How to use environment variables on docker-compose healthchecks?

Question

I'm trying to create a simple health check for a sql-server container as follows:

version: "3.8"

volumes:
    sql-server:

services:     
  sql-server:
      image: "mcr.microsoft.com/mssql/server:2017-latest"
      container_name: sql-server
      environment:
          - ACCEPT_EULA=Y
          - SA_PASSWORD=sa@@2020
      healthcheck:
          test: ["CMD", "/opt/mssql-tools/bin/sqlcmd", "-U", "sa", "-P", "$$SA_PASSWORD", "-Q", "SELECT 1"]
      ports:
          - "1433:1433"
      volumes: 
          - sql-server:/var/opt/mssql

Yet I keep getting this login failed message:

Login failed for user 'sa'. Reason: Password did not match that for the login provided.

If I manually pass my password instead of using an environment variable it works just fine, yet I personally don't like the idea of having to "repeat" it.

I've also tried to use ${SA_PASSWORD} as proposed here.

Which gets me the same result.

What am I missing here?

Answer 1

You don't have a shell to expand the variables, so sqlcmd is receiving the $$SA_PASSWORD as a string.

Try replacing the command with something like this in order to have a shell that expands the variables from the environment.

 test: ["CMD", "sh", "-c", "/opt/mssql-tools/bin/sqlcmd -U sa -P $$SA_PASSWORD -Q SELECT 1"]

or you can try to tell docker-compose to expand the variable as follows:

test: ["CMD", "/opt/mssql-tools/bin/sqlcmd", "-U", "sa", "-P ${self:services.mysql.environment.SA_PASSWORD}", "-Q", "SELECT 1"]