDIS_PASS needs to be re-written, or a different ENV variable needs to be used which is set from the value in the secret file.

The redis service does this approrpiately in the entrypoint.sh

SECRET_FILE="/run/secrets/${DOCKER_SECRET_REDIS_PASS:?}"
REDIS_PASS="$(cat ${SECRET_FILE})"

But the other python based services do not read this secret appropriately, and the function used to parse the env, _get_parsed_or_env_val in the __main__.py checks that DOCKER_SECRET_REDIS_PASS exists, which it does, and uses its value (the path to the secret file in the container file system) as the password it uses to attempt connections with, which fail.

[aaraney]

This is a non-issue any more. See:

• DMOD/docker/main/docker-deploy.yml

  Line 29 in 6119d6c

  - DOCKER_SECRET_REDIS_PASS=myredis_pass

• DMOD/docker/main/docker-deploy.yml

  Line 61 in 6119d6c

  - DOCKER_SECRET_REDIS_PASS=myredis_pass

• DMOD/docker/main/docker-deploy.yml

  Line 82 in 6119d6c

  - DOCKER_SECRET_REDIS_PASS=myredis_pass