From 23f580d78be61991fa64caf754fea918f0633865 Mon Sep 17 00:00:00 2001
From: Oliver Walsh <owalsh@redhat.com>
Date: Mon, 20 Feb 2023 19:54:46 +0000
Subject: [PATCH 1/2] Fix mariadb config file permissions and restart pod on
 config change

Mariadb is using default conf as the conf file is not readable by the mysql user.
Also pass the config hash as an env to the pod to ensure it is recreated when
the config changes.
---
 controllers/mariadb_controller.go      | 10 ++++++++++
 templates/mariadb/bin/config.json      |  2 +-
 templates/mariadb/bin/galera.cnf       |  2 +-
 templates/mariadb/bin/init_config.json |  2 +-
 4 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/controllers/mariadb_controller.go b/controllers/mariadb_controller.go
index 34633cdf..eb67f389 100644
--- a/controllers/mariadb_controller.go
+++ b/controllers/mariadb_controller.go
@@ -295,6 +295,16 @@ func (r *MariaDBReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
 
 	op, err = controllerutil.CreateOrPatch(ctx, r.Client, pod, func() error {
 		pod.Spec.Containers[0].Image = instance.Spec.ContainerImage
+		pod.Spec.Containers[0].Env = []corev1.EnvVar{
+			{
+				Name:  "KOLLA_CONFIG_STRATEGY",
+				Value: "COPY_ALWAYS",
+			},
+			{
+				Name:  "CONFIG_HASH",
+				Value: configHash,
+			},
+		}
 		err := controllerutil.SetControllerReference(instance, pod, r.Scheme)
 		if err != nil {
 			return err
diff --git a/templates/mariadb/bin/config.json b/templates/mariadb/bin/config.json
index b6890bc0..a1e8478b 100644
--- a/templates/mariadb/bin/config.json
+++ b/templates/mariadb/bin/config.json
@@ -4,7 +4,7 @@
         {
             "source": "/var/lib/config-data/galera.cnf",
             "dest": "/etc/my.cnf.d/galera.cnf",
-            "owner": "root",
+            "owner": "mysql",
             "perm": "0600"
         }
     ]
diff --git a/templates/mariadb/bin/galera.cnf b/templates/mariadb/bin/galera.cnf
index 4bcea888..373a2cde 100644
--- a/templates/mariadb/bin/galera.cnf
+++ b/templates/mariadb/bin/galera.cnf
@@ -7,7 +7,7 @@ key_buffer_size = 16M
 
 [mysqld]
 basedir = /usr
-bind-address = 127.0.0.1
+bind-address = *
 datadir = /var/lib/mysql
 expire_logs_days = 10
 innodb_file_per_table = ON
diff --git a/templates/mariadb/bin/init_config.json b/templates/mariadb/bin/init_config.json
index 351a4fe4..89485e2a 100644
--- a/templates/mariadb/bin/init_config.json
+++ b/templates/mariadb/bin/init_config.json
@@ -4,7 +4,7 @@
         {
             "source": "/var/lib/config-data/galera.cnf",
             "dest": "/etc/my.cnf.d/galera.cnf",
-            "owner": "root",
+            "owner": "mysql",
             "perm": "0600"
         },
         {

From 70a2d67b75b3ac13f3afff1d0b9410a82b837380 Mon Sep 17 00:00:00 2001
From: Oliver Walsh <owalsh@redhat.com>
Date: Mon, 20 Feb 2023 20:10:30 +0000
Subject: [PATCH 2/2] Add patch verb to rbac rules

CreateOrUpdate was used initially, now using CreateOrPatch
---
 controllers/mariadb_controller.go | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/controllers/mariadb_controller.go b/controllers/mariadb_controller.go
index eb67f389..a45a4971 100644
--- a/controllers/mariadb_controller.go
+++ b/controllers/mariadb_controller.go
@@ -72,13 +72,13 @@ type MariaDBReconciler struct {
 
 // +kubebuilder:rbac:groups=mariadb.openstack.org,resources=mariadbs,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=mariadb.openstack.org,resources=mariadbs/status,verbs=get;update;patch
-// +kubebuilder:rbac:groups=mariadb.openstack.org,resources=mariadbs/finalizers,verbs=update
-// +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;delete;
-// +kubebuilder:rbac:groups=core,resources=endpoints,verbs=get;list;watch;create;update;delete;
-// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch;create;update;delete;
-// +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list;watch;create;update;delete;
-// +kubebuilder:rbac:groups=core,resources=persistentvolumeclaims,verbs=get;list;watch;create;update;delete;
-// +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;watch;create;update;delete;
+// +kubebuilder:rbac:groups=mariadb.openstack.org,resources=mariadbs/finalizers,verbs=update;patch
+// +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;delete;patch
+// +kubebuilder:rbac:groups=core,resources=endpoints,verbs=get;list;watch;create;update;delete;patch
+// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch;create;update;delete;patch
+// +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list;watch;create;update;delete;patch
+// +kubebuilder:rbac:groups=core,resources=persistentvolumeclaims,verbs=get;list;watch;create;update;delete;patch
+// +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;watch;create;update;delete;patch
 
 // Reconcile reconcile mariadb API requests
 func (r *MariaDBReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {