From 29cfc54ce3f247f9ec094852e987d9a057f379ac Mon Sep 17 00:00:00 2001
From: Kiall Mac Innes <kiall@hpe.com>
Date: Tue, 9 Aug 2016 16:14:50 +0100
Subject: [PATCH] Add support for reading password from a file

Supplying a POSTGRES_PASSWORD_FILE variable, which points
to a file on disk within the container, will now be read
and used as the value of the password. The original
POSTGRES_PASSWORD variable takes precedence over the new
POSTGRES_PASSWORD_FILE variable.
---
 9.1/docker-entrypoint.sh | 8 ++++++--
 9.2/docker-entrypoint.sh | 8 ++++++--
 9.3/docker-entrypoint.sh | 8 ++++++--
 9.4/docker-entrypoint.sh | 8 ++++++--
 9.5/docker-entrypoint.sh | 8 ++++++--
 9.6/docker-entrypoint.sh | 8 ++++++--
 docker-entrypoint.sh     | 8 ++++++--
 7 files changed, 42 insertions(+), 14 deletions(-)

diff --git a/9.1/docker-entrypoint.sh b/9.1/docker-entrypoint.sh
index 3b436e4adf..1cddaaa71f 100755
--- a/9.1/docker-entrypoint.sh
+++ b/9.1/docker-entrypoint.sh
@@ -22,6 +22,9 @@ if [ "$1" = 'postgres' ]; then
 		if [ "$POSTGRES_PASSWORD" ]; then
 			pass="PASSWORD '$POSTGRES_PASSWORD'"
 			authMethod=md5
+		elif [ "$POSTGRES_PASSWORD_FILE" ]; then
+			pass="PASSWORD '`cat $POSTGRES_PASSWORD_FILE`'"
+			authMethod=md5
 		else
 			# The - option suppresses leading tabs but *not* spaces. :)
 			cat >&2 <<-'EOWARN'
@@ -33,8 +36,9 @@ if [ "$1" = 'postgres' ]; then
 				         effectively any other container on the same
 				         system.
 
-				         Use "-e POSTGRES_PASSWORD=password" to set
-				         it in "docker run".
+				         Use "-e POSTGRES_PASSWORD=password" or
+				         "-e POSTGRES_PASSWORD_FILE=/my-password" to
+				         set it in "docker run"
 				****************************************************
 			EOWARN
 
diff --git a/9.2/docker-entrypoint.sh b/9.2/docker-entrypoint.sh
index 3b436e4adf..1cddaaa71f 100755
--- a/9.2/docker-entrypoint.sh
+++ b/9.2/docker-entrypoint.sh
@@ -22,6 +22,9 @@ if [ "$1" = 'postgres' ]; then
 		if [ "$POSTGRES_PASSWORD" ]; then
 			pass="PASSWORD '$POSTGRES_PASSWORD'"
 			authMethod=md5
+		elif [ "$POSTGRES_PASSWORD_FILE" ]; then
+			pass="PASSWORD '`cat $POSTGRES_PASSWORD_FILE`'"
+			authMethod=md5
 		else
 			# The - option suppresses leading tabs but *not* spaces. :)
 			cat >&2 <<-'EOWARN'
@@ -33,8 +36,9 @@ if [ "$1" = 'postgres' ]; then
 				         effectively any other container on the same
 				         system.
 
-				         Use "-e POSTGRES_PASSWORD=password" to set
-				         it in "docker run".
+				         Use "-e POSTGRES_PASSWORD=password" or
+				         "-e POSTGRES_PASSWORD_FILE=/my-password" to
+				         set it in "docker run"
 				****************************************************
 			EOWARN
 
diff --git a/9.3/docker-entrypoint.sh b/9.3/docker-entrypoint.sh
index 3b436e4adf..1cddaaa71f 100755
--- a/9.3/docker-entrypoint.sh
+++ b/9.3/docker-entrypoint.sh
@@ -22,6 +22,9 @@ if [ "$1" = 'postgres' ]; then
 		if [ "$POSTGRES_PASSWORD" ]; then
 			pass="PASSWORD '$POSTGRES_PASSWORD'"
 			authMethod=md5
+		elif [ "$POSTGRES_PASSWORD_FILE" ]; then
+			pass="PASSWORD '`cat $POSTGRES_PASSWORD_FILE`'"
+			authMethod=md5
 		else
 			# The - option suppresses leading tabs but *not* spaces. :)
 			cat >&2 <<-'EOWARN'
@@ -33,8 +36,9 @@ if [ "$1" = 'postgres' ]; then
 				         effectively any other container on the same
 				         system.
 
-				         Use "-e POSTGRES_PASSWORD=password" to set
-				         it in "docker run".
+				         Use "-e POSTGRES_PASSWORD=password" or
+				         "-e POSTGRES_PASSWORD_FILE=/my-password" to
+				         set it in "docker run"
 				****************************************************
 			EOWARN
 
diff --git a/9.4/docker-entrypoint.sh b/9.4/docker-entrypoint.sh
index 3b436e4adf..1cddaaa71f 100755
--- a/9.4/docker-entrypoint.sh
+++ b/9.4/docker-entrypoint.sh
@@ -22,6 +22,9 @@ if [ "$1" = 'postgres' ]; then
 		if [ "$POSTGRES_PASSWORD" ]; then
 			pass="PASSWORD '$POSTGRES_PASSWORD'"
 			authMethod=md5
+		elif [ "$POSTGRES_PASSWORD_FILE" ]; then
+			pass="PASSWORD '`cat $POSTGRES_PASSWORD_FILE`'"
+			authMethod=md5
 		else
 			# The - option suppresses leading tabs but *not* spaces. :)
 			cat >&2 <<-'EOWARN'
@@ -33,8 +36,9 @@ if [ "$1" = 'postgres' ]; then
 				         effectively any other container on the same
 				         system.
 
-				         Use "-e POSTGRES_PASSWORD=password" to set
-				         it in "docker run".
+				         Use "-e POSTGRES_PASSWORD=password" or
+				         "-e POSTGRES_PASSWORD_FILE=/my-password" to
+				         set it in "docker run"
 				****************************************************
 			EOWARN
 
diff --git a/9.5/docker-entrypoint.sh b/9.5/docker-entrypoint.sh
index 3b436e4adf..1cddaaa71f 100755
--- a/9.5/docker-entrypoint.sh
+++ b/9.5/docker-entrypoint.sh
@@ -22,6 +22,9 @@ if [ "$1" = 'postgres' ]; then
 		if [ "$POSTGRES_PASSWORD" ]; then
 			pass="PASSWORD '$POSTGRES_PASSWORD'"
 			authMethod=md5
+		elif [ "$POSTGRES_PASSWORD_FILE" ]; then
+			pass="PASSWORD '`cat $POSTGRES_PASSWORD_FILE`'"
+			authMethod=md5
 		else
 			# The - option suppresses leading tabs but *not* spaces. :)
 			cat >&2 <<-'EOWARN'
@@ -33,8 +36,9 @@ if [ "$1" = 'postgres' ]; then
 				         effectively any other container on the same
 				         system.
 
-				         Use "-e POSTGRES_PASSWORD=password" to set
-				         it in "docker run".
+				         Use "-e POSTGRES_PASSWORD=password" or
+				         "-e POSTGRES_PASSWORD_FILE=/my-password" to
+				         set it in "docker run"
 				****************************************************
 			EOWARN
 
diff --git a/9.6/docker-entrypoint.sh b/9.6/docker-entrypoint.sh
index 3b436e4adf..1cddaaa71f 100755
--- a/9.6/docker-entrypoint.sh
+++ b/9.6/docker-entrypoint.sh
@@ -22,6 +22,9 @@ if [ "$1" = 'postgres' ]; then
 		if [ "$POSTGRES_PASSWORD" ]; then
 			pass="PASSWORD '$POSTGRES_PASSWORD'"
 			authMethod=md5
+		elif [ "$POSTGRES_PASSWORD_FILE" ]; then
+			pass="PASSWORD '`cat $POSTGRES_PASSWORD_FILE`'"
+			authMethod=md5
 		else
 			# The - option suppresses leading tabs but *not* spaces. :)
 			cat >&2 <<-'EOWARN'
@@ -33,8 +36,9 @@ if [ "$1" = 'postgres' ]; then
 				         effectively any other container on the same
 				         system.
 
-				         Use "-e POSTGRES_PASSWORD=password" to set
-				         it in "docker run".
+				         Use "-e POSTGRES_PASSWORD=password" or
+				         "-e POSTGRES_PASSWORD_FILE=/my-password" to
+				         set it in "docker run"
 				****************************************************
 			EOWARN
 
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 3b436e4adf..1cddaaa71f 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -22,6 +22,9 @@ if [ "$1" = 'postgres' ]; then
 		if [ "$POSTGRES_PASSWORD" ]; then
 			pass="PASSWORD '$POSTGRES_PASSWORD'"
 			authMethod=md5
+		elif [ "$POSTGRES_PASSWORD_FILE" ]; then
+			pass="PASSWORD '`cat $POSTGRES_PASSWORD_FILE`'"
+			authMethod=md5
 		else
 			# The - option suppresses leading tabs but *not* spaces. :)
 			cat >&2 <<-'EOWARN'
@@ -33,8 +36,9 @@ if [ "$1" = 'postgres' ]; then
 				         effectively any other container on the same
 				         system.
 
-				         Use "-e POSTGRES_PASSWORD=password" to set
-				         it in "docker run".
+				         Use "-e POSTGRES_PASSWORD=password" or
+				         "-e POSTGRES_PASSWORD_FILE=/my-password" to
+				         set it in "docker run"
 				****************************************************
 			EOWARN