I have an influx db image (bitnami/influxdb:2.6.1-debian-11-r34) and a mariadb image (mariadb:10.7.6-focal).
Both allow to run initial setup by placing scripts in to the /docker-entrypoint-initdb.d
dir.
MariaDB
Initializing a fresh instance
When a container is started for the first time, a new database with the specified name will be created and initialized with the provided configuration variables. Furthermore, it will execute files with extensions .sh, .sql, .sql.gz, .sql.xz and .sql.zst that are found in /docker-entrypoint-initdb.d. Files will be executed in alphabetical order. .sh files without file execute permission are sourced rather than executed. You can easily populate your mariadb services by mounting a SQL dump into that directory and provide custom images with contributed data. SQL files will be imported by default to the database specified by the MARIADB_DATABASE / MYSQL_DATABASE variable.
Influx
Initializing a new instance
When the container is executed for the first time, it will execute the files with extensions .sh, and .txt located at /docker-entrypoint-initdb.d.
In order to have your custom files inside the docker image you can mount them as a volume.
My goal is to place a script there that is creating a user with read only permissions.
My problem is that the scripts that I place in those dirs (/docker-entrypoint-initdb.d
) have neither access to the environment variables nor the secrets set in the docker swarm file.
I set the secrets like so:
secrets:
- influx_admin_token
environment:
- INFLUXDB_ADMIN_USER_TOKEN_FILE=/run/secrets/influx_admin_token
And the environment variables and the secrets work fine when I open en interactive /bin/bash
with the -it
flags in the container.
script that I placed in /docker-entrypoint-initdb.d
(influx example):
echo $INFLUXDB_ADMIN_USER_TOKEN_FILE
echo $(<$INFLUXDB_ADMIN_USER_TOKEN_FILE)
echo $(< /run/secrets/influx_admin_token)
the script is executed but cant see the environment variable nor the existence of the secrets file.
What do I need to change to get access to the environment variables and secrets.
Maybe related to this
After some investigation I finally figured out what is happening:
The entry point scripts of both containers take variables $INFLUXDB_ADMIN_USER_TOKEN_FILE
and read the given file and create $INFLUXDB_ADMIN_USER_TOKEN
from that and delete the original ($INFLUXDB_ADMIN_USER_TOKEN_FILE
) variable.
However this only seems to happen for some predefined variables.
Put printenv
in the script to see whats happening.
mariadb: https://github.com/colinmollenhour/mariadb-galera-swarm/blob/master/start.sh#L194