inline secret export for y-provider

abra-entrypoint.sh

@@ -12,11 +12,5 @@ set -e
 
 # if not in "env" mode, then execute the original entrypoint and command
 if [ ! "$1" = "-e" ]; then
-  ORIGINAL_ENTRYPOINT="$1"
-  shift
-  if [ -n "$ORIGINAL_ENTRYPOINT" ] && [ "$ORIGINAL_ENTRYPOINT" != "null" ]; then
-    exec "$ORIGINAL_ENTRYPOINT" "$@"
-  else
-    exec "$@"
-  fi
+  exec "$@"
 fi

compose.yml

@@ -150,20 +150,11 @@ services:
     networks:
       - backend 
     environment: *yprovider-env
+    entrypoint: >
+      sh -c "export Y_PROVIDER_API_KEY=\"$$(cat /run/secrets/y_api_key)\" && exec /usr/local/bin/entrypoint \"$$@\"" --
     command: ["yarn", "start"]
-    entrypoint: ["/abra-entrypoint.sh", "/usr/local/bin/entrypoint"]
-    configs:
-      - source: abra_entrypoint
-        target: /abra-entrypoint.sh
-        mode: 0555
     # NOTE: healthcheck - `wget` is available in the container, but `wget http://localhost:4444` gives a 403
     secrets:
-      - django_sk
-      - django_sp
-      - oidc_rpcs
-      - collab_ss
-      - minio_rp
-      - postgres_p
       - y_api_key
 
   db: