y-scope · junhaoliao · Aug 19, 2025 · Aug 3, 2025 · Aug 3, 2025 · Aug 3, 2025
@@ -9,7 +9,7 @@
 import typing
 import uuid
 from enum import auto
-from typing import List, Optional, Tuple
+from typing import Dict, List, Optional, Tuple
-from typing import Dict, List, Optional, Tuple
+class CLPDockerMounts:
+    def __init__(self, clp_home: pathlib.Path, docker_clp_home: pathlib.Path):
+        self.input_logs_dir: Optional[DockerMount] = None
+        self.clp_home: typing.Optional[DockerMount] = DockerMount(
+            DockerMountType.BIND, clp_home, docker_clp_home
+        )
+        self.data_dir: Optional[DockerMount] = None
+        self.logs_dir: Optional[DockerMount] = None
+        self.archives_output_dir: Optional[DockerMount] = None
+        self.stream_output_dir: Optional[DockerMount] = None
+        self.aws_config_dir: Optional[DockerMount] = None
-from typing import Dict, List, Optional, Tuple
+class CLPDockerMounts:
+    def __init__(self, clp_home: pathlib.Path, docker_clp_home: pathlib.Path):
+        self.input_logs_dir: Optional[DockerMount] = None
+        self.clp_home: typing.Optional[DockerMount] = DockerMount(
+            DockerMountType.BIND, clp_home, docker_clp_home
+        )
+        self.data_dir: Optional[DockerMount] = None
+        self.logs_dir: Optional[DockerMount] = None
+        self.archives_output_dir: Optional[DockerMount] = None
+        self.stream_output_dir: Optional[DockerMount] = None
+        self.aws_config_dir: Optional[DockerMount] = None
 
 import yaml
 from clp_py_utils.clp_config import (
@@ -95,6 +95,7 @@ def __init__(self, clp_home: pathlib.Path, docker_clp_home: pathlib.Path):
         self.archives_output_dir: typing.Optional[DockerMount] = None
         self.stream_output_dir: typing.Optional[DockerMount] = None
         self.aws_config_dir: typing.Optional[DockerMount] = None
+        self.generated_config_file: typing.Optional[DockerMount] = None
 
-        self.generated_config_file: typing.Optional[DockerMount] = None
+        self.generated_config_file: Optional[DockerMount] = None
-        self.generated_config_file: typing.Optional[DockerMount] = None
+        self.generated_config_file: Optional[DockerMount] = None
 
 def _validate_data_directory(data_dir: pathlib.Path, component_name: str) -> None:
@@ -285,6 +286,18 @@ def generate_container_config(
             container_clp_config.stream_output.get_directory(),
         )
 
+    if not is_path_already_mounted(
+        clp_home,
+        CONTAINER_CLP_HOME,
+        clp_config.get_generated_config_file_path(),
+        container_clp_config.get_generated_config_file_path(),
+    ):
+        docker_mounts.generated_config_file = DockerMount(
+            DockerMountType.BIND,
+            clp_config.get_generated_config_file_path(),
+            container_clp_config.get_generated_config_file_path(),
+        )
+
     # Only create the mount if the directory exists
     if clp_config.aws_config_directory is not None:
         container_clp_config.aws_config_directory = CONTAINER_AWS_CONFIG_DIRECTORY
@@ -328,13 +341,19 @@ def dump_container_config(
 
 
 def generate_container_start_cmd(
-    container_name: str, container_mounts: List[Optional[DockerMount]], container_image: str
+    container_name: str,
+    container_mounts: List[Optional[DockerMount]],
+    container_image: str,
+    extra_env_vars: Optional[Dict[str, str]] = None,
 ) -> List[str]:
     """
-    Generates the command to start a container with the given mounts and name.
+    Generates the command to start a container with the given mounts, environment variables, and
+    name.
+
     :param container_name:
     :param container_mounts:
     :param container_image:
+    :param extra_env_vars:
     :return: The command.
     """
-def generate_container_start_cmd(
-    container_name: str, container_mounts: List[Optional[DockerMount]], container_image: str
-    container_name: str,
-    container_mounts: List[Optional[DockerMount]],
-    container_image: str,
-    extra_env_vars: Optional[Dict[str, str]] = None,
-) -> List[str]:
-    """
-    Generates the command to start a container with the given mounts and name.
-    Generates the command to start a container with the given mounts, environment variables, and
-    name.
-
-    :param container_name:
-    :param container_mounts:
-    :param container_image:
-    :param extra_env_vars:
-    :return: The command.
-    """
+def generate_container_start_cmd(
+    container_name: str,
+    container_mounts: List[Optional[DockerMount]],
+    container_image: str,
+    extra_env_vars: Optional[Dict[str, str]] = None,
+) -> List[str]:
+    """
+    Generates the command to start a container with the given mounts, environment variables, and
+    name.
+
+    :param container_name:
+    :param container_mounts:
+    :param container_image:
+    :param extra_env_vars: Additional environment variables as a mapping. Must not include
+                           reserved keys like PYTHONPATH or CLP_HOME.
+    :return: The command.
+    """
-def generate_container_start_cmd(
-    container_name: str, container_mounts: List[Optional[DockerMount]], container_image: str
-    container_name: str,
-    container_mounts: List[Optional[DockerMount]],
-    container_image: str,
-    extra_env_vars: Optional[Dict[str, str]] = None,
-) -> List[str]:
-    """
-    Generates the command to start a container with the given mounts and name.
-    Generates the command to start a container with the given mounts, environment variables, and
-    name.
-
-    :param container_name:
-    :param container_mounts:
-    :param container_image:
-    :param extra_env_vars:
-    :return: The command.
-    """
+def generate_container_start_cmd(
+    container_name: str,
+    container_mounts: List[Optional[DockerMount]],
+    container_image: str,
+    extra_env_vars: Optional[Dict[str, str]] = None,
+) -> List[str]:
+    """
+    Generates the command to start a container with the given mounts, environment variables, and
+    name.
+
+    :param container_name:
+    :param container_mounts:
+    :param container_image:
+    :param extra_env_vars: Additional environment variables as a mapping. Must not include
+                           reserved keys like PYTHONPATH or CLP_HOME.
+    :return: The command.
+    """
     clp_site_packages_dir = CONTAINER_CLP_HOME / "lib" / "python3" / "site-packages"
@@ -350,6 +369,9 @@ def generate_container_start_cmd(
         "--name", container_name,
         "--log-driver", "local"
     ]
+    if extra_env_vars is not None:
+        for key, value in extra_env_vars.items():
+            container_start_cmd.extend(["-e", f"{key}={value}"])
     for mount in container_mounts:
         if mount:
             container_start_cmd.append("--mount")
@@ -428,21 +450,21 @@ def validate_and_load_db_credentials_file(
     clp_config: CLPConfig, clp_home: pathlib.Path, generate_default_file: bool
 ):
     validate_credentials_file_path(clp_config, clp_home, generate_default_file)
-    clp_config.load_database_credentials_from_file()
+    clp_config.database.load_credentials_from_file(clp_config.credentials_file_path)
 
 
 def validate_and_load_queue_credentials_file(
     clp_config: CLPConfig, clp_home: pathlib.Path, generate_default_file: bool
 ):
     validate_credentials_file_path(clp_config, clp_home, generate_default_file)
-    clp_config.load_queue_credentials_from_file()
+    clp_config.queue.load_credentials_from_file(clp_config.credentials_file_path)
 
 
 def validate_and_load_redis_credentials_file(
     clp_config: CLPConfig, clp_home: pathlib.Path, generate_default_file: bool
 ):
     validate_credentials_file_path(clp_config, clp_home, generate_default_file)
-    clp_config.load_redis_credentials_from_file()
+    clp_config.redis.load_credentials_from_file(clp_config.credentials_file_path)
 
 
 def validate_db_config(clp_config: CLPConfig, data_dir: pathlib.Path, logs_dir: pathlib.Path):
@@ -599,3 +621,71 @@ def is_retention_period_configured(clp_config: CLPConfig) -> bool:
         return True
 
     return False
+
+
+def generate_common_environment_variables(
+    include_clp_home_env_var=True,
+) -> List[str]:
+    """
+    Generate a list of common environment variables for Docker containers.
+
+    :param include_clp_home_env_var:
+    :return: A list of common environment variables for Docker containers in the format "KEY=VALUE".
+    """
+    clp_site_packages_dir = CONTAINER_CLP_HOME / "lib" / "python3" / "site-packages"
+    env_vars = [f"PYTHONPATH={clp_site_packages_dir}"]
+
+    if include_clp_home_env_var:
+        env_vars.append(f"CLP_HOME={CONTAINER_CLP_HOME}")
+
+    return env_vars
+
+
+def generate_credential_environment_variables(
+    container_clp_config: CLPConfig,
+    include_db_credentials=False,
+    include_queue_credentials=False,
+    include_redis_credentials=False,
+) -> List[str]:
+    """
+    Generates a list of credential environment variables for Docker containers.
+
+    :param container_clp_config:
+    :param include_db_credentials:
+    :param include_queue_credentials:
+    :param include_redis_credentials:
+    :return: A list of common environment variables for Docker containers in the format "KEY=VALUE".
+    """
+    env_vars = []
+
+    if include_db_credentials:
+        env_vars.append(f"CLP_DB_USER={container_clp_config.database.username}")
+        env_vars.append(f"CLP_DB_PASS={container_clp_config.database.password}")
+
+    if include_queue_credentials:
+        env_vars.append(f"CLP_QUEUE_USER={container_clp_config.queue.username}")
+        env_vars.append(f"CLP_QUEUE_PASS={container_clp_config.queue.password}")
+
+    if include_redis_credentials:
+        env_vars.append(f"CLP_REDIS_PASS={container_clp_config.redis.password}")
+
+    return env_vars
+
+
+def generate_celery_connection_environment_variables(container_clp_config: CLPConfig) -> List[str]:
+    """
+    Generate a list of Celery connection environment variables for Docker containers.
+
+    :param container_clp_config:
+    :return: A list of common environment variables for Docker containers in the format "KEY=VALUE".
+    """
+    env_vars = [
+        f"BROKER_URL=amqp://"
+        f"{container_clp_config.queue.username}:{container_clp_config.queue.password}@"
+        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}",
+        f"RESULT_BACKEND=redis://default:{container_clp_config.redis.password}@"
+        f"{container_clp_config.redis.host}:{container_clp_config.redis.port}/"
+        f"{container_clp_config.redis.query_backend_database}",
-    env_vars = [
-        f"BROKER_URL=amqp://"
-        f"{container_clp_config.queue.username}:{container_clp_config.queue.password}@"
-        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}",
-        f"RESULT_BACKEND=redis://default:{container_clp_config.redis.password}@"
-        f"{container_clp_config.redis.host}:{container_clp_config.redis.port}/"
-        f"{container_clp_config.redis.query_backend_database}",
+from urllib.parse import quote
+
+def get_celery_connection_env_vars_list(container_clp_config: CLPConfig) -> List[str]:
+    """
+    :param container_clp_config:
+    :return: A list of Celery connection environment variables for Docker containers, in the format
+    "KEY=VALUE".
+    """
+    queue_user = quote(container_clp_config.queue.username, safe='')
+    queue_pass = quote(container_clp_config.queue.password, safe='')
+    redis_pass = quote(container_clp_config.redis.password, safe='')
+
+    env_vars = [
+        f"BROKER_URL=amqp://"
+        f"{queue_user}:{queue_pass}@"
+        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}",
+        f"RESULT_BACKEND=redis://default:{redis_pass}@"
+        f"{container_clp_config.redis.host}:{container_clp_config.redis.port}/"
+        f"{container_clp_config.redis.query_backend_database}",
+    ]
+    return env_vars
-    env_vars = [
-        f"BROKER_URL=amqp://"
-        f"{container_clp_config.queue.username}:{container_clp_config.queue.password}@"
-        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}",
-        f"RESULT_BACKEND=redis://default:{container_clp_config.redis.password}@"
-        f"{container_clp_config.redis.host}:{container_clp_config.redis.port}/"
-        f"{container_clp_config.redis.query_backend_database}",
+from urllib.parse import quote
+
+def get_celery_connection_env_vars_list(container_clp_config: CLPConfig) -> List[str]:
+    """
+    :param container_clp_config:
+    :return: A list of Celery connection environment variables for Docker containers, in the format
+    "KEY=VALUE".
+    """
+    queue_user = quote(container_clp_config.queue.username, safe='')
+    queue_pass = quote(container_clp_config.queue.password, safe='')
+    redis_pass = quote(container_clp_config.redis.password, safe='')
+
+    env_vars = [
+        f"BROKER_URL=amqp://"
+        f"{queue_user}:{queue_pass}@"
+        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}",
+        f"RESULT_BACKEND=redis://default:{redis_pass}@"
+        f"{container_clp_config.redis.host}:{container_clp_config.redis.port}/"
+        f"{container_clp_config.redis.query_backend_database}",
+    ]
+    return env_vars
+    ]
+
+    return env_vars
-def generate_celery_connection_environment_variables(container_clp_config: CLPConfig) -> List[str]:
-    """
-    Generate a list of Celery connection environment variables for Docker containers.
-
-    :param container_clp_config:
-    :return: A list of common environment variables for Docker containers in the format "KEY=VALUE".
-    """
-    env_vars = [
-        f"BROKER_URL=amqp://"
-        f"{container_clp_config.queue.username}:{container_clp_config.queue.password}@"
-        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}",
-        f"RESULT_BACKEND=redis://default:{container_clp_config.redis.password}@"
-        f"{container_clp_config.redis.host}:{container_clp_config.redis.port}/"
-        f"{container_clp_config.redis.query_backend_database}",
-    ]
-
-    return env_vars
+def generate_celery_connection_environment_variables(
+    container_clp_config: CLPConfig,
+    redis_database: Optional[int] = None,
+) -> List[str]:
+    """
+    Generate a list of Celery connection environment variables for Docker containers.
+
+    :param container_clp_config: Configuration with queue and redis credentials/hosts.
+    :param redis_database: Optional Redis database index to use; defaults to
+                           container_clp_config.redis.query_backend_database.
+    :return: A list of environment variable strings in the format "KEY=VALUE".
+    """
+    from urllib.parse import quote
+
+    q_user = "" if container_clp_config.queue.username is None else quote(
+        container_clp_config.queue.username, safe=""
+    )
+    q_pass = "" if container_clp_config.queue.password is None else quote(
+        container_clp_config.queue.password, safe=""
+    )
+    r_pass = container_clp_config.redis.password
+    redis_db = (
+        container_clp_config.redis.query_backend_database
+        if redis_database is None
+        else redis_database
+    )
+
+    broker = (
+        f"amqp://{q_user}:{q_pass}@"
+        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}"
+    )
+    if r_pass:
+        backend = (
+            "redis://default:"
+            f"{quote(r_pass, safe='')}@"
+            f"{container_clp_config.redis.host}:"
+            f"{container_clp_config.redis.port}/{redis_db}"
+        )
+    else:
+        backend = (
+            f"redis://{container_clp_config.redis.host}:"
+            f"{container_clp_config.redis.port}/{redis_db}"
+        )
+
+    env_vars = [f"BROKER_URL={broker}", f"RESULT_BACKEND={backend}"]
+    return env_vars
-def generate_celery_connection_environment_variables(container_clp_config: CLPConfig) -> List[str]:
-    """
-    Generate a list of Celery connection environment variables for Docker containers.
-
-    :param container_clp_config:
-    :return: A list of common environment variables for Docker containers in the format "KEY=VALUE".
-    """
-    env_vars = [
-        f"BROKER_URL=amqp://"
-        f"{container_clp_config.queue.username}:{container_clp_config.queue.password}@"
-        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}",
-        f"RESULT_BACKEND=redis://default:{container_clp_config.redis.password}@"
-        f"{container_clp_config.redis.host}:{container_clp_config.redis.port}/"
-        f"{container_clp_config.redis.query_backend_database}",
-    ]
-
-    return env_vars
+def generate_celery_connection_environment_variables(
+    container_clp_config: CLPConfig,
+    redis_database: Optional[int] = None,
+) -> List[str]:
+    """
+    Generate a list of Celery connection environment variables for Docker containers.
+
+    :param container_clp_config: Configuration with queue and redis credentials/hosts.
+    :param redis_database: Optional Redis database index to use; defaults to
+                           container_clp_config.redis.query_backend_database.
+    :return: A list of environment variable strings in the format "KEY=VALUE".
+    """
+    from urllib.parse import quote
+
+    q_user = "" if container_clp_config.queue.username is None else quote(
+        container_clp_config.queue.username, safe=""
+    )
+    q_pass = "" if container_clp_config.queue.password is None else quote(
+        container_clp_config.queue.password, safe=""
+    )
+    r_pass = container_clp_config.redis.password
+    redis_db = (
+        container_clp_config.redis.query_backend_database
+        if redis_database is None
+        else redis_database
+    )
+
+    broker = (
+        f"amqp://{q_user}:{q_pass}@"
+        f"{container_clp_config.queue.host}:{container_clp_config.queue.port}"
+    )
+    if r_pass:
+        backend = (
+            "redis://default:"
+            f"{quote(r_pass, safe='')}@"
+            f"{container_clp_config.redis.host}:"
+            f"{container_clp_config.redis.port}/{redis_db}"
+        )
+    else:
+        backend = (
+            f"redis://{container_clp_config.redis.host}:"
+            f"{container_clp_config.redis.port}/{redis_db}"
+        )
+
+    env_vars = [f"BROKER_URL={broker}", f"RESULT_BACKEND={backend}"]
+    return env_vars
@@ -8,7 +8,7 @@
 from clp_py_utils.clp_config import (
     CLP_DEFAULT_DATASET_NAME,
     StorageEngine,
-    StorageType,
+    StorageType, CLP_DB_USER_ENV_VAR_NAME, CLP_DB_PASS_ENV_VAR_NAME,
 )
 
 from clp_package_utils.general import (
@@ -214,14 +214,17 @@ def main(argv: typing.List[str]) -> int:
     generated_config_path_on_container, generated_config_path_on_host = dump_container_config(
         container_clp_config, clp_config, container_name
     )
-
     necessary_mounts: typing.List[CLPDockerMounts] = [
-    necessary_mounts: typing.List[CLPDockerMounts] = [
+    necessary_mounts: typing.List[DockerMount] = [
-    necessary_mounts: typing.List[CLPDockerMounts] = [
+    necessary_mounts: typing.List[DockerMount] = [
         mounts.clp_home,
         mounts.logs_dir,
         mounts.archives_output_dir,
     ]
+    extra_env_vars = {
+        CLP_DB_USER_ENV_VAR_NAME: clp_config.database.username,
+        CLP_DB_PASS_ENV_VAR_NAME: clp_config.database.password,
+    }
     container_start_cmd: typing.List[str] = generate_container_start_cmd(
-        container_name, necessary_mounts, clp_config.execution_container
+        container_name, necessary_mounts, clp_config.execution_container, extra_env_vars
     )
 
     # fmt: off

@@ -8,7 +8,7 @@
 
 from clp_py_utils.clp_config import (
     CLP_DEFAULT_DATASET_NAME,
-    StorageEngine,
+    StorageEngine, CLP_DB_USER_ENV_VAR_NAME, CLP_DB_PASS_ENV_VAR_NAME,
 )
 from job_orchestration.scheduler.job_config import InputType
 
@@ -222,8 +222,12 @@ def main(argv):
 
     _generate_logs_list(clp_config.logs_input.type, container_logs_list_path, parsed_args)
 
+    extra_env_vars = {
+        CLP_DB_USER_ENV_VAR_NAME: clp_config.database.username,
+        CLP_DB_PASS_ENV_VAR_NAME: clp_config.database.password,
+    }
     container_start_cmd = generate_container_start_cmd(
-        container_name, necessary_mounts, clp_config.execution_container
+        container_name, necessary_mounts, clp_config.execution_container, extra_env_vars
     )
     compress_cmd = _generate_compress_cmd(
         parsed_args, dataset, generated_config_path_on_container, logs_list_path_on_container

@@ -9,7 +9,7 @@
     CLP_DEFAULT_DATASET_NAME,
     CLPConfig,
     StorageEngine,
-    StorageType,
+    StorageType, CLP_DB_USER_ENV_VAR_NAME, CLP_DB_PASS_ENV_VAR_NAME,
 )
 
 from clp_package_utils.general import (
@@ -122,8 +122,13 @@ def handle_extract_file_cmd(
                 container_paths_to_extract_file_path,
             )
         )
+
+    extra_env_vars = {
+        CLP_DB_USER_ENV_VAR_NAME: clp_config.database.username,
+        CLP_DB_PASS_ENV_VAR_NAME: clp_config.database.password,
+    }
     container_start_cmd = generate_container_start_cmd(
-        container_name, necessary_mounts, clp_config.execution_container
+        container_name, necessary_mounts, clp_config.execution_container, extra_env_vars
     )
 
     # fmt: off
@@ -194,8 +199,12 @@ def handle_extract_stream_cmd(
         container_clp_config, clp_config, container_name
     )
     necessary_mounts = [mounts.clp_home, mounts.logs_dir]
+    extra_env_vars = {
+        CLP_DB_USER_ENV_VAR_NAME: clp_config.database.username,
+        CLP_DB_PASS_ENV_VAR_NAME: clp_config.database.password,
+    }
     container_start_cmd = generate_container_start_cmd(
-        container_name, necessary_mounts, clp_config.execution_container
+        container_name, necessary_mounts, clp_config.execution_container, extra_env_vars
     )
 
     # fmt: off

@@ -194,6 +194,7 @@ def main(argv: typing.List[str]) -> int:
             config_file_path, default_config_file_path, clp_home
         )
         clp_config.validate_logs_dir()
+        clp_config.database.load_credentials_from_env()
     except:
         logger.exception("Failed to load config.")
         return -1

@@ -226,6 +226,7 @@ def main(argv):
         clp_config = load_config_file(config_file_path, default_config_file_path, clp_home)
         clp_config.validate_logs_input_config()
         clp_config.validate_logs_dir()
+        clp_config.database.load_credentials_from_env()
     except:
         logger.exception("Failed to load config.")
         return -1

@@ -11,7 +11,7 @@
 
 from clp_py_utils.clp_config import (
     CLPConfig,
-    Database,
+    Database, CLP_DB_USER_ENV_VAR_NAME, CLP_DB_PASS_ENV_VAR_NAME,
 )
 from clp_py_utils.clp_metadata_db_utils import get_files_table_name
 from clp_py_utils.sql_adapter import SQL_Adapter
@@ -189,6 +189,7 @@ def validate_and_load_config_file(
         clp_config = load_config_file(config_file_path, default_config_file_path, clp_home)
         clp_config.validate_archive_output_config()
         clp_config.validate_logs_dir()
+        clp_config.database.load_credentials_from_env()
         return clp_config
     except Exception:
         logger.exception("Failed to load config.")
@@ -244,8 +245,8 @@ def handle_extract_file_cmd(
     # fmt: on
     extract_env = {
         **os.environ,
-        "CLP_DB_USER": clp_db_connection_params["username"],
-        "CLP_DB_PASS": clp_db_connection_params["password"],
+        CLP_DB_USER_ENV_VAR_NAME: clp_db_connection_params["username"],
+        CLP_DB_PASS_ENV_VAR_NAME: clp_db_connection_params["password"],
     }
 
     files_to_extract_list_path = None

@@ -294,6 +294,7 @@ def main(argv):
         config_file_path = pathlib.Path(parsed_args.config)
         clp_config = load_config_file(config_file_path, default_config_file_path, clp_home)
         clp_config.validate_logs_dir()
+        clp_config.database.load_credentials_from_env()
     except:
         logger.exception("Failed to load config.")
         return -1

@@ -10,7 +10,7 @@
 from clp_py_utils.clp_config import (
     CLP_DEFAULT_DATASET_NAME,
     StorageEngine,
-    StorageType,
+    StorageType, CLP_DB_PASS_ENV_VAR_NAME, CLP_DB_USER_ENV_VAR_NAME,
 )
 
 from clp_package_utils.general import (
@@ -117,10 +117,13 @@ def main(argv):
     generated_config_path_on_container, generated_config_path_on_host = dump_container_config(
         container_clp_config, clp_config, container_name
     )
-
     necessary_mounts = [mounts.clp_home, mounts.logs_dir]
+    extra_env_vars = {
+        CLP_DB_USER_ENV_VAR_NAME: clp_config.database.username,
+        CLP_DB_PASS_ENV_VAR_NAME: clp_config.database.password,
+    }
     container_start_cmd = generate_container_start_cmd(
-        container_name, necessary_mounts, clp_config.execution_container
+        container_name, necessary_mounts, clp_config.execution_container, extra_env_vars
     )
 
     # fmt: off