On Fri, 21 Feb 2020 at 08:03, Michael Leonhard <michael@leonhardllc.com> wrote:
> 1. parse a perfectly good URI
You have a URI with embedded password, which to me is not a perfectly
good URI at all. I think the problem really lies with the input:
separate your secret credentials out to start with, don't munge them
into a URI.
> ~/.pgpass is useful for folks who manually connect to databases. I'm
> writing deployment, backup, and restore automation tools. I would
> like to keep these tools simple. Using pgpass requires extra steps:
That's why we have pg_service.conf, though that only helps libpq applications.
It's a shame that Docker doesn't make it simpler to inject individual
files into containers at "docker run" time. But wrapper dockerfiles
are trivial. -v bind mounting is also an option but then you have the
file sitting around on the host, which is undesirable. You can unlink
the bind mounted dir though.
For Docker you have --env-file to avoid putting the environment on the
command line of the container-host, which helps explain why you are
willing to use an env var for this. I wouldn't be too confident in
assuming there's no way to peek at the environment of the
containerised process(es) from outside the container. Much more likely
than being able to peek at a file, anyway.
Then again, Docker relies on dropping capabilities and likes to run as
root-that-isn't-root-except-when-it's-root, which doesn't thrill me
when it comes to security. At all.
--
Craig Ringer http://www.2ndQuadrant.com/
2ndQuadrant - PostgreSQL Solutions for the Enterprise
