From 2729b6960739bc124a3cd294958fd7602cace8dc Mon Sep 17 00:00:00 2001
From: thorpejosh <thorpe.josh@outlook.com>
Date: Tue, 9 Jan 2024 21:19:19 +0800
Subject: [PATCH] feat: docker secrets

---
 Dockerfile |  3 ++-
 entry.sh   | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 entry.sh

diff --git a/Dockerfile b/Dockerfile
index 8a62ef1..68f56f2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,7 +18,8 @@ FROM node:slim
 WORKDIR /app
 
 COPY --from=builder /app .
+COPY --chmod=755 entry.sh /entry.sh
 
 EXPOSE 3000
 
-CMD ["npm", "run", "start"]
+CMD ["/entry.sh"]
diff --git a/entry.sh b/entry.sh
new file mode 100644
index 0000000..ac5856b
--- /dev/null
+++ b/entry.sh
@@ -0,0 +1,34 @@
+#!/bin/sh
+
+load_secrets() {
+  # Treat all env vars that start with the prefix 'FILE__' as secrets,
+  # loading their contents into a variable without the prefix.
+
+  # Loop through all env vars starting with 'FILE__'
+  for var in $(env | grep '^FILE__'); do
+    var_name=$(echo "${var}" | cut -d= -f1)
+    var_value=$(echo "${var}" | cut -d= -f2)
+
+    # Ensure var value is a file
+    if [ -f "${var_value}" ]; then
+
+      # Strip 'FILE__' prefix to obtain corresponding variable name
+      new_var_name="${var_name#FILE__}"
+
+      # Notify user if original variable is being overwritten.
+      if [ -n "$(eval echo \$$new_var_name)" ]; then
+        echo "Warning: ${new_var_name} was already set but is being overwritten by $var_name"
+      fi
+      # Set the new variable with the secret value
+      export "${new_var_name}=$(cat "${var_value}")"
+    else
+      echo "Error: Secret file '${var_value}' does not exist"
+      exit 1
+    fi
+  done
+}
+
+# Load secrets
+load_secrets
+# Launch Jellystat
+npm run start