percona · hors · Jun 16, 2025 · Feb 25, 2025 · Mar 25, 2025 · Mar 25, 2025
@@ -1,11 +1,4 @@
-apiVersion: kuttl.dev/v1beta1
-kind: TestAssert
-timeout: 300
----
 apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: 02-check-users
 data:
   heartbeat: |
     GRANT REPLICATION CLIENT ON *.* TO `heartbeat`@`localhost`
@@ -17,7 +10,7 @@ data:
     GRANT SELECT ON `performance_schema`.* TO `monitor`@`%`
   operator: |
     GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `operator`@`%` WITH GRANT OPTION
-    GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION
+    GRANT ALLOW_NONEXISTENT_DEFINER,APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_PRIVILEGES,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,OPTIMIZE_LOCAL_TABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_ANY_DEFINER,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,TRANSACTION_GTID_TAG,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION
   orchestrator: |
     GRANT RELOAD, PROCESS, SUPER, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO `orchestrator`@`%`
     GRANT SYSTEM_USER ON *.* TO `orchestrator`@`%`
@@ -29,10 +22,16 @@ data:
     GRANT BACKUP_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,ROLE_ADMIN,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN ON *.* TO `replication`@`%` WITH GRANT OPTION
     GRANT INSERT, UPDATE, DELETE ON `mysql`.* TO `replication`@`%` WITH GRANT OPTION
     GRANT SELECT ON `performance_schema`.`threads` TO `replication`@`%`
-
   xtrabackup: |
     GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO `xtrabackup`@`localhost`
     GRANT BACKUP_ADMIN,GROUP_REPLICATION_ADMIN,REPLICATION_SLAVE_ADMIN,SYSTEM_USER ON *.* TO `xtrabackup`@`localhost`
     GRANT SELECT ON `performance_schema`.`keyring_component_status` TO `xtrabackup`@`localhost`
     GRANT SELECT ON `performance_schema`.`log_status` TO `xtrabackup`@`localhost`
     GRANT SELECT ON `performance_schema`.`replication_group_members` TO `xtrabackup`@`localhost`
+kind: ConfigMap
+metadata:
+  creationTimestamp: "2025-03-21T13:31:27Z"
+  name: 02-check-users
+  namespace: kuttl-test-comic-duck
+  resourceVersion: "255443"
+  uid: 6dea4937-c204-4c88-9261-a7a3f7b033da
@@ -26,6 +26,7 @@ import (
 	"strings"
 
 	cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
+	v "github.com/hashicorp/go-version"
 	"github.com/pkg/errors"
 	"github.com/robfig/cron/v3"
 	"golang.org/x/text/cases"
@@ -479,6 +480,7 @@ type StatefulAppStatus struct {
 	Ready   int32            `json:"ready,omitempty"`
 	State   StatefulAppState `json:"state,omitempty"`
 	Version string           `json:"version,omitempty"`
+	ImageID string           `json:"imageID,omitempty"`
 }
 
 // PerconaServerMySQLStatus defines the observed state of PerconaServerMySQL
@@ -497,6 +499,10 @@ type PerconaServerMySQLStatus struct { // INSERT ADDITIONAL STATUS FIELD - defin
 	Host string `json:"host"`
 }
 
+func (s *PerconaServerMySQLStatus) CompareMySQLVersion(ver string) int {
+	return v.Must(v.NewVersion(s.MySQL.Version)).Compare(v.Must(v.NewVersion(ver)))
+}
+
 const ConditionInnoDBClusterBootstrapped string = "InnoDBClusterBootstrapped"
 
 // PerconaServerMySQL is the Schema for the perconaservermysqls API

@@ -58,7 +58,7 @@
 	case "$f" in
 		*.sh)
 			echo "$0: running $f"
 			. "$f"
 			;;
 		*.sql)
 			echo "$0: running $f"
@@ -192,12 +192,12 @@
 
 MYSQL_VERSION=$(mysqld -V | awk '{print $3}' | awk -F'.' '{print $1"."$2}')
 
-if [ "$MYSQL_VERSION" != '8.0' ]; then
+if [[ "$MYSQL_VERSION" != '8.0' ]] && [[ "${MYSQL_VERSION}" != '8.4' ]]; then
-if [[ "$MYSQL_VERSION" != '8.0' ]] && [[ "${MYSQL_VERSION}" != '8.4' ]]; then
+if [[ $MYSQL_VERSION != '8.0' ]] && [[ ${MYSQL_VERSION} != '8.4' ]]; then
-if [[ "$MYSQL_VERSION" != '8.0' ]] && [[ "${MYSQL_VERSION}" != '8.4' ]]; then
+if [[ $MYSQL_VERSION != '8.0' ]] && [[ ${MYSQL_VERSION} != '8.4' ]]; then
 	echo "Percona Distribution for MySQL Operator does not support $MYSQL_VERSION"
 	exit 1
 fi

 if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
 	# still need to check config, container may have started with --user
 	_check_config "$@"

@@ -213,7 +213,7 @@
 		touch /var/lib/mysql/bootstrap.lock
 		file_env 'MYSQL_ROOT_PASSWORD' '' 'root'
 		{ set +x; } 2>/dev/null
 		if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
 			echo >&2 'error: database is uninitialized and password option is not specified '
 			echo >&2 '  You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
 			exit 1
@@ -271,7 +271,7 @@
 		rootCreate=
 		# default root to listen for connections from anywhere
 		file_env 'MYSQL_ROOT_HOST' '%'
 		if [ -n "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then
 			# no, we don't care if read finds a terminating character in this heredoc
 			# https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
 			read -r -d '' rootCreate <<-EOSQL || true
@@ -353,7 +353,7 @@
 		file_env 'MYSQL_USER'
 		file_env 'MYSQL_PASSWORD'
 		{ set +x; } 2>/dev/null
 		if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
 			echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}"

 			if [ "$MYSQL_DATABASE" ]; then
@@ -401,7 +401,7 @@
 if [[ -f /var/lib/mysql/full-cluster-crash ]]; then
 	set +o xtrace
 	node_name=$(hostname -f)
 	cluster_name=$(hostname | cut -d '-' -f1) # TODO: This won't work if CR has `-` in its name.
 	gtid_executed=$(</var/lib/mysql/full-cluster-crash)
 	namespace=$(</var/run/secrets/kubernetes.io/serviceaccount/namespace)


@@ -13,4 +13,4 @@ FQDN="${HOSTNAME}.${SERVICE_NAME}.${NAMESPACE}"
 POD_IP=$(hostname -I | awk '{print $1}')
 
 echo "$(date +%Y-%m-%dT%H:%M:%S%Z): Removing ${FQDN} from cluster" >>${LOG_FILE}
-mysqlsh -i -h "${POD_IP}" -P 33062 -u operator -p"${OPERATOR_PASSWORD}" -e "dba.getCluster().removeInstance('${FQDN}:3306')" >>${LOG_FILE} 2>&1
+mysqlsh --js -i -h "${POD_IP}" -P 33062 -u operator -p"${OPERATOR_PASSWORD}" -e "dba.getCluster().removeInstance('${FQDN}:3306')" >>${LOG_FILE} 2>&1