Skip to content

Commit 1d824db

Browse files
Microzuul CIGerrit Code Review
Microzuul CI
authored and
Gerrit Code Review
committed
Merge "Update MariaDB container image to 10.6"
2 parents 53f50cf + 4199dda commit 1d824db

File tree

4 files changed

+49
-10
lines changed

4 files changed

+49
-10
lines changed

controllers/libs/base/static/images.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -44,8 +44,8 @@ images:
4444
source: https://softwarefactory-project.io/cgit/containers/tree/images-sf/master/containers/rendered/purgelogs.container?id=6dea4a90864e62e4c7c9e1b85397b6545b421e39
4545
- name: mariadb
4646
container: quay.io/software-factory/mariadb
47-
version: 10.5.16-4
48-
source: https://softwarefactory-project.io/cgit/containers/tree/images-sf/master/containers/rendered/mariadb.container?id=6dea4a90864e62e4c7c9e1b85397b6545b421e39
47+
version: 10.6-ubi9-1
48+
source: https://softwarefactory-project.io/cgit/containers/tree/images-sf/master/containers/rendered/mariadb.container?id=475c0603059886c4fcfa172a81899bb1ca517d1c
4949
- name: busybox
5050
container: quay.io/software-factory/sf-op-busybox
5151
version: 1.5-3

controllers/mariadb.go

Lines changed: 37 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -85,14 +85,14 @@ func createLogForwarderSidecar(r *SFController, annotations map[string]string) (
8585
}
8686

8787
func (r *SFController) CreateDBInitContainer(username string, password string, dbname string) apiv1.Container {
88-
c := "CREATE DATABASE IF NOT EXISTS " + dbname + " CHARACTER SET utf8 COLLATE utf8_general_ci; "
89-
g := "GRANT ALL PRIVILEGES ON " + dbname + ".* TO '" + username + "'@'%' IDENTIFIED BY '${USER_PASSWORD}' WITH GRANT OPTION; FLUSH PRIVILEGES;"
88+
c := fmt.Sprintf("CREATE DATABASE IF NOT EXISTS %s CHARACTER SET utf8 COLLATE utf8_general_ci;", dbname)
89+
g := fmt.Sprintf("GRANT ALL PRIVILEGES ON %s.* TO '%s'@'%%' IDENTIFIED BY '${USER_PASSWORD}' WITH GRANT OPTION; FLUSH PRIVILEGES;", dbname, username)
9090
container := base.MkContainer("mariadb-client", base.MariaDBImage())
9191
base.SetContainerLimitsLowProfile(&container)
9292
container.Command = []string{"sh", "-c", `
93-
echo 'Running: mysql --host=" ` + MariaDBIdent + `" --user=root --password="$MYSQL_ROOT_PASSWORD" -e "` + c + g + `"'
93+
echo 'Running: mysql --host="` + MariaDBIdent + `" --user=root --password="$MARIADB_ROOT_PASSWORD" -e "` + c + g + `"'
9494
ATTEMPT=0
95-
while ! mysql --host=mariadb --user=root --password="$MYSQL_ROOT_PASSWORD" -e "` + c + g + `"; do
95+
while ! mysql --host=mariadb --user=root --password="$MARIADB_ROOT_PASSWORD" -e "` + c + g + `"; do
9696
ATTEMPT=$[ $ATTEMPT + 1 ]
9797
if test $ATTEMPT -eq 10; then
9898
echo "Failed after $ATTEMPT attempt";
@@ -102,7 +102,7 @@ func (r *SFController) CreateDBInitContainer(username string, password string, d
102102
done
103103
`}
104104
container.Env = []apiv1.EnvVar{
105-
base.MkSecretEnvVar("MYSQL_ROOT_PASSWORD", "mariadb-root-password", "mariadb-root-password"),
105+
base.MkSecretEnvVar("MARIADB_ROOT_PASSWORD", "mariadb-root-password", "mariadb-root-password"),
106106
{
107107
Name: "USER_PASSWORD",
108108
Value: password,
@@ -180,6 +180,18 @@ func (r *SFController) DeployMariadb() bool {
180180
MYSQLRootPassword string
181181
}{MYSQLRootPassword: string(adminPassSecret.Data["mariadb-root-password"])})
182182

183+
initfileSQL := fmt.Sprintf(
184+
`CREATE USER IF NOT EXISTS root@localhost IDENTIFIED BY '%s';
185+
SET PASSWORD FOR root@localhost = PASSWORD('%s');
186+
GRANT ALL ON *.* TO root@localhost WITH GRANT OPTION;
187+
CREATE USER IF NOT EXISTS root@'%%' IDENTIFIED BY '%s';
188+
SET PASSWORD FOR root@'%%' = PASSWORD('%s');
189+
GRANT ALL ON *.* TO root@'%%' WITH GRANT OPTION;`,
190+
adminPassSecret.Data["mariadb-root-password"],
191+
adminPassSecret.Data["mariadb-root-password"],
192+
adminPassSecret.Data["mariadb-root-password"],
193+
adminPassSecret.Data["mariadb-root-password"])
194+
183195
configSecret := apiv1.Secret{
184196
ObjectMeta: metav1.ObjectMeta{
185197
Name: "mariadb-config-secrets",
@@ -189,7 +201,17 @@ func (r *SFController) DeployMariadb() bool {
189201
"my.cnf": []byte(myCNF),
190202
},
191203
}
204+
initDBSecret := apiv1.Secret{
205+
ObjectMeta: metav1.ObjectMeta{
206+
Name: "mariadb-initdb-secrets",
207+
Namespace: r.ns,
208+
},
209+
Data: map[string][]byte{
210+
"initfile.sql": []byte(initfileSQL),
211+
},
212+
}
192213
r.EnsureSecret(&configSecret)
214+
r.EnsureSecret(&initDBSecret)
193215

194216
sts := r.mkStatefulSet(MariaDBIdent, base.MariaDBImage(), r.getStorageConfOrDefault(r.cr.Spec.MariaDB.DBStorage), apiv1.ReadWriteOnce)
195217

@@ -223,10 +245,18 @@ func (r *SFController) DeployMariadb() bool {
223245
MountPath: "/var/lib/mysql/.my.cnf",
224246
ReadOnly: true,
225247
},
248+
{
249+
Name: "mariadb-initdb-secrets",
250+
SubPath: "initfile.sql",
251+
MountPath: "/docker-entrypoint-initdb.d/initfile.sql",
252+
ReadOnly: true,
253+
},
226254
}, volumeMountsStatsExporter...)
227255
sts.Spec.Template.Spec.Containers[0].Env = []apiv1.EnvVar{
228256
base.MkEnvVar("HOME", "/var/lib/mysql"),
229-
base.MkSecretEnvVar("MYSQL_ROOT_PASSWORD", "mariadb-root-password", "mariadb-root-password"),
257+
base.MkSecretEnvVar("MARIADB_ROOT_PASSWORD", "mariadb-root-password", "mariadb-root-password"),
258+
base.MkEnvVar("MARIADB_DISABLE_UPGRADE_BACKUP", "1"),
259+
base.MkEnvVar("MARIADB_AUTO_UPGRADE", "1"),
230260
}
231261
sts.Spec.Template.Spec.Containers[0].Ports = []apiv1.ContainerPort{
232262
base.MkContainerPort(mariadbPort, mariaDBPortName),
@@ -237,6 +267,7 @@ func (r *SFController) DeployMariadb() bool {
237267
sts.Spec.Template.Spec.Volumes = []apiv1.Volume{
238268
base.MkEmptyDirVolume("mariadb-run"),
239269
base.MkVolumeSecret("mariadb-config-secrets", "mariadb-config-secrets"),
270+
base.MkVolumeSecret("mariadb-initdb-secrets", "mariadb-initdb-secrets"),
240271
}
241272

242273
annotations := map[string]string{

controllers/static/mariadb/my.cnf.tmpl

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,12 @@
11
[client]
22
user=root
33
host=localhost
4-
password={{ .MYSQLRootPassword }}
4+
password={{ .MYSQLRootPassword }}
5+
6+
[mysqld]
7+
init-file=/docker-entrypoint-initdb.d/initfile.sql
8+
innodb_file_per_table=on
9+
10+
[mariadb]
11+
general_log
12+
general_log_file=/var/log/mariadb/mariadb.log

roles/post/get-loki-logs/tasks/main.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@
2828

2929
- name: Get aggregated logs prefixed by service
3030
ansible.builtin.shell: >
31-
~/bin/logcli query --forward --since=6h --parallel-duration 15m --parallel-max-workers 4 --part-path-prefix=/tmp/all-query --merge-parts --no-labels --quiet '{namespace="sf"} | json | {{ line_format_query }}' > {{ _output_dir_realpath.stdout }}/all.log
31+
~/bin/logcli query --batch 200 --limit 1000 --tail --forward --since=6h --parallel-duration 15m --parallel-max-workers 4 --part-path-prefix=/tmp/all-query --merge-parts --no-labels --quiet '{namespace="sf"} | json | {{ line_format_query }}' > {{ _output_dir_realpath.stdout }}/all.log
3232
3333
- name: Change owner and group for the log dir
3434
ansible.builtin.command: chown -R {{ ansible_user }}:{{ ansible_user }} {{ _output_dir_realpath.stdout }}

0 commit comments

Comments
 (0)