Allow database password to be read from environ
- add 'password_env' key in config to read databases passwords firectly from environment variable
This commit is contained in:
parent
f2c2f3139e
commit
0dfbf77b7f
|
@ -704,6 +704,12 @@ properties:
|
|||
without a password or you create a ~/.pgpass
|
||||
file.
|
||||
example: trustsome1
|
||||
password_env:
|
||||
type: string
|
||||
description: |
|
||||
Environment variable containing the password with
|
||||
which to connect to the database.
|
||||
example: MY_PASSWORD
|
||||
format:
|
||||
type: string
|
||||
enum: ['plain', 'custom', 'directory', 'tar']
|
||||
|
@ -802,6 +808,12 @@ properties:
|
|||
configured to trust the configured username
|
||||
without a password.
|
||||
example: trustsome1
|
||||
password_env:
|
||||
type: string
|
||||
description: |
|
||||
Environment variable containing the password with
|
||||
which to connect to the database.
|
||||
example: MY_PASSWORD
|
||||
list_options:
|
||||
type: string
|
||||
description: |
|
||||
|
@ -864,6 +876,12 @@ properties:
|
|||
Password with which to connect to the database.
|
||||
Skip it if no authentication is needed.
|
||||
example: trustsome1
|
||||
password_env:
|
||||
type: string
|
||||
description: |
|
||||
Environment variable containing the password with
|
||||
which to connect to the database.
|
||||
example: MY_PASSWORD
|
||||
authentication_database:
|
||||
type: string
|
||||
description: |
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import logging
|
||||
from os import environ
|
||||
|
||||
from borgmatic.execute import execute_command, execute_command_with_processes
|
||||
from borgmatic.hooks import dump
|
||||
|
@ -72,6 +73,11 @@ def build_dump_command(database, dump_filename, dump_format):
|
|||
command.extend(('--username', database['username']))
|
||||
if 'password' in database:
|
||||
command.extend(('--password', database['password']))
|
||||
elif 'password_env' in database:
|
||||
password_key = database['password_env']
|
||||
if password_key not in environ:
|
||||
raise ValueError("Cannot find MongoDB password in env variable: " + password_key)
|
||||
command.extend(('--password', environ[password_key]))
|
||||
if 'authentication_database' in database:
|
||||
command.extend(('--authenticationDatabase', database['authentication_database']))
|
||||
if not all_databases:
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
import logging
|
||||
|
||||
from os import environ
|
||||
from borgmatic.execute import execute_command, execute_command_with_processes
|
||||
from borgmatic.hooks import dump
|
||||
|
||||
|
@ -73,7 +73,14 @@ def dump_databases(databases, log_prefix, location_config, dry_run):
|
|||
dump_filename = dump.make_database_dump_filename(
|
||||
make_dump_path(location_config), requested_name, database.get('hostname')
|
||||
)
|
||||
extra_environment = {'MYSQL_PWD': database['password']} if 'password' in database else None
|
||||
extra_environment = None
|
||||
if 'password' in database:
|
||||
extra_environment = {'MYSQL_PWD': database['password']}
|
||||
elif 'password_env' in database:
|
||||
password_key = database['password_env']
|
||||
if password_key not in environ:
|
||||
raise ValueError("Cannot find MySQL password in env variable: " + password_key)
|
||||
extra_environment = {'MYSQL_PWD': environ[password_key]}
|
||||
dump_database_names = database_names_to_dump(
|
||||
database, extra_environment, log_prefix, dry_run_label
|
||||
)
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import logging
|
||||
from os import environ
|
||||
|
||||
from borgmatic.execute import execute_command, execute_command_with_processes
|
||||
from borgmatic.hooks import dump
|
||||
|
@ -22,6 +23,11 @@ def make_extra_environment(database):
|
|||
extra = dict()
|
||||
if 'password' in database:
|
||||
extra['PGPASSWORD'] = database['password']
|
||||
elif 'password_env' in database:
|
||||
password_key = database['password_env']
|
||||
if password_key not in environ:
|
||||
raise ValueError("Cannot find PostgreSQL password in env variable: " + password_key)
|
||||
extra['PGPASSWORD'] = environ[password_key]
|
||||
extra['PGSSLMODE'] = database.get('ssl_mode', 'disable')
|
||||
if 'ssl_cert' in database:
|
||||
extra['PGSSLCERT'] = database['ssl_cert']
|
||||
|
|
Loading…
Reference in New Issue