Support password file

[dazinator]

At the moment the mysql password is read from an env variable MYSQL_ENV_MYSQL_PASSWORD

I'm not using the MYSQL_ENV_MYSQL_PASSWORD or MYSQL_ENV_MYSQL_ROOT_PASSWORD env vars for setting passwords, instead I am using the alternative environment variables that end _FILE and poiint to a locally mounted secret file containing the password instead for better security.

This is described here (excerpt below): https://hub.docker.com/_/mysql/

Docker Secrets As an alternative to passing sensitive information via environment variables, _FILE may be appended to the previously listed environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in /run/secrets/<secret_name> files. For example:

$ docker run --name some-mysql -e MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql-root -d mysql:tag Currently, this is only supported for MYSQL_ROOT_PASSWORD, MYSQL_ROOT_HOST, MYSQL_DATABASE, MYSQL_USER, and MYSQL_PASSWORD.

Would it be possible to add support for checking for these _FILE environment variables and if present, obtaining the the password from the file they point to instead - as this will then allow me to continue to use secrets, which I'd quite like to continue doing.

[srad]

@angelo-v it seem like you added at some point support for docker secrets in 185e7fdb167619a64049025478022f03dd72aa0a But you haven't documented it anywhere. Is that merged in the release?

[angelo-v]

Hi @srad, sorry but this has never been merged