public_git
/
bitnami-containers
mirror of https://github.com/bitnami/containers.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

2.0.0-debian-10-r0 release

This commit is contained in:
Bitnami Bot 2020-02-03 17:29:59 +00:00
parent 0343e9ba7a
commit 2340677859
22 changed files with 1329 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
bitnami/kong/2/debian-10/Dockerfile Normal file
View File

@ -0,0 +1,27 @@
FROM bitnami/minideb:buster
LABEL maintainer "Bitnami <containers@bitnami.com>"
ENV HOME="/" \
OS_ARCH="amd64" \
OS_FLAVOUR="debian-10" \
OS_NAME="linux"
COPY prebuildfs /
# Install required system packages and dependencies
RUN install_packages ca-certificates curl libc6 libgcc1 libpcre3 libssl1.1 libyaml-0-2 perl procps sudo unzip zlib1g
RUN . ./libcomponent.sh && component_unpack "kong" "2.0.0-0" --checksum 8c2ce230a991ffe822de8f451add6dfa6c4fbedd6d01f8bce94898ce1d821dc0
RUN apt-get update && apt-get upgrade && \
rm -r /var/lib/apt/lists /var/cache/apt/archives
RUN /build/install-gosu.sh
COPY rootfs /
RUN /postunpack.sh
ENV BITNAMI_APP_NAME="kong" \
BITNAMI_IMAGE_VERSION="2.0.0-debian-10-r0" \
PATH="/opt/bitnami/kong/bin:/opt/bitnami/kong/openresty/bin:/opt/bitnami/kong/openresty/luajit/bin:/opt/bitnami/kong/openresty/nginx/sbin:$PATH"
EXPOSE 8000 8001 8443 8444
USER 1001
ENTRYPOINT [ "/entrypoint.sh" ]
CMD [ "/run.sh" ]

22
bitnami/kong/2/debian-10/docker-compose.yml Normal file
View File

@ -0,0 +1,22 @@
version: '2'
services:
postgresql:
image: bitnami/postgresql:11
volumes:
- postgresql_data:/bitnami/postgresql
environment:
- POSTGRESQL_USERNAME=kong
- POSTGRESQL_PASSWORD=bitnami
- POSTGRESQL_DATABASE=kong
kong:
image: bitnami/kong:2
ports:
- 8000:8000
- 8443:8443
environment:
- KONG_MIGRATE=yes
- KONG_PG_HOST=postgresql
- KONG_PG_PASSWORD=bitnami
volumes:
postgresql_data:
driver: local

10
bitnami/kong/2/debian-10/prebuildfs/build/install-gosu.sh Executable file
View File

@ -0,0 +1,10 @@
#!/bin/bash
VERSION="1.11"
SHA256="0b843df6d86e270c5b0f5cbd3c326a04e18f4b7f9b8457fa497b0454c4b138d7"
curl --silent -L "https://github.com/tianon/gosu/releases/download/${VERSION}/gosu-amd64" > "/usr/local/bin/gosu"
echo "$SHA256" "/usr/local/bin/gosu" | sha256sum --check
chmod u+x "/usr/local/bin/gosu"
mkdir -p "/opt/bitnami/licenses"
curl --silent -L "https://raw.githubusercontent.com/tianon/gosu/master/LICENSE" > "/opt/bitnami/licenses/gosu-${VERSION}.txt"

50
bitnami/kong/2/debian-10/prebuildfs/libbitnami.sh Normal file
View File

@ -0,0 +1,50 @@
#!/bin/bash
#
# Bitnami custom library
# Load Generic Libraries
. /liblog.sh
# Constants
BOLD='\033[1m'
# Functions
########################
# Print the welcome page
# Globals:
# DISABLE_WELCOME_MESSAGE
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_welcome_page() {
if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then
if [[ -n "$BITNAMI_APP_NAME" ]]; then
print_image_welcome_page
fi
fi
}
########################
# Print the welcome page for a Bitnami Docker image
# Globals:
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_image_welcome_page() {
local github_url="https://github.com/bitnami/bitnami-docker-${BITNAMI_APP_NAME}"
log ""
log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}"
log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}"
log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}"
log "Send us your feedback at ${BOLD}containers@bitnami.com${RESET}"
log ""
}

64
bitnami/kong/2/debian-10/prebuildfs/libcomponent.sh Normal file
View File

@ -0,0 +1,64 @@
#!/bin/bash
#
# Library for managing Bitnami components
# Constants
CACHE_ROOT="/tmp/bitnami/pkg/cache"
DOWNLOAD_URL="https://downloads.bitnami.com/files/stacksmith"
# Functions
########################
# Download and unpack a Bitnami package
# Globals:
# OS_NAME
# OS_ARCH
# OS_FLAVOUR
# Arguments:
# $1 - component's name
# $2 - component's version
# Returns:
# None
#########################
component_unpack() {
local name="${1:?name is required}"
local version="${2:?version is required}"
local base_name="${name}-${version}-${OS_NAME}-${OS_ARCH}-${OS_FLAVOUR}"
local package_sha256=""
# Validate arguments
shift 2
while [ "$#" -gt 0 ]; do
case "$1" in
-c|--checksum)
shift
package_sha256="${1:?missing package checksum}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
echo "Downloading $base_name package"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz" ]; then
echo "${CACHE_ROOT}/${base_name}.tar.gz already exists, skipping download."
cp "${CACHE_ROOT}/${base_name}.tar.gz" .
rm "${CACHE_ROOT}/${base_name}.tar.gz"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz.sha256" ]; then
echo "Using the local sha256 from ${CACHE_ROOT}/${base_name}.tar.gz.sha256"
package_sha256="$(< "${CACHE_ROOT}/${base_name}.tar.gz.sha256")"
rm "${CACHE_ROOT}/${base_name}.tar.gz.sha256"
fi
else
curl --remote-name --silent "${DOWNLOAD_URL}/${base_name}.tar.gz"
fi
if [ -n "$package_sha256" ]; then
echo "Verifying package integrity"
echo "$package_sha256 ${base_name}.tar.gz" | sha256sum --check -
fi
tar --directory /opt/bitnami --extract --gunzip --file "${base_name}.tar.gz" --no-same-owner --strip-components=2 "${base_name}/files/"
rm "${base_name}.tar.gz"
}

22
bitnami/kong/2/debian-10/prebuildfs/libfile.sh Normal file
View File

@ -0,0 +1,22 @@
#!/bin/bash
#
# Library for managing files
# Functions
########################
# Ensure a line exists in the file by replacing a matching line.
# Arguments:
# $1 - filename
# $2 - line
# $3 - match
# Returns:
# None
#########################
file_contains_line() {
local filename="${1:?filename is required}"
local line="${2:?line is required}"
local match="${3:?match is required}"
sed --in-place "s/^$match\$/$line/" "$filename"
}

129
bitnami/kong/2/debian-10/prebuildfs/libfs.sh Normal file
View File

@ -0,0 +1,129 @@
#!/bin/bash
#
# Library for file system actions
# Load Generic Libraries
. /liblog.sh
# Functions
########################
# Ensure a file/directory is owned (user and group) but the given user
# Arguments:
# $1 - filepath
# $2 - owner
# Returns:
# None
#########################
owned_by() {
local path="${1:?path is missing}"
local owner="${2:?owner is missing}"
chown "$owner":"$owner" "$path"
}
########################
# Ensure a directory exists and, optionally, is owned by the given user
# Arguments:
# $1 - directory
# $2 - owner
# Returns:
# None
#########################
ensure_dir_exists() {
local dir="${1:?directory is missing}"
local owner="${2:-}"
mkdir -p "${dir}"
if [[ -n $owner ]]; then
owned_by "$dir" "$owner"
fi
}
########################
# Checks whether a directory is empty or not
# Arguments:
# $1 - directory
# Returns:
# Boolean
#########################
is_dir_empty() {
local dir="${1:?missing directory}"
if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then
true
else
false
fi
}
########################
# Configure permisions and ownership recursively
# Globals:
# None
# Arguments:
# $1 - paths (as a string).
# Flags:
# -f|--file-mode - mode for directories.
# -d|--dir-mode - mode for files.
# -u|--user - user
# -g|--group - group
# Returns:
# None
#########################
configure_permissions_ownership() {
local -r paths="${1:?paths is missing}"
local dir_mode=""
local file_mode=""
local user=""
local group=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-f|--file-mode)
shift
file_mode="${1:?missing mode for files}"
;;
-d|--dir-mode)
shift
dir_mode="${1:?missing mode for directories}"
;;
-u|--user)
shift
user="${1:?missing user}"
;;
-g|--group)
shift
group="${1:?missing group}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a filepaths <<< "$paths"
for p in "${filepaths[@]}"; do
if [[ -e "$p" ]]; then
if [[ -n $dir_mode ]]; then
find -L "$p" -type d -exec chmod "$dir_mode" {} \;
fi
if [[ -n $file_mode ]]; then
find -L "$p" -type f -exec chmod "$file_mode" {} \;
fi
if [[ -n $user ]] && [[ -n $group ]]; then
chown -LR "$user":"$group" "$p"
elif [[ -n $user ]] && [[ -z $group ]]; then
chown -LR "$user" "$p"
elif [[ -z $user ]] && [[ -n $group ]]; then
chgrp -LR "$group" "$p"
fi
else
stderr_print "$p does not exist"
fi
done
}

83
bitnami/kong/2/debian-10/prebuildfs/liblog.sh Normal file
View File

@ -0,0 +1,83 @@
#!/bin/bash
#
# Library for logging functions
# Constants
RESET='\033[0m'
RED='\033[38;5;1m'
GREEN='\033[38;5;2m'
YELLOW='\033[38;5;3m'
MAGENTA='\033[38;5;5m'
CYAN='\033[38;5;6m'
# Functions
########################
# Print to STDERR
# Arguments:
# Message to print
# Returns:
# None
#########################
stderr_print() {
printf "%b\\n" "${*}" >&2
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
log() {
stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}"
}
########################
# Log an 'info' message
# Arguments:
# Message to log
# Returns:
# None
#########################
info() {
log "${GREEN}INFO ${RESET} ==> ${*}"
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
warn() {
log "${YELLOW}WARN ${RESET} ==> ${*}"
}
########################
# Log an 'error' message
# Arguments:
# Message to log
# Returns:
# None
#########################
error() {
log "${RED}ERROR${RESET} ==> ${*}"
}
########################
# Log a 'debug' message
# Globals:
# BITNAMI_DEBUG
# Arguments:
# None
# Returns:
# None
#########################
debug() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local -r bool="${BITNAMI_DEBUG:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
log "${MAGENTA}DEBUG${RESET} ==> ${*}"
fi
}

44
bitnami/kong/2/debian-10/prebuildfs/libnet.sh Normal file
View File

@ -0,0 +1,44 @@
#!/bin/bash
#
# Library for network functions
# Functions
########################
# Resolve dns
# Arguments:
# $1 - Hostname to resolve
# Returns:
# IP
#########################
dns_lookup() {
local host="${1:?host is missing}"
getent ahosts "$host" | awk '/STREAM/ {print $1 }'
}
########################
# Get machine's IP
# Arguments:
# None
# Returns:
# Machine IP
#########################
get_machine_ip() {
dns_lookup "$(hostname)"
}
########################
# Check if the provided argument is a resolved hostname
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_hostname_resolved() {
local -r host="${1:?missing value}"
if [[ -n "$(dns_lookup "$host")" ]]; then
true
else
false
fi
}

132
bitnami/kong/2/debian-10/prebuildfs/libos.sh Normal file
View File

@ -0,0 +1,132 @@
#!/bin/bash
#
# Library for operating system actions
# Functions
########################
# Check if an user exists in the system
# Arguments:
# $1 - user
# Returns:
# Boolean
#########################
user_exists() {
local user="${1:?user is missing}"
id "$user" >/dev/null 2>&1
}
########################
# Check if a group exists in the system
# Arguments:
# $1 - group
# Returns:
# Boolean
#########################
group_exists() {
local group="${1:?group is missing}"
getent group "$group" >/dev/null 2>&1
}
########################
# Create a group in the system if it does not exist already
# Arguments:
# $1 - group
# Returns:
# None
#########################
ensure_group_exists() {
local group="${1:?group is missing}"
if ! group_exists "$group"; then
groupadd "$group" >/dev/null 2>&1
fi
}
########################
# Create an user in the system if it does not exist already
# Arguments:
# $1 - user
# $2 - group
# Returns:
# None
#########################
ensure_user_exists() {
local user="${1:?user is missing}"
local group="${2:-}"
if ! user_exists "$user"; then
useradd "$user" >/dev/null 2>&1
if [[ -n "$group" ]]; then
ensure_group_exists "$group"
usermod -a -G "$group" "$user" >/dev/null 2>&1
fi
fi
}
########################
# Check if the script is currently running as root
# Arguments:
# $1 - user
# $2 - group
# Returns:
# Boolean
#########################
am_i_root() {
if [[ "$(id -u)" = "0" ]]; then
true
else
false
fi
}
########################
# Get total memory available
# Arguments:
# None
# Returns:
# Memory in bytes
#########################
get_total_memory() {
echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024))
}
#########################
# Redirects output to /dev/null if debug mode is disabled
# Globals:
# BITNAMI_DEBUG
# Arguments:
# $@ - Command to execute
# Returns:
# None
#########################
debug_execute() {
if ${BITNAMI_DEBUG:-false}; then
"$@"
else
"$@" >/dev/null 2>&1
fi
}
########################
# Retries a command a given number of times
# Arguments:
# $1 - cmd (as a string)
# $2 - max retries. Default: 12
# $3 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
retry_while() {
local -r cmd="${1:?cmd is missing}"
local -r retries="${2:-12}"
local -r sleep_time="${3:-5}"
local return_value=1
read -r -a command <<< "$cmd"
for ((i = 1 ; i <= retries ; i+=1 )); do
"${command[@]}" && return_value=0 && break
sleep "$sleep_time"
done
return $return_value
}

57
bitnami/kong/2/debian-10/prebuildfs/libservice.sh Normal file
View File

@ -0,0 +1,57 @@
#!/bin/bash
#
# Library for managing services
# Functions
########################
# Read the provided pid file and returns a PID
# Arguments:
# $1 - Pid file
# Returns:
# PID
#########################
get_pid_from_file() {
local pid_file="${1:?pid file is missing}"
if [[ -f "$pid_file" ]]; then
if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then
echo "$(< "$pid_file")"
fi
fi
}
########################
# Check if a provided PID corresponds to a running service
# Arguments:
# $1 - PID
# Returns:
# Boolean
#########################
is_service_running() {
local pid="${1:?pid is missing}"
kill -0 "$pid" 2>/dev/null
}
########################
# Stop a service by sending a termination signal to its pid
# Arguments:
# $1 - Pid file
# Returns:
# None
#########################
stop_service_using_pid() {
local pid_file="${1:?pid file is missing}"
local pid
pid="$(get_pid_from_file "$pid_file")"
[[ -z "$pid" ]] || ! is_service_running "$pid" && return
kill "$pid"
local counter=10
while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do
sleep 1
counter=$((counter - 1))
done
}

246
bitnami/kong/2/debian-10/prebuildfs/libvalidations.sh Normal file
View File

@ -0,0 +1,246 @@
#!/bin/bash
#
# Validation functions library
# Load Generic Libraries
. /liblog.sh
# Functions
########################
# Check if the provided argument is an integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_int() {
local -r int="${1:?missing value}"
if [[ "$int" =~ ^-?[0-9]+ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a positive integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_positive_int() {
local -r int="${1:?missing value}"
if is_int "$int" && (( "${int}" >= 0 )); then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean or is the string 'yes/true'
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_boolean_yes() {
local -r bool="${1:-}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean yes/no value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_yes_no_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(yes|no)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean true/false value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_true_false_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(true|false)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is an empty string or not defined
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_empty_value() {
local -r val="${1:-}"
if [[ -z "$val" ]]; then
true
else
false
fi
}
########################
# Validate if the provided argument is a valid port
# Arguments:
# $1 - Port to validate
# Returns:
# Boolean and error message
#########################
validate_port() {
local value
local unprivileged=0
# Parse flags
while [[ "$#" -gt 0 ]]; do
case "$1" in
-unprivileged)
unprivileged=1
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [[ "$#" -gt 1 ]]; then
echo "too many arguments provided"
return 2
elif [[ "$#" -eq 0 ]]; then
stderr_print "missing port argument"
return 1
else
value=$1
fi
if [[ -z "$value" ]]; then
echo "the value is empty"
return 1
else
if ! is_int "$value"; then
echo "value is not an integer"
return 2
elif [[ "$value" -lt 0 ]]; then
echo "negative value provided"
return 2
elif [[ "$value" -gt 65535 ]]; then
echo "requested port is greater than 65535"
return 2
elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then
echo "privileged port requested"
return 3
fi
fi
}
########################
# Validate if the provided argument is a valid IPv4 address
# Arguments:
# $1 - IP to validate
# Returns:
# Boolean
#########################
validate_ipv4() {
local ip="${1:?ip is missing}"
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")"
[[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \
&& ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]]
stat=$?
fi
return $stat
}
########################
# Validate a string format
# Arguments:
# $1 - String to validate
# Returns:
# Boolean
#########################
validate_string() {
local string
local min_length=-1
local max_length=-1
# Parse flags
while [ "$#" -gt 0 ]; do
case "$1" in
-min-length)
shift
min_length=${1:-}
;;
-max-length)
shift
max_length=${1:-}
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [ "$#" -gt 1 ]; then
stderr_print "too many arguments provided"
return 2
elif [ "$#" -eq 0 ]; then
stderr_print "missing string"
return 1
else
string=$1
fi
if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then
echo "string length is less than $min_length"
return 1
fi
if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then
echo "string length is great than $max_length"
return 1
fi
}

47
bitnami/kong/2/debian-10/prebuildfs/libversion.sh Normal file
View File

@ -0,0 +1,47 @@
#!/bin/bash
#
# Library for managing versions strings
# Load Generic Libraries
. ./liblog.sh
# Functions
########################
# Gets semantic version
# Arguments:
# $1 - version: string to extract major.minor.patch
# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch
# Returns:
# array with the major, minor and release
#########################
get_sematic_version () {
local version="${1:?version is required}"
local section="${2:?section is required}"
local -a version_sections
#Regex to parse versions: x.y.z
local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?'
if [[ "$version" =~ $regex ]]; then
local i=1
local j=1
local n=${#BASH_REMATCH[*]}
while [[ $i -lt $n ]]; do
if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then
version_sections[$j]=${BASH_REMATCH[$i]}
((j++))
fi
((i++))
done
local number_regex='^[0-9]+$'
if [[ "$section" =~ $number_regex ]] && (( $section > 0 )) && (( $section <= 3 )); then
echo "${version_sections[$section]}"
return
else
stderr_print "Section allowed values are: 1, 2, and 3"
return 1
fi
fi
}

0
bitnami/kong/2/debian-10/prebuildfs/opt/bitnami/.exists Normal file
View File

26
bitnami/kong/2/debian-10/rootfs/entrypoint.sh Executable file
View File

@ -0,0 +1,26 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
#set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /libbitnami.sh
. /liblog.sh
. /libkong.sh
eval "$(kong_env)"
print_welcome_page
if [[ "$*" = *"/run.sh"* ]]; then
info "** Starting Kong setup **"
/setup.sh
info "** Kong setup finished! **"
fi
echo ""
exec "$@"

251
bitnami/kong/2/debian-10/rootfs/libkong.sh Normal file
View File

@ -0,0 +1,251 @@
#!/bin/bash
#
# Bitnami Kong library
# shellcheck disable=SC1090
# shellcheck disable=SC1091
# Load generic libraries
. /libfs.sh
. /liblog.sh
. /libnet.sh
. /libos.sh
. /libservice.sh
. /libvalidations.sh
########################
# Load global variables used for Kong configuration.
# Globals:
# KONG_*
# Arguments:
# None
# Returns:
# Series of exports to be used as 'eval' arguments
#########################
kong_env() {
# Avoid environment settings getting overridden twice
if [[ -n "${MODULE:-}" ]]; then
return
fi
cat <<"EOF"
# Bitnami debug
export MODULE=kong
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# Paths
export KONG_BASE_DIR="/opt/bitnami/kong"
export KONG_CONF_DIR="${KONG_BASE_DIR}/conf"
export KONG_SERVER_DIR="${KONG_BASE_DIR}/server"
export KONG_CONF_FILE="${KONG_CONF_DIR}/kong.conf"
export KONG_DEFAULT_CONF_FILE="${KONG_CONF_DIR}/kong.conf.default"
# Users
export KONG_DAEMON_USER="${KONG_DAEMON_USER:-kong}"
export KONG_DAEMON_GROUP="${KONG_DAEMON_GROUP:-kong}"
# Cluster settings
export KONG_MIGRATE="${KONG_MIGRATE:-no}"
# Port and service bind configurations for KONG_PROXY_LISTEN and KONG_ADMIN_LISTEN
# By setting these separately, we are consistent with other Bitnami solutions
# However it is still possible to directly set KONG_PROXY_LISTEN and KONG_ADMIN_LISTEN
export KONG_PROXY_LISTEN_ADDRESS="${KONG_PROXY_LISTEN_ADDRESS:-0.0.0.0}"
export KONG_PROXY_HTTP_PORT_NUMBER="${KONG_PROXY_HTTP_PORT_NUMBER:-8000}"
export KONG_PROXY_HTTPS_PORT_NUMBER="${KONG_PROXY_HTTPS_PORT_NUMBER:-8443}"
export KONG_ADMIN_LISTEN_ADDRESS="${KONG_ADMIN_LISTEN_ADDRESS:-127.0.0.1}"
export KONG_ADMIN_HTTP_PORT_NUMBER="${KONG_ADMIN_HTTP_PORT_NUMBER:-8001}"
export KONG_ADMIN_HTTPS_PORT_NUMBER="${KONG_ADMIN_HTTPS_PORT_NUMBER:-8444}"
# Kong configuration
# These environment variables are used by Kong and allow overriding values in its configuration file
export KONG_NGINX_DAEMON="off"
EOF
if am_i_root; then
cat <<"EOF"
export KONG_NGINX_USER="${KONG_DAEMON_USER} ${KONG_DAEMON_GROUP}"
EOF
fi
if [[ -f "${KONG_CASSANDRA_PASSWORD_FILE:-}" ]]; then
cat <<"EOF"
export KONG_CASSANDRA_PASSWORD="$(< "${KONG_CASSANDRA_PASSWORD_FILE}")"
EOF
fi
if [[ -f "${KONG_POSTGRESQL_PASSWORD_FILE:-}" ]]; then
cat <<"EOF"
export KONG_PG_PASSWORD="$(< "${KONG_POSTGRESQL_PASSWORD_FILE}")"
EOF
fi
# Compound environment variables that form a single Kong configuration entry
if [[ -n "${KONG_PROXY_LISTEN:-}" ]]; then
cat <<"EOF"
export KONG_PROXY_LISTEN_OVERRIDE="yes"
EOF
else
cat <<"EOF"
export KONG_PROXY_LISTEN="${KONG_PROXY_LISTEN_ADDRESS}:${KONG_PROXY_HTTP_PORT_NUMBER}, ${KONG_PROXY_LISTEN_ADDRESS}:${KONG_PROXY_HTTPS_PORT_NUMBER} ssl"
export KONG_PROXY_LISTEN_OVERRIDE="no"
EOF
fi
if [[ -n "${KONG_ADMIN_LISTEN:-}" ]]; then
cat <<"EOF"
export KONG_ADMIN_LISTEN_OVERRIDE="yes"
EOF
else
cat <<"EOF"
export KONG_ADMIN_LISTEN="${KONG_ADMIN_LISTEN_ADDRESS}:${KONG_ADMIN_HTTP_PORT_NUMBER}, ${KONG_ADMIN_LISTEN_ADDRESS}:${KONG_ADMIN_HTTPS_PORT_NUMBER} ssl"
export KONG_ADMIN_LISTEN_OVERRIDE="no"
EOF
fi
}
########################
# Validate settings in KONG_* environment variables
# Globals:
# KONG_*
# Arguments:
# None
# Returns:
# None
#########################
kong_validate() {
info "Validating settings in KONG_* env vars"
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code="1"
}
check_yes_no_value() {
if ! is_yes_no_value "${!1}"; then
print_validation_error "The allowed values for ${1} are [yes, no]"
fi
}
check_password_file() {
if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then
print_validation_error "The variable ${1} is defined but the file ${!1} is not accessible or does not exist"
fi
}
check_resolved_hostname() {
if ! is_hostname_resolved "$1"; then
warn "Hostname ${1} could not be resolved, this could lead to connection issues"
fi
}
check_allowed_port() {
local validate_port_args=()
! am_i_root && validate_port_args+=("-unprivileged")
if ! err="$(validate_port "${validate_port_args[@]}" "${!1}")"; then
print_validation_error "An invalid port was specified in the environment variable ${1}: ${err}"
fi
}
check_conflicting_ports() {
local -r total="$#"
for i in $(seq 1 "$((total - 1))"); do
for j in $(seq "$((i + 1))" "$total"); do
if (( "${!i}" == "${!j}" )); then
print_validation_error "${!i} and ${!j} are bound to the same port"
fi
done
done
}
check_yes_no_value KONG_MIGRATE
# Validate some of the supported environment variables used by Kong
# Database setting validations
if [[ "${KONG_DATABASE:-postgres}" = "postgres" ]]; then
# PostgreSQL is the default database type
check_password_file KONG_POSTGRESQL_PASSWORD_FILE
[[ -n "${KONG_PG_HOST:-}" ]] && check_resolved_hostname "${KONG_PG_HOST:-}"
if [[ -n "${!KONG_CASSANDRA_@}" ]]; then
warn "KONG_DATABASE is empty or set to 'postgres', so the following environment variables will be ignored: ${!KONG_CASSANDRA_@}"
fi
elif [[ "${KONG_DATABASE:-}" = "cassandra" ]]; then
check_password_file KONG_CASSANDRA_PASSWORD_FILE
for cassandra_contact_point in $(echo "${CASSANDRA_CONTACT_POINTS:-}" | sed -r 's/[, ]+/\n/'); do
check_resolved_hostname "${cassandra_contact_point}"
done
if [[ -n "${!KONG_PG_@}" ]]; then
warn "KONG_DATABASE is set to 'cassandra', so the following environment variables will be ignored: ${!KONG_PG_@}"
fi
elif [[ "${KONG_DATABASE:-}" = "off" ]]; then
warn "KONG_DATABASE is set to 'off', Kong will run but data will not be persisted"
else
print_validation_error "Wrong value '${KONG_DATABASE}' passed to KONG_DATABASE. Valid values: 'off', 'cassandra', 'postgres'"
fi
# Listen addresses and port validations
used_ports=()
if is_boolean_yes "$KONG_PROXY_LISTEN_OVERRIDE"; then
warn "KONG_PROXY_LISTEN was set, it will not be validated and the environment variables KONG_PROXY_LISTEN_ADDRESS, KONG_PROXY_HTTP_PORT_NUMBER and KONG_PROXY_HTTPS_PORT_NUMBER will be ignored"
else
used_ports+=(KONG_PROXY_HTTP_PORT_NUMBER KONG_PROXY_HTTPS_PORT_NUMBER)
if [[ "$KONG_PROXY_LISTEN_ADDRESS" != "0.0.0.0" && "$KONG_PROXY_LISTEN_ADDRESS" != "127.0.0.1" ]]; then
warn "Kong Proxy is set to listen at ${KONG_PROXY_LISTEN_ADDRESS} instead of 0.0.0.0 or 127.0.0.1, this could make Kong inaccessible"
fi
fi
if is_boolean_yes "$KONG_ADMIN_LISTEN_OVERRIDE"; then
warn "KONG_ADMIN_LISTEN was set, it will not be validated and the environment variables KONG_ADMIN_LISTEN_ADDRESS, KONG_ADMIN_HTTP_PORT_NUMBER and KONG_ADMIN_HTTPS_PORT_NUMBER will be ignored"
else
used_ports+=(KONG_ADMIN_HTTP_PORT_NUMBER KONG_ADMIN_HTTPS_PORT_NUMBER)
if [[ "$KONG_ADMIN_LISTEN_ADDRESS" != "127.0.0.1" ]]; then
warn "Kong Admin is set to listen at ${KONG_ADMIN_LISTEN_ADDRESS} instead of 127.0.0.1, opening it to the outside could make it insecure"
fi
fi
for port in "${used_ports[@]}"; do
check_allowed_port "${port}"
done
if [[ "${#used_ports[@]}" -ne 0 ]]; then
check_conflicting_ports "${used_ports[@]}"
fi
# Quit if any failures occurred
[[ "$error_code" -eq 0 ]] || exit "$error_code"
}
########################
# Ensure Kong is initialized
# Globals:
# KONG_*
# Arguments:
# None
# Returns:
# None
#########################
kong_initialize() {
info "Initializing Kong"
info "Waiting for database connection to succeed"
while ! kong_migrations_list_output="$(kong migrations list 2>&1)"; do
if is_boolean_yes "$KONG_MIGRATE" && [[ "$kong_migrations_list_output" =~ "Database needs bootstrapping"* ]]; then
break
fi
debug "$kong_migrations_list_output"
debug "Database is still not ready, will retry"
sleep 1
done
if is_boolean_yes "$KONG_MIGRATE"; then
info "Migrating database"
kong migrations bootstrap
while ! kong migrations list; do
debug "Error during the initial bootstrap for the database, will retry"
kong migrations up
kong migrations finish
done
fi
}

3
bitnami/kong/2/debian-10/rootfs/licenses/licenses.txt Normal file
View File

@ -0,0 +1,3 @@
Bitnami containers ship with software bundles. You can find the licenses under:
/opt/bitnami/nami/COPYING
/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt

70
bitnami/kong/2/debian-10/rootfs/postunpack.sh Executable file
View File

@ -0,0 +1,70 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
. /libfs.sh
. /libos.sh
. /libkong.sh
# Auxiliar functions
########################
# Set a configuration to Kong's configuration file
# Globals:
# KONG_CONF_FILE
# Arguments:
# $1 - key
# $2 - value
# Returns:
# None
#########################
kong_conf_set() {
local -r key="${1:?missing key}"
local -r value="${2:-}"
# Check if the value was commented or set before
if grep -q "^#*${key}\s*=[^#]*" "$KONG_CONF_FILE"; then
debug "Updating entry for property '${key}' in configuration file"
# Update the existing key (leave trailing space for comments)
sed -ri "s|^(#*${key}\s*=)[^#]*|\1 ${value} |" "$KONG_CONF_FILE"
else
debug "Adding new entry for property '${key}' in configuration file"
# Add a new key
printf '%s = %s\n' "$key" "$value" >>"$KONG_CONF_FILE"
fi
}
########################
# Uncomment non-empty entries in Kong configuration
# Globals:
# KONG_CONF_FILE
# Arguments:
# None
# Returns:
# None
#########################
kong_configure_non_empty_values() {
# Uncomment all non-empty keys in the main Kong configuration file
sed -ri 's/^#+([a-z_ ]+)=(\s*[^# ]+)/\1=\2 /' "$KONG_CONF_FILE"
}
# Load Kong environment variables
eval "$(kong_env)"
# Ensure users and groups used by Kong exist
ensure_user_exists "$KONG_DAEMON_USER" "$KONG_DAEMON_GROUP"
# Ensure directories used by Kong exist and have proper permissions
ensure_dir_exists "$KONG_SERVER_DIR"
chmod -R g+rwX "$KONG_SERVER_DIR" "$KONG_CONF_DIR"
# Copy configuration file and set default values
cp "$KONG_DEFAULT_CONF_FILE" "$KONG_CONF_FILE"
kong_conf_set prefix "$KONG_SERVER_DIR"
kong_conf_set nginx_daemon off
kong_conf_set lua_package_path
kong_conf_set nginx_user
kong_configure_non_empty_values

20
bitnami/kong/2/debian-10/rootfs/run.sh Executable file
View File

@ -0,0 +1,20 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /liblog.sh
. /libos.sh
. /libkong.sh
# Load Kong environment variables
eval "$(kong_env)"
info "** Starting Kong **"
exec kong start

22
bitnami/kong/2/debian-10/rootfs/setup.sh Executable file
View File

@ -0,0 +1,22 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /libos.sh
. /libkong.sh
# Load Kong environment variables
eval "$(kong_env)"
# Ensure Kong environment variables are valid
kong_validate
# Ensure file ownership is correct
am_i_root && chown -R "$KONG_DAEMON_USER":"$KONG_DAEMON_GROUP" "$KONG_SERVER_DIR" "$KONG_CONF_DIR"
# Ensure Kong is initialized
kong_initialize

8
bitnami/kong/README.md
View File

@ -51,10 +51,8 @@ Non-root container images add an extra layer of security and are generally recom
Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/).
* [`1-ol-7`, `1.5.0-ol-7-r9` (1/ol-7/Dockerfile)](https://github.com/bitnami/bitnami-docker-kong/blob/1.5.0-ol-7-r9/1/ol-7/Dockerfile)
* [`1-ol-7`, `1.5.0-ol-7-r0` (2/ol-7/Dockerfile)](https://github.com/bitnami/bitnami-docker-kong/blob/1.5.0-ol-7-r0/2/ol-7/Dockerfile)
* [`1-debian-10`, `1.5.0-debian-10-r8`, `1`, `1.5.0` (1/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-kong/blob/1.5.0-debian-10-r8/1/debian-10/Dockerfile)
* [`1-debian-10`, `1.5.0-debian-10-r0`, `1`, `1.5.0` (2/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-kong/blob/1.5.0-debian-10-r0/2/debian-10/Dockerfile)
* [`2-ol-7`, `2.0.0-ol-7-r0` (2/ol-7/Dockerfile)](https://github.com/bitnami/bitnami-docker-kong/blob/2.0.0-ol-7-r0/2/ol-7/Dockerfile)
* [`2-debian-10`, `2.0.0-debian-10-r0`, `2`, `2.0.0`, `latest` (2/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-kong/blob/2.0.0-debian-10-r0/2/debian-10/Dockerfile)
Subscribe to project updates by watching the [bitnami/kong GitHub repo](https://github.com/bitnami/bitnami-docker-kong).
@ -75,7 +73,7 @@ $ docker pull bitnami/kong:[TAG]
If you wish, you can also build the image yourself.
```bash
$ docker build -t bitnami/kong:latest 'https://github.com/bitnami/bitnami-docker-kong.git#master:2/debian-10'
```
# Connecting to other containers

2
bitnami/kong/docker-compose.yml
View File

@ -9,7 +9,7 @@ services:
- POSTGRESQL_PASSWORD=bitnami
- POSTGRESQL_DATABASE=kong
kong:
image: bitnami/kong:1
image: bitnami/kong:2
ports:
- 8000:8000
- 8443:8443