Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security: Removal of Postgres initdb script #98

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

Michael-Burke
Copy link
Contributor

@Michael-Burke Michael-Burke commented Dec 12, 2023

Summary

Removal of the prior method to create and manage the postgres initdb script and initial database creation. This is being spurred by a hardening of the Postgres image.

Tasks

  • Removed creation and management initdb script for Postgres in prep of PlexTrac hardened Postgres image
  • Add new image new for the new plextrac/postgres:version image reference in the docker-compose.yml

Comment on lines -75 to -86
#!/bin/bash

PGPASSWORD="$POSTGRES_PASSWORD"
PGDATABASES=('core' 'runbooks')

tmpl=`cat /docker-entrypoint-initdb.d/bootstrap-template.sql.txt`

for db in ${PGDATABASES[@]}; do
# Ugh this is ugly. Thanks Bash
eval "echo "'"'"`echo "$tmpl" | sed "s/PLACEHOLDER/${db^^}/g" -`"'"'"" |
psql -a -v ON_ERROR_STOP=1 --username $POSTGRES_USER -d $POSTGRES_USER
done
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

RIP. I lost a lot of hair to this function.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's still being used, just in the new container ;)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dang, I'm so sorry. I'd hoped you avoided this 😂

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants