에어 갭이 적용된 Google Distributed Cloud에서 Oracle 이미지 배포

에어갭 GDC용 데이터베이스 서비스는 Oracle 데이터베이스를 관리할 수 있지만 Oracle 소프트웨어 또는 라이선스는 서비스와 함께 배포되지 않습니다. 사용자는 Oracle 소프트웨어를 사용할 수 있는 라이선스를 보유하고 있는지 확인해야 합니다. 서비스와 함께 사용할 소프트웨어를 제공하고 업로드해야 합니다.

다음 작업을 수행할 수 있습니다.

  • Oracle 데이터베이스 바이너리를 다운로드합니다.
  • Oracle 데이터베이스 컨테이너 이미지를 빌드합니다.
  • 데이터베이스 컨테이너 이미지를 Harbor 컨테이너 레지스트리에 업로드합니다.

이 페이지의 작업을 수행하려면 유효한 Oracle Database 라이선스가 필요합니다.

데이터베이스 서비스에서 지원하는 Oracle 데이터베이스 버전 확인

계속하기 전에 다음 명령어를 사용하여 데이터베이스 서비스에서 지원하는 데이터베이스 버전을 확인합니다. 관리 조직 클러스터에서 다음 명령어를 실행합니다.

kubectl get SoftwareLibrary -o=jsonpath='{.items[0].databaseEngines[?(@.name=="Oracle")]}.databaseVersions'

다음과 유사한 결과가 출력됩니다.

[{
  "edition":"enterprise",
  "isDisabled":false,
  "majorVersion":"19",
  "minorVersion":"10.0.0.0",
  "versionDisplayName":"Oracle 19.10.0.0.0"
}]

이 출력은 데이터베이스 서비스가 주 버전이 19이고 부 버전이 10.0.0.0이며 에디션이 Enterprise인 Oracle 데이터베이스 이미지에서 새 데이터베이스 클러스터를 생성하는 것을 지원한다는 의미입니다.

Oracle 바이너리 다운로드

Oracle 웹사이트에서 Oracle 바이너리를 다운로드합니다. 이 작업을 수행하려면 유효한 Oracle 라이선스가 필요합니다. Oracle 웹사이트에서 다운로드할 소프트웨어는 다음 세 가지입니다.

  • Oracle 데이터베이스 바이너리입니다.
  • 최근 패치 세트 업데이트 (PSU)
  • 사용 가능한 최신 OPatch입니다.

예를 들어 Oracle Database 19.3.0.0.0 Enterprise의 바이너리는 다음과 같습니다.

  • Linux x86-64용 Oracle Database 19c (19.3.0.0.0)(Enterprise Edition) Oracle eDelivery Cloud(https://edelivery.oracle.com/)에서 이 바이너리를 다운로드합니다. 다운로드 페이지의 목록에서 패키지 다운로드를 선택하고 검색 필드에 Oracle Database 19 Enterprise Edition를 입력한 다음 검색을 클릭합니다.

  • 패치 세트 업데이트 (PSU) 2021년 4월 PSU를 확인하세요(https://support.oracle.com/epmos/faces/PatchDetail?patchId=32545013&languageId=0&platformId=226&patch_name=32545013&releaseId=600000000018520&_adf.ctrl-state=7pbau4y2d_4&_afrLoop=470976018798075). 나중에 이미지를 빌드할 때 사용할 패치 버전(이 예에서는 32545013)을 기록해 둡니다.

    버전, 패치 날짜, 플랫폼, 크기 등 패치 세부정보가 표시된 패치 및 업데이트 탭

  • 사용 가능한 최신 OPatch: https://updates.oracle.com/download/6880880.html 다음 다운로드 매개변수를 선택합니다.

    1. Select a Release 목록에서 OPatch 19.0.0.0.0을 선택합니다.
    2. 플랫폼 또는 언어 목록에서 Linux x86_64를 선택합니다.

    패치 설명, 날짜, 크기를 보여주는 Oracle OPatch 페이지

Oracle 데이터베이스 컨테이너 이미지 빌드

다음 단계를 진행하기 전에 Docker가 설치되어 있어야 합니다. Linux 시스템에서 이 단계를 실행해야 합니다.

  1. 이전 단계에서 다운로드한 바이너리를 포함하는 디렉터리를 만듭니다. 사용자 환경에서 PATH_TO_IMAGE_BUILD 변수를 설정합니다.

    export PATH_TO_IMAGE_BUILD=PATH
    

    PATH를 Oracle 바이너리가 포함된 디렉터리의 전체 경로로 바꿉니다.

  2. 이 문서의 부록에서 이미지 빌드 스크립트를 PATH_TO_IMAGE_BUILD 디렉터리로 복사합니다.

  3. 앞서 다운로드한 Oracle 바이너리를 빌드 스크립트가 있는 PATH_TO_IMAGE_BUILD 디렉터리에 복사합니다. PATH_TO_IMAGE_BUILD 디렉터리에 올바른 파일이 포함되어 있는지 확인합니다.

    ls -1X
    Dockerfile
    README.md
    image_build.sh
    install-oracle-18c-xe.sh
    install-oracle.sh
    ora12-config.sh
    ora19-config.sh
    oracle-preinstall.sh
    cloudbuild.yaml
    p32545013_190000_Linux-x86-64.zip
    p6880880_200000_Linux-x86-64.zip
    
  4. 이미지 생성 스크립트를 실행합니다.

    cd $PATH_TO_IMAGE_BUILD
    chmod +x ./image_build.sh
    
    ./image_build.sh --local_build=true --db_version=19.3 --patch_version=32545013 \
    --create_cdb=true --cdb_name=GCLOUD --mem_pct=45 --no_dry_run --project_id=local-build
    

    스크립트를 실행하는 데 약 40분이 소요됩니다.

    스크립트는 컨테이너 데이터베이스 (CDB)가 포함된 시드 이미지를 만듭니다. 데이터베이스 서비스는 프로비저닝 시간을 크게 줄이므로 Oracle 이미지를 시드해야 합니다.

  5. 다음 명령어를 사용하여 컨테이너화된 데이터베이스 이미지를 성공적으로 만들었는지 확인합니다.

    docker images
    

    이미지를 나열하는 다음과 비슷한 출력이 표시됩니다.

    REPOSITORY
    gcr.io/local-build/oracle-database-images/oracle-19.3-ee-seeded-GCLOUD
    
    TAG       IMAGE ID       CREATED       SIZE
    latest    c18d81c3cf6e   3 hours ago   13.5GB
    
  6. 이전 단계의 출력에서 이미지 이름과 태그를 사용하여 빌드된 이미지를 tar 파일에 저장합니다.

    docker save <image name>:<tag name> | gzip > gdch_db_oracle_image.tar.gz
    

Harbor 레지스트리에 이미지 업로드

  1. 프로젝트에서 스토리지 버킷을 설정하고 여기에 tar 파일을 업로드합니다.

  2. 인프라 운영자에게 Artifact Registry에 이미지 업로드를 요청하는 티켓을 만듭니다. 티켓에 다음 정보를 포함합니다.

    데이터베이스 서비스용 Oracle 이미지를 업로드하도록 요청합니다.

    • 조직 이름: <organization name>
    • 파일 위치:
      • 프로젝트 이름: <name of project owning the bucket>
      • 버킷 이름: <name of the bucket>
      • 경로: <gdch_db_oracle_image.tar.gz>
    • 이미지 위치:
      • 이미지 이름: gpc-system-container-images/ods-database-images/oracle.db.anthosapis.com/oracle-enterprise
      • 이미지 태그: majorVersion-minorVersion
  3. 티켓이 해결되면 Oracle을 데이터베이스 엔진으로 사용할 수 있습니다.

다음 단계

데이터베이스 엔진 유형 선택 및 데이터베이스 클러스터 만들기

부록: 이미지 빌드 스크립트

이 섹션에는 Oracle 데이터베이스 컨테이너 이미지 빌드에 참조된 이미지 빌드 스크립트가 포함되어 있습니다.

Dockerfile

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Base image can be either RHEL8 UBI or OEL8 slim
# BASE_IMAGE=registry.access.redhat.com/ubi8/ubi
# ARG BASE_IMAGE=oraclelinux:8-slim
# Oracle 8 does not support 12c.
# ARG BASE_IMAGE=oraclelinux:7-slim

FROM docker.io/oraclelinux:7-slim as base

ARG DB_VERSION
ARG ORACLE_HOME
ARG ORACLE_BASE
ARG CREATE_CDB
ARG CDB_NAME
ENV STAGE_DIR=/tmp/stage/
COPY oracle-preinstall.sh $STAGE_DIR
RUN /bin/bash -c $STAGE_DIR/oracle-preinstall.sh

FROM base as installer

ARG DB_VERSION
ARG CREATE_CDB
ARG CDB_NAME
ARG CHARACTER_SET
ARG MEM_PCT
ARG EDITION
ARG PATCH_VERSION
ARG INSTALL_SCRIPT

ADD ./* $STAGE_DIR
RUN /bin/bash -c \
    'if [ "${DB_VERSION}" = "18c" ] && [ "${EDITION}" = "xe" ]; then \
      export INSTALL_SCRIPT=install-oracle-18c-xe.sh; \
      chmod +x $STAGE_DIR$INSTALL_SCRIPT; \
      $STAGE_DIR/$INSTALL_SCRIPT "${CDB_NAME}" "${CHARACTER_SET}" && \
      rm -rf $INSTALL_SCRIPT && \
      rm -rf $STAGE_DIR; \
    else \
      export INSTALL_SCRIPT=install-oracle.sh; \
      chmod +x $STAGE_DIR$INSTALL_SCRIPT; \
      $STAGE_DIR/$INSTALL_SCRIPT "${DB_VERSION}" "${EDITION}" "${CREATE_CDB}" "${CDB_NAME}" "${CHARACTER_SET}" "${MEM_PCT}" "${PATCH_VERSION}" && \
      rm -rf $INSTALL_SCRIPT && \
      rm -rf $STAGE_DIR; \
    fi'

FROM base as database_image

ARG ORACLE_HOME
ARG ORACLE_BASE
ARG CDB_NAME

ENV ORACLE_HOME=$ORACLE_HOME
ENV ORACLE_BASE=$ORACLE_BASE
ENV ORACLE_SID=$CDB_NAME
ENV LD_LIBRARY_PATH=$ORACLE_HOME/lib:/usr/lib

USER oracle
COPY --chown=oracle:dba --from=installer $ORACLE_BASE $ORACLE_BASE
COPY --chown=oracle:dba --from=installer /etc/oratab /etc/oratab
COPY --chown=oracle:dba --from=installer /etc/oraInst.loc /etc/oraInst.loc

USER root
RUN $ORACLE_HOME/root.sh && rm $STAGE_DIR/oracle-preinstall.sh

VOLUME ["/u02", "/u03"]
# TODO: make the port number configurable
EXPOSE 1521

# Define default command to start Oracle Database.
CMD exec /bin/bash

README.md

# Cloud Build for DB Image
This tooling picks up the software from Cloud Storage bucket and then creates a container
image with the RDBMS software preinstalled. At present, it supports Oracle 19c
and Oracle 12.2. The docker container does not contain the database, and needs
to be created separately.

The base container OS is Oracle Enterprise Linux (OEL7-slim).

## How to run

Oracle 19c EE

```shell
$ GCS_PATH=
$ gcloud builds submit --config=cloudbuild.yaml  --substitutions=_INSTALL_PATH=$GCS_PATH,_DB_VERSION=19c
```

Oracle 12.2 EE

```shell
$ GCS_PATH=
$ gcloud builds submit --config=cloudbuild.yaml  --substitutions=_INSTALL_PATH=$GCS_PATH,_DB_VERSION=12.2
```

Oracle 18c XE

```shell
$ GCS_PATH=
$ gcloud builds submit --config=cloudbuild.yaml  --substitutions=_INSTALL_PATH=$GCS_PATH,_DB_VERSION=18c,_CREATE_CDB=true,_CDB_NAME=MYDB
```

## Access

When running the command, mentioned in Oracle 18c XE, you might see failures if the cloudbuilder
service account does not have 'Storage Viewer' access to the Cloud Storage bucket that
stores the software.

```shell
export PROJECT_NUMBER=
export BUCKET_NAME=
gcloud storage buckets add-iam-policy-binding gs://$BUCKET_NAME --member=serviceAccount:$PROJECT_NUMBER@cloudbuild.gserviceaccount.com --role=roles/storage.objectViewer
```

image_build.sh

#!/bin/bash
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.


readonly ORACLE_12="12.2"
readonly ORACLE_19="19.3"
readonly ORACLE_18="18c"
readonly DUMMY_VALUE="-1"

DB_VERSION=''
EDITION='ee'
CREATE_CDB=false
CDB_NAME=''
CHARACTER_SET='AL32UTF8'
MEM_PCT=25
IMAGE_NAME_SUFFIX=''
INSTALL_PATH=''
NO_DRY_RUN=false
ORACLE_HOME=''
ORACLE_BASE=''
PROJECT_ID=''
LOCAL_BUILD=false
TAG=''

sanity_check_params() {

  if [[ "${CREATE_CDB}" == true ]]; then
    if [ -z "${CDB_NAME}" ]; then
      CDB_NAME="GCLOUD"
    fi
    db_name_len="${#CDB_NAME}"
    if [[ "${db_name_len}" -le 0 || "${db_name_len}" -gt 8 ]]; then
      echo "CDB_NAME should be less than or equal to 8 characters"
      usage
    fi
  else
    db_name_len="${#CDB_NAME}"
    if [[ "${db_name_len}" -gt 0 ]]; then
      echo "CDB_NAME is set but CREATE_CDB is not"
      usage
    fi
  fi

  if [[ -z "${DB_VERSION}" ]]; then
    echo "Version DB_VERSION parameter is required to create images"
    usage
  fi

  if [[ "${DB_VERSION}" != "${ORACLE_12}" && "${DB_VERSION}" != "${ORACLE_18}" && "${DB_VERSION}" != "${ORACLE_19}" ]]; then
    echo "${DB_VERSION} is not supported, the supported versions are ${ORACLE_12} and ${ORACLE_19}"
    usage
  fi

  if [ -z "${INSTALL_PATH}" ] && [ "${DB_VERSION}" != "${ORACLE_18}" ] && [ "${LOCAL_BUILD}" != true ]; then
    echo "Cloud Storage path containing Oracle installation files is not provided"
    usage
  fi

  if [[ "${MEM_PCT}" -le 0 || "${MEM_PCT}" -gt 100 ]]; then
    echo "MEM_PCT should be between 0 and 100"
    usage
  fi

  if [[ "${DB_VERSION}" == "${ORACLE_18}" ]]; then
    EDITION="xe"
  fi
}

usage() {
  echo "------USAGE------
  This tool allows you to build oracle database container images.
  You have the option of using the Google Cloud build script or performing a local build by setting the --local_build flag to true.
  Sanity checks are conducted on your inputs and safe defaults are used as necessary.

  image_build.sh --db_version [12.2, 19.3 or 18c] --create_cdb [true or false] --cdb_name [CDB_NAME] --install_path [INSTALL_PATH]

  REQUIRED FLAGS
     --install_path
       Cloud Storage path containing Oracle Database EE installation files.
       This flag is only required when using Google Cloud Build.
       You do not need to specify this parameter for Oracle 18c XE.

     --db_version
       Version of the Oracle database.

     --create_cdb
       Specifies whether a CDB should be created. Must be set to 'true' if using Oracle 18c.

  OPTIONAL FLAGS
     --cdb_name
       Name of the CDB to create. Defaults to 'GCLOUD' if unspecified.

     --edition
       Edition of the Oracle database. ee is used if unspecified.
       This flag is not supported for Oracle 18c and will be ignored.

     --patch_version
       Version of the Oracle database PSU.
       If unspecified, 31741641 is used as the default value for 12.2 ,
       32545013 is used as the default value for 19.3 .
       This flag is not supported for Oracle 18c and will be ignored.

     --local_build
       if true, docker is used to build an image locally. If false or unspecified, Google Cloud Build is used to build the image.

     --project_id
       project_id Google Cloud project to use for image build. If unspecified, your default gcloud project will be used.
       For local builds, this flag can be set to 'local-build'.

     --mem_pct
       Percentage of memory.
       This flag is not supported for Oracle 18c and will be ignored.

     --character_set
       Character set for the newly created CDB

     --tag
       Tag that should be applied to the image.
       If a tag is not specified, 'gcr.io/\$GCR_PROJECT_ID/oracle-database-images/oracle-\${DB_VERSION}-\${EDITION}-\${IMAGE_NAME_SUFFIX}:latest' is used.

     --no_dry_run
       Run command in full mode.  Will execute actions.
       "
    exit 1
}

function parse_arguments() {
  opts=$(getopt -o i:v:c:n:p:m:c:h \
    --longoptions install_path:,db_version:,edition:,create_cdb:,cdb_name:,mem_pct:,character_set:,help:,project_id:,patch_version:,local_build:,tag:,no_dry_run,help \
    -n "$(basename "$0")" -- "$@")
  eval set -- "$opts"
  while true; do
    case "$1" in
    -i | --install_path)
      shift
      INSTALL_PATH=$1
      shift
      ;;
    -v | --db_version)
      shift
      DB_VERSION=$1
      shift
      ;;
    -e | --edition)
      shift
      EDITION=$1
      shift
      ;;
    -c | --create_cdb)
      shift
      CREATE_CDB=$1
      shift
      ;;
    -n | --cdb_name)
      shift
      CDB_NAME=$1
      shift
      ;;
    -m | --mem_pct)
      shift
      MEM_PCT=$1
      shift
      ;;
    --character_set)
      shift
      CHARACTER_SET=$1
      shift
      ;;
    --patch_version)
      shift
      PATCH_VERSION=$1
      shift
      ;;
    --project_id)
      shift
      PROJECT_ID=$1
      shift
      ;;
    --local_build)
      shift
      LOCAL_BUILD=$1
      shift
      ;;
    -t | --tag)
      shift
      TAG=$1
      shift
      ;;
    -h | --help)
      usage
      return 1
      ;;
    --no_dry_run)
      NO_DRY_RUN=true
      shift
      ;;
    --)
      shift
      break
      ;;
    *)
      echo Invalid argument "$1"
      usage
      exit 1
      ;;
    esac
  done

}

execute_command() {
  IMAGE_NAME_SUFFIX=$(echo "$CDB_NAME" | tr '[:upper:]' '[:lower:]')
  if [ -z "${PROJECT_ID}" ]; then
    PROJECT_ID=$(gcloud config get-value project 2>/dev/null)
    echo "Project not specified, falling back on current gcloud default:"
    echo "$PROJECT_ID"
  fi

  if [ -z "${PATCH_VERSION}" ]; then
    PATCH_VERSION="${DUMMY_VALUE}"
  fi

  GCR_PROJECT_ID=$(echo "$PROJECT_ID" | tr : /)

  if [[ "${CREATE_CDB}" == true ]]; then
    IMAGE_NAME_SUFFIX="seeded-${IMAGE_NAME_SUFFIX}"
  else
    IMAGE_NAME_SUFFIX="unseeded"
    CDB_NAME=""
  fi

  if [ "${DB_VERSION}" == "${ORACLE_18}" ] && [ "${EDITION}" == "xe" ]; then
    ORACLE_HOME="/opt/oracle/product/18c/dbhomeXE"
    ORACLE_BASE="/opt/oracle"
  else
    ORACLE_HOME="/u01/app/oracle/product/${DB_VERSION}/db"
    ORACLE_BASE="/u01/app/oracle"
  fi

  if [ -z "${TAG}" ]; then
    TAG="gcr.io/${GCR_PROJECT_ID}/oracle-database-images/oracle-${DB_VERSION}-${EDITION}-${IMAGE_NAME_SUFFIX}:latest"
  fi

  if [ "${LOCAL_BUILD}" == true ]; then
    BUILD_CMD=$(echo docker build --no-cache --build-arg=DB_VERSION="${DB_VERSION}" --build-arg=ORACLE_HOME="${ORACLE_HOME}" --build-arg=ORACLE_BASE="${ORACLE_BASE}" --build-arg=CREATE_CDB="${CREATE_CDB}" --build-arg=CDB_NAME="${CDB_NAME}" --build-arg=CHARACTER_SET="${CHARACTER_SET}" --build-arg=MEM_PCT="${MEM_PCT}" --build-arg=EDITION="${EDITION}" --build-arg=PATCH_VERSION="${PATCH_VERSION}" --tag="$TAG" .)
  else
    if [ "${DB_VERSION}" == "${ORACLE_18}" ]; then
      BUILD_CMD=$(echo gcloud builds submit --project=${PROJECT_ID} --config=cloudbuild-18c-xe.yaml --substitutions=_ORACLE_HOME="${ORACLE_HOME}",_ORACLE_BASE="${ORACLE_BASE}",_CDB_NAME="${CDB_NAME}",_CHARACTER_SET="${CHARACTER_SET}",_TAG="${TAG}")
    else
      BUILD_CMD=$(echo gcloud builds submit --project=${PROJECT_ID} --config=cloudbuild.yaml --substitutions=_INSTALL_PATH="${INSTALL_PATH}",_DB_VERSION="${DB_VERSION}",_EDITION="${EDITION}",_ORACLE_HOME="${ORACLE_HOME}",_ORACLE_BASE="${ORACLE_BASE}",_CREATE_CDB="${CREATE_CDB}",_CDB_NAME="${CDB_NAME}",_CHARACTER_SET="${CHARACTER_SET}",_MEM_PCT="${MEM_PCT}",_TAG="${TAG}",_PATCH_VERSION="${PATCH_VERSION}")
    fi
  fi

  if [[ "$NO_DRY_RUN" == true ]]; then
    echo "Executing the following command:"
    echo "$BUILD_CMD"
    ${BUILD_CMD}
  else
    echo "Dry run mode: the command would have executed as follows:"
    echo "$BUILD_CMD"
  fi
}

main() {
  parse_arguments "$@"
  sanity_check_params
  date
  time execute_command
}

main "$@"

install-oracle-18c-xe.sh

#!/bin/bash
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# shellcheck disable=2153

set -x
set -e
set -u
export PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
readonly CDB_NAME=${1:-GCLOUD}
readonly CHARACTER_SET=${2:-AL32UTF8}
readonly USER="oracle"
readonly GROUP="dba"
readonly OHOME="/opt/oracle/product/18c/dbhomeXE"
readonly DB_VERSION="18c"

set_environment() {
  export ORACLE_DOCKER_INSTALL=true
  source "/home/oracle/${CDB_NAME}.env"
}


install_oracle() {
  yum -y localinstall https://download.oracle.com/otn-pub/otn_software/db-express/oracle-database-xe-18c-1.0-1.x86_64.rpm
}

write_oracle_config() {
  echo "\
CHARSET=${CHARACTER_SET}
ORACLE_SID=${CDB_NAME}
SKIP_VALIDATIONS=FALSE" > /etc/sysconfig/oracle-xe-18c.conf
}

create_cdb() {
  local syspass="$(openssl rand -base64 16 | tr -dc a-zA-Z0-9)"
  (echo "${syspass}"; echo "${syspass}";) | /etc/init.d/oracle-xe-18c configure
}

set_file_ownership() {
  chown -R "${USER}:${GROUP}" "${OHOME}"
  chown -R "${USER}:${GROUP}" "/home/${USER}"
  chown "${USER}:${GROUP}" /etc/oraInst.loc
  chown -R "${USER}:${GROUP}" /opt
}

shutdown_oracle() {
  run_sql "shutdown immediate;"
  echo "Oracle Database Shutdown"
}

delete_xe_pdb() {
  run_sql "ALTER PLUGGABLE DATABASE XEPDB1 CLOSE;"
  run_sql "DROP PLUGGABLE DATABASE XEPDB1 INCLUDING DATAFILES;"
}

run_sql() {
  echo "${1}" | sudo -E -u oracle "${ORACLE_HOME}/bin/sqlplus" -S / as sysdba
}

main() {
  echo "Running Oracle 18c XE install script..."
  set_environment
  install_oracle
  write_oracle_config
  create_cdb
  set_file_ownership
  delete_xe_pdb
  shutdown_oracle
  echo "Oracle 18c XE installation succeeded!"
}

main

install-oracle.sh

#!/bin/bash
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# shellcheck disable=2153

set -x
set -e
set -u
export PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
readonly DB_VERSION="$1"
readonly EDITION="$2"
readonly CREATE_CDB="$3"
readonly CDB_NAME="$4"
readonly CHARACTER_SET=${5:-AL32UTF8}
readonly MEM_PCT=${6:-25}
PATCH_VERSION="$7"
readonly INIT_PARAMS="log_archive_dest_1='LOCATION=USE_DB_RECOVERY_FILE_DEST',enable_pluggable_database=TRUE,common_user_prefix='gcsql$'"
readonly USER='oracle'
readonly GROUP='dba'
readonly OCM_FILE="ocm.rsp"
readonly OHOME="/u01/app/oracle/product/${DB_VERSION}/db"
readonly ORACLE_12="12.2"
readonly ORACLE_19="19.3"

setup_patching() {
  if [[ "${PATCH_VERSION}" == "-1" ]]; then
    if [[ "${DB_VERSION}" == "${ORACLE_12}" ]]; then
      PATCH_VERSION="31741641"
    elif [[ "${DB_VERSION}" == "${ORACLE_19}" ]]; then
      PATCH_VERSION="32545013"
    fi
  fi
  local patch_suffix
  if [[ "${DB_VERSION}" == "${ORACLE_12}" ]]; then
    patch_suffix="_122010_Linux-x86-64.zip"
  elif [[ "${DB_VERSION}" == "${ORACLE_19}" ]]; then
    patch_suffix="_190000_Linux-x86-64.zip"
  fi
  PATCH_ZIP="p${PATCH_VERSION}${patch_suffix}"

  if [[ ! -f "${STAGE_DIR}"/"${PATCH_ZIP}" ]]; then
    echo "could not find the PSU zip in ${STAGE_DIR}/${PATCH_ZIP}, possible fixes:
if '--local_build' is enabled, try stage ${PATCH_ZIP} to the same directory with image_build.sh.
if '--local_build' is disabled, try stage ${PATCH_ZIP} to the gcs bucket.
Update '--patch_version' when running image_build.sh, the script assumes the file name is 'p<var>patch_version</var>${patch_suffix}'."
    exit 1
  fi
}

setup_installers() {
  if [[ "${DB_VERSION}" == "${ORACLE_12}" ]]; then
    local -g INSTALL_CONFIG="ora12-config.sh"
    # shellcheck source=ora12-config.sh
    source "${STAGE_DIR}"/"${INSTALL_CONFIG}"
    local -g CHECKSUM_FILE="checksum.sha256.12"
  elif [[ "${DB_VERSION}" == "${ORACLE_19}" ]]; then
    local -g INSTALL_CONFIG="ora19-config.sh"
    # shellcheck source=ora19-config.sh
    source "${STAGE_DIR}"/"${INSTALL_CONFIG}"
    local -g CHECKSUM_FILE="checksum.sha256.19"
  else
    echo "DB version ${DB_VERSION} not supported"
    exit 1
  fi
  _fallback_install_file
  _fallback_opatch_file
}

_fallback_install_file() {
  if [[ -f "${STAGE_DIR}"/"${INSTALL_ZIP}" ]]; then
    echo "found DB installer zip ${STAGE_DIR}/${INSTALL_ZIP}, install will use ${INSTALL_ZIP}"
    return
  fi
  # installer zip can be downloaded either from OTN or edelivery
  # default file name for edelivery: V839960-01.zip
  # default file name for OTN: linuxx64_12201_database.zip
  local candidates=("linuxx64_12201_database.zip")
  if [[ "${DB_VERSION}" == "${ORACLE_19}" ]]; then
    candidates=("LINUX.X64_193000_db_home.zip")
  fi
  echo "could not find the specified DB installer zip. Will try falling back to one of these possible names:" "${candidates[@]}"

  for f in "${candidates[@]}"; do
    if [[ -f "${STAGE_DIR}"/"${f}" ]]; then
      echo "found DB installer zip ${STAGE_DIR}/${f},install will use ${f}"
      INSTALL_ZIP="${f}"
      break
    else
      echo "could not find fallback DB installer zip ${STAGE_DIR}/${f}, try specifying an installer from one of these possible names:" "${candidates[@]}"
    fi
  done
}

_fallback_opatch_file() {
  if [[ -f "${STAGE_DIR}"/"${OPATCH_ZIP}" ]]; then
    echo "found opatch zip ${STAGE_DIR}/${OPATCH_ZIP}, install will use ${OPATCH_ZIP}"
    return
  fi
  # OPATCH_ZIP can be p6880880_200000_Linux-x86-64.zip, p6880880_190000_Linux-x86-64.zip
  # p6880880_180000_Linux-x86-64.zip, p6880880_122010_Linux-x86-64.zip
  # for 04302020 OPATCH, their sha256sum are identical "B08320195434559D9662729C5E02ABC8436A5C602B4355CC33A673F24D9D174"
  local candidates=(
    "p6880880_200000_Linux-x86-64.zip"
    "p6880880_190000_Linux-x86-64.zip"
    "p6880880_180000_Linux-x86-64.zip"
    "p6880880_122010_Linux-x86-64.zip"
  )
  echo "cannot find opatch zip from config, try one of possible names" "${candidates[@]}"

  for f in "${candidates[@]}"; do
    if [[ -f "${STAGE_DIR}"/"${f}" ]]; then
      echo "found opatch zip ${STAGE_DIR}/${f},install will use ${f}"
      OPATCH_ZIP="${f}"
      break
    else
      echo "cannot find opatch zip ${STAGE_DIR}/${f}, try fallback to other possible names"
    fi
  done
}

setup_ocm() {
  if [[ "${DB_VERSION}" == "${ORACLE_19}" ]]; then
    echo "oracle.install.responseFileVersion=/oracle/install/rspfmt_dbinstall_response_schema_v19.0.0" >"${STAGE_DIR}/${OCM_FILE}"
  elif [[ "${DB_VERSION}" == "${ORACLE_12}" ]]; then
    echo "oracle.install.responseFileVersion=/oracle/install/rspfmt_dbinstall_response_schema_v12.2.0" >"${STAGE_DIR}/${OCM_FILE}"
  else
    echo "Unsupported version ${DB_VERSION}"
    exit 1
  fi
  echo "oracle.install.option=INSTALL_DB_SWONLY" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "UNIX_GROUP_NAME=dba" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "INVENTORY_LOCATION=/u01/app/oracle/oraInventory" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "ORACLE_HOME=${OHOME}" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "ORACLE_BASE=/u01/app/oracle" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "oracle.install.db.InstallEdition=${EDITION}" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "oracle.install.db.OSDBA_GROUP=dba" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "oracle.install.db.OSOPER_GROUP=dba" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "oracle.install.db.OSBACKUPDBA_GROUP=dba" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "oracle.install.db.OSDGDBA_GROUP=dba" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "oracle.install.db.OSKMDBA_GROUP=dba" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "oracle.install.db.OSRACDBA_GROUP=dba" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "SECURITY_UPDATES_VIA_MYORACLESUPPORT=false" >>"${STAGE_DIR}/${OCM_FILE}"
  echo "DECLINE_SECURITY_UPDATES=true" >>"${STAGE_DIR}/${OCM_FILE}"
}

setup_directories() {
  mkdir -p "${STAGE_DIR}/patches"
  chown "${USER}:${GROUP}" "${STAGE_DIR}/patches"
}

patch_oracle() {
  cd "${STAGE_DIR}/patches/${PATCH_VERSION}/${PATCH_VERSION}"
  sudo -E -u oracle "${OHOME}/OPatch/opatch" \
    apply -silent -ocmrf "${STAGE_DIR}/${OCM_FILE}"
}

checksum_files() {
  cd "${STAGE_DIR}"
  cat >"${CHECKSUM_FILE}" <<EOF
${INSTALL_ZIP_SHA256} ${INSTALL_ZIP}
EOF
  cat "${CHECKSUM_FILE}"
  if ! sha256sum -c "${STAGE_DIR}/${CHECKSUM_FILE}" --quiet; then
    echo "Checksum failure of installables."
    echo "try double check ${INSTALL_CONFIG} DB install/OPatch/PSUs filename and sha256, ensure they are matched with Cloud Storage bucket staged zip files"
    exit 1
  fi
}

install_oracle() {
  if [[ "${DB_VERSION}" == "${ORACLE_12}" ]]; then
    install_oracle12
  elif [[ "${DB_VERSION}" == "${ORACLE_19}" ]]; then
    install_oracle19
  fi
}

install_oracle19() {
  printf "inventory_loc=/u01/app/oracle/oraInventory\ninst_group=dba\n" \
    >>/etc/oraInst.loc
  chown "${USER}:${GROUP}" /etc/oraInst.loc
  cd "${OHOME}"
  export CV_ASSUME_DISTID=OL7
  sudo -E -u oracle "${OHOME}/runInstaller" \
    -silent \
    -waitforcompletion \
    -ignorePrereqFailure \
    INVENTORY_LOCATION=/etc/oraInst.loc \
    UNIX_GROUP_NAME=dba \
    ORACLE_HOME="${OHOME}" \
    ORACLE_BASE=/u01/app/oracle \
    oracle.install.db.InstallEdition="${EDITION}" \
    oracle.install.db.OSDBA_GROUP="${GROUP}" \
    oracle.install.db.OSOPER_GROUP="${GROUP}" \
    oracle.install.db.OSBACKUPDBA_GROUP="${GROUP}" \
    oracle.install.db.OSDGDBA_GROUP="${GROUP}" \
    oracle.install.db.OSKMDBA_GROUP="${GROUP}" \
    oracle.install.db.OSRACDBA_GROUP="${GROUP}" \
    oracle.install.option=INSTALL_DB_SWONLY ||
    (($? == 6)) # Check for successful install with warning suppressed.

  enable_unified_auditing

  "${OHOME}/root.sh"
}

install_oracle12() {
  printf "inventory_loc=/u01/app/oracle/oraInventory\ninst_group=dba\n" \
    >>/etc/oraInst.loc
  chown "${USER}:${GROUP}" /etc/oraInst.loc
  sudo -u oracle "${STAGE_DIR}/database/runInstaller" \
    -silent \
    -force \
    -invptrloc /etc/oraInst.loc \
    -waitforcompletion \
    -ignoresysprereqs \
    -ignoreprereq \
    UNIX_GROUP_NAME=dba \
    ORACLE_HOME="${OHOME}" \
    ORACLE_BASE=/u01/app/oracle \
    oracle.install.db.InstallEdition="${EDITION}" \
    oracle.install.db.OSDBA_GROUP="${GROUP}" \
    oracle.install.db.OSOPER_GROUP="${GROUP}" \
    oracle.install.db.OSBACKUPDBA_GROUP="${GROUP}" \
    oracle.install.db.OSDGDBA_GROUP="${GROUP}" \
    oracle.install.db.OSKMDBA_GROUP="${GROUP}" \
    oracle.install.db.OSRACDBA_GROUP="${GROUP}" \
    oracle.install.option=INSTALL_DB_SWONLY ||
    (($? == 6)) # Check for successful install with warning suppressed.

  enable_unified_auditing

  "${OHOME}/root.sh"

}

enable_unified_auditing() {
  cd "${OHOME}/rdbms/lib"
  sudo -u oracle \
    make -f ins_rdbms.mk uniaud_on ioracle ORACLE_HOME="${OHOME}"
}

create_cdb() {
  local syspass="$(openssl rand -base64 16 | tr -dc a-zA-Z0-9)"
  sudo -u oracle "${OHOME}/bin/dbca" \
    -silent \
    -createDatabase \
    -templateName General_Purpose.dbc \
    -gdbname "${CDB_NAME}" \
    -createAsContainerDatabase true \
    -sid "${CDB_NAME}" \
    -responseFile NO_VALUE \
    -characterSet "${CHARACTER_SET}" \
    -memoryPercentage "${MEM_PCT}" \
    -emConfiguration NONE \
    -datafileDestination "/u01/app/oracle/oradata" \
    -storageType FS \
    -initParams "${INIT_PARAMS}" \
    -databaseType MULTIPURPOSE \
    -recoveryAreaDestination /u01/app/oracle/fast_recovery_area \
    -sysPassword "${syspass}" \
    -systemPassword "${syspass}"
}

set_environment() {
  source "/home/oracle/${CDB_NAME}.env"
}

cleanup_post_success() {
  # ORDS
  rm -rf "${OHOME}/ords" &&
    # SQL Developer
    rm -rf "${OHOME}/sqldeveloper" &&
    # UCP connection pool
    rm -rf "${OHOME}/ucp" &&
    # All installer files
    rm -rf "${OHOME}/lib/*.zip" &&
    # OUI backup
    rm -rf "${OHOME}/inventory/backup/*" &&
    # Network tools help
    rm -rf "${OHOME}/network/tools/help" &&
    # Database upgrade assistant
    rm -rf "${OHOME}/assistants/dbua" &&
    # Database migration assistant
    rm -rf "${OHOME}/dmu" &&
    # Remove pilot workflow installer
    rm -rf "${OHOME}/install/pilot" &&
    # Support tools
    rm -rf "${OHOME}/suptools" &&
    # Temp location
    rm -rf /tmp/* &&
    # Install files
    rm -rf "${STAGE_DIR}"
}

unzip_binaries() {
  if [[ "${DB_VERSION}" == "${ORACLE_12}" ]]; then
    chown -R "${USER}:${GROUP}" "${STAGE_DIR}"
    sudo -u oracle unzip "${STAGE_DIR}/${INSTALL_ZIP}" -d "${STAGE_DIR}"
  elif [[ "${DB_VERSION}" == "${ORACLE_19}" ]]; then
    sudo -u oracle unzip "${STAGE_DIR}/${INSTALL_ZIP}" -d "${OHOME}"
  fi
  sudo -u oracle unzip "${STAGE_DIR}/${PATCH_ZIP}" -d "${STAGE_DIR}/patches/${PATCH_VERSION}"
  rm "${STAGE_DIR}/${INSTALL_ZIP}"
  rm "${STAGE_DIR}/${PATCH_ZIP}"
}

shutdown_oracle() {
  run_sql "shutdown immediate;"
  echo "Oracle Database Shutdown"
}

run_sql() {
  echo "${1}" | sudo -E -u oracle "${OHOME}/bin/sqlplus" -S / as sysdba
}

patch_log4j(){
  # Delete Jndi classes from log4j jars as part of CVE-2021-44228
  # While waiting for oracle patches.
  for f in $(find "${OHOME}" -type f -name "log4j-core*.jar"); do
    sudo -u oracle zip -q -d "$f" org/apache/logging/log4j/core/lookup/JndiLookup.class || true
  done
}

main() {
  setup_patching
  setup_installers
  checksum_files
  setup_directories
  setup_ocm
  if [[ "${CREATE_CDB}" == true ]]; then
    set_environment
  fi
  chown -R "${USER}:${GROUP}" /u01
  unzip_binaries
  install_oracle
  rm -rf "${OHOME}/OPatch"
  sudo -u oracle unzip "${STAGE_DIR}/${OPATCH_ZIP}" -d "${OHOME}"
  patch_oracle
  if [[ "${CREATE_CDB}" == true ]]; then
    create_cdb
    shutdown_oracle
  fi
  chown "${USER}:${GROUP}" /etc/oratab
  cleanup_post_success
  patch_log4j
  echo "Oracle installation success"
}
main

ora12-config.sh

#!/bin/bash
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

INSTALL_ZIP="V839960-01.zip"
INSTALL_ZIP_SHA256="96ed97d21f15c1ac0cce3749da6c3dac7059bb60672d76b008103fc754d22dde"
OPATCH_ZIP="p6880880_122010_Linux-x86-64.zip"
OPATCH_ZIP_SHA256="b08320195434559d9662729c5e02abc8436a5c602b4355cc33a673f24d9d1740"

ora19-config.sh

#!/bin/bash
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

INSTALL_ZIP="V982063-01.zip"
INSTALL_ZIP_SHA256="ba8329c757133da313ed3b6d7f86c5ac42cd9970a28bf2e6233f3235233aa8d8"
OPATCH_ZIP="p6880880_190000_Linux-x86-64.zip"
OPATCH_ZIP_SHA256="b08320195434559d9662729c5e02abc8436a5c602b4355cc33a673f24d9d1740"

oracle-preinstall.sh

#!/bin/bash
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -x
set -e
set -u
readonly ORACLE_12="12.2"
readonly ORACLE_18="18c"
readonly ORACLE_19="19.3"
readonly USER='oracle'
readonly GROUP='dba'

install_packages() {
  yum install -y shadow-utils openssl sudo zip
  yum install -y nmap-ncat.x86_64
  yum install -y strace.x86_64
  yum install -y net-tools.x86_64
  yum install -y lsof.x86_64
  yum install -y "${PREINSTALL_RPM}"
  echo "#%PAM-1.0
auth       include      system-auth
account    include      system-auth
password   include      system-auth
" >/etc/pam.d/sudo
  if [[ "${DB_VERSION}" == "${ORACLE_18}" ]]; then
        echo "#%PAM-1.0
auth        sufficient  pam_rootok.so
auth        substack    system-auth
auth        include     postlogin
account     sufficient  pam_succeed_if.so uid = 0 use_uid quiet
account     include     system-auth
password    include     system-auth
session     include     postlogin
session     optional    pam_xauth.so
" >/etc/pam.d/su
  fi
}

# Update cryptographic modules from ol7_u8_security_validation repository
# https://docs.oracle.com/en/operating-systems/oracle-linux/7/security/security-FIPS1402ComplianceinOracleLinux7.html#ol7-fips
update_packages_fips() {
  yum-config-manager --enable ol7_u8_security_validation ol7_latest

  # To ensure that packages are updated from the security repo, disable other repos and only
  # enable the security repo.
  yum -y --disablerepo="*" --enablerepo="ol7_u8_security_validation" update \
    openssl-libs\
    openssh-clients\
    openssh-server\
    libgcrypt\
    nss-softokn\
    libreswan\
    gnutls\
    kernel-uek
}

pick_pre_installer() {
  if [[ "${DB_VERSION}" == "${ORACLE_12}" ]]; then
    local -g PREINSTALL_RPM="oracle-database-server-12cR2-preinstall.x86_64"
  elif [[ "${DB_VERSION}" == "${ORACLE_18}" ]]; then
    local -g PREINSTALL_RPM="oracle-database-preinstall-18c.x86_64"
  elif [[ "${DB_VERSION}" == "${ORACLE_19}" ]]; then
    local -g PREINSTALL_RPM="oracle-database-preinstall-19c.x86_64"
  else
    echo "DB version ${DB_VERSION} not supported"
    exit 1
  fi
}

setup_directories() {
  mkdir -p "${ORACLE_HOME}"
  #use oinstall instead of dba to allow the script to work for 18c XE.
  #This is harmless because we always revert ownership of $ORACLE_BASE to oracle:dba in the Dockerfile.
  chown -R "${USER}:oinstall" "${ORACLE_BASE}"
  chown -R "${USER}:${GROUP}" "/home/${USER}"
}

create_env_file() {
  echo "export ORACLE_HOME=${ORACLE_HOME}" >>"/home/oracle/${CDB_NAME}.env"
  echo "export ORACLE_BASE=${ORACLE_BASE}" >>"/home/oracle/${CDB_NAME}.env"
  echo "export ORACLE_SID=${CDB_NAME}" >>"/home/oracle/${CDB_NAME}.env"
  echo "export PATH=${ORACLE_HOME}/bin:${ORACLE_HOME}/OPatch:/usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin" >>"/home/oracle/${CDB_NAME}.env"
  echo "export LD_LIBRARY_PATH=${ORACLE_HOME}/lib:/usr/lib" >>"/home/oracle/${CDB_NAME}.env"
  chown "${USER}:${GROUP}" "/home/oracle/${CDB_NAME}.env"
}

pick_pre_installer
install_packages
update_packages_fips
setup_directories
if [[ "${CREATE_CDB}" == true ]]; then
  create_env_file
fi

cloudbuild.yaml

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

substitutions:
  "_DB_VERSION": "12.2"
  "_EDITION": "ee"
options:
  diskSizeGb: 1000
  machineType: 'E2_HIGHCPU_8'
timeout: 7200s
steps:
- name: 'gcr.io/cloud-builders/gsutil'
  id: 'install_zip'
  args: ['-m', 'cp', "-r", '${_INSTALL_PATH}/*', '.']

- name: 'gcr.io/cloud-builders/docker'
  waitFor:
  - 'install_zip'
  args:
  - 'build'
  - '--no-cache'
  - '--build-arg=DB_VERSION=$_DB_VERSION'
  - '--build-arg=ORACLE_HOME=$_ORACLE_HOME'
  - '--build-arg=ORACLE_BASE=$_ORACLE_BASE'
  - '--build-arg=CREATE_CDB=$_CREATE_CDB'
  - '--build-arg=CDB_NAME=$_CDB_NAME'
  - '--build-arg=CHARACTER_SET=$_CHARACTER_SET'
  - '--build-arg=MEM_PCT=$_MEM_PCT'
  - '--build-arg=EDITION=$_EDITION'
  - '--build-arg=PATCH_VERSION=$_PATCH_VERSION'
  - '--tag=$_TAG'
  - '--file=Dockerfile'
  - '.'

images:
- '$_TAG'