Because temporal fails to support _FILE environment variables, I have to do things to use Docker Compose secrets for the secret database information. I guess the best way to add this layer on top is with a simple custom entrypoint.
#!/bin/bash
# Set secret env vars' values from files
if [ -f $DBNAME_FILE ]; then
export DBNAME=$(cat $DBNAME_FILE)
fi
if [ -f $POSTGRES_USER_FILE ]; then
export POSTGRES_USER=$(cat $POSTGRES_USER_FILE)
fi
if [ -f $POSTGRES_PWD_FILE ]; then
export POSTGRES_PWD=$(cat $POSTGRES_PWD_FILE)
fi
# Execute the original entrypoint
exec /etc/temporal/entrypoint.sh autosetup
In my Docker Compose file I set the entrypoint to this script. From what I think is the Dockerfile, and through docker inspect, I have come up with /etc/temporal/entrypoint.sh autosetup as the original command. However, calling the original entrypoint in this way fails. Is there any standard recipe to do this, or insight as to why it is failing?
temporal-1 | Waiting for PostgreSQL to startup.
[...]
temporal-1 | PostgreSQL started.
temporal-1 | Setup PostgreSQL schema.
db-1 | 2025-04-04 22:57:07.872 UTC [69] FATAL: password authentication failed for user "temporal"
db-1 | 2025-04-04 22:57:07.872 UTC [69] DETAIL: Connection matched file "/var/lib/postgresql/data/pg_hba.conf" line 128: "host all all all scram-sha-256"
db-1 | 2025-04-04 22:57:07.874 UTC [70] FATAL: password authentication failed for user "temporal"
db-1 | 2025-04-04 22:57:07.874 UTC [70] DETAIL: Connection matched file "/var/lib/postgresql/data/pg_hba.conf" line 128: "host all all all scram-sha-256"
temporal-1 | 2025-04-04T22:57:07.874Z ERROR sql handle: unable to refresh database connection pool {"error": "unable to connect to DB, tried default DB names: postgres,defaultdb, errors: [pq: password authentication failed for user \"temporal\" pq: password authentication failed for user \"temporal\"]", "logging-call-at": "/home/runner/work/docker-builds/docker-builds/temporal/common/persistence/sql/sqlplugin/db_handle.go:128"}
temporal-1 | 2025-04-04T22:57:07.874Z WARN sql handle: did not refresh database connection pool because the last refresh was too close {"min_refresh_interval_seconds": 1, "logging-call-at": "/home/runner/work/docker-builds/docker-builds/temporal/common/persistence/sql/sqlplugin/db_handle.go:118"}
temporal-1 | 2025-04-04T22:57:07.874Z ERROR Unable to create SQL database. {"error": "no usable database connection found", "logging-call-at": "/home/runner/work/docker-builds/docker-builds/temporal/tools/sql/handler.go:93"}
temporal-1 exited with code 1
This is using docker-compose-postgres from the cookbook - just with this alteration (note: not even using the _FILE variables, just trying to understand the startup / use this custom entrypoint flow). If I comment out the custom entrypoint line, it works.
Relevant Docker Compose information [see the cookbook file for everything except the entrypoint]:
services:
db:
image: postgres:17
environment:
POSTGRES_PASSWORD: temporal
POSTGRES_USER: temporal
temporal:
image: temporalio/auto-setup:1.27.2
environment:
- POSTGRES_USER=temporal
- POSTGRES_PWD=temporal
volumes:
- ./temporal-entrypoint.sh:/entrypoint.sh
entrypoint: ["/entrypoint.sh"]
When commenting out the entrypoint, it appears that the “Setup PostgreSQL schema.” is NOT a noop. With the custom entrypoint I guess it fails to authenticate for some reason.
temporal-1 | PostgreSQL started.
temporal-1 | Setup PostgreSQL schema.
temporal-1 | 2025-04-04T23:11:07.571Z INFO Starting schema setup {"config": {"SchemaFilePath":"","SchemaName":"","InitialVersion":"0.0","Overwrite":false,"DisableVersioning":false}, "logging-call-at": "/home/runner/work/docker-builds/docker-builds/temporal/tools/common/schema/setuptask.go:64"}
[...setup]