From 6e32ad737e6e7e0b02856e9e4e219f095d17a8b4 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Mon, 28 Oct 2024 14:03:56 +0000 Subject: [PATCH] [bitnami/scylladb] Release scylladb-6.2.0-debian-12-r0 Signed-off-by: Bitnami Bot --- bitnami/scylladb/6.2/debian-12/Dockerfile | 62 + .../opt/bitnami/.bitnami_components.json | 20 + .../opt/bitnami/licenses/licenses.txt | 2 + .../opt/bitnami/scripts/libbitnami.sh | 54 + .../prebuildfs/opt/bitnami/scripts/libfile.sh | 141 ++ .../prebuildfs/opt/bitnami/scripts/libfs.sh | 193 +++ .../prebuildfs/opt/bitnami/scripts/libhook.sh | 18 + .../prebuildfs/opt/bitnami/scripts/liblog.sh | 114 ++ .../prebuildfs/opt/bitnami/scripts/libnet.sh | 171 +++ .../prebuildfs/opt/bitnami/scripts/libos.sh | 657 ++++++++ .../opt/bitnami/scripts/libpersistence.sh | 124 ++ .../opt/bitnami/scripts/libservice.sh | 496 +++++++ .../opt/bitnami/scripts/libvalidations.sh | 304 ++++ .../opt/bitnami/scripts/libversion.sh | 51 + .../opt/bitnami/scripts/libwebserver.sh | 476 ++++++ .../prebuildfs/usr/sbin/install_packages | 27 + .../debian-12/prebuildfs/usr/sbin/run-script | 24 + .../opt/bitnami/scripts/java/entrypoint.sh | 19 + .../opt/bitnami/scripts/java/postunpack.sh | 26 + .../rootfs/opt/bitnami/scripts/libscylladb.sh | 1322 +++++++++++++++++ .../opt/bitnami/scripts/scylladb-env.sh | 272 ++++ .../bitnami/scripts/scylladb/entrypoint.sh | 39 + .../bitnami/scripts/scylladb/postunpack.sh | 78 + .../opt/bitnami/scripts/scylladb/run.sh | 35 + .../opt/bitnami/scripts/scylladb/setup.sh | 37 + bitnami/scylladb/6.2/debian-12/tags-info.yaml | 5 + 26 files changed, 4767 insertions(+) create mode 100644 bitnami/scylladb/6.2/debian-12/Dockerfile create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libfile.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libfs.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libhook.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/liblog.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libnet.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libos.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libpersistence.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libservice.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libvalidations.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libversion.sh create mode 100644 bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libwebserver.sh create mode 100755 bitnami/scylladb/6.2/debian-12/prebuildfs/usr/sbin/install_packages create mode 100755 bitnami/scylladb/6.2/debian-12/prebuildfs/usr/sbin/run-script create mode 100755 bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/java/entrypoint.sh create mode 100755 bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/java/postunpack.sh create mode 100644 bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/libscylladb.sh create mode 100644 bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb-env.sh create mode 100755 bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/entrypoint.sh create mode 100755 bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/postunpack.sh create mode 100755 bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/run.sh create mode 100755 bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/setup.sh create mode 100644 bitnami/scylladb/6.2/debian-12/tags-info.yaml diff --git a/bitnami/scylladb/6.2/debian-12/Dockerfile b/bitnami/scylladb/6.2/debian-12/Dockerfile new file mode 100644 index 0000000000000..58567c1c1f50d --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/Dockerfile @@ -0,0 +1,62 @@ +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 + +FROM docker.io/bitnami/minideb:bookworm + +ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith" +ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" +ARG TARGETARCH + +LABEL com.vmware.cp.artifact.flavor="sha256:c50c90cfd9d12b445b011e6ad529f1ad3daea45c26d20b00732fae3cd71f6a83" \ + org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ + org.opencontainers.image.created="2024-10-28T13:18:57Z" \ + org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ + org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/scylladb/README.md" \ + org.opencontainers.image.licenses="Apache-2.0" \ + org.opencontainers.image.ref.name="6.2.0-debian-12-r0" \ + org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/scylladb" \ + org.opencontainers.image.title="scylladb" \ + org.opencontainers.image.vendor="Broadcom, Inc." \ + org.opencontainers.image.version="6.2.0" + +ENV HOME="/" \ + OS_ARCH="${TARGETARCH:-amd64}" \ + OS_FLAVOUR="debian-12" \ + OS_NAME="linux" + +COPY prebuildfs / +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] +# Install required system packages and dependencies +RUN install_packages ca-certificates curl libatomic1 libblkid1 libbrotli1 libbz2-1.0 libcap2 libcom-err2 libcrypt1 libffi8 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libidn2-0 libjsoncpp25 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblz4-1 liblzma5 libmount1 libmpfr6 libncursesw6 libnettle8 libnsl2 libp11-kit0 libpcre2-8-0 libreadline8 libselinux1 libsmartcols1 libsqlite3-0 libssl3 libstdc++6 libsystemd0 libtasn1-6 libtinfo6 libtirpc3 libudev1 libunistring2 libxxhash0 libzstd1 procps rsyslog zlib1g +RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ + COMPONENTS=( \ + "python-3.12.7-3-linux-${OS_ARCH}-debian-12" \ + "java-11.0.25-11-1-linux-${OS_ARCH}-debian-12" \ + "scylladb-6.2.0-0-linux-${OS_ARCH}-debian-12" \ + ) ; \ + for COMPONENT in "${COMPONENTS[@]}"; do \ + if [ ! -f "${COMPONENT}.tar.gz" ]; then \ + curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \ + curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \ + fi ; \ + sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ + tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ + rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ + done +RUN apt-get autoremove --purge -y curl && \ + apt-get update && apt-get upgrade -y && \ + apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives +RUN chmod g+rwX /opt/bitnami +RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true + +COPY rootfs / +RUN /opt/bitnami/scripts/scylladb/postunpack.sh +RUN /opt/bitnami/scripts/java/postunpack.sh +ENV APP_VERSION="6.2.0" \ + BITNAMI_APP_NAME="scylladb" \ + JAVA_HOME="/opt/bitnami/java" \ + PATH="/opt/bitnami/python/bin:/opt/bitnami/java/bin:/opt/bitnami/scylladb/bin:/opt/bitnami/scylladb/python3/bin:/opt/bitnami/scylladb/sbin:/opt/bitnami/scylladb/share/cassandra/bin:/opt/bitnami/supervisor/bin:$PATH" + +USER 1001 +ENTRYPOINT [ "/opt/bitnami/scripts/scylladb/entrypoint.sh" ] +CMD [ "/opt/bitnami/scripts/scylladb/run.sh" ] diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json new file mode 100644 index 0000000000000..0b7ebb7d06511 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json @@ -0,0 +1,20 @@ +{ + "java": { + "arch": "amd64", + "distro": "debian-12", + "type": "NAMI", + "version": "11.0.25-11-1" + }, + "python": { + "arch": "amd64", + "distro": "debian-12", + "type": "NAMI", + "version": "3.12.7-3" + }, + "scylladb": { + "arch": "amd64", + "distro": "debian-12", + "type": "NAMI", + "version": "6.2.0-0" + } +} \ No newline at end of file diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt new file mode 100644 index 0000000000000..76956b38e82c6 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt @@ -0,0 +1,2 @@ +Bitnami containers ship with software bundles. You can find the licenses under: +/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh new file mode 100644 index 0000000000000..d239f98535735 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -0,0 +1,54 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Bitnami custom library + +# shellcheck disable=SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/liblog.sh + +# Constants +BOLD='\033[1m' + +# Functions + +######################## +# Print the welcome page +# Globals: +# DISABLE_WELCOME_MESSAGE +# BITNAMI_APP_NAME +# Arguments: +# None +# Returns: +# None +######################### +print_welcome_page() { + if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then + if [[ -n "$BITNAMI_APP_NAME" ]]; then + print_image_welcome_page + fi + fi +} + +######################## +# Print the welcome page for a Bitnami Docker image +# Globals: +# BITNAMI_APP_NAME +# Arguments: +# None +# Returns: +# None +######################### +print_image_welcome_page() { + local github_url="https://github.com/bitnami/containers" + + info "" + info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" + info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" + info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" + info "Upgrade to Tanzu Application Catalog for production environments to access custom-configured and pre-packaged software components. Gain enhanced features, including Software Bill of Materials (SBOM), CVE scan result reports, and VEX documents. To learn more, visit ${BOLD}https://bitnami.com/enterprise${RESET}" + info "" +} + diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libfile.sh new file mode 100644 index 0000000000000..1c69e0e48a5d0 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libfile.sh @@ -0,0 +1,141 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for managing files + +# shellcheck disable=SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/libos.sh + +# Functions + +######################## +# Replace a regex-matching string in a file +# Arguments: +# $1 - filename +# $2 - match regex +# $3 - substitute regex +# $4 - use POSIX regex. Default: true +# Returns: +# None +######################### +replace_in_file() { + local filename="${1:?filename is required}" + local match_regex="${2:?match regex is required}" + local substitute_regex="${3:?substitute regex is required}" + local posix_regex=${4:-true} + + local result + + # We should avoid using 'sed in-place' substitutions + # 1) They are not compatible with files mounted from ConfigMap(s) + # 2) We found incompatibility issues with Debian10 and "in-place" substitutions + local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues + if [[ $posix_regex = true ]]; then + result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" + else + result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" + fi + echo "$result" > "$filename" +} + +######################## +# Replace a regex-matching multiline string in a file +# Arguments: +# $1 - filename +# $2 - match regex +# $3 - substitute regex +# Returns: +# None +######################### +replace_in_file_multiline() { + local filename="${1:?filename is required}" + local match_regex="${2:?match regex is required}" + local substitute_regex="${3:?substitute regex is required}" + + local result + local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues + result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" + echo "$result" > "$filename" +} + +######################## +# Remove a line in a file based on a regex +# Arguments: +# $1 - filename +# $2 - match regex +# $3 - use POSIX regex. Default: true +# Returns: +# None +######################### +remove_in_file() { + local filename="${1:?filename is required}" + local match_regex="${2:?match regex is required}" + local posix_regex=${3:-true} + local result + + # We should avoid using 'sed in-place' substitutions + # 1) They are not compatible with files mounted from ConfigMap(s) + # 2) We found incompatibility issues with Debian10 and "in-place" substitutions + if [[ $posix_regex = true ]]; then + result="$(sed -E "/$match_regex/d" "$filename")" + else + result="$(sed "/$match_regex/d" "$filename")" + fi + echo "$result" > "$filename" +} + +######################## +# Appends text after the last line matching a pattern +# Arguments: +# $1 - file +# $2 - match regex +# $3 - contents to add +# Returns: +# None +######################### +append_file_after_last_match() { + local file="${1:?missing file}" + local match_regex="${2:?missing pattern}" + local value="${3:?missing value}" + + # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again + result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" + echo "$result" > "$file" +} + +######################## +# Wait until certain entry is present in a log file +# Arguments: +# $1 - entry to look for +# $2 - log file +# $3 - max retries. Default: 12 +# $4 - sleep between retries (in seconds). Default: 5 +# Returns: +# Boolean +######################### +wait_for_log_entry() { + local -r entry="${1:-missing entry}" + local -r log_file="${2:-missing log file}" + local -r retries="${3:-12}" + local -r interval_time="${4:-5}" + local attempt=0 + + check_log_file_for_entry() { + if ! grep -qE "$entry" "$log_file"; then + debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" + return 1 + fi + } + debug "Checking that ${log_file} log file contains entry \"${entry}\"" + if retry_while check_log_file_for_entry "$retries" "$interval_time"; then + debug "Found entry \"${entry}\" in ${log_file}" + true + else + error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" + debug_execute cat "$log_file" + return 1 + fi +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libfs.sh new file mode 100644 index 0000000000000..970d624179642 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libfs.sh @@ -0,0 +1,193 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for file system actions + +# shellcheck disable=SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/liblog.sh + +# Functions + +######################## +# Ensure a file/directory is owned (user and group) but the given user +# Arguments: +# $1 - filepath +# $2 - owner +# Returns: +# None +######################### +owned_by() { + local path="${1:?path is missing}" + local owner="${2:?owner is missing}" + local group="${3:-}" + + if [[ -n $group ]]; then + chown "$owner":"$group" "$path" + else + chown "$owner":"$owner" "$path" + fi +} + +######################## +# Ensure a directory exists and, optionally, is owned by the given user +# Arguments: +# $1 - directory +# $2 - owner +# Returns: +# None +######################### +ensure_dir_exists() { + local dir="${1:?directory is missing}" + local owner_user="${2:-}" + local owner_group="${3:-}" + + [ -d "${dir}" ] || mkdir -p "${dir}" + if [[ -n $owner_user ]]; then + owned_by "$dir" "$owner_user" "$owner_group" + fi +} + +######################## +# Checks whether a directory is empty or not +# arguments: +# $1 - directory +# returns: +# boolean +######################### +is_dir_empty() { + local -r path="${1:?missing directory}" + # Calculate real path in order to avoid issues with symlinks + local -r dir="$(realpath "$path")" + if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then + true + else + false + fi +} + +######################## +# Checks whether a mounted directory is empty or not +# arguments: +# $1 - directory +# returns: +# boolean +######################### +is_mounted_dir_empty() { + local dir="${1:?missing directory}" + + if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then + true + else + false + fi +} + +######################## +# Checks whether a file can be written to or not +# arguments: +# $1 - file +# returns: +# boolean +######################### +is_file_writable() { + local file="${1:?missing file}" + local dir + dir="$(dirname "$file")" + + if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then + true + else + false + fi +} + +######################## +# Relativize a path +# arguments: +# $1 - path +# $2 - base +# returns: +# None +######################### +relativize() { + local -r path="${1:?missing path}" + local -r base="${2:?missing base}" + pushd "$base" >/dev/null || exit + realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' + popd >/dev/null || exit +} + +######################## +# Configure permisions and ownership recursively +# Globals: +# None +# Arguments: +# $1 - paths (as a string). +# Flags: +# -f|--file-mode - mode for directories. +# -d|--dir-mode - mode for files. +# -u|--user - user +# -g|--group - group +# Returns: +# None +######################### +configure_permissions_ownership() { + local -r paths="${1:?paths is missing}" + local dir_mode="" + local file_mode="" + local user="" + local group="" + + # Validate arguments + shift 1 + while [ "$#" -gt 0 ]; do + case "$1" in + -f | --file-mode) + shift + file_mode="${1:?missing mode for files}" + ;; + -d | --dir-mode) + shift + dir_mode="${1:?missing mode for directories}" + ;; + -u | --user) + shift + user="${1:?missing user}" + ;; + -g | --group) + shift + group="${1:?missing group}" + ;; + *) + echo "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + + read -r -a filepaths <<<"$paths" + for p in "${filepaths[@]}"; do + if [[ -e "$p" ]]; then + find -L "$p" -printf "" + if [[ -n $dir_mode ]]; then + find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" + fi + if [[ -n $file_mode ]]; then + find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" + fi + if [[ -n $user ]] && [[ -n $group ]]; then + find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" + elif [[ -n $user ]] && [[ -z $group ]]; then + find -L "$p" -print0 | xargs -r -0 chown "${user}" + elif [[ -z $user ]] && [[ -n $group ]]; then + find -L "$p" -print0 | xargs -r -0 chgrp "${group}" + fi + else + stderr_print "$p does not exist" + fi + done +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libhook.sh new file mode 100644 index 0000000000000..f3a5fe7868eed --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libhook.sh @@ -0,0 +1,18 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library to use for scripts expected to be used as Kubernetes lifecycle hooks + +# shellcheck disable=SC1091 + +# Load generic libraries +. /opt/bitnami/scripts/liblog.sh +. /opt/bitnami/scripts/libos.sh + +# Override functions that log to stdout/stderr of the current process, so they print to process 1 +for function_to_override in stderr_print debug_execute; do + # Output is sent to output of process 1 and thus end up in the container log + # The hook output in general isn't saved + eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" +done diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/liblog.sh new file mode 100644 index 0000000000000..450f05bd823ff --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/liblog.sh @@ -0,0 +1,114 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for logging functions + +# Constants +RESET='\033[0m' +RED='\033[38;5;1m' +GREEN='\033[38;5;2m' +YELLOW='\033[38;5;3m' +MAGENTA='\033[38;5;5m' +CYAN='\033[38;5;6m' + +# Functions + +######################## +# Print to STDERR +# Arguments: +# Message to print +# Returns: +# None +######################### +stderr_print() { + # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it + local bool="${BITNAMI_QUIET:-false}" + # comparison is performed without regard to the case of alphabetic characters + shopt -s nocasematch + if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then + printf "%b\\n" "${*}" >&2 + fi +} + +######################## +# Log message +# Arguments: +# Message to log +# Returns: +# None +######################### +log() { + stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" +} +######################## +# Log an 'info' message +# Arguments: +# Message to log +# Returns: +# None +######################### +info() { + log "${GREEN}INFO ${RESET} ==> ${*}" +} +######################## +# Log message +# Arguments: +# Message to log +# Returns: +# None +######################### +warn() { + log "${YELLOW}WARN ${RESET} ==> ${*}" +} +######################## +# Log an 'error' message +# Arguments: +# Message to log +# Returns: +# None +######################### +error() { + log "${RED}ERROR${RESET} ==> ${*}" +} +######################## +# Log a 'debug' message +# Globals: +# BITNAMI_DEBUG +# Arguments: +# None +# Returns: +# None +######################### +debug() { + # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it + local bool="${BITNAMI_DEBUG:-false}" + # comparison is performed without regard to the case of alphabetic characters + shopt -s nocasematch + if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then + log "${MAGENTA}DEBUG${RESET} ==> ${*}" + fi +} + +######################## +# Indent a string +# Arguments: +# $1 - string +# $2 - number of indentation characters (default: 4) +# $3 - indentation character (default: " ") +# Returns: +# None +######################### +indent() { + local string="${1:-}" + local num="${2:?missing num}" + local char="${3:-" "}" + # Build the indentation unit string + local indent_unit="" + for ((i = 0; i < num; i++)); do + indent_unit="${indent_unit}${char}" + done + # shellcheck disable=SC2001 + # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions + echo "$string" | sed "s/^/${indent_unit}/" +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libnet.sh new file mode 100644 index 0000000000000..004e426fba178 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libnet.sh @@ -0,0 +1,171 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for network functions + +# shellcheck disable=SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/liblog.sh +. /opt/bitnami/scripts/libvalidations.sh + +# Functions + +######################## +# Resolve IP address for a host/domain (i.e. DNS lookup) +# Arguments: +# $1 - Hostname to resolve +# $2 - IP address version (v4, v6), leave empty for resolving to any version +# Returns: +# IP +######################### +dns_lookup() { + local host="${1:?host is missing}" + local ip_version="${2:-}" + getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 +} + +######################### +# Wait for a hostname and return the IP +# Arguments: +# $1 - hostname +# $2 - number of retries +# $3 - seconds to wait between retries +# Returns: +# - IP address that corresponds to the hostname +######################### +wait_for_dns_lookup() { + local hostname="${1:?hostname is missing}" + local retries="${2:-5}" + local seconds="${3:-1}" + check_host() { + if [[ $(dns_lookup "$hostname") == "" ]]; then + false + else + true + fi + } + # Wait for the host to be ready + retry_while "check_host ${hostname}" "$retries" "$seconds" + dns_lookup "$hostname" +} + +######################## +# Get machine's IP +# Arguments: +# None +# Returns: +# Machine IP +######################### +get_machine_ip() { + local -a ip_addresses + local hostname + hostname="$(hostname)" + read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" + if [[ "${#ip_addresses[@]}" -gt 1 ]]; then + warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" + elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then + error "Could not find any IP address associated to hostname ${hostname}" + exit 1 + fi + # Check if the first IP address is IPv6 to add brackets + if validate_ipv6 "${ip_addresses[0]}" ; then + echo "[${ip_addresses[0]}]" + else + echo "${ip_addresses[0]}" + fi +} + +######################## +# Check if the provided argument is a resolved hostname +# Arguments: +# $1 - Value to check +# Returns: +# Boolean +######################### +is_hostname_resolved() { + local -r host="${1:?missing value}" + if [[ -n "$(dns_lookup "$host")" ]]; then + true + else + false + fi +} + +######################## +# Parse URL +# Globals: +# None +# Arguments: +# $1 - uri - String +# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String +# Returns: +# String +parse_uri() { + local uri="${1:?uri is missing}" + local component="${2:?component is missing}" + + # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with + # additional sub-expressions to split authority into userinfo, host and port + # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) + local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' + # || | ||| | | | | | | | | | + # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment + # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... + # | 4 authority + # 3 //... + local index=0 + case "$component" in + scheme) + index=2 + ;; + authority) + index=4 + ;; + userinfo) + index=6 + ;; + host) + index=7 + ;; + port) + index=9 + ;; + path) + index=10 + ;; + query) + index=13 + ;; + fragment) + index=14 + ;; + *) + stderr_print "unrecognized component $component" + return 1 + ;; + esac + [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" +} + +######################## +# Wait for a HTTP connection to succeed +# Globals: +# * +# Arguments: +# $1 - URL to wait for +# $2 - Maximum amount of retries (optional) +# $3 - Time between retries (optional) +# Returns: +# true if the HTTP connection succeeded, false otherwise +######################### +wait_for_http_connection() { + local url="${1:?missing url}" + local retries="${2:-}" + local sleep_time="${3:-}" + if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then + error "Could not connect to ${url}" + return 1 + fi +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libos.sh new file mode 100644 index 0000000000000..9d908c48579b9 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libos.sh @@ -0,0 +1,657 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for operating system actions + +# shellcheck disable=SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/liblog.sh +. /opt/bitnami/scripts/libfs.sh +. /opt/bitnami/scripts/libvalidations.sh + +# Functions + +######################## +# Check if an user exists in the system +# Arguments: +# $1 - user +# Returns: +# Boolean +######################### +user_exists() { + local user="${1:?user is missing}" + id "$user" >/dev/null 2>&1 +} + +######################## +# Check if a group exists in the system +# Arguments: +# $1 - group +# Returns: +# Boolean +######################### +group_exists() { + local group="${1:?group is missing}" + getent group "$group" >/dev/null 2>&1 +} + +######################## +# Create a group in the system if it does not exist already +# Arguments: +# $1 - group +# Flags: +# -i|--gid - the ID for the new group +# -s|--system - Whether to create new user as system user (uid <= 999) +# Returns: +# None +######################### +ensure_group_exists() { + local group="${1:?group is missing}" + local gid="" + local is_system_user=false + + # Validate arguments + shift 1 + while [ "$#" -gt 0 ]; do + case "$1" in + -i | --gid) + shift + gid="${1:?missing gid}" + ;; + -s | --system) + is_system_user=true + ;; + *) + echo "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + + if ! group_exists "$group"; then + local -a args=("$group") + if [[ -n "$gid" ]]; then + if group_exists "$gid"; then + error "The GID $gid is already in use." >&2 + return 1 + fi + args+=("--gid" "$gid") + fi + $is_system_user && args+=("--system") + groupadd "${args[@]}" >/dev/null 2>&1 + fi +} + +######################## +# Create an user in the system if it does not exist already +# Arguments: +# $1 - user +# Flags: +# -i|--uid - the ID for the new user +# -g|--group - the group the new user should belong to +# -a|--append-groups - comma-separated list of supplemental groups to append to the new user +# -h|--home - the home directory for the new user +# -s|--system - whether to create new user as system user (uid <= 999) +# Returns: +# None +######################### +ensure_user_exists() { + local user="${1:?user is missing}" + local uid="" + local group="" + local append_groups="" + local home="" + local is_system_user=false + + # Validate arguments + shift 1 + while [ "$#" -gt 0 ]; do + case "$1" in + -i | --uid) + shift + uid="${1:?missing uid}" + ;; + -g | --group) + shift + group="${1:?missing group}" + ;; + -a | --append-groups) + shift + append_groups="${1:?missing append_groups}" + ;; + -h | --home) + shift + home="${1:?missing home directory}" + ;; + -s | --system) + is_system_user=true + ;; + *) + echo "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + + if ! user_exists "$user"; then + local -a user_args=("-N" "$user") + if [[ -n "$uid" ]]; then + if user_exists "$uid"; then + error "The UID $uid is already in use." + return 1 + fi + user_args+=("--uid" "$uid") + else + $is_system_user && user_args+=("--system") + fi + useradd "${user_args[@]}" >/dev/null 2>&1 + fi + + if [[ -n "$group" ]]; then + local -a group_args=("$group") + $is_system_user && group_args+=("--system") + ensure_group_exists "${group_args[@]}" + usermod -g "$group" "$user" >/dev/null 2>&1 + fi + + if [[ -n "$append_groups" ]]; then + local -a groups + read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" + for group in "${groups[@]}"; do + ensure_group_exists "$group" + usermod -aG "$group" "$user" >/dev/null 2>&1 + done + fi + + if [[ -n "$home" ]]; then + mkdir -p "$home" + usermod -d "$home" "$user" >/dev/null 2>&1 + configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" + fi +} + +######################## +# Check if the script is currently running as root +# Arguments: +# $1 - user +# $2 - group +# Returns: +# Boolean +######################### +am_i_root() { + if [[ "$(id -u)" = "0" ]]; then + true + else + false + fi +} + +######################## +# Print OS metadata +# Arguments: +# $1 - Flag name +# Flags: +# --id - Distro ID +# --version - Distro version +# --branch - Distro branch +# --codename - Distro codename +# --name - Distro name +# --pretty-name - Distro pretty name +# Returns: +# String +######################### +get_os_metadata() { + local -r flag_name="${1:?missing flag}" + # Helper function + get_os_release_metadata() { + local -r env_name="${1:?missing environment variable name}" + ( + . /etc/os-release + echo "${!env_name}" + ) + } + case "$flag_name" in + --id) + get_os_release_metadata ID + ;; + --version) + get_os_release_metadata VERSION_ID + ;; + --branch) + get_os_release_metadata VERSION_ID | sed 's/\..*//' + ;; + --codename) + get_os_release_metadata VERSION_CODENAME + ;; + --name) + get_os_release_metadata NAME + ;; + --pretty-name) + get_os_release_metadata PRETTY_NAME + ;; + *) + error "Unknown flag ${flag_name}" + return 1 + ;; + esac +} + +######################## +# Get total memory available +# Arguments: +# None +# Returns: +# Memory in bytes +######################### +get_total_memory() { + echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) +} + +######################## +# Get machine size depending on specified memory +# Globals: +# None +# Arguments: +# None +# Flags: +# --memory - memory size (optional) +# Returns: +# Detected instance size +######################### +get_machine_size() { + local memory="" + # Validate arguments + while [[ "$#" -gt 0 ]]; do + case "$1" in + --memory) + shift + memory="${1:?missing memory}" + ;; + *) + echo "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + if [[ -z "$memory" ]]; then + debug "Memory was not specified, detecting available memory automatically" + memory="$(get_total_memory)" + fi + sanitized_memory=$(convert_to_mb "$memory") + if [[ "$sanitized_memory" -gt 26000 ]]; then + echo 2xlarge + elif [[ "$sanitized_memory" -gt 13000 ]]; then + echo xlarge + elif [[ "$sanitized_memory" -gt 6000 ]]; then + echo large + elif [[ "$sanitized_memory" -gt 3000 ]]; then + echo medium + elif [[ "$sanitized_memory" -gt 1500 ]]; then + echo small + else + echo micro + fi +} + +######################## +# Get machine size depending on specified memory +# Globals: +# None +# Arguments: +# $1 - memory size (optional) +# Returns: +# Detected instance size +######################### +get_supported_machine_sizes() { + echo micro small medium large xlarge 2xlarge +} + +######################## +# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) +# Globals: +# None +# Arguments: +# $1 - memory size +# Returns: +# Result of the conversion +######################### +convert_to_mb() { + local amount="${1:-}" + if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then + size="${BASH_REMATCH[1]}" + unit="${BASH_REMATCH[2]}" + if [[ "$unit" = "g" || "$unit" = "G" ]]; then + amount="$((size * 1024))" + else + amount="$size" + fi + fi + echo "$amount" +} + +######################### +# Redirects output to /dev/null if debug mode is disabled +# Globals: +# BITNAMI_DEBUG +# Arguments: +# $@ - Command to execute +# Returns: +# None +######################### +debug_execute() { + if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then + "$@" + else + "$@" >/dev/null 2>&1 + fi +} + +######################## +# Retries a command a given number of times +# Arguments: +# $1 - cmd (as a string) +# $2 - max retries. Default: 12 +# $3 - sleep between retries (in seconds). Default: 5 +# Returns: +# Boolean +######################### +retry_while() { + local cmd="${1:?cmd is missing}" + local retries="${2:-12}" + local sleep_time="${3:-5}" + local return_value=1 + + read -r -a command <<<"$cmd" + for ((i = 1; i <= retries; i += 1)); do + "${command[@]}" && return_value=0 && break + sleep "$sleep_time" + done + return $return_value +} + +######################## +# Generate a random string +# Arguments: +# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii +# -c|--count - Number of characters, defaults to 32 +# Arguments: +# None +# Returns: +# None +# Returns: +# String +######################### +generate_random_string() { + local type="ascii" + local count="32" + local filter + local result + # Validate arguments + while [[ "$#" -gt 0 ]]; do + case "$1" in + -t | --type) + shift + type="$1" + ;; + -c | --count) + shift + count="$1" + ;; + *) + echo "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + # Validate type + case "$type" in + ascii) + filter="[:print:]" + ;; + numeric) + filter="0-9" + ;; + alphanumeric) + filter="a-zA-Z0-9" + ;; + alphanumeric+special|special+alphanumeric) + # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters + # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex + filter='a-zA-Z0-9:@.,/+!=' + ;; + *) + echo "Invalid type ${type}" >&2 + return 1 + ;; + esac + # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size + # Note there is a very small chance of strings starting with EOL character + # Therefore, the higher amount of lines read, this will happen less frequently + result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" + echo "$result" +} + +######################## +# Create md5 hash from a string +# Arguments: +# $1 - string +# Returns: +# md5 hash - string +######################### +generate_md5_hash() { + local -r str="${1:?missing input string}" + echo -n "$str" | md5sum | awk '{print $1}' +} + +######################## +# Create sha1 hash from a string +# Arguments: +# $1 - string +# $2 - algorithm - 1 (default), 224, 256, 384, 512 +# Returns: +# sha1 hash - string +######################### +generate_sha_hash() { + local -r str="${1:?missing input string}" + local -r algorithm="${2:-1}" + echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' +} + +######################## +# Converts a string to its hexadecimal representation +# Arguments: +# $1 - string +# Returns: +# hexadecimal representation of the string +######################### +convert_to_hex() { + local -r str=${1:?missing input string} + local -i iterator + local char + for ((iterator = 0; iterator < ${#str}; iterator++)); do + char=${str:iterator:1} + printf '%x' "'${char}" + done +} + +######################## +# Get boot time +# Globals: +# None +# Arguments: +# None +# Returns: +# Boot time metadata +######################### +get_boot_time() { + stat /proc --format=%Y +} + +######################## +# Get machine ID +# Globals: +# None +# Arguments: +# None +# Returns: +# Machine ID +######################### +get_machine_id() { + local machine_id + if [[ -f /etc/machine-id ]]; then + machine_id="$(cat /etc/machine-id)" + fi + if [[ -z "$machine_id" ]]; then + # Fallback to the boot-time, which will at least ensure a unique ID in the current session + machine_id="$(get_boot_time)" + fi + echo "$machine_id" +} + +######################## +# Get the root partition's disk device ID (e.g. /dev/sda1) +# Globals: +# None +# Arguments: +# None +# Returns: +# Root partition disk ID +######################### +get_disk_device_id() { + local device_id="" + if grep -q ^/dev /proc/mounts; then + device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" + fi + # If it could not be autodetected, fallback to /dev/sda1 as a default + if [[ -z "$device_id" || ! -b "$device_id" ]]; then + device_id="/dev/sda1" + fi + echo "$device_id" +} + +######################## +# Get the root disk device ID (e.g. /dev/sda) +# Globals: +# None +# Arguments: +# None +# Returns: +# Root disk ID +######################### +get_root_disk_device_id() { + get_disk_device_id | sed -E 's/p?[0-9]+$//' +} + +######################## +# Get the root disk size in bytes +# Globals: +# None +# Arguments: +# None +# Returns: +# Root disk size in bytes +######################### +get_root_disk_size() { + fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true +} + +######################## +# Run command as a specific user and group (optional) +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +run_as_user() { + run_chroot "$@" +} + +######################## +# Execute command as a specific user and group (optional), +# replacing the current process image +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +exec_as_user() { + run_chroot --replace-process "$@" +} + +######################## +# Run a command using chroot +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Flags: +# -r | --replace-process - Replace the current process image (optional) +# Returns: +# Exit code of the specified command +######################### +run_chroot() { + local userspec + local user + local homedir + local replace=false + local -r cwd="$(pwd)" + + # Parse and validate flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -r | --replace-process) + replace=true + ;; + --) + shift + break + ;; + -*) + stderr_print "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + # Parse and validate arguments + if [[ "$#" -lt 2 ]]; then + echo "expected at least 2 arguments" + return 1 + else + userspec=$1 + shift + + # userspec can optionally include the group, so we parse the user + user=$(echo "$userspec" | cut -d':' -f1) + fi + + if ! am_i_root; then + error "Could not switch to '${userspec}': Operation not permitted" + return 1 + fi + + # Get the HOME directory for the user to switch, as chroot does + # not properly update this env and some scripts rely on it + homedir=$(eval echo "~${user}") + if [[ ! -d $homedir ]]; then + homedir="${HOME:-/}" + fi + + # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion + if [[ "$replace" = true ]]; then + exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + else + chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + fi +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libpersistence.sh new file mode 100644 index 0000000000000..18445e7d27fa3 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libpersistence.sh @@ -0,0 +1,124 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Bitnami persistence library +# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic + +# shellcheck disable=SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/libfs.sh +. /opt/bitnami/scripts/libos.sh +. /opt/bitnami/scripts/liblog.sh +. /opt/bitnami/scripts/libversion.sh + +# Functions + +######################## +# Persist an application directory +# Globals: +# BITNAMI_ROOT_DIR +# BITNAMI_VOLUME_DIR +# Arguments: +# $1 - App folder name +# $2 - List of app files to persist +# Returns: +# true if all steps succeeded, false otherwise +######################### +persist_app() { + local -r app="${1:?missing app}" + local -a files_to_restore + read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" + local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" + local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" + # Persist the individual files + if [[ "${#files_to_persist[@]}" -le 0 ]]; then + warn "No files are configured to be persisted" + return + fi + pushd "$install_dir" >/dev/null || exit + local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder + local -r tmp_file="/tmp/perms.acl" + for file_to_persist in "${files_to_persist[@]}"; do + if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then + error "Cannot persist '${file_to_persist}' because it does not exist" + return 1 + fi + file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" + file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" + file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" + # Get original permissions for existing files, which will be applied later + # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume + getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" + # Copy directories to the volume + ensure_dir_exists "$file_to_persist_destination_folder" + cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" + # Restore permissions + pushd "$persist_dir" >/dev/null || exit + if am_i_root; then + setfacl --restore="$tmp_file" + else + # When running as non-root, don't change ownership + setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") + fi + popd >/dev/null || exit + done + popd >/dev/null || exit + rm -f "$tmp_file" + # Install the persisted files into the installation directory, via symlinks + restore_persisted_app "$@" +} + +######################## +# Restore a persisted application directory +# Globals: +# BITNAMI_ROOT_DIR +# BITNAMI_VOLUME_DIR +# FORCE_MAJOR_UPGRADE +# Arguments: +# $1 - App folder name +# $2 - List of app files to restore +# Returns: +# true if all steps succeeded, false otherwise +######################### +restore_persisted_app() { + local -r app="${1:?missing app}" + local -a files_to_restore + read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" + local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" + local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" + # Restore the individual persisted files + if [[ "${#files_to_restore[@]}" -le 0 ]]; then + warn "No persisted files are configured to be restored" + return + fi + local file_to_restore_relative file_to_restore_origin file_to_restore_destination + for file_to_restore in "${files_to_restore[@]}"; do + file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" + # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed + file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" + file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" + rm -rf "$file_to_restore_origin" + ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" + done +} + +######################## +# Check if an application directory was already persisted +# Globals: +# BITNAMI_VOLUME_DIR +# Arguments: +# $1 - App folder name +# Returns: +# true if all steps succeeded, false otherwise +######################### +is_app_initialized() { + local -r app="${1:?missing app}" + local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" + if ! is_mounted_dir_empty "$persist_dir"; then + true + else + false + fi +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libservice.sh new file mode 100644 index 0000000000000..1f9b33096b026 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libservice.sh @@ -0,0 +1,496 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for managing services + +# shellcheck disable=SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/libvalidations.sh +. /opt/bitnami/scripts/liblog.sh + +# Functions + +######################## +# Read the provided pid file and returns a PID +# Arguments: +# $1 - Pid file +# Returns: +# PID +######################### +get_pid_from_file() { + local pid_file="${1:?pid file is missing}" + + if [[ -f "$pid_file" ]]; then + if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then + echo "$(< "$pid_file")" + fi + fi +} + +######################## +# Check if a provided PID corresponds to a running service +# Arguments: +# $1 - PID +# Returns: +# Boolean +######################### +is_service_running() { + local pid="${1:?pid is missing}" + + kill -0 "$pid" 2>/dev/null +} + +######################## +# Stop a service by sending a termination signal to its pid +# Arguments: +# $1 - Pid file +# $2 - Signal number (optional) +# Returns: +# None +######################### +stop_service_using_pid() { + local pid_file="${1:?pid file is missing}" + local signal="${2:-}" + local pid + + pid="$(get_pid_from_file "$pid_file")" + [[ -z "$pid" ]] || ! is_service_running "$pid" && return + + if [[ -n "$signal" ]]; then + kill "-${signal}" "$pid" + else + kill "$pid" + fi + + local counter=10 + while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do + sleep 1 + counter=$((counter - 1)) + done +} + +######################## +# Start cron daemon +# Arguments: +# None +# Returns: +# true if started correctly, false otherwise +######################### +cron_start() { + if [[ -x "/usr/sbin/cron" ]]; then + /usr/sbin/cron + elif [[ -x "/usr/sbin/crond" ]]; then + /usr/sbin/crond + else + false + fi +} + +######################## +# Generate a cron configuration file for a given service +# Arguments: +# $1 - Service name +# $2 - Command +# Flags: +# --run-as - User to run as (default: root) +# --schedule - Cron schedule configuration (default: * * * * *) +# Returns: +# None +######################### +generate_cron_conf() { + local service_name="${1:?service name is missing}" + local cmd="${2:?command is missing}" + local run_as="root" + local schedule="* * * * *" + local clean="true" + + # Parse optional CLI flags + shift 2 + while [[ "$#" -gt 0 ]]; do + case "$1" in + --run-as) + shift + run_as="$1" + ;; + --schedule) + shift + schedule="$1" + ;; + --no-clean) + clean="false" + ;; + *) + echo "Invalid command line flag ${1}" >&2 + return 1 + ;; + esac + shift + done + + mkdir -p /etc/cron.d + if "$clean"; then + cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" + fi +} + +######################## +# Remove a cron configuration file for a given service +# Arguments: +# $1 - Service name +# Returns: +# None +######################### +remove_cron_conf() { + local service_name="${1:?service name is missing}" + local cron_conf_dir="/etc/monit/conf.d" + rm -f "${cron_conf_dir}/${service_name}" +} + +######################## +# Generate a monit configuration file for a given service +# Arguments: +# $1 - Service name +# $2 - Pid file +# $3 - Start command +# $4 - Stop command +# Flags: +# --disable - Whether to disable the monit configuration +# Returns: +# None +######################### +generate_monit_conf() { + local service_name="${1:?service name is missing}" + local pid_file="${2:?pid file is missing}" + local start_command="${3:?start command is missing}" + local stop_command="${4:?stop command is missing}" + local monit_conf_dir="/etc/monit/conf.d" + local disabled="no" + + # Parse optional CLI flags + shift 4 + while [[ "$#" -gt 0 ]]; do + case "$1" in + --disable) + disabled="yes" + ;; + *) + echo "Invalid command line flag ${1}" >&2 + return 1 + ;; + esac + shift + done + + is_boolean_yes "$disabled" && conf_suffix=".disabled" + mkdir -p "$monit_conf_dir" + cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 + return 1 + ;; + esac + shift + done + + mkdir -p "$logrotate_conf_dir" + cat < "${logrotate_conf_dir}/${service_name}" +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 + +${log_path} { + ${period} + rotate ${rotations} + dateext + compress + copytruncate + missingok +$(indent "$extra" 2) +} +EOF +} + +######################## +# Remove a logrotate configuration file +# Arguments: +# $1 - Service name +# Returns: +# None +######################### +remove_logrotate_conf() { + local service_name="${1:?service name is missing}" + local logrotate_conf_dir="/etc/logrotate.d" + rm -f "${logrotate_conf_dir}/${service_name}" +} + +######################## +# Generate a Systemd configuration file +# Arguments: +# $1 - Service name +# Flags: +# --custom-service-content - Custom content to add to the [service] block +# --environment - Environment variable to define (multiple --environment options may be passed) +# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) +# --exec-start - Start command (required) +# --exec-start-pre - Pre-start command (optional) +# --exec-start-post - Post-start command (optional) +# --exec-stop - Stop command (optional) +# --exec-reload - Reload command (optional) +# --group - System group to start the service with +# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) +# --restart - When to restart the Systemd service after being stopped (defaults to always) +# --pid-file - Service PID file +# --standard-output - File where to print stdout output +# --standard-error - File where to print stderr output +# --success-exit-status - Exit code that indicates a successful shutdown +# --type - Systemd unit type (defaults to forking) +# --user - System user to start the service with +# --working-directory - Working directory at which to start the service +# Returns: +# None +######################### +generate_systemd_conf() { + local -r service_name="${1:?service name is missing}" + local -r systemd_units_dir="/etc/systemd/system" + local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" + # Default values + local name="$service_name" + local type="forking" + local user="" + local group="" + local environment="" + local environment_file="" + local exec_start="" + local exec_start_pre="" + local exec_start_post="" + local exec_stop="" + local exec_reload="" + local restart="always" + local pid_file="" + local standard_output="journal" + local standard_error="" + local limits_content="" + local success_exit_status="" + local custom_service_content="" + local working_directory="" + # Parse CLI flags + shift + while [[ "$#" -gt 0 ]]; do + case "$1" in + --name \ + | --type \ + | --user \ + | --group \ + | --exec-start \ + | --exec-stop \ + | --exec-reload \ + | --restart \ + | --pid-file \ + | --standard-output \ + | --standard-error \ + | --success-exit-status \ + | --custom-service-content \ + | --working-directory \ + ) + var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" + shift + declare "$var_name"="${1:?"${var_name} value is missing"}" + ;; + --limit-*) + [[ -n "$limits_content" ]] && limits_content+=$'\n' + var_name="${1//--limit-}" + shift + limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" + ;; + --exec-start-pre) + shift + [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' + exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" + ;; + --exec-start-post) + shift + [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' + exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" + ;; + --environment) + shift + # It is possible to add multiple environment lines + [[ -n "$environment" ]] && environment+=$'\n' + environment+="Environment=${1:?"--environment value is missing"}" + ;; + --environment-file) + shift + # It is possible to add multiple environment-file lines + [[ -n "$environment_file" ]] && environment_file+=$'\n' + environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" + ;; + *) + echo "Invalid command line flag ${1}" >&2 + return 1 + ;; + esac + shift + done + # Validate inputs + local error="no" + if [[ -z "$exec_start" ]]; then + error "The --exec-start option is required" + error="yes" + fi + if [[ "$error" != "no" ]]; then + return 1 + fi + # Generate the Systemd unit + cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" + fi + if [[ -n "$exec_start_pre" ]]; then + # This variable may contain multiple ExecStartPre= directives + cat >> "$service_file" <<< "$exec_start_pre" + fi + if [[ -n "$exec_start" ]]; then + cat >> "$service_file" <<< "ExecStart=${exec_start}" + fi + if [[ -n "$exec_start_post" ]]; then + # This variable may contain multiple ExecStartPost= directives + cat >> "$service_file" <<< "$exec_start_post" + fi + # Optional stop and reload commands + if [[ -n "$exec_stop" ]]; then + cat >> "$service_file" <<< "ExecStop=${exec_stop}" + fi + if [[ -n "$exec_reload" ]]; then + cat >> "$service_file" <<< "ExecReload=${exec_reload}" + fi + # User and group + if [[ -n "$user" ]]; then + cat >> "$service_file" <<< "User=${user}" + fi + if [[ -n "$group" ]]; then + cat >> "$service_file" <<< "Group=${group}" + fi + # PID file allows to determine if the main process is running properly (for Restart=always) + if [[ -n "$pid_file" ]]; then + cat >> "$service_file" <<< "PIDFile=${pid_file}" + fi + if [[ -n "$restart" ]]; then + cat >> "$service_file" <<< "Restart=${restart}" + fi + # Environment flags + if [[ -n "$environment" ]]; then + # This variable may contain multiple Environment= directives + cat >> "$service_file" <<< "$environment" + fi + if [[ -n "$environment_file" ]]; then + # This variable may contain multiple EnvironmentFile= directives + cat >> "$service_file" <<< "$environment_file" + fi + # Logging + if [[ -n "$standard_output" ]]; then + cat >> "$service_file" <<< "StandardOutput=${standard_output}" + fi + if [[ -n "$standard_error" ]]; then + cat >> "$service_file" <<< "StandardError=${standard_error}" + fi + if [[ -n "$custom_service_content" ]]; then + # This variable may contain multiple miscellaneous directives + cat >> "$service_file" <<< "$custom_service_content" + fi + if [[ -n "$success_exit_status" ]]; then + cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then + true + else + false + fi +} + +######################## +# Check if the provided argument is a boolean or is the string 'yes/true' +# Arguments: +# $1 - Value to check +# Returns: +# Boolean +######################### +is_boolean_yes() { + local -r bool="${1:-}" + # comparison is performed without regard to the case of alphabetic characters + shopt -s nocasematch + if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then + true + else + false + fi +} + +######################## +# Check if the provided argument is a boolean yes/no value +# Arguments: +# $1 - Value to check +# Returns: +# Boolean +######################### +is_yes_no_value() { + local -r bool="${1:-}" + if [[ "$bool" =~ ^(yes|no)$ ]]; then + true + else + false + fi +} + +######################## +# Check if the provided argument is a boolean true/false value +# Arguments: +# $1 - Value to check +# Returns: +# Boolean +######################### +is_true_false_value() { + local -r bool="${1:-}" + if [[ "$bool" =~ ^(true|false)$ ]]; then + true + else + false + fi +} + +######################## +# Check if the provided argument is a boolean 1/0 value +# Arguments: +# $1 - Value to check +# Returns: +# Boolean +######################### +is_1_0_value() { + local -r bool="${1:-}" + if [[ "$bool" =~ ^[10]$ ]]; then + true + else + false + fi +} + +######################## +# Check if the provided argument is an empty string or not defined +# Arguments: +# $1 - Value to check +# Returns: +# Boolean +######################### +is_empty_value() { + local -r val="${1:-}" + if [[ -z "$val" ]]; then + true + else + false + fi +} + +######################## +# Validate if the provided argument is a valid port +# Arguments: +# $1 - Port to validate +# Returns: +# Boolean and error message +######################### +validate_port() { + local value + local unprivileged=0 + + # Parse flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -unprivileged) + unprivileged=1 + ;; + --) + shift + break + ;; + -*) + stderr_print "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + if [[ "$#" -gt 1 ]]; then + echo "too many arguments provided" + return 2 + elif [[ "$#" -eq 0 ]]; then + stderr_print "missing port argument" + return 1 + else + value=$1 + fi + + if [[ -z "$value" ]]; then + echo "the value is empty" + return 1 + else + if ! is_int "$value"; then + echo "value is not an integer" + return 2 + elif [[ "$value" -lt 0 ]]; then + echo "negative value provided" + return 2 + elif [[ "$value" -gt 65535 ]]; then + echo "requested port is greater than 65535" + return 2 + elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then + echo "privileged port requested" + return 3 + fi + fi +} + +######################## +# Validate if the provided argument is a valid IPv6 address +# Arguments: +# $1 - IP to validate +# Returns: +# Boolean +######################### +validate_ipv6() { + local ip="${1:?ip is missing}" + local stat=1 + local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' + local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' + + if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then + stat=0 + fi + return $stat +} + +######################## +# Validate if the provided argument is a valid IPv4 address +# Arguments: +# $1 - IP to validate +# Returns: +# Boolean +######################### +validate_ipv4() { + local ip="${1:?ip is missing}" + local stat=1 + + if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then + read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" + [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ + && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] + stat=$? + fi + return $stat +} + +######################## +# Validate if the provided argument is a valid IPv4 or IPv6 address +# Arguments: +# $1 - IP to validate +# Returns: +# Boolean +######################### +validate_ip() { + local ip="${1:?ip is missing}" + local stat=1 + + if validate_ipv4 "$ip"; then + stat=0 + else + stat=$(validate_ipv6 "$ip") + fi + return $stat +} + +######################## +# Validate a string format +# Arguments: +# $1 - String to validate +# Returns: +# Boolean +######################### +validate_string() { + local string + local min_length=-1 + local max_length=-1 + + # Parse flags + while [ "$#" -gt 0 ]; do + case "$1" in + -min-length) + shift + min_length=${1:-} + ;; + -max-length) + shift + max_length=${1:-} + ;; + --) + shift + break + ;; + -*) + stderr_print "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + if [ "$#" -gt 1 ]; then + stderr_print "too many arguments provided" + return 2 + elif [ "$#" -eq 0 ]; then + stderr_print "missing string" + return 1 + else + string=$1 + fi + + if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then + echo "string length is less than $min_length" + return 1 + fi + if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then + echo "string length is great than $max_length" + return 1 + fi +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libversion.sh new file mode 100644 index 0000000000000..f0d5a5cd33892 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libversion.sh @@ -0,0 +1,51 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for managing versions strings + +# shellcheck disable=SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/liblog.sh + +# Functions +######################## +# Gets semantic version +# Arguments: +# $1 - version: string to extract major.minor.patch +# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch +# Returns: +# array with the major, minor and release +######################### +get_sematic_version () { + local version="${1:?version is required}" + local section="${2:?section is required}" + local -a version_sections + + #Regex to parse versions: x.y.z + local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' + + if [[ "$version" =~ $regex ]]; then + local i=1 + local j=1 + local n=${#BASH_REMATCH[*]} + + while [[ $i -lt $n ]]; do + if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then + version_sections[j]="${BASH_REMATCH[$i]}" + ((j++)) + fi + ((i++)) + done + + local number_regex='^[0-9]+$' + if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then + echo "${version_sections[$section]}" + return + else + stderr_print "Section allowed values are: 1, 2, and 3" + return 1 + fi + fi +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libwebserver.sh new file mode 100644 index 0000000000000..acb84fc2339bb --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/opt/bitnami/scripts/libwebserver.sh @@ -0,0 +1,476 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Bitnami web server handler library + +# shellcheck disable=SC1090,SC1091 + +# Load generic libraries +. /opt/bitnami/scripts/liblog.sh + +######################## +# Execute a command (or list of commands) with the web server environment and library loaded +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +web_server_execute() { + local -r web_server="${1:?missing web server}" + shift + # Run program in sub-shell to avoid web server environment getting loaded when not necessary + ( + . "/opt/bitnami/scripts/lib${web_server}.sh" + . "/opt/bitnami/scripts/${web_server}-env.sh" + "$@" + ) +} + +######################## +# Prints the list of enabled web servers +# Globals: +# None +# Arguments: +# None +# Returns: +# None +######################### +web_server_list() { + local -r -a supported_web_servers=(apache nginx) + local -a existing_web_servers=() + for web_server in "${supported_web_servers[@]}"; do + [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") + done + echo "${existing_web_servers[@]:-}" +} + +######################## +# Prints the currently-enabled web server type (only one, in order of preference) +# Globals: +# None +# Arguments: +# None +# Returns: +# None +######################### +web_server_type() { + local -a web_servers + read -r -a web_servers <<< "$(web_server_list)" + echo "${web_servers[0]:-}" +} + +######################## +# Validate that a supported web server is configured +# Globals: +# None +# Arguments: +# None +# Returns: +# None +######################### +web_server_validate() { + local error_code=0 + local supported_web_servers=("apache" "nginx") + + # Auxiliary functions + print_validation_error() { + error "$1" + error_code=1 + } + + if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then + print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" + elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then + print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." + fi + + return "$error_code" +} + +######################## +# Check whether the web server is running +# Globals: +# * +# Arguments: +# None +# Returns: +# true if the web server is running, false otherwise +######################### +is_web_server_running() { + "is_$(web_server_type)_running" +} + +######################## +# Start web server +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +web_server_start() { + info "Starting $(web_server_type) in background" + if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then + systemctl start "bitnami.$(web_server_type).service" + else + "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" + fi +} + +######################## +# Stop web server +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +web_server_stop() { + info "Stopping $(web_server_type)" + if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then + systemctl stop "bitnami.$(web_server_type).service" + else + "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" + fi +} + +######################## +# Restart web server +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +web_server_restart() { + info "Restarting $(web_server_type)" + if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then + systemctl restart "bitnami.$(web_server_type).service" + else + "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" + fi +} + +######################## +# Reload web server +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +web_server_reload() { + if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then + systemctl reload "bitnami.$(web_server_type).service" + else + "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" + fi +} + +######################## +# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) +# It serves as a wrapper for the specific web server function +# Globals: +# * +# Arguments: +# $1 - App name +# Flags: +# --type - Application type, which has an effect on which configuration template to use +# --hosts - Host listen addresses +# --server-name - Server name +# --server-aliases - Server aliases +# --allow-remote-connections - Whether to allow remote connections or to require local connections +# --disable - Whether to render server configurations with a .disabled prefix +# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix +# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix +# --http-port - HTTP port number +# --https-port - HTTPS port number +# --document-root - Path to document root directory +# Apache-specific flags: +# --apache-additional-configuration - Additional vhost configuration (no default) +# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) +# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) +# --apache-before-vhost-configuration - Configuration to add before the directive (no default) +# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) +# --apache-extra-directory-configuration - Extra configuration for the document root directory +# --apache-proxy-address - Address where to proxy requests +# --apache-proxy-configuration - Extra configuration for the proxy +# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost +# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost +# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) +# NGINX-specific flags: +# --nginx-additional-configuration - Additional server block configuration (no default) +# --nginx-external-configuration - Configuration external to server block (no default) +# Returns: +# true if the configuration was enabled, false otherwise +######################## +ensure_web_server_app_configuration_exists() { + local app="${1:?missing app}" + shift + local -a apache_args nginx_args web_servers args_var + apache_args=("$app") + nginx_args=("$app") + # Validate arguments + while [[ "$#" -gt 0 ]]; do + case "$1" in + # Common flags + --disable \ + | --disable-http \ + | --disable-https \ + ) + apache_args+=("$1") + nginx_args+=("$1") + ;; + --hosts \ + | --server-name \ + | --server-aliases \ + | --type \ + | --allow-remote-connections \ + | --http-port \ + | --https-port \ + | --document-root \ + ) + apache_args+=("$1" "${2:?missing value}") + nginx_args+=("$1" "${2:?missing value}") + shift + ;; + + # Specific Apache flags + --apache-additional-configuration \ + | --apache-additional-http-configuration \ + | --apache-additional-https-configuration \ + | --apache-before-vhost-configuration \ + | --apache-allow-override \ + | --apache-extra-directory-configuration \ + | --apache-proxy-address \ + | --apache-proxy-configuration \ + | --apache-proxy-http-configuration \ + | --apache-proxy-https-configuration \ + | --apache-move-htaccess \ + ) + apache_args+=("${1//apache-/}" "${2:?missing value}") + shift + ;; + + # Specific NGINX flags + --nginx-additional-configuration \ + | --nginx-external-configuration) + nginx_args+=("${1//nginx-/}" "${2:?missing value}") + shift + ;; + + *) + echo "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + read -r -a web_servers <<< "$(web_server_list)" + for web_server in "${web_servers[@]}"; do + args_var="${web_server}_args[@]" + web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" + done +} + +######################## +# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) +# It serves as a wrapper for the specific web server function +# Globals: +# * +# Arguments: +# $1 - App name +# Returns: +# true if the configuration was disabled, false otherwise +######################## +ensure_web_server_app_configuration_not_exists() { + local app="${1:?missing app}" + local -a web_servers + read -r -a web_servers <<< "$(web_server_list)" + for web_server in "${web_servers[@]}"; do + web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" + done +} + +######################## +# Ensure the web server loads the configuration for an application in a URL prefix +# It serves as a wrapper for the specific web server function +# Globals: +# * +# Arguments: +# $1 - App name +# Flags: +# --allow-remote-connections - Whether to allow remote connections or to require local connections +# --document-root - Path to document root directory +# --prefix - URL prefix from where it will be accessible (i.e. /myapp) +# --type - Application type, which has an effect on what configuration template will be used +# Apache-specific flags: +# --apache-additional-configuration - Additional vhost configuration (no default) +# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') +# --apache-extra-directory-configuration - Extra configuration for the document root directory +# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup +# NGINX-specific flags: +# --nginx-additional-configuration - Additional server block configuration (no default) +# Returns: +# true if the configuration was enabled, false otherwise +######################## +ensure_web_server_prefix_configuration_exists() { + local app="${1:?missing app}" + shift + local -a apache_args nginx_args web_servers args_var + apache_args=("$app") + nginx_args=("$app") + # Validate arguments + while [[ "$#" -gt 0 ]]; do + case "$1" in + # Common flags + --allow-remote-connections \ + | --document-root \ + | --prefix \ + | --type \ + ) + apache_args+=("$1" "${2:?missing value}") + nginx_args+=("$1" "${2:?missing value}") + shift + ;; + + # Specific Apache flags + --apache-additional-configuration \ + | --apache-allow-override \ + | --apache-extra-directory-configuration \ + | --apache-move-htaccess \ + ) + apache_args+=("${1//apache-/}" "$2") + shift + ;; + + # Specific NGINX flags + --nginx-additional-configuration) + nginx_args+=("${1//nginx-/}" "$2") + shift + ;; + + *) + echo "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + read -r -a web_servers <<< "$(web_server_list)" + for web_server in "${web_servers[@]}"; do + args_var="${web_server}_args[@]" + web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" + done +} + +######################## +# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) +# It serves as a wrapper for the specific web server function +# Globals: +# * +# Arguments: +# $1 - App name +# Flags: +# --hosts - Host listen addresses +# --server-name - Server name +# --server-aliases - Server aliases +# --enable-http - Enable HTTP app configuration (if not enabled already) +# --enable-https - Enable HTTPS app configuration (if not enabled already) +# --disable-http - Disable HTTP app configuration (if not disabled already) +# --disable-https - Disable HTTPS app configuration (if not disabled already) +# --http-port - HTTP port number +# --https-port - HTTPS port number +# Returns: +# true if the configuration was updated, false otherwise +######################## +web_server_update_app_configuration() { + local app="${1:?missing app}" + shift + local -a args web_servers + args=("$app") + # Validate arguments + while [[ "$#" -gt 0 ]]; do + case "$1" in + # Common flags + --enable-http \ + | --enable-https \ + | --disable-http \ + | --disable-https \ + ) + args+=("$1") + ;; + --hosts \ + | --server-name \ + | --server-aliases \ + | --http-port \ + | --https-port \ + ) + args+=("$1" "${2:?missing value}") + shift + ;; + + *) + echo "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + read -r -a web_servers <<< "$(web_server_list)" + for web_server in "${web_servers[@]}"; do + web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" + done +} + +######################## +# Enable loading page, which shows users that the initialization process is not yet completed +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +web_server_enable_loading_page() { + ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ + --apache-additional-configuration " +# Show a HTTP 503 Service Unavailable page by default +RedirectMatch 503 ^/$ +# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes +ErrorDocument 404 /index.html +ErrorDocument 503 /index.html" \ + --nginx-additional-configuration " +# Show a HTTP 503 Service Unavailable page by default +location / { + return 503; +} +# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes +error_page 404 @installing; +error_page 503 @installing; +location @installing { + rewrite ^(.*)$ /index.html break; +}" + web_server_reload +} + +######################## +# Enable loading page, which shows users that the initialization process is not yet completed +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +web_server_disable_install_page() { + ensure_web_server_app_configuration_not_exists "__loading" + web_server_reload +} diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/usr/sbin/install_packages b/bitnami/scylladb/6.2/debian-12/prebuildfs/usr/sbin/install_packages new file mode 100755 index 0000000000000..ccce248b2d141 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/usr/sbin/install_packages @@ -0,0 +1,27 @@ +#!/bin/sh +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +set -eu + +n=0 +max=2 +export DEBIAN_FRONTEND=noninteractive + +until [ $n -gt $max ]; do + set +e + ( + apt-get update -qq && + apt-get install -y --no-install-recommends "$@" + ) + CODE=$? + set -e + if [ $CODE -eq 0 ]; then + break + fi + if [ $n -eq $max ]; then + exit $CODE + fi + echo "apt failed, retrying" + n=$(($n + 1)) +done +apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/scylladb/6.2/debian-12/prebuildfs/usr/sbin/run-script b/bitnami/scylladb/6.2/debian-12/prebuildfs/usr/sbin/run-script new file mode 100755 index 0000000000000..0e07c9038dfde --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/prebuildfs/usr/sbin/run-script @@ -0,0 +1,24 @@ +#!/bin/sh +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +set -u + +if [ $# -eq 0 ]; then + >&2 echo "No arguments provided" + exit 1 +fi + +script=$1 +exit_code="${2:-96}" +fail_if_not_present="${3:-n}" + +if test -f "$script"; then + sh $script + + if [ $? -ne 0 ]; then + exit $((exit_code)) + fi +elif [ "$fail_if_not_present" = "y" ]; then + >&2 echo "script not found: $script" + exit 127 +fi diff --git a/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/java/entrypoint.sh new file mode 100755 index 0000000000000..8557631d25490 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/java/entrypoint.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 + +# shellcheck disable=SC1091 + +set -o errexit +set -o nounset +set -o pipefail +# set -o xtrace # Uncomment this line for debugging purposes + +# Load libraries +. /opt/bitnami/scripts/libbitnami.sh +. /opt/bitnami/scripts/liblog.sh + +print_welcome_page + +echo "" +exec "$@" diff --git a/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/java/postunpack.sh new file mode 100755 index 0000000000000..c15af32e2f773 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/java/postunpack.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 + +# shellcheck disable=SC1091 + +set -o errexit +set -o nounset +set -o pipefail +# set -o xtrace # Uncomment this line for debugging purposes + +# Load libraries +. /opt/bitnami/scripts/libfile.sh +. /opt/bitnami/scripts/liblog.sh + +# +# Java post-unpack operations +# + +# Override default files in the Java security directory. This is used for +# custom base images (with custom CA certificates or block lists is used) + +if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then + info "Adding custom CAs to the Java security folder" + cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security +fi diff --git a/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/libscylladb.sh b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/libscylladb.sh new file mode 100644 index 0000000000000..7bf0faedc229d --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/libscylladb.sh @@ -0,0 +1,1322 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for ScyllaDB + +cassandra_validate_tls() { + info "Validating TLS settings in DB_* env vars.." + local error_code=0 + + # Auxiliary functions + print_validation_error() { + error "$1" + error_code=1 + } + + check_empty_value() { + if is_empty_value "${!1}"; then + print_validation_error "The $1 environment variable is empty or not set." + fi + } + + check_default_password() { + if [[ "${!1}" = "cassandra" ]]; then + warn "You set the environment variable $1=cassandra. This is the default value when bootstrapping ScyllaDB and should not be used in production environments." + fi + } + if is_boolean_yes "$DB_CLIENT_ENCRYPTION" || is_boolean_yes "$DB_INTERNODE_ENCRYPTION"; then + ! [[ -f "$DB_SSL_CERT_FILE" ]] && print_validation_error "Certificate file $DB_SSL_CERT_FILE does not exist. Please mount a certificate file in that location" + ! [[ -f "$DB_SSL_KEY_FILE" ]] && print_validation_error "Certificate key file $DB_SSL_KEY_FILE does not exist. Please mount a certificate file in that location" + fi + + [[ "$error_code" -eq 0 ]] || exit "$error_code" + +} + +######################## +# Enable client encryption in configuration +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_enable_client_encryption() { + local cassandra_config + cassandra_config="$(sed -E "/client_encryption_options:.*/ {N; s/client_encryption_options:[^\n]*(\n\s+#.*)?(\n)# (\s+enabled:).*/client_encryption_options:\1\2\3 $DB_CLIENT_ENCRYPTION/g}" "$DB_CONF_FILE")" + echo "$cassandra_config" >"$DB_CONF_FILE" +} + +######################## +# Configure Cassandra configuration files from environment variables +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_from_environment_variables() { + # Map environment variables to config properties for cassandra-env.sh + for var in "${!SCYLLADB_CFG_ENV_@}"; do + # shellcheck disable=SC2001 + key="$(echo "$var" | sed -e 's/^SCYLLADB_CFG_ENV_//g')" + value="${!var}" + cassandra_env_conf_set "$key" "$value" + done + # Map environment variables to config properties for cassandra-rackdc.properties + for var in "${!SCYLLADB_CFG_RACKDC_@}"; do + key="$(echo "$var" | sed -e 's/^SCYLLADB_CFG_RACKDC_//g' | tr '[:upper:]' '[:lower:]')" + value="${!var}" + cassandra_rackdc_conf_set "$key" "$value" + done + # Map environment variables to config properties for commitlog_archiving.properties + for var in "${!SCYLLADB_CFG_COMMITLOG_@}"; do + key="$(echo "$var" | sed -e 's/^SCYLLADB_CFG_COMMITLOG_//g' | tr '[:upper:]' '[:lower:]')" + value="${!var}" + cassandra_commitlog_conf_set "$key" "$value" + done + if ! cassandra_is_file_external "$DB_MOUNTED_CONF_PATH"; then + # Map environment variables to config properties for configuration file + for var in "${!SCYLLADB_CFG_YAML_@}"; do + # shellcheck disable=SC2001 + key="$(echo "$var" | sed -e 's/^SCYLLADB_CFG_YAML_//g' | tr '[:upper:]' '[:lower:]')" + value="${!var}" + cassandra_yaml_set "$key" "$value" + done + else + debug "$DB_MOUNTED_CONF_PATH mounted. Skipping data directory configuration" + fi +} + +######################## +# Generate client configuration +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_client_ssl() { + # In the case of scylladb, we do not need to generate any keyfile. Maintaining + # this function so we do not have to change the common cassandra initialization logic + debug "ScyllaDB does not use java keystore/truststores, so we do not need to perform conversion" +} + +######################## +# Configure TLS certificates in configuration file +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_configure_certificates() { + cassandra_yaml_set "certificate" "$DB_SSL_CERT_FILE" + cassandra_yaml_set "keyfile" "$DB_SSL_KEY_FILE" + if ! is_empty_value "$DB_SSL_CA_FILE"; then + cassandra_yaml_set "truststore" "$DB_SSL_CA_FILE" + fi +} + +######################## +# Configure port binding (modifies scylla.yaml and cassandra-env.sh if not mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_ports() { + cassandra_setup_common_ports + if ! cassandra_is_file_external "${DB_MOUNTED_CONF_PATH}"; then + cassandra_yaml_set "native_shard_aware_transport_port" "$SCYLLADB_CQL_SHARD_PORT_NUMBER" "no" + cassandra_yaml_set "api_port" "$SCYLLADB_API_PORT_NUMBER" "no" + cassandra_yaml_set "prometheus_port" "$SCYLLADB_PROMETHEUS_PORT_NUMBER" "no" + else + debug "${DB_MOUNTED_CONF_PATH} mounted. Skipping native shard aware and api ports configuration" + fi +} + +######################## +# Start ScyllaDB and wait until it is ready +# Globals: +# DB_* +# Arguments: +# $1 - Log file to write (default /dev/stdout) +# $2 - Maximum number of retries (default $DB_INIT_MAX_RETRIES) +# $3 - Sleep time during retries (default $DB_INIT_SLEEP_TIME) +# Returns: +# None +######################### +cassandra_start_bg() { + local -r logger="${1:-/dev/stdout}" + local -r retries="${2:-$DB_INIT_MAX_RETRIES}" + local -r sleep_time="${3:-$DB_INIT_SLEEP_TIME}" + + info "Starting $DB_FLAVOR" + local -r cmd=("$DB_BIN_DIR/scylla") + local args=("--options-file" "$DB_CONF_FILE") + if is_boolean_yes "$SCYLLADB_DEVELOPER_MODE"; then + args+=("--developer-mode" "true") + fi + + if am_i_root; then + run_as_user "$DB_DAEMON_USER" "${cmd[@]}" "${args[@]}" >"$logger" 2>&1 & + else + "${cmd[@]}" "${args[@]}" >"$logger" 2>&1 & + fi + + echo $! >"$DB_PID_FILE" + + info "Checking that it started up correctly" + + if [[ "$logger" != "/dev/stdout" ]]; then + am_i_root && chown "$DB_DAEMON_USER":"$DB_DAEMON_GROUP" "$logger" + wait_for_cql_log_entry "$logger" "$retries" "$sleep_time" + fi + if is_boolean_yes "$SCYLLADB_RUN_JMX_PROXY"; then + local -r jmx_proxy_cmd=("$DB_BASE_DIR/supervisor/scylla-jmx.sh") + if am_i_root; then + run_as_user "$DB_DAEMON_USER" "${jmx_proxy_cmd[@]}" >>"$logger" 2>&1 & + else + "${jmx_proxy_cmd[@]}" >>"$logger" 2>&1 & + fi + echo $! >"$DB_TMP_DIR"/scylla-jmx.pid + wait_for_nodetool_up "$retries" "$sleep_time" + fi +} + +######################## +# Stop ScyllaDB +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_stop() { + ! is_cassandra_running && return + info "Stopping $DB_FLAVOR..." + stop_scylladb() { + stop_service_using_pid "$DB_PID_FILE" + is_cassandra_not_running + } + if ! retry_while "stop_scylladb" "$DB_INIT_MAX_RETRIES" "$DB_INIT_SLEEP_TIME"; then + error "$DB_FLAVOR failed to stop" + exit 1 + fi + # Manually remove PID file + rm -f "$DB_PID_FILE" +} + +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Library for Cassandra common + +# shellcheck disable=SC1090,SC1091 + +# Load Generic Libraries +. /opt/bitnami/scripts/libfile.sh +. /opt/bitnami/scripts/libfs.sh +. /opt/bitnami/scripts/liblog.sh +. /opt/bitnami/scripts/libnet.sh +. /opt/bitnami/scripts/libservice.sh +. /opt/bitnami/scripts/libvalidations.sh +. /opt/bitnami/scripts/libversion.sh + +######################## +# Returns cassandra major version +# Globals: +# CASSANDRA_BASE_DIR +# Arguments: +# None +# Returns: +# None +######################### +cassandra_get_major_version() { + cassandra_version="$("${CASSANDRA_BASE_DIR}/bin/cassandra" -v)" + major_version="$(get_sematic_version "$cassandra_version" 1)" + echo "${major_version:-0}" +} + +######################## +# Change a Cassandra configuration yaml file by setting a property +# Globals: +# DB_* +# Arguments: +# $1 - property +# $2 - value +# $3 - Use quotes in value (default: yes) +# $4 - Path to configuration file (default: $DB_CONF_FILE) +# Returns: +# None +######################### +cassandra_yaml_set() { + local -r property="${1:?missing property}" + local -r value="${2:?missing value}" + local -r use_quotes="${3:-yes}" + local -r conf_file="${4:-$DB_CONF_FILE}" + + if is_boolean_yes "$use_quotes"; then + replace_in_file "$conf_file" "^(\s*)(#\s*)?(\s*)(\-\s*)?${property}:.*" "\1\3\4${property}: '${value}'" + else + replace_in_file "$conf_file" "^(\s*)(#\s*)?(\s*)(\-\s*)?${property}:.*" "\1\3\4${property}: ${value}" + fi +} + +######################### +# Set default Cassandra settings if not set +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_set_default_host() { + if [[ -z "${DB_HOST:-}" ]]; then + warn "DB_HOST not set, defaulting to system hostname" + local -r host="$(hostname)" + export DB_HOST="$host" + export DB_SEEDS="${DB_SEEDS:-$DB_HOST}" + export DB_PEERS="${DB_PEERS:-$DB_SEEDS}" + fi +} + +######################## +# Change a Cassandra configuration yaml file by setting a property as an array +# Globals: +# DB_* +# Arguments: +# $1 - property +# $2 - comma-separated string with the different values +# $3 - Use quotes in value (default: no) +# $4 - Path to configuration file (default: $DB_CONF_FILE) +# Returns: +# None +######################### +cassandra_yaml_set_as_array() { + local -r property="${1:?missing property}" + local -r array="${2:?missing value}" + local -r use_quotes="${3:-no}" + local -r conf_file="${4:-$DB_CONF_FILE}" + local substitution="\2${property}:" + + for value in "${array[@]}"; do + if is_boolean_yes "$use_quotes"; then + substitution+="\n\2 - '${value}'" + else + substitution+="\n\2 - ${value}" + fi + done + replace_in_file "$conf_file" "^(#\s)?(\s*)${property}:.*" "${substitution}" +} + +######################## +# Validate settings in DB_* environment variables +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_validate() { + info "Validating settings in DB_* env vars.." + local error_code=0 + + # Auxiliary functions + print_validation_error() { + error "$1" + error_code=1 + } + + empty_password_enabled_warn() { + warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." + } + + empty_password_warn() { + warn "You've not provided a password. Default password \"cassandra\" will be used. For safety reasons, please provide a secure password in a production environment." + } + + empty_password_error() { + print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." + } + + check_default_password() { + if [[ "${!1}" = "cassandra" ]]; then + warn "You set the environment variable $1=cassandra. This is the default value when bootstrapping $DB_FLAVOR and should not be used in production environments." + fi + } + + check_yes_no_value() { + if ! is_yes_no_value "${!1}"; then + print_validation_error "The allowed values for $1 are [yes, no]" + fi + } + + check_true_false_value() { + if ! is_true_false_value "${!1}"; then + print_validation_error "The allowed values for $1 are [true, false]" + fi + } + + check_conflicting_ports() { + local -r total="$#" + for i in $(seq 1 "$((total - 1))"); do + for j in $(seq "$((i + 1))" "$total"); do + if (("${!i}" == "${!j}")); then + print_validation_error "${!i} and ${!j} are bound to the same port" + fi + done + done + } + + check_allowed_port() { + local validate_port_args=() + ! am_i_root && validate_port_args+=("-unprivileged") + validate_port_args+=("${!1}") + if ! err=$(validate_port "${validate_port_args[@]}"); then + print_validation_error "An invalid port was specified in the environment variable $1: $err" + fi + } + + check_resolved_hostname() { + if ! is_hostname_resolved "$1"; then + warn "Hostname $1 could not be resolved. This could lead to connection issues" + fi + } + + check_positive_value() { + if ! is_positive_int "${!1}"; then + print_validation_error "The variable $1 must be positive integer" + fi + } + + check_empty_value() { + if is_empty_value "${!1}"; then + print_validation_error "The $1 environment variable is empty or not set." + fi + } + + check_password_file() { + if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then + print_validation_error "The variable $1 is defined but the file ${!1} is not accessible or does not exist" + fi + } + + check_password_file DB_PASSWORD_FILE + check_password_file DB_TRUSTSTORE_PASSWORD_FILE + check_password_file DB_KEYSTORE_PASSWORD_FILE + + check_empty_value DB_RACK + check_empty_value DB_DATACENTER + + if [[ -z $DB_PASSWORD ]]; then + if ! is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then + empty_password_warn + export DB_PASSWORD="cassandra" + else + empty_password_enabled_warn + fi + fi + + check_default_password DB_PASSWORD + check_yes_no_value DB_PASSWORD_SEEDER + check_true_false_value DB_ENABLE_REMOTE_CONNECTIONS + check_true_false_value DB_CLIENT_ENCRYPTION + check_true_false_value DB_ENABLE_USER_DEFINED_FUNCTIONS + check_true_false_value DB_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS + check_positive_value DB_NUM_TOKENS + check_positive_value DB_INIT_MAX_RETRIES + check_positive_value DB_CQL_MAX_RETRIES + check_positive_value DB_PEER_CQL_MAX_RETRIES + check_positive_value DB_INIT_SLEEP_TIME + check_positive_value DB_CQL_SLEEP_TIME + check_positive_value DB_PEER_CQL_SLEEP_TIME + check_positive_value DB_CQL_PORT_NUMBER + check_positive_value DB_JMX_PORT_NUMBER + check_positive_value DB_TRANSPORT_PORT_NUMBER + + check_conflicting_ports DB_CQL_PORT_NUMBER DB_JMX_PORT_NUMBER DB_TRANSPORT_PORT_NUMBER + + check_allowed_port DB_CQL_PORT_NUMBER + check_allowed_port DB_TRANSPORT_PORT_NUMBER + check_allowed_port DB_JMX_PORT_NUMBER + + check_resolved_hostname "$DB_HOST" + for peer in ${DB_PEERS//,/ }; do + check_resolved_hostname "$peer" + done + for seed in ${DB_SEEDS//,/ }; do + check_resolved_hostname "$seed" + done + + if [[ ! ${DB_AUTO_SNAPSHOT_TTL} =~ ([1-9]{1}[0-9]{0,}[d|h|m]) ]]; then + print_validation_error "DB_AUTO_SNAPSHOT_TTL accepted units: d (days), h (hours) or m (minutes)" + fi + + check_true_false_value DB_SSL_VALIDATE + check_true_false_value DB_AUTOMATIC_SSTABLE_UPGRADE + + if ((${#DB_PASSWORD} > 512)); then + print_validation_error "The password cannot be longer than 512 characters. Set the environment variable DB_PASSWORD with a shorter value" + fi + + [[ "$error_code" -eq 0 ]] || exit "$error_code" +} + +######################## +# Check if a given configuration file was mounted externally +# Globals: +# DB_* +# Arguments: +# $1 - Filename +# Returns: +# true if the file was mounted externally, false otherwise +######################### +cassandra_is_file_external() { + local -r filename="${1:?file_is_missing}" + if [[ -f "${DB_MOUNTED_CONF_DIR}/${filename}" ]]; then + true + else + false + fi +} + +######################## +# Copy mounted configuration files +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_copy_mounted_config() { + if ! is_dir_empty "$DB_MOUNTED_CONF_DIR"; then + cp -Lr "$DB_MOUNTED_CONF_DIR"/* "$DB_CONF_DIR" + fi +} + +######################## +# Copy default configuration files in case there are no mounted ones +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_copy_default_config() { + local -r tmp_file_list=/tmp/conf_file_list + find "$DB_DEFAULT_CONF_DIR" -type f >$tmp_file_list + while read -r f; do + filename="${f#"${DB_DEFAULT_CONF_DIR}/"}" # Get path with subfolder + dest="${f//$DB_DEFAULT_CONF_DIR/$DB_CONF_DIR}" + if [[ -f "$dest" ]]; then + debug "Found ${filename}. Skipping default" + else + debug "No injected ${filename} file found. Creating default ${filename} file" + # There are conf files in subfolders. We may need to create them + mkdir -p "$(dirname "$dest")" + cp "$f" "$dest" + fi + done <$tmp_file_list + rm "$tmp_file_list" +} + +######################## +# Configure the path to the different data directories (ignored if cassandra.yaml is mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_data_dirs() { + if ! cassandra_is_file_external "${DB_MOUNTED_CONF_PATH}"; then + cassandra_yaml_set_as_array data_file_directories "${DB_DATA_DIR}/data" "$DB_CONF_FILE" + + cassandra_yaml_set commitlog_directory "$DB_COMMITLOG_DIR" + cassandra_yaml_set hints_directory "${DB_DATA_DIR}/hints" + cassandra_yaml_set cdc_raw_directory "${DB_DATA_DIR}/cdc_raw" + cassandra_yaml_set saved_caches_directory "${DB_DATA_DIR}/saved_caches" + else + debug "${DB_MOUNTED_CONF_PATH} mounted. Skipping data directory configuration" + fi +} + +######################## +# Enable password-based authentication (ignored if cassandra.yaml is mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_enable_auth() { + if ! cassandra_is_file_external "${DB_MOUNTED_CONF_PATH}"; then + if [[ "$ALLOW_EMPTY_PASSWORD" = "yes" ]] && [[ -z $DB_PASSWORD ]]; then + if [[ "$DB_FLAVOR" = "scylladb" ]] || [ "$(cassandra_get_major_version)" -lt 5 ]; then + cassandra_yaml_set "authenticator" "AllowAllAuthenticator" + fi + cassandra_yaml_set "authorizer" "AllowAllAuthorizer" + else + if [[ "$DB_FLAVOR" = "cassandra" ]] && [ "$(cassandra_get_major_version)" -ge 5 ]; then + replace_in_file "${DB_CONF_FILE}" "class_name.* AllowAllAuthenticator" "class_name: ${DB_AUTHENTICATOR}" + replace_in_file "${DB_CONF_FILE}" "class_name.* AllowAllAuthorizer" "class_name: ${DB_AUTHORIZER}" + else + cassandra_yaml_set "authenticator" "${DB_AUTHENTICATOR}" + cassandra_yaml_set "authorizer" "${DB_AUTHORIZER}" + fi + fi + else + debug "${DB_MOUNTED_CONF_PATH} mounted. Skipping authentication method configuration" + fi +} + +######################## +# Configure logging settings (ignored if logback.xml is mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_logging() { + if ! cassandra_is_file_external "${DB_MOUNTED_LOGBACK_PATH}"; then + replace_in_file "${DB_LOGBACK_FILE}" "system[.]log" "${DB_FLAVOR}.log" + if [[ "$BITNAMI_DEBUG" = "false" ]]; then + replace_in_file "${DB_LOGBACK_FILE}" "()" "" + fi + else + debug "${DB_MOUNTED_LOGBACK_PATH} mounted. Skipping logging configuration" + fi +} + +######################## +# Configure cluster settings (modifies cassandra.yaml and cassandra-env.sh if not mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_cluster() { + local host="127.0.0.1" + local rpc_address="127.0.0.1" + + if [[ "$DB_ENABLE_REMOTE_CONNECTIONS" = "true" ]]; then + host="$DB_HOST" + rpc_address="0.0.0.0" + fi + # cassandra.yaml changes + if ! cassandra_is_file_external "${DB_MOUNTED_CONF_PATH}"; then + cassandra_yaml_set "num_tokens" "$DB_NUM_TOKENS" "no" + cassandra_yaml_set "cluster_name" "$DB_CLUSTER_NAME" + cassandra_yaml_set "listen_address" "$host" + cassandra_yaml_set "seeds" "$DB_SEEDS" + cassandra_yaml_set "start_rpc" "$DB_ENABLE_RPC" "no" + if [[ "$DB_FLAVOR" = "scylladb" ]]; then + # Ref: https://opensource.docs.scylladb.com/stable/cql/functions.html + cassandra_yaml_set "enable_user_defined_functions" "$DB_ENABLE_USER_DEFINED_FUNCTIONS" "no" + else + # Ref: https://cassandra.apache.org/doc/stable/cassandra/configuration/cass_yaml_file.html#user_defined_functions_enabled + cassandra_yaml_set "user_defined_functions_enabled" "$DB_ENABLE_USER_DEFINED_FUNCTIONS" "no" + cassandra_yaml_set "scripted_user_defined_functions_enabled" "$DB_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS" "no" + fi + cassandra_yaml_set "rpc_address" "$rpc_address" + cassandra_yaml_set "broadcast_rpc_address" "$host" + cassandra_yaml_set "endpoint_snitch" "$DB_ENDPOINT_SNITCH" + cassandra_yaml_set "internode_encryption" "$DB_INTERNODE_ENCRYPTION" + cassandra_configure_certificates + cassandra_yaml_set "auto_snapshot_ttl" "$DB_AUTO_SNAPSHOT_TTL" + + if [[ -n "$DB_BROADCAST_ADDRESS" ]]; then + cassandra_yaml_set "broadcast_address" "$DB_BROADCAST_ADDRESS" + fi + + if [[ -n "$DB_AUTOMATIC_SSTABLE_UPGRADE" ]]; then + cassandra_yaml_set "automatic_sstable_upgrade" "$DB_AUTOMATIC_SSTABLE_UPGRADE" + fi + + cassandra_enable_client_encryption + else + debug "${DB_MOUNTED_CONF_PATH} mounted. Skipping cluster configuration" + fi + + # cassandra-env.sh changes + if ! cassandra_is_file_external "${DB_MOUNTED_ENV_PATH}"; then + replace_in_file "${DB_ENV_FILE}" "#\s*JVM_OPTS=\"\$JVM_OPTS -Djava[.]rmi[.]server[.]hostname=[^\"]*" "JVM_OPTS=\"\$JVM_OPTS -Djava.rmi.server.hostname=${host}" + else + debug "${DB_MOUNTED_ENV_PATH} mounted. Skipping setting server hostname" + fi +} + +######################## +# Configure java path (ignored if cassandra-env.sh is mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_java() { + if ! cassandra_is_file_external "${DB_MOUNTED_ENV_PATH}"; then + replace_in_file "${DB_ENV_FILE}" "(calculate_heap_sizes\(\))" "\nJAVA_HOME=$JAVA_BASE_DIR\nJAVA=$JAVA_BIN_DIR/java\n\n\1" + else + debug "${DB_MOUNTED_ENV_PATH} mounted. Skipping JAVA_HOME configuration" + fi +} + +######################## +# Configure jemalloc path (ignored if cassandra-env.sh is mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_jemalloc() { + if ! cassandra_is_file_external "${DB_MOUNTED_ENV_PATH}"; then + if [[ -n "$(find_jemalloc_lib)" ]]; then + echo "JVM_OPTS=\"\$JVM_OPTS -Dcassandra.libjemalloc=$(find_jemalloc_lib)\"" >>"${DB_CONF_DIR}/cassandra-env.sh" + else + warn "Couldn't find jemalloc installed. Skipping jemalloc configuration." + fi + else + debug "${DB_MOUNTED_ENV_PATH} mounted. Skipping jemalloc configuration." + fi +} + +######################## +# Change the password for the cassandra user +# Globals: +# DB_* +# Arguments: +# 1 - Old password (default: cassandra) +# 2 - New Password (default: $DB_PASSWORD) +# 3 - Maximum number of retries (default: $DB_CQL_MAX_RETRIES) +# 4 - Sleep time between retries (default: $DB_CQL_SLEEP_TIME) +# Returns: +# None +######################### +cassandra_change_cassandra_password() { + local -r old_password="${1:-cassandra}" + local -r new_password="${2:-$DB_PASSWORD}" + local -r retries="${3:-$DB_CQL_MAX_RETRIES}" + local -r sleep_time="${4:-$DB_CQL_SLEEP_TIME}" + + info 'Updating the password for the "cassandra" user...' + local -r user="cassandra" + local -r escaped_password="${new_password//\'/\'\'}" + + if (echo "ALTER USER cassandra WITH PASSWORD \$\$${escaped_password}\$\$;" | cassandra_execute_with_retries "$retries" "$sleep_time" "$user" "$old_password"); then + debug "ALTER USER command executed. Trying to log in" + wait_for_cql_access "$user" "$new_password" "" "$retries" "$sleep_time" + info "Password updated successfully" + fi +} + +######################## +# Create a new admin user +# Globals: +# DB_* +# Arguments: +# 1 - New username (default: $DB_USER) +# 2 - New user password (default: $DB_PASSWORD) +# 3 - Admin username (which will create the new user) (default: cassandra) +# 4 - Admin password (default: cassandra) +# 5 - Maximum number of retries (default: $DB_CQL_MAX_RETRIES) +# 6 - Sleep time between retries (default: $DB_CQL_SLEEP_TIME) +# Returns: +# None +######################### +cassandra_create_admin_user() { + local -r new_user="${1:-$DB_USER}" + local -r password="${2:-$DB_PASSWORD}" + local -r admin_user="${3:-cassandra}" + local -r admin_user_password="${4:-cassandra}" + local -r retries="${5:-$DB_CQL_MAX_RETRIES}" + local -r sleep_time="${6:-$DB_CQL_SLEEP_TIME}" + + info "Creating super-user $new_user" + local -r escaped_password="${password//\'/\'\'}" + + echo "CREATE USER '${new_user}' WITH PASSWORD \$\$${escaped_password}\$\$ SUPERUSER;" | cassandra_execute_with_retries "$retries" "$sleep_time" "$admin_user" "$admin_user_password" +} + +######################## +# Configure common port binding (modifies cassandra.yaml and cassandra-env.sh if not mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_common_ports() { + if ! cassandra_is_file_external "${DB_MOUNTED_CONF_PATH}"; then + cassandra_yaml_set "native_transport_port" "$DB_CQL_PORT_NUMBER" "no" + cassandra_yaml_set "storage_port" "$DB_TRANSPORT_PORT_NUMBER" "no" + else + debug "${DB_MOUNTED_CONF_PATH} mounted. Skipping native and storage ports configuration" + fi + + if ! cassandra_is_file_external "${DB_MOUNTED_ENV_PATH}"; then + replace_in_file "${DB_ENV_FILE}" "JMX_PORT=.*" "JMX_PORT=$DB_JMX_PORT_NUMBER" + else + debug "${DB_MOUNTED_ENV_PATH} mounted. Skipping JMX port configuration" + fi +} + +######################## +# Configure rack and datacenter (ignored if cassandra-rackdc.properties is mounted) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_setup_rack_dc() { + if ! cassandra_is_file_external "${DB_MOUNTED_RACKDC_PATH}"; then + replace_in_file "${DB_RACKDC_FILE}" "dc=.*" "dc=${DB_DATACENTER}" + replace_in_file "${DB_RACKDC_FILE}" "rack=.*" "rack=${DB_RACK}" + else + debug "${DB_MOUNTED_RACKDC_PATH} mounted. Skipping rack and datacenter configuration" + fi +} + +######################## +# Remove PIDs, log files and conf files from a previous run (case of container restart) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_clean_from_restart() { + rm -f "$DB_PID_FILE" + rm -f "$DB_FIRST_BOOT_LOG_FILE" "$DB_INITSCRIPTS_BOOT_LOG_FILE" + if ! is_dir_empty "$DB_CONF_DIR"; then + rm -rf "${DB_CONF_DIR:?}"/* + fi +} + +######################## +# Ensure Cassandra is initialized +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_initialize() { + info "Initializing $DB_FLAVOR database..." + + cassandra_clean_from_restart + cassandra_copy_mounted_config + cassandra_copy_default_config + cassandra_enable_auth + cassandra_setup_java + cassandra_setup_jemalloc + cassandra_setup_logging + cassandra_setup_ports + cassandra_setup_rack_dc + cassandra_setup_data_dirs + cassandra_setup_cluster + cassandra_setup_from_environment_variables # Give priority to users configuration + + is_boolean_yes "$DB_CLIENT_ENCRYPTION" && cassandra_setup_client_ssl + + debug "Ensuring expected directories/files exist..." + for dir in "$DB_DATA_DIR" "$DB_TMP_DIR" "$DB_LOG_DIR"; do + ensure_dir_exists "$dir" + am_i_root && chown -R "$DB_DAEMON_USER:$DB_DAEMON_GROUP" "$dir" + done + + if ! is_dir_empty "$DB_DATA_DIR"; then + info "Deploying $DB_FLAVOR with persisted data" + else + info "Deploying $DB_FLAVOR from scratch" + cassandra_start_bg "$DB_FIRST_BOOT_LOG_FILE" + if is_boolean_yes "$DB_PASSWORD_SEEDER"; then + info "Password seeder node" + # Check that all peers are ready + for peer in ${DB_PEERS//,/ }; do + wait_for_cql_access "cassandra" "cassandra" "$peer" "$DB_PEER_CQL_MAX_RETRIES" "$DB_PEER_CQL_SLEEP_TIME" + done + # Setup user + if [[ "$DB_USER" = "cassandra" ]]; then + cassandra_change_cassandra_password "cassandra" "$DB_PASSWORD" "$DB_CQL_MAX_RETRIES" "$DB_CQL_SLEEP_TIME" + else + cassandra_create_admin_user "$DB_USER" "$DB_PASSWORD" "cassandra" "cassandra" "$DB_CQL_MAX_RETRIES" "$DB_CQL_SLEEP_TIME" + fi + + cassandra_execute_startup_cql + else + info "Non-seeder node. Waiting for synchronization" + wait_for_cql_access "$DB_USER" "$DB_PASSWORD" "" "$DB_PEER_CQL_MAX_RETRIES" "$DB_PEER_CQL_SLEEP_TIME" + fi + fi +} + +######################## +# Execute Cassandra startup cql (defined in DB_STARTUP_CQL) +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_execute_startup_cql() { + if [[ -n "$DB_STARTUP_CQL" ]]; then + info "Executing Startup CQL" + if ! (echo "$DB_STARTUP_CQL" | cassandra_execute_with_retries "$DB_CQL_MAX_RETRIES" "$DB_CQL_SLEEP_TIME" "$DB_USER" "$DB_PASSWORD"); then + error "Failed executing startup CQL command" + exit 1 + fi + info "Startup CQL commands executed successfully" + fi +} + +######################## +# Run custom initialization scripts +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# None +######################### +cassandra_custom_init_scripts() { + if [[ -n "$(find "$DB_INITSCRIPTS_DIR/" \( -type f -o -type l \) -regex ".*\.\(sh\|cql\|cql.gz\)" ! -path "*/.*/*")" ]] && [[ ! -f "$DB_VOLUME_DIR/.user_scripts_initialized" ]]; then + info "Loading user's custom files from $DB_INITSCRIPTS_DIR ..." + local -r tmp_file="/tmp/filelist" + if ! is_cassandra_running; then + cassandra_start_bg "$DB_INITSCRIPTS_BOOT_LOG_FILE" + wait_for_cql_access + fi + find "${DB_INITSCRIPTS_DIR}/" \( -type f -o -type l \) -regex ".*\.\(sh\|cql\|cql.gz\)" ! -path "*/.*/*" | sort >"$tmp_file" + while read -r f; do + case "$f" in + *.sh) + if [[ -x "$f" ]]; then + debug "Executing $f" + "$f" + else + debug "Sourcing $f" + . "$f" + fi + ;; + *.cql) + debug "Executing $f" + cassandra_execute "$DB_USER" "$DB_PASSWORD" <"$f" + ;; + *.cql.gz) + debug "Executing $f" + gunzip -c "$f" | cassandra_execute "$DB_USER" "$DB_PASSWORD" + ;; + *) debug "Ignoring $f" ;; + esac + done <$tmp_file + rm -f "$tmp_file" + touch "$DB_VOLUME_DIR"/.user_scripts_initialized + fi +} + +######################## +# Execute an arbitrary query/queries against the running Cassandra service +# Stdin: +# Query/queries to execute +# Globals: +# BITNAMI_DEBUG +# DB_* +# Arguments: +# $1 - User to run queries +# $2 - Password +# $3 - Keyspace +# $4 - Host (default: localhost) +# $5 - Extra flags +# Returns: +# None +####################### +cassandra_execute() { + local -r user="${1:-$DB_USER}" + local -r pass="${2:-$DB_PASSWORD}" + local -r keyspace="${3:-}" + local -r host="${4:-localhost}" + local -r extra_args="${5:-}" + local -r port="${DB_CQL_PORT_NUMBER}" + local -r cmd=("cqlsh") + local args=("-u" "$user" "-p" "$pass") + + is_boolean_yes "$DB_CLIENT_ENCRYPTION" && args+=("--ssl") + [[ -n "$keyspace" ]] && args+=("-k" "$keyspace") + if [[ -n "$extra_args" ]]; then + local extra_args_array=() + read -r -a extra_args_array <<<"$extra_args" + [[ "${#extra_args[@]}" -gt 0 ]] && args+=("${extra_args_array[@]}") + fi + args+=("$host") + args+=("$port") + if [[ "${BITNAMI_DEBUG}" = true ]]; then + local -r command="$(cat)" + debug "Executing CQL \"$command\"" + echo "$command" | "${cmd[@]}" "${args[@]}" + else + "${cmd[@]}" "${args[@]}" >/dev/null 2>&1 + fi +} + +######################## +# Execute an arbitrary query/queries against the running Cassandra service with retries (in case Cassandra is still initializing or performing consistency operations) +# Stdin: +# Query/queries to execute +# Globals: +# BITNAMI_DEBUG +# DB_* +# Arguments: +# $1 - Maximum number of retries (default: $DB_CQL_MAX_RETRIES) +# $2 - Sleep time between retries (default: $DB_CQL_SLEEP_TIME) +# $3 - User to run queries +# $4 - Password +# $5 - Keyspace +# $6 - Host (default: localhost) +# $7 - Extra flags +# Returns: +# None +####################### +cassandra_execute_with_retries() { + local -r retries="${1:-$DB_CQL_MAX_RETRIES}" + local -r sleep_time="${2:-$DB_CQL_SLEEP_TIME}" + local -r user="${3:-$DB_USER}" + local -r pass="${4:-$DB_PASSWORD}" + local -r keyspace="${5:-}" + local -r host="${6:-localhost}" + local -r extra_args="${7:-}" + + local success=no + + # Get command from stdin as we will retry it several times + local -r command="$(cat)" + + for i in $(seq 1 "$retries"); do + if (echo "$command" | cassandra_execute "$user" "$pass" "$keyspace" "$host" "$extra_args"); then + success=yes + break + fi + sleep "$sleep_time" + done + if is_boolean_yes "$success"; then + true + else + error "CQL command failed $retries times" + false + fi +} + +######################## +# Wait until nodetool checks the node is ready +# Globals: +# BITNAMI_DEBUG +# DB_* +# Arguments: +# $1 - Maximum number of retries (default $DB_INIT_MAX_RETRIES) +# $2 - Sleep time during retries (default $DB_INIT_SLEEP_TIME) +# Returns: +# None +######################### +wait_for_nodetool_up() { + local -r retries="${1:-$DB_INIT_MAX_RETRIES}" + local -r sleep_time="${2:-$DB_INIT_SLEEP_TIME}" + + debug "Checking status with nodetool" + + check_function_nodetool_node_ip() { + # Using legacy RMI URL parsing to avoid URISyntaxException: 'Malformed IPv6 address at index 7: rmi://[127.0.0.1]:7199' error + # https://community.datastax.com/questions/13764/java-version-for-cassandra-3113.html + local -r check_cmd=("nodetool" "-Dcom.sun.jndi.rmiURLParsing=legacy") + local -r check_args=("status" "--port" "$DB_JMX_PORT_NUMBER") + local -r machine_ip="$(dns_lookup "${DB_BROADCAST_ADDRESS:-$DB_HOST}" "v4")" + local -r check_regex="UN\s*(${DB_HOST}|${machine_ip}|127.0.0.1)" + + local output="/dev/null" + if [[ "$BITNAMI_DEBUG" = "true" ]]; then + output="/dev/stdout" + fi + + "${check_cmd[@]}" "${check_args[@]}" | grep -E "${check_regex}" >"${output}" + } + + check_function_nodetool_node_count() { + # Using legacy RMI URL parsing to avoid URISyntaxException: 'Malformed IPv6 address at index 7: rmi://[127.0.0.1]:7199' error + # https://community.datastax.com/questions/13764/java-version-for-cassandra-3113.html + local -r check_cmd=("nodetool" "-Dcom.sun.jndi.rmiURLParsing=legacy") + local -r check_args=("status" "--port" "$DB_JMX_PORT_NUMBER") + local -r machine_ip="$(dns_lookup "${DB_BROADCAST_ADDRESS:-$DB_HOST}" "v4")" + local -r check_regex="UN\s*" + read -r -a host_list <<<"$(tr ',;' ' ' <<<"$DB_NODES")" + local -r expected_node_count="${#host_list[@]}" + local actual_node_count + + local output="/dev/null" + if [[ "$BITNAMI_DEBUG" = "true" ]]; then + output="/dev/stdout" + fi + + actual_node_count=$("${check_cmd[@]}" "${check_args[@]}" | grep -c "${check_regex}" || true) + if [[ "$expected_node_count" != "$actual_node_count" ]]; then + false + fi + } + + if retry_while check_function_nodetool_node_ip "$retries" "$sleep_time"; then + info "Nodetool reported the successful startup of $DB_FLAVOR" + true + else + error "$DB_FLAVOR failed to start up" + if [[ "$BITNAMI_DEBUG" = "true" ]]; then + error "Nodetool output" + "${check_cmd[@]}" "${check_args[@]}" + fi + exit 1 + fi + + if [[ -n "$DB_NODES" ]]; then + if retry_while check_function_nodetool_node_count "$retries" "$sleep_time"; then + info "All nodes reached the UN status (Up/Normal)" + true + else + error "Some nodes did not reach the UN status (Up/Normal)" + if [[ "$BITNAMI_DEBUG" = "true" ]]; then + error "Nodetool output" + "${check_cmd[@]}" "${check_args[@]}" + fi + exit 1 + fi + fi +} + +######################## +# Wait until the log file shows that CQL is ready +# Globals: +# BITNAMI_DEBUG +# DB_* +# Arguments: +# $1 - Log file to check +# $1 - Maximum number of retries (default $DB_INIT_MAX_RETRIES) +# $2 - Sleep time during retries (default $DB_INIT_SLEEP_TIME) +# Returns: +# None +######################### +wait_for_cql_log_entry() { + local -r logger="${1:-/dev/stdout}" + local -r retries="${2:-$DB_INIT_MAX_RETRIES}" + local -r sleep_time="${3:-$DB_INIT_SLEEP_TIME}" + + debug "Checking that log $logger contains entry \"Starting listening for CQL clients\"" + + check_function_log_entry() { + local -r check_cmd=("cat") + local -r check_args=("$logger") + local -r check_regex="Starting listening for CQL clients" + + local output="/dev/null" + if [[ "$BITNAMI_DEBUG" = "true" ]]; then + output="/dev/stdout" + fi + "${check_cmd[@]}" "${check_args[@]}" | grep -E "${check_regex}" >"${output}" + } + + if retry_while check_function_log_entry "$retries" "$sleep_time"; then + info "Found CQL startup log line" + else + error "$DB_FLAVOR failed to start up" + error "Log content" + cat "$logger" + exit 1 + fi +} + +######################## +# Poll until the CQL command DESCRIBE KEYSPACES works successfully +# Globals: +# DB_* +# Arguments: +# 1 - Username (default: $DB_USER) +# 2 - Password (default: $DB_PASSWORD) +# 3 - Hostname (default: $DB_HOST) +# 4 - Maximum number of retries (default: $DB_CQL_MAX_RETRIES) +# 5 - Sleep time between retries (default: $DB_CQL_SLEEP_TIME) +# Returns: +# None +######################### +wait_for_cql_access() { + local -r user="${1:-$DB_USER}" + local -r password="${2:-$DB_PASSWORD}" + local -r host="${3:-$DB_HOST}" + local -r max_retries="${4:-$DB_CQL_MAX_RETRIES}" + local -r sleep_time="${5:-$DB_CQL_SLEEP_TIME}" + + info "Trying to access CQL server @ $host" + if (echo "DESCRIBE KEYSPACES" | cassandra_execute_with_retries "$max_retries" "$sleep_time" "$user" "$password" "" "$host"); then + info "Accessed CQL server successfully" + else + error "Could not access CQL server" + exit 1 + fi +} + +######################## +# Check if Cassandra is running +# Globals: +# DB_* +# Arguments: +# None +# Returns: +# Boolean +######################### +is_cassandra_running() { + local -r pid="$(get_pid_from_file "$DB_PID_FILE")" + + if [[ -z "$pid" ]]; then + false + else + is_service_running "$pid" + fi +} + +######################## +# Return true if cassandra is not running +# Globals: +# KONG_* +# Arguments: +# None +# Returns: +# None +######################### +is_cassandra_not_running() { + ! is_cassandra_running +} + +######################## +# Set a configuration setting value to a file +# Globals: +# None +# Arguments: +# $1 - file +# $2 - key +# $3 - values (array) +# Returns: +# None +######################### +cassandra_common_conf_set() { + local -r file="${1:?missing file}" + local -r key="${2:?missing key}" + shift 2 + local values=("$@") + + if [[ "${#values[@]}" -eq 0 ]]; then + stderr_print "missing value" + return 1 + elif [[ "${#values[@]}" -ne 1 ]]; then + for i in "${!values[@]}"; do + cassandra_common_conf_set "$file" "${key[$i]}" "${values[$i]}" + done + else + value="${values[0]}" + # Check if the value was set before + if grep -q "^[#\\s]*$key\s*=.*" "$file"; then + # Update the existing key + replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false + else + # Add a new key + printf '\n%s=%s' "$key" "$value" >>"$file" + fi + fi +} + +######################## +# Set a configuration setting value to cassandra-env.sh +# Globals: +# DB_CONF_DIR +# Arguments: +# $1 - key +# $2 - values (array) +# Returns: +# None +######################### +cassandra_env_conf_set() { + cassandra_common_conf_set "${DB_ENV_FILE}" "$@" +} + +######################## +# Set a configuration setting value to cassandra-rackdc.properties +# Globals: +# DB_CONF_DIR +# Arguments: +# $1 - key +# $2 - values (array) +# Returns: +# None +######################### +cassandra_rackdc_conf_set() { + cassandra_common_conf_set "$DB_RACKDC_FILE" "$@" +} + +######################## +# Set a configuration setting value to commitlog_archiving.properties +# Globals: +# DB_CONF_DIR +# Arguments: +# $1 - key +# $2 - values (array) +# Returns: +# None +######################### +cassandra_commitlog_conf_set() { + cassandra_common_conf_set "${DB_COMMITLOG_ARCHIVING_FILE}" "$@" +} + +######################## +# Find the path to the libjemalloc library file +# Globals: +# None +# Arguments: +# None +# Returns: +# Path to a libjemalloc shared object file +######################### +find_jemalloc_lib() { + local -a locations=("/usr/lib" "/usr/lib64") + local -r pattern='libjemalloc.so.[0-9]' + local path + for dir in "${locations[@]}"; do + # Find the first element matching the pattern and quit + [[ ! -d "$dir" ]] && continue + path="$(find "$dir" -name "$pattern" -print -quit)" + [[ -n "$path" ]] && break + done + echo "${path:-}" +} diff --git a/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb-env.sh b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb-env.sh new file mode 100644 index 0000000000000..ee9709c13f0ec --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb-env.sh @@ -0,0 +1,272 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Environment configuration for scylladb + +# The values for all environment variables will be set in the below order of precedence +# 1. Custom environment variables defined below after Bitnami defaults +# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR +# 3. Environment variables overridden via external files using *_FILE variables (see below) +# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) + +# Load logging library +# shellcheck disable=SC1090,SC1091 +. /opt/bitnami/scripts/liblog.sh + +export BITNAMI_ROOT_DIR="/opt/bitnami" +export BITNAMI_VOLUME_DIR="/bitnami" + +# Logging configuration +export MODULE="${MODULE:-scylladb}" +export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" + +# By setting an environment variable matching *_FILE to a file path, the prefixed environment +# variable will be overridden with the value specified in that file +scylladb_env_vars=( + SCYLLADB_MOUNTED_CONF_DIR + SCYLLADB_CLIENT_ENCRYPTION + SCYLLADB_CLUSTER_NAME + SCYLLADB_DATACENTER + SCYLLADB_ENABLE_REMOTE_CONNECTIONS + SCYLLADB_ENABLE_RPC + SCYLLADB_ENABLE_USER_DEFINED_FUNCTIONS + SCYLLADB_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS + SCYLLADB_ENDPOINT_SNITCH + SCYLLADB_HOST + SCYLLADB_INTERNODE_ENCRYPTION + SCYLLADB_NUM_TOKENS + SCYLLADB_PASSWORD_SEEDER + SCYLLADB_SEEDS + SCYLLADB_PEERS + SCYLLADB_NODES + SCYLLADB_RACK + SCYLLADB_BROADCAST_ADDRESS + SCYLLADB_AUTOMATIC_SSTABLE_UPGRADE + SCYLLADB_STARTUP_CQL + SCYLLADB_IGNORE_INITDB_SCRIPTS + SCYLLADB_CQL_PORT_NUMBER + SCYLLADB_JMX_PORT_NUMBER + SCYLLADB_TRANSPORT_PORT_NUMBER + SCYLLADB_CQL_MAX_RETRIES + SCYLLADB_CQL_SLEEP_TIME + SCYLLADB_INIT_MAX_RETRIES + SCYLLADB_INIT_SLEEP_TIME + SCYLLADB_PEER_CQL_MAX_RETRIES + SCYLLADB_PEER_CQL_SLEEP_TIME + SCYLLADB_DELAY_START_TIME + SCYLLADB_AUTO_SNAPSHOT_TTL + ALLOW_EMPTY_PASSWORD + SCYLLADB_AUTHORIZER + SCYLLADB_AUTHENTICATOR + SCYLLADB_USER + SCYLLADB_PASSWORD + SCYLLADB_KEYSTORE_PASSWORD + SCYLLADB_TRUSTSTORE_PASSWORD + SCYLLADB_KEYSTORE_LOCATION + SCYLLADB_TRUSTSTORE_LOCATION + SCYLLADB_TMP_P12_FILE + SCYLLADB_SSL_CERT_FILE + SCYLLADB_SSL_KEY_FILE + SCYLLADB_SSL_CA_FILE + SCYLLADB_SSL_VALIDATE + SSL_VERSION + SCYLLADB_CQL_SHARD_PORT_NUMBER + SCYLLADB_API_PORT_NUMBER + SCYLLADB_PROMETHEUS_PORT_NUMBER + SCYLLADB_DEVELOPER_MODE + SCYLLADB_RUN_JMX_PROXY +) +for env_var in "${scylladb_env_vars[@]}"; do + file_env_var="${env_var}_FILE" + if [[ -n "${!file_env_var:-}" ]]; then + if [[ -r "${!file_env_var:-}" ]]; then + export "${env_var}=$(< "${!file_env_var}")" + unset "${file_env_var}" + else + warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." + fi + fi +done +unset scylladb_env_vars +export DB_FLAVOR="scylladb" + +# Paths +export SCYLLADB_BASE_DIR="/opt/bitnami/scylladb" +export DB_BASE_DIR="$SCYLLADB_BASE_DIR" +export SCYLLADB_BIN_DIR="${DB_BASE_DIR}/bin" +export DB_BIN_DIR="$SCYLLADB_BIN_DIR" +export SCYLLADB_VOLUME_DIR="/bitnami/scylladb" +export DB_VOLUME_DIR="$SCYLLADB_VOLUME_DIR" +export SCYLLADB_DATA_DIR="${DB_VOLUME_DIR}/data" +export DB_DATA_DIR="$SCYLLADB_DATA_DIR" +export SCYLLADB_COMMITLOG_DIR="${DB_DATA_DIR}/commitlog" +export DB_COMMITLOG_DIR="$SCYLLADB_COMMITLOG_DIR" +export SCYLLADB_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" +export DB_INITSCRIPTS_DIR="$SCYLLADB_INITSCRIPTS_DIR" +export SCYLLADB_LOG_DIR="${DB_BASE_DIR}/logs" +export DB_LOG_DIR="$SCYLLADB_LOG_DIR" +export SCYLLADB_MOUNTED_CONF_DIR="${SCYLLADB_MOUNTED_CONF_DIR:-${DB_VOLUME_DIR}/conf}" +export DB_MOUNTED_CONF_DIR="$SCYLLADB_MOUNTED_CONF_DIR" +export SCYLLADB_TMP_DIR="${DB_BASE_DIR}/tmp" +export DB_TMP_DIR="$SCYLLADB_TMP_DIR" +export JAVA_BASE_DIR="${BITNAMI_ROOT_DIR}/java" +export JAVA_BIN_DIR="${JAVA_BASE_DIR}/bin" +export PYTHON_BASE_DIR="${BITNAMI_ROOT_DIR}/python" +export PYTHON_BIN_DIR="${PYTHON_BASE_DIR}/bin" +export SCYLLADB_LOG_FILE="${DB_LOG_DIR}/scylladb.log" +export DB_LOG_FILE="$SCYLLADB_LOG_FILE" +export SCYLLADB_FIRST_BOOT_LOG_FILE="${DB_LOG_DIR}/scylladb_first_boot.log" +export DB_FIRST_BOOT_LOG_FILE="$SCYLLADB_FIRST_BOOT_LOG_FILE" +export SCYLLADB_INITSCRIPTS_BOOT_LOG_FILE="${DB_LOG_DIR}/scylladb_init_scripts_boot.log" +export DB_INITSCRIPTS_BOOT_LOG_FILE="$SCYLLADB_INITSCRIPTS_BOOT_LOG_FILE" +export SCYLLADB_PID_FILE="${DB_TMP_DIR}/scylladb.pid" +export DB_PID_FILE="$SCYLLADB_PID_FILE" +export PATH="${DB_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${BITNAMI_ROOT_DIR}/python/bin:${BITNAMI_ROOT_DIR}/java/bin:$PATH" + +# System users (when running with a privileged user) +export SCYLLADB_DAEMON_USER="scylladb" +export DB_DAEMON_USER="$SCYLLADB_DAEMON_USER" +export SCYLLADB_DAEMON_GROUP="scylladb" +export DB_DAEMON_GROUP="$SCYLLADB_DAEMON_GROUP" + +# ScyllaDB cluster settings +export SCYLLADB_CLIENT_ENCRYPTION="${SCYLLADB_CLIENT_ENCRYPTION:-false}" +export DB_CLIENT_ENCRYPTION="$SCYLLADB_CLIENT_ENCRYPTION" +export SCYLLADB_CLUSTER_NAME="${SCYLLADB_CLUSTER_NAME:-My Cluster}" +export DB_CLUSTER_NAME="$SCYLLADB_CLUSTER_NAME" +export SCYLLADB_DATACENTER="${SCYLLADB_DATACENTER:-dc1}" +export DB_DATACENTER="$SCYLLADB_DATACENTER" +export SCYLLADB_ENABLE_REMOTE_CONNECTIONS="${SCYLLADB_ENABLE_REMOTE_CONNECTIONS:-true}" +export DB_ENABLE_REMOTE_CONNECTIONS="$SCYLLADB_ENABLE_REMOTE_CONNECTIONS" +export SCYLLADB_ENABLE_RPC="${SCYLLADB_ENABLE_RPC:-false}" +export DB_ENABLE_RPC="$SCYLLADB_ENABLE_RPC" +export SCYLLADB_ENABLE_USER_DEFINED_FUNCTIONS="${SCYLLADB_ENABLE_USER_DEFINED_FUNCTIONS:-false}" +export DB_ENABLE_USER_DEFINED_FUNCTIONS="$SCYLLADB_ENABLE_USER_DEFINED_FUNCTIONS" +export SCYLLADB_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS="${SCYLLADB_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS:-false}" +export DB_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS="$SCYLLADB_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS" +export SCYLLADB_ENDPOINT_SNITCH="${SCYLLADB_ENDPOINT_SNITCH:-SimpleSnitch}" +export DB_ENDPOINT_SNITCH="$SCYLLADB_ENDPOINT_SNITCH" +export SCYLLADB_HOST="${SCYLLADB_HOST:-}" +export DB_HOST="$SCYLLADB_HOST" +export SCYLLADB_INTERNODE_ENCRYPTION="${SCYLLADB_INTERNODE_ENCRYPTION:-none}" +export DB_INTERNODE_ENCRYPTION="$SCYLLADB_INTERNODE_ENCRYPTION" +export SCYLLADB_NUM_TOKENS="${SCYLLADB_NUM_TOKENS:-256}" +export DB_NUM_TOKENS="$SCYLLADB_NUM_TOKENS" +export SCYLLADB_PASSWORD_SEEDER="${SCYLLADB_PASSWORD_SEEDER:-no}" +export DB_PASSWORD_SEEDER="$SCYLLADB_PASSWORD_SEEDER" +export SCYLLADB_SEEDS="${SCYLLADB_SEEDS:-$DB_HOST}" +export DB_SEEDS="$SCYLLADB_SEEDS" +export SCYLLADB_PEERS="${SCYLLADB_PEERS:-$DB_SEEDS}" +export DB_PEERS="$SCYLLADB_PEERS" +export SCYLLADB_NODES="${SCYLLADB_NODES:-}" +export DB_NODES="$SCYLLADB_NODES" +export SCYLLADB_RACK="${SCYLLADB_RACK:-rack1}" +export DB_RACK="$SCYLLADB_RACK" +export SCYLLADB_BROADCAST_ADDRESS="${SCYLLADB_BROADCAST_ADDRESS:-}" +export DB_BROADCAST_ADDRESS="$SCYLLADB_BROADCAST_ADDRESS" +export SCYLLADB_AUTOMATIC_SSTABLE_UPGRADE="${SCYLLADB_AUTOMATIC_SSTABLE_UPGRADE:-false}" +export DB_AUTOMATIC_SSTABLE_UPGRADE="$SCYLLADB_AUTOMATIC_SSTABLE_UPGRADE" + +# Database initialization settings +export SCYLLADB_STARTUP_CQL="${SCYLLADB_STARTUP_CQL:-}" +export DB_STARTUP_CQL="$SCYLLADB_STARTUP_CQL" +export SCYLLADB_IGNORE_INITDB_SCRIPTS="${SCYLLADB_IGNORE_INITDB_SCRIPTS:-no}" +export DB_IGNORE_INITDB_SCRIPTS="$SCYLLADB_IGNORE_INITDB_SCRIPTS" + +# Port configuration +export SCYLLADB_CQL_PORT_NUMBER="${SCYLLADB_CQL_PORT_NUMBER:-9042}" +export DB_CQL_PORT_NUMBER="$SCYLLADB_CQL_PORT_NUMBER" +export SCYLLADB_JMX_PORT_NUMBER="${SCYLLADB_JMX_PORT_NUMBER:-7199}" +export DB_JMX_PORT_NUMBER="$SCYLLADB_JMX_PORT_NUMBER" +export SCYLLADB_TRANSPORT_PORT_NUMBER="${SCYLLADB_TRANSPORT_PORT_NUMBER:-7000}" +export DB_TRANSPORT_PORT_NUMBER="$SCYLLADB_TRANSPORT_PORT_NUMBER" + +# Retries and sleep time configuration +export SCYLLADB_CQL_MAX_RETRIES="${SCYLLADB_CQL_MAX_RETRIES:-20}" +export DB_CQL_MAX_RETRIES="$SCYLLADB_CQL_MAX_RETRIES" +export SCYLLADB_CQL_SLEEP_TIME="${SCYLLADB_CQL_SLEEP_TIME:-5}" +export DB_CQL_SLEEP_TIME="$SCYLLADB_CQL_SLEEP_TIME" +export SCYLLADB_INIT_MAX_RETRIES="${SCYLLADB_INIT_MAX_RETRIES:-100}" +export DB_INIT_MAX_RETRIES="$SCYLLADB_INIT_MAX_RETRIES" +export SCYLLADB_INIT_SLEEP_TIME="${SCYLLADB_INIT_SLEEP_TIME:-5}" +export DB_INIT_SLEEP_TIME="$SCYLLADB_INIT_SLEEP_TIME" +export SCYLLADB_PEER_CQL_MAX_RETRIES="${SCYLLADB_PEER_CQL_MAX_RETRIES:-100}" +export DB_PEER_CQL_MAX_RETRIES="$SCYLLADB_PEER_CQL_MAX_RETRIES" +export SCYLLADB_PEER_CQL_SLEEP_TIME="${SCYLLADB_PEER_CQL_SLEEP_TIME:-10}" +export DB_PEER_CQL_SLEEP_TIME="$SCYLLADB_PEER_CQL_SLEEP_TIME" +export SCYLLADB_DELAY_START_TIME="${SCYLLADB_DELAY_START_TIME:-10}" +export DB_DELAY_START_TIME="$SCYLLADB_DELAY_START_TIME" + +# Snapshot settings +export SCYLLADB_AUTO_SNAPSHOT_TTL="${SCYLLADB_AUTO_SNAPSHOT_TTL:-30d}" +export DB_AUTO_SNAPSHOT_TTL="$SCYLLADB_AUTO_SNAPSHOT_TTL" + +# Authentication, Authorization and Credentials +export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" +export SCYLLADB_AUTHORIZER="${SCYLLADB_AUTHORIZER:-CassandraAuthorizer}" +export DB_AUTHORIZER="$SCYLLADB_AUTHORIZER" +export SCYLLADB_AUTHENTICATOR="${SCYLLADB_AUTHENTICATOR:-PasswordAuthenticator}" +export DB_AUTHENTICATOR="$SCYLLADB_AUTHENTICATOR" +export SCYLLADB_USER="${SCYLLADB_USER:-cassandra}" +export DB_USER="$SCYLLADB_USER" +export SCYLLADB_PASSWORD="${SCYLLADB_PASSWORD:-}" +export DB_PASSWORD="$SCYLLADB_PASSWORD" +export SCYLLADB_KEYSTORE_PASSWORD="${SCYLLADB_KEYSTORE_PASSWORD:-cassandra}" +export DB_KEYSTORE_PASSWORD="$SCYLLADB_KEYSTORE_PASSWORD" +export SCYLLADB_TRUSTSTORE_PASSWORD="${SCYLLADB_TRUSTSTORE_PASSWORD:-cassandra}" +export DB_TRUSTSTORE_PASSWORD="$SCYLLADB_TRUSTSTORE_PASSWORD" +export SCYLLADB_KEYSTORE_LOCATION="${SCYLLADB_KEYSTORE_LOCATION:-${DB_VOLUME_DIR}/secrets/keystore}" +export DB_KEYSTORE_LOCATION="$SCYLLADB_KEYSTORE_LOCATION" +export SCYLLADB_TRUSTSTORE_LOCATION="${SCYLLADB_TRUSTSTORE_LOCATION:-${DB_VOLUME_DIR}/secrets/truststore}" +export DB_TRUSTSTORE_LOCATION="$SCYLLADB_TRUSTSTORE_LOCATION" +export SCYLLADB_TMP_P12_FILE="${SCYLLADB_TMP_P12_FILE:-${DB_TMP_DIR}/keystore.p12}" +export DB_TMP_P12_FILE="$SCYLLADB_TMP_P12_FILE" +export SCYLLADB_SSL_CERT_FILE="${SCYLLADB_SSL_CERT_FILE:-${DB_VOLUME_DIR}/certs/tls.crt}" +export DB_SSL_CERT_FILE="$SCYLLADB_SSL_CERT_FILE" +export SSL_CERTFILE="$SCYLLADB_SSL_CERT_FILE" +export SCYLLADB_SSL_KEY_FILE="${SCYLLADB_SSL_KEY_FILE:-${DB_VOLUME_DIR}/certs/tls.key}" +export DB_SSL_KEY_FILE="$SCYLLADB_SSL_KEY_FILE" +export SSL_KEYFILE="$SCYLLADB_SSL_KEY_FILE" +export SCYLLADB_SSL_CA_FILE="${SCYLLADB_SSL_CA_FILE:-}" +export DB_SSL_CA_FILE="$SCYLLADB_SSL_CA_FILE" +export SSL_CAFILE="$SCYLLADB_SSL_CA_FILE" +export SCYLLADB_SSL_VALIDATE="${SCYLLADB_SSL_VALIDATE:-false}" +export DB_SSL_VALIDATE="$SCYLLADB_SSL_VALIDATE" +export SSL_VALIDATE="$SCYLLADB_SSL_VALIDATE" + +# cqlsh settings +export SSL_VERSION="${SSL_VERSION:-TLSv1_2}" + +# Configuration paths +export SCYLLADB_CONF_DIR="${DB_BASE_DIR}/etc" +export DB_CONF_DIR="$SCYLLADB_CONF_DIR" +export SCYLLADB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/etc.default" +export DB_DEFAULT_CONF_DIR="$SCYLLADB_DEFAULT_CONF_DIR" +export SCYLLADB_CONF_FILE="${DB_CONF_DIR}/scylla/scylla.yaml" +export DB_CONF_FILE="$SCYLLADB_CONF_FILE" +export SCYLLADB_RACKDC_FILE="${DB_CONF_DIR}/scylla/cassandra-rackdc.properties" +export DB_RACKDC_FILE="$SCYLLADB_RACKDC_FILE" +export SCYLLADB_LOGBACK_FILE="${DB_CONF_DIR}/scylla/cassandra/logback.xml" +export DB_LOGBACK_FILE="$SCYLLADB_LOGBACK_FILE" +export SCYLLADB_COMMITLOG_ARCHIVING_FILE="${DB_CONF_DIR}/scylla/cassandra/commitlog_archiving.properties" +export DB_COMMITLOG_ARCHIVING_FILE="$SCYLLADB_COMMITLOG_ARCHIVING_FILE" +export SCYLLADB_ENV_FILE="${DB_CONF_DIR}/scylla/cassandra/cassandra-env.sh" +export DB_ENV_FILE="$SCYLLADB_ENV_FILE" +export SCYLLADB_MOUNTED_CONF_PATH="scylla/scylla.yaml" +export DB_MOUNTED_CONF_PATH="$SCYLLADB_MOUNTED_CONF_PATH" +export SCYLLADB_MOUNTED_RACKDC_PATH="scylla/cassandra-rackdc.properties" +export DB_MOUNTED_RACKDC_PATH="$SCYLLADB_MOUNTED_RACKDC_PATH" +export SCYLLADB_MOUNTED_ENV_PATH="scylla/cassandra/cassandra-env.sh" +export DB_MOUNTED_ENV_PATH="$SCYLLADB_MOUNTED_ENV_PATH" +export SCYLLADB_MOUNTED_LOGBACK_PATH="scylla/cassandra/logback.xml" +export DB_MOUNTED_LOGBACK_PATH="$SCYLLADB_MOUNTED_LOGBACK_PATH" + +# ScyllaDB specific settings +export SCYLLADB_CQL_SHARD_PORT_NUMBER="${SCYLLADB_CQL_SHARD_PORT_NUMBER:-19042}" +export SCYLLADB_API_PORT_NUMBER="${SCYLLADB_API_PORT_NUMBER:-10000}" +export SCYLLADB_PROMETHEUS_PORT_NUMBER="${SCYLLADB_PROMETHEUS_PORT_NUMBER:-9180}" +export SCYLLADB_DEVELOPER_MODE="${SCYLLADB_DEVELOPER_MODE:-yes}" +export SCYLLADB_RUN_JMX_PROXY="${SCYLLADB_RUN_JMX_PROXY:-no}" + +# Custom environment variables may be defined below diff --git a/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/entrypoint.sh b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/entrypoint.sh new file mode 100755 index 0000000000000..78d0c802f16a3 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/entrypoint.sh @@ -0,0 +1,39 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 + +# shellcheck disable=SC1091 + +set -o errexit +set -o nounset +set -o pipefail +#set -o xtrace + +# Load libraries +. /opt/bitnami/scripts/libbitnami.sh +. /opt/bitnami/scripts/libscylladb.sh + +# Load ScyllaDB environment variables +. /opt/bitnami/scripts/scylladb-env.sh + +print_welcome_page + +# We add the copy from default config in the entrypoint to not break users +# bypassing the setup.sh logic. If the file already exists do not overwrite (in +# case someone mounts a configuration file in /opt/bitnami/scylladb/etc) +debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" +cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" + +if is_positive_int "$DB_DELAY_START_TIME" && [[ "$DB_DELAY_START_TIME" -gt 0 ]]; then + info "** Delaying $DB_FLAVOR start by ${DB_DELAY_START_TIME} seconds **" + sleep "$DB_DELAY_START_TIME" +fi + +if [[ "$*" = *"/opt/bitnami/scripts/cassandra/run.sh"* || "$*" = *"/run.sh"* ]]; then + info "** Starting $DB_FLAVOR setup **" + /opt/bitnami/scripts/scylladb/setup.sh + info "** $DB_FLAVOR setup finished! **" +fi + +echo "" +exec "$@" diff --git a/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/postunpack.sh b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/postunpack.sh new file mode 100755 index 0000000000000..3428dc60c1ca4 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/postunpack.sh @@ -0,0 +1,78 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 + +# shellcheck disable=SC1091 + +# Load libraries +. /opt/bitnami/scripts/libfs.sh +. /opt/bitnami/scripts/libscylladb.sh + +# Load ScyllaDB environment variables +. /opt/bitnami/scripts/scylladb-env.sh + + +for dir in "$DB_INITSCRIPTS_DIR" "$DB_TMP_DIR" "$DB_LOG_DIR" "$DB_CONF_DIR" "$DB_MOUNTED_CONF_DIR" "$DB_VOLUME_DIR" "$DB_DEFAULT_CONF_DIR"; do + ensure_dir_exists "$dir" + chmod -R g+rwX "$dir" +done + +# HACK: The scylla.yaml file is not consistently formatted, having sections like this: +# 1) "#value: 123" +# 2) "# value2: 123" +# This is causing the cassandra_yaml_set function to not work as expected. To workaround that, we fix this +# issue by changing all expressions like 1) to be like 2) +replace_in_file "$DB_CONF_FILE" "^#([a-zA-Z])" "# \1" + +# The client_encryption_options and server_encryption_options are commented in scylla.yaml. +# We remove the comment to make it consistent with cassandra.yaml and the logic works for both +replace_in_file "$DB_CONF_FILE" "^#\s*client_encryption_options:" "client_encryption_options:" +replace_in_file "$DB_CONF_FILE" "^#\s*server_encryption_options:" "server_encryption_options:" + +# Set scylladb workdir to data directory +cassandra_yaml_set "workdir" "$DB_DATA_DIR" + +# The scylladb-jmx script has a "symlinks" directory with a scylla-jmx file, which is a symlink +# to /usr/bin/java. We update the symlink to point to /opt/bitnami/java/bin/java. We also need to +# include a symlink in the /usr/lib/jvm/ directory for the scylla-jmx select-java script to work +ln -sf "${BITNAMI_ROOT_DIR}/java/bin/java" "/usr/bin/java" +mkdir -p "/usr/lib/jvm" && ln -s "${BITNAMI_ROOT_DIR}/java" "/usr/lib/jvm" + +# Create wrapper for cqlsh, as the default one is unable to properly detect the python version +cat <"${DB_BASE_DIR}/share/cassandra/bin/cqlsh" +#!/bin/sh +exec "${PYTHON_BIN_DIR}/python" "${DB_BASE_DIR}/share/cassandra/bin/cqlsh.py" "\$@" +EOF + +chmod +x "${DB_BASE_DIR}/share/cassandra/bin/cqlsh" + +# Copy all initially generated configuration files to the default directory +# (this is to avoid breaking when entrypoint is being overridden) +cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" +chmod o+rX -R "$DB_DEFAULT_CONF_DIR" + +ensure_dir_exists "${HOME}/.cassandra" +chmod -R g+rwX "${HOME}/.cassandra" + +# Add symlinks for adding compatibility with the upstream scylladb-operator +ln -s "$DB_DATA_DIR" "/var/lib/scylladb" +ln -s "$DB_CONF_DIR/scylla" "/etc/scylla" +ln -s "$DB_CONF_DIR/scylla.d" "/etc/scylla.d" +ln -s "$DB_CONF_DIR/sysconfig" "/etc/sysconfig" +ln -s "$DB_CONF_DIR/bash_completion.d" "/etc/bash_completion.d" +ln -s "$DB_LOG_DIR" "/var/log/scylla" +ln -s "$DB_BASE_DIR" "/opt/scylladb" + +# The scripts in the docker folder need to be copied to / in order to work with the operator +cp -r "${DB_BASE_DIR}/docker/"* / + +# Adapt the shebang of the operator python scripts so they use the scylladb python venv instead of +# the installed python, as there would be missing packages +for pyscript in /*.py; do + replace_in_file "$pyscript" "#!/usr/bin/env python3" "#!${DB_BASE_DIR}/python3/bin/python3" +done + +# The scylladb-operator expects the supervisor binaries to be in /usr/bin, so we need +# to create a symlink +ln -s /opt/bitnami/supervisor/bin/supervisord /usr/bin +ln -s /opt/bitnami/supervisor/bin/supervisorctl /usr/bin \ No newline at end of file diff --git a/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/run.sh b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/run.sh new file mode 100755 index 0000000000000..3f9b27d181bfe --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/run.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +# shellcheck disable=SC1091 + +set -o errexit +set -o nounset +set -o pipefail +# set -o xtrace # Uncomment this line for debugging purposes + +# Load libraries +. /opt/bitnami/scripts/liblog.sh +. /opt/bitnami/scripts/libscylladb.sh +. /opt/bitnami/scripts/libos.sh + +# Load ScyllaDB environment variables +. /opt/bitnami/scripts/scylladb-env.sh + +info "** Starting ScyllaDB **" + +EXEC="${DB_BIN_DIR}/scylla" + +flags=("--options-file" "$DB_CONF_FILE") +if is_boolean_yes "$SCYLLADB_DEVELOPER_MODE"; then + flags+=("--developer-mode" "true") +fi + +# Add flags passed to this script +flags+=("$@") + +info "** Starting $DB_FLAVOR **" +if am_i_root; then + exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" +else + exec "$EXEC" "${flags[@]}" +fi \ No newline at end of file diff --git a/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/setup.sh b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/setup.sh new file mode 100755 index 0000000000000..f7980fffc7778 --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/rootfs/opt/bitnami/scripts/scylladb/setup.sh @@ -0,0 +1,37 @@ +#!/bin/bash +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 +# +# Bitnami ScyllaDB setup + +# shellcheck disable=SC1091 + +set -o errexit +set -o nounset +set -o pipefail + +# Load Generic Libraries +. /opt/bitnami/scripts/libvalidations.sh +. /opt/bitnami/scripts/libos.sh +. /opt/bitnami/scripts/libscylladb.sh + +# Load ScyllaDB environment variables +. /opt/bitnami/scripts/scylladb-env.sh + +# Ensure ScyllaDB is stopped when this script ends. +trap "cassandra_stop" EXIT + +# Set default ScyllaDB host environment variable +cassandra_set_default_host +# Ensure ScyllaDB environment variables settings are valid +cassandra_validate +cassandra_validate_tls +# Ensure 'daemon' user exists when running as 'root' +am_i_root && ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" +# Ensure ScyllaDB is initialized +cassandra_initialize + +# Allow running custom initialization scripts +if ! is_boolean_yes "$DB_IGNORE_INITDB_SCRIPTS"; then + cassandra_custom_init_scripts +fi diff --git a/bitnami/scylladb/6.2/debian-12/tags-info.yaml b/bitnami/scylladb/6.2/debian-12/tags-info.yaml new file mode 100644 index 0000000000000..cc551450f8ffb --- /dev/null +++ b/bitnami/scylladb/6.2/debian-12/tags-info.yaml @@ -0,0 +1,5 @@ +rolling-tags: +- "6.2" +- 6.2-debian-12 +- 6.2.0 +- latest