Remove ReviewDB-support
Since Gerrit 3.0 does not need a ReviewDB anymore and since it is
unlikely that the Kubernetes setup will be used with an earlier version
of the chart, the support for a ReviewDB is also removed with this
change. This also reduces the container size and startup time.
Change-Id: I11f3d8717f045f0b71c7b5d759a0be256d4626aa
diff --git a/LICENSE b/LICENSE
index d087f95..51706c7 100644
--- a/LICENSE
+++ b/LICENSE
@@ -226,11 +226,6 @@
All rights reserved. \
3-Clause BSD License (https://passlib.readthedocs.io/en/stable/copyright.html)
-PyMySQL \
-https://github.com/PyMySQL/PyMySQL \
-Copyright (c) 2010, 2013 PyMySQL contributors \
-MIT License (https://github.com/PyMySQL/PyMySQL/blob/master/LICENSE)
-
pyOpenSSL \
https://github.com/pyca/pyopenssl \
Copyright (c) 2001 The pyOpenSSL developers \
@@ -246,12 +241,6 @@
Copyright 2018 Kenneth Reitz \
Apache 2 license (https://github.com/requests/requests/blob/master/LICENSE)
-SQLAlchemy \
-https://github.com/sqlalchemy/sqlalchemy/ \
-Copyright (c) 2005-2019 Michael Bayer and contributors.
-SQLAlchemy is a trademark of Michael Bayer. \
-MIT License (https://docs.sqlalchemy.org/en/latest/copyright.html)
-
---
## The MIT License (MIT)
diff --git a/Pipfile b/Pipfile
index f0af386..646dc0c 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,8 +14,6 @@
passlib = "~=1.7.1"
pyopenssl = "~=18.0.0"
requests = "~=2.21.0"
-sqlalchemy = "~=1.3.0"
-pymysql = "~=0.9.2"
[requires]
python_version = "3.7"
diff --git a/Pipfile.lock b/Pipfile.lock
index fbeb0b3..355fea9 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
- "sha256": "c482f922f07d16fdb10dd313a480edeec79819be4366ee17da881b9e672673ba"
+ "sha256": "abb246e4d04aaa73d1ac30c1d15db235accf031381d8439b4edaefa74e15bb52"
},
"pipfile-spec": 6,
"requires": {
@@ -192,14 +192,6 @@
],
"version": "==2.19"
},
- "pymysql": {
- "hashes": [
- "sha256:3943fbbbc1e902f41daf7f9165519f140c4451c179380677e6a848587042561a",
- "sha256:d8c059dcd81dedb85a9f034d5e22dcb4442c0b201908bede99e306d65ea7c8e7"
- ],
- "index": "pypi",
- "version": "==0.9.3"
- },
"pyopenssl": {
"hashes": [
"sha256:26ff56a6b5ecaf3a2a59f132681e2a80afcc76b4f902f612f518f92c2a1bf854",
@@ -245,13 +237,6 @@
],
"version": "==2.0.5"
},
- "sqlalchemy": {
- "hashes": [
- "sha256:217e7fc52199a05851eee9b6a0883190743c4fb9c8ac4313ccfceaffd852b0ff"
- ],
- "index": "pypi",
- "version": "==1.3.6"
- },
"urllib3": {
"hashes": [
"sha256:2393a695cd12afedd0dcb26fe5d50d0cf248e5a66f75dbd89a3d4eb333a61af4",
diff --git a/README.md b/README.md
index 9171e9f..656824f 100644
--- a/README.md
+++ b/README.md
@@ -86,10 +86,6 @@
javaHome = /usr/lib/jvm/java-8-openjdk-amd64/jre
```
-The mysql-replication-init docker image is only required for setting up the Gerrit
-slave on Kubernetes. If deploying the Gerrit slave outside of Kubernetes, it can
-be ignored.
-
# Helm Charts
These Helm charts can be used to install a Gerrit cluster consisting of a
@@ -110,12 +106,10 @@
## Gerrit Master
-* Install a [MySQL master](helm-charts/gerrit-master/docs/mysqld.md)
* Install a [Gerrit master](helm-charts/gerrit-master/README.md)
## Gerrit Slave
-* Install a [MySQL slave](helm-charts/gerrit-slave/docs/mysqld.md)
* Install a [Gerrit slave](helm-charts/gerrit-slave/README.md)
# Running tests
diff --git a/build b/build
index 16211d1..aeea82f 100755
--- a/build
+++ b/build
@@ -63,7 +63,7 @@
if test $# -eq 0 ; then
docker_build_gerrit_base
- for IMAGE in apache-git-http-backend gerrit-master gerrit-slave git-gc mysql-replication-init gerrit-init; do
+ for IMAGE in apache-git-http-backend gerrit-master gerrit-slave git-gc gerrit-init; do
docker_build $IMAGE
done
else
diff --git a/container-images/gerrit-base/Dockerfile b/container-images/gerrit-base/Dockerfile
index 241767e..48548b4 100644
--- a/container-images/gerrit-base/Dockerfile
+++ b/container-images/gerrit-base/Dockerfile
@@ -3,7 +3,6 @@
RUN apt-get update && \
apt-get -y install \
curl \
- unzip \
openjdk-8-jdk && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
diff --git a/container-images/gerrit-init/Dockerfile b/container-images/gerrit-init/Dockerfile
index 97014fd..e3474cb 100644
--- a/container-images/gerrit-init/Dockerfile
+++ b/container-images/gerrit-init/Dockerfile
@@ -10,13 +10,9 @@
RUN apt-get update && \
apt-get install -y \
- mysql-client \
- python3 \
- python3-pip && \
+ python3 && \
apt-get clean && \
- rm -rf /var/lib/apt/lists/* && \
- pip3 install pipenv && \
- pipenv install --system
+ rm -rf /var/lib/apt/lists/*
USER gerrit
diff --git a/container-images/gerrit-init/README.md b/container-images/gerrit-init/README.md
index 2dc2333..669ae39 100644
--- a/container-images/gerrit-init/README.md
+++ b/container-images/gerrit-init/README.md
@@ -1,8 +1,7 @@
# Gerrit slave init container image
Kubernetes init container for initializing gerrit. The python script running in
-the container makes sure, that the database is initialized (currently supported:
-H2 and MySQL) and initializes Gerrit including the installation of configured
+the container initializes Gerrit including the installation of configured
core plugins.
## Content
@@ -11,8 +10,7 @@
## Setup and configuration
-* install mysql-client, python 3, pip and pipenv
-* install sqlalchemy and mysql driver for python using pipenv
+* install python 3
* copy tool scripts
## Start
@@ -22,29 +20,11 @@
The `gerrit_init.py`-script
* reads configuration from gerrit.config (via `gerrit_config_parser.py`)
-* waits for the database to start (via `validate_db.py`)
* initializes Gerrit
-The `validate_db.py`-script
-
-* reads database configuration from gerrit.config (via `gerrit_config_parser.py`)
-* waits for the database to start
-* waits for the reviewdb database
-+ waits for some selected tables to ensure that the schema is initialized
-
The `validate_notedb.py`-script
* validates and waits for the repository `All-Projects.git` with the refs
`refs/meta/config`.
* validates and waits for the repository `All-Users.git` with the ref
`refs/meta/config`.
-
-## How to install/update python packages in container
-
-* Python 3.6 is required
-* Install `pipenv`
-* Navigate to `./container-images/gerrit-init/tools`
-* Run `pipenv install <package>`
-
-This will update the `Pipfile` and `Pipfile.lock`, which will be copied into the
-container image, when the container image is built.
diff --git a/container-images/gerrit-init/tools/Pipfile b/container-images/gerrit-init/tools/Pipfile
deleted file mode 100644
index 66e01bc..0000000
--- a/container-images/gerrit-init/tools/Pipfile
+++ /dev/null
@@ -1,13 +0,0 @@
-[[source]]
-name = "pypi"
-url = "https://pypi.org/simple"
-verify_ssl = true
-
-[dev-packages]
-
-[packages]
-sqlalchemy = "~=1.3.0"
-pymysql = "~=0.9.2"
-
-[requires]
-python_version = "3.6"
diff --git a/container-images/gerrit-init/tools/Pipfile.lock b/container-images/gerrit-init/tools/Pipfile.lock
deleted file mode 100644
index 0d6e4da..0000000
--- a/container-images/gerrit-init/tools/Pipfile.lock
+++ /dev/null
@@ -1,36 +0,0 @@
-{
- "_meta": {
- "hash": {
- "sha256": "d87c5aa27a5520841f560eaa4fbee325110730a1a9e088bf2bc2e24cdc6d155d"
- },
- "pipfile-spec": 6,
- "requires": {
- "python_version": "3.6"
- },
- "sources": [
- {
- "name": "pypi",
- "url": "https://pypi.org/simple",
- "verify_ssl": true
- }
- ]
- },
- "default": {
- "pymysql": {
- "hashes": [
- "sha256:3943fbbbc1e902f41daf7f9165519f140c4451c179380677e6a848587042561a",
- "sha256:d8c059dcd81dedb85a9f034d5e22dcb4442c0b201908bede99e306d65ea7c8e7"
- ],
- "index": "pypi",
- "version": "==0.9.3"
- },
- "sqlalchemy": {
- "hashes": [
- "sha256:91c54ca8345008fceaec987e10924bf07dcab36c442925357e5a467b36a38319"
- ],
- "index": "pypi",
- "version": "==1.3.3"
- }
- },
- "develop": {}
-}
diff --git a/container-images/gerrit-init/tools/gerrit_init.py b/container-images/gerrit-init/tools/gerrit_init.py
index 18bb786..85f4a5d 100755
--- a/container-images/gerrit-init/tools/gerrit_init.py
+++ b/container-images/gerrit-init/tools/gerrit_init.py
@@ -21,16 +21,14 @@
from git_config_parser import GitConfigParser
from log import get_logger
-from validate_db import select_db
LOG = get_logger("init")
class GerritInit:
- def __init__(self, site, wanted_plugins, enable_reviewdb):
+ def __init__(self, site, wanted_plugins):
self.site = site
self.wanted_plugins = set(wanted_plugins)
- self.enable_reviewdb = enable_reviewdb
self.gerrit_config = self._parse_gerrit_config()
self.is_slave = self._is_slave()
@@ -44,10 +42,6 @@
return None
- def _ensure_database_connection(self):
- database = select_db(self.site)
- database.wait_for_db_server()
-
def _is_slave(self):
if self.gerrit_config:
return self.gerrit_config.get_boolean("container.slave", False)
@@ -111,8 +105,6 @@
if self.gerrit_config:
LOG.info("Existing gerrit.config found.")
- if self.enable_reviewdb:
- self._ensure_database_connection()
else:
LOG.info("No gerrit.config found. Initializing default site.")
@@ -164,14 +156,7 @@
action="append",
default=list(),
)
- parser.add_argument(
- "-d",
- "--reviewdb",
- help="Whether a reviewdb is part of the Gerrit installation.",
- dest="reviewdb",
- action="store_true",
- )
args = parser.parse_args()
- init = GerritInit(args.site, args.wanted_plugins, args.reviewdb)
+ init = GerritInit(args.site, args.wanted_plugins)
init.execute()
diff --git a/container-images/gerrit-init/tools/validate_db.py b/container-images/gerrit-init/tools/validate_db.py
deleted file mode 100755
index 357eea7..0000000
--- a/container-images/gerrit-init/tools/validate_db.py
+++ /dev/null
@@ -1,222 +0,0 @@
-#!/usr/bin/python3
-
-# Copyright (C) 2018 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import argparse
-import os.path
-import sys
-import time
-
-from abc import ABC, abstractmethod
-from sqlalchemy import create_engine
-from sqlalchemy.exc import SQLAlchemyError
-
-from git_config_parser import GitConfigParser
-from log import get_logger
-
-LOG = get_logger("validate-db")
-
-
-class DatabaseConfig:
- def __init__(self, name, host, port, user, pwd):
- self.name = name
- self.host = host
- self.port = port
- self.user = user
- self.pwd = pwd
-
-
-class AbstractGerritDB(ABC):
- def __init__(self, config, secure_config):
- self._read_config(config, secure_config)
-
- @abstractmethod
- def _read_config(self, config, secure_config):
- """
- Read all required configuration values.
- """
-
- @abstractmethod
- def _create_db_url(self):
- """
- Create a URL with which the database can be reached.
- """
-
- @abstractmethod
- def wait_for_db_server(self):
- """
- Wait until a connection with the database server is achieved.
- """
-
- @abstractmethod
- def wait_for_db(self):
- """
- Check whether a database with the name configured for the ReviewDB
- exists on the database server and wait for its creation.
- """
-
- @abstractmethod
- def wait_for_schema(self):
- """
- Check whether the schema of the ReviewDBwas created and wait for its
- creation.
- """
-
-
-class H2GerritDB(AbstractGerritDB):
- def __init__(self, config, secure_config, site):
- super().__init__(config, secure_config)
- self.site = site
- self.url = self._create_db_url()
-
- def _read_config(self, config, secure_config):
- name = config.get("database.database", default="ReviewDB")
- self.db_config = DatabaseConfig(name, None, None, None, None)
-
- def _create_db_url(self):
- suffix = ".h2.db"
- if os.path.isabs(self.db_config.name):
- if self.db_config.name.endswith(suffix):
- return self.db_config.name
- return self.db_config.name + suffix
- return os.path.join(self.site, "db", self.db_config.name) + suffix
-
- def wait_for_db_server(self):
- # Not required. H2 is an embedded database.
- pass
-
- def wait_for_db(self):
- LOG.info("Waiting for database to be available...")
- while not os.path.exists(self.url):
- time.sleep(3)
- LOG.info("Still waiting...")
- LOG.info("Found it!")
-
- def wait_for_schema(self):
- # Since no replication of a H2 databas is implemented yet, this test is not
- # needed, because the schema is created by Gerrit.
- pass
-
-
-class MysqlGerritDB(AbstractGerritDB):
- def __init__(self, config, secure_config):
- super().__init__(config, secure_config)
-
- # tables expected in Gerrit 2.12 - 2.16
- self.tables = ["changes", "patch_sets"]
- self.server_url, self.reviewdb_url = self._create_db_url()
-
- self.engine = None
- self.connection = None
-
- def _read_config(self, config, secure_config):
- name = config.get("database.database", default="reviewdb")
- host = config.get("database.hostname", default="localhost")
- port = config.get("database.port", default="3306")
- user = secure_config.get("database.username", default="")
- pwd = secure_config.get("database.password", default="")
- self.db_config = DatabaseConfig(name, host, port, user, pwd)
-
- def _create_db_url(self):
- server_url = "mysql+pymysql://%s:%s@%s:%s" % (
- self.db_config.user,
- self.db_config.pwd,
- self.db_config.host,
- self.db_config.port,
- )
- reviewdb_url = "%s/%s" % (server_url, self.db_config.name)
- return (server_url, reviewdb_url)
-
- def _connect_to_db(self, url):
- self.engine = create_engine(url)
- self.connection = self.engine.connect()
-
- def wait_for_db_server(self):
- LOG.info("Waiting for database server connection...")
- while not self.connection or self.connection.closed:
- try:
- self._connect_to_db(self.server_url)
- continue
- except SQLAlchemyError:
- LOG.info("Still waiting...")
- time.sleep(3)
- self.connection.close()
- LOG.info("Connection successful!")
-
- def wait_for_db(self):
- LOG.info("Waiting for database to be available...")
- self.connection.close()
- while not self.connection or self.connection.closed:
- try:
- self._connect_to_db(self.reviewdb_url)
- continue
- except SQLAlchemyError:
- LOG.info("Still waiting...")
- time.sleep(3)
- self.connection.close()
- LOG.info("Found it!")
-
- def wait_for_schema(self):
- LOG.info("Waiting for database schema to be created...")
- for table in self.tables:
- while not self.engine.dialect.has_table(self.engine, table):
- LOG.info("Still waiting for table %s...", table)
- time.sleep(3)
- LOG.info("Schema appears to have been created!")
-
-
-def select_db(gerrit_site_path):
- gerrit_config_path = os.path.join(gerrit_site_path, "etc/gerrit.config")
- config = GitConfigParser(gerrit_config_path)
-
- gerrit_secure_config_path = os.path.join(gerrit_site_path, "etc/secure.config")
- secure_config = GitConfigParser(gerrit_secure_config_path)
-
- db_type = config.get("database.type")
-
- if db_type.upper() == "H2":
- gerrit_db = H2GerritDB(config, secure_config, gerrit_site_path)
- elif db_type.upper() == "MYSQL":
- gerrit_db = MysqlGerritDB(config, secure_config)
- else:
- LOG.error("Unknown database type.")
- sys.exit(1)
-
- return gerrit_db
-
-
-def validate_db(gerrit_site_path):
- gerrit_db = select_db(gerrit_site_path)
-
- gerrit_db.wait_for_db_server()
- gerrit_db.wait_for_db()
- gerrit_db.wait_for_schema()
-
-
-# pylint: disable=C0103
-if __name__ == "__main__":
- parser = argparse.ArgumentParser()
- parser.add_argument(
- "-s",
- "--site",
- help="Path to Gerrit site",
- dest="site",
- action="store",
- default="/var/gerrit",
- required=True,
- )
- args = parser.parse_args()
-
- validate_db(args.site)
diff --git a/container-images/gerrit-init/tools/validate_notedb.py b/container-images/gerrit-init/tools/validate_notedb.py
index 4fec993..92f96f0 100755
--- a/container-images/gerrit-init/tools/validate_notedb.py
+++ b/container-images/gerrit-init/tools/validate_notedb.py
@@ -30,7 +30,7 @@
self.notedb_repos = ["All-Projects.git", "All-Users.git"]
self.required_refs = {
- "All-Projects.git": ["refs/meta/config"],
+ "All-Projects.git": ["refs/meta/config", "refs/meta/version"],
"All-Users.git": ["refs/meta/config"],
}
diff --git a/container-images/gerrit-slave/Dockerfile b/container-images/gerrit-slave/Dockerfile
index be5a81f..01cb993 100644
--- a/container-images/gerrit-slave/Dockerfile
+++ b/container-images/gerrit-slave/Dockerfile
@@ -2,7 +2,5 @@
COPY tools/* /var/tools/
-# Initialize Gerrit site, install MySQL driver for Gerrit and configure Gerrit
-# as slave
-RUN /var/tools/download_db_driver && \
- git config -f /var/gerrit/etc/gerrit.config container.slave true
+# Configure Gerrit as slave
+RUN git config -f /var/gerrit/etc/gerrit.config container.slave true
diff --git a/container-images/gerrit-slave/README.md b/container-images/gerrit-slave/README.md
index 65073a2..d78c2c9 100644
--- a/container-images/gerrit-slave/README.md
+++ b/container-images/gerrit-slave/README.md
@@ -5,18 +5,14 @@
## Content
* gerrit-base image
-* mysql-driver for Gerrit
## Setup and configuration
-* batch initialize Gerrit site in `/var/gerrit`
-* install plugins
-* install MySQL driver
+* copy entrypoint scripts to image
* ensure gerrit is configured as gerrit slave
## Start
* starts the container via start script `/var/tools/start`
-(Entrypoint is inherited from gerrit-base image)
* If configuration files (`gerrit.config`, `secret.config`, and `keystore`) are
provide in `/var/config`, they will be symlinked into the Gerrit site.
diff --git a/container-images/gerrit-slave/tools/download_db_driver b/container-images/gerrit-slave/tools/download_db_driver
deleted file mode 100755
index 1f24517..0000000
--- a/container-images/gerrit-slave/tools/download_db_driver
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-set -e
-
-GERRIT_VERSION="$(java -jar /var/gerrit/bin/gerrit.war --version | cut -c 16-19)"
-
-if ([ "${GERRIT_VERSION}" = "2.12" ] || [ "${GERRIT_VERSION}" = "2.13" ]); then
- PGM_INIT_JAR="gerrit-pgm-init.jar"
-elif ([ "${GERRIT_VERSION}" = "2.14" ] || [ "${GERRIT_VERSION}" = "2.15" ]); then
- PGM_INIT_JAR="gerrit-pgm-libinit.jar"
-else
- PGM_INIT_JAR="com_google_gerrit_pgm_init_libinit.jar"
-fi
-
-unzip -xOf /var/gerrit/bin/gerrit.war WEB-INF/lib/${PGM_INIT_JAR} -d /tmp
-LIBRARY_CONFIG_PATH="com/google/gerrit/pgm/init/libraries.config"
-unzip -xOf /tmp/WEB-INF/lib/${PGM_INIT_JAR} ${LIBRARY_CONFIG_PATH} -d /tmp
-( cd /var/gerrit/lib &&
- curl -LO $(git config --file /tmp/${LIBRARY_CONFIG_PATH} --get library.mysqlDriver.url) )
-git config --file /tmp/${LIBRARY_CONFIG_PATH} --get library.mysqlDriver.sha1 && \
-echo "$(git config --file /tmp/${LIBRARY_CONFIG_PATH} --get library.mysqlDriver.sha1) $(find /var/gerrit/lib -name 'mysql-connector-java-*.jar')" | shasum -c -
-rm -rf /tmp/WEB-INF /tmp/${LIBRARY_CONFIG_PATH}
\ No newline at end of file
diff --git a/container-images/gerrit-slave/tools/start b/container-images/gerrit-slave/tools/start
index b7dc32e..340816f 100755
--- a/container-images/gerrit-slave/tools/start
+++ b/container-images/gerrit-slave/tools/start
@@ -8,23 +8,11 @@
done
}
-create_missing_repository(){
- test -d $1 || git init --bare $1
-}
-
# Ensure that configuration provided at /var/config is symlinked to the Gerrit
# site. This is necessary, because mounting files from secrets/configmaps in
# Kubernetes make the containing directory read-only.
symlink_config_to_site
-create_missing_repository /var/gerrit/git/All-Projects.git
-create_missing_repository /var/gerrit/git/All-Users.git
-
-DB=$(git config --file /var/gerrit/etc/gerrit.config --get database.type)
-if [[ "${DB^^}" == "MYSQL" ]]; then
- /var/tools/download_db_driver
-fi
-
# workaround gerrit.sh does not start httpd
JAVA_OPTIONS=$(git config --file /var/gerrit/etc/gerrit.config --get-all container.javaOptions)
java ${JAVA_OPTIONS} -jar /var/gerrit/bin/gerrit.war daemon \
diff --git a/container-images/mysql-replication-init/Dockerfile b/container-images/mysql-replication-init/Dockerfile
deleted file mode 100644
index b68d2be..0000000
--- a/container-images/mysql-replication-init/Dockerfile
+++ /dev/null
@@ -1,11 +0,0 @@
-FROM ubuntu:18.04
-
-RUN apt-get update && \
- apt-get install -y \
- mysql-client && \
- apt-get clean && \
- rm -rf /var/lib/apt/lists/*
-
-COPY tools/* /var/tools/
-
-ENTRYPOINT ["/bin/bash", "/var/tools/start"]
diff --git a/container-images/mysql-replication-init/README.md b/container-images/mysql-replication-init/README.md
deleted file mode 100644
index 8a167c5..0000000
--- a/container-images/mysql-replication-init/README.md
+++ /dev/null
@@ -1,26 +0,0 @@
-# MySQL slave init container image
-
-Kubernetes init container for initializing a MySQL slave
-
-## Content
-
-* Ubuntu 18.04
-
-## Setup and configuration
-
-* install mysql-client
-* copy tool scripts
-
-## Start
-
-* start the container via start script `/var/tools/start`
-
-The start script
-
-* waits for database dump file from MySQL master to be copied into the container.
- The path to which the dump-file has to be copied, can be configured by setting the
- environment variable $FILEPATH (default: `/var/data/db/master_dump.sql`).
- The file can be copied into the container using `kubectl cp` or `docker cp`.
-* imports the database dump from MySQL master into MySQL slave
-* configures the MySQL slave
-* starts the MySQL slave
\ No newline at end of file
diff --git a/container-images/mysql-replication-init/tools/start b/container-images/mysql-replication-init/tools/start
deleted file mode 100755
index 7cbcded..0000000
--- a/container-images/mysql-replication-init/tools/start
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/bash
-
-test -z "${FILEPATH}" && FILEPATH=/var/data/db/master_dump.sql
-mkdir -p $(dirname "${FILEPATH}")
-useradd gerrit -u 1000 -g users
-chown -R gerrit:users /var/data/db
-rm -f ${FILEPATH} || echo "File did not exist yet."
-
-getTimeFromLastChange() {
- lastAccess=$(stat --format=%Y ${FILEPATH})
- now=$(date +%s)
- timePassed=$((now - lastAccess))
- echo ${timePassed}
-}
-
-echo "$(date): Started"
-echo "Waiting for database dump file at ${FILEPATH}"
-while ! test -f ${FILEPATH}; do
- sleep 1
-done
-echo "$(date): File appeared"
-
-echo "Waiting for the copy process to finish."
-while [ "$(getTimeFromLastChange ${FILEPATH})" -lt 5 ]; do
- sleep 1
-done
-echo "$(date): Database dump received"
-
-# Load database dump into database
-mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD} < ${FILEPATH}
-
-# Configure and start database slave
-mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD} \
- -e "set @replpwd='${REPL_PASSWORD}'; source /var/sql/initialize-slave.sql;"
diff --git a/helm-charts/gerrit-master/Chart.yaml b/helm-charts/gerrit-master/Chart.yaml
index 6f4bed4..8217192 100644
--- a/helm-charts/gerrit-master/Chart.yaml
+++ b/helm-charts/gerrit-master/Chart.yaml
@@ -8,7 +8,7 @@
[1](https://en.wikipedia.org/wiki/Gerrit_(software)
name: gerrit-master
-version: 0.1.0
+version: 0.2.0
maintainers:
- name: Thomas Draebing
email: thomas.draebing@sap.com
diff --git a/helm-charts/gerrit-master/README.md b/helm-charts/gerrit-master/README.md
index 933b5c1..3e6d271 100644
--- a/helm-charts/gerrit-master/README.md
+++ b/helm-charts/gerrit-master/README.md
@@ -4,6 +4,11 @@
chart provides a Gerrit setup that can be deployed on Kubernetes.
In addition, the chart provides a CronJob to perform Git garbage collection.
+***note
+Gerrit versions before 3.0 are no longer supported, since the support of ReviewDB
+was removed.
+***
+
## Prerequisites
- Helm and Tiller (of course)
@@ -30,11 +35,6 @@
A [Java keystore](https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#httpd.sslKeyStore)
to be used by Gerrit.
-- (Optional: Required, for Gerrit versions lower than 2.16)
- A relational database to contain the ReviewDB, e.g. as provided by the
- [reviewdb chart](/helm-charts/reviewdb). With Gerrit 2.16 an embedded H2-
- database is usually enough, since the data is not changed during runtime.
-
## Installing the Chart
***note
@@ -198,17 +198,6 @@
The canonical web URL has to be set to the Ingress host.
-- `database.*`
-
- If the database is installed in the same Kubernetes cluster, the name of the
- service exposing the database deployment may be used as a hostname.
-
- With newer versions of the MySQL-driver used by Gerrit, using SSL-encrypted
- communication with the database is enforced by default. This can be deactivated
- by setting the `useSSL=false`-option. To do that in Gerrit, the database-URL
- has to be provided manually:
- `url = jdbc:mysql://<db-host>:<db-port>/<db-name>?nullNamePatternMatchesAll=true&useSSL=false`
-
- `httpd.listenURL`
This has to be set to `proxy-http://*:8080/` or `proxy-https://*:8080`,
diff --git a/helm-charts/gerrit-master/templates/gerrit-master.stateful-set.yaml b/helm-charts/gerrit-master/templates/gerrit-master.stateful-set.yaml
index 1c8be83..a307c3c 100644
--- a/helm-charts/gerrit-master/templates/gerrit-master.stateful-set.yaml
+++ b/helm-charts/gerrit-master/templates/gerrit-master.stateful-set.yaml
@@ -70,9 +70,6 @@
fi
/var/tools/gerrit_init.py \
- {{- if .Values.gerritMaster.reviewdb.enabled }}
- --reviewdb \
- {{- end }}
-s /var/gerrit \
-p replication \
-p commit-message-length-validator \
@@ -80,10 +77,6 @@
-p reviewnotes
symlink_config_to_site
-
- {{- if .Values.gerritMaster.reviewdb.enabled }}
- /var/tools/validate_db.py -s /var/gerrit
- {{- end }}
volumeMounts:
- name: gerrit-site
mountPath: "/var/gerrit"
diff --git a/helm-charts/gerrit-master/values.yaml b/helm-charts/gerrit-master/values.yaml
index ff5a5f9..ad4042f 100644
--- a/helm-charts/gerrit-master/values.yaml
+++ b/helm-charts/gerrit-master/values.yaml
@@ -129,9 +129,6 @@
# automatic encoding using helm does not work here.
keystore:
- reviewdb:
- enabled: false
-
config:
# Some values are expected to have a specific value for the deployment installed
# by this chart to work. These are marked with `# FIXED`.
diff --git a/helm-charts/gerrit-slave/Chart.yaml b/helm-charts/gerrit-slave/Chart.yaml
index 10ef0d6..f85e02f 100644
--- a/helm-charts/gerrit-slave/Chart.yaml
+++ b/helm-charts/gerrit-slave/Chart.yaml
@@ -5,7 +5,7 @@
that it receives from a Gerrit master instance via replication. It can be
used to reduce the load on Gerrit master instances.
name: gerrit-slave
-version: 0.1.0
+version: 0.2.0
maintainers:
- name: Thomas Draebing
email: thomas.draebing@sap.com
diff --git a/helm-charts/gerrit-slave/README.md b/helm-charts/gerrit-slave/README.md
index 1c2cbab..13d3479 100644
--- a/helm-charts/gerrit-slave/README.md
+++ b/helm-charts/gerrit-slave/README.md
@@ -10,6 +10,11 @@
The Gerrit slave is capable of receiving replicated git repositories from a
Gerrit master. The Gerrit slave can then serve authenticated read-only requests.
+***note
+Gerrit versions before 3.0 are no longer supported, since the support of ReviewDB
+was removed.
+***
+
## Prerequisites
- Helm and Tiller (of course)
@@ -36,11 +41,6 @@
A [Java keystore](https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#httpd.sslKeyStore)
to be used by Gerrit.
-- (Optional: Required, for Gerrit versions lower than 2.16)
- A relational database to contain the ReviewDB, e.g. as provided by the
- [reviewdb chart](/helm-charts/reviewdb). With Gerrit 2.16 an embedded H2-
- database is usually enough, since the data is not changed during runtime.
-
## Installing the Chart
***note
@@ -62,11 +62,11 @@
[configuration section](#Configuration) lists the parameters that can be
configured during installation.
-If the NoteDB is used, the Gerrit slave requires the replicated `All-Projects.git`-
-and `All-Users.git`-repositories to be present in the `/var/gerrit/git`-directory.
-The `gerrit-init`-InitContainer will wait for this being the case. A way to do
-this is to access the Gerrit slave pod and to clone the repositories from the
-Gerrit master (Make sure that you have the correct access rights do so.):
+The Gerrit slave requires the replicated `All-Projects.git`- and `All-Users.git`-
+repositories to be present in the `/var/gerrit/git`-directory. The `gerrit-init`-
+InitContainer will wait for this being the case. A way to do this is to access
+the Gerrit slave pod and to clone the repositories from the Gerrit master (Make
+sure that you have the correct access rights do so.):
```sh
kubectl exec -it <gerrit-slave-pod> -c gerrit-init bash
@@ -191,30 +191,30 @@
is mandatory, if access to the Gerrit slave is required!
***
-| Parameter | Description | Default |
-|---------------------------------------------|--------------------------------------------------------------------------------------------------------------------------|-----------------------------------|
-| `gerritSlave.images.gerritInit` | Image name of the Gerrit init container image | `k8s-gerrit/gerrit-init` |
-| `gerritSlave.images.gerritSlave` | Image name of the Gerrit slave container image | `k8s-gerrit/gerrit-slave` |
-| `gerritSlave.replicas` | Number of pod replicas to deploy | `1` |
-| `gerritSlave.maxSurge` | Max. percentage or number of pods allowed to be scheduled above the desired number | `25%` |
-| `gerritSlave.maxUnavailable` | Max. percentage or number of pods allowed to be unavailable at a time | `100%` |
-| `gerritSlave.initializeTestSite.enabled` | Enable the initialization of a site. USE ONLY for testing, if you do not plan to replicate repositories or the database. | `true` |
-| `gerritSlave.resources` | Configure the amount of resources the pod requests/is allowed | `requests.cpu: 1` |
-| | | `requests.memory: 5Gi` |
-| | | `limits.cpu: 1` |
-| | | `limits.memory: 6Gi` |
-| `gerritSlave.persistence.enabled` | Whether to persist the Gerrit site | `true` |
-| `gerritSlave.persistence.size` | Storage size for persisted Gerrit site | `10Gi` |
-| `gerritSlave.service.type` | Which kind of Service to deploy | `NodePort` |
-| `gerritSlave.service.http.port` | Port over which to expose HTTP | `80` |
-| `gerritSlave.ingress.host` | REQUIRED: Host name to use for the Ingress (required for Ingress) | `nil` |
-| `gerritSlave.ingress.additionalAnnotations` | Additional annotations for the Ingress | `nil` |
-| `gerritSlave.ingress.tls.enabled` | Whether to enable TLS termination in the Ingress | `false` |
-| `gerritSlave.ingress.tls.cert` | Public SSL server certificate | `-----BEGIN CERTIFICATE-----` |
-| `gerritSlave.ingress.tls.key` | Private SSL server certificate | `-----BEGIN RSA PRIVATE KEY-----` |
-| `gerritSlave.keystore` | base64-encoded Java keystore (`cat keystore.jks | base64`) to be used by Gerrit, when using SSL | `nil` |
-| `gerritSlave.config.gerrit` | The contents of the gerrit.config | [see here](#Gerrit-config-files) |
-| `gerritSlave.config.secure` | The contents of the secure.config | [see here](#Gerrit-config-files) |
+| Parameter | Description | Default |
+|---------------------------------------------|----------------------------------------------------------------------------------------------------------|-----------------------------------|
+| `gerritSlave.images.gerritInit` | Image name of the Gerrit init container image | `k8s-gerrit/gerrit-init` |
+| `gerritSlave.images.gerritSlave` | Image name of the Gerrit slave container image | `k8s-gerrit/gerrit-slave` |
+| `gerritSlave.replicas` | Number of pod replicas to deploy | `1` |
+| `gerritSlave.maxSurge` | Max. percentage or number of pods allowed to be scheduled above the desired number | `25%` |
+| `gerritSlave.maxUnavailable` | Max. percentage or number of pods allowed to be unavailable at a time | `100%` |
+| `gerritSlave.initializeTestSite.enabled` | Enable the initialization of a site. USE ONLY for testing, if you do not plan to replicate repositories. | `true` |
+| `gerritSlave.resources` | Configure the amount of resources the pod requests/is allowed | `requests.cpu: 1` |
+| | | `requests.memory: 5Gi` |
+| | | `limits.cpu: 1` |
+| | | `limits.memory: 6Gi` |
+| `gerritSlave.persistence.enabled` | Whether to persist the Gerrit site | `true` |
+| `gerritSlave.persistence.size` | Storage size for persisted Gerrit site | `10Gi` |
+| `gerritSlave.service.type` | Which kind of Service to deploy | `NodePort` |
+| `gerritSlave.service.http.port` | Port over which to expose HTTP | `80` |
+| `gerritSlave.ingress.host` | REQUIRED: Host name to use for the Ingress (required for Ingress) | `nil` |
+| `gerritSlave.ingress.additionalAnnotations` | Additional annotations for the Ingress | `nil` |
+| `gerritSlave.ingress.tls.enabled` | Whether to enable TLS termination in the Ingress | `false` |
+| `gerritSlave.ingress.tls.cert` | Public SSL server certificate | `-----BEGIN CERTIFICATE-----` |
+| `gerritSlave.ingress.tls.key` | Private SSL server certificate | `-----BEGIN RSA PRIVATE KEY-----` |
+| `gerritSlave.keystore` | base64-encoded Java keystore (`cat keystore.jks | base64`) to be used by Gerrit, when using SSL | `nil` |
+| `gerritSlave.config.gerrit` | The contents of the gerrit.config | [see here](#Gerrit-config-files) |
+| `gerritSlave.config.secure` | The contents of the secure.config | [see here](#Gerrit-config-files) |
### Gerrit config files
@@ -244,17 +244,6 @@
The canonical web URL has to be set to the Ingress host.
-- `database.*`
-
- If the database is installed in the same Kubernetes cluster, the name of the
- service exposing the database deployment may be used as a hostname.
-
- With newer versions of the MySQL-driver used by Gerrit, using SSL-encrypted
- communication with the database is enforced by default. This can be deactivated
- by setting the `useSSL=false`-option. To do that in Gerrit, the database-URL
- has to be provided manually:
- `url = jdbc:mysql://<db-host>:<db-port>/<db-name>?nullNamePatternMatchesAll=true&useSSL=false`
-
- `httpd.listenURL`
This has to be set to `proxy-http://*:8080/` or `proxy-https://*:8080`,
diff --git a/helm-charts/gerrit-slave/docs/mysql.md b/helm-charts/gerrit-slave/docs/mysql.md
deleted file mode 100644
index df33ca2..0000000
--- a/helm-charts/gerrit-slave/docs/mysql.md
+++ /dev/null
@@ -1,273 +0,0 @@
-# Configuring the MySQL-slave
-
-To install a MySQL slave database with the gerrit-slave chart, set
-`database.provider` to `mysql` and `mysql.enabled`to true in the `values.yaml`.
-This will then install the [mysql chart](https://github.com/helm/charts/tree/master/stable/mysql)
-onto the Kubernetes cluster as a dependency of the gerrit-slave chart.
-
-## Configuring the master DB instance
-
-For the replication to work, the MySQL database master has to be configured
-accordingly and some data about the database state has to be collected. The
-necessary steps are detailed in this section. If it is not planned to replicate
-the master database, skip this section.
-
-### Create technical user
-
-Connect to the MySQL database master and create a technical user to handle the
-replication:
-
-```sql
-CREATE USER 'repl' IDENTIFIED BY 'password';
-GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'repl'
- IDENTIFIED BY 'password'
- REQUIRE SUBJECT '/C=DE/O=Gerrit/CN=gerrit-db-slave';
-FLUSH PRIVILEGES;
-```
-
-The username, password and certificate subject can be chosen as needed, but should
-be written down, since they are needed in coming steps.
-
-### Create certificates for SSL-encrypted communication
-
-For SSL-encrypted communication, a set of certificates is needed. If the master
-does not yet possess a CA, private- and public key, use the following commands
-to create them after adjusting the subject strings:
-
-```sh
-openssl genrsa -out ./ca.key.pem 4096
-
-openssl req \
- -key ./ca.key.pem \
- -new \
- -x509 \
- -days 7300 \
- -sha256 \
- -out ./ca.cert.pem \
- -subj "/C=DE/O=Gerrit/CN=gerrit-db-master" \
- -nodes
-
-openssl genrsa -out ./master.key.pem 4096
-
-openssl req \
- -key ./master.key.pem \
- -new \
- -sha256 \
- -out ./master.csr.pem \
- -subj "/C=DE/O=Gerrit/CN=gerrit-db-master" \
- -nodes
-
-openssl x509 \
- -req \
- -CA ./ca.cert.pem \
- -CAkey ./ca.key.pem \
- -CAcreateserial \
- -in ./master.csr.pem \
- -out ./master.cert.pem
-```
-
-Then a private and a public key for the slave has to be created. If the master
-did already possess a CA, change the corresponding paths in the commands below.
-The subject string has to be the same as the one used, when creating the
-[MySQL user for replication](#Create-technical-user). The content of the
-CA-certificate and the slave's private and public key (here: `slave.key.pem` and
-`slave.cert.pem`) have to be noted for later use.
-
-```sh
-openssl genrsa -out ./slave.key.pem 4096
-
-openssl req \
- -key ./slave.key.pem \
- -new -sha256 \
- -out ./slave.csr.pem \
- -subj "/C=DE/O=Gerrit/CN=gerrit-db-slave" \
- -nodes
-
-openssl x509 \
- -req \
- -CA ./ca.cert.pem \
- -CAkey ./ca.key.pem \
- -CAcreateserial \
- -in ./slave.csr.pem \
- -out ./slave.cert.pem
-```
-
-### Configure the master database
-
-The master DB has to be configured for replication by adding the following entries
-to the configuration-file of the MySQL instance:
-
-```python
-[mysqld]
-server-id=1 # Has to be unique under all masters/slaves.
-log_bin=mysql-bin # Name of the logs used for replication
-
-ssl-ca=/ssl/ca.pem # Location of the CA-certificate
-ssl-cert=/ssl/server-cert.pem # Location of the public key
-ssl-key=/ssl/server-key.pem # Location of the private key
-```
-
-### Create database dump and note database state
-
-In the next steps the content of the database has to be retrieved and the corresponding
-status of the transaction logs has to be retrieved. Depending on the traffic the
-database receives, the master DB should be stopped for these steps, since the
-information could get out off sync, if the data is changed inbetween the steps:
-
-```sql
-STOP MASTER;
-```
-
-Retrieve the status of the master:
-
-```sql
-SHOW MASTER STATUS;
-
- +------------------+----------+--------------+------------------+-------------------+
- | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
- +------------------+----------+--------------+------------------+-------------------+
- | mysql-bin.000004 | 69444891 | | | |
- +------------------+----------+--------------+------------------+-------------------+
-```
-
-The filename and position should be written down, since they will be needed for
-the configuration of the slave.
-
-Dump the content of the database:
-
-```sh
-mysqldump --user=root -p --all-databases > ./master_dump.sql
-```
-
-Afterwards, the master can be started again:
-
-```sql
-START MASTER;
-```
-
-## Configuration
-
-### mysql-chart
-
-The configuration of the database is done in the `values.yaml`of the gerrit-slave
-chart under the `mysql`-key. The complete list of options for the mysql-chart can
-be viewed in the chart's [documentation](https://github.com/helm/charts/blob/master/stable/mysql/README.md).
-The options referenced in the gerrit-slave chart's `values.yaml` are listed here:
-
-| Parameter | Description | Default |
-|--------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|
-| `mysql.enabled` | Whether to install the MySQL database | `true` |
-| `mysql.image` | Which container image containing MySQL to use | `mysql` |
-| `mysql.imageTag` | Tag of container image (usually the database version) | `5.5.61` |
-| `mysql.mysqlRootPassword` | Password of the database `root` user | `big_secret` |
-| `mysql.mysqlUser` | Database user (The technical user used by the Gerrit slave) | `gerrit` |
-| `mysql.mysqlPassword` | Password of the database user | `secret` |
-| `mysql.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `mysql.livenessProbe.periodSeconds` | How often to perform the probe | `10` |
-| `mysql.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `mysql.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
-| `mysql.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` |
-| `mysql.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `5` |
-| `mysql.readinessProbe.periodSeconds` | How often to perform the probe | `10` |
-| `mysql.readinessProbe.timeoutSeconds` | When the probe times out | `1` |
-| `mysql.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
-| `mysql.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` |
-| `mysql.persistence.enabled` | Create a volume to store data | `true` |
-| `mysql.persistence.size` | Size of persistent volume claim | `8Gi` |
-| `mysql.persistence.storageClass` | Type of persistent volume claim | `default` |
-| `mysql.persistence.accessMode` | ReadWriteOnce or ReadOnly | `ReadWriteOnce` |
-| `mysql.resources` | Configure the amount of resources the pod requests/is allowed | `requests.cpu: 250m` |
-| | | `requests.memory: 1Gi` |
-| | | `limits.cpu: 250m` |
-| | | `limits.memory: 1Gi` |
-| `mysql.configurationFiles` | Add configuration files for MySQL | `mysql.cnf` (check the [mysql.cnf-section](#mysql.cnf) for configuration options) |
-| `mysql.initializationFiles` | Add scripts that are executed, when the database is started the first time | `initialize_reviewdb.sql` (Should not be changed) |
-| `mysql.service.type` | Type of the Service used to expose the database | `NodePort` |
-| `mysql.service.port` | The port used to expose the database | `3306` |
-| `ssl.enabled` | Setup and use SSL for MySQL connections | `false` |
-| `ssl.secret` | Name of the secret containing the SSL certificates | slave-ssl-certs |
-| `ssl.certificates[0].name` | Name of the secret containing the SSL certificates | slave-ssl-certs |
-| `ssl.certificates[0].ca` | CA certificate (if using replication use the CA created [peviously](#Create-certificates-for-SSL-encrypted-communication)) | `-----BEGIN CERTIFICATE-----` |
-| `ssl.certificates[0].cert` | Server certificate (public key) (if using replication use the certificate created [peviously](#Create-certificates-for-SSL-encrypted-communication)) | `-----BEGIN CERTIFICATE-----` |
-| `ssl.certificates[0].key` | Server key (private key) (if using replication use the key created [peviously](#Create-certificates-for-SSL-encrypted-communication)) | `-----BEGIN RSA PRIVATE KEY-----` |
-
-### mysql.cnf
-
-The configuration file for the MySQL-server is provided under the key
-`mysql.configurationsFiles.mysql.cnf`. The provided values provide necessary
-configuration to receive replicated databases from the master database. The
-following options should normally not be changed:
-
-```sh
-[mysqld]
-
-log-bin=/var/lib/mysql/bin.log
-log-bin-index=/var/lib/mysql/log-bin.index
-log-error=/var/lib/mysql/error.log
-
-relay-log=/var/lib/mysql/relay.log
-relay-log-info-file=/var/lib/mysql/relay-log.info
-relay-log-index=/var/lib/mysql/relay-log.index
-
-log-error=/var/lib/mysql/error.log
-log_slave_updates = 1
-
-sql_mode="ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
-```
-
-The other provided options should be adapted to the respective setup:
-
-| Parameter | Description | Default |
-|-----------------------|-----------------------------------------------------------------------------------------------------------------------------|---------|
-| `read_only` | Toggle read only mode. In production this should be on (`1`). The test mode of the Gerrit slave expects it to be off (`0`). | `0` |
-| `replicate-ignore-db` | Databases not to replicate (replicating the `mysql`-DB for example would overwrite database users) | `mysql` |
-| `binlog_format` | Format of the binlogs (Has to be the same as on master) | `row` |
-| `server-id` | ID unique in the MySQL setup | `42` |
-
-In addition, if using SSL for MySQL-requests the following options have to be made
-available by uncommenting them. The values must not be changed, when using the chart:
-
-```sh
-ssl-ca=/ssl/ca.pem
-ssl-cert=/ssl/server-cert.pem
-ssl-key=/ssl/server-key.pem
-```
-
-### Replication
-
-The replication of the MySQL database from master to slave is performed using the
-replication functionality provided by MySQL. To start replication a database dump
-from the master has to be loaded into the database slave. Then the slave has to
-be configured for replication and replication has to be started. This is done by
-a job provided by the chart.
-
-The Job needs to be configured with the data retrieved from the database master
-by configuring the corresponding values in the `values.yaml`-file:
-
-| Parameter | Description | Default |
-|----------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|--------------------------------|
-| `database.replication.mysql.config.masterHost` | Hostname of the Mysql database master | `mysql.example.com` |
-| `database.replication.mysql.config.masterPort` | Port of the Mysql database master | `3306` |
-| `database.replication.mysql.config.masterUser` | Username of technical user created [previously](#Create-technical-user) | `repl` |
-| `database.replication.mysql.config.masterPassword` | Password of technical user created [previously](#Create-technical-user) | `password` |
-| `database.replication.mysql.config.masterLogFile` | Transaction log file at timepoint of dump as retrieved [previously](#Create-database-dump-and-note-database-state) | `mysql-bin.000001` |
-| `database.replication.mysql.config.masterLogPos` | Transaction log position at timepoint of dump as retrieved [previously](#Create-database-dump-and-note-database-state) | `111` |
-| `database.replication.mysql.dbDumpAcceptPath` | Path, where the replication init script will expect the database dump file to appear | `/var/data/db/master_dump.sql` |
-
-## Initialize replication
-
-Deploying the gerrit-slave chart with the configuration detailed above, will
-create a MySQL database with a technical user to be used by the Gerrit
-slave and an empty ReviewDB database. In addition a Job will be deployed that
-waits for a database dump to be copied into the container to the location specified
-in `database.replication.mysql.dbDumpAcceptPath`. The dump file can be copied
-using kubectl:
-
-```sh
-JOB_POD=$(kubectl get pod -l app=mysql-replication-init -o jsonpath="{.items[0].metadata.name}")
-kubectl cp <PATH_TO_DUMP> ${JOB_POD}:<DB_DUMP_ACCEPT_PATH>
-```
-
-As soon as the file is fully copied into the container, the script will load
-the dump into the database and initialize the replication in the slave. The
-database is then fully configured.
\ No newline at end of file
diff --git a/helm-charts/gerrit-slave/templates/NOTES.txt b/helm-charts/gerrit-slave/templates/NOTES.txt
index c128fb8..19fd906 100644
--- a/helm-charts/gerrit-slave/templates/NOTES.txt
+++ b/helm-charts/gerrit-slave/templates/NOTES.txt
@@ -25,17 +25,6 @@
The Gerrit slave is starting up.
-{{ if .Values.gerritSlave.initializeTestSite.enabled -}}
-Since the test-mode was activated, a Gerrit site will be initialized after the
-database connection could be established.
-{{- else }}
-The deployment will wait for the replication of repositories and the databse scheme.
-The repository replication is checked by testing for the presence of the 'All-Projects.git'-
-and 'All-Users.git'-repository. The database-scheme is tested by testing for the
-presence of a database with the configured name, containing the tables 'accounts',
-'changes' and 'patch_sets'.
-{{- end }}
-
The initialization process may take some time. Afterwards the git repositories
will be available under:
diff --git a/helm-charts/gerrit-slave/templates/gerrit-slave.deployment.yaml b/helm-charts/gerrit-slave/templates/gerrit-slave.deployment.yaml
index b158e3e..da33a26 100644
--- a/helm-charts/gerrit-slave/templates/gerrit-slave.deployment.yaml
+++ b/helm-charts/gerrit-slave/templates/gerrit-slave.deployment.yaml
@@ -57,13 +57,7 @@
- -ce
args:
- |
- mkdir -p /var/gerrit/etc
- ln -sf /var/config/secure.config /var/gerrit/etc/secure.config
-
/var/tools/gerrit_init.py \
- {{- if .Values.gerritSlave.reviewdb.enabled }}
- --reviewdb \
- {{- end }}
-s /var/gerrit \
-p singleusergroup
@@ -72,12 +66,9 @@
volumeMounts:
- name: gerrit-site
mountPath: "/var/gerrit"
- - name: gerrit-slave-secure-config
- mountPath: "/var/config/secure.config"
- subPath: secure.config
{{- end }}
- # Wait for database to be ready and, if configured, run initialization
- # taking the given Gerrit configuration and persisted volumes into account.
+ # If configured, run initialization taking the given Gerrit configuration
+ # and persisted volumes into account.
- name: gerrit-init
image: {{ template "registry" . }}{{ .Values.gerritSlave.images.gerritInit }}:{{ .Values.images.version }}
imagePullPolicy: {{ .Values.images.imagePullPolicy }}
@@ -103,20 +94,13 @@
{{ if .Values.gerritSlave.initializeTestSite.enabled -}}
/var/tools/gerrit_init.py \
- {{- if .Values.gerritSlave.reviewdb.enabled }}
- --reviewdb \
- {{- end }}
-s /var/gerrit \
-p singleusergroup
symlink_config_to_site
{{- end }}
- {{- if .Values.gerritSlave.reviewdb.enabled }}
- /var/tools/validate_db.py -s /var/gerrit
- {{- else }}
/var/tools/validate_notedb.py -s /var/gerrit
- {{- end }}
volumeMounts:
- name: gerrit-site
mountPath: "/var/gerrit"
diff --git a/helm-charts/gerrit-slave/values.yaml b/helm-charts/gerrit-slave/values.yaml
index 3472871..8b4d028 100644
--- a/helm-charts/gerrit-slave/values.yaml
+++ b/helm-charts/gerrit-slave/values.yaml
@@ -147,9 +147,8 @@
maxUnavailable: 100%
# If you only intend to test the Gerrit slave and do not wish to actually
- # replicate repositories and the database, activate this option to initialize
- # a new site.
- # NOTE: The database must not run in read-only mode for this to work!
+ # replicate repositories, activate this option to initialize a new site,
+ # including a notedb.
initializeTestSite:
enabled: true
@@ -192,9 +191,6 @@
# automatic encoding using helm does not work here.
keystore:
- reviewdb:
- enabled: false
-
config:
# Some values are expected to have a specific value for the deployment installed
# by this chart to work. These are marked with `# FIXED`.
diff --git a/helm-charts/reviewdb/.helmignore b/helm-charts/reviewdb/.helmignore
deleted file mode 100644
index 4f4562f..0000000
--- a/helm-charts/reviewdb/.helmignore
+++ /dev/null
@@ -1,24 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-
-docs/
-supplements/
diff --git a/helm-charts/reviewdb/Chart.yaml b/helm-charts/reviewdb/Chart.yaml
deleted file mode 100644
index 34eb33f..0000000
--- a/helm-charts/reviewdb/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: v1
-appVersion: 2.16
-description: |-
- This chart provisions a database to be used with a Gerrit master or Gerrit
- slave setup, if the Gerrit version is lower than 2.16. This database is
- needed to store userdata.
-
- Note, that with the upcoming Gerrit release the reviewdb-database will be
- fully migrated to notedb and this chart is not required to run the gerrit-
- master and gerrit-slave charts.
-name: reviewdb
-version: 0.1.0
-maintainers:
-- name: Thomas Draebing
- email: thomas.draebing@sap.com
-- name: Matthias Sohn
- email: matthias.sohn@sap.com
-- name: Sasa Zivkov
- email: sasa.zivkov@sap.com
-- name: Christian Halstrick
- email: christian.halstrick@sap.com
-home: https://gerrit.googlesource.com/k8s-gerrit/+/master/helm-charts/review-db
-icon: http://commondatastorage.googleapis.com/gerrit-static/diffy-w200.png
-sources:
-- https://gerrit.googlesource.com/k8s-gerrit/+/master/
-keywords:
-- gerrit
-- git
-- reviewdb
diff --git a/helm-charts/reviewdb/LICENSE b/helm-charts/reviewdb/LICENSE
deleted file mode 100644
index 028fc9f..0000000
--- a/helm-charts/reviewdb/LICENSE
+++ /dev/null
@@ -1,201 +0,0 @@
- Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
- END OF TERMS AND CONDITIONS
-
- APPENDIX: How to apply the Apache License to your work.
-
- To apply the Apache License to your work, attach the following
- boilerplate notice, with the fields enclosed by brackets "{}"
- replaced with your own identifying information. (Don't include
- the brackets!) The text should be enclosed in the appropriate
- comment syntax for the file format. We also recommend that a
- file or class name and description of purpose be included on the
- same "printed page" as the copyright notice for easier
- identification within third-party archives.
-
- Copyright (C) 2018 The Android Open Source Project
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
diff --git a/helm-charts/reviewdb/README.md b/helm-charts/reviewdb/README.md
deleted file mode 100644
index 6298c0d..0000000
--- a/helm-charts/reviewdb/README.md
+++ /dev/null
@@ -1,320 +0,0 @@
-# A ReviewDB for Gerrit on Kubernetes
-
-Gerrit requires a database to store user and change data. The database is commonly
-called ReviewDB. Gerrit provides a set of options, which database technology to
-use. This chart is meant to install a database and initialize it, so it can be
-used as a ReviewDB for Gerrit-master and -slave setups installed with the
-respective charts. Currently, the following databases sre supported by this chart:
-
-- MySQL
-
-***note
-The gerrit-master and gerrit-slave charts also support H2, but since H2-databases
-do not require a separate server, this chart is not required in that case.
-***
-
-***note
-With upcoming versions of Gerrit, the ReviewDB will be completely migrated to
-NoteDB, removing the dependency on a external relational database.
-***
-
-## Installation
-
-To install a MySQL database with the reviewdb chart, set `mysql.enabled`to
-true in the `values.yaml`. This will then install the
-[mysql chart](https://github.com/helm/charts/tree/master/stable/mysql)
-onto the Kubernetes cluster as a dependency.
-
-To install the chart with the release name `reviewdb`, execute:
-
-```sh
-cd $(git rev-parse --show-toplevel)/helm-charts
-helm install ./reviewdb \
- --dep-up \
- -n reviewdb \
- -f <path-to-custom-values>.yaml
-```
-
-## Configuration
-
-### Common
-
-#### Container images
-
-| Parameter | Description | Default |
-|--------------------------------------------|------------------------------------------------------|----------------------------------------------------------------------|
-| `images.registry.name` | The image registry to pull the container images from | `` |
-| `images.registry.ImagePullSecret.name` | Name of the ImagePullSecret | `image-pull-secret` (if empty no image pull secret will be deployed) |
-| `images.registry.ImagePullSecret.create` | Whether to create an ImagePullSecret | `false` |
-| `images.registry.ImagePullSecret.username` | The image registry username | `nil` |
-| `images.registry.ImagePullSecret.password` | The image registry password | `nil` |
-| `images.version` | The image version (image tag) to use | `latest` |
-| `images.imagePullPolicy` | Image pull policy | `Always` |
-
-#### Storage classes
-
-For information of how a `StorageClass` is configured in Kubernetes, read the
-[official Documentation](https://kubernetes.io/docs/concepts/storage/storage-classes/#introduction).
-
-| Parameter | Description | Default |
-|----------------------------------------|-------------------------------------------------------------------|---------------------------------------------------|
-| `storageClasses.default.name` | The name of the default StorageClass (RWO) | `default` |
-| `storageClasses.default.create` | Whether to create the StorageClass | `false` |
-| `storageClasses.default.provisioner` | Provisioner of the StorageClass | `kubernetes.io/aws-ebs` |
-| `storageClasses.default.reclaimPolicy` | Whether to `Retain` or `Delete` volumes, when they become unbound | `Delete` |
-| `storageClasses.default.parameters` | Parameters for the provisioner | `parameters.type: gp2`, `parameters.fsType: ext4` |
-
-#### Replication
-
-***note
-Currently, only master-slave replication is possible. Thus, enabling replication
-always means to use the database as slave.
-***
-
-| Parameter | Description | Default |
-|-----------|--------------------------------------------------------|---------|
-| `isSlave` | Whether to switch on replication from another database | `false` |
-
-
-#### MySQL
-
-***note
-Not all options available in the mysql-chart that is used as a dependency are
-listed in the `values.yaml`-file of this chart. The complete list of options for
-the mysql-chart can be viewed in the chart's
-[documentation](https://github.com/helm/charts/blob/master/stable/mysql/README.md).
-***
-
-| Parameter | Description | Default |
-|--------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------|
-| `mysql.enabled` | Whether to install the MySQL database | `true` |
-| `mysql.replication` | Only used, if `isSlave` is `true` | `{}` |
-| `mysql.replication.config.masterHost` | Hostname of the Mysql database master | `mysql.example.com` |
-| `mysql.replication.config.masterPort` | Port of the Mysql database master | `3306` |
-| `mysql.replication.config.masterUser` | Username of technical user created for replication | `repl` |
-| `mysql.replication.config.masterPassword` | Password of technical user created for replication | `password` |
-| `mysql.replication.config.masterLogFile` | Transaction log file at timepoint of dump as retrieved [here](#Create-database-dump-and-note-database-state) | `mysql-bin.000001` |
-| `mysql.replication.config.masterLogPos` | Transaction log position at timepoint of dump as retrieved [here](#Create-database-dump-and-note-database-state) | `111` |
-| `mysql.replication.dbDumpAcceptPath` | Path, where the replication init script will expect the database dump file to appear | `/var/data/db/master_dump.sql` |
-| `mysql.image` | Which container image containing MySQL to use | `mysql` |
-| `mysql.imageTag` | Tag of container image (usually the database version) | `5.5.61` |
-| `mysql.mysqlRootPassword` | Password of the database `root` user | `big_secret` |
-| `mysql.mysqlUser` | Database user (The technical user used by Gerrit) | `gerrit` |
-| `mysql.mysqlPassword` | Password of the database user | `secret` |
-| `mysql.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `mysql.livenessProbe.periodSeconds` | How often to perform the probe | `10` |
-| `mysql.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `mysql.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
-| `mysql.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` |
-| `mysql.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `5` |
-| `mysql.readinessProbe.periodSeconds` | How often to perform the probe | `10` |
-| `mysql.readinessProbe.timeoutSeconds` | When the probe times out | `1` |
-| `mysql.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
-| `mysql.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` |
-| `mysql.persistence.enabled` | Create a volume to store data | `true` |
-| `mysql.persistence.size` | Size of persistent volume claim | `8Gi` |
-| `mysql.persistence.storageClass` | Type of persistent volume claim | `default` |
-| `mysql.persistence.accessMode` | ReadWriteOnce or ReadOnly | `ReadWriteOnce` |
-| `mysql.resources` | Configure the amount of resources the pod requests/is allowed | `requests.cpu: 250m` |
-| | | `requests.memory: 1Gi` |
-| | | `limits.cpu: 250m` |
-| | | `limits.memory: 1Gi` |
-| `mysql.configurationFiles` | Add configuration files for MySQL | `{}` (check the [Configuration files-section](#Configuration-files) for configuration options) |
-| `mysql.initializationFiles` | Add scripts that are executed, when the database is started the first time | `{}` (check the [Initialization files-section](#Initialization-files) for details) |
-| `mysql.service.type` | Type of the Service used to expose the database | `NodePort` |
-| `mysql.service.port` | The port used to expose the database | `3306` |
-| `mysql.ssl.enabled` | Setup and use SSL for MySQL connections | `false` |
-| `mysql.ssl.secret` | Name of the secret containing the SSL certificates (Has to be different between multiple instances running in the same cluster) | `ssl-certs` |
-| `mysql.ssl.certificates[0].name` | Name of the secret containing the SSL certificates (Has to be different between multiple instances running in the same cluster) | `ssl-certs` |
-| `mysql.ssl.certificates[0].ca` | CA certificate (if using replication use the CA created [here](#create-certificates-for-ssl_encrypted-communication)) | `-----BEGIN CERTIFICATE-----` |
-| `mysql.ssl.certificates[0].cert` | Server certificate (public key) (if using replication use the certificate created [here](#create-certificates-for-ssl_encrypted-communication)) | `-----BEGIN CERTIFICATE-----` |
-| `mysql.ssl.certificates[0].key` | Server key (private key) (if using replication use the key created [here](#create-certificates-for-ssl_encrypted-communication)) | `-----BEGIN RSA PRIVATE KEY-----` |
-
-##### Configuration files
-
-The configuration file for the MySQL-server is provided under the keys
-`mysql.configurationsFiles.*.cnf`. There are three different config-files provided:
-
-- `common.cnf`: Contains configuration, which is the same for master- and slave-
-databases:
-
-| Parameter | Description | Default |
-|-----------------|----------------------------------------------------------|-------------------|
-| `log-bin` | Name of transaction logs (used for database replication) | `mysql-bin` |
-| `log-bin-index` | Name of transaction log indices | `mysql-bin.index` |
-| `log-error` | Error log file | `error.log` |
-| `binlog_format` | Format of the binlogs (Has to be the same as on master) | `row` |
-
-In addition, if using SSL for MySQL-requests the following options have to be made
-available by uncommenting them. The values must not be changed, when using the chart:
-
-```sh
-ssl-ca=/ssl/ca.pem
-ssl-cert=/ssl/server-cert.pem
-ssl-key=/ssl/server-key.pem
-```
-
-- `mysql-master.cnf`: Contains configuration specific for the master database:
-
-| Parameter | Description | Default |
-|-------------|------------------------------|---------|
-| `server-id` | ID unique in the MySQL setup | `1` |
-
-- `mysql-slave.cnf`: Contains configuration specific for the slave database:
-
-| Parameter | Description | Default |
-|-----------------------|-----------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------|
-| `relay-log` | The slave's relay log location | `/var/lib/mysql/relay.log` |
-| `relay-log-info-file` | The slave's relay log info file location | `/var/lib/mysql/relay-log.info` |
-| `relay-log-index` | The slave's relay log index location | `/var/lib/mysql/relay-log.index` |
-| `log_slave_updates` | Whether to log slave update | `1` |
-| `sql_mode` | Configure SQL-mode | `"ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"` |
-| `read_only` | Toggle read only mode. In production this should be on (`1`). The test mode of the Gerrit slave expects it to be off (`0`). | `0` |
-| `replicate-ignore-db` | Databases not to replicate (replicating the `mysql`-DB for example would overwrite database users) | `mysql` |
-| `server-id` | ID unique in the MySQL setup | `42` |
-
-The `mysql-master.cnf`- and `mysql-slave.cnf`-files are mutually exclusive.
-Comment out the contents of the file, that is not needed, depending on installing
-a master or slave database.
-
-##### Initialization files
-
-- `initialize_reviewdb.sql`
-
-Creates a database called 'reviewdb', that can be used by Gerrit for the ReviewDB.
-Leave this file unchanged.
-
-- `create_repl_user.sql`
-
-Creates a user, that can be used for database replication. This user is only needed
-on the master database and only, when the data is supposed to be replicated to
-slaves. To use it, uncomment the code and change the username, password and
-certificate subject as needed.
-
-## Aditional configuration steps
-
-### Create certificates for SSL-encrypted communication
-
-For SSL-encrypted communication, a set of certificates is needed. Use the
-following commands to create them after adjusting the subject strings:
-
-```sh
-openssl genrsa -out ./ca.key.pem 4096
-
-openssl req \
- -key ./ca.key.pem \
- -new \
- -x509 \
- -days 7300 \
- -sha256 \
- -out ./ca.cert.pem \
- -subj "/C=DE/O=Gerrit/CN=gerrit-db-master" \
- -nodes
-
-openssl genrsa -out ./master.key.pem 4096
-
-openssl req \
- -key ./master.key.pem \
- -new \
- -sha256 \
- -out ./master.csr.pem \
- -subj "/C=DE/O=Gerrit/CN=gerrit-db-master" \
- -nodes
-
-openssl x509 \
- -req \
- -CA ./ca.cert.pem \
- -CAkey ./ca.key.pem \
- -CAcreateserial \
- -in ./master.csr.pem \
- -out ./master.cert.pem
-
-openssl genrsa -out ./slave.key.pem 4096
-
-openssl req \
- -key ./slave.key.pem \
- -new \
- -sha256 \
- -out ./slave.csr.pem \
- -subj "/C=DE/O=Gerrit/CN=gerrit-db-slave" \
- -nodes
-
-openssl x509 \
- -req \
- -CA ./ca.cert.pem \
- -CAkey ./ca.key.pem \
- -CAcreateserial \
- -in ./slave.csr.pem \
- -out ./slave.cert.pem
-```
-
-***note
-The `CN` has to be the hostname of the database instances. In case the database
-is running on Kubernetes it can be the service name.
-***
-
-### Configuring a master DB instance for replication
-
-For the replication to work, the MySQL database master has to be configured
-accordingly and some data about the database state has to be collected. The
-necessary steps are detailed in this section. If it is not planned to replicate
-the master database, skip this section.
-
-#### Create database dump and note database state
-
-In the next steps the content of the database has to be retrieved and the corresponding
-status of the transaction logs has to be retrieved. Depending on the traffic the
-database receives, the master DB should be stopped for these steps, since the
-information could get out off sync, if the data is changed inbetween the steps:
-
-```sql
-STOP MASTER;
-```
-
-Retrieve the status of the master:
-
-```sql
-SHOW MASTER STATUS;
-
- +------------------+----------+--------------+------------------+-------------------+
- | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
- +------------------+----------+--------------+------------------+-------------------+
- | mysql-bin.000004 | 69444891 | | | |
- +------------------+----------+--------------+------------------+-------------------+
-```
-
-The filename and position have to be entered in the database slave's `values.yaml`
-under `mysql.replication.config.masterLogFile` and
-`mysql.replication.config.masterLogPos`.
-
-Dump the content of the database:
-
-```sh
-mysqldump --user=root -p --databases reviewdb > ./master_dump.sql
-```
-
-Afterwards, the master can be started again:
-
-```sql
-START MASTER;
-```
-
-## Initialize replication
-
-### MySQL
-
-Deploying the reviewdb chart with replication enabled, will create a MySQL
-database with a technical user to be used by the Gerrit slave and an empty
-ReviewDB database. In addition a Job will be deployed that waits for a database
-dump to be copied into the container to the location specified in
-`mysql.replication.dbDumpAcceptPath`. The dump file can be copied into the
-container using kubectl:
-
-```sh
-JOB_POD=$(kubectl get pod -l app=mysql-replication-init -o jsonpath="{.items[0].metadata.name}")
-kubectl cp <PATH_TO_DUMP> ${JOB_POD}:<DB_DUMP_ACCEPT_PATH>
-```
-
-As soon as the file is fully copied into the container, the script will load
-the dump into the database and initialize the replication in the slave. The
-database is then fully configured.
diff --git a/helm-charts/reviewdb/requirements.yaml b/helm-charts/reviewdb/requirements.yaml
deleted file mode 100644
index c0b68f3..0000000
--- a/helm-charts/reviewdb/requirements.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-dependencies:
-- name: mysql
- version: 0.10.1
- repository: https://kubernetes-charts.storage.googleapis.com/
- condition: mysql.enabled
\ No newline at end of file
diff --git a/helm-charts/reviewdb/templates/NOTES.txt b/helm-charts/reviewdb/templates/NOTES.txt
deleted file mode 100644
index 123eea9..0000000
--- a/helm-charts/reviewdb/templates/NOTES.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-A ReviewDB has been deployed.
-==================================
-
-A {{ if .Values.mysql.enabled -}} MySQL {{- end }} database has been deployed and
-initialized to serve a ReviewDB-database.
-
-{{ if .Values.isSlave -}}
-The components to initialize database replication have been deployed. To start
-initialization the Job needs a database dump containing the master's data. Use
-the following command to make the database dump available to the job:
-
- JOB_POD=$(kubectl get pod -l app=mysql-replication-init -o jsonpath="{.items[0].metadata.name}")
- kubectl cp <PATH_TO_DUMP> ${JOB_POD}:{{ .Values.mysql.replication.dbDumpAcceptPath }}
-
-Depending on the size of the database the initialization will take a while. When
-finished the job will shut down.
-{{- end }}
diff --git a/helm-charts/reviewdb/templates/_helpers.tpl b/helm-charts/reviewdb/templates/_helpers.tpl
deleted file mode 100644
index f4468cd..0000000
--- a/helm-charts/reviewdb/templates/_helpers.tpl
+++ /dev/null
@@ -1,20 +0,0 @@
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "reviewdb.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create secret to access docker registry
-*/}}
-{{- define "imagePullSecret" }}
-{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.images.registry.name (printf "%s:%s" .Values.images.registry.ImagePullSecret.username .Values.images.registry.ImagePullSecret.password | b64enc) | b64enc }}
-{{- end }}
-
-{{/*
-Add '/' to registry if needed.
-*/}}
-{{- define "registry" -}}
-{{ if .Values.images.registry.name }}{{- printf "%s/" .Values.images.registry.name -}}{{end}}
-{{- end -}}
diff --git a/helm-charts/reviewdb/templates/image-pull.secret.yaml b/helm-charts/reviewdb/templates/image-pull.secret.yaml
deleted file mode 100644
index d107472..0000000
--- a/helm-charts/reviewdb/templates/image-pull.secret.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-{{ if and .Values.images.registry.ImagePullSecret.name .Values.images.registry.ImagePullSecret.create -}}
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.images.registry.ImagePullSecret.name }}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
\ No newline at end of file
diff --git a/helm-charts/reviewdb/templates/mysql-replication-init.job.yaml b/helm-charts/reviewdb/templates/mysql-replication-init.job.yaml
deleted file mode 100644
index 6e8c9b8..0000000
--- a/helm-charts/reviewdb/templates/mysql-replication-init.job.yaml
+++ /dev/null
@@ -1,100 +0,0 @@
-{{ if and .Values.isSlave .Values.mysql.enabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-mysql-replication-init-configmap
- labels:
- app: mysql-replication-init
- chart: {{ template "reviewdb.chart" . }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
-data:
- initialize-slave.sql: |
- SET @query = CONCAT(
- "CHANGE MASTER TO ",
- "MASTER_HOST = '{{ .Values.mysql.replication.config.masterHost }}' , ",
- "MASTER_PORT = {{ .Values.mysql.replication.config.masterPort }} , ",
- "MASTER_USER = '{{ .Values.mysql.replication.config.masterUser }}' , ",
- "MASTER_PASSWORD ='", @replpwd, "', ",
- "MASTER_LOG_FILE = '{{ .Values.mysql.replication.config.masterLogFile }}' , ",
- "MASTER_LOG_POS = {{ .Values.mysql.replication.config.masterLogPos }} , ",
- "MASTER_SSL = {{ if .Values.mysql.ssl.enabled }} 1 {{ else }} 0 {{ end }} , ",
- "MASTER_SSL_CA = '/ssl/ca.pem', ",
- "MASTER_SSL_CERT = '/ssl/server-cert.pem', ",
- "MASTER_SSL_KEY = '/ssl/server-key.pem', ",
- "MASTER_SSL_VERIFY_SERVER_CERT = 1;");
- PREPARE stmt FROM @query;
- EXECUTE stmt;
- DEALLOCATE PREPARE stmt;
-
- START SLAVE;
- DO SLEEP(15);
- SHOW SLAVE STATUS\G;
- dump-filepath: {{ .Values.mysql.replication.dbDumpAcceptPath }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Release.Name }}-mysql-replication-init-secret
- labels:
- app: mysql-replication-init
- chart: {{ template "reviewdb.chart" . }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
-data:
- repl-password: {{ .Values.mysql.replication.config.masterPassword | b64enc }}
-type: Opaque
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ .Release.Name }}-mysql-replication-init-job
- labels:
- app: mysql-replication-init
- chart: {{ template "reviewdb.chart" . }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
-spec:
- template:
- metadata:
- name: {{ .Release.Name }}-mysql-replication-init
- labels:
- app: mysql-replication-init
- spec:
- restartPolicy: OnFailure
- {{ if .Values.images.registry.ImagePullSecret.name -}}
- imagePullSecrets:
- - name: {{ .Values.images.registry.ImagePullSecret.name }}
- {{- end }}
- containers:
- - name: mysql-replication-init
- imagePullPolicy: {{ .Values.images.imagePullPolicy }}
- image: {{ template "registry" . }}{{ .Values.mysql.replication.image }}:{{ .Values.images.version }}
- env:
- - name: REPL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name }}-mysql-replication-init-secret
- key: repl-password
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ printf "%s-mysql" .Release.Name }}
- key: mysql-root-password
- - name: FILEPATH
- valueFrom:
- configMapKeyRef:
- name: {{ .Release.Name }}-mysql-replication-init-configmap
- key: dump-filepath
- - name: MYSQL_HOST
- value: {{ printf "%s-mysql" .Release.Name }}
- - name: MYSQL_PORT
- value: {{ .Values.mysql.service.port | quote }}
- volumeMounts:
- - name: mysql-replication-init-configmap
- mountPath: "/var/sql"
- volumes:
- - name: mysql-replication-init-configmap
- configMap:
- name: {{ .Release.Name }}-mysql-replication-init-configmap
-{{- end }}
diff --git a/helm-charts/reviewdb/templates/storageclasses.yaml b/helm-charts/reviewdb/templates/storageclasses.yaml
deleted file mode 100644
index e0764fc..0000000
--- a/helm-charts/reviewdb/templates/storageclasses.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{ if .Values.storageClasses.default.create -}}
-kind: StorageClass
-apiVersion: storage.k8s.io/v1
-metadata:
- name: {{ .Values.storageClasses.default.name }}
- labels:
- chart: {{ template "reviewdb.chart" . }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
-provisioner: {{ .Values.storageClasses.default.provisioner }}
-reclaimPolicy: {{ .Values.storageClasses.default.reclaimPolicy }}
-{{ if .Values.storageClasses.shared.parameters -}}
-parameters:
-{{- range $key, $value := .Values.storageClasses.default.parameters }}
- {{ $key }}: {{ $value }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/helm-charts/reviewdb/values.yaml b/helm-charts/reviewdb/values.yaml
deleted file mode 100644
index 33658f9..0000000
--- a/helm-charts/reviewdb/values.yaml
+++ /dev/null
@@ -1,187 +0,0 @@
-images:
- registry:
- # The registry name must NOT contain a trailing slash
- name:
- ImagePullSecret:
- # Leave blank, if no ImagePullSecret is needed.
- name: image-pull-secret
- # If set to false, the gerrit-master chart expects either a ImagePullSecret
- # with the name configured above to be present on the cluster or that no
- # credentials are needed.
- create: false
- username:
- password:
- version: latest
- imagePullPolicy: Always
-
-
-storageClasses:
- # Storage class used for storing logs and other pod-specific persisted data
- default:
- # If create is set to false, an existing StorageClass with the given
- # name is expected to exist in the cluster. Setting create to true will
- # create a storage class with the parameters given below.
- name: default
- create: false
- provisioner: kubernetes.io/aws-ebs
- reclaimPolicy: Delete
- # Use the parameters key to set all parameters needed for the provisioner
- parameters:
- type: gp2
- fsType: ext4
-
-
-isSlave: false
-
-
-mysql:
- # Enabling the installation of the MySQL database will only make sense, if
- # `mysql` is chosen as a provider under `database.provider`.
- enabled: true
-
- replication:
- image: k8sgerrit/mysql-replication-init
- config:
- masterHost: mysql.example.com
- masterPort: 3306
- masterUser: repl
- masterPassword: password
- masterLogFile: mysql-bin.000001
- masterLogPos: 111
- dbDumpAcceptPath: /var/data/db/master_dump.sql
-
- image: mysql
- # The major.minor version of mysql should be the same as for the master database
- imageTag: 5.5.61
-
- mysqlRootPassword: big_secret
- mysqlUser: gerrit
- mysqlPassword: secret
-
- livenessProbe:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- successThreshold: 1
- failureThreshold: 3
-
- readinessProbe:
- initialDelaySeconds: 5
- periodSeconds: 10
- timeoutSeconds: 1
- successThreshold: 1
- failureThreshold: 3
-
- persistence:
- enabled: true
- storageClass: default
- accessMode: ReadWriteOnce
- size: 8Gi
-
- resources:
- requests:
- cpu: 250m
- memory: 1Gi
- limits:
- cpu: 250m
- memory: 1Gi
-
- configurationFiles:
- common.cnf: |-
- [mysqld]
-
- # Name of transaction logs (used for database replication)
- log-bin=mysql-bin
- log-bin-index=mysql-bin.index
- log-error=error.log
-
- # Adapt to the binlog format of the Gerrit master's database
- binlog_format=row
-
- # Add the following options to the config, if using SSL (`mysql.ssl.enabled: true`)
- # But do not change the values.
- # ssl-ca=/ssl/ca.pem
- # ssl-cert=/ssl/server-cert.pem
- # ssl-key=/ssl/server-key.pem
-
- # Use only one of the following configuration files, depending on whether
- # the database deployment should be used as master or as slave, and comment
- # out the contents of the other one.
- mysql-master.cnf: |-
- [mysqld]
-
- # Adapt the following changes to your setup
- ###########################################
-
- # Has to be different for each database in the replication setup.
- server-id=1
-
- mysql-slave.cnf: |-
- # [mysqld]
-
- # # The following options should not be changed
- # #############################################
-
- # relay-log=/var/lib/mysql/relay.log
- # relay-log-info-file=/var/lib/mysql/relay-log.info
- # relay-log-index=/var/lib/mysql/relay-log.index
-
- # log_slave_updates = 1
-
- # sql_mode="ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
-
- # # Adapt the following changes to your setup
- # ###########################################
-
- # # Should usually set to '1', when running in production.
- # read_only=1
-
- # # The mysql database should not be replicated to avoid to overwrite user data
- # # of the database
- # replicate-ignore-db=mysql
-
- # # Has to be different for each database in the replication setup.
- # server-id=42
-
- initializationFiles:
- # Do not change or remove this script.
- initialize_reviewdb.sql: |-
- CREATE DATABASE reviewdb DEFAULT CHARACTER SET 'utf8';
- GRANT ALL ON reviewdb.* TO 'gerrit';
- FLUSH PRIVILEGES;
-
- # Uncomment this, if you plan to run this database instance as master and
- # plan to replicate data to a slave. This will create a user that can be used
- # for replication. Change username, password and certificate subject as needed.
- #
- # create_repl_user.sql: |-
- # CREATE USER 'repl' IDENTIFIED BY 'password';
- # GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'repl'
- # IDENTIFIED BY 'password'
- # REQUIRE SUBJECT '/C=DE/O=Gerrit/CN=db-slave-mysql';
- # FLUSH PRIVILEGES;
-
- service:
- type: NodePort
- port: 3306
-
- ssl:
- # If enabled, add the required lines to the configuration as described in
- # `mysql.configurationFiles.mysql.cnf`
- enabled: false
- # Has to be different between multiple instances running in the same cluster
- secret: ssl-certs
- certificates:
- - name: ssl-certs
- ca: |-
- -----BEGIN CERTIFICATE-----
-
- -----END CERTIFICATE-----
- cert: |-
- -----BEGIN CERTIFICATE-----
-
- -----END CERTIFICATE-----
- key: |-
- -----BEGIN RSA PRIVATE KEY-----
-
- -----END RSA PRIVATE KEY-----
diff --git a/supplements/gerrit-master.minikube.values.yaml b/supplements/gerrit-master.minikube.values.yaml
index f891b4b..9f1ba31 100644
--- a/supplements/gerrit-master.minikube.values.yaml
+++ b/supplements/gerrit-master.minikube.values.yaml
@@ -45,8 +45,6 @@
basePath = git
serverId = gerrit-master-1
canonicalWebUrl = http://master.gerrit
- [database]
- type = h2
[index]
type = LUCENE
[auth]
@@ -71,10 +69,6 @@
javaOptions = -Xmx300m
secure: |-
- [database]
- username = gerrit
- password = secret
-
[remote "slave"]
username = git
password = secret
diff --git a/supplements/gerrit-slave.minikube.values.yaml b/supplements/gerrit-slave.minikube.values.yaml
index 72f5d91..9eabab4 100644
--- a/supplements/gerrit-slave.minikube.values.yaml
+++ b/supplements/gerrit-slave.minikube.values.yaml
@@ -63,8 +63,6 @@
basePath = git
serverId = gerrit-slave-1
canonicalWebUrl = http://slave.gerrit
- [database]
- type = h2
[index]
type = LUCENE
[auth]
@@ -88,8 +86,3 @@
javaOptions = -Djavax.net.ssl.trustStore=/var/gerrit/etc/keystore
javaOptions = -Xms300m
javaOptions = -Xmx300m
-
- secure: |-
- [database]
- username = gerrit
- password = secret
diff --git a/tests/conftest.py b/tests/conftest.py
index 8fdc1fe..44de092 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -167,10 +167,3 @@
@pytest.fixture(scope="session")
def gerrit_init_image(container_images, docker_build, base_image, gerrit_base_image):
return docker_build(container_images["gerrit-init"], "gerrit-init")
-
-
-@pytest.fixture(scope="session")
-def mysql_replication_init_image(container_images, docker_build):
- return docker_build(
- container_images["mysql-replication-init"], "mysql-replication-init"
- )
diff --git a/tests/container-images/conftest.py b/tests/container-images/conftest.py
index 0cdc3a8..5ca6b67 100644
--- a/tests/container-images/conftest.py
+++ b/tests/container-images/conftest.py
@@ -13,70 +13,10 @@
# limitations under the License.
import os.path
-import time
-
-from sqlalchemy import create_engine
-from sqlalchemy.exc import SQLAlchemyError
import pytest
-class MySQLContainer:
- def __init__(self, docker_client, docker_network, mysql_config):
- self.docker_client = docker_client
- self.docker_network = docker_network
- self.mysql_config = mysql_config
-
- self.mysql_container = None
-
- def _wait_for_db_connection(self):
- connection = None
- while connection is None:
- try:
- connection = self.connect()
- continue
- except SQLAlchemyError:
- time.sleep(1)
- connection.close()
-
- def connect(self):
- engine = create_engine(
- "mysql+pymysql://root:%s@localhost:%s"
- % (
- self.mysql_config["MYSQL_ROOT_PASSWORD"],
- self.mysql_config["MYSQL_PORT"],
- )
- )
- return engine.connect()
-
- def start(self):
- self.mysql_container = self.docker_client.containers.run(
- image="mysql:5.5.61",
- environment={
- "MYSQL_ROOT_PASSWORD": self.mysql_config["MYSQL_ROOT_PASSWORD"],
- "MYSQL_DATABASE": "reviewdb",
- },
- ports={"3306": self.mysql_config["MYSQL_PORT"]},
- network=self.docker_network.name,
- name=self.mysql_config["MYSQL_HOST"],
- detach=True,
- auto_remove=True,
- )
-
- self._wait_for_db_connection()
-
- def stop(self):
- self.mysql_container.stop(timeout=1)
-
-
-@pytest.fixture(scope="session")
-def mysql_container_factory():
- def get_mysql_container(docker_client, docker_network, mysql_config):
- return MySQLContainer(docker_client, docker_network, mysql_config)
-
- return get_mysql_container
-
-
class GerritContainer:
def __init__(self, docker_client, docker_network, tmp_dir, image, configs, port):
self.docker_client = docker_client
diff --git a/tests/container-images/gerrit-init/test_container_structure_gerrit_init.py b/tests/container-images/gerrit-init/test_container_structure_gerrit_init.py
index 909a3b5..0b6c3bf 100755
--- a/tests/container-images/gerrit-init/test_container_structure_gerrit_init.py
+++ b/tests/container-images/gerrit-init/test_container_structure_gerrit_init.py
@@ -24,26 +24,17 @@
@pytest.fixture(
scope="function",
- params=[
- "/var/tools/gerrit_init.py",
- "/var/tools/git_config_parser.py",
- "/var/tools/validate_db.py",
- ],
+ params=["/var/tools/gerrit_init.py", "/var/tools/git_config_parser.py"],
)
def expected_script(request):
return request.param
-@pytest.fixture(scope="function", params=["python3", "pip3", "mysql"])
+@pytest.fixture(scope="function", params=["python3"])
def expected_tool(request):
return request.param
-@pytest.fixture(scope="function", params=["pymysql", "sqlalchemy"])
-def expected_pip_package(request):
- return request.param
-
-
def test_gerrit_init_inherits_from_gerrit_base(gerrit_init_image):
contains_tag = False
for layer in gerrit_init_image.history():
@@ -65,13 +56,6 @@
assert exit_code == 0
-def test_gerrit_init_contains_expected_pip_packages(
- container_run, expected_pip_package
-):
- exit_code, _ = container_run.exec_run("pip3 show %s" % expected_pip_package)
- assert exit_code == 0
-
-
def test_gerrit_init_has_entrypoint(gerrit_init_image):
entrypoint = gerrit_init_image.attrs["ContainerConfig"]["Entrypoint"]
assert len(entrypoint) >= 1
diff --git a/tests/container-images/gerrit-master/test_container_integration_gerrit_master.py b/tests/container-images/gerrit-master/test_container_integration_gerrit_master.py
index f654465..61791db 100644
--- a/tests/container-images/gerrit-master/test_container_integration_gerrit_master.py
+++ b/tests/container-images/gerrit-master/test_container_integration_gerrit_master.py
@@ -37,9 +37,6 @@
[gerrit]
basePath = git
- [database]
- type = H2
-
[httpd]
listenUrl = http://*:8081
diff --git a/tests/container-images/gerrit-slave/test_container_integration_gerrit_slave.py b/tests/container-images/gerrit-slave/test_container_integration_gerrit_slave.py
index ac97b24..86132d1 100644
--- a/tests/container-images/gerrit-slave/test_container_integration_gerrit_slave.py
+++ b/tests/container-images/gerrit-slave/test_container_integration_gerrit_slave.py
@@ -14,8 +14,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-from glob import glob
-
import os
import os.path
import re
@@ -35,7 +33,7 @@
@pytest.fixture(scope="class")
-def container_run_h2(
+def container_run(
request,
docker_client,
docker_network,
@@ -48,9 +46,6 @@
[gerrit]
basePath = git
- [database]
- type = H2
-
[httpd]
listenUrl = http://*:8081
@@ -65,6 +60,7 @@
success = True
""",
}
+
test_setup = gerrit_container_factory(
docker_client, docker_network, tmp_dir, gerrit_slave_image, configs, 8081
)
@@ -75,43 +71,9 @@
return test_setup.gerrit_container
-@pytest.fixture(scope="class")
-def container_run_mysql(
- request,
- docker_client,
- docker_network,
- tmp_dir,
- gerrit_slave_image,
- gerrit_container_factory,
-):
- configs = {
- "gerrit.config": """
- [gerrit]
- basePath = git
-
- [database]
- type = MySQL
-
- [httpd]
- listenUrl = http://*:8082
-
- [container]
- slave = true
- """
- }
- test_setup = gerrit_container_factory(
- docker_client, docker_network, tmp_dir, gerrit_slave_image, configs, 8082
- )
- test_setup.start()
-
- request.addfinalizer(test_setup.stop)
-
- return test_setup.gerrit_container
-
-
@pytest.mark.slow
@pytest.mark.incremental
-class TestGerritSlaveH2:
+class TestGerritSlave:
@pytest.fixture(params=CONFIG_FILES)
def config_file_to_test(self, request):
return request.param
@@ -120,18 +82,18 @@
def expected_repository(self, request):
return request.param
- def test_gerrit_slave_gerrit_starts_up(self, container_run_h2):
+ def test_gerrit_slave_gerrit_starts_up(self, container_run):
def wait_for_gerrit_start():
- log = container_run_h2.logs().decode("utf-8")
+ log = container_run.logs().decode("utf-8")
return log, re.search(r"Gerrit Code Review .+ ready", log)
finished_in_time, _ = utils.exec_fn_with_timeout(wait_for_gerrit_start, 60)
assert finished_in_time
def test_gerrit_slave_custom_gerrit_config_available(
- self, container_run_h2, config_file_to_test
+ self, container_run, config_file_to_test
):
- exit_code, output = container_run_h2.exec_run(
+ exit_code, output = container_run.exec_run(
"git config --file=/var/gerrit/etc/%s --get test.success"
% config_file_to_test
)
@@ -139,38 +101,19 @@
assert exit_code == 0
assert output == "True"
- def test_gerrit_slave_repository_exists(
- self, container_run_h2, expected_repository
- ):
- exit_code, _ = container_run_h2.exec_run(
+ def test_gerrit_slave_repository_exists(self, container_run, expected_repository):
+ exit_code, _ = container_run.exec_run(
"test -d /var/gerrit/git/%s" % expected_repository
)
assert exit_code == 0
- def test_gerrit_slave_clone_repo_works(self, container_run_h2, tmp_path_factory):
- container_run_h2.exec_run("git init --bare /var/gerrit/git/test.git")
+ def test_gerrit_slave_clone_repo_works(self, container_run, tmp_path_factory):
+ container_run.exec_run("git init --bare /var/gerrit/git/test.git")
clone_dest = tmp_path_factory.mktemp("gerrit_slave_clone_test")
repo = git.Repo.clone_from("http://localhost:8081/test.git", clone_dest)
assert repo.git_dir == os.path.join(clone_dest, ".git")
- def test_gerrit_slave_webui_not_accessible(self, container_run_h2):
+ def test_gerrit_slave_webui_not_accessible(self, container_run):
response = requests.get("http://localhost:8081")
assert response.status_code == 404
assert response.text == "Not Found"
-
-
-@pytest.mark.slow
-def test_gerrit_slave_downloads_mysql_driver(container_run_mysql, tmp_dir):
- def wait_for_mysql_driver_download():
- _, output = container_run_mysql.exec_run(
- "find /var/gerrit/lib -name 'mysql-connector-java-*.jar'"
- )
- output = output.decode("utf-8").strip()
- return output, re.match(r"/var/gerrit/lib/mysql-connector-java-.*\.jar", output)
-
- finished_in_time, _ = utils.exec_fn_with_timeout(wait_for_mysql_driver_download, 20)
- assert finished_in_time
-
- driver_path_pattern = os.path.join(tmp_dir, "lib", "mysql-connector-java-*.jar")
- lib_files = [f for f in glob(driver_path_pattern) if os.path.isfile(f)]
- assert lib_files
diff --git a/tests/container-images/gerrit-slave/test_container_structure_gerrit_slave.py b/tests/container-images/gerrit-slave/test_container_structure_gerrit_slave.py
index 3e363d8..25b5ea2 100755
--- a/tests/container-images/gerrit-slave/test_container_structure_gerrit_slave.py
+++ b/tests/container-images/gerrit-slave/test_container_structure_gerrit_slave.py
@@ -12,8 +12,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-import re
-
import pytest
@@ -24,9 +22,7 @@
container_run.stop(timeout=1)
-@pytest.fixture(
- scope="function", params=["/var/tools/start", "/var/tools/download_db_driver"]
-)
+@pytest.fixture(scope="function", params=["/var/tools/start"])
def expected_script(request):
return request.param
@@ -52,15 +48,6 @@
assert exit_code == 3
-def test_gerrit_slave_contains_downloaded_mysql_driver(container_run):
- exit_code, output = container_run.exec_run(
- "find /var/gerrit/lib -name 'mysql-connector-java-*.jar'"
- )
- output = output.decode("utf-8").strip()
- assert exit_code == 0
- assert re.match(r"/var/gerrit/lib/mysql-connector-java-.*\.jar", output)
-
-
def test_gerrit_slave_gerrit_is_configured_slave(container_run):
exit_code, output = container_run.exec_run(
"git config -f /var/gerrit/etc/gerrit.config --get container.slave"
diff --git a/tests/container-images/mysql-replication-init/test_container_build_mysql_replication_init.py b/tests/container-images/mysql-replication-init/test_container_build_mysql_replication_init.py
deleted file mode 100644
index 439ad15..0000000
--- a/tests/container-images/mysql-replication-init/test_container_build_mysql_replication_init.py
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright (C) 2018 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import pytest
-
-
-def test_build_mysql_replication_init(
- mysql_replication_init_image, tag_of_cached_container
-):
- if tag_of_cached_container:
- pytest.skip("Cached image used for testing. Build will not be tested.")
- assert mysql_replication_init_image.id is not None
diff --git a/tests/container-images/mysql-replication-init/test_container_integration_mysql_replication_init.py b/tests/container-images/mysql-replication-init/test_container_integration_mysql_replication_init.py
deleted file mode 100644
index eff71b4..0000000
--- a/tests/container-images/mysql-replication-init/test_container_integration_mysql_replication_init.py
+++ /dev/null
@@ -1,153 +0,0 @@
-# Copyright (C) 2018 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os.path
-import re
-import time
-
-import pytest
-
-MYSQL_CONFIG = {
- "MYSQL_HOST": "k8sgerrit-mysql",
- "MYSQL_PORT": 3306,
- "MYSQL_ROOT_PASSWORD": "big_secret",
- "REPL_PASSWORD": "test",
-}
-
-
-@pytest.fixture()
-def mock_dump():
- return (
- "CREATE DATABASE `users`;"
- "USE `users`;"
- "CREATE TABLE `users` ("
- "`id` INT(11) NOT NULL,"
- "`first_name` VARCHAR(50),"
- "`last_name` VARCHAR(50),"
- "`password` VARCHAR(100),"
- "PRIMARY KEY (`id`))"
- )
-
-
-@pytest.fixture(scope="module")
-def mock_sql_script(tmp_path_factory):
- tmp_dir = tmp_path_factory.mktemp("mysql_init_script")
- with open(os.path.join(tmp_dir, "initialize-slave.sql"), "w") as sql_file:
- sql_file.write(
- (
- "USE `users`;"
- "SET @query = CONCAT("
- '"INSERT INTO `users` (id, first_name, last_name, password) ",'
- "\"VALUES (1, 'John', 'Doe', '\", @replpwd, \"');\");"
- "PREPARE stmt FROM @query;"
- "EXECUTE stmt;"
- )
- )
- return tmp_dir
-
-
-@pytest.fixture(scope="module")
-def mysql_container(request, docker_client, docker_network, mysql_container_factory):
- mysql_container = mysql_container_factory(
- docker_client, docker_network, MYSQL_CONFIG
- )
- mysql_container.start()
-
- request.addfinalizer(mysql_container.stop)
-
- return mysql_container
-
-
-@pytest.fixture(scope="module")
-def init_container(
- request,
- docker_client,
- docker_network,
- mysql_replication_init_image,
- mock_sql_script,
-):
- container_run = docker_client.containers.run(
- image=mysql_replication_init_image.id,
- environment=MYSQL_CONFIG,
- volumes={mock_sql_script: {"bind": "/var/sql", "mode": "ro"}},
- network=docker_network.name,
- name="mysql-replication-init",
- detach=True,
- )
-
- def stop_container():
- container_run.stop(timeout=1)
- container_run.remove(v=True, force=True)
-
- request.addfinalizer(stop_container)
-
- return container_run
-
-
-@pytest.fixture(scope="module")
-def containers(mysql_container, init_container):
- return mysql_container, init_container
-
-
-@pytest.mark.slow
-@pytest.mark.incremental
-class TestMysqlInitScript:
- def test_mysql_replication_init_waiting_for_dump(self, containers):
- (_, init_container) = containers
- timeout = time.time() + 20
- while time.time() < timeout:
- last_log_line = init_container.logs(tail=1).decode("utf-8").strip()
- if (
- last_log_line
- == "Waiting for database dump file at /var/data/db/master_dump.sql"
- ):
- break
- assert timeout > time.time()
-
- def test_mysql_replication_init_accepts_dump(self, containers, mock_dump):
- (_, init_container) = containers
- cmd = "/bin/bash -c \"echo '%s' > /var/data/db/master_dump.sql\"" % mock_dump
- init_container.exec_run(cmd)
- timeout = time.time() + 20
- while time.time() < timeout:
- logs = init_container.logs().decode("utf-8")
- if re.search(r"Database dump received", logs):
- break
- assert timeout > time.time()
-
- def test_mysql_replication_init_finishes(self, containers):
- (_, init_container) = containers
- timeout = time.time() + 20
- while time.time() < timeout:
- init_container.reload()
- if init_container.status == "exited":
- break
- assert timeout > time.time()
- assert init_container.attrs["State"]["ExitCode"] == 0
-
- def test_mysql_replication_init_applies_dump(self, containers):
- (mysql_container, _) = containers
- connection = mysql_container.connect()
- result = connection.execute("SHOW DATABASES;")
- connection.close()
- assert "users" in [row[0] for row in result]
-
- def test_mysql_replication_init_runs_slave_init_script(self, containers):
- (mysql_container, _) = containers
- connection = mysql_container.connect()
- result = connection.execute("USE `users`;")
- result = connection.execute("SELECT password FROM users WHERE id=1 LIMIT 1;")
- connection.close()
- for row in result:
- assert MYSQL_CONFIG["REPL_PASSWORD"] in row["password"]
diff --git a/tests/container-images/mysql-replication-init/test_container_structure_mysql_replication_init.py b/tests/container-images/mysql-replication-init/test_container_structure_mysql_replication_init.py
deleted file mode 100644
index 66d6299..0000000
--- a/tests/container-images/mysql-replication-init/test_container_structure_mysql_replication_init.py
+++ /dev/null
@@ -1,45 +0,0 @@
-# Copyright (C) 2018 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import pytest
-
-
-@pytest.fixture(scope="module")
-def container_run(docker_client, mysql_replication_init_image):
- container_run = docker_client.containers.run(
- image=mysql_replication_init_image.id,
- entrypoint="/bin/bash",
- command=["-c", "tail -f /dev/null"],
- detach=True,
- auto_remove=True,
- )
-
- yield container_run
- container_run.stop(timeout=1)
-
-
-def test_mysql_replication_init_contains_mysql_client(container_run):
- exit_code, _ = container_run.exec_run("which mysql")
- assert exit_code == 0
-
-
-def test_mysql_replication_init_contains_start_script(container_run):
- exit_code, _ = container_run.exec_run("test -f /var/tools/start")
- assert exit_code == 0
-
-
-def test_mysql_replication_init_has_entrypoint(mysql_replication_init_image):
- entrypoint = mysql_replication_init_image.attrs["ContainerConfig"]["Entrypoint"]
- assert len(entrypoint) >= 1
- assert "/var/tools/start" in entrypoint