I have an app that uses cron to kick off shell scripts that initiate a python script. I also use fly.io’s secrets manager. The python script access the secrets in the environment. This all works fine if I call the python script directly, or kick off the shell script directly, but when cron kicks off the shell scripts, the environment variables are not available.
Any ideas how to get this to work? Here are the relevant code snippets:
Dockerfile
FROM python:3.10
WORKDIR /app
COPY . /app
ADD requirements.txt /app/requirements.txt
RUN pip install --upgrade pip
RUN pip install -r requirements.txt
RUN apt-get update && apt-get -y install cron
RUN apt-get -y install vim
# set up log files
RUN mkdir /app/log
RUN touch /app/log/log.log
RUN chmod -R +rw /app/log
# make scripts executable
RUN chmod +x /app/python_script.py
RUN chmod -R +x /app/bin
# set up cron
RUN echo "* * * * * root /app/bin/my-script.sh" >> /etc/cron.d/crontab
# must end with new line
RUN echo "" >> /etc/cron.d/crontab
RUN chmod 0644 /etc/cron.d/crontab
CMD /app/bin/start-cron.sh
start-cron.sh
#!/bin/sh
# start cron - -f to run in foreground
/usr/sbin/cron -f
my-script.sh
#!/bin/bash
/usr/local/bin/python /app/python_script.py close >> /app/log/log.log 2>&1
python_script.py
if __name__ == '__main__':
# example, the script is big
if not os.getenv("SOME_SECRET"):
raise Exception
The python script is just an example, but if I run the script myself with python python_script.py, it does not raise. If I run the shell script with bin/my-script.sh, it does not raise. However, the logs show that it raises every minute with cron kicking it off.
Any ideas how to make the environment secrets available in this scenario?