Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 8a6d68b173
Branches Tags
elasticsearch
/
distribution
/
src
/
bin
/
elasticsearch-env-from-file

elasticsearch-env-from-file 2.3 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. #!/bin/bash
    2. 

  2. 

  3. set -e -o pipefail
    4. 

  4. 

  5. # Allow environment variables to be set by creating a file with the
    6. 

  6. # contents, and setting an environment variable with the suffix _FILE to
    7. 

  7. # point to it. This can be used to provide secrets to a container, without
    8. 

  8. # the values being specified explicitly when running the container.
    9. 

  9. #
    10. 

  10. # This script is intended to be sourced, not executed, and modifies the
    11. 

  11. # environment.
    12. 

  12. 

  13. for VAR_NAME_FILE in $(env | cut -f1 -d= | grep '_FILE$'); do
    14. 

  14.   if [[ -n "$VAR_NAME_FILE" ]]; then
    15. 

  15.     VAR_NAME="${VAR_NAME_FILE%_FILE}"
    16. 

  16. 

  17.     if env | grep "^${VAR_NAME}="; then
    18. 

  18.       echo "ERROR: Both $VAR_NAME_FILE and $VAR_NAME are set. These are mutually exclusive." >&2
    19. 

  19.       exit 1
    20. 

  20.     fi
    21. 

  21. 

  22.     if [[ ! -e "${!VAR_NAME_FILE}" ]]; then
    23. 

  23.       # Maybe the file doesn't exist, maybe we just can't read it due to file permissions.
    24. 

  24.       # Check permissions on each part of the path
    25. 

  25.       path=''
    26. 

  26.       if ! echo "${!VAR_NAME_FILE}" | grep -q '^/'; then
    27. 

  27.         path='.'
    28. 

  28.       fi
    29. 

  29. 

  30.       dirname "${!VAR_NAME_FILE}" | tr '/' '\n' | while read part; do
    31. 

  31.         if [[ "$path" == "/" ]]; then
    32. 

  32.           path="${path}${part}"
    33. 

  33.         else
    34. 

  34.           path="$path/$part"
    35. 

  35.         fi
    36. 

  36. 

  37.         if ! [[ -x "$path" ]]; then
    38. 

  38.           echo "ERROR: Cannot read ${!VAR_NAME_FILE} from $VAR_NAME_FILE, due to lack of permissions on '$path'" 2>&1
    39. 

  39.           exit 1
    40. 

  40.         fi
    41. 

  41.       done
    42. 

  42. 

  43.       if ! [[ -r "${!VAR_NAME_FILE}" ]]; then
    44. 

  44.         echo "ERROR: File ${!VAR_NAME_FILE} from $VAR_NAME_FILE is not readable." 2>&1
    45. 

  45.       else
    46. 

  46.         echo "ERROR: File ${!VAR_NAME_FILE} from $VAR_NAME_FILE does not exist" >&2
    47. 

  47.       fi
    48. 

  48. 

  49.       exit 1
    50. 

  50.     fi
    51. 

  51. 

  52.     FILE_PERMS="$(stat -L -c '%a' ${!VAR_NAME_FILE})"
    53. 

  53. 

  54.     if [[ "$FILE_PERMS" != "400" && "$FILE_PERMS" != "600" ]]; then
    55. 

  55.       if [[ -L "${!VAR_NAME_FILE}" ]]; then
    56. 

  56.         echo "ERROR: File $(readlink "${!VAR_NAME_FILE}") (target of symlink ${!VAR_NAME_FILE} from $VAR_NAME_FILE) must have file permissions 400 or 600, but actually has: $FILE_PERMS" >&2
    57. 

  57.       else
    58. 

  58.         echo "ERROR: File ${!VAR_NAME_FILE} from $VAR_NAME_FILE must have file permissions 400 or 600, but actually has: $FILE_PERMS" >&2
    59. 

  59.       fi
    60. 

  60.       exit 1
    61. 

  61.     fi
    62. 

  62. 

  63.     echo "Setting $VAR_NAME from $VAR_NAME_FILE at ${!VAR_NAME_FILE}" >&2
    64. 

  64.     export "$VAR_NAME"="$(cat ${!VAR_NAME_FILE})"
    65. 

  65. 

  66.     unset VAR_NAME
    67. 

  67.     # Unset the suffixed environment variable
    68. 

  68.     unset "$VAR_NAME_FILE"
    69. 

  69.   fi
    70. 

  70. done
    71.