use python3 for FERNETKEY validation

aptalca · aptalca · commit 7ae7673749de · 2020-07-21T14:03:21.000-04:00
diff --git a/root/etc/cont-init.d/30-config b/root/etc/cont-init.d/30-config
@@ -5,7 +5,7 @@ if grep -q 'REPLACEWITHFERNETKEY' /app/ldap-backend-app.py; then
     if [ -z "${FERNETKEY}" ]; then
         KEY=$(python3 /app/fernet-key.py)
         echo "generated fernet key"
-    elif [ $(openssl base64 -d <<< "${FERNETKEY}" | wc -c) != "32" ]; then
+    elif ! python3 -c "from cryptography.fernet import Fernet; Fernet(b'${FERNETKEY}').encrypt(b\"my deep dark secret\")" 2>/dev/null; then
         echo "FERNETKEY env var is not set to a base64 encoded 32-byte key"
         KEY=$(python3 /app/fernet-key.py)
         echo "generated fernet key"
