Skip to content

Fix pipelines by passing an arbitrary password to the postgres container

Simon Tomlinson requested to merge fix-broken-postgres-containers into master

What does this MR do and why?

Describe in detail what your merge request does and why.

Without a POSTGRES_PASSWORD set, postgres images were hitting a bug where the password file was empty and they could not start (https://github.com/docker-library/postgres/issues/1025). Set a password so that these databases can start.

Note that, since we use "trust" authentication, the password is not needed when we actually connect to the database to run tests.

Related to #386617 (closed).

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

You can verify the broken postgres image behavior by trying to start a docker container locally:

$ docker run -e POSTGRES_HOST_AUTH_METHOD=trust --name postgres-test postgres:12
********************************************************************************
WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
         anyone with access to the Postgres port to access your database without
         a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
         documentation about "trust":
         https://www.postgresql.org/docs/current/auth-trust.html
         In Docker's default configuration, this is effectively any other
         container on the same system.

         It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
         it with "-e POSTGRES_PASSWORD=password" instead to set a password in
         "docker run".
********************************************************************************
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale "en_US.utf8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".

Data page checksums are disabled.
initdb: error: password file "/dev/fd/63" is empty

And see that this MR fixes the problem by the successful pipeline.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Nao Hashizume

Merge request reports