Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update PS images #7380

Merged
merged 1 commit into from
Jan 30, 2020
Merged

Update PS images #7380

merged 1 commit into from
Jan 30, 2020

Conversation

hors
Copy link
Contributor

@hors hors commented Jan 30, 2020

No description provided.

@tianon
Copy link
Member

tianon commented Jan 30, 2020

Diff:
diff --git a/_bashbrew-list b/_bashbrew-list
index fa5d469..3c50a1a 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -2,18 +2,18 @@ percona:5
 percona:5-centos
 percona:5.6
 percona:5.6-centos
-percona:5.6.45
-percona:5.6.45-centos
+percona:5.6.47
+percona:5.6.47-centos
 percona:5.7
 percona:5.7-centos
-percona:5.7.26
-percona:5.7.26-centos
+percona:5.7.28
+percona:5.7.28-centos
 percona:8
 percona:8-centos
 percona:8.0
 percona:8.0-centos
-percona:8.0.16-7
-percona:8.0.16-7-centos
+percona:8.0.18-9
+percona:8.0.18-9-centos
 percona:centos
 percona:latest
 percona:psmdb-3.6
@@ -22,9 +22,9 @@ percona:psmdb-4.0
 percona:psmdb-4.0.14
 percona:ps-5
 percona:ps-5.6
-percona:ps-5.6.45
+percona:ps-5.6.47
 percona:ps-5.7
-percona:ps-5.7.26
+percona:ps-5.7.28
 percona:ps-8
 percona:ps-8.0
-percona:ps-8.0.16-7
+percona:ps-8.0.18-9
diff --git a/percona_latest/Dockerfile-dockerhub b/percona_latest/Dockerfile-dockerhub
index 898b11a..f8c8f5e 100644
--- a/percona_latest/Dockerfile-dockerhub
+++ b/percona_latest/Dockerfile-dockerhub
@@ -1,33 +1,40 @@
 FROM centos:7
-MAINTAINER Percona Development <info@percona.com>
+
+LABEL org.opencontainers.image.authors="info@percona.com"
 
 RUN groupdel input && groupadd -g 999 mysql
 RUN useradd -u 999 -r -g 999 -s /sbin/nologin \
 		-c "Default Application User" mysql
 
 # check repository package signature in secure way
-RUN export GNUPGHOME="$(mktemp -d)" \
-	&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A \
-	&& gpg --export --armor 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A > ${GNUPGHOME}/RPM-GPG-KEY-Percona \
-	&& rpmkeys --import ${GNUPGHOME}/RPM-GPG-KEY-Percona /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 \
-        && curl -L -o /tmp/percona-release.rpm https://repo.percona.com/percona/yum/percona-release-0.1-10.noarch.rpm \
-	&& rpmkeys --checksig /tmp/percona-release.rpm \
-	&& yum install -y /tmp/percona-release.rpm \
-	&& rm -rf "$GNUPGHOME" /tmp/percona-release.rpm \
-        && percona-release enable original release
+RUN set -ex; \
+    export GNUPGHOME="$(mktemp -d)"; \
+    gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A; \
+    gpg --batch --export --armor 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A > ${GNUPGHOME}/RPM-GPG-KEY-Percona; \
+    rpmkeys --import ${GNUPGHOME}/RPM-GPG-KEY-Percona /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7; \
+    curl -Lf -o /tmp/percona-release.rpm https://repo.percona.com/yum/percona-release-latest.noarch.rpm; \
+    rpmkeys --checksig /tmp/percona-release.rpm; \
+    yum install -y /tmp/percona-release.rpm; \
+    rm -rf "$GNUPGHOME" /tmp/percona-release.rpm; \
+    rpm --import /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY; \
+    percona-release disable all; \
+    percona-release enable original release
 
 # install exact version of PS for repeatability
-ENV PERCONA_VERSION 5.7.26-29.1.el7
+ENV PERCONA_VERSION 5.7.28-31.1.el7
 
-RUN yum install -y \
+RUN set -ex; \
+    yum install -y \
         Percona-Server-server-57-${PERCONA_VERSION} \
         Percona-Server-tokudb-57-${PERCONA_VERSION} \
         Percona-Server-rocksdb-57-${PERCONA_VERSION} \
         jemalloc \
+        openssl \
         which \
-		policycoreutils \
-	&& yum clean all \
-	&& rm -rf /var/cache/yum /var/lib/mysql
+        policycoreutils; \
+    \
+    yum clean all; \
+    rm -rf /var/cache/yum /var/lib/mysql
 
 # purge and re-create /var/lib/mysql with appropriate ownership
 RUN /usr/bin/install -m 0775 -o mysql -g root -d /var/lib/mysql /var/run/mysqld /docker-entrypoint-initdb.d \
diff --git a/percona_latest/ps-entry.sh b/percona_latest/ps-entry.sh
index da9088c..4be247d 100755
--- a/percona_latest/ps-entry.sh
+++ b/percona_latest/ps-entry.sh
@@ -103,7 +103,7 @@ if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
 		mkdir -p "$DATADIR"
 
 		echo 'Initializing database'
-		"$@" --initialize-insecure
+		"$@" --initialize-insecure --skip-ssl
 		echo 'Database initialized'
 
 		if command -v mysql_ssl_rsa_setup > /dev/null && [ ! -e "$DATADIR/server-key.pem" ]; then
diff --git a/percona_ps-5.6/Dockerfile-dockerhub b/percona_ps-5.6/Dockerfile-dockerhub
index 76c0d78..5c9e2f8 100644
--- a/percona_ps-5.6/Dockerfile-dockerhub
+++ b/percona_ps-5.6/Dockerfile-dockerhub
@@ -1,35 +1,41 @@
 FROM centos:7
-MAINTAINER Percona Development <info@percona.com>
+
+LABEL org.opencontainers.image.authors="info@percona.com"
 
 RUN groupdel input && groupadd -g 999 mysql
 RUN useradd -u 999 -r -g 999 -s /sbin/nologin \
 		-c "Default Application User" mysql
 
 # check repository package signature in secure way
-RUN export GNUPGHOME="$(mktemp -d)" \
-	&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A \
-	&& gpg --export --armor 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A > ${GNUPGHOME}/RPM-GPG-KEY-Percona \
-	&& rpmkeys --import ${GNUPGHOME}/RPM-GPG-KEY-Percona /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 \
-	&& curl -L -o /tmp/percona-release.rpm https://repo.percona.com/centos/7/RPMS/noarch/percona-release-0.1-8.noarch.rpm \
-	&& rpmkeys --checksig /tmp/percona-release.rpm \
-	&& yum install -y /tmp/percona-release.rpm \
-	&& rm -rf "$GNUPGHOME" /tmp/percona-release.rpm \
-	&& rpm --import /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY \
-	&& percona-release disable all \
-	&& percona-release enable percona release
+RUN set -ex; \
+    export GNUPGHOME="$(mktemp -d)"; \
+    gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A; \
+    gpg --batch --export --armor 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A > ${GNUPGHOME}/RPM-GPG-KEY-Percona; \
+    rpmkeys --import ${GNUPGHOME}/RPM-GPG-KEY-Percona /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7; \
+    \
+    curl -Lf -o /tmp/percona-release.rpm https://repo.percona.com/yum/percona-release-latest.noarch.rpm; \
+    rpmkeys --checksig /tmp/percona-release.rpm; \
+    yum install -y /tmp/percona-release.rpm; \
+    \
+    rm -rf "$GNUPGHOME" /tmp/percona-release.rpm; \
+    rpm --import /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY; \
+    \
+    percona-release disable all; \
+    percona-release enable original release
 
 # install exact version of PS for repeatability
-ENV PERCONA_VERSION 5.6.45-rel86.1.el7
+ENV PERCONA_VERSION 5.6.47-rel87.0.1.el7
 
-RUN yum install -y \
+RUN set -ex; \
+    yum install -y \
         Percona-Server-server-56-${PERCONA_VERSION} \
         Percona-Server-tokudb-56-${PERCONA_VERSION} \
-		Percona-Server-rocksdb-56-${PERCONA_VERSION} \
         jemalloc \
         which \
-		policycoreutils \
-	&& yum clean all \
-	&& rm -rf /var/cache/yum /var/lib/mysql
+        policycoreutils; \
+    \
+    yum clean all; \
+    rm -rf /var/cache/yum /var/lib/mysql
 
 # purge and re-create /var/lib/mysql with appropriate ownership
 RUN /usr/bin/install -m 0775 -o mysql -g root -d /etc/my.cnf.d /var/lib/mysql /var/run/mysqld /docker-entrypoint-initdb.d \
diff --git a/percona_ps-8/Dockerfile b/percona_ps-8/Dockerfile
index 6c32fa8..60d1b92 100644
--- a/percona_ps-8/Dockerfile
+++ b/percona_ps-8/Dockerfile
@@ -1,35 +1,39 @@
 FROM centos:7
-MAINTAINER Percona Development <info@percona.com>
+
+LABEL org.opencontainers.image.authors="info@percona.com"
 
 RUN groupadd -g 1001 mysql
 RUN useradd -u 1001 -r -g 1001 -s /sbin/nologin \
 		-c "Default Application User" mysql
 
 # check repository package signature in secure way
-RUN export GNUPGHOME="$(mktemp -d)" \
-	&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A \
-	&& gpg --export --armor 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A > ${GNUPGHOME}/RPM-GPG-KEY-Percona \
-	&& rpmkeys --import ${GNUPGHOME}/RPM-GPG-KEY-Percona /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 \
-	&& curl -L -o /tmp/percona-release.rpm https://repo.percona.com/yum/percona-release-latest.noarch.rpm \
-	&& rpmkeys --checksig /tmp/percona-release.rpm \
-	&& yum install -y /tmp/percona-release.rpm \
-	&& rm -rf "$GNUPGHOME" /tmp/percona-release.rpm \
-	&& rpm --import /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY \
-	&& percona-release disable all \
-	&& percona-release setup ps80
+RUN set -ex; \
+    export GNUPGHOME="$(mktemp -d)"; \
+    gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A; \ 
+    gpg --batch --export --armor 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A > ${GNUPGHOME}/RPM-GPG-KEY-Percona; \
+    rpmkeys --import ${GNUPGHOME}/RPM-GPG-KEY-Percona /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7; \
+    curl -Lf -o /tmp/percona-release.rpm https://repo.percona.com/yum/percona-release-latest.noarch.rpm; \
+    rpmkeys --checksig /tmp/percona-release.rpm; \
+    yum install -y /tmp/percona-release.rpm; \
+    rm -rf "$GNUPGHOME" /tmp/percona-release.rpm; \
+    rpm --import /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY; \
+    percona-release disable all; \
+    percona-release setup ps80
 
 # install exact version of PS for repeatability
-ENV PERCONA_VERSION 8.0.16-7.1.el7
+ENV PERCONA_VERSION 8.0.18-9.1.el7
 
-RUN yum install -y \
+RUN set -ex; \
+    yum install -y \
         percona-server-server-${PERCONA_VERSION} \
         percona-server-tokudb-${PERCONA_VERSION} \
         percona-server-rocksdb-${PERCONA_VERSION} \
         jemalloc \
         which \
-		policycoreutils \
-	&& yum clean all \
-	&& rm -rf /var/cache/yum /var/lib/mysql
+        policycoreutils; \
+    \
+    yum clean all; \
+    rm -rf /var/cache/yum /var/lib/mysql
 
 # purge and re-create /var/lib/mysql with appropriate ownership
 RUN /usr/bin/install -m 0775 -o mysql -g root -d /var/lib/mysql /var/run/mysqld /docker-entrypoint-initdb.d \

@tianon
Copy link
Member

tianon commented Jan 30, 2020

LGTM

Build test of #7380; a291fe0; amd64 (percona):

$ bashbrew build percona:8.0.18-9-centos
Building bashbrew/cache:87f60dda007e6723e8efcdd7698b0064a890fd4db97c88b48c7180e9868deb09 (percona:8.0.18-9-centos)
Tagging percona:8.0.18-9-centos
Tagging percona:8.0-centos
Tagging percona:8-centos
Tagging percona:8.0.18-9
Tagging percona:8.0
Tagging percona:8
Tagging percona:ps-8.0.18-9
Tagging percona:ps-8.0
Tagging percona:ps-8

$ test/run.sh percona:8.0.18-9-centos
testing percona:8.0.18-9-centos
	'utc' [1/9]...passed
	'cve-2014--shellshock' [2/9]...passed
	'no-hard-coded-passwords' [3/9]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/9]...passed
	'mysql-basics' [5/9]......passed
	'mysql-initdb' [6/9].......passed
	'mysql-log-bin' [7/9]......passed
	'percona-tokudb' [8/9].......passed
	'percona-rocksdb' [9/9]......passed


$ bashbrew build percona:5.7.28-centos
Building bashbrew/cache:946151c81186b41f7a86ecdc4aaee37b35d004ae306a66cd57577d8cbbc59c9d (percona:5.7.28-centos)
Tagging percona:5.7.28-centos
Tagging percona:5.7-centos
Tagging percona:5-centos
Tagging percona:centos
Tagging percona:5.7.28
Tagging percona:5.7
Tagging percona:5
Tagging percona:ps-5.7.28
Tagging percona:ps-5.7
Tagging percona:ps-5
Tagging percona:latest

$ test/run.sh percona:5.7.28-centos
testing percona:5.7.28-centos
	'utc' [1/9]...passed
	'cve-2014--shellshock' [2/9]...passed
	'no-hard-coded-passwords' [3/9]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/9]...passed
	'mysql-basics' [5/9]......passed
	'mysql-initdb' [6/9]......passed
	'mysql-log-bin' [7/9]......passed
	'percona-tokudb' [8/9].......passed
	'percona-rocksdb' [9/9]......passed


$ bashbrew build percona:5.6.47-centos
Building bashbrew/cache:cc020da0fafd3ef3c5148612b89b220a40c23b33a6344db768a120c8ff0d684f (percona:5.6.47-centos)
Tagging percona:5.6.47-centos
Tagging percona:5.6-centos
Tagging percona:5.6.47
Tagging percona:5.6
Tagging percona:ps-5.6.47
Tagging percona:ps-5.6

$ test/run.sh percona:5.6.47-centos
testing percona:5.6.47-centos
	'utc' [1/9]...passed
	'cve-2014--shellshock' [2/9]...passed
	'no-hard-coded-passwords' [3/9]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/9]...passed
	'mysql-basics' [5/9].......passed
	'mysql-initdb' [6/9].......passed
	'mysql-log-bin' [7/9].......passed
	'percona-tokudb' [8/9]........passed
	'percona-rocksdb' [9/9]...passed


$ bashbrew build percona:psmdb-4.0.14
Using bashbrew/cache:12aaefdac950a83da33082ae1c10415c84a9d2a0eedfa45533519714e3db1b99 (percona:psmdb-4.0.14)
Tagging percona:psmdb-4.0.14
Tagging percona:psmdb-4.0

$ test/run.sh percona:psmdb-4.0.14
testing percona:psmdb-4.0.14
	'utc' [1/8]...passed
	'cve-2014--shellshock' [2/8]...passed
	'no-hard-coded-passwords' [3/8]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/8]...+ exec echo 'Hello world-27980-6716'
passed
	'mongo-basics' [5/8]....passed
	'mongo-auth-basics' [6/8]....passed
	'mongo-tls-basics' [7/8]...passed
	'mongo-tls-auth' [8/8]....passed


$ bashbrew build percona:psmdb-3.6.16
Using bashbrew/cache:444c4f8d2f801c02b2df27c6066685bd3f29586e257c847f159ff64bc1dcfb15 (percona:psmdb-3.6.16)
Tagging percona:psmdb-3.6.16
Tagging percona:psmdb-3.6

$ test/run.sh percona:psmdb-3.6.16
testing percona:psmdb-3.6.16
	'utc' [1/8]...passed
	'cve-2014--shellshock' [2/8]...passed
	'no-hard-coded-passwords' [3/8]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/8]...+ exec echo 'Hello world-14556-30788'
passed
	'mongo-basics' [5/8]....passed
	'mongo-auth-basics' [6/8]....passed
	'mongo-tls-basics' [7/8]...passed
	'mongo-tls-auth' [8/8]....passed

@tianon tianon merged commit 2a649e0 into docker-library:master Jan 30, 2020
@hors hors deleted the update-ps-images branch January 30, 2020 22:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants