UCEAP
diff --git a/‎.github/workflows/build_deploy_and_test.yml‎
Lines changed: 2 additions & 11 deletions b/‎.github/workflows/build_deploy_and_test.yml‎
Lines changed: 2 additions & 11 deletions
diff --git a/‎Dockerfile‎
Lines changed: 1 addition & 13 deletions b/‎Dockerfile‎
Lines changed: 1 addition & 13 deletions
diff --git a/‎docker-uceap-entrypoint‎
Lines changed: 4 additions & 0 deletions b/‎docker-uceap-entrypoint‎
Lines changed: 4 additions & 0 deletions
@@ -80,7 +80,7 @@ jobs:
       - name: Configure AWS credentials
         uses: aws-actions/configure-aws-credentials@v4
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-access-key-id: ${{ vars.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: ${{ vars.AWS_REGION }}
       - name: Log in to Amazon ECR
@@ -95,15 +95,6 @@ jobs:
             ${{ vars.ECR_REPOSITORY_URL }}:${{ github.sha }}
             ${{ vars.ECR_REPOSITORY_URL }}:latest
           file: ./Dockerfile
-          build-args: |
-            MYSQL_HOST=${{ vars.AWS_MYSQL_HOST }}
-            MYSQL_TCP_PORT=${{ vars.AWS_MYSQL_TCP_PORT }}
-            MYSQL_USER=${{ vars.AWS_MYSQL_USER }}
-            MYSQL_PASSWORD=${{ secrets.AWS_MYSQL_PASSWORD }}
-            MYSQL_DATABASE=${{ vars.AWS_MYSQL_DATABASE }}
-            REDIS_HOST=${{ vars.AWS_REDIS_HOST }}
-            REDIS_AUTH=${{ secrets.AWS_REDIS_AUTH }}
-            HASH_SALT=${{ secrets.AWS_HASH_SALT }}
 
   lint:
     name: Check lint
@@ -283,7 +274,7 @@ jobs:
       - name: Configure AWS credentials
         uses: aws-actions/configure-aws-credentials@v4
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-access-key-id: ${{ vars.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: ${{ vars.AWS_REGION }}
       - name: Update ECS service with new image
 
@@ -1,5 +1,3 @@
-# check=skip=SecretsUsedInArgOrEnv
-
 FROM ghcr.io/uceap/devcontainer-drupal:v2.3.0
 
 # Install SSH server
@@ -12,23 +10,13 @@ RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
 COPY docker-uceap-entrypoint /usr/local/bin/docker-uceap-entrypoint
 ENTRYPOINT ["docker-uceap-entrypoint"]
 
-ARG MYSQL_HOST
-ARG MYSQL_TCP_PORT
-ARG MYSQL_USER
-ARG MYSQL_PASSWORD
-ARG MYSQL_DATABASE
-ARG REDIS_HOST
-ARG REDIS_AUTH
-ARG HASH_SALT
-
 COPY build /var/www/build
 COPY config /var/www/config
 COPY composer.json /var/www/
 COPY web /var/www/web
 
 WORKDIR /var/www
 
-RUN composer initialize-container && \
-  composer install --no-dev --no-interaction --no-progress --optimize-autoloader && \
+RUN composer install --no-dev --no-interaction --no-progress --optimize-autoloader && \
   sed -i 's-/var/www/html-/var/www/web-' /etc/apache2/sites-available/*.conf && \
   sed -i 's/# Listen\s*80$/Listen 80/' /etc/apache2/ports.conf
@@ -1,6 +1,10 @@
 #!/bin/sh
 set -e
 
+# Initialize Drupal container with runtime environment variables
+# This runs at container startup with secrets from AWS Secrets Manager
+cd /var/www && composer initialize-container
+
 service ssh start
 
 exec apache2-foreground