Merge pull request #2101 from muawiakh/mongodb-container-update

Add support for optional users in MongoDB user creation

k8s/mongodb/container/configure_mdb_users.template.js

@@ -1,5 +1,10 @@
+var configure_adminUser = CONFIGURE_ADMIN_USER;
+var configure_bdbUser = CONFIGURE_BDB_USER;
+var configure_mdbMonUser = CONFIGURE_MDB_MON_USER;
 db = db.getSiblingDB("admin");
-db.createUser({
+
+if (configure_adminUser) {
+    db.createUser({
         user: "MONGODB_ADMIN_USERNAME",
         pwd: "MONGODB_ADMIN_PASSWORD",
         roles: [{
@@ -11,10 +16,11 @@ db.createUser({
                 db: "admin"
             }
         ]
-});
+    });
-db = db.getSiblingDB("admin");
+}
-db.auth("MONGODB_ADMIN_USERNAME", "MONGODB_ADMIN_PASSWORD");
+if (configure_adminUser && configure_bdbUser) {
-db.getSiblingDB("$external").runCommand({
+    db.auth("MONGODB_ADMIN_USERNAME", "MONGODB_ADMIN_PASSWORD");
+    db.getSiblingDB("$external").runCommand({
         createUser: 'BDB_USERNAME',
         writeConcern: {
             w: 'majority',
@@ -29,8 +35,11 @@ db.getSiblingDB("$external").runCommand({
                 db: 'admin'
             }
         ]
-});
+    });
-db.getSiblingDB("$external").runCommand({
+}
+if (configure_adminUser && configure_mdbMonUser) {
+    db.auth("MONGODB_ADMIN_USERNAME", "MONGODB_ADMIN_PASSWORD");
+    db.getSiblingDB("$external").runCommand({
         createUser: 'MDB_MON_USERNAME',
         writeConcern: {
             w: 'majority',
@@ -40,4 +49,5 @@ db.getSiblingDB("$external").runCommand({
             role: 'clusterMonitor',
             db: 'admin'
         }]
-});
+    });
+}

k8s/mongodb/container/mongod_entrypoint.bash

@@ -102,14 +102,26 @@ fi
 
 # Only configure if all variables are set
 if [[ -n "${mongodb_admin_username}" && \
-        -n "${mongodb_admin_password}" && \
+        -n "${mongodb_admin_password}" ]]; then
-        -n "${bdb_username}" && \
-    -n "${mdb_mon_username}" ]]; then
     sed -i "s|MONGODB_ADMIN_USERNAME|${mongodb_admin_username}|g" ${MONGODB_CONFIGURE_USERS_PATH}
     sed -i "s|MONGODB_ADMIN_PASSWORD|${mongodb_admin_password}|g" ${MONGODB_CONFIGURE_USERS_PATH}
+    sed -i "s|CONFIGURE_ADMIN_USER|true|g" ${MONGODB_CONFIGURE_USERS_PATH}
+else
+    sed -i "s|CONFIGURE_ADMIN_USER|false|g" ${MONGODB_CONFIGURE_USERS_PATH}
+fi
+
+if [[ -n "${bdb_username}" ]]; then
     sed -i "s|BDB_USERNAME|${bdb_username}|g" ${MONGODB_CONFIGURE_USERS_PATH}
+    sed -i "s|CONFIGURE_BDB_USER|true|g" ${MONGODB_CONFIGURE_USERS_PATH}
+else
+    sed -i "s|CONFIGURE_BDB_USER|false|g" ${MONGODB_CONFIGURE_USERS_PATH}
+fi
+
+if [[ -n "${mdb_mon_username}" ]]; then
     sed -i "s|MDB_MON_USERNAME|${mdb_mon_username}|g" ${MONGODB_CONFIGURE_USERS_PATH}
-    echo "True" > /tmp/configure_mongo
+    sed -i "s|CONFIGURE_MDB_MON_USER|true|g" ${MONGODB_CONFIGURE_USERS_PATH}
+else
+    sed -i "s|CONFIGURE_MDB_MON_USER|false|g" ${MONGODB_CONFIGURE_USERS_PATH}
 fi
 
 # add the hostname and ip to hosts file

k8s/scripts/configure_mdb.sh

@@ -14,7 +14,7 @@ fi
 MONGODB_INSTANCE_NAME=$1
 
 if [[ -n "$MONGODB_INSTANCE_NAME" ]]; then
-    /usr/local/bin/kubectl exec -it "${MONGODB_INSTANCE_NAME}"\-ss\-0 -- bash -c "if [[ -f /tmp/configure_mongo && -n \$(cat /tmp/configure_mongo) ]]; then  /usr/bin/mongo --host localhost --port \$(printenv MONGODB_PORT) --ssl --sslCAFile /etc/mongod/ca/ca.pem --sslPEMKeyFile  /etc/mongod/ssl/mdb-instance.pem < /configure_mdb_users.js; fi"
+    /usr/local/bin/kubectl exec -it "${MONGODB_INSTANCE_NAME}"\-ss\-0 -- bash -c "/usr/bin/mongo --host localhost --port \$(printenv MONGODB_PORT) --ssl --sslCAFile /etc/mongod/ca/ca.pem --sslPEMKeyFile  /etc/mongod/ssl/mdb-instance.pem < /configure_mdb_users.js"
 else
     echo "Skipping configuration, because relevant files don't exist!!!"
 fi