Updates for UBI8 and switch to hardening_manifest.

4981b725 · jonathan.janos@mongodb.com · 81e37a90 · 4981b725 · 81e37a90 · 4981b725
Commit 4981b725 authored Feb 20, 2021 by jonathan.janos@mongodb.com
6 changed files
--- a/Dockerfile
+++ b/Dockerfile
-# Dockerfile for Ops Manager init container.
-
+#
+# Dockerfile for Init Ops Manager Image.
+#
 ARG BASE_REGISTRY=registry1.dsop.io
-ARG BASE_IMAGE=redhat/ubi/ubi7
-ARG BASE_TAG=7.8
-
-ARG VERSION=1.0.0
+ARG BASE_IMAGE=redhat/ubi/ubi8
+ARG BASE_TAG=8.3

-FROM quay.io/mongodb/mongodb-enterprise-init-ops-manager:${VERSION} as official
+ARG OFFICIAL_VERSION=1.0.0
+FROM quay.io/mongodb/mongodb-enterprise-init-ops-manager-ubi:${OFFICIAL_VERSION} as official

 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}

+ARG VERSION

 LABEL name="MongoDB Enterprise Ops Manager Init" \
      maintainer="support@mongodb.com" \
@@ -19,11 +20,13 @@ LABEL name="MongoDB Enterprise Ops Manager Init" \
      summary="MongoDB Enterprise Ops Manager Init Image" \
      description="Startup Scripts for MongoDB Enterprise Ops Manager"

-COPY --from=official /scripts/mmsconfiguration /scripts/
+COPY --from=official /scripts/ /scripts/
 COPY --from=official /licenses/mongodb-enterprise-ops-manager /licenses/
-COPY ./scripts/docker-entry-point.sh /scripts/
+
+COPY LICENSE /licenses/mongodb-enterprise-ops-manager

 USER 2000
+
 ENTRYPOINT [ "/bin/cp", "-f", "/scripts/docker-entry-point.sh", "/scripts/mmsconfiguration", "/opt/scripts/" ]

 HEALTHCHECK --timeout=30s CMD ls /scripts/docker-entry-point.sh || exit 1

--- a/Jenkinsfile
+++ b/Jenkinsfile
-@Library('DCCSCR@master') _
-dccscrPipeline(version: "1.0.1")
-
--- a/README.md
+++ b/README.md
 # Before You Begin #

-**PRIOR TO UTILIZING THE MONGODB ENTERPRISE ADVANCED CONTAINER, CONTACT YOUR MONGODB SALES REPRESENTATIVE.**  YOUR USE OF THE MONGODB ENTERPRISE SERVER IS SUBJECT TO THE TERMS AND CONDITIONS OF THE AGREEMENT BETWEEN USAF AND THE APPLICABLE RESELLER OF THE MONGODB ENTERPRISE SERVER.  SUCH AGREEMENT INCORPORATES THE TERMS & CONDITIONS OF THE MONGODB ENTERPRISE ADVANCED LICENSE AGREEMENT, THE VERSION OF WHICH CURRENT AS OF SEPTEMBER 2020 IS SET FORTH BELOW.  THE MONGODB ENTERPRISE ADVANCED LICENSE AGREEMENT IS SUBJECT TO AMENDMENT AND MODIFICATION FROM TIME TO TIME. 
+**PRIOR TO UTILIZING THE MONGODB ENTERPRISE ADVANCED CONTAINERS, CONTACT YOUR MONGODB SALES REPRESENTATIVE.**  YOUR USE OF THE MONGODB ENTERPRISE SERVER IS SUBJECT TO THE TERMS AND CONDITIONS OF THE AGREEMENT BETWEEN USAF AND THE APPLICABLE RESELLER OF THE MONGODB ENTERPRISE SERVER.  SUCH AGREEMENT INCORPORATES THE TERMS & CONDITIONS OF THE MONGODB ENTERPRISE ADVANCED LICENSE AGREEMENT, THE VERSION OF WHICH CURRENT AS OF SEPTEMBER 2020 IS SET FORTH BELOW.  THE MONGODB ENTERPRISE ADVANCED LICENSE AGREEMENT IS SUBJECT TO AMENDMENT AND MODIFICATION FROM TIME TO TIME. 


 # Contact Information #

 For licensing and technical information, please use the following contact information:

-Anton Hoffman, EAE USAF  
-781-996-8860  
-anton.hoffman@mongodb.com  
+Keegan Wetzel, EAE USAF  
+708-256-7904  
+keegan.wetzel@mongodb.com  
 Please also CC: publicsector@mongodb.com



-# MongoDB Enterprise Ops Manager - Init Container #
+# MongoDB Enterprise Kubernetes Operator #

-Init container for MongoDB Enterprise Ops Manager. This container image is used exclusively by the MongoDB Enterprise Kubernetes Operator to deploy MongoDB Ops Manager to Kubernetes or OpenShift clusters.
+The Mongo DB Enterprise Kubernetes Operator provides the necessary functionality to provision and manage MongoDB database deployments through Kubernetes and OpenShift. Supported deployment types include replica sets, sharded clusters, and standalone MongoDB instances. You provide the Operator with the specifications for your MongoDB clusters. The Operator uses this information to tell Kubernetes how to configure the clusters, including provisioning storage, setting up the network connections, and configuring other resources.
+
+The MongoDB Enterprise Kubernetes Operator works in conjunction with MongoDB Ops Manager, which must itself be deployed to the Kubernetes cluster or stood up separately. In addition to providing the necessary automation services, Ops Manager provides additional management capabilities such as metrics, monitoring, alerting, backups, performance optimization, and more.
+
+For more information about the MongoDB Enterprise Kubernetes Operator, please visit <https://docs.mongodb.com/kubernetes-operator>.

 For more information about MongoDB Ops Manager, please visit <https://www.mongodb.com/products/ops-manager>.

 Information about MongoDB can be found at <https://www.mongodb.com>.

-## Documentation ##

-Documentation for MongoDB Ops Manager is available at <https://docs.opsmanager.mongodb.com/current/>.
+# Documentation #
+
+[MongoDB - Documentation Home Page](https://docs.mongodb.com/)
+
+[MongoDB Enterprise Kubernetes Operator](https://docs.mongodb.com/kubernetes-operator/master/)

-Documentation for the MongoDB Enterprise Kubernetes Operator is available at <https://docs.mongodb.com/kubernetes-operator>.
+[MongoDB Ops Manager](https://docs.opsmanager.mongodb.com/current/)

--- a/download.json
+++ b/download.json
-{
-  "resources": [
-    {
-      "url": "docker://quay.io/mongodb/mongodb-enterprise-init-ops-manager@sha256:3577d0279a4a6fa409374d5a11a986ea93bf015a998fffe8a78de4d78c3e6b0d",
-      "tag": "quay.io/mongodb/mongodb-enterprise-init-ops-manager:1.0.0"
-    }
-  ]
-}
-
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
+---
+apiVersion: v1
+
+# The repository name in registry1, excluding /ironbank/
+name: "mongodb/mongodb-enterprise/mongodb-ops-manager-init"
+
+# List of tags to push for the repository in registry1
+# The most specific version should be the first tag and will be shown
+# on ironbank.dsop.io
+tags:
+- "1.0.0"
+- "latest"
+
+# Build args passed to Dockerfile ARGs
+args:
+  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_TAG: "8.3"
+
+# Docker image labels
+labels:
+  org.opencontainers.image.title: "mongodb-ops-manager-init"
+  ## Human-readable description of the software packaged in the image
+  org.opencontainers.image.description: "Ops Manager init container, used in conjunction with MongoDB Enterprise Kubernetes Operator"
+  ## License(s) under which contained software is distributed
+  org.opencontainers.image.licenses: "license"
+  ## URL to find more information on the image
+  org.opencontainers.image.url: "https://docs.mongodb.com/kubernetes-operator/stable/"
+  ## Name of the distributing entity, organization or individual
+  org.opencontainers.image.vendor: "MongoDB"
+  org.opencontainers.image.version: "1.0.0"
+  ## Keywords to help with search (ex. "cicd,gitops,golang")
+  mil.dso.ironbank.image.keywords: "mongodb,nosql,json,database"
+  ## This value can be "opensource" or "commercial"
+  mil.dso.ironbank.image.type: "commercial"
+  ## Product the image belongs to for grouping multiple images
+  mil.dso.ironbank.product.name: "mongodb-enterprise"
+
+# List of resources to make available to the offline build context
+resources:
+- tag: quay.io/mongodb/mongodb-enterprise-init-ops-manager-ubi:1.0.0
+  url: docker://quay.io/mongodb/mongodb-enterprise-init-ops-manager-ubi@sha256:7305f2143e9c15d4a98c068f1c35a2392947809bb67ef686dca9222fa5b2638f
+
+# List of project maintainers
+maintainers:
+- email: "jonathan.janos@mongodb.com"
+  # The name of the current container owner
+  name: "Jonathan Janos"
+  # The gitlab username of the current container owner
+  username: "jonathan.janos"
+- email: "klepal_alexander@bah.com"
+  name: "Alexander Klepal"
+  username: "alexander.klepal"
+  cht_member: true
+
+
--- a/scripts/docker-entry-point.sh
+++ b/scripts/docker-entry-point.sh
-#!/usr/bin/env bash
-
-set -euo pipefail
-
-# the function reacting on SIGTERM command sent by the container on its shutdown. Redirects the signal
-# to the child process ("tail" in this case)
-cleanup () {
-    echo "Caught SIGTERM signal."
-    kill -TERM "$child"
-}
-
-# we need to change the Home directory for current bash so that the gen key was found correctly
-# (the key is searched in "${HOME}/.mongodb-mms/gen.key")
-HOME=${MMS_HOME}
-
-# Execute script that updates properties and conf file used to start ops manager
-echo "Updating configuration properties file ${MMS_PROP_FILE} and conf file ${MMS_CONF_FILE}"
-/opt/scripts/mmsconfiguration ${MMS_CONF_FILE} ${MMS_PROP_FILE}
-
-if [[ -z ${BACKUP_DAEMON+x} ]]; then
-    echo "Starting Ops Manager"
-    ${MMS_HOME}/bin/mongodb-mms start_mms || {
-      echo "Startup of Ops Manager failed with code $?"
-      if [[ -f ${MMS_LOG_DIR}/mms0-startup.log ]]; then
-        echo
-        echo "mms0-startup.log:"
-        echo
-        cat "${MMS_LOG_DIR}/mms0-startup.log"
-      fi
-      if [[ -f ${MMS_LOG_DIR}/mms0.log ]]; then
-        echo
-        echo "mms0.log:"
-        echo
-        cat "${MMS_LOG_DIR}/mms0.log"
-      fi
-      if [[ -f ${MMS_LOG_DIR}/mms-migration.log ]]; then
-        echo
-        echo "mms-migration.log"
-        echo
-        cat "${MMS_LOG_DIR}/mms-migration.log"
-      fi
-      exit 1
-    }
-
-    trap cleanup SIGTERM
-    tail -F -n 1000 "${MMS_LOG_DIR}/mms0.log" "${MMS_LOG_DIR}/mms0-startup.log" "${MMS_LOG_DIR}/mms-migration.log" &
-else
-    echo "Starting Ops Manager Backup Daemon"
-    ${MMS_HOME}/bin/mongodb-mms start_backup_daemon
-    trap cleanup SIGTERM
-
-    tail -F "${MMS_LOG_DIR}/daemon.log" &
-fi
-
-child=$!
-wait "$child"