Support mysql 8.4 on CentOS Stream 10

8.0/root/usr/share/container-scripts/mysql/README.md

@@ -120,8 +120,11 @@ The following environment variables influence the MySQL configuration file. They
 **`MYSQL_LOG_QUERIES_ENABLED (default: 0)`**  
        To enable query logging set this to `1`
 
-**`MYSQL_DEFAULT_AUTHENTICATION_PLUGIN (default: caching_sha2_password)`**  
-       Set default authentication plugin. Accepts values `mysql_native_password` or `caching_sha2_password`.
+**`MYSQL_AUTHENTICATION_POLICY (default: 'caching_sha2_password,,')`**  
+       Set authentication_policy. See https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_authentication_plugin for more information. This option replaces deprecated MYSQL_DEFAULT_AUTHENTICATION_PLUGIN.
+
+**`MYSQL_DEFAULT_AUTHENTICATION_PLUGIN (deprecated; default: caching_sha2_password)`**  
+       Set default authentication plugin. Accepts values `mysql_native_password` or `caching_sha2_password`. This option is deprecated, use `MYSQL_AUTHENTICATION_POLICY` instead.
 
 You can also set the following mount points by passing the `-v /host:/container` flag to Docker.
 
@@ -244,11 +247,11 @@ Variables that can be used in the scripts provided to s2i:
 `$mysql_flags`
     arguments for the `mysql` tool that will connect to the locally running `mysqld` during initialization
 
-`$MYSQL_RUNNING_AS_MASTER`
-    variable defined when the container is run with `run-mysqld-master` command
+`$MYSQL_RUNNING_AS_SOURCE`
+    variable defined when the container is run with `run-mysqld-source` command
 
-`$MYSQL_RUNNING_AS_SLAVE`
-    variable defined when the container is run with `run-mysqld-slave` command
+`$MYSQL_RUNNING_AS_REPLICA`
+    variable defined when the container is run with `run-mysqld-replica` command
 
 `$MYSQL_DATADIR_FIRST_INIT`
     variable defined when the container was initialized from the empty data dir
@@ -291,51 +294,32 @@ Upgrading and data directory version checking
 
 MySQL and MariaDB use versions that consist of three numbers X.Y.Z (e.g. 5.6.23).
 For version changes in Z part, the server's binary data format stays compatible and thus no
-special upgrade procedure is needed. For upgrades from X.Y to X.Y+1, consider doing manual
+special upgrade procedure is needed. For upgrades from X.Y to X.Y+z, consider doing manual
 steps as described at
 https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous-series.html.
 
-Skipping versions like from X.Y to X.Y+2 or downgrading to lower version is not supported;
-the only exception is ugrading from MariaDB 5.5 to MariaDB 10.0.
+Skipping LTS versions like 5.7 to 8.4 or downgrading to lower version is not supported.
 
 **Important**: Upgrading to a new version is always risky and users are expected to make a full
 back-up of all data before.
 
 A safer solution to upgrade is to dump all data using `mysqldump` or `mysqldbexport` and then
 load the data using `mysql` or `mysqldbimport` into an empty (freshly initialized) database.
 
-Another way of proceeding with the upgrade is starting the new version of the `mysqld` daemon
-and run `mysql_upgrade` right after the start. This so called in-place upgrade is generally
-faster for large data directory, but only possible if upgrading from the very previous version,
-so skipping versions is not supported.
-
-This container detects whether the data needs to be upgraded using `mysql_upgrade` and
-we can control it by setting `MYSQL_DATADIR_ACTION` variable, which can have one or more of the following values:
-
- * `upgrade-warn` -- If the data version can be determined and the data come from a different version
-   of the daemon, a warning is printed but the container starts. This is the default value.
-   Since historically the version file `mysql_upgrade_info` was not created, when using this option,
-   the version file is created if not exist, but no `mysql_upgrade` will be called.
-   However, this automatic creation will be removed after few months, since the version should be
-   created on most deployments at that point.
- * `upgrade-auto` -- `mysql_upgrade` is run at the beginning of the container start, when the local
-   daemon is running, but only if the data version can be determined and the data come
-   with the very previous version. A warning is printed if the data come from even older
-   or newer version. This value effectively enables automatic upgrades,
-   but it is always risky and users should still back-up all the data before starting the newer container.
-   Set this option only if you have very good back-ups at any moment and you are fine to fail-over
-   from the back-up.
- * `upgrade-force` -- `mysql_upgrade --force` is run at the beginning of the container start, when the local
-   daemon is running, no matter what version of the daemon the data come from.
-   This is also the way to create the missing version file `mysql_upgrade_info` if not present
-   in the root of the data directory; this file holds information about the version of the data.
+Another way of proceeding with the upgrade is starting the new version of the `mysqld` daemon.
+This so called in-place upgrade is generally faster for large data directory, but only possible
+if upgrading from the very previous LTS version, so skipping LTS versions is not supported.
+
+Starting 8.0.16, `mysql_upgrade` functionality was moved to the MySQL server itself and executes
+all datadir actions automatically when necessary. After `mysql_upgrade` being labeled as deprecated
+since this version, it is missing in MySQL 8.4.x entirely. Therefore, several values previously
+used for the `MYSQL_DATADIR_ACTION` variable are No-op and server starts as usually.
 
 There are also some other actions that you may want to run at the beginning of the container start,
 when the local daemon is running, no matter what version of the data is detected:
 
  * `optimize` -- runs `mysqlcheck --optimize`. It optimizes all the tables.
  * `analyze` -- runs `mysqlcheck --analyze`. It analyzes all the tables.
- * `disable` -- nothing is done regarding data directory version.
 
 Multiple values are separated by comma and run in-order, e.g. `MYSQL_DATADIR_ACTION="optimize,analyze"`.
 
@@ -346,8 +330,8 @@ Some applications may wish to use `row` binlog_formats (for example, those built
   with change-data-capture in mind). The default replication/binlog format is
   `statement` but to change it you can set the `MYSQL_BINLOG_FORMAT` environment
   variable. For example `MYSQL_BINLOG_FORMAT=row`. Now when you run the database
-  with `master` replication turned on (ie, set the Docker/container `cmd` to be
-`run-mysqld-master`) the binlog will emit the actual data for the rows that change
+  with `source/replica` replication turned on (ie, set the Docker/container `cmd` to be
+`run-mysqld-source`) the binlog will emit the actual data for the rows that change
 as opposed to the statements (ie, DML like insert...) that caused the change.
 
 

8.0/s2i-common

@@ -1 +1 @@
-../s2i-common/
+../s2i-common

8.0/test

@@ -1 +1 @@
-../test/
+../test

8.4/Dockerfile.c10s

@@ -0,0 +1,75 @@
+FROM quay.io/sclorg/s2i-core-c10s:c10s
+
+# MySQL image for OpenShift.
+#
+# Volumes:
+#  * /var/lib/mysql/data - Datastore for MySQL
+# Environment:
+#  * $MYSQL_USER - Database user name
+#  * $MYSQL_PASSWORD - User's password
+#  * $MYSQL_DATABASE - Name of the database to create
+#  * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account
+
+ENV MYSQL_VERSION=8.4 \
+    MYSQL_SHORT_VERSION=84 \
+    APP_DATA=/opt/app-root/src \
+    HOME=/var/lib/mysql \
+    NAME=mysql
+
+ENV SUMMARY="MySQL 8.4 SQL database server" \
+    DESCRIPTION="MySQL is a multi-user, multi-threaded SQL database server. The container \
+image provides a containerized packaging of the MySQL mysqld daemon and client application. \
+The mysqld server daemon accepts connections from clients and provides access to content from \
+MySQL databases on behalf of the clients."
+
+LABEL summary="$SUMMARY" \
+      description="$DESCRIPTION" \
+      io.k8s.description="$DESCRIPTION" \
+      io.k8s.display-name="MySQL $MYSQL_VERSION" \
+      io.openshift.expose-services="3306:mysql" \
+      io.openshift.tags="database,mysql,mysql$MYSQL_SHORT_VERSION,mysql-$MYSQL_SHORT_VERSION" \
+      com.redhat.component="$NAME-$MYSQL_SHORT_VERSION-container" \
+      name="sclorg/$NAME-$MYSQL_SHORT_VERSION-c10s" \
+      version="1" \
+      com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \
+      usage="podman run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 quay.io/sclorg/$NAME-$MYSQL_SHORT_VERSION-c10s:c10s" \
+      maintainer="SoftwareCollections.org <[email protected]>"
+
+EXPOSE 3306
+
+# This image must forever use UID 27 for mysql user so our volumes are
+# safe in the future. This should *never* change, the last test is there
+# to make sure of that.
+RUN INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mysql-server procps-ng" && \
+    dnf install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
+    rpm -V $INSTALL_PKGS && \
+    dnf -y clean all --enablerepo='*' && \
+    mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \
+    test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)"
+
+# Get prefix path and path to scripts rather than hard-code them in scripts
+ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \
+    MYSQL_PREFIX=/usr
+
+COPY 8.4/root-common /
+COPY 8.4/s2i-common/bin/ $STI_SCRIPTS_PATH
+COPY 8.4/root /
+
+# Hard links are not supported in Testing Farm approach during sync to guest
+# operation system. Therefore tests are failing on error
+# /usr/libexec/s2i/run no such file or directory
+RUN ln -s /bin/run-mysqld $STI_SCRIPTS_PATH/run
+
+# this is needed due to issues with squash
+# when this directory gets rm'd by the container-setup
+# script.
+# Also reset permissions of filesystem to default values
+RUN rm -rf /etc/my.cnf.d/* && \
+    /usr/libexec/container-setup && \
+    rpm-file-permissions && \
+    /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION"
+
+USER 27
+
+ENTRYPOINT ["container-entrypoint"]
+CMD ["run-mysqld"]

8.4/Dockerfile.c9s

@@ -0,0 +1,76 @@
+FROM quay.io/sclorg/s2i-core-c9s:c9s
+
+# MySQL image for OpenShift.
+#
+# Volumes:
+#  * /var/lib/mysql/data - Datastore for MySQL
+# Environment:
+#  * $MYSQL_USER - Database user name
+#  * $MYSQL_PASSWORD - User's password
+#  * $MYSQL_DATABASE - Name of the database to create
+#  * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account
+
+ENV MYSQL_VERSION=8.4 \
+    MYSQL_SHORT_VERSION=84 \
+    APP_DATA=/opt/app-root/src \
+    HOME=/var/lib/mysql \
+    NAME=mysql
+
+ENV SUMMARY="MySQL 8.4 SQL database server" \
+    DESCRIPTION="MySQL is a multi-user, multi-threaded SQL database server. The container \
+image provides a containerized packaging of the MySQL mysqld daemon and client application. \
+The mysqld server daemon accepts connections from clients and provides access to content from \
+MySQL databases on behalf of the clients."
+
+LABEL summary="$SUMMARY" \
+      description="$DESCRIPTION" \
+      io.k8s.description="$DESCRIPTION" \
+      io.k8s.display-name="MySQL $MYSQL_VERSION" \
+      io.openshift.expose-services="3306:mysql" \
+      io.openshift.tags="database,mysql,mysql$MYSQL_SHORT_VERSION,mysql-$MYSQL_SHORT_VERSION" \
+      com.redhat.component="$NAME-$MYSQL_SHORT_VERSION-container" \
+      name="sclorg/$NAME-$MYSQL_SHORT_VERSION-c9s" \
+      version="1" \
+      com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \
+      usage="podman run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 quay.io/sclorg/$NAME-$MYSQL_SHORT_VERSION-c9s:c9s" \
+      maintainer="SoftwareCollections.org <[email protected]>"
+
+EXPOSE 3306
+
+# This image must forever use UID 27 for mysql user so our volumes are
+# safe in the future. This should *never* change, the last test is there
+# to make sure of that.
+RUN yum -y module enable mysql:$MYSQL_VERSION && \
+    INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mysql-server" && \
+    dnf install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
+    rpm -V $INSTALL_PKGS && \
+    dnf -y clean all --enablerepo='*' && \
+    mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \
+    test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)"
+
+# Get prefix path and path to scripts rather than hard-code them in scripts
+ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \
+    MYSQL_PREFIX=/usr
+
+COPY 8.4/root-common /
+COPY 8.4/s2i-common/bin/ $STI_SCRIPTS_PATH
+COPY 8.4/root /
+
+# Hard links are not supported in Testing Farm approach during sync to guest
+# operation system. Therefore tests are failing on error
+# /usr/libexec/s2i/run no such file or directory
+RUN ln -s /bin/run-mysqld $STI_SCRIPTS_PATH/run
+
+# this is needed due to issues with squash
+# when this directory gets rm'd by the container-setup
+# script.
+# Also reset permissions of filesystem to default values
+RUN rm -rf /etc/my.cnf.d/* && \
+    /usr/libexec/container-setup && \
+    rpm-file-permissions && \
+    /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION"
+
+USER 27
+
+ENTRYPOINT ["container-entrypoint"]
+CMD ["run-mysqld"]

8.4/Dockerfile.fedora

@@ -0,0 +1,78 @@
+FROM quay.io/fedora/s2i-core:41
+
+# MySQL image for OpenShift.
+#
+# Volumes:
+#  * /var/lib/mysql/data - Datastore for MySQL
+# Environment:
+#  * $MYSQL_USER - Database user name
+#  * $MYSQL_PASSWORD - User's password
+#  * $MYSQL_DATABASE - Name of the database to create
+#  * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account
+
+ENV MYSQL_VERSION=8.4 \
+    MYSQL_SHORT_VERSION=84 \
+    APP_DATA=/opt/app-root/src \
+    HOME=/var/lib/mysql
+
+ENV SUMMARY="MySQL $MYSQL_VERSION SQL database server" \
+    DESCRIPTION="MySQL is a multi-user, multi-threaded SQL database server. The container \
+image provides a containerized packaging of the MySQL mysqld daemon and client application. \
+The mysqld server daemon accepts connections from clients and provides access to content from \
+MySQL databases on behalf of the clients." \
+    NAME=mysql
+
+LABEL summary="$SUMMARY" \
+      description="$DESCRIPTION" \
+      io.k8s.description="$DESCRIPTION" \
+      io.k8s.display-name="MySQL $MYSQL_VERSION" \
+      io.openshift.expose-services="3306:mysql" \
+      io.openshift.tags="database,mysql,mysql$MYSQL_SHORT_VERSION" \
+      com.redhat.component="$NAME" \
+      name="fedora/$NAME-$MYSQL_SHORT_VERSION" \
+      version="$MYSQL_VERSION" \
+      usage="docker run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 quay.io/fedora/$NAME-$MYSQL_SHORT_VERSION" \
+      maintainer="SoftwareCollections.org <[email protected]>"
+
+EXPOSE 3306
+
+# On Fedora, we fake missing python binary. In case user installs the python2
+# in the container, this hack will be removed by installing /usr/bin/python from RPM.
+RUN ln -s /usr/bin/python3 /usr/bin/python
+
+# This image must forever use UID 27 for mysql user so our volumes are
+# safe in the future. This should *never* change, the last test is there
+# to make sure of that.
+RUN INSTALL_PKGS="rsync tar gettext hostname bind-utils groff-base community-mysql-server policycoreutils" && \
+    dnf install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
+    rpm -V $INSTALL_PKGS && \
+    dnf -y clean all --enablerepo='*' && \
+    mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \
+    test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)"
+
+# Get prefix path and path to scripts rather than hard-code them in scripts
+ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \
+    MYSQL_PREFIX=/usr
+
+COPY 8.4/root-common /
+COPY 8.4/s2i-common/bin/ $STI_SCRIPTS_PATH
+COPY 8.4/root /
+
+# Hard links are not supported in Testing Farm approach during sync to guest
+# operation system. Therefore tests are failing on error
+# /usr/libexec/s2i/run no such file or directory
+RUN ln -s /bin/run-mysqld $STI_SCRIPTS_PATH/run
+
+# this is needed due to issues with squash
+# when this directory gets rm'd by the container-setup
+# script.
+# Also reset permissions of filesystem to default values
+RUN rm -rf /etc/my.cnf.d/* && \
+    /usr/libexec/container-setup && \
+    rpm-file-permissions && \
+    /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION"
+
+USER 27
+
+ENTRYPOINT ["container-entrypoint"]
+CMD ["run-mysqld"]