You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/02/13 17:29:12 UTC
[GitHub] [couchdb-docker] wohali commented on a change in pull request #170:
Fix169 by enforcing admin credentials
wohali commented on a change in pull request #170: Fix169 by enforcing admin credentials
URL: https://github.com/apache/couchdb-docker/pull/170#discussion_r379009684
##########
File path: dev/docker-entrypoint.sh
##########
@@ -55,10 +55,25 @@ if [ "$1" = '/opt/couchdb/bin/couchdb' ]; then
# Ensure that CouchDB will write custom settings in this file
touch /opt/couchdb/etc/local.d/docker.ini
- if [ "$COUCHDB_USER" ] && [ "$COUCHDB_PASSWORD" ]; then
- # Create admin only if not already present
- if ! grep -Pzoqr "\[admins\]\n$COUCHDB_USER =" /opt/couchdb/etc/local.d/*.ini; then
+
+ # Check if admin users are missing then
+ if ! grep -Pzoqr "\[admins\]\n$COUCHDB_USER =" /opt/couchdb/etc/local.d/*.ini; then
+ # Check if admin credentials provided
+ if [ "$COUCHDB_USER" ] && [ "$COUCHDB_PASSWORD" ]; then
Review comment:
So, embarrassing admission time, I'd forgotten I'd already added a check in here. We may not need this PR :wink: sorry about that :disappointed:
This proposed change means that if there's already an admin specified in the file, we don't use `COUCHDB_USER` and `COUCHDB_PASSWORD` at all. That might be surprising to someone. For instance, what if I'm trying to recover a lost password in a stopped container? I can't decide if this is a valid use case or not. What do you think?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services