Added secret file support for MySQL password

In CLI environment, secrets will not be enterable via CLI so, instead, a secret file can be deployed and references.
xsist10 · Mar 7, 2022 · 038af4d · 038af4d
1 parent a0350c3
commit 038af4d
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/src/Cli/Command/AbstractDatabaseCommand.php b/src/Cli/Command/AbstractDatabaseCommand.php
@@ -24,6 +24,12 @@ protected function configure(): void
             ->addOption('host', null, InputOption::VALUE_REQUIRED, 'The host of the database.', 'localhost')
             ->addOption('port', 'p', InputOption::VALUE_REQUIRED, 'The port of the database.', 3306)
             ->addOption('username', 'u', InputOption::VALUE_REQUIRED, 'The username of the database.', 'root')
+            ->addOption(
+                'secret',
+                's',
+                InputOption::VALUE_REQUIRED,
+                'Specify a secrets file that contains the database password.'
+            )
             ->addArgument('schema', InputArgument::REQUIRED | InputArgument::IS_ARRAY, 'The schema(s) to use.');
     }
 
@@ -36,6 +42,13 @@ protected function displayDatabaseDetails(InputInterface $input, OutputInterface
 
     protected function getDatabasePassword(InputInterface $input, OutputInterface $output): string
     {
+        if ($input->getOption('secret')) {
+            $file = $input->getOption('secret');
+            if (file_exists($file)) {
+                $password = trim(file_get_contents($file));
+                return $password ?? '';
+            }
+        }
         $question = new Question('What is the database password? ');
         $question->setHidden(true);
         $question->setHiddenFallback(false);