This commit is contained in:
Executable
+95
@@ -0,0 +1,95 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Entrypoint script for the Stripe CLI service in compose.yml
|
||||
## This script fetches the webhook secret from Stripe CLI and writes it to a shared config file
|
||||
## that the Ghost server can read to verify webhook signatures.
|
||||
|
||||
# Note: the stripe CLI container is based on alpine, hence `sh` instead of `bash`.
|
||||
set -eu
|
||||
|
||||
# Initialize child process variable
|
||||
child=""
|
||||
|
||||
# Handle shutdown signals gracefully.
|
||||
_term() {
|
||||
echo "Caught SIGTERM/SIGINT signal, shutting down gracefully..."
|
||||
if [ -n "$child" ]; then
|
||||
kill -TERM "$child" 2>/dev/null || true
|
||||
wait "$child" 2>/dev/null || true
|
||||
fi
|
||||
exit 0
|
||||
}
|
||||
|
||||
# Set up signal handlers (POSIX-compliant signal names)
|
||||
trap _term TERM INT
|
||||
|
||||
# Remove any stale config file from previous runs
|
||||
rm -f /mnt/shared-config/.env.stripe
|
||||
|
||||
# Check if STRIPE_SECRET_KEY is set
|
||||
if [ -z "${STRIPE_SECRET_KEY:-}" ]; then
|
||||
echo "================================================================================"
|
||||
echo "ERROR: STRIPE_SECRET_KEY is not set"
|
||||
echo ""
|
||||
echo "To use the Stripe service, you must set STRIPE_SECRET_KEY in your .env file:"
|
||||
echo " STRIPE_SECRET_KEY=sk_test_..."
|
||||
echo ""
|
||||
echo "You can find your secret key at: https://dashboard.stripe.com/test/apikeys"
|
||||
echo "================================================================================"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Using STRIPE_SECRET_KEY for authentication"
|
||||
|
||||
# Fetch the webhook secret with timeout
|
||||
echo "Fetching Stripe webhook secret..."
|
||||
WEBHOOK_SECRET=$(timeout 10s stripe listen --print-secret --api-key "${STRIPE_SECRET_KEY}" 2>&1 || echo "TIMEOUT")
|
||||
|
||||
# Check if we got a timeout
|
||||
if [ "$WEBHOOK_SECRET" = "TIMEOUT" ]; then
|
||||
echo "ERROR: Timed out waiting for Stripe CLI (10s)"
|
||||
echo "Please check that your STRIPE_SECRET_KEY is valid"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if we got a valid secret (should start with "whsec_")
|
||||
if echo "$WEBHOOK_SECRET" | grep -q "^whsec_"; then
|
||||
echo "Successfully fetched webhook secret"
|
||||
else
|
||||
echo "ERROR: Failed to fetch Stripe webhook secret"
|
||||
echo "Output: $WEBHOOK_SECRET"
|
||||
echo "Please ensure STRIPE_SECRET_KEY is set in your environment"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Write the webhook secret to the shared config file
|
||||
ENV_FILE="/mnt/shared-config/.env.stripe"
|
||||
TMP_ENV_FILE="/mnt/shared-config/.env.stripe.tmp"
|
||||
|
||||
echo "Writing Stripe configuration to $ENV_FILE..."
|
||||
|
||||
cat > "$TMP_ENV_FILE" << EOF
|
||||
STRIPE_WEBHOOK_SECRET=$WEBHOOK_SECRET
|
||||
EOF
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
mv "$TMP_ENV_FILE" "$ENV_FILE"
|
||||
if [ $? -eq 0 ]; then
|
||||
echo "Successfully wrote Stripe configuration to $ENV_FILE"
|
||||
else
|
||||
echo "ERROR: Failed to move temporary file to $ENV_FILE"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "ERROR: Failed to create temporary configuration file"
|
||||
rm -f "$TMP_ENV_FILE"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Start stripe listen in the background
|
||||
echo "Starting Stripe webhook listener forwarding to ${GHOST_URL}/members/webhooks/stripe/"
|
||||
stripe listen --forward-to ${GHOST_URL}/members/webhooks/stripe/ --api-key "${STRIPE_SECRET_KEY}" &
|
||||
child=$!
|
||||
|
||||
# Wait for the child process
|
||||
wait "$child"
|
||||
Executable
+41
@@ -0,0 +1,41 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Wrapper script to run commands with the Stripe profile enabled
|
||||
# Checks for STRIPE_SECRET_KEY before starting, failing early with helpful error
|
||||
#
|
||||
# Usage: ./docker/stripe/with-stripe.sh <command>
|
||||
# Example: ./docker/stripe/with-stripe.sh nx run ghost-monorepo:docker:dev
|
||||
|
||||
set -e
|
||||
|
||||
check_stripe_key() {
|
||||
# Check environment variable first
|
||||
if [ -n "$STRIPE_SECRET_KEY" ]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
# Check .env file for non-empty value
|
||||
if [ -f .env ] && grep -qE '^STRIPE_SECRET_KEY=.+' .env; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
return 1
|
||||
}
|
||||
|
||||
if ! check_stripe_key; then
|
||||
echo ""
|
||||
echo "================================================================================"
|
||||
echo "ERROR: STRIPE_SECRET_KEY is not set"
|
||||
echo ""
|
||||
echo "To use the Stripe service, set STRIPE_SECRET_KEY in your .env file or ENV vars:"
|
||||
echo " STRIPE_SECRET_KEY=sk_test_..."
|
||||
echo ""
|
||||
echo "You can find your secret key at: https://dashboard.stripe.com/test/apikeys"
|
||||
echo "================================================================================"
|
||||
echo ""
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Run the command with the stripe profile enabled
|
||||
export COMPOSE_PROFILES="${COMPOSE_PROFILES:+$COMPOSE_PROFILES,}stripe"
|
||||
exec "$@"
|
||||
Reference in New Issue
Block a user