No need to create 999 user in dockerfile (#30)

Signed-off-by: Arnob kumar saha <arnob@appscode.com>
kubedb · Jan 13, 2024 · c7ebd09 · c7ebd09
1 parent 814021e
commit c7ebd09
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 20 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -29,9 +29,6 @@ FROM alpine:latest
 
 RUN apk add --no-cache openssl gettext
 
-RUN delgroup ping
-RUN adduser -u 999 -g 999 -D mongo
-
 COPY install.sh /scripts/install.sh
 COPY replicaset.sh /scripts/replicaset.sh
 COPY arbiter.sh /scripts/arbiter.sh
@@ -42,8 +39,6 @@ COPY mongos.sh /scripts/mongos.sh
 COPY common.sh /scripts/common.sh
 COPY --from=builder peer-finder /scripts/peer-finder
 
-RUN chown -R mongo /scripts
-
 RUN chmod -c 755 /scripts/peer-finder \
  /scripts/install.sh \
  /scripts/arbiter.sh \

diff --git a/install.sh b/install.sh
@@ -18,9 +18,6 @@
 
 set -eo pipefail
 
-INIT_DIR="${INIT_DIR:-/scripts}"
-DEST_DIR="${DEST_DIR:-/init-scripts}"
-
 if [[ "$SSL_MODE" != "disabled" ]]; then
     # Creating client.pem file combining client crt and key
     cat /client-cert/tls.crt >/var/run/mongodb/tls/client.pem
@@ -40,23 +37,28 @@ if [[ "$SSL_MODE" != "disabled" ]]; then
     cat /server-cert/ca.crt >/var/run/mongodb/tls/ca.crt
 fi
 
-client_pem=/var/run/mongodb/tls/client.pem
-if [[ "$SSL_MODE" != "disabled" ]] && [[ -f "$client_pem" ]]; then
-    user=$(openssl x509 -in "$client_pem" -inform PEM -subject -nameopt RFC2253 -noout)
-    user=$(echo ${user#"subject="})
-    export INJECT_USER=$user
-
-    envsubst '${INJECT_USER}' <${INIT_DIR}/replicaset.sh >${DEST_DIR}/replicaset.sh
-    envsubst '${INJECT_USER}' <${INIT_DIR}/sharding.sh >${DEST_DIR}/sharding.sh
-    envsubst '${INJECT_USER}' <${INIT_DIR}/mongos.sh >${DEST_DIR}/mongos.sh
-    rm ${INIT_DIR}/replicaset.sh ${INIT_DIR}/mongos.sh ${INIT_DIR}/sharding.sh
-    chmod -c 755 ${DEST_DIR}/replicaset.sh ${DEST_DIR}/sharding.sh ${DEST_DIR}/mongos.sh
-fi
+INIT_DIR="${INIT_DIR:-/scripts}"
+DEST_DIR="${DEST_DIR:-/init-scripts}"
+#client_pem=/var/run/mongodb/tls/client.pem
 
+#if [[ "$SSL_MODE" != "disabled" ]] && [[ -f "$client_pem" ]]; then
+#    user=$(openssl x509 -in "$client_pem" -inform PEM -subject -nameopt RFC2253 -noout)
+#    user=$(echo ${user#"subject="})
+#    export INJECT_USER=$user
+#
+#    envsubst '${INJECT_USER}' <${INIT_DIR}/replicaset.sh >${DEST_DIR}/replicaset.sh
+#    envsubst '${INJECT_USER}' <${INIT_DIR}/sharding.sh >${DEST_DIR}/sharding.sh
+#    envsubst '${INJECT_USER}' <${INIT_DIR}/mongos.sh >${DEST_DIR}/mongos.sh
+#    chmod -c 755 ${DEST_DIR}/replicaset.sh ${DEST_DIR}/sharding.sh ${DEST_DIR}/mongos.sh
+#fi
+#
 if [[ -d ${INIT_DIR} ]] && [[ -d ${DEST_DIR} ]]; then
     cp -a ${INIT_DIR}/* ${DEST_DIR}
 fi
 
+echo "Scripts in destination dir : "
+ls -l ${DEST_DIR}
+
 if [ -f "/configdb-readonly/mongod.conf" ]; then
     cp /configdb-readonly/mongod.conf /data/configdb/mongod.conf
 else