From bb5f1b04027c4159864309e0fc540da7606f4222 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Mon, 16 Jan 2023 11:26:03 +0100 Subject: [PATCH] [bitnami/harbor-portal] Release 2.7.0-debian-11-r10 (#20439) Signed-off-by: Bitnami Containers Signed-off-by: Bitnami Containers --- bitnami/harbor-portal/2/debian-11/Dockerfile | 2 +- .../scripts/harbor-portal/postunpack.sh | 2 +- .../rootfs/opt/bitnami/scripts/libharbor.sh | 34 ++++++++++++++----- 3 files changed, 28 insertions(+), 10 deletions(-) diff --git a/bitnami/harbor-portal/2/debian-11/Dockerfile b/bitnami/harbor-portal/2/debian-11/Dockerfile index 34fb1b673e81..e7d442232f44 100644 --- a/bitnami/harbor-portal/2/debian-11/Dockerfile +++ b/bitnami/harbor-portal/2/debian-11/Dockerfile @@ -5,7 +5,7 @@ ARG TARGETARCH LABEL org.opencontainers.image.authors="https://bitnami.com/contact" \ org.opencontainers.image.description="Application packaged by Bitnami" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.7.0-debian-11-r9" \ + org.opencontainers.image.ref.name="2.7.0-debian-11-r10" \ org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/harbor-portal" \ org.opencontainers.image.title="harbor-portal" \ org.opencontainers.image.vendor="VMware, Inc." \ diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/postunpack.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/postunpack.sh index 9fc1740bcddb..c2fb37fb3d23 100755 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/postunpack.sh +++ b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/postunpack.sh @@ -28,7 +28,7 @@ for dir in "${NGINX_BASE_DIR}/client_body_temp" "${NGINX_BASE_DIR}/proxy_temp" " done # Ensure permissions for Internal TLS -configure_permissions_system_certs +configure_permissions_system_certs "$HARBOR_PORTAL_DAEMON_USER" # Loading bitnami paths replace_in_file "$HARBOR_PORTAL_NGINX_CONF_FILE" "/usr/share/nginx/html" "${HARBOR_PORTAL_BASE_DIR}" false diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh index 83abacca383b..ecf190eb4a84 100644 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh +++ b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh @@ -48,16 +48,34 @@ get_system_cert_paths() { # None ######################### configure_permissions_system_certs() { - if [[ -f /etc/pki/tls/certs/ca-bundle.crt ]]; then - chmod g+w /etc/pki/tls/certs/ca-bundle.crt - fi + local -r owner="${1:-}" + # Debian + set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.crt" "$owner" + # Centos/Phonton + set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.trust.crt" "$owner" + set_permissions_ownership "/etc/ssl/certs/ca-certificates.crt" "$owner" +} - if [[ -f /etc/pki/tls/certs/ca-bundle.trust.crt ]]; then - chmod g+w /etc/pki/tls/certs/ca-bundle.trust.crt - fi +######################## +# Grant group write permissions to the file provided and change ownership if a the owner argument is set. +# If the path is not a file, then do nothing. +# Globals: +# OS_FLAVOUR +# Arguments: +# $1 - path +# $2 - owner +# Returns: +# None +######################### +set_permissions_ownership() { + local -r path="${1:?path is missing}" + local -r owner="${2:-}" - if [[ -f /etc/ssl/certs/ca-certificates.crt ]]; then - chmod g+w /etc/ssl/certs/ca-certificates.crt + if [[ -f "$path" ]]; then + chmod g+w "$path" + if [[ -n "$owner" ]]; then + chown "$owner" "$path" + fi fi }