Merge pull request #458 from sclorg/add_distgen_generated_files

Add distgen generated files

Author: phracek

11/README.md

@@ -0,0 +1 @@
+root/usr/share/container-scripts/postgresql/README.md

11/cccp.yml

@@ -0,0 +1 @@
+job-id: postgresql-11-centos7

11/content_sets.yml

@@ -0,0 +1,10 @@
+# This is a file defining which content sets are needed to update content in 
+# this image. Data provided here helps determine which images are vulnerable to
+# specific CVEs. Generally you should only need to update this file when:
+#    1. You start depending on new product
+#    2. You are preparing new product release and your content sets will change
+---
+x86_64:
+- rhel-7-server-rpms
+- rhel-7-server-optional-rpms
+- rhel-server-rhscl-7-rpms

11/root/usr/bin/container-entrypoint

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+exec "$@"

11/root/usr/bin/run-postgresql

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+export ENABLE_REPLICATION=${ENABLE_REPLICATION:-false}
+
+set -eu
+export_vars=$(cgroup-limits) ; export $export_vars
+
+source "${CONTAINER_SCRIPTS_PATH}/common.sh"
+
+set_pgdata
+
+process_extending_files \
+        "${APP_DATA}/src/postgresql-pre-start" \
+        "${CONTAINER_SCRIPTS_PATH}/pre-start"
+
+check_env_vars
+generate_passwd_file
+generate_postgresql_config
+
+# Is this brand new data volume?
+PG_INITIALIZED=false
+
+if [ ! -f "$PGDATA/postgresql.conf" ]; then
+  initialize_database
+  PG_INITIALIZED=:
+else
+  try_pgupgrade
+fi
+
+# Use insanely large timeout (24h) to ensure that the potential recovery has
+# enough time here to happen (unless liveness probe kills us).  Note that in
+# case of server failure this command still exists immediately.
+pg_ctl start -w --timeout 86400 -o "-h ''"
+
+# This is just a pedantic safety measure (the timeout above is unlikely to
+# happen), but `pt_ctl -w` is not reliable prior to PostgreSQL v10 where it
+# returns exit_status=0 even if the server is still starting.  For more info
+# see the issue#297 and
+# https://www.postgresql.org/message-id/CAB7nPqSJs85wK9aknm%3D_jmS6GnH3SQBhpzKcqs8Qo2LhEg2etw%40mail.gmail.com
+pg_isready
+
+if $PG_INITIALIZED ; then
+    process_extending_files \
+        "${APP_DATA}/src/postgresql-init" \
+        "${CONTAINER_SCRIPTS_PATH}/init"
+    migrate_db
+    create_users
+fi
+
+process_extending_files \
+    "${APP_DATA}/src/postgresql-start" \
+    "${CONTAINER_SCRIPTS_PATH}/start"
+
+pg_ctl stop
+
+unset_env_vars
+echo "Starting server..."
+exec postgres "$@"

11/root/usr/bin/run-postgresql-master

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+export ENABLE_REPLICATION=true
+
+exec run-postgresql "$@"

11/root/usr/bin/run-postgresql-slave

@@ -0,0 +1,37 @@
+#!/bin/bash
+
+export ENABLE_REPLICATION=true
+
+set -eu
+export_vars=$(cgroup-limits) ; export $export_vars
+
+source "$CONTAINER_SCRIPTS_PATH"/common.sh
+
+set_pgdata
+
+function initialize_replica() {
+  echo "Initializing PostgreSQL slave ..."
+  # TODO: Validate and reuse existing data?
+  rm -rf $PGDATA
+  PGPASSWORD="${POSTGRESQL_MASTER_PASSWORD}" pg_basebackup -X fetch --no-password --pgdata ${PGDATA} --host=${MASTER_FQDN} --port=5432 -U "${POSTGRESQL_MASTER_USER}"
+
+  # PostgreSQL recovery configuration.
+  generate_postgresql_recovery_config
+  cat >> "$PGDATA/recovery.conf" <<EOF
+
+# Custom OpenShift recovery configuration:
+include '${POSTGRESQL_RECOVERY_FILE}'
+EOF
+}
+
+check_env_vars
+generate_passwd_file
+generate_postgresql_config
+
+wait_for_postgresql_master
+export MASTER_FQDN=$(postgresql_master_addr)
+initialize_replica
+
+unset_env_vars
+echo "Starting server..."
+exec postgres "$@"

11/root/usr/bin/usage

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+cat /usr/share/container-scripts/postgresql/README.md
+

11/root/usr/libexec/check-container

@@ -0,0 +1,27 @@
+#! /bin/sh
+
+# Try whether the PostgreSQL in container accepts connections.
+#
+# With --live, be tolerant to starting PG server.  If the /bin/postgres binary
+# has not been executed yet (the shell script is initializing the container),
+# wait for it (this script might run forever, we expect that the timeout is
+# maintained externally).
+
+test -z "$ENABLED_COLLECTIONS" || . scl_source enable $ENABLED_COLLECTIONS
+
+if test x"$1" = "x--live"; then
+    # Since livenessProbe is about to detect container deadlocks, and we
+    # so far don't know about real deadlocks to be detected -- we keep
+    # liveness probe to report that container is always ready (as long as
+    # we are able to execute shell, enable collections, etc., which is
+    # good for container sanity testing anyways).
+    exit 0
+fi
+
+# Readiness check follows, the --timeout is set to "infinite" because it
+# is handled externally (readinessProbe.timeoutSeconds).
+pg_isready -q \
+    -h 127.0.0.1 \
+    ${POSTGRESQL_USER+-U "$POSTGRESQL_USER"} \
+    ${POSTGRESQL_DATABASE+-d "$POSTGRESQL_DATABASE"} \
+    --timeout 0

11/root/usr/libexec/fix-permissions

@@ -0,0 +1,39 @@
+#!/bin/sh
+
+documentation="\
+Recursively fix permissions on the given directories to allow GID=0
+read/write regular files and read/write/execute directories.
+
+To run this command, you have to be in the group root=0!"
+
+uid=26
+write=w
+
+usage ()
+{
+    cat >&2 <<EOF
+$0: Error: ${1-usage error}
+
+Usage: $0 [--read-only] DIR [DIR ..]
+
+$documentation
+EOF
+    exit 1
+}
+
+while test $# -gt 0; do
+    case $1 in
+    --read-only) write= ; shift ;;
+    *) break ;;
+    esac
+done
+
+test $# -eq 0 && usage "no DIR specified"
+
+for dir; do
+    test -d "$dir" || usage "no such directory '$dir'"
+    echo >&2 "fixing permissions on '$dir' directory"
+    find "$dir" -exec chown "$uid:0" {} \;
+    find "$dir" -exec chmod "g+r$write" {} \;
+    find "$dir" -type d -exec chmod g+x {} +
+done