docker db image simplification

1. use mariadb image from docker registry to simplify set up.
2. remove harcoded root and user mariadb accounts
3. restrict access to user account to just specific databases.

Change-Id: Iaa916dbf2de2474fcc483a4be6167b4b92a2de61
Issue-ID: POLICY-650
Signed-off-by: Jorge Hernandez <jh1730@att.com>

12 files changed, 26 insertions, 79 deletions

diff --git a/README.md b/README.md
index 28936ca7..ec3f88ef 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,6 @@ To build it using Maven 3, first build 'policy/common', 'policy/engine', 'policy
 - Copy the files under policy-drools to target/policy-drools
 - Run the 'docker build' command on the following directories, in order:
 	policy-os
-	policy-db
 	policy-nexus
 	policy-base
 	target/policy-pe
@@ -14,7 +13,6 @@ To build it using Maven 3, first build 'policy/common', 'policy/engine', 'policy
 
 For example:
 docker build -t onap/policy/policy-os     policy-os
-docker build -t onap/policy/policy-db     policy-db
 docker build -t onap/policy/policy-nexus  policy-nexus
 docker build -t onap/policy/policy-base   policy-base
 docker build -t onap/policy/policy-pe     target/policy-pe
diff --git a/config/db/db.conf b/config/db/db.conf
new file mode 100644
index 00000000..958f8bf0
--- /dev/null
+++ b/config/db/db.conf
@@ -0,0 +1,3 @@
+MYSQL_ROOT_PASSWORD=secret
+MYSQL_USER=policy_user
+MYSQL_PASSWORD=policy_user
diff --git a/config/db/db.sh b/config/db/db.sh
new file mode 100644
index 00000000..0de1deb1
--- /dev/null
+++ b/config/db/db.sh
@@ -0,0 +1,9 @@
+#!/bin/bash -xv
+
+for db in support onap_sdk log
+do
+	mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
+	mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
+done
+
+mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;"
diff --git a/docker-compose-integration.yml b/docker-compose-integration.yml
index 5cbd401b..dbd708b9 100644
--- a/docker-compose-integration.yml
+++ b/docker-compose-integration.yml
@@ -1,9 +1,12 @@
 version: '2'
 services:
    mariadb:
-      image: onap/policy/policy-db
+      image: mariadb:10.0.34
       container_name: mariadb
       hostname: mariadb
+      command: ['--lower-case-table-names=1']
+      volumes:
+         - ./config/db:/docker-entrypoint-initdb.d
       expose:
        - 3306
    nexus:
diff --git a/docker-compose.yml b/docker-compose.yml
index 96fd5073..0196c796 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,9 +6,12 @@ networks:
       com.docker.network.driver.mtu: ${MTU}
 services:
    mariadb:
-      image: onap/policy/policy-db
+      image: mariadb:10.0.34
       container_name: mariadb
       hostname: mariadb
+      command: ['--lower-case-table-names=1']
+      volumes:
+         - ./config/db:/docker-entrypoint-initdb.d
       ports:
        - "3306:3306"
    nexus:
diff --git a/docker_build.sh b/docker_build.sh
index 4a8c416f..dd2f0e6d 100755
--- a/docker_build.sh
+++ b/docker_build.sh
@@ -43,7 +43,7 @@ echo $MVN_MAJMIN_VERSION
 cp policy-pe/* target/policy-pe/
 cp policy-drools/* target/policy-drools/
 
-for image in policy-os policy-nexus policy-db policy-base policy-drools policy-pe ; do
+for image in policy-os policy-nexus policy-base policy-drools policy-pe ; do
     echo "Building $image"
     mkdir -p target/$image
     cp $image/* target/$image
@@ -79,7 +79,7 @@ done
 
 docker images
 
-for image in policy-nexus policy-db policy-drools policy-pe; do
+for image in policy-nexus policy-drools policy-pe; do
     echo "Pushing $image"
 
     docker push ${DOCKER_REPOSITORY}/onap/policy/$image:latest
diff --git a/docker_merge.sh b/docker_merge.sh
index 83fd239d..25a5692a 100755
--- a/docker_merge.sh
+++ b/docker_merge.sh
@@ -43,7 +43,7 @@ echo $MVN_MAJMIN_VERSION
 cp policy-pe/* target/policy-pe/
 cp policy-drools/* target/policy-drools/
 
-for image in policy-os policy-nexus policy-db policy-base policy-drools policy-pe ; do
+for image in policy-os policy-nexus policy-base policy-drools policy-pe ; do
     echo "Building $image"
     mkdir -p target/$image
     cp $image/* target/$image
@@ -78,7 +78,7 @@ docker images
 #
 # Push images
 #
-for image in policy-nexus policy-db policy-drools policy-pe; do
+for image in policy-nexus policy-drools policy-pe; do
     echo "Pushing $image"
     docker push ${DOCKER_REPOSITORY}/onap/policy/$image:${MVN_MAJMIN_VERSION}-latest
 
diff --git a/docker_verify.sh b/docker_verify.sh
index 17eff0a1..cc3cb0d6 100755
--- a/docker_verify.sh
+++ b/docker_verify.sh
@@ -46,7 +46,7 @@ echo $MVN_MAJMIN_VERSION
 cp policy-pe/* target/policy-pe/
 cp policy-drools/* target/policy-drools/
 
-for image in policy-os policy-nexus policy-db policy-base policy-drools policy-pe ; do
+for image in policy-os policy-nexus policy-base policy-drools policy-pe ; do
     echo "Building $image"
     mkdir -p target/$image
     cp $image/* target/$image
diff --git a/policy-db/Dockerfile b/policy-db/Dockerfile
deleted file mode 100644
index 002313cd..00000000
--- a/policy-db/Dockerfile
+++ /dev/null
@@ -1,19 +0,0 @@
-FROM onap/policy/policy-os
-
-RUN \
-	apt-get clean && \
-	apt-get install -y apt-transport-https && \
-	apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \
-	add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu trusty main' && \
-	apt-get clean && \
-	apt-get update && \
-	apt-get install -y mariadb-server && \
-	touch /var/lib/mysql/firstrun
-
-COPY dbinit.sh do-start.sh /tmp/
-RUN bash /tmp/dbinit.sh
-
-# mount volumes to persist the data
-VOLUME /etc/mysql /var/lib/mysql
-
-CMD exec bash /tmp/do-start.sh
diff --git a/policy-db/dbinit.sh b/policy-db/dbinit.sh
deleted file mode 100644
index 19f4a5bd..00000000
--- a/policy-db/dbinit.sh
+++ /dev/null
@@ -1,38 +0,0 @@
-#sed -i '/^bind-address/s/127\.0\.0\.1/0.0.0.0/' /etc/mysql/my.cnf
-cat >/etc/mysql/conf.d/policy.cnf <<-'EOF'
-	[mysqld]
-	lower_case_table_names = 1
-	bind-address = 0.0.0.0
-EOF
-
-echo "Starting mysqld"
-service mysql start
-
-echo "Run mysql_secure_installation"
-/usr/bin/mysql_secure_installation <<-EOF
-
-	y
-	secret
-	secret
-	y
-	y
-	y
-	y
-EOF
-
-echo "Creating db schemas and user"
-mysql -uroot -psecret <<-EOF
-	create database xacml;
-	create database log;
-	create database support;
-	create table support.db_version(the_key varchar(20) not null, version varchar(20), primary key(the_key));
-	insert into support.db_version values('VERSION', '00');
-	insert into support.db_version values('DROOLS_VERSION', '00');
-	create user 'policy_user'@'localhost' identified by 'policy_user';
-	grant all privileges on *.* to 'policy_user'@'localhost' with grant option;
-	flush privileges;
-	select * from support.db_version;
-EOF
-
-echo "Stopping mysqld"
-service mysql stop
diff --git a/policy-db/do-start.sh b/policy-db/do-start.sh
deleted file mode 100755
index 49dbe0fe..00000000
--- a/policy-db/do-start.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#! /bin/bash
-
-# determine IP pattern associated with 'eth0' (assume net mask = 255.255.0.0)
-ipPattern=$(ifconfig eth0|sed -n -e 's/^.*inet addr:\([^\.]*.[^\.]*\)\..*$/\1.%.%/p')
-
-# start MySQL, and grant all privileges to the local network
-# (it doesn't hurt to do the 'grant' multiple times)
-service mysql start
-mysql -uroot -psecret \
-	-e "grant all privileges on *.* to 'policy_user'@'${ipPattern}' identified by 'policy_user' with grant option;"
-
-exec sleep 1000d
diff --git a/vagrant/setup_policy.sh b/vagrant/setup_policy.sh
index b1eda7c6..5a599a15 100755
--- a/vagrant/setup_policy.sh
+++ b/vagrant/setup_policy.sh
@@ -25,7 +25,7 @@ mvn prepare-package
 cp -r target/policy-pe/* policy-pe/
 cp -r target/policy-drools/* policy-drools
 
-for comp in policy-os policy-db policy-nexus policy-base policy-pe policy-drools
+for comp in policy-os policy-nexus policy-base policy-pe policy-drools
 do
     sudo docker build -t onap/policy/$comp $HOME/docker/$comp
 done