We Keep Coding

Can a github action use the search api?

I'm trying to create a github action that searches all PRs in our repository with a specific label. The api call returns the correct result when running it locally with my personal access token but in the action it seems to get no results.
The default workflow permissions are "Read and write".
This is the action code:
name: Cleanup deploy-in-dev label
on:
workflow_dispatch:
schedule:
- cron: "15 1 * * *"
jobs:
cleanup:
runs-on: ubuntu-latest
steps:
- name: Search label deploy-in-dev
run: |-
curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${GITHUB_TOKEN}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"https://api.github.com/search/issues?q=repo:private-org/example+is:pull-request+is:open+label:deploy-in-dev" \
| grep "\"number\":" \
| sed 's/.*"number": \([0-9]*\),/\1/g' \
| while IFS= read -r pr_number; do
echo "Found pr with label with pr number ${pr_number}"
done
Could this be a permission error or do I miss something else?

There is a great GH action - GitHub Script. It allows writing scripts in your workflow and provides an easy and elegant way to run these scripts.
Working example:
name: Cleanup deploy-in-dev label
on:
workflow_dispatch:
schedule:
- cron: "15 1 * * *"
jobs:
cleanup:
name: Search and remove deploy-in-dev label
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: actions/github-script#v6
name: Search and remove deploy-in-dev label
with:
script: |
const label = 'deploy-in-dev';
const pullRequests = await github.rest.pulls.list({
owner: context.repo.owner,
repo: context.repo.repo,
state: 'open'
});
console.log(`Found ${pullRequests.data.length} Pull Request(s)`);
await Promise.all(pullRequests.data.map(async (pr) => {
if (pr.labels.filter(l => l.name === label).length === 0) {
console.log(`Skipping PR number ${pr.number}`);
return;
}
console.log(`Removing label ${label} from PR number ${pr.number}`);
await github.rest.issues.removeLabel({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: pr.number,
name: label
});
}));

I did not use the GITHUB_TOKEN correct. It needs to be ${{ secrets.GITHUB_TOKEN }} instead of ${ GIHTUB_TOKEN }. It works like this:
name: Cleanup deploy-in-dev label
on:
workflow_dispatch:
schedule:
- cron: "15 1 * * *"
jobs:
cleanup:
name: Search and remove deploy-in-dev label
runs-on: ubuntu-latest
permissions:
pull-requests: read
steps:
- name: Search and remove label deploy-in-dev
run: |-
curl --silent \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"https://api.github.com/search/issues?q=repo:${{ github.repository }}+is:pull-request+is:open+label:deploy-in-dev" \
| grep "\"number\":" \
| sed 's/.*"number": \([0-9]*\),/\1/g' \
| while IFS= read -r pr_number; do
echo "Found pr with label with pr number ${pr_number}"
done
As a bonus I added to minimal set of permissions to the action so that it still runs. The only permission needed is pull-requests: read. If the action should also be able to add or remove a label the permission needs to be pull-requests: write. The complete action I now use is this one:
name: Cleanup deploy-in-dev label
on:
workflow_dispatch:
schedule:
- cron: "15 1 * * *"
jobs:
cleanup:
name: Search and remove deploy-in-dev label
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Search and remove label deploy-in-dev
run: |-
curl --silent \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"https://api.github.com/search/issues?q=repo:${{ github.repository }}+is:pull-request+is:open+label:deploy-in-dev" \
| grep "\"number\":" \
| sed 's/.*"number": \([0-9]*\),/\1/g' \
| while IFS= read -r pr_number; do
echo "Removing label from pr number ${pr_number}"
curl --silent \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"\
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/${{ github.repository }}/issues/${pr_number}/labels/deploy-in-dev
done

Orion APIs authentication through Keycloak

I want to add authentication on my Orion APIs through my Keycloak IdM.
I know it is possible to use Orion together Pep Proxy Wilma and Keyrock to do this task, and a possible workaround can be to integrate keyrock with keycloak at this link (7 years ago).
Do you have some news or suggestion about this?
Thank you in advance.

there is a (relatively new) solution available. Instead of Wilma, you can use the Kong-API-Gateway as a PEP-Proxy with the FIWARE-PEP-Plugin. That way, authentication(and authorization) can be delegated to Keycloak. You can find more on that in those 2 presentations:
https://github.com/wistefan/presentations/blob/main/summit-gran-canaria/kong/FGS22-Kong.pdf
https://github.com/wistefan/presentations/blob/main/summit-gran-canaria/keycloak/FGS22-Keycloak.pdf

And the kong.yml file is:
_format_version: "2.1"
_transform: true
services:
- host: "orion_ip"
name: "orion"
path: "/v2"
port: 1026
protocol: http
routes:
- name: orion
paths:
- /orion
strip_path: true
plugins:
- name: pep-plugin
config:
authorizationendpointtype: Keycloak
authorizationendpointaddress: https://keycloak_ip
keycloakrealm: myrealm
keycloakclientid: clientid
keycloakclientsecret: clientsecret
keycloackadditionalclaims:
"http.fiware-servicepath": "fiware-servicepath"
"http.fiware-service": "fiware-service"

I found all params you need to run the docker image (in powershell):
docker run -d --name kong-dbless `
-v "$(pwd):/kong/declarative/" `
-e "KONG_DATABASE=off" `
-e "KONG_DECLARATIVE_CONFIG=/kong/declarative/kong.yml" `
-e "KONG_PROXY_ACCESS_LOG=/dev/stdout" `
-e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" `
-e "KONG_PROXY_ERROR_LOG=/dev/stderr" `
-e "KONG_ADMIN_ERROR_LOG=/dev/stderr" `
-e "KONG_ADMIN_LISTEN=0.0.0.0:8001" `
-e KONG_LICENSE_DATA `
-e "KONG_LOG_LEVEL=info" `
-e "KONG_PLUGINS=bundled,pep-plugin" `
-e "KONG_PLUGINSERVER_NAMES=pep-plugin" `
-e "KONG_PLUGINSERVER_PEP_PLUGIN_QUERY_CMD=/go-plugins/pep-plugin -dump" `
-e "KONG_PLUGINSERVER_PEP_PLUGIN_START_CMD=/go-plugins/pep-plugin" `
-p 8000:8000 `
-p 8001:8001 `
quay.io/fiware/kong:0.3.3

My website is not getting hosted on website

Github is giving me these error after I upload my files.
repository link:-https://github.com/AfeefRaza/Portfolio-Website-1
Error 1:-
Run actions/deploy-pages#v1
Actor: github-pages[bot]
Action ID: 2091853383
Artifact URL: https://pipelines.actions.githubusercontent.com/Fb6TQcCcTuMrPw6we84UTtEFv6ZUjoSpvGnhxGgBx0VnXE99Wb/_apis/pipelines/workflows/2091853383/artifacts?api-version=6.0-preview
{"count":0,"value":[]}
Failed to create deployment for d6e18250d6a3c6421e3f82fce880d737279754cc.
Error: Error: No uploaded artifact was found! Please check if there are any errors at build step.
Error: Error: No uploaded artifact was found! Please check if there are any errors at build step.
Sending telemetry for run id 2091853383
Error 2:-
Run actions/jekyll-build-pages#v1
/usr/bin/docker run --name ghcrioactionsjekyllbuildpagesv102_205186 --label 2bcf09 --workdir /github/workspace --rm -e INPUT_SOURCE -e INPUT_DESTINATION -e INPUT_FUTURE -e INPUT_BUILD_REVISION -e INPUT_VERBOSE -e INPUT_TOKEN -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e GITHUB_STEP_SUMMARY -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e ACTIONS_ID_TOKEN_REQUEST_URL -e ACTIONS_ID_TOKEN_REQUEST_TOKEN -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/Portfolio-Website-1/Portfolio-Website-1":"/github/workspace" ghcr.io/actions/jekyll-build-pages:v1.0.2
Configuration file: none
Logging at level: debug
GitHub Pages: github-pages v225
GitHub Pages: jekyll v3.9.0
Theme: jekyll-theme-primer
Theme source: /usr/local/bundle/gems/jekyll-theme-primer-0.6.0
Requiring: jekyll-github-metadata
Conversion error: Jekyll::Converters::Scss encountered an error while converting 'assets/css/style.scss':
No such file or directory # dir_chdir - /github/workspace/docs
Requiring: jekyll-seo-tag
Requiring: jekyll-coffeescript
Requiring: jekyll-commonmark-ghpages
Requiring: jekyll-gist
Requiring: jekyll-github-metadata
Requiring: jekyll-paginate
Requiring: jekyll-relative-links
Requiring: jekyll-optional-front-matter
Requiring: jekyll-readme-index
Requiring: jekyll-default-layout
Requiring: jekyll-titles-from-headings
GitHub Metadata: Initializing...
Source: /github/workspace/./docs
Destination: /github/workspace/./docs/_site
Incremental build: disabled. Enable with --incremental
Generating...
Generating: JekyllOptionalFrontMatter::Generator finished in 1.35e-05 seconds.
Generating: JekyllReadmeIndex::Generator finished in 6.8e-06 seconds.
Generating: Jekyll::Paginate::Pagination finished in 4.601e-06 seconds.
Generating: JekyllRelativeLinks::Generator finished in 3.41e-05 seconds.
Generating: JekyllDefaultLayout::Generator finished in 1.28e-05 seconds.
Generating: JekyllTitlesFromHeadings::Generator finished in 8.501e-06 seconds.
Rendering: assets/css/style.scss
Pre-Render Hooks: assets/css/style.scss
Rendering Markup: assets/css/style.scss
github-pages 225 | Error: No such file or directory # dir_chdir - /github/workspace/docs
/usr/local/bundle/gems/jekyll-sass-converter-1.5.2/lib/jekyll/converters/scss.rb:86:in chdir': No such file or directory # dir_chdir - /github/workspace/docs (Errno::ENOENT) from /usr/local/bundle/gems/jekyll-sass-converter-1.5.2/lib/jekyll/converters/scss.rb:86:in sass_load_paths'
from /usr/local/bundle/gems/jekyll-sass-converter-1.5.2/lib/jekyll/converters/scss.rb:114:in sass_configs' from /usr/local/bundle/gems/jekyll-sass-converter-1.5.2/lib/jekyll/converters/scss.rb:119:in convert'
from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/renderer.rb:101:in block in convert' from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/renderer.rb:99:in each'
from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/renderer.rb:99:in reduce' from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/renderer.rb:99:in convert'
from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/renderer.rb:83:in render_document' from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/renderer.rb:62:in run'
from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/site.rb:479:in render_regenerated' from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/site.rb:472:in block in render_pages'
from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/site.rb:471:in each' from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/site.rb:471:in render_pages'
from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/site.rb:192:in render' from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/site.rb:71:in process'
from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/command.rb:28:in process_site' from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/commands/build.rb:65:in build'
from /usr/local/bundle/gems/jekyll-3.9.0/lib/jekyll/commands/build.rb:36:in process' from /usr/local/bundle/gems/github-pages-225/bin/github-pages:70:in block (3 levels) in <top (required)>'
from /usr/local/bundle/gems/mercenary-0.3.6/lib/mercenary/command.rb:220:in block in execute' from /usr/local/bundle/gems/mercenary-0.3.6/lib/mercenary/command.rb:220:in each'
from /usr/local/bundle/gems/mercenary-0.3.6/lib/mercenary/command.rb:220:in execute' from /usr/local/bundle/gems/mercenary-0.3.6/lib/mercenary/program.rb:42:in go'
from /usr/local/bundle/gems/mercenary-0.3.6/lib/mercenary.rb:19:in program' from /usr/local/bundle/gems/github-pages-225/bin/github-pages:6:in <top (required)>'
from /usr/local/bundle/bin/github-pages:23:in load' from /usr/local/bundle/bin/github-pages:23:in '

Github Action not getting triggered

I want to use Github Action to trigger Jenkins build, when PR on develop branch is merged with changes in frontend/ dir. I have following file in .github/workflows/ if the repo
name: Trigger Jenkins Build [ Build-Portal ]
on:
push:
branches: [ develop ]
paths: 'frontend/**'
types: [closed]
jobs:
build:
name: Triggering Jenkins Build [ Build-Portal ]
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
steps:
- name: Trigger Build-Portal
uses: actions/trigger-jenkins#develop
with:
jenkins_url: "http://jenkins.example.net:8080/"
jenkins_user: ${{ secrets.JENKINS_USER }}
jenkins_token: ${{ secrets.JENKINS_USER_TOKEN }}
job_name: "Build-Portal"
job_params: '{"FRESH_BUILD":"True", "UI":"True", "BUILD_BRANCH":"develop", "DEPLOY_DEV":"True"}'
job_timeout: "3600" # Default 30 sec. (optional)
But I don't see this is getting triggered under tab /actions
I updated above workflow to
name: Trigger Jenkins Build [ Build-Portal ]
on:
pull_request:
branches: [ develop ]
types: [ closed ]
jobs:
trigger:
name: Triggering Jenkins Build [ Build-Portal ]
runs-on: ubuntu-latest
steps:
- name: Triggering Jenkins Build
uses: appleboy/jenkins-action#master
if: github.event.pull_request.merged == true
with:
url: "http://jenkins.example.net:8080/"
user: ${{ secrets.JENKINS_USER }}
token: ${{ secrets.JENKINS_USER_TOKEN }}
job: "Build-Portal"
with these changes, workflow is running, but getting failure with missing jenkins config
Run appleboy/jenkins-action#master
with:
url: http://jenkins.example.net:8080/
job: Build-Portal
/usr/bin/docker run --name a33c102b3a03f81d04bc7936bf41daf1ca949_52143d --label 8a33c1 --workdir /github/workspace --rm -e INPUT_URL -e INPUT_USER -e INPUT_TOKEN -e INPUT_JOB -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/Build-Portal/Build-Portal":"/github/workspace" 8a33c1:02b3a03f81d04bc7936bf41daf1ca949
2021/06/16 14:16:24 missing jenkins config
What I am missing here ?

Inject .sql files in order using a docker-compose

I'm running an MySQL server docker container using a docker-compose YAML file.
Here is how the file looks like:
version: '3.1'
services:
db:
image: mysql
command: --default-authentication-plugin=mysql_native_password
restart: always
volumes:
- ./mysql-dump/samples:/docker-entrypoint-initdb.d
environment:
MYSQL_ROOT_PASSWORD: example
MYSQL_DATABASE: db_example
adminer:
image: adminer
restart: always
ports:
- 8080:8080
In the db service, the volumne is set to ./mysql-dump/samples:/docker-entrypoint-initdb.d this takes .sql files from ./mysql-dump/sample to inject them to the database.
In my case I have two files file2.sql for the sql schema of the database, and file1.sql for the data.
Since the file appear to be injected in order, I get a NO SUCH TABLE ERROR, surely because the schema is injected last (because it's name is file2.sql)
Is there a way to reverse the order of the injection beside changing the names of the files?

If you go through the documentation of mysql Dockerhub it clearly mentioned that it will dump file in alphabetical order.
When a container is started for the first time, a new database with
the specified name will be created and initialized with the provided
configuration variables. Furthermore, it will execute files with
extensions .sh, .sql and .sql.gz that are found in
/docker-entrypoint-initdb.d. Files will be executed in alphabetical
order. You can easily populate your mysql services by mounting a SQL
dump into that directory and provide custom images with contributed
data. SQL files will be imported by default to the database specified
by the MYSQL_DATABASE variable.
You need to replace file name, suppose db.sql and table.sql so it will first dump db.sql then table.sql
Updated:
To reverse the order of MySQL dump, you have to modify the docker file and entry point.
FROM mysql:8
#From mysql
COPY docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
EXPOSE 3306 33060
CMD ["mysqld"]
ENTRYPOINT:
#!/bin/bash
set -x
set -eo pipefail
shopt -s nullglob
# if command starts with an option, prepend mysqld
if [ "${1:0:1}" = '-' ]; then
set -- mysqld "$#"
fi
# skip setup if they want an option that stops mysqld
wantHelp=
for arg; do
case "$arg" in
-'?'|--help|--print-defaults|-V|--version)
wantHelp=1
break
;;
esac
done
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# usage: process_init_file FILENAME MYSQLCOMMAND...
# ie: process_init_file foo.sh mysql -uroot
# (process a single initializer file, based on its extension. we define this
# function here, so that initializer scripts (*.sh) can use the same logic,
ls -r
process_init_file() {
local f="$1"; shift
local mysql=( "$#" )
case "$f" in
*.sh) echo "$0: running $f"; . "$f" ;;
*.sql) echo "$0: running $f"; "${mysql[#]}" < "$f"; echo ;;
*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[#]}"; echo ;;
*) echo "$0: ignoring $f" ;;
esac
echo
}
_check_config() {
toRun=( "$#" --verbose --help )
if ! errors="$("${toRun[#]}" 2>&1 >/dev/null)"; then
cat >&2 <<-EOM
ERROR: mysqld failed while attempting to check config
command was: "${toRun[*]}"
$errors
EOM
exit 1
fi
}
# Fetch value from server config
# We use mysqld --verbose --help instead of my_print_defaults because the
# latter only show values present in config files, and not server defaults
_get_config() {
local conf="$1"; shift
"$#" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \
| awk '$1 == "'"$conf"'" && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
# match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)"
}
# allow the container to be started with `--user`
if [ "$1" = 'mysqld' -a -z "$wantHelp" -a "$(id -u)" = '0' ]; then
_check_config "$#"
DATADIR="$(_get_config 'datadir' "$#")"
mkdir -p "$DATADIR"
chown -R mysql:mysql "$DATADIR"
exec gosu mysql "$BASH_SOURCE" "$#"
fi
if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
# still need to check config, container may have started with --user
_check_config "$#"
# Get config
DATADIR="$(_get_config 'datadir' "$#")"
if [ ! -d "$DATADIR/mysql" ]; then
file_env 'MYSQL_ROOT_PASSWORD'
if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
echo >&2 'error: database is uninitialized and password option is not specified '
echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
exit 1
fi
mkdir -p "$DATADIR"
echo 'Initializing database'
"$#" --initialize-insecure
echo 'Database initialized'
if command -v mysql_ssl_rsa_setup > /dev/null && [ ! -e "$DATADIR/server-key.pem" ]; then
# https://github.com/mysql/mysql-server/blob/23032807537d8dd8ee4ec1c4d40f0633cd4e12f9/packaging/deb-in/extra/mysql-systemd-start#L81-L84
echo 'Initializing certificates'
mysql_ssl_rsa_setup --datadir="$DATADIR"
echo 'Certificates initialized'
fi
SOCKET="$(_get_config 'socket' "$#")"
"$#" --skip-networking --socket="${SOCKET}" &
pid="$!"
mysql=( mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" )
for i in {30..0}; do
if echo 'SELECT 1' | "${mysql[#]}" &> /dev/null; then
break
fi
echo 'MySQL init process in progress...'
sleep 1
done
if [ "$i" = 0 ]; then
echo >&2 'MySQL init process failed.'
exit 1
fi
if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then
# sed is for https://bugs.mysql.com/bug.php?id=20545
mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[#]}" mysql
fi
if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
fi
rootCreate=
# default root to listen for connections from anywhere
file_env 'MYSQL_ROOT_HOST' '%'
if [ ! -z "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then
# no, we don't care if read finds a terminating character in this heredoc
# https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
read -r -d '' rootCreate <<-EOSQL || true
CREATE USER 'root'#'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
GRANT ALL ON *.* TO 'root'#'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;
EOSQL
fi
"${mysql[#]}" <<-EOSQL
-- What's done in this file shouldn't be replicated
-- or products like mysql-fabric won't work
SET ##SESSION.SQL_LOG_BIN=0;
ALTER USER 'root'#'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
GRANT ALL ON *.* TO 'root'#'localhost' WITH GRANT OPTION ;
${rootCreate}
DROP DATABASE IF EXISTS test ;
FLUSH PRIVILEGES ;
EOSQL
if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then
mysql+=( -p"${MYSQL_ROOT_PASSWORD}" )
fi
file_env 'MYSQL_DATABASE'
if [ "$MYSQL_DATABASE" ]; then
echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[#]}"
mysql+=( "$MYSQL_DATABASE" )
fi
file_env 'MYSQL_USER'
file_env 'MYSQL_PASSWORD'
if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
echo "CREATE USER '$MYSQL_USER'#'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[#]}"
if [ "$MYSQL_DATABASE" ]; then
echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'#'%' ;" | "${mysql[#]}"
fi
echo 'FLUSH PRIVILEGES ;' | "${mysql[#]}"
fi
echo
ls -r /docker-entrypoint-initdb.d/ > /dev/null
for f in $(ls -r /docker-entrypoint-initdb.d/*); do
process_init_file "$f" "${mysql[#]}"
done
if [ ! -z "$MYSQL_ONETIME_PASSWORD" ]; then
"${mysql[#]}" <<-EOSQL
ALTER USER 'root'#'%' PASSWORD EXPIRE;
EOSQL
fi
if ! kill -s TERM "$pid" || ! wait "$pid"; then
echo >&2 'MySQL init process failed.'
exit 1
fi
echo
echo 'MySQL init process done. Ready for start up.'
echo
fi
fi
exec "$#"
If you run the container, You will see the file is in processing reverse order