public_git
/
bitnami-containers
mirror of https://github.com/bitnami/containers.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[bitnami/mongodb] Release 7.0.7-debian-12-r1 (#64418) 

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
This commit is contained in:
Bitnami Bot 2024-03-31 21:00:08 +02:00 committed by GitHub
parent 3034890423
commit 78dbfb179c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 84 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
bitnami/mongodb/7.0/debian-12/Dockerfile
View File

@ -7,10 +7,10 @@ ARG TARGETARCH
LABEL com.vmware.cp.artifact.flavor="sha256:c50c90cfd9d12b445b011e6ad529f1ad3daea45c26d20b00732fae3cd71f6a83" \
org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \
org.opencontainers.image.created="2024-03-18T18:51:10Z" \
org.opencontainers.image.created="2024-03-31T18:08:27Z" \
org.opencontainers.image.description="Application packaged by VMware, Inc" \
org.opencontainers.image.licenses="Apache-2.0" \
org.opencontainers.image.ref.name="7.0.7-debian-12-r0" \
org.opencontainers.image.ref.name="7.0.7-debian-12-r1" \
org.opencontainers.image.title="mongodb" \
org.opencontainers.image.vendor="VMware, Inc." \
org.opencontainers.image.version="7.0.7"
@ -26,10 +26,10 @@ SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"]
RUN install_packages ca-certificates curl libbrotli1 libcom-err2 libcurl4 libffi8 libgcc-s1 libgmp10 libgnutls30 libgssapi-krb5-2 libhogweed6 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.5-0 liblzma5 libnettle8 libnghttp2-14 libp11-kit0 libpsl5 librtmp1 libsasl2-2 libssh2-1 libssl3 libtasn1-6 libunistring2 libzstd1 numactl procps zlib1g
RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \
COMPONENTS=( \
"yq-4.42.1-1-linux-${OS_ARCH}-debian-12" \
"yq-4.43.1-0-linux-${OS_ARCH}-debian-12" \
"wait-for-port-1.0.7-10-linux-${OS_ARCH}-debian-12" \
"render-template-1.0.6-10-linux-${OS_ARCH}-debian-12" \
"mongodb-shell-2.2.0-0-linux-${OS_ARCH}-debian-12" \
"mongodb-shell-2.2.2-0-linux-${OS_ARCH}-debian-12" \
"mongodb-7.0.7-0-linux-${OS_ARCH}-debian-12" \
) ; \
for COMPONENT in "${COMPONENTS[@]}"; do \

4
bitnami/mongodb/7.0/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json
View File

@ -9,7 +9,7 @@
"arch": "amd64",
"distro": "debian-12",
"type": "NAMI",
"version": "2.2.0-0"
"version": "2.2.2-0"
},
"render-template": {
"arch": "amd64",
@ -27,6 +27,6 @@
"arch": "amd64",
"distro": "debian-12",
"type": "NAMI",
"version": "4.42.1-1"
"version": "4.43.1-0"
}
}

42
bitnami/mongodb/7.0/debian-12/rootfs/opt/bitnami/scripts/libmongodb.sh
View File

@ -604,10 +604,12 @@ mongodb_set_auth_conf() {
local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}"
local authorization
local localhostBypass
if ! mongodb_is_file_external "$conf_file_name"; then
localhostBypass="$(mongodb_conf_get "setParameter.enableLocalhostAuthBypass")"
authorization="$(mongodb_conf_get "security.authorization")"
if is_boolean_yes "$MONGODB_DISABLE_ENFORCE_AUTH"; then
if [[ -n "$MONGODB_ROOT_PASSWORD" ]] || [[ -n "$MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD" ]] || [[ -n "$MONGODB_PASSWORD" ]]; then
authorization="$(yq eval .security.authorization "$MONGODB_CONF_FILE")"
if [[ "$authorization" = "disabled" ]]; then
info "Enabling authentication..."
@ -617,7 +619,27 @@ mongodb_set_auth_conf() {
fi
fi
else
debug "$conf_file_name mounted. Skipping authorization enabling"
warn "You have set MONGODB_DISABLE_ENFORCE_AUTH=true, settings enableLocalhostAuthBypass and security.authorization will remain with values '${localhostBypass}' and '${authorization}' respectively."
fi
}
########################
# Read a configuration setting value
# Globals:
# MONGODB_CONF_FILE
# Arguments:
# $1 - key
# Returns:
# Outputs the key to stdout (Empty response if key is not set)
#########################
mongodb_conf_get() {
local key="${1:?missing key}"
if [[ -r "$MONGODB_CONF_FILE" ]]; then
local -r res="$(yq eval ".${key}" "$MONGODB_CONF_FILE")"
if [[ ! "$res" = "null" ]]; then
echo "$res"
fi
fi
}
@ -1393,6 +1415,8 @@ configure_permissions() {
# None
#########################
mongodb_initialize() {
local localhostBypass
local authorization
info "Initializing MongoDB..."
rm -f "$MONGODB_PID_FILE"
@ -1417,7 +1441,15 @@ mongodb_initialize() {
am_i_root && chown -R "$MONGODB_DAEMON_USER" "$MONGODB_DATA_DIR/db"
mongodb_start_bg "$MONGODB_CONF_FILE"
mongodb_create_users
localhostBypass="$(mongodb_conf_get "setParameter.enableLocalhostAuthBypass")"
authorization="$(mongodb_conf_get "security.authorization")"
if [[ "$localhostBypass" != "true" && "$authorization" == "enabled" ]]; then
warn "Your mongodb.conf has authentication enforced, users creation will be skipped. If you'd like automatic user creation, you can disable it and it will be enabled after user creation."
else
mongodb_create_users
mongodb_set_auth_conf "$MONGODB_CONF_FILE"
fi
if [[ -n "$MONGODB_REPLICA_SET_MODE" ]]; then
mongodb_set_replicasetmode_conf "$MONGODB_CONF_FILE"
mongodb_set_listen_all_conf "$MONGODB_CONF_FILE"
@ -1435,8 +1467,6 @@ mongodb_initialize() {
mongodb_set_replicasetmode_conf "$MONGODB_CONF_FILE"
fi
fi
mongodb_set_auth_conf "$MONGODB_CONF_FILE"
}
########################

2
bitnami/mongodb/7.0/debian-12/rootfs/opt/bitnami/scripts/mongodb-env.sh
View File

@ -61,6 +61,7 @@ mongodb_env_vars=(
MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD
MONGODB_INITIAL_PRIMARY_ROOT_USER
MONGODB_SET_SECONDARY_OK
MONGODB_DISABLE_ENFORCE_AUTH
MONGODB_CLIENT_EXTRA_FLAGS
MONGODB_PRIMARY_HOST
MONGODB_PRIMARY_PORT_NUMBER
@ -160,5 +161,6 @@ export MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD="${MONGODB_INITIAL_PRIMARY_ROOT_PAS
MONGODB_INITIAL_PRIMARY_ROOT_USER="${MONGODB_INITIAL_PRIMARY_ROOT_USER:-"${MONGODB_PRIMARY_ROOT_USER:-}"}"
export MONGODB_INITIAL_PRIMARY_ROOT_USER="${MONGODB_INITIAL_PRIMARY_ROOT_USER:-root}"
export MONGODB_SET_SECONDARY_OK="${MONGODB_SET_SECONDARY_OK:-no}"
export MONGODB_DISABLE_ENFORCE_AUTH="${MONGODB_DISABLE_ENFORCE_AUTH:-false}"
# Custom environment variables may be defined below

57
bitnami/mongodb/README.md
View File

@ -166,23 +166,46 @@ docker-compose up -d
#### Customizable environment variables
| Name | Description | Default Value |
|----------------------------------------|-----------------------------------------------------------------------------------------------|-------------------------------------|
| `MONGODB_MOUNTED_CONF_DIR` | Directory for including custom configuration files (that override the default generated ones) | `${MONGODB_VOLUME_DIR}/conf` |
| `MONGODB_INIT_RETRY_ATTEMPTS` | Maximum retries for checking the service initialization status | `7` |
| `MONGODB_INIT_RETRY_DELAY` | Time (in seconds) to wait between retries for checking the service initialization status | `5` |
| `MONGODB_PORT_NUMBER` | MongoDB port | `$MONGODB_DEFAULT_PORT_NUMBER` |
| `MONGODB_ENABLE_MAJORITY_READ` | Enable majority read in MongoDB operations | `true` |
| `MONGODB_DEFAULT_ENABLE_MAJORITY_READ` | Enable majority read in MongoDB operations set at build time | `true` |
| `MONGODB_ENABLE_NUMACTL` | Execute commands using numactl | `false` |
| `MONGODB_ADVERTISE_IP` | Whether advertised hostname is set to container ip | `false` |
| `MONGODB_DISABLE_JAVASCRIPT` | Disable MongoDB server-side javascript execution | `no` |
| `MONGODB_ROOT_USER` | User name for the MongoDB root user | `root` |
| `ALLOW_EMPTY_PASSWORD` | Permit accessing MongoDB without setting any password | `no` |
| `MONGODB_REPLICA_SET_NAME` | Name of the MongoDB replica set | `$MONGODB_DEFAULT_REPLICA_SET_NAME` |
| `MONGODB_INITIAL_PRIMARY_PORT_NUMBER` | Port of the replica set primary node (necessary for arbiter and secondary nodes) | `27017` |
| `MONGODB_INITIAL_PRIMARY_ROOT_USER` | Primary node root username (necessary for arbiter and secondary nodes) | `root` |
| `MONGODB_SET_SECONDARY_OK` | Mark node as readable. Necessary for cases where the PVC is lost | `no` |
| Name | Description | Default Value |
|-----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------|
| `MONGODB_MOUNTED_CONF_DIR` | Directory for including custom configuration files (that override the default generated ones) | `${MONGODB_VOLUME_DIR}/conf` |
| `MONGODB_INIT_RETRY_ATTEMPTS` | Maximum retries for checking the service initialization status | `7` |
| `MONGODB_INIT_RETRY_DELAY` | Time (in seconds) to wait between retries for checking the service initialization status | `5` |
| `MONGODB_PORT_NUMBER` | MongoDB port | `$MONGODB_DEFAULT_PORT_NUMBER` |
| `MONGODB_ENABLE_MAJORITY_READ` | Enable majority read in MongoDB operations | `true` |
| `MONGODB_DEFAULT_ENABLE_MAJORITY_READ` | Enable majority read in MongoDB operations set at build time | `true` |
| `MONGODB_EXTRA_FLAGS` | Extra flags for MongoDB initialization | `nil` |
| `MONGODB_ENABLE_NUMACTL` | Execute commands using numactl | `false` |
| `MONGODB_SHELL_EXTRA_FLAGS` | Extra flags when using the mongodb client during initialization (useful when mounting init scripts) | `nil` |
| `MONGODB_ADVERTISED_HOSTNAME` | Hostname to use for advertising the MongoDB service | `nil` |
| `MONGODB_ADVERTISE_IP` | Whether advertised hostname is set to container ip | `false` |
| `MONGODB_ADVERTISED_PORT_NUMBER` | MongoDB advertised port number. It is recommended to pass this environment variable if you have a proxy port forwarding requests to container. | `nil` |
| `MONGODB_DISABLE_JAVASCRIPT` | Disable MongoDB server-side javascript execution | `no` |
| `MONGODB_ENABLE_JOURNAL` | Enable MongoDB journal | `nil` |
| `MONGODB_DISABLE_SYSTEM_LOG` | Disable MongoDB daemon system log | `nil` |
| `MONGODB_ENABLE_DIRECTORY_PER_DB` | Use a separate folder for storing each database data | `nil` |
| `MONGODB_ENABLE_IPV6` | Use IPv6 for database connections | `nil` |
| `MONGODB_SYSTEM_LOG_VERBOSITY` | MongoDB daemon log level | `nil` |
| `MONGODB_ROOT_USER` | User name for the MongoDB root user | `root` |
| `MONGODB_ROOT_PASSWORD` | Password for the MongoDB root user | `nil` |
| `MONGODB_USERNAME` | User to generate at initialization time | `nil` |
| `MONGODB_PASSWORD` | Password for the non-root user specified in MONGODB_USERNAME | `nil` |
| `MONGODB_DATABASE` | Name of the database to create at initialization time | `nil` |
| `MONGODB_METRICS_USERNAME` | User used for metrics collection, for example with mongodb_exporter | `nil` |
| `MONGODB_METRICS_PASSWORD` | Password for the non-root user specified in MONGODB_METRICS_USERNAME | `nil` |
| `MONGODB_EXTRA_USERNAMES` | Comma or semicolon separated list of extra users to be created. | `nil` |
| `MONGODB_EXTRA_PASSWORDS` | Comma or semicolon separated list of passwords for the users specified in MONGODB_EXTRA_USERNAMES. | `nil` |
| `MONGODB_EXTRA_DATABASES` | Comma or semicolon separated list of databases to create at initialization time for the users specified in MONGODB_EXTRA_USERNAMES. | `nil` |
| `ALLOW_EMPTY_PASSWORD` | Permit accessing MongoDB without setting any password | `no` |
| `MONGODB_REPLICA_SET_MODE` | MongoDB replica set mode. Can be one of primary, secondary or arbiter | `nil` |
| `MONGODB_REPLICA_SET_NAME` | Name of the MongoDB replica set | `$MONGODB_DEFAULT_REPLICA_SET_NAME` |
| `MONGODB_REPLICA_SET_KEY` | MongoDB replica set key | `nil` |
| `MONGODB_INITIAL_PRIMARY_HOST` | Hostname of the replica set primary node (necessary for arbiter and secondary nodes) | `nil` |
| `MONGODB_INITIAL_PRIMARY_PORT_NUMBER` | Port of the replica set primary node (necessary for arbiter and secondary nodes) | `27017` |
| `MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD` | Primary node root user password (necessary for arbiter and secondary nodes) | `nil` |
| `MONGODB_INITIAL_PRIMARY_ROOT_USER` | Primary node root username (necessary for arbiter and secondary nodes) | `root` |
| `MONGODB_SET_SECONDARY_OK` | Mark node as readable. Necessary for cases where the PVC is lost | `no` |
| `MONGODB_DISABLE_ENFORCE_AUTH` | By default, MongoDB authentication will be enforced. If set to true, MongoDB will not enforce authentication | `false` |
#### Read-only environment variables