41 lines
1.3 KiB
Bash
Executable File
41 lines
1.3 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
##
|
|
## @brief Helper function to show an error when ETCD_ROOT_PASSWORD does not enable the authentication
|
|
## param $1 Input name
|
|
##
|
|
authentication_enabled_error() {
|
|
echo "The $1 environment variable does not enable authentication. Set the environment variable ALLOW_NONE_AUTHENTICAION=yes to allow the container to be started without authentication. This is recommended only for development."
|
|
exit 1
|
|
}
|
|
|
|
##
|
|
## @brief Helper function to show a warning when the ALLOW_NONE_AUTHENTICATION flag is enabled
|
|
##
|
|
authentication_enabled_warn() {
|
|
echo "You set the environment variable ALLOW_NONE_AUTHENTICATION=${ALLOW_NONE_AUTHENTICATION}. For safety reasons, do not use this flag in a production environment."
|
|
}
|
|
|
|
|
|
# Validate authentication
|
|
if [[ "$ALLOW_NONE_AUTHENTICATION" =~ ^(yes|Yes|YES)$ ]]; then
|
|
authentication_enabled_warn
|
|
elif [[ -z "$ETCD_ROOT_PASSWORD" ]]; then
|
|
authentication_enabled_error ETCD_ROOT_PASSWORD
|
|
fi
|
|
|
|
# Validate authentication
|
|
if [[ ! -z "$ETCD_ROOT_PASSWORD" ]]; then
|
|
echo "==> Enabling etcd authentication..."
|
|
etcd > /dev/null 2>&1 &
|
|
ETCD_PID=$!
|
|
sleep 3
|
|
echo "$ETCD_ROOT_PASSWORD" | etcdctl user add root
|
|
etcdctl auth enable
|
|
etcdctl -u root:"$ETCD_ROOT_PASSWORD" role revoke guest -path '/*' --readwrite
|
|
kill $ETCD_PID
|
|
fi
|
|
|
|
|
|
exec "$@"
|