added environment variables to db_create [no ci]

2024-12-19 04:58:00 +00:00 · 2023-01-27 20:50:16 +00:00 · 2023-01-27 20:50:16 +00:00 · dd4d64badd
commit dd4d64badd
parent 11044f92a5
3 changed files with 42 additions and 18 deletions
--- a/package/scripts/common/db_create.sh
+++ b/package/scripts/common/db_create.sh
@ -1,20 +1,28 @@
 #!/bin/bash
 #
-###############################################
+###############################################################################
 # HIRS DB creation
-# Conditions to address
-# a. Install is called mutiple times
-# b. Another app sets the root password 
-# c. ACA is updated 
-# d. ACA is updated after a DB password change
-################################################
+# Environment variables used:
+# a. HIRS_MYSQL_ROOT_EXSITING_PWD: set this variable if mysql root password is already set
+# b. HIRS_MYSQL_ROOT_NEW_PWD: set this variable if install needs to set new pwd
+# c. HIRS_DB_PWD: Set the pwd if default password to hirs_db user needs to be changed
+# HIRS_MYSQL_ROOT_NEW_PWD wil be ignored if HIRS_MYSQL_ROOT_EXSITING_PWD is set.
+################################################################################

-if [ -z ${HIRS_DB_PWD+x} ]; then
- DB_DEFAULT_PWD="hirs_db";
- else 
- DB_DEFAULT_PWD=$HIRS_DB_PWD;
+# Set Mysql root password
+if [ ! -z $HIRS_MYSQL_ROOT_EXSITING_PWD ]; then
+   HIRS_MYSQL_ROOT_PWD=$HIRS_MYSQL_ROOT_EXSITING_PWD;
+elif [ ! -z $HIRS_MYSQL_ROOT_NEW_PWD ]; then
+   HIRS_MYSQL_ROOT_PWD=$HIRS_MYSQL_ROOT_NEW_PWD;
+else
+   HIRS_MYSQL_ROOT_PWD="root";
 fi

+echo "HIRS_DB_PWD is $HIRS_DB_PWD"
+echo "HIRS_MYSQL_ROOT_EXSITING_PWD is $HIRS_MYSQL_ROOT_EXSITING_PWD"
+echo "HIRS_MYSQL_ROOT_NEW_PWD is $HIRS_MYSQL_ROOT_NEW_PWD"
+echo "HIRS_MYSQL_ROOT_PWD is $HIRS_MYSQL_ROOT_PWD"
+
 # Check if we're in a Docker container
 if [ -f /.dockerenv ]; then
    DOCKER_CONTAINER=true
@ -51,11 +59,22 @@ while ! mysqladmin ping -h "$localhost" --silent; do
  sleep 1;
 done

-# Set intial password, ingore result in case its already been set
-echo "Setting Mysql password"
-mysqladmin -u root --silent password $DB_DEFAULT_PWD || true > /dev/null 2>&1
-
 # Create the hirs_db database
 echo "Creating HIRS Database..." 
-DB_CREATE_SCRIPT=/opt/hirs/scripts/common/db_create.sql.el7
-mysql -u root --password="$DB_DEFAULT_PWD" < $DB_CREATE_SCRIPT
+
+if [ ! -z $HIRS_MYSQL_ROOT_EXSITING_PWD ]; then
+   echo "processing with hirs root set"
+   mysql -u root --password=$HIRS_MYSQL_ROOT_PWD < /opt/hirs/scripts/common/db_create.sql
+   mysql -u root --password=$HIRS_MYSQL_ROOT_PWD < /opt/hirs/scripts/common/secure_mysql.sql
+else 
+   echo "processing with hirs root NOT set"
+   mysql -u root < /opt/hirs/scripts/common/db_create.sql
+   mysql -u root < /opt/hirs/scripts/common/secure_mysql.sql
+   mysqladmin -u root --silent password $HIRS_MYSQL_ROOT_PWD || true > /dev/null 2>&1
+fi
+
+if [ ! -z $HIRS_DB_PWD ]; then
+   echo "Setting hirs_db password"
+   mysql -u root --password=$HIRS_MYSQL_ROOT_PWD -e "ALTER USER 'hirs_db'@'localhost' IDENTIFIED BY '"$HIRS_DB_PWD"'; FLUSH PRIVILEGES;";
+fi
+
--- a/package/scripts/common/db_create.sql.el7
+++ b/package/scripts/common/db_create.sql.el7
--- a/package/scripts/common/secure_mysql.sql
+++ b/package/scripts/common/secure_mysql.sql
@ -0,0 +1,5 @@
+DELETE FROM mysql.user WHERE User='';
+DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
+DROP DATABASE IF EXISTS test;
+DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
+FLUSH PRIVILEGES