|
| 1 | +FROM redhat/ubi9-minimal |
| 2 | + |
| 3 | +# user 999/ group 999, that we want to use for compatibility with the ubuntu image. |
| 4 | +RUN groupadd --gid 999 -r mysql && \ |
| 5 | + useradd -r -g mysql mysql --home-dir /var/lib/mysql --uid 999 |
| 6 | + |
| 7 | +ENV GOSU_VERSION 1.17 |
| 8 | +RUN set -eux; \ |
| 9 | + rpmArch="$(rpm --query --queryformat='%{ARCH}' rpm)"; \ |
| 10 | + case "$rpmArch" in \ |
| 11 | + aarch64) dpkgArch='arm64' ;; \ |
| 12 | + armv7*) dpkgArch='armhf' ;; \ |
| 13 | + i686) dpkgArch='i386' ;; \ |
| 14 | + ppc64le) dpkgArch='ppc64el' ;; \ |
| 15 | + s390x|riscv64) dpkgArch=$rpmArch ;; \ |
| 16 | + x86_64) dpkgArch='amd64' ;; \ |
| 17 | + *) echo >&2 "error: unknown/unsupported architecture '$rpmArch'"; exit 1 ;; \ |
| 18 | + esac; \ |
| 19 | + curl --fail --location --output /usr/local/bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch} ; \ |
| 20 | + curl --fail --location --output /usr/local/bin/gosu.asc https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}.asc; \ |
| 21 | + GNUPGHOME="$(mktemp -d)"; \ |
| 22 | + export GNUPGHOME; \ |
| 23 | + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ |
| 24 | + chmod a+x /usr/local/bin/gosu; \ |
| 25 | + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ |
| 26 | + gpgconf --kill all; \ |
| 27 | + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ |
| 28 | + gosu --version; \ |
| 29 | + gosu nobody true |
| 30 | + |
| 31 | +COPY --chmod=0644 docker.cnf /etc/my.cnf.d/ |
| 32 | + |
| 33 | +COPY MariaDB.repo /etc/yum.repos.d/ |
| 34 | + |
| 35 | +# HasRequiredLabel requirement from Red Hat OpenShift Software Certification |
| 36 | +# https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html/red_hat_openshift_software_certification_policy_guide/assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction#con-image-metadata-requirements_openshift-sw-cert-policy-container-images |
| 37 | +LABEL name="MariaDB Server" \ |
| 38 | + vendor="MariaDB Community" \ |
| 39 | + version="11.7.1" \ |
| 40 | + release="Refer to Annotations org.opencontainers.image.{revision,source}" \ |
| 41 | + summary="MariaDB Database" \ |
| 42 | + description="MariaDB Database for relational SQL" |
| 43 | + |
| 44 | +# OCI annotations to image |
| 45 | +LABEL org.opencontainers.image.authors="MariaDB Community" \ |
| 46 | + org.opencontainers.image.title="MariaDB Database" \ |
| 47 | + org.opencontainers.image.description="MariaDB Database for relational SQL" \ |
| 48 | + org.opencontainers.image.documentation="https://hub.docker.com/_/mariadb/" \ |
| 49 | + org.opencontainers.image.base.name="docker.io/redhat/ubi9-minimal" \ |
| 50 | + org.opencontainers.image.licenses="GPL-2.0" \ |
| 51 | + org.opencontainers.image.source="https://github.com/MariaDB/mariadb-docker" \ |
| 52 | + org.opencontainers.image.vendor="MariaDB Community" \ |
| 53 | + org.opencontainers.image.version="11.7.1" \ |
| 54 | + org.opencontainers.image.url="https://github.com/MariaDB/mariadb-docker" |
| 55 | + |
| 56 | +# bashbrew-architectures: amd64 arm64v8 ppc64le s390x |
| 57 | +ARG MARIADB_VERSION=11.7.1 |
| 58 | +ENV MARIADB_VERSION=$MARIADB_VERSION |
| 59 | +# release-status:RC |
| 60 | +# release-support-type:Short Term Support |
| 61 | +# (https://downloads.mariadb.org/rest-api/mariadb/) |
| 62 | + |
| 63 | +# missing pwgen(epel), jemalloc(epel) (as entrypoint/user extensions) |
| 64 | +# procps, pv(epel) - missing dependencies of galera sst script |
| 65 | +# tzdata re-installed as only a fake version is part of the ubi-minimal base image. |
| 66 | +# FF8AD1344597106ECE813B918A3872BF3228467C is the Fedora RPM key |
| 67 | +# 177F4010FE56CA3336300305F1656F24C74CD1D8 is the MariaDB Server RPM key |
| 68 | +RUN set -eux ; \ |
| 69 | + curl --fail https://pagure.io/fedora-web/websites/raw/master/f/sites/getfedora.org/static/keys/FF8AD1344597106ECE813B918A3872BF3228467C.txt --output /tmp/epelkey.txt ; \ |
| 70 | + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME ; \ |
| 71 | + gpg --batch --import /tmp/epelkey.txt ; \ |
| 72 | + gpg --batch --armor --export FF8AD1344597106ECE813B918A3872BF3228467C > /tmp/epelkey.txt ; \ |
| 73 | + rpmkeys --import /tmp/epelkey.txt ; \ |
| 74 | + curl --fail https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm --output /tmp/epel-release-latest-9.noarch.rpm ; \ |
| 75 | + rpm -K /tmp/epel-release-latest-9.noarch.rpm ; \ |
| 76 | + rpm -ivh /tmp/epel-release-latest-9.noarch.rpm ; \ |
| 77 | + rm /tmp/epelkey.txt /tmp/epel-release-latest-9.noarch.rpm ; \ |
| 78 | + curl --fail https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY --output /tmp/MariaDB-Server-GPG-KEY ; \ |
| 79 | + gpg --batch --import /tmp/MariaDB-Server-GPG-KEY; \ |
| 80 | + gpg --batch --armor --export 177F4010FE56CA3336300305F1656F24C74CD1D8 > /tmp/MariaDB-Server-GPG-KEY ; \ |
| 81 | + rpmkeys --import /tmp/MariaDB-Server-GPG-KEY ; \ |
| 82 | + rm -rf "$GNUPGHOME" /tmp/MariaDB-Server-GPG-KEY ; \ |
| 83 | + unset GNUPGHOME ; \ |
| 84 | + microdnf update -y ; \ |
| 85 | + microdnf reinstall -y tzdata ; \ |
| 86 | + microdnf install -y procps-ng zstd xz jemalloc pwgen pv ; \ |
| 87 | + mkdir -p /etc/mysql/conf.d /etc/mysql/mariadb.conf.d/ /var/lib/mysql/mysql /run/mariadb /usr/lib64/galera ; \ |
| 88 | + chmod ugo+rwx,o+t /run/mariadb ; \ |
| 89 | + microdnf install -y MariaDB-backup-${MARIADB_VERSION} MariaDB-server-${MARIADB_VERSION} ; \ |
| 90 | + # compatibility with DEB Galera packaging |
| 91 | + ln -s /usr/lib64/galera-4/libgalera_smm.so /usr/lib/libgalera_smm.so ; \ |
| 92 | + # compatibility with RPM Galera packaging |
| 93 | + ln -s /usr/lib64/galera-4/libgalera_smm.so /usr/lib64/galera/libgalera_smm.so ; \ |
| 94 | + microdnf clean all ; \ |
| 95 | + rmdir /var/lib/mysql/mysql ; \ |
| 96 | + chown -R mysql:mysql /var/lib/mysql /run/mariadb ; \ |
| 97 | + mkdir /licenses ; \ |
| 98 | + ln -s /usr/share/doc/MariaDB-server-${MARIADB_VERSION}/COPYING /licenses/GPL-2 ; \ |
| 99 | + ln -s /usr/share/licenses /licenses/package-licenses ; \ |
| 100 | + ln -s Apache-2.0-license /licenses/gosu |
| 101 | + |
| 102 | +VOLUME /var/lib/mysql |
| 103 | + |
| 104 | +RUN mkdir /docker-entrypoint-initdb.d |
| 105 | + |
| 106 | +COPY healthcheck.sh /usr/local/bin/healthcheck.sh |
| 107 | +COPY docker-entrypoint.sh /usr/local/bin/ |
| 108 | + |
| 109 | +ENTRYPOINT ["docker-entrypoint.sh"] |
| 110 | + |
| 111 | +USER mysql |
| 112 | +EXPOSE 3306 |
| 113 | +CMD ["mariadbd"] |
0 commit comments