X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcommon%2Fmariadb-init%2Fresources%2Fconfig%2Fdb_init.sh;h=f130bb51185a3a2939ea0532d3f07add9d6728e4;hb=f3454863133c2979f5091e6881cde3a496b2e12d;hp=304835bdd524e6ba510d662f26acabb94f8378ff;hpb=1f20e128c5ffe2d7996a33bb2a3d61fa923493cd;p=oom.git diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh index 304835bdd5..f130bb5118 100755 --- a/kubernetes/common/mariadb-init/resources/config/db_init.sh +++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh @@ -1,5 +1,8 @@ -#!/bin/sh +#!/bin/bash + +{{/* # Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,21 +15,35 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -echo "Creating database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}..." - -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ .Values.config.userName }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ .Values.config.mysqlDatabase }}" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ .Values.config.mysqlDatabase }}.* TO '{{ .Values.config.userName }}'@'%'" +# make sure the script fails if any of commands failed +set -e -echo "Created database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}." +while read DB ; do + USER_VAR="MYSQL_USER_${DB^^}" + PASS_VAR="MYSQL_PASSWORD_${DB^^}" +{{/* + # USER=${!USER_VAR} + # PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"` + # eval replacement of the bashism equivalents above might present a security issue here + # since it reads content from DB values filled by helm at the end of the script. + # These possible values has to be constrainted and/or limited by helm for a safe use of eval. +*/}} + eval USER=\$$USER_VAR + PASS=$(eval echo -n \$$PASS_VAR | sed -e "s/'/''/g") + MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} ) -{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases -}} -echo "Creating database {{ $db }} and user {{ $dbInfos.user }}..." + echo "Creating database ${DB} and user ${USER}..." -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ $dbInfos.user }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_{{ $db | upper }}}'" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ $db }}" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ $db }}.* TO '{{ $dbInfos.user }}'@'%'" + mysql "${MYSQL_OPTS[@]}" -e "CREATE OR REPLACE USER '${USER}'@'%' IDENTIFIED BY '${PASS}'" + mysql "${MYSQL_OPTS[@]}" -e "CREATE DATABASE IF NOT EXISTS ${DB}" + mysql "${MYSQL_OPTS[@]}" -e "GRANT ALL PRIVILEGES ON ${DB}.* TO '${USER}'@'%'" -echo "Created database {{ $db }} and user {{ $dbInfos.user }}." -{{ end }} + echo "Created database ${DB} and user ${USER}." +done <