X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcommon%2Fmariadb-init%2Fresources%2Fconfig%2Fdb_init.sh;h=8f7e7ce44b13fa77561f95039ebdbe494af4b6d8;hb=fb9dc874a2e6419cab4ed231743b3d405c753cb6;hp=304835bdd524e6ba510d662f26acabb94f8378ff;hpb=525447ad64582c9d8a94542cc32e89c9986d864d;p=oom.git diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh index 304835bdd5..8f7e7ce44b 100755 --- a/kubernetes/common/mariadb-init/resources/config/db_init.sh +++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh @@ -1,5 +1,8 @@ #!/bin/sh + +{{/* # Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,21 +15,35 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -echo "Creating database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}..." - -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ .Values.config.userName }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ .Values.config.mysqlDatabase }}" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ .Values.config.mysqlDatabase }}.* TO '{{ .Values.config.userName }}'@'%'" +# make sure the script fails if any of commands failed +set -e -echo "Created database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}." +while read DB ; do + USER_VAR="MYSQL_USER_$(echo $DB | tr '[:lower:]' '[:upper:]')" + PASS_VAR="MYSQL_PASSWORD_$(echo $DB | tr '[:lower:]' '[:upper:]')" +{{/* + # USER=${!USER_VAR} + # PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"` + # eval replacement of the bashism equivalents above might present a security issue here + # since it reads content from DB values filled by helm at the end of the script. + # These possible values has to be constrainted and/or limited by helm for a safe use of eval. +*/}} + eval USER=\$$USER_VAR + PASS=$(eval echo -n \$$PASS_VAR | sed -e "s/'/''/g") + MYSQL_OPTS=" -h "${DB_HOST}" -P "${DB_PORT}" -uroot -p"${MYSQL_ROOT_PASSWORD} -{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases -}} -echo "Creating database {{ $db }} and user {{ $dbInfos.user }}..." + echo "Creating database ${DB} and user ${USER}..." -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ $dbInfos.user }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_{{ $db | upper }}}'" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ $db }}" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ $db }}.* TO '{{ $dbInfos.user }}'@'%'" + mysql $MYSQL_OPTS -e "CREATE OR REPLACE USER '${USER}'@'%' IDENTIFIED BY '${PASS}'" + mysql $MYSQL_OPTS -e "CREATE DATABASE IF NOT EXISTS ${DB}" + mysql $MYSQL_OPTS -e "GRANT ALL PRIVILEGES ON ${DB}.* TO '${USER}'@'%'" -echo "Created database {{ $db }} and user {{ $dbInfos.user }}." -{{ end }} + echo "Created database ${DB} and user ${USER}." +done <