Supervisor, Docker and Swarm secrets not accessible

i’m strugling to make working supervisor with docker, symfony, doctrine and swarm secrets.

In my Dockerfile, i’m doing this:

FROM php:${PHP_VERSION}-fpm-alpine
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisor.conf"]

So i launch Supervisor who looks like this:

My main program:

[program:php]
command=docker-entrypoint.sh "php-fpm"
autostart=true
autorestart=true

who starts PHP with an entrypoint. In this entrypoint, i use swarm secrets only in prod:

 if [ "$APP_ENV" = 'prod' ]; then
    file_env DATABASE_URL
    file_env MESSENGER_TRANSPORT_DSN
  fi

  php bin/console doctrine:migrations:migrate --no-interaction --allow-no-migration

Inside the entrypoint, the command bin/console is working perfectly fine. If i am in dev mode, it use the local database_url in my .env file, if i am in prod it use the secrets defined in the docker compose.

The problems comes when i have a second program in supervisor who is like this:

[program:messenger-consume]
command=bash -c "export APP_ENV=%(ENV_APP_ENV)s && /usr/local/bin/launch.sh"
user=root

and launch.sh :

if [ "$APP_ENV" = "prod" ]; then
  php /srv/app/bin/console messenger:consume async --time-limit=3600 --memory-limit=128M -vv
fi

And here it’s failing with a Doctrine error who looks like this:

Access denied for user 'myname'@'10.0.1.4' (using password: YES)

and actually ‘myname’ is the default value in the .env (for dev environnement) for my database_url dsn (for doctrine).

This supervisor problem is linked to the fact that i cannot execute doctrine commands by myself. I mean when i run:

docker exec -i $(docker ps -q -f name="php*") sh

to connect to my container and after inside the container i want to execute something like this:

./bin/console doctrine:migrations:migrate

it’s not working also (same error as in supervisor).

To sum-up, docker swarm secrets are not "computed" when it’s executing by myself or by supervisor, they are reading the default value in the .env and not reading the value in the swarm secret… and i have no idea how to solve this.
i tried to add to docker exec -e DATABASE_URL=/run/secrets/doctrine_dsn but it’s not working either (except if i give the true value of secrets doctrine dsn).

Any help would be very great
thanks a lot

Source: Symfony Questions

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *