Gitiles
Code Review Sign In
review.sourcearcade.org / sourcearcade / refs/heads/keycloak / . / gerrit / Dockerfile.entrypoint
blob: fefd704ec76ac848de55ae073bdeba081ebe4442 [file] [log] [blame]
Nico Hubera1a296f2023-06-25 10:07:07 +0000[diff] [blame]1#!/bin/sh
2
3set -e
4
Nico Huber177e6102023-07-25 13:39:16 +0000[diff] [blame]5secret() {
6 seed=$(cat /run/secrets/seed)
7 printf "%s:%40s" "${seed}" "$*" | sha256sum | sed 's/[[:space:]].*//'
8}
9
10export GERRIT_MAIL_PASSWORD=$(secret mail:gerrit)
Nico Huber7f8dc5b2023-07-25 16:48:01 +0000[diff] [blame]11export GERRIT_KC_PASSWORD=$(secret kc:gerrit)
Nico Huber177e6102023-07-25 13:39:16 +0000[diff] [blame]12
Nico Hubera1a296f2023-06-25 10:07:07 +0000[diff] [blame]13# Allows us to bind mount arbitrary owned files
Nico Huber177e6102023-07-25 13:39:16 +0000[diff] [blame]14chown -R gerrit:gerrit /var/gerrit/{logs,etc,db,git,index,cache}/
Nico Hubera1a296f2023-06-25 10:07:07 +0000[diff] [blame]15
16# Drop privileges as we set `USER root` only to change file permissions
17exec setpriv --reuid=gerrit --regid=gerrit --init-groups --inh-caps=-all /unprivileged.sh "$@"