From 533ad02ba621be1f96184b68cff73f5572bdd4be Mon Sep 17 00:00:00 2001
From: Bitnami Bot <bitnami-bot@vmware.com>
Date: Tue, 14 Feb 2023 17:14:08 +0100
Subject: [PATCH] [bitnami/airflow-worker] Release 2.5.1-debian-11-r9 (#23953)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
---
 bitnami/airflow-worker/2/debian-11/Dockerfile        |  2 +-
 .../rootfs/opt/bitnami/scripts/airflow-worker-env.sh |  2 ++
 .../rootfs/opt/bitnami/scripts/libairflow.sh         | 12 ++++++++++++
 .../rootfs/opt/bitnami/scripts/libairflowworker.sh   | 12 ++++++++++++
 4 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/bitnami/airflow-worker/2/debian-11/Dockerfile b/bitnami/airflow-worker/2/debian-11/Dockerfile
index 9654c3e4c22c..12b4e1f0f6bb 100644
--- a/bitnami/airflow-worker/2/debian-11/Dockerfile
+++ b/bitnami/airflow-worker/2/debian-11/Dockerfile
@@ -5,7 +5,7 @@ ARG TARGETARCH
 LABEL org.opencontainers.image.authors="https://bitnami.com/contact" \
       org.opencontainers.image.description="Application packaged by Bitnami" \
       org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="2.5.1-debian-11-r8" \
+      org.opencontainers.image.ref.name="2.5.1-debian-11-r9" \
       org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/airflow-worker" \
       org.opencontainers.image.title="airflow-worker" \
       org.opencontainers.image.vendor="VMware, Inc." \
diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker-env.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker-env.sh
index 754ebe0512d8..b2367850b156 100644
--- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker-env.sh
+++ b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker-env.sh
@@ -23,6 +23,7 @@ export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
 # variable will be overridden with the value specified in that file
 airflow_worker_env_vars=(
     AIRFLOW_EXECUTOR
+    AIRFLOW_RAW_FERNET_KEY
     AIRFLOW_FERNET_KEY
     AIRFLOW_SECRET_KEY
     AIRFLOW_WEBSERVER_HOST
@@ -72,6 +73,7 @@ export AIRFLOW_DAEMON_GROUP="airflow"
 
 # Airflow configuration
 export AIRFLOW_EXECUTOR="${AIRFLOW_EXECUTOR:-SequentialExecutor}"
+export AIRFLOW_RAW_FERNET_KEY="${AIRFLOW_RAW_FERNET_KEY:-}"
 export AIRFLOW_FERNET_KEY="${AIRFLOW_FERNET_KEY:-}"
 export AIRFLOW_SECRET_KEY="${AIRFLOW_SECRET_KEY:-}"
 export AIRFLOW_WEBSERVER_HOST="${AIRFLOW_WEBSERVER_HOST:-127.0.0.1}"
diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh
index 254f7727a738..d84835879fd9 100644
--- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh
+++ b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh
@@ -79,6 +79,18 @@ airflow_validate() {
         [[ -z "$AIRFLOW_POOL_SIZE" ]] && print_validation_error "Provided AIRFLOW_POOL_NAME but missing AIRFLOW_POOL_SIZE"
     fi
 
+    # Check cryptography parameters
+    if [[ -n "$AIRFLOW_RAW_FERNET_KEY" && -z "$AIRFLOW_FERNET_KEY" ]]; then
+        local fernet_char_count
+        fernet_char_count="$(echo -n "$AIRFLOW_RAW_FERNET_KEY")"
+        if [[ "$fernet_char_count" -lt 32 ]]; then
+            print_validation_error "AIRFLOW_RAW_FERNET_KEY must have at least 32 characters"
+        elif [[ "$fernet_char_count" -gt 32 ]]; then
+            warn "AIRFLOW_RAW_FERNET_KEY has more than 32 characters, the rest will be ignored"
+        fi
+        AIRFLOW_FERNET_KEY="$(echo -n "${AIRFLOW_RAW_FERNET_KEY:0:32}" | base64)"
+    fi
+
     return "$error_code"
 }
 
diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflowworker.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflowworker.sh
index 6ee8a8ff1671..2b0743fb78cb 100644
--- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflowworker.sh
+++ b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflowworker.sh
@@ -32,6 +32,18 @@ airflow_worker_validate() {
     # Check postgresql host
     [[ -z "$AIRFLOW_DATABASE_HOST" ]] && print_validation_error "Missing AIRFLOW_DATABASE_HOST"
 
+    # Check cryptography parameters
+    if [[ -n "$AIRFLOW_RAW_FERNET_KEY" && -z "$AIRFLOW_FERNET_KEY" ]]; then
+        local fernet_char_count
+        fernet_char_count="$(echo -n "$AIRFLOW_RAW_FERNET_KEY")"
+        if [[ "$fernet_char_count" -lt 32 ]]; then
+            print_validation_error "AIRFLOW_RAW_FERNET_KEY must have at least 32 characters"
+        elif [[ "$fernet_char_count" -gt 32 ]]; then
+            warn "AIRFLOW_RAW_FERNET_KEY has more than 32 characters, the rest will be ignored"
+        fi
+        AIRFLOW_FERNET_KEY="$(echo -n "${AIRFLOW_RAW_FERNET_KEY:0:32}" | base64)"
+    fi
+
     # Avoid fail because of the above check
     true
 }