mariadb - add a .my.cnf file

This will ease the interaction with the mariadb database. From the pod, one can just type 'mysql' w/o args to interact. Change-Id: I5d01f06a4b3cd9f9f57402e258365be9bb1a2a3d
softwarefactory-project · Mar 27, 2024 · 6c209cf · 6c209cf
1 parent 32e2e38
commit 6c209cf
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 12 deletions.
diff --git a/cli/cmd/backup.go b/cli/cmd/backup.go
@@ -158,22 +158,13 @@ func createMySQLBackup(ns string, backupDir string, kubeClientSet *kubernetes.Cl
 	// create MariaDB dir
 	mariaDBBackupDir := backupDir + "/mariadb/"
 	cliutils.CreateDirectory(mariaDBBackupDir, 0755)
-	mariadbPass := cliutils.GetSecretValue(ns, kubeClientSet, controllers.MariadbAdminPass)
-
-	if mariadbPass == nil {
-		ctrl.Log.Error(errors.New("MariaDB password is missing"),
-			"Can not continue. Password in the MariaDB secret is empty!")
-		os.Exit(1)
-	}
 
 	pod := cliutils.GetPodByName(dbBackupPod, ns, kubeClientSet)
 
 	// NOTE: We use option: --single-transaction to avoid error:
 	// "The user specified as a definer ('mariadb.sys'@'localhost') does not exist" when using LOCK TABLES
 	backupZuulCMD := []string{
 		"mysqldump",
-		"-uroot",
-		"-p" + *mariadbPass,
 		"--databases",
 		"zuul",
 		"--single-transaction",

diff --git a/controllers/mariadb.go b/controllers/mariadb.go
@@ -32,6 +32,9 @@ const (
 //go:embed static/mariadb/fluentbit/fluent-bit.conf.tmpl
 var mariadbFluentBitForwarderConfig string
 
+//go:embed static/mariadb/my.cnf.tmpl
+var mariadbMyCNF string
+
 type ZuulDBOpts struct {
 	Username string
 	Password string
@@ -169,7 +172,23 @@ func (r *SFController) DBPostInit(configSecret apiv1.Secret) apiv1.Secret {
 }
 
 func (r *SFController) DeployMariadb() bool {
-	r.EnsureSecretUUID(MariadbAdminPass)
+	adminPassSecret := r.EnsureSecretUUID(MariadbAdminPass)
+
+	myCNF, _ := utils.ParseString(mariadbMyCNF,
+		struct {
+			MYSQLRootPassword string
+		}{MYSQLRootPassword: string(adminPassSecret.Data["mariadb-root-password"])})
+
+	configSecret := apiv1.Secret{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "mariadb-config-secrets",
+			Namespace: r.ns,
+		},
+		Data: map[string][]byte{
+			"my.cnf": []byte(myCNF),
+		},
+	}
+	r.EnsureSecret(&configSecret)
 
 	sts := r.mkStatefulSet(MariaDBIdent, base.MariaDBImage(), r.getStorageConfOrDefault(r.cr.Spec.MariaDB.DBStorage), apiv1.ReadWriteOnce)
 
@@ -194,6 +213,12 @@ func (r *SFController) DeployMariadb() bool {
 			Name:      "mariadb-run",
 			MountPath: "/run/mariadb",
 		},
+		{
+			Name:      "mariadb-config-secrets",
+			SubPath:   "my.cnf",
+			MountPath: "/var/lib/mysql/.my.cnf",
+			ReadOnly:  true,
+		},
 	}, volumeMountsStatsExporter...)
 	sts.Spec.Template.Spec.Containers[0].Env = []apiv1.EnvVar{
 		base.MkEnvVar("HOME", "/var/lib/mysql"),
@@ -207,10 +232,11 @@ func (r *SFController) DeployMariadb() bool {
 	sts.Spec.Template.Spec.Containers[0].LivenessProbe = base.MkReadinessTCPProbe(mariadbPort)
 	sts.Spec.Template.Spec.Volumes = []apiv1.Volume{
 		base.MkEmptyDirVolume("mariadb-run"),
+		base.MkVolumeSecret("mariadb-config-secrets", "mariadb-config-secrets"),
 	}
 
 	annotations := map[string]string{
-		"serial": "3",
+		"serial": "4",
 	}
 	if r.cr.Spec.FluentBitLogForwarding != nil {
 		fbVolume, fbSidecar := createLogForwarderSidecar(r, annotations)

diff --git a/controllers/static/mariadb/my.cnf.tmpl b/controllers/static/mariadb/my.cnf.tmpl
@@ -0,0 +1,4 @@
+[client]
+user=root
+host=localhost
+password={{ .MYSQLRootPassword }}
diff --git a/controllers/utils.go b/controllers/utils.go
@@ -236,7 +236,7 @@ func (r *SFUtilContext) ensureSecretFromFunc(name string, getData func() string)
 	return secret
 }
 
-// EnsureSecretUUID ensures a Secret caontaining an UUID
+// EnsureSecretUUID ensures a Secret containing an UUID
 // This function does not support update
 func (r *SFUtilContext) EnsureSecretUUID(name string) apiv1.Secret {
 	return r.ensureSecretFromFunc(name, utils.NewUUIDString)