busya/ss-tools
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add docker admin bootstrap for clean release

Browse Source
This commit is contained in:
busya
2026-03-13 11:41:44 +03:00
parent 2aea70a0f6
commit 152f19eba2
12 changed files with 254 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
docker/backend.entrypoint.sh Executable file
View File

@@ -0,0 +1,57 @@
#!/usr/bin/env bash
set -euo pipefail
# [DEF:docker.backend.entrypoint:Module]
# @TIER: STANDARD
# @SEMANTICS: docker, entrypoint, admin-bootstrap, runtime, backend
# @PURPOSE: Container entrypoint that performs optional idempotent admin bootstrap before starting backend runtime.
# @LAYER: Infra
# @RELATION: DEPENDS_ON -> backend/src/scripts/create_admin.py
# @INVARIANT: Existing admin account must never be overwritten during container restarts.
# [/DEF:docker.backend.entrypoint:Module]
# [DEF:docker.backend.entrypoint.bootstrap_admin:Function]
# @PURPOSE: Execute optional initial admin bootstrap from runtime environment variables.
# @PRE: Python runtime and backend sources are available inside /app/backend.
# @POST: Admin is created only when INITIAL_ADMIN_CREATE=true and required credentials are present.
bootstrap_admin() {
local create_flag="${INITIAL_ADMIN_CREATE:-false}"
local username="${INITIAL_ADMIN_USERNAME:-}"
local password="${INITIAL_ADMIN_PASSWORD:-}"
local email="${INITIAL_ADMIN_EMAIL:-}"
case "${create_flag,,}" in
true|1|yes|y)
;;
*)
echo "[entrypoint] INITIAL_ADMIN_CREATE is disabled; skipping admin bootstrap"
return 0
;;
esac
if [[ -z "${username}" ]]; then
echo "[entrypoint] INITIAL_ADMIN_USERNAME is required when INITIAL_ADMIN_CREATE=true" >&2
return 1
fi
if [[ -z "${password}" ]]; then
echo "[entrypoint] INITIAL_ADMIN_PASSWORD is required when INITIAL_ADMIN_CREATE=true" >&2
return 1
fi
echo "[entrypoint] initializing auth database"
python3 src/scripts/init_auth_db.py
echo "[entrypoint] running idempotent admin bootstrap for user '${username}'"
if [[ -n "${email}" ]]; then
python3 src/scripts/create_admin.py --username "${username}" --password "${password}" --email "${email}"
else
python3 src/scripts/create_admin.py --username "${username}" --password "${password}"
fi
}
# [/DEF:docker.backend.entrypoint.bootstrap_admin:Function]
bootstrap_admin
echo "[entrypoint] starting backend: $*"
exec "$@"