openstack-helm-infra/helm-toolkit/templates/scripts/_db-init.py.tpl
Jose Bautista 1775e1bea6 Update create db user queries
Using GRANT to create users was deprecated in 5.7. The current
query to create user fails with new versions of mysql.

Change-Id: If991778763dc0961508e8466244955fd71b47591
2023-03-31 01:47:47 +11:00

157 lines
5.5 KiB
Smarty

{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "helm-toolkit.scripts.db_init" }}
#!/usr/bin/env python
# Creates db and user for an OpenStack Service:
# Set ROOT_DB_CONNECTION and DB_CONNECTION environment variables to contain
# SQLAlchemy strings for the root connection to the database and the one you
# wish the service to use. Alternatively, you can use an ini formatted config
# at the location specified by OPENSTACK_CONFIG_FILE, and extract the string
# from the key OPENSTACK_CONFIG_DB_KEY, in the section specified by
# OPENSTACK_CONFIG_DB_SECTION.
import os
import sys
try:
import ConfigParser
PARSER_OPTS = {}
except ImportError:
import configparser as ConfigParser
PARSER_OPTS = {"strict": False}
import logging
from sqlalchemy import create_engine
# Create logger, console handler and formatter
logger = logging.getLogger('OpenStack-Helm DB Init')
logger.setLevel(logging.DEBUG)
ch = logging.StreamHandler()
ch.setLevel(logging.DEBUG)
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
# Set the formatter and add the handler
ch.setFormatter(formatter)
logger.addHandler(ch)
# Get the connection string for the service db root user
if "ROOT_DB_CONNECTION" in os.environ:
db_connection = os.environ['ROOT_DB_CONNECTION']
logger.info('Got DB root connection')
else:
logger.critical('environment variable ROOT_DB_CONNECTION not set')
sys.exit(1)
mysql_x509 = os.getenv('MARIADB_X509', "")
ssl_args = {}
if mysql_x509:
ssl_args = {'ssl': {'ca': '/etc/mysql/certs/ca.crt',
'key': '/etc/mysql/certs/tls.key',
'cert': '/etc/mysql/certs/tls.crt'}}
# Get the connection string for the service db
if "OPENSTACK_CONFIG_FILE" in os.environ:
os_conf = os.environ['OPENSTACK_CONFIG_FILE']
if "OPENSTACK_CONFIG_DB_SECTION" in os.environ:
os_conf_section = os.environ['OPENSTACK_CONFIG_DB_SECTION']
else:
logger.critical('environment variable OPENSTACK_CONFIG_DB_SECTION not set')
sys.exit(1)
if "OPENSTACK_CONFIG_DB_KEY" in os.environ:
os_conf_key = os.environ['OPENSTACK_CONFIG_DB_KEY']
else:
logger.critical('environment variable OPENSTACK_CONFIG_DB_KEY not set')
sys.exit(1)
try:
config = ConfigParser.RawConfigParser(**PARSER_OPTS)
logger.info("Using {0} as db config source".format(os_conf))
config.read(os_conf)
logger.info("Trying to load db config from {0}:{1}".format(
os_conf_section, os_conf_key))
user_db_conn = config.get(os_conf_section, os_conf_key)
logger.info("Got config from {0}".format(os_conf))
except:
logger.critical("Tried to load config from {0} but failed.".format(os_conf))
raise
elif "DB_CONNECTION" in os.environ:
user_db_conn = os.environ['DB_CONNECTION']
logger.info('Got config from DB_CONNECTION env var')
else:
logger.critical('Could not get db config, either from config file or env var')
sys.exit(1)
# Root DB engine
try:
root_engine_full = create_engine(db_connection)
root_user = root_engine_full.url.username
root_password = root_engine_full.url.password
drivername = root_engine_full.url.drivername
host = root_engine_full.url.host
port = root_engine_full.url.port
root_engine_url = ''.join([drivername, '://', root_user, ':', root_password, '@', host, ':', str (port)])
root_engine = create_engine(root_engine_url, connect_args=ssl_args)
connection = root_engine.connect()
connection.close()
logger.info("Tested connection to DB @ {0}:{1} as {2}".format(
host, port, root_user))
except:
logger.critical('Could not connect to database as root user')
raise
# User DB engine
try:
user_engine = create_engine(user_db_conn, connect_args=ssl_args)
# Get our user data out of the user_engine
database = user_engine.url.database
user = user_engine.url.username
password = user_engine.url.password
logger.info('Got user db config')
except:
logger.critical('Could not get user database config')
raise
# Create DB
try:
root_engine.execute("CREATE DATABASE IF NOT EXISTS {0}".format(database))
logger.info("Created database {0}".format(database))
except:
logger.critical("Could not create database {0}".format(database))
raise
# Create DB User
try:
root_engine.execute(
"CREATE USER IF NOT EXISTS \'{0}\'@\'%%\' IDENTIFIED BY \'{1}\' {2}".format(
user, password, mysql_x509))
root_engine.execute(
"GRANT ALL ON `{0}`.* TO \'{1}\'@\'%%\'".format(database, user))
logger.info("Created user {0} for {1}".format(user, database))
except:
logger.critical("Could not create user {0} for {1}".format(user, database))
raise
# Test connection
try:
connection = user_engine.connect()
connection.close()
logger.info("Tested connection to DB @ {0}:{1}/{2} as {3}".format(
host, port, database, user))
except:
logger.critical('Could not connect to database as user')
raise
logger.info('Finished DB Management')
{{- end }}