From 04e13d51ac5533372393e80beb64ba12b3df33f8 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Fri, 21 Apr 2023 17:47:21 +0200 Subject: [PATCH] [bitnami/discourse] Release 3.0.3-debian-11-r1 (#31196) Signed-off-by: Bitnami Containers --- bitnami/discourse/3/debian-11/Dockerfile | 12 +-- .../opt/bitnami/.bitnami_components.json | 10 +- .../prebuildfs/opt/bitnami/scripts/libos.sh | 95 +++++++++++++++++++ .../bitnami/scripts/discourse-sidekiq/run.sh | 2 +- .../opt/bitnami/scripts/libdiscourse.sh | 2 +- 5 files changed, 105 insertions(+), 16 deletions(-) diff --git a/bitnami/discourse/3/debian-11/Dockerfile b/bitnami/discourse/3/debian-11/Dockerfile index fec0588f4b32..e4dcb702bb90 100644 --- a/bitnami/discourse/3/debian-11/Dockerfile +++ b/bitnami/discourse/3/debian-11/Dockerfile @@ -2,11 +2,12 @@ FROM docker.io/bitnami/minideb:bullseye ARG TARGETARCH -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2023-04-18T11:46:56Z" \ +LABEL com.vmware.cp.artifact.flavor="sha256:109c7d51bd69bb6b3df71017440c1ea0699454f81fe188056c083f0b57c96ea6" \ + org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ + org.opencontainers.image.created="2023-04-21T13:46:22Z" \ org.opencontainers.image.description="Application packaged by VMware, Inc" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.0.3-debian-11-r0" \ + org.opencontainers.image.ref.name="3.0.3-debian-11-r1" \ org.opencontainers.image.title="discourse" \ org.opencontainers.image.vendor="VMware, Inc." \ org.opencontainers.image.version="3.0.3" @@ -22,13 +23,12 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN install_packages acl advancecomp ca-certificates curl file gifsicle git hostname imagemagick jhead jpegoptim libbrotli1 libbsd0 libbz2-1.0 libcom-err2 libcrypt1 libedit2 libffi7 libgcc-s1 libgmp10 libgnutls30 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg-turbo-progs libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblzma5 libmd0 libncursesw6 libnettle8 libnsl2 libp11-kit0 libpq5 libreadline-dev libreadline8 libsasl2-2 libsqlite3-0 libssl-dev libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libtirpc3 libunistring2 libuuid1 libxml2 libxslt1.1 optipng pngcrush pngquant procps rsync sqlite3 zlib1g RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \ COMPONENTS=( \ - "python-3.8.16-9-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.6-4-linux-${OS_ARCH}-debian-11" \ + "python-3.8.16-11-linux-${OS_ARCH}-debian-11" \ + "wait-for-port-1.0.6-6-linux-${OS_ARCH}-debian-11" \ "ruby-3.1.4-0-linux-${OS_ARCH}-debian-11" \ "postgresql-client-15.2.0-4-linux-${OS_ARCH}-debian-11" \ "node-18.16.0-0-linux-${OS_ARCH}-debian-11" \ "brotli-1.0.9-160-linux-${OS_ARCH}-debian-11" \ - "gosu-1.16.0-5-linux-${OS_ARCH}-debian-11" \ "discourse-3.0.3-0-linux-${OS_ARCH}-debian-11" \ ) && \ for COMPONENT in "${COMPONENTS[@]}"; do \ diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json index 5b0962f01fd5..2626dd868a49 100644 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json @@ -11,12 +11,6 @@ "type": "NAMI", "version": "3.0.3-0" }, - "gosu": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.16.0-5" - }, "node": { "arch": "amd64", "distro": "debian-11", @@ -33,7 +27,7 @@ "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "3.8.16-9" + "version": "3.8.16-11" }, "ruby": { "arch": "amd64", @@ -45,6 +39,6 @@ "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "1.0.6-4" + "version": "1.0.6-6" } } \ No newline at end of file diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh index 5e141d4ce3f1..e573899abacb 100644 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh @@ -553,3 +553,98 @@ get_root_disk_device_id() { get_root_disk_size() { fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true } + +######################## +# Run command as a specific user and group (optional) +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +run_as_user() { + run_chroot "$@" +} + +######################## +# Execute command as a specific user and group (optional), +# replacing the current process image +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +exec_as_user() { + run_chroot --replace-process "$@" +} + +######################## +# Run a command using chroot +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Flags: +# -r | --replace-process - Replace the current process image (optional) +# Returns: +# Exit code of the specified command +######################### +run_chroot() { + local userspec + local user + local homedir + local replace=false + local -r cwd="$(pwd)" + + # Parse and validate flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -r | --replace-process) + replace=true + ;; + --) + shift + break + ;; + -*) + stderr_print "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + # Parse and validate arguments + if [[ "$#" -lt 2 ]]; then + echo "expected at least 2 arguments" + return 1 + else + userspec=$1 + shift + + # userspec can optionally include the group, so we parse the user + user=$(echo "$userspec" | cut -d':' -f1) + fi + + if ! am_i_root; then + error "Could not switch to '${userspec}': Operation not permitted" + return 1 + fi + + # Get the HOME directory for the user to switch, as chroot does + # not properly update this env and some scripts rely on it + homedir=$(eval echo "~${user}") + if [[ ! -d $homedir ]]; then + homedir="${HOME:-/}" + fi + + # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion + if [[ "$replace" = true ]]; then + exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + else + chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + fi +} \ No newline at end of file diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/run.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/run.sh index bb31e5dc6ba5..d208c15c50a5 100755 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/run.sh +++ b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/run.sh @@ -26,7 +26,7 @@ START_CMD=( info "** Starting Sidekiq **" if am_i_root; then - exec gosu "$DISCOURSE_DAEMON_USER" "${START_CMD[@]}" "$@" + exec_as_user "$DISCOURSE_DAEMON_USER" "${START_CMD[@]}" "$@" else exec "${START_CMD[@]}" "$@" fi diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libdiscourse.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libdiscourse.sh index b651aab69577..081e6003a362 100644 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libdiscourse.sh +++ b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libdiscourse.sh @@ -332,7 +332,7 @@ discourse_bundle_execute_print_output() { # Avoid creating unnecessary cache files at initialization time local -a cmd=("bundle" "exec" "$@") # Run as application user to avoid having to change permissions/ownership afterwards - am_i_root && cmd=("gosu" "$DISCOURSE_DAEMON_USER" "${cmd[@]}") + am_i_root && cmd=("run_as_user" "$DISCOURSE_DAEMON_USER" "${cmd[@]}") ( export RAILS_ENV="$DISCOURSE_ENV" cd "$DISCOURSE_BASE_DIR" || false