feat: use mariadb client for healthchecks

[jbergstroem]

Instead of grepping for an existing daemon, we now run a query similar to how mysqladmin does it (connects to server/db and runs select 1).

Todo

• review how others deal with then case of setting up a database with user/pass/root pass but then remove from a startup (conclusion: pass a mysql client config)
• tests (painful! takes ~15s before it responds as healthy via docker inspect --format "{{json .State.Health }}" - I could just lean on similar query / logic)
• add documentation about best practices in production environments

[jbergstroem]

Findings:

• mariadb (auth ignored / assumed): https://github.com/MariaDB/mariadb-docker/blob/master/11.0/healthcheck.sh#L52-L54
• mysql: does not provide healthcheck

[williamdes]

This ENV is not reliable since it can be changed right after the first warm up

[jbergstroem]

See my first point/todo and the first comment. MariaDB health check ignores auth and mysql ignores healthchecks altogether.

[jbergstroem]

I think what we want is a sane default, if people do changes they should probably override the healthcheck as well. I can see this being very common in any kind of setup where you orchestrate a docker compose setup with many actors.

[williamdes]

I think it's worth providing ENVs for the check, and if they are all empty then it does nothing ?

[jbergstroem]

If they are all empty it would try to connect without credentials. This is what mariadb does.

[williamdes]

I think this is a good idea only if you can have separate variables, this makes this image deviate from the original mariadb one a bit too much for me

[jbergstroem]

this makes this image deviate from the original mariadb one a bit too much for me

This is what the original does:

$ mariadb -h localhost --protocol tcp -e 'select 1'

If you set up this repo using the PR and remove your environment variables you'd see the same result.

Edit: if you check the original issue about adding this functionality to MariaDB; they are talking about the same thing / what I am trying to do as default: MariaDB/mariadb-docker#94

The cleanest approach to me from a production standpoint is to initialize your container, no longer pass credentials in your compose, then mount a config that contains authentication in a [mariadb-client] directive. Even with that, what I'm suggesting in this PR would work just fine (no variables are set -> just connect without passing credentials, reading from config instead).

I would add it to the documentation / best practices. That would be a great way to unit test this as well.

What do you think?