Enable s2i

Author: dhodovsk

9.4/Dockerfile

@@ -1,4 +1,4 @@
-FROM centos:centos7
+FROM centos/s2i-core-centos7
 
 # PostgreSQL image for OpenShift.
 # Volumes:
@@ -13,7 +13,8 @@ FROM centos:centos7
 ENV POSTGRESQL_VERSION=9.4 \
     POSTGRESQL_PREV_VERSION=9.2 \
     HOME=/var/lib/pgsql \
-    PGUSER=postgres
+    PGUSER=postgres \
+    APP_DATA=/opt/app-root
 
 ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \
     DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \
@@ -55,6 +56,7 @@ ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql \
     ENABLED_COLLECTIONS=rh-postgresql94
 
 COPY root /
+COPY ./s2i/bin/ $STI_SCRIPTS_PATH
 
 # When bash is started non-interactively, to run a shell script, for example it
 # looks for this variable and source the content of this file. This will enable
@@ -65,6 +67,11 @@ ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \
 
 VOLUME ["/var/lib/pgsql/data"]
 
+# {APP_DATA} needs to be accessed by postgres user while s2i assembling
+# postgres user changes permissions of files in APP_DATA during assembling
+RUN /usr/libexec/fix-permissions ${APP_DATA} && \
+    usermod -a -G root postgres
+
 USER 26
 
 ENTRYPOINT ["container-entrypoint"]

9.4/Dockerfile.rhel7

@@ -1,4 +1,4 @@
-FROM rhel7
+FROM rhscl/s2i-core-rhel7
 
 # PostgreSQL image for OpenShift.
 # Volumes:
@@ -13,7 +13,8 @@ FROM rhel7
 ENV POSTGRESQL_VERSION=9.4 \
     POSTGRESQL_PREV_VERSION=9.2 \
     HOME=/var/lib/pgsql \
-    PGUSER=postgres
+    PGUSER=postgres \
+    APP_DATA=/opt/app-root
 
 ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \
     DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \
@@ -60,6 +61,7 @@ ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql \
     ENABLED_COLLECTIONS=rh-postgresql94
 
 COPY root /
+COPY ./s2i/bin/ $STI_SCRIPTS_PATH
 
 # When bash is started non-interactively, to run a shell script, for example it
 # looks for this variable and source the content of this file. This will enable
@@ -70,6 +72,11 @@ ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \
 
 VOLUME ["/var/lib/pgsql/data"]
 
+# {APP_DATA} needs to be accessed by postgres user while s2i assembling
+# postgres user changes permissions of files in APP_DATA during assembling
+RUN /usr/libexec/fix-permissions ${APP_DATA} && \
+    usermod -a -G root postgres
+
 USER 26
 
 ENTRYPOINT ["container-entrypoint"]

9.4/root/usr/bin/run-postgresql

@@ -24,10 +24,13 @@ fi
 
 pg_ctl -w start -o "-h ''"
 if $PG_INITIALIZED ; then
+    process_extending_files ${APP_DATA}/src/postgresql-init ${CONTAINER_SCRIPTS_PATH}/postgresql-init
     migrate_db
     create_users
 fi
-set_passwords
+
+process_extending_files ${APP_DATA}/src/postgresql-start-hook ${CONTAINER_SCRIPTS_PATH}/postgresql-start-hook
+
 pg_ctl stop
 
 unset_env_vars

9.4/root/usr/share/container-scripts/postgresql/README.md

@@ -235,6 +235,45 @@ enough space for the copy;  upgrade failure because of not enough space might
 lead to data loss.
 
 
+Extending image
+----------------
+
+This image can be extended using
+[source-to-image](https://github.com/openshift/source-to-image).
+
+For example to build customized image `new-postgresql`
+with configuration in `~/image-configuration/` run:
+
+
+```
+$ s2i build ~/image-configuration/ postgresql new-postgresql
+```
+
+The directory passed to `s2i build` should contain one or more of the
+following directories:
+
+##### `postgresql-config/`
+
+contained configuration files (`*.conf`) will be included at the end of image postgresql.conf file during database initialization
+
+
+##### `postgresql-init/`
+
+contained shell scripts (`*.sh`) are sourced once, when database is initialized
+
+##### `postgresql-start-hook/`
+
+contained shell scripts (`*.sh`) are sourced before every start
+
+----------------------------------------------
+
+During `s2i build` all provided files are copied into `/opt/app-root/src`
+directory in the new image. Only one
+file with the same name can be used for customization and user provided files
+are preferred over default files in `/usr/share/container-scripts/`-
+so it is possible to overwrite them.
+
+
 Troubleshooting
 ---------------
 At first the postgres daemon writes its logs to the standard output, so these are available in the container log. The log can be examined by running:

9.4/root/usr/share/container-scripts/postgresql/common.sh

@@ -190,21 +190,6 @@ function create_users() {
   fi
 }
 
-function set_passwords() {
-  if [[ ",$postinitdb_actions," = *,simple_db,* ]]; then
-    psql --command "ALTER USER \"${POSTGRESQL_USER}\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_PASSWORD}';"
-  fi
-
-  if [ -v POSTGRESQL_MASTER_USER ]; then
-    psql --command "ALTER USER \"${POSTGRESQL_MASTER_USER}\" WITH REPLICATION;"
-    psql --command "ALTER USER \"${POSTGRESQL_MASTER_USER}\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_MASTER_PASSWORD}';"
-  fi
-
-  if [ -v POSTGRESQL_ADMIN_PASSWORD ]; then
-    psql --command "ALTER USER \"postgres\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_ADMIN_PASSWORD}';"
-  fi
-}
-
 migrate_db ()
 {
     test "$postinitdb_actions" = ",migration" || return 0
@@ -413,3 +398,32 @@ try_pgupgrade ()
 
   run_pgupgrade
 }
+
+# get_matched_files finds file for image extending
+function get_matched_files() {
+  local custom_dir default_dir
+  custom_dir="$1"
+  default_dir="$2"
+  files_matched="$3"
+  find "$default_dir" -maxdepth 1 -type f -name "$files_matched" -printf "%f\n"
+  [ -d "$custom_dir" ] && find "$custom_dir" -maxdepth 1 -type f -name "$files_matched" -printf "%f\n"
+}
+
+# process_extending_files process extending files in $1 and $2 directories
+# - source all *.sh files
+#   (if there are files with same name source only file from $1)
+function process_extending_files() {
+  local custom_dir default_dir
+  custom_dir=$1
+  default_dir=$2
+
+  while read filename ; do
+    echo "=> sourcing $filename ..."
+    # Custom file is prefered
+    if [ -f $custom_dir/$filename ]; then
+      source $custom_dir/$filename
+    elif [ -f $default_dir/$filename ]; then
+      source $default_dir/$filename
+    fi
+  done <<<"$(get_matched_files "$custom_dir" "$default_dir" '*.sh' | sort -u)"
+}

9.4/root/usr/share/container-scripts/postgresql/postgresql-init/set-config.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+shopt -s nullglob
+
+cat >> "$PGDATA/postgresql.conf" <<EOF
+
+# Custom extending configuration
+EOF
+
+extending_cfg_dir="${APP_DATA}/src/postgresql-config"
+
+for conf in "$extending_cfg_dir"/*.conf; do
+    echo include \'${conf}\' >> $PGDATA/postgresql.conf
+done

9.4/root/usr/share/container-scripts/postgresql/postgresql-start-hook/set_passwords.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+if [[ ",$postinitdb_actions," = *,simple_db,* ]]; then
+psql --command "ALTER USER \"${POSTGRESQL_USER}\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_PASSWORD}';"
+fi
+
+if [ -v POSTGRESQL_MASTER_USER ]; then
+psql --command "ALTER USER \"${POSTGRESQL_MASTER_USER}\" WITH REPLICATION;"
+psql --command "ALTER USER \"${POSTGRESQL_MASTER_USER}\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_MASTER_PASSWORD}';"
+fi
+
+if [ -v POSTGRESQL_ADMIN_PASSWORD ]; then
+psql --command "ALTER USER \"postgres\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_ADMIN_PASSWORD}';"
+fi

9.4/s2i/bin/assemble

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+shopt -s dotglob
+echo "---> Installing application source ..."
+
+
+mv /tmp/src/* ./
+
+# Fix source directory permissions
+/usr/libexec/fix-permissions ./

9.4/s2i/bin/run

@@ -0,0 +1 @@
+/usr/bin/run-postgresql

9.4/s2i/bin/usage

@@ -0,0 +1 @@
+groff -t -man -ETascii /help.1

9.5/Dockerfile

@@ -1,4 +1,4 @@
-FROM centos:centos7
+FROM centos/s2i-core-centos7
 
 # PostgreSQL image for OpenShift.
 # Volumes:
@@ -13,7 +13,8 @@ FROM centos:centos7
 ENV POSTGRESQL_VERSION=9.5 \
     POSTGRESQL_PREV_VERSION=9.4 \
     HOME=/var/lib/pgsql \
-    PGUSER=postgres
+    PGUSER=postgres \
+    APP_DATA=/opt/app-root
 
 ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \
     DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \
@@ -55,6 +56,7 @@ ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql \
     ENABLED_COLLECTIONS=rh-postgresql95
 
 COPY root /
+COPY ./s2i/bin/ $STI_SCRIPTS_PATH
 
 # When bash is started non-interactively, to run a shell script, for example it
 # looks for this variable and source the content of this file. This will enable
@@ -65,6 +67,11 @@ ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \
 
 VOLUME ["/var/lib/pgsql/data"]
 
+# {APP_DATA} needs to be accessed by postgres user while s2i assembling
+# postgres user changes permissions of files in APP_DATA during assembling
+RUN /usr/libexec/fix-permissions ${APP_DATA} && \
+    usermod -a -G root postgres
+
 USER 26
 
 ENTRYPOINT ["container-entrypoint"]

9.5/Dockerfile.rhel7

@@ -1,4 +1,4 @@
-FROM rhel7
+FROM rhscl/s2i-core-rhel7
 
 # PostgreSQL image for OpenShift.
 # Volumes:
@@ -13,7 +13,8 @@ FROM rhel7
 ENV POSTGRESQL_VERSION=9.5 \
     POSTGRESQL_PREV_VERSION=9.4 \
     HOME=/var/lib/pgsql \
-    PGUSER=postgres
+    PGUSER=postgres \
+    APP_DATA=/opt/app-root
 
 ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \
     DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \
@@ -60,6 +61,7 @@ ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql \
     ENABLED_COLLECTIONS=rh-postgresql95
 
 COPY root /
+COPY ./s2i/bin/ $STI_SCRIPTS_PATH
 
 # When bash is started non-interactively, to run a shell script, for example it
 # looks for this variable and source the content of this file. This will enable
@@ -70,6 +72,11 @@ ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \
 
 VOLUME ["/var/lib/pgsql/data"]
 
+# {APP_DATA} needs to be accessed by postgres user while s2i assembling
+# postgres user changes permissions of files in APP_DATA during assembling
+RUN /usr/libexec/fix-permissions ${APP_DATA} && \
+    usermod -a -G root postgres
+
 USER 26
 
 ENTRYPOINT ["container-entrypoint"]

9.5/root/usr/bin/run-postgresql

@@ -24,10 +24,13 @@ fi
 
 pg_ctl -w start -o "-h ''"
 if $PG_INITIALIZED ; then
+    process_extending_files ${APP_DATA}/src/postgresql-init ${CONTAINER_SCRIPTS_PATH}/postgresql-init
     migrate_db
     create_users
 fi
-set_passwords
+
+process_extending_files ${APP_DATA}/src/postgresql-start-hook ${CONTAINER_SCRIPTS_PATH}/postgresql-start-hook
+
 pg_ctl stop
 
 unset_env_vars

9.5/root/usr/share/container-scripts/postgresql/README.md

@@ -235,6 +235,45 @@ enough space for the copy;  upgrade failure because of not enough space might
 lead to data loss.
 
 
+Extending image
+----------------
+
+This image can be extended using
+[source-to-image](https://github.com/openshift/source-to-image).
+
+For example to build customized image `new-postgresql`
+with configuration in `~/image-configuration/` run:
+
+
+```
+$ s2i build ~/image-configuration/ postgresql new-postgresql
+```
+
+The directory passed to `s2i build` should contain one or more of the
+following directories:
+
+##### `postgresql-config/`
+
+contained configuration files (`*.conf`) will be included at the end of image postgresql.conf file during database initialization
+
+
+##### `postgresql-init/`
+
+contained shell scripts (`*.sh`) are sourced once, when database is initialized
+
+##### `postgresql-start-hook/`
+
+contained shell scripts (`*.sh`) are sourced before every start
+
+----------------------------------------------
+
+During `s2i build` all provided files are copied into `/opt/app-root/src`
+directory in the new image. Only one
+file with the same name can be used for customization and user provided files
+are preferred over default files in `/usr/share/container-scripts/`-
+so it is possible to overwrite them.
+
+
 Troubleshooting
 ---------------
 At first the postgres daemon writes its logs to the standard output, so these are available in the container log. The log can be examined by running: