diff --git a/CHANGES/417.feature b/CHANGES/417.feature new file mode 100644 index 00000000..8ff26406 --- /dev/null +++ b/CHANGES/417.feature @@ -0,0 +1 @@ +Added logic for ``PULP_DEFAULT_ADMIN_PASSWORD`` to the pulp-minimal startup scripts. diff --git a/images/Containerfile.core.base b/images/Containerfile.core.base index 4e5446a9..6957fb46 100644 --- a/images/Containerfile.core.base +++ b/images/Containerfile.core.base @@ -105,15 +105,11 @@ COPY images/assets/readyz.py /usr/bin/readyz.py COPY images/assets/route_paths.py /usr/bin/route_paths.py COPY images/assets/wait_on_postgres.py /usr/bin/wait_on_postgres.py COPY images/assets/wait_on_database_migrations.sh /usr/bin/wait_on_database_migrations.sh -COPY images/assets/pulp-common-entrypoint.sh /pulp-common-entrypoint.sh COPY images/assets/pulp-api /usr/bin/pulp-api COPY images/assets/pulp-content /usr/bin/pulp-content -COPY images/assets/pulp-resource-manager /usr/bin/pulp-resource-manager COPY images/assets/pulp-worker /usr/bin/pulp-worker # Need to precreate when running pulp as the pulp user RUN touch /var/log/galaxy_api_access.log && \ chown pulp:pulp /var/log/galaxy_api_access.log && \ chmod u+rw /var/log/galaxy_api_access.log - -ENTRYPOINT ["/pulp-common-entrypoint.sh"] diff --git a/images/assets/pulp-api b/images/assets/pulp-api index 9d165496..655d4ea5 100755 --- a/images/assets/pulp-api +++ b/images/assets/pulp-api @@ -20,14 +20,23 @@ if [ -n "${PULP_SIGNING_KEY_FINGERPRINT}" ]; then /usr/local/bin/pulpcore-manager add-signing-service "${CONTAINER_SIGNING_SERVICE}" /var/lib/pulp/scripts/container_sign.sh "${PULP_SIGNING_KEY_FINGERPRINT}" --class container:ManifestSigningService fi -ADMIN_PASSWORD_FILE=/etc/pulp/pulp-admin-password -if [[ -f "$ADMIN_PASSWORD_FILE" ]]; then - echo "pulp admin can be initialized." - PULP_ADMIN_PASSWORD=$(cat $ADMIN_PASSWORD_FILE) -fi - -if [ -n "${PULP_ADMIN_PASSWORD}" ]; then - /usr/local/bin/pulpcore-manager reset-admin-password --password "${PULP_ADMIN_PASSWORD}" +if [[ -n "$PULP_DEFAULT_ADMIN_PASSWORD" ]] +then + PASSWORD_SET=$(/usr/local/bin/pulpcore-manager shell -c "from django.contrib.auth import get_user_model; print(get_user_model().objects.filter(username=\"admin\").exists())") + if [ "$PASSWORD_SET" = "False" ] + then + /usr/local/bin/pulpcore-manager reset-admin-password --password "${PULP_DEFAULT_ADMIN_PASSWORD}" + fi +else + ADMIN_PASSWORD_FILE=/etc/pulp/pulp-admin-password + if [[ -f "$ADMIN_PASSWORD_FILE" ]]; then + echo "pulp admin can be initialized." + PULP_ADMIN_PASSWORD=$(cat $ADMIN_PASSWORD_FILE) + fi + + if [ -n "${PULP_ADMIN_PASSWORD}" ]; then + /usr/local/bin/pulpcore-manager reset-admin-password --password "${PULP_ADMIN_PASSWORD}" + fi fi set -x diff --git a/images/assets/pulp-common-entrypoint.sh b/images/assets/pulp-common-entrypoint.sh deleted file mode 100755 index 7acedda3..00000000 --- a/images/assets/pulp-common-entrypoint.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -# Prevent pip-installed /usr/local/bin/pulp-content from getting run instead of -# our /usr/bin/pulp script. -# -# We still want conatiner users to call pulp-* command names, not paths, so we -# can change our scripts' locations in the future, and call special logic in this -# script based solely on theo command name. - -if [[ "$@" = "pulp-content" || "$@" = "pulp-api" || "$@" = "pulp-worker" || "$@" = "pulp-resource-manager" ]]; then - exec "/usr/bin/$@" -else - exec "$@" -fi diff --git a/images/assets/pulp-resource-manager b/images/assets/pulp-resource-manager deleted file mode 100755 index 4470e6d9..00000000 --- a/images/assets/pulp-resource-manager +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -x - -/usr/bin/wait_on_postgres.py -/usr/bin/wait_on_database_migrations.sh - -NEW_TASKING_SYSTEM=$(python3 -c "from packaging.version import parse; from pulpcore.app.apps import PulpAppConfig; print('yes' if parse(PulpAppConfig.version) >= parse('3.13.0.dev0') else 'no')") -echo $NEW_TASKING_SYSTEM - -if [[ "$NEW_TASKING_SYSTEM" == "no" ]]; then - exec rq worker --url "redis://${REDIS_SERVICE_HOST}:${REDIS_SERVICE_PORT}" -n "resource-manager" -w "pulpcore.tasking.worker.PulpWorker" -c "pulpcore.rqconfig" -else - export PATH=/usr/local/bin:/usr/bin/ - pulpcore-worker --resource-manager -fi diff --git a/images/assets/pulp-worker b/images/assets/pulp-worker index 886baa30..f63e33b2 100755 --- a/images/assets/pulp-worker +++ b/images/assets/pulp-worker @@ -3,6 +3,5 @@ /usr/bin/wait_on_postgres.py /usr/bin/wait_on_database_migrations.sh -export PULP_SETTINGS=/etc/pulp/settings.py export PATH=/usr/local/bin:/usr/bin/ exec pulpcore-worker diff --git a/images/assets/readyz.py b/images/assets/readyz.py index 53ea4754..8372e62d 100755 --- a/images/assets/readyz.py +++ b/images/assets/readyz.py @@ -48,7 +48,7 @@ def is_content_healthy(path): The cmdline value for this PID looks like: ``` # pip installation -gunicorn: master \[pulp-{content,api,worker,resource-manager}\] +gunicorn: master \[pulp-{content,api}\] ``` OR ``` diff --git a/images/compose/compose.folders.yml b/images/compose/compose.folders.yml index 1530b890..4b16e8aa 100644 --- a/images/compose/compose.folders.yml +++ b/images/compose/compose.folders.yml @@ -51,7 +51,7 @@ services: - "./assets/certs:/etc/pulp/certs:z" - "../../pulp_storage:/var/lib/pulp:z" environment: - PULP_ADMIN_PASSWORD: password + PULP_DEFAULT_ADMIN_PASSWORD: password pulp_content: image: "pulp/pulp-minimal:latest" diff --git a/images/compose/compose.yml b/images/compose/compose.yml index 5b0a99d6..40c93161 100644 --- a/images/compose/compose.yml +++ b/images/compose/compose.yml @@ -59,7 +59,7 @@ services: - "./assets/certs:/etc/pulp/certs:z" - "pulp:/var/lib/pulp" environment: - PULP_ADMIN_PASSWORD: password + PULP_DEFAULT_ADMIN_PASSWORD: password restart: always pulp_content: diff --git a/images/pulp-minimal/stable/Containerfile.core b/images/pulp-minimal/stable/Containerfile.core index 7e510ae2..674638db 100644 --- a/images/pulp-minimal/stable/Containerfile.core +++ b/images/pulp-minimal/stable/Containerfile.core @@ -25,6 +25,10 @@ RUN pip3 install --upgrade \ pulp-ostree${PULP_OSTREE_VERSION} && \ rm -rf /root/.cache/pip +# Prevent pip-installed /usr/local/bin/pulp-content from getting run instead of +# our /usr/bin/pulp-content script. +RUN rm -r /usr/local/bin/pulp-content + USER pulp:pulp RUN PULP_STATIC_ROOT=/var/lib/operator/static/ PULP_CONTENT_ORIGIN=localhost \ /usr/local/bin/pulpcore-manager collectstatic --clear --noinput --link