From b7ca0fd4cc5187d4247126045f7b6ce0df4c0b80 Mon Sep 17 00:00:00 2001
From: Bitnami Bot <bitnami.bot@broadcom.com>
Date: Thu, 7 Aug 2025 14:41:54 +0200
Subject: [PATCH] [bitnami/hubble-ui] Release 0.13.2-debian-12-r14 (#84908)

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>
---
 bitnami/hubble-ui/0/debian-12/Dockerfile          |  4 ++--
 .../opt/bitnami/.bitnami_components.json          |  2 +-
 .../rootfs/opt/bitnami/nginx/conf/nginx.conf      |  4 ++++
 .../rootfs/opt/bitnami/scripts/libnginx.sh        |  8 ++++----
 .../app-https-server-block.conf.tpl               |  4 ++--
 .../default-https-server-block.conf               |  4 ++--
 .../opt/bitnami/scripts/nginx/postunpack.sh       | 15 +++++++++++++++
 .../rootfs/opt/bitnami/scripts/nginx/setup.sh     |  2 +-
 8 files changed, 31 insertions(+), 12 deletions(-)

diff --git a/bitnami/hubble-ui/0/debian-12/Dockerfile b/bitnami/hubble-ui/0/debian-12/Dockerfile
index 64d55a2b0f1a..88e2473e046d 100644
--- a/bitnami/hubble-ui/0/debian-12/Dockerfile
+++ b/bitnami/hubble-ui/0/debian-12/Dockerfile
@@ -8,7 +8,7 @@ ARG TARGETARCH
 
 LABEL com.vmware.cp.artifact.flavor="sha256:c50c90cfd9d12b445b011e6ad529f1ad3daea45c26d20b00732fae3cd71f6a83" \
       org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \
-      org.opencontainers.image.created="2025-07-17T01:34:13Z" \
+      org.opencontainers.image.created="2025-08-07T12:21:10Z" \
       org.opencontainers.image.description="Application packaged by Broadcom, Inc." \
       org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/hubble-ui/README.md" \
       org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/hubble-ui" \
@@ -29,7 +29,7 @@ RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \
     DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \
     mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \
     COMPONENTS=( \
-      "render-template-1.0.8-1-linux-${OS_ARCH}-debian-12" \
+      "render-template-1.0.8-2-linux-${OS_ARCH}-debian-12" \
       "nginx-1.29.0-0-linux-${OS_ARCH}-debian-12" \
       "hubble-ui-0.13.2-2-linux-${OS_ARCH}-debian-12" \
     ) ; \
diff --git a/bitnami/hubble-ui/0/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/hubble-ui/0/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json
index 40c9230cd92c..ac2904481dd2 100644
--- a/bitnami/hubble-ui/0/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/hubble-ui/0/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json
@@ -15,6 +15,6 @@
         "arch": "amd64",
         "distro": "debian-12",
         "type": "NAMI",
-        "version": "1.0.8-1"
+        "version": "1.0.8-2"
     }
 }
\ No newline at end of file
diff --git a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/nginx/conf/nginx.conf b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/nginx/conf/nginx.conf
index 9833b1cfd043..02675408fea8 100644
--- a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/nginx/conf/nginx.conf
+++ b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/nginx/conf/nginx.conf
@@ -5,8 +5,11 @@ worker_processes  auto;
 error_log         "/opt/bitnami/nginx/logs/error.log";
 pid               "/opt/bitnami/nginx/tmp/nginx.pid";
 
+include  "/opt/bitnami/nginx/conf/context.d/main/*.conf";
+
 events {
     worker_connections  1024;
+    include  "/opt/bitnami/nginx/conf/context.d/events/*.conf";
 }
 
 http {
@@ -42,6 +45,7 @@ http {
     port_in_redirect   off;
 
     include  "/opt/bitnami/nginx/conf/server_blocks/*.conf";
+    include  "/opt/bitnami/nginx/conf/context.d/http/*.conf";
 
     # HTTP Server
     server {
diff --git a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/libnginx.sh b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/libnginx.sh
index e7f0bfe83a0e..319973275135 100644
--- a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/libnginx.sh
+++ b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/libnginx.sh
@@ -660,12 +660,12 @@ nginx_custom_init_scripts() {
 nginx_generate_sample_certs() {
     local certs_dir="${NGINX_CONF_DIR}/bitnami/certs"
 
-    if ! is_boolean_yes "$NGINX_SKIP_SAMPLE_CERTS" && [[ ! -f "${certs_dir}/server.crt" ]]; then
+    if ! is_boolean_yes "$NGINX_SKIP_SAMPLE_CERTS" && [[ ! -f "${certs_dir}/tls.crt" ]]; then
         # Check certificates directory exists and is writable
         if [[ -d "$certs_dir" && -w "$certs_dir" ]]; then
-            SSL_KEY_FILE="${certs_dir}/server.key"
-            SSL_CERT_FILE="${certs_dir}/server.crt"
-            SSL_CSR_FILE="${certs_dir}/server.csr"
+            SSL_KEY_FILE="${certs_dir}/tls.key"
+            SSL_CERT_FILE="${certs_dir}/tls.crt"
+            SSL_CSR_FILE="${certs_dir}/tls.csr"
             SSL_SUBJ="/CN=example.com"
             SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1"
             rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE"
diff --git a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl
index 02acfbb055c6..d30639a8e423 100644
--- a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl
+++ b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl
@@ -8,8 +8,8 @@ server {
 
     {{server_name_configuration}}
 
-    ssl_certificate      bitnami/certs/server.crt;
-    ssl_certificate_key  bitnami/certs/server.key;
+    ssl_certificate      bitnami/certs/tls.crt;
+    ssl_certificate_key  bitnami/certs/tls.key;
 
     {{acl_configuration}}
 
diff --git a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf
index 27284a637c31..15c19fe6a1eb 100644
--- a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf
+++ b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf
@@ -3,8 +3,8 @@ server {
     # Port to listen on, can also be set in IP:PORT format
     listen  443 ssl;
 
-    ssl_certificate      bitnami/certs/server.crt;
-    ssl_certificate_key  bitnami/certs/server.key;
+    ssl_certificate      bitnami/certs/tls.crt;
+    ssl_certificate_key  bitnami/certs/tls.key;
 
     include  "/opt/bitnami/nginx/conf/bitnami/*.conf";
 
diff --git a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh
index 26b18da3c3b6..81ee60d06442 100755
--- a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh
+++ b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh
@@ -37,6 +37,13 @@ nginx_patch_httpoxy_vulnerability() {
 # Remove unnecessary directories that come with the tarball
 rm -rf "${BITNAMI_ROOT_DIR}/certs" "${BITNAMI_ROOT_DIR}/server_blocks"
 
+# Context include directories
+NGINX_CONTEXT_INCLUDES=(
+    "main"
+    "events"
+    "http"
+)
+
 # Ensure non-root user has write permissions on a set of directories
 chmod g+w "$NGINX_BASE_DIR"
 for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGINX_SERVER_BLOCKS_DIR" "$NGINX_STREAM_SERVER_BLOCKS_DIR" "${NGINX_CONF_DIR}/bitnami" "${NGINX_CONF_DIR}/bitnami/certs" "$NGINX_LOGS_DIR" "$NGINX_TMP_DIR" "$NGINX_DEFAULT_CONF_DIR"; do
@@ -44,6 +51,14 @@ for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGIN
     chmod -R g+rwX "$dir"
 done
 
+# Create context.d directory and context include directories
+ensure_dir_exists "${NGINX_CONF_DIR}/context.d"
+chmod -R g+rwX "${NGINX_CONF_DIR}/context.d"
+for context in "${NGINX_CONTEXT_INCLUDES[@]}"; do
+    ensure_dir_exists "${NGINX_CONF_DIR}/context.d/${context}"
+    chmod -R g+rwX "${NGINX_CONF_DIR}/context.d/${context}"
+done
+
 # Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability
 nginx_patch_httpoxy_vulnerability
 
diff --git a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/setup.sh b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/setup.sh
index 4aaaf58b2555..ed3ddfc7e73e 100755
--- a/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/setup.sh
+++ b/bitnami/hubble-ui/0/debian-12/rootfs/opt/bitnami/scripts/nginx/setup.sh
@@ -36,7 +36,7 @@ nginx_custom_init_scripts
 ! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"
 
 # Configure HTTPS port number
-if [[ -f "${NGINX_CONF_DIR}/bitnami/certs/server.crt" ]] && [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ ! -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]] && is_file_writable "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"; then
+if [[ -f "${NGINX_CONF_DIR}/bitnami/certs/tls.crt" ]] && [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ ! -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]] && is_file_writable "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"; then
     cp "${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates/default-https-server-block.conf" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"
 fi