forked from docker-library/mysql
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.oracle
124 lines (112 loc) · 4.57 KB
/
Dockerfile.oracle
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#
# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
#
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM oraclelinux:9-slim
RUN set -eux; \
groupadd --system --gid 999 mysql; \
useradd --system --uid 999 --gid 999 --home-dir /var/lib/mysql --no-create-home mysql
# add gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.17
RUN set -eux; \
# TODO find a better userspace architecture detection method than querying the kernel
arch="$(uname -m)"; \
case "$arch" in \
aarch64) gosuArch='arm64' ;; \
x86_64) gosuArch='amd64' ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
curl -fL -o /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$gosuArch.asc"; \
curl -fL -o /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$gosuArch"; \
export GNUPGHOME="$(mktemp -d)"; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
chmod +x /usr/local/bin/gosu; \
gosu --version; \
gosu nobody true
RUN set -eux; \
microdnf install -y \
bzip2 \
gzip \
openssl \
xz \
zstd \
# Oracle Linux 8+ is very slim :)
findutils \
; \
microdnf clean all
RUN set -eux; \
# https://dev.mysql.com/doc/refman/8.0/en/checking-gpg-signature.html
# pub rsa4096 2023-10-23 [SC] [expires: 2025-10-22]
# BCA4 3417 C3B4 85DD 128E C6D4 B7B3 B788 A8D3 785C
# uid [ unknown] MySQL Release Engineering <[email protected]>
# sub rsa4096 2023-10-23 [E] [expires: 2025-10-22]
key='BCA4 3417 C3B4 85DD 128E C6D4 B7B3 B788 A8D3 785C'; \
export GNUPGHOME="$(mktemp -d)"; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
gpg --batch --export --armor "$key" > /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql; \
rm -rf "$GNUPGHOME"
ENV MYSQL_MAJOR 8.0
ENV MYSQL_VERSION 8.0.40-1.el9
RUN set -eu; \
{ \
echo '[mysql8.0-server-minimal]'; \
echo 'name=MySQL 8.0 Server Minimal'; \
echo 'enabled=1'; \
echo 'baseurl=https://repo.mysql.com/yum/mysql-8.0-community/docker/el/9/$basearch/'; \
echo 'gpgcheck=1'; \
echo 'gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql'; \
# https://github.com/docker-library/mysql/pull/680#issuecomment-825930524
echo 'module_hotfixes=true'; \
} | tee /etc/yum.repos.d/mysql-community-minimal.repo
RUN set -eux; \
microdnf install -y "mysql-community-server-minimal-$MYSQL_VERSION"; \
microdnf clean all; \
# the "socket" value in the Oracle packages is set to "/var/lib/mysql" which isn't a great place for the socket (we want it in "/var/run/mysqld" instead)
# https://github.com/docker-library/mysql/pull/680#issuecomment-636121520
grep -F 'socket=/var/lib/mysql/mysql.sock' /etc/my.cnf; \
sed -i 's!^socket=.*!socket=/var/run/mysqld/mysqld.sock!' /etc/my.cnf; \
grep -F 'socket=/var/run/mysqld/mysqld.sock' /etc/my.cnf; \
{ echo '[client]'; echo 'socket=/var/run/mysqld/mysqld.sock'; } >> /etc/my.cnf; \
\
# make sure users dumping files in "/etc/mysql/conf.d" still works
! grep -F '!includedir' /etc/my.cnf; \
{ echo; echo '!includedir /etc/mysql/conf.d/'; } >> /etc/my.cnf; \
mkdir -p /etc/mysql/conf.d; \
# ensure these directories exist and have useful permissions
# the rpm package has different opinions on the mode of `/var/run/mysqld`, so this needs to be after install
mkdir -p /var/lib/mysql /var/run/mysqld; \
chown mysql:mysql /var/lib/mysql /var/run/mysqld; \
# ensure that /var/run/mysqld (used for socket and lock files) is writable regardless of the UID our mysqld instance ends up having at runtime
chmod 1777 /var/lib/mysql /var/run/mysqld; \
\
mkdir /docker-entrypoint-initdb.d; \
\
mysqld --version; \
mysql --version
RUN set -eu; \
{ \
echo '[mysql-tools-community]'; \
echo 'name=MySQL Tools Community'; \
echo 'baseurl=https://repo.mysql.com/yum/mysql-tools-community/el/9/$basearch/'; \
echo 'enabled=1'; \
echo 'gpgcheck=1'; \
echo 'gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql'; \
# https://github.com/docker-library/mysql/pull/680#issuecomment-825930524
echo 'module_hotfixes=true'; \
} | tee /etc/yum.repos.d/mysql-community-tools.repo
ENV MYSQL_SHELL_VERSION 8.0.40-1.el9
RUN set -eux; \
microdnf install -y "mysql-shell-$MYSQL_SHELL_VERSION"; \
microdnf clean all; \
\
mysqlsh --version
VOLUME /var/lib/mysql
COPY docker-entrypoint.sh /usr/local/bin/
RUN ln -s usr/local/bin/docker-entrypoint.sh /entrypoint.sh # backwards compat
ENTRYPOINT ["docker-entrypoint.sh"]
EXPOSE 3306 33060
CMD ["mysqld"]