X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fportal%2Fcomponents%2Fportal-mariadb%2Fresources%2Fconfig%2Fmariadb%2Fdocker-entrypoint.sh;h=40341bec113009363a98dc47d78ad585fa24698f;hb=3091ed446f8608e096462b8878333aab4bd27864;hp=c4a21b927f80c198c11430a04021287b08e7c512;hpb=f2c596ce55a2fa00280052d2924d69ffdccbcb71;p=oom.git diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index c4a21b927f..40341bec11 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -1,4 +1,5 @@ #!/bin/bash + set -eo pipefail shopt -s nullglob @@ -30,10 +31,15 @@ file_env() { mysql_error "Both $var and $fileVar are set (but are exclusive)" fi local val="$def" + # val="${!var}" + # val="$(< "${!fileVar}")" + # eval replacement of the bashism equivalents above presents no security issue here + # since var and fileVar variables contents are derived from the file_env() function arguments. + # This method is only called inside this script with a limited number of possible values. if [ "${!var:-}" ]; then - val="${!var}" + eval val=\$$var elif [ "${!fileVar:-}" ]; then - val="$(< "${!fileVar}")" + val="$(< "$(eval echo "\$$fileVar")")" fi export "$var"="$val" unset "$fileVar" @@ -103,11 +109,11 @@ docker_temp_server_start() { for i in {30..0}; do # only use the root password if the database has already been initializaed # so that it won't try to fill in a password file when it hasn't been set yet - extraArgs=() + extraArgs="" if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - extraArgs+=( '--dont-use-mysql-root-password' ) + extraArgs=${extraArgs}" --dont-use-mysql-root-password" fi - if echo 'SELECT 1' |docker_process_sql "${extraArgs[@]}" --database=mysql >/dev/null 2>&1; then + if echo 'SELECT 1' |docker_process_sql ${extraArgs} --database=mysql >/dev/null 2>&1; then break fi sleep 1 @@ -150,15 +156,15 @@ docker_create_db_directories() { # initializes the database directory docker_init_database_dir() { mysql_note "Initializing database files" - installArgs=( --datadir="$DATADIR" --rpm ) + installArgs=" --datadir=$DATADIR --rpm " if { mysql_install_db --help || :; } | grep -q -- '--auth-root-authentication-method'; then # beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password # see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3 # (this flag doesn't exist in 10.0 and below) - installArgs+=( --auth-root-authentication-method=normal ) + installArgs=${installArgs}" --auth-root-authentication-method=normal" fi # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here) - mysql_install_db "${installArgs[@]}" "${@:2}" + mysql_install_db ${installArgs} "${@:2}" mysql_note "Database files initialized" } @@ -189,9 +195,9 @@ docker_setup_env() { # ie: docker_process_sql --database=mydb <<<'INSERT ...' # ie: docker_process_sql --dont-use-mysql-root-password --database=mydb