fickit: Handle secrets more seriously
This commit is contained in:
parent
c3e6cadb70
commit
dc5350c20f
3 changed files with 81 additions and 7 deletions
11
libfic/db.go
11
libfic/db.go
|
|
@ -4,6 +4,7 @@ import (
|
|||
"database/sql"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"os"
|
||||
"strings"
|
||||
|
|
@ -36,6 +37,16 @@ func DSNGenerator() string {
|
|||
}
|
||||
if v, exists := os.LookupEnv("MYSQL_PASSWORD"); exists {
|
||||
db_password = v
|
||||
} else if v, exists := os.LookupEnv("MYSQL_PASSWORD_FILE"); exists {
|
||||
fd, err := os.Open(v)
|
||||
if err != nil {
|
||||
log.Fatal("Unable to open MYSQL_PASSWORD_FILE:", err)
|
||||
}
|
||||
|
||||
b, _ := ioutil.ReadAll(fd)
|
||||
db_password = strings.TrimSpace(string(b))
|
||||
|
||||
fd.Close()
|
||||
} else if v, exists := os.LookupEnv("MYSQL_ROOT_PASSWORD"); exists {
|
||||
db_user = "root"
|
||||
db_password = v
|
||||
|
|
|
|||
Reference in a new issue