From cf3ba9cc231490e1f76bcb523fe02bf83b6aa6c1 Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Fri, 31 May 2024 11:02:29 +0300
Subject: [PATCH] Try to get `admin_password` from the ENV by default

In a situation where you run wp-cli with `--admin-password`, then plain-text
password is exposed in process list (e.g. `ps aufx`). We might be able to use
`--admin-password=$WP_CLI_CORE_INSTALL_ADMIN_PASSWORD`, but it's not possible also
when running in a nested mode (e.g. unshare() -> chroot() -> execvp() chain).

Thus, this relaxes a bit the installation and tries to get the default password
from the environment itself by default.

It doesn't break a current functionality.

```
% export WP_CLI_CORE_INSTALL_ADMIN_PASSWORD=password123 ; ./vendor/bin/wp core install --admin_user=admin --url=donatas.net --title=wp --admin_email=me@donatas.net
Success: WordPress installed successfully.

% ./vendor/bin/wp user check-password admin password123 && echo OK
OK
```

Signed-off-by: Donatas Abraitis <donatas@hostinger.com>
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---
 src/Core_Command.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/Core_Command.php b/src/Core_Command.php
index a4c0e58a..23df4a12 100644
--- a/src/Core_Command.php
+++ b/src/Core_Command.php
@@ -629,11 +629,13 @@ function wp_new_blog_notification() {
 
 		require_once ABSPATH . 'wp-admin/includes/upgrade.php';
 
+		$admin_password = getenv( 'WP_CLI_CORE_INSTALL_ADMIN_PASSWORD' );
+
 		$defaults = [
 			'title'          => '',
 			'admin_user'     => '',
 			'admin_email'    => '',
-			'admin_password' => '',
+			'admin_password' => false !== $admin_password ? $admin_password : '',
 		];
 
 		if ( Utils\wp_version_compare( '4.0', '<' ) ) {