Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add _FILE support for all (sensitive) variables #9482

Closed
jorrit opened this issue Jun 29, 2023 · 8 comments · Fixed by #9754
Closed

Add _FILE support for all (sensitive) variables #9482

jorrit opened this issue Jun 29, 2023 · 8 comments · Fixed by #9754
Assignees
@nijel
Labels
enhancement Adding or requesting a new feature. good first issue Opportunity for newcoming contributors. hacktoberfest This is suitable for Hacktoberfest. Don’t try to spam. help wanted Extra attention is needed.
Milestone
5.0

Comments

@jorrit
Copy link
Contributor

jorrit commented Jun 29, 2023

Describe the problem

I'd like to connect my Weblate installation to Azure AD. Weblate runs in Docker. Right now, this requires that I specify WEBLATE_SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_SECRET as an environment variable.
I would like to use Docker secrets to pass the secret to Weblate.

Right now, only a limited number of environment variables support reading from a file.

Describe the solution you'd like

I would like to propose that a wrapper function for os.environ.get() is added to settings_docker.py such that all environment variables that could be sensitive can be read from a file if ${VARNAME}_FILE exists. This would also remove the need for a manual list of variables in the start script.

Describe alternatives you've considered

No response

Screenshots

No response

Additional context

No response
@jorrit jorrit changed the title Add _FILE support for all variables Add _FILE support for all (sensitive) variables Jun 29, 2023
@nijel nijel transferred this issue from WeblateOrg/docker Jun 29, 2023
@nijel nijel added enhancement Adding or requesting a new feature. hacktoberfest This is suitable for Hacktoberfest. Don’t try to spam. help wanted Extra attention is needed. good first issue Opportunity for newcoming contributors. labels Jun 29, 2023
@github-actions
Copy link

This issue seems to be a good fit for newbie contributors. You are welcome to contribute to Weblate! Don't hesitate to ask any questions you would have while implementing this.

You can learn about how to get started in our contributors documentation.

@nijel
Copy link
Member

nijel commented Jun 29, 2023

There are already similar environment wrappers in https://github.com/WeblateOrg/weblate/blob/main/weblate/utils/environment.py, adding another one should be easy.

@YashTote
Copy link

YashTote commented Jul 3, 2023

The secrets have to be declared in docker-compose.yml to be available in the container. But doing these changes in the docker-compose file seems a little odd. Can you suggest me where should that be declared ?

@nijel
Copy link
Member

nijel commented Jul 3, 2023

There are two things:

@YashTote

This comment was marked as off-topic.

Sign in to view
@nijel

This comment was marked as off-topic.

Sign in to view
@nijel nijel self-assigned this Aug 16, 2023
@nijel nijel added this to the 5.0 milestone Aug 16, 2023
nijel added a commit to nijel/weblate that referenced this issue Aug 16, 2023
@nijel
docker: improve strings parsing from environment
92d23a0 
- do not directly use os.environ
- fail with a nicer error message if missing configuration
- annotate more configurations as required
- support for file backed secrets, fixes WeblateOrg#9482
@nijel nijel mentioned this issue Aug 16, 2023
Merged
5 tasks
nijel added a commit to nijel/weblate that referenced this issue Aug 16, 2023
@nijel
docker: improve strings parsing from environment
7b7de1e 
- do not directly use os.environ
- fail with a nicer error message if missing configuration
- annotate more configurations as required
- support for file backed secrets, fixes WeblateOrg#9482
nijel added a commit that referenced this issue Aug 16, 2023
@nijel
docker: improve strings parsing from environment
be7975d 
- do not directly use os.environ
- fail with a nicer error message if missing configuration
- annotate more configurations as required
- support for file backed secrets, fixes #9482
nijel added a commit to nijel/weblate that referenced this issue Aug 16, 2023
@nijel
docker: improve strings parsing from environment
bf0a3ab 
- do not directly use os.environ
- fail with a nicer error message if missing configuration
- annotate more configurations as required
- support for file backed secrets, fixes WeblateOrg#9482
@github-actions
Copy link

Thank you for your report; the issue you have reported has just been fixed.

  • In case you see a problem with the fix, please comment on this issue.
  • In case you see a similar problem, please open a separate issue.
  • If you are happy with the outcome, don’t hesitate to support Weblate by making a donation.

@jorrit
Copy link
Contributor Author

jorrit commented Aug 16, 2023

@nijel: thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nijel nijel

Labels
enhancement Adding or requesting a new feature. good first issue Opportunity for newcoming contributors. hacktoberfest This is suitable for Hacktoberfest. Don’t try to spam. help wanted Extra attention is needed.
Projects
None yet
Milestone
5.0
Development

Successfully merging a pull request may close this issue.

docker: improve strings parsing from environment nijel/weblate
3 participants
@nijel @jorrit @YashTote