From 3e0ca482c21596d2667e72f6131a097e41ec7252 Mon Sep 17 00:00:00 2001 From: Rob Nieuwenhuizen Date: Tue, 25 Feb 2020 14:08:13 +0100 Subject: [PATCH] Make secret key generation idempotent (#390) Only generate secret key if not set --- install.sh | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/install.sh b/install.sh index 9b22969..56de703 100755 --- a/install.sh +++ b/install.sh @@ -90,14 +90,16 @@ ensure_file_from_example $SENTRY_CONFIG_PY ensure_file_from_example $SENTRY_CONFIG_YML ensure_file_from_example $SENTRY_EXTRA_REQUIREMENTS -echo "" -echo "Generating secret key..." -# This is to escape the secret key to be used in sed below -# Note the need to set LC_ALL=C due to BSD tr and sed always trying to decode -# whatever is passed to them. Kudos to https://stackoverflow.com/a/23584470/90297 -SECRET_KEY=$(export LC_ALL=C; head /dev/urandom | tr -dc "a-z0-9@#%^&*(-_=+)" | head -c 50 | sed -e 's/[\/&]/\\&/g') -sed -i -e 's/^system.secret-key:.*$/system.secret-key: '"'$SECRET_KEY'"'/' $SENTRY_CONFIG_YML -echo "Secret key written to $SENTRY_CONFIG_YML" +if grep -xq "system.secret-key: '!!changeme!!'" $SENTRY_CONFIG_YML ; then + echo "" + echo "Generating secret key..." + # This is to escape the secret key to be used in sed below + # Note the need to set LC_ALL=C due to BSD tr and sed always trying to decode + # whatever is passed to them. Kudos to https://stackoverflow.com/a/23584470/90297 + SECRET_KEY=$(export LC_ALL=C; head /dev/urandom | tr -dc "a-z0-9@#%^&*(-_=+)" | head -c 50 | sed -e 's/[\/&]/\\&/g') + sed -i -e 's/^system.secret-key:.*$/system.secret-key: '"'$SECRET_KEY'"'/' $SENTRY_CONFIG_YML + echo "Secret key written to $SENTRY_CONFIG_YML" +fi echo "" echo "Building and tagging Docker images..."