Mirroristas/bigchaindb
2
0
Fork 0
mirror of https://github.com/bigchaindb/bigchaindb.git synced 2024-10-13 13:34:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2101 from muawiakh/mongodb-container-update

Browse Source 
Add support for optional users in MongoDB user creation
This commit is contained in:
Ahmed Muawia Khan 2018-02-26 18:42:42 +01:00 committed by GitHub
commit d0874ccf9a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 66 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
k8s/mongodb/container/configure_mdb_users.template.js
View File

@ -1,43 +1,53 @@
var configure_adminUser = CONFIGURE_ADMIN_USER;
var configure_bdbUser = CONFIGURE_BDB_USER;
var configure_mdbMonUser = CONFIGURE_MDB_MON_USER;
db = db.getSiblingDB("admin"); db = db.getSiblingDB("admin");
db.createUser({
user: "MONGODB_ADMIN_USERNAME", if (configure_adminUser) {
pwd: "MONGODB_ADMIN_PASSWORD", db.createUser({
roles: [{ user: "MONGODB_ADMIN_USERNAME",
role: "userAdminAnyDatabase", pwd: "MONGODB_ADMIN_PASSWORD",
db: "admin" roles: [{
role: "userAdminAnyDatabase",
db: "admin"
},
{
role: "clusterManager",
db: "admin"
}
]
});
}
if (configure_adminUser && configure_bdbUser) {
db.auth("MONGODB_ADMIN_USERNAME", "MONGODB_ADMIN_PASSWORD");
db.getSiblingDB("$external").runCommand({
createUser: 'BDB_USERNAME',
writeConcern: {
w: 'majority',
wtimeout: 5000
}, },
{ roles: [{
role: "clusterManager", role: 'clusterAdmin',
db: "admin" db: 'admin'
} },
] {
}); role: 'readWriteAnyDatabase',
db = db.getSiblingDB("admin"); db: 'admin'
db.auth("MONGODB_ADMIN_USERNAME", "MONGODB_ADMIN_PASSWORD"); }
db.getSiblingDB("$external").runCommand({ ]
createUser: 'BDB_USERNAME', });
writeConcern: { }
w: 'majority', if (configure_adminUser && configure_mdbMonUser) {
wtimeout: 5000 db.auth("MONGODB_ADMIN_USERNAME", "MONGODB_ADMIN_PASSWORD");
}, db.getSiblingDB("$external").runCommand({
roles: [{ createUser: 'MDB_MON_USERNAME',
role: 'clusterAdmin', writeConcern: {
db: 'admin' w: 'majority',
wtimeout: 5000
}, },
{ roles: [{
role: 'readWriteAnyDatabase', role: 'clusterMonitor',
db: 'admin' db: 'admin'
} }]
] });
}); }
db.getSiblingDB("$external").runCommand({
createUser: 'MDB_MON_USERNAME',
writeConcern: {
w: 'majority',
wtimeout: 5000
},
roles: [{
role: 'clusterMonitor',
db: 'admin'
}]
});

20
k8s/mongodb/container/mongod_entrypoint.bash
View File

@ -102,14 +102,26 @@ fi
# Only configure if all variables are set # Only configure if all variables are set
if [[ -n "${mongodb_admin_username}" && \ if [[ -n "${mongodb_admin_username}" && \
-n "${mongodb_admin_password}" && \ -n "${mongodb_admin_password}" ]]; then
-n "${bdb_username}" && \
-n "${mdb_mon_username}" ]]; then
sed -i "s|MONGODB_ADMIN_USERNAME|${mongodb_admin_username}|g" ${MONGODB_CONFIGURE_USERS_PATH} sed -i "s|MONGODB_ADMIN_USERNAME|${mongodb_admin_username}|g" ${MONGODB_CONFIGURE_USERS_PATH}
sed -i "s|MONGODB_ADMIN_PASSWORD|${mongodb_admin_password}|g" ${MONGODB_CONFIGURE_USERS_PATH} sed -i "s|MONGODB_ADMIN_PASSWORD|${mongodb_admin_password}|g" ${MONGODB_CONFIGURE_USERS_PATH}
sed -i "s|CONFIGURE_ADMIN_USER|true|g" ${MONGODB_CONFIGURE_USERS_PATH}
else
sed -i "s|CONFIGURE_ADMIN_USER|false|g" ${MONGODB_CONFIGURE_USERS_PATH}
fi
if [[ -n "${bdb_username}" ]]; then
sed -i "s|BDB_USERNAME|${bdb_username}|g" ${MONGODB_CONFIGURE_USERS_PATH} sed -i "s|BDB_USERNAME|${bdb_username}|g" ${MONGODB_CONFIGURE_USERS_PATH}
sed -i "s|CONFIGURE_BDB_USER|true|g" ${MONGODB_CONFIGURE_USERS_PATH}
else
sed -i "s|CONFIGURE_BDB_USER|false|g" ${MONGODB_CONFIGURE_USERS_PATH}
fi
if [[ -n "${mdb_mon_username}" ]]; then
sed -i "s|MDB_MON_USERNAME|${mdb_mon_username}|g" ${MONGODB_CONFIGURE_USERS_PATH} sed -i "s|MDB_MON_USERNAME|${mdb_mon_username}|g" ${MONGODB_CONFIGURE_USERS_PATH}
echo "True" > /tmp/configure_mongo sed -i "s|CONFIGURE_MDB_MON_USER|true|g" ${MONGODB_CONFIGURE_USERS_PATH}
else
sed -i "s|CONFIGURE_MDB_MON_USER|false|g" ${MONGODB_CONFIGURE_USERS_PATH}
fi fi
# add the hostname and ip to hosts file # add the hostname and ip to hosts file

2
k8s/scripts/configure_mdb.sh
View File

@ -14,7 +14,7 @@ fi
MONGODB_INSTANCE_NAME=$1 MONGODB_INSTANCE_NAME=$1
if [[ -n "$MONGODB_INSTANCE_NAME" ]]; then if [[ -n "$MONGODB_INSTANCE_NAME" ]]; then
/usr/local/bin/kubectl exec -it "${MONGODB_INSTANCE_NAME}"\-ss\-0 -- bash -c "if [[ -f /tmp/configure_mongo && -n \$(cat /tmp/configure_mongo) ]]; then /usr/bin/mongo --host localhost --port \$(printenv MONGODB_PORT) --ssl --sslCAFile /etc/mongod/ca/ca.pem --sslPEMKeyFile /etc/mongod/ssl/mdb-instance.pem < /configure_mdb_users.js; fi" /usr/local/bin/kubectl exec -it "${MONGODB_INSTANCE_NAME}"\-ss\-0 -- bash -c "/usr/bin/mongo --host localhost --port \$(printenv MONGODB_PORT) --ssl --sslCAFile /etc/mongod/ca/ca.pem --sslPEMKeyFile /etc/mongod/ssl/mdb-instance.pem < /configure_mdb_users.js"
else else
echo "Skipping configuration, because relevant files don't exist!!!" echo "Skipping configuration, because relevant files don't exist!!!"
fi fi