diff options
5 files changed, 58 insertions, 1 deletions
diff --git a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-cnfm-db.sh b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-cnfm-db.sh new file mode 100644 index 0000000000..cb343bc954 --- /dev/null +++ b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-cnfm-db.sh @@ -0,0 +1,39 @@ +#!/bin/sh +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2023 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +echo "Creating cnfm database . . ." 1>/tmp/mariadb-cnfmdb.log 2>&1 + +prepare_password() +{ + echo "$1" | sed -e "s/'/\\\\'/g; s/\"/\\\\\"/g" +} + +CNFM_DB_PASSWORD=`prepare_password $CNFM_DB_PASSWORD` + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << EOF || exit 1 +CREATE DATABASE /*!32312 IF NOT EXISTS*/ cnfm /*!40100 DEFAULT CHARACTER SET latin1 */; +DROP USER IF EXISTS '${CNFM_DB_USER}'; +CREATE USER '${CNFM_DB_USER}'; +GRANT ALL on cnfm.* to '${CNFM_DB_USER}' identified by '${CNFM_DB_PASSWORD}' with GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +echo "Created cnfm database . . ." 1>>/tmp/mariadb-cnfmdb.log 2>&1
\ No newline at end of file diff --git a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/98-create-so-user.sh b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/98-create-so-user.sh index 33c4b32146..bf8ae781c0 100755 --- a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/98-create-so-user.sh +++ b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/98-create-so-user.sh @@ -4,6 +4,7 @@ # ============LICENSE_START========================================== # =================================================================== # Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright (C) 2022/23 Nordix Foundation # =================================================================== # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,6 +41,7 @@ GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON requestdb.* TO '${DB GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON catalogdb.* TO '${DB_USER}'@'%'; GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON camundabpmn.* TO '${DB_USER}'@'%'; GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON nfvo.* TO '${DB_USER}'@'%'; +GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON cnfm.* TO '${DB_USER}'@'%'; FLUSH PRIVILEGES; EOF diff --git a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/99-create-so-admin.sh b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/99-create-so-admin.sh index 069556f51c..74b869cd54 100755 --- a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/99-create-so-admin.sh +++ b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/99-create-so-admin.sh @@ -4,6 +4,7 @@ # ============LICENSE_START========================================== # =================================================================== # Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright (C) 2022/23 Nordix Foundation # =================================================================== # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,6 +41,7 @@ GRANT ALL PRIVILEGES ON camundabpmn.* TO '${DB_ADMIN}'@'%' WITH GRANT OPTION; GRANT ALL PRIVILEGES ON requestdb.* TO '${DB_ADMIN}'@'%' WITH GRANT OPTION; GRANT ALL PRIVILEGES ON catalogdb.* TO '${DB_ADMIN}'@'%' WITH GRANT OPTION; GRANT ALL PRIVILEGES ON nfvo.* TO '${DB_ADMIN}'@'%' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON cnfm.* TO '${DB_ADMIN}'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES; EOF diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml index d9c6009c8a..60c40b67d1 100644 --- a/kubernetes/so/components/so-mariadb/templates/job.yaml +++ b/kubernetes/so/components/so-mariadb/templates/job.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright (C) 2022/23 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,7 +57,7 @@ spec: - | {{- if include "common.onServiceMesh" . }} echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql + mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo cnfm > /var/data/mariadb/backup-`date +%s`.sql volumeMounts: - mountPath: /etc/localtime name: localtime @@ -149,6 +150,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nfvo-db-creds" "key" "login") | indent 10 }} - name: NFVO_DB_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nfvo-db-creds" "key" "password") | indent 10 }} + - name: CNFM_DB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnfm-db-creds" "key" "login") | indent 10 }} + - name: CNFM_DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnfm-db-creds" "key" "password") | indent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml index 13dd0868e8..bf546a2776 100755 --- a/kubernetes/so/components/so-mariadb/values.yaml +++ b/kubernetes/so/components/so-mariadb/values.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright (C) 2022-23 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -89,6 +90,11 @@ secrets: externalSecret: '{{ tpl (default "" .Values.db.nfvo.dbCredsExternalSecret) . }}' login: '{{ .Values.db.nfvo.userName }}' password: '{{ .Values.db.nfvo.password }}' + - uid: cnfm-db-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.cnfm.dbCredsExternalSecret) . }}' + login: '{{ .Values.db.cnfm.userName }}' + password: '{{ .Values.db.cnfm.password }}' ################################################################# # Application configuration defaults. @@ -127,6 +133,9 @@ db: nfvo: userName: nfvouser # dbCredsExternalSecret: some secret + cnfm: + userName: cnfmuser + # dbCredsExternalSecret: some secret # application configuration config: |