fix: remove ENV ROOT_PASSWORD from Dockerfiles and add Docker secrets suppo...

copilot-swe-agent[bot]

20 hours ago 613a7c2e415266ec3fc426c9e46525c82120e9d1

fix: remove ENV ROOT_PASSWORD from Dockerfiles and add Docker secrets support in run.sh

Agent-Logs-Url: https://github.com/OpenIdentityPlatform/OpenDJ/sessions/547bc2de-e8b4-4cd4-8ef1-f831dd509aaf

Co-authored-by: vharseko <6818498+vharseko@users.noreply.github.com>

 opendj-packages/opendj-docker/Dockerfile

@@ -8,7 +8,9 @@
ENV ADMIN_PORT=4444
ENV BASE_DN="dc=example,dc=com"
ENV ROOT_USER_DN="cn=Directory Manager"
ENV ROOT_PASSWORD="password"
# ROOT_PASSWORD should be passed at runtime via: docker run -e ROOT_PASSWORD=...
# or mount a Docker secret file to /run/secrets/root_password
# Default value if not provided: "password"
#ENV SECRET_VOLUME
ENV OPENDJ_SSL_OPTIONS="--generateSelfSignedCertificate"
#ENV MASTER_SERVER

 opendj-packages/opendj-docker/Dockerfile-alpine

@@ -8,7 +8,9 @@
ENV ADMIN_PORT=4444
ENV BASE_DN="dc=example,dc=com"
ENV ROOT_USER_DN="cn=Directory Manager"
ENV ROOT_PASSWORD="password"
# ROOT_PASSWORD should be passed at runtime via: docker run -e ROOT_PASSWORD=...
# or mount a Docker secret file to /run/secrets/root_password
# Default value if not provided: "password"
#ENV SECRET_VOLUME
ENV OPENDJ_SSL_OPTIONS="--generateSelfSignedCertificate"
#ENV MASTER_SERVER

 opendj-packages/opendj-docker/run.sh

@@ -28,8 +28,13 @@
export BASE_DN=${BASE_DN:-"dc=example,dc=com"}
echo "BASE DN is ${BASE_DN}"

export PASSWORD=${ROOT_PASSWORD:-password}
echo "Password set to $PASSWORD"
# Read ROOT_PASSWORD from Docker secret file if available, fall back to env var, then default
if [ -f /run/secrets/root_password ]; then
  export ROOT_PASSWORD=$(tr -d '\n\r' < /run/secrets/root_password)
fi
export ROOT_PASSWORD=${ROOT_PASSWORD:-password}
export PASSWORD=${ROOT_PASSWORD}
echo "Password is set"

BOOTSTRAP=${BOOTSTRAP:-/opt/opendj/bootstrap/setup.sh}
echo "Running $BOOTSTRAP"