From 68a7f6677affeab360315a9845f55427e6d25191 Mon Sep 17 00:00:00 2001
From: Bitnami Bot <bitnami-bot@vmware.com>
Date: Fri, 12 May 2023 17:03:14 +0100
Subject: [PATCH] [bitnami/appsmith] Release 1.9.19-debian-11-r0 (#33661)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
---
 bitnami/appsmith/1/debian-11/Dockerfile       | 10 +++---
 .../opt/bitnami/.bitnami_components.json      |  2 +-
 .../rootfs/opt/bitnami/scripts/libnginx.sh    | 31 +++++++++++++++++++
 .../rootfs/opt/bitnami/scripts/nginx-env.sh   |  2 ++
 .../rootfs/opt/bitnami/scripts/nginx/setup.sh | 19 +++---------
 bitnami/appsmith/1/debian-11/tags-info.yaml   |  2 +-
 bitnami/appsmith/README.md                    |  2 ++
 7 files changed, 46 insertions(+), 22 deletions(-)

diff --git a/bitnami/appsmith/1/debian-11/Dockerfile b/bitnami/appsmith/1/debian-11/Dockerfile
index 3097d1677890..234a86f47093 100644
--- a/bitnami/appsmith/1/debian-11/Dockerfile
+++ b/bitnami/appsmith/1/debian-11/Dockerfile
@@ -3,13 +3,13 @@ FROM docker.io/bitnami/minideb:bullseye
 ARG TARGETARCH
 
 LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \
-      org.opencontainers.image.created="2023-05-10T14:25:06Z" \
+      org.opencontainers.image.created="2023-05-12T14:58:02Z" \
       org.opencontainers.image.description="Application packaged by VMware, Inc" \
       org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="1.9.18-debian-11-r0" \
+      org.opencontainers.image.ref.name="1.9.19-debian-11-r0" \
       org.opencontainers.image.title="appsmith" \
       org.opencontainers.image.vendor="VMware, Inc." \
-      org.opencontainers.image.version="1.9.18"
+      org.opencontainers.image.version="1.9.19"
 
 ENV HOME="/" \
     OS_ARCH="${TARGETARCH:-amd64}" \
@@ -29,7 +29,7 @@ RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
       "nginx-1.23.4-3-linux-${OS_ARCH}-debian-11" \
       "mongodb-shell-1.8.2-0-linux-${OS_ARCH}-debian-11" \
       "java-17.0.7-7-1-linux-${OS_ARCH}-debian-11" \
-      "appsmith-1.9.18-0-linux-${OS_ARCH}-debian-11" \
+      "appsmith-1.9.19-0-linux-${OS_ARCH}-debian-11" \
     ) && \
     for COMPONENT in "${COMPONENTS[@]}"; do \
       if [ ! -f "${COMPONENT}.tar.gz" ]; then \
@@ -47,7 +47,7 @@ RUN chmod g+rwX /opt/bitnami
 COPY rootfs /
 RUN /opt/bitnami/scripts/nginx/postunpack.sh
 RUN /opt/bitnami/scripts/appsmith/postunpack.sh
-ENV APP_VERSION="1.9.18" \
+ENV APP_VERSION="1.9.19" \
     BITNAMI_APP_NAME="appsmith" \
     NGINX_HTTPS_PORT_NUMBER="" \
     NGINX_HTTP_PORT_NUMBER="" \
diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
index b28c85d3cb0c..6df652f2ec96 100644
--- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
@@ -3,7 +3,7 @@
         "arch": "amd64",
         "distro": "debian-11",
         "type": "NAMI",
-        "version": "1.9.18-0"
+        "version": "1.9.19-0"
     },
     "java": {
         "arch": "amd64",
diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh
index b622b2444474..d6c0c60f2cfb 100644
--- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh
+++ b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh
@@ -629,3 +629,34 @@ nginx_custom_init_scripts() {
         info "No custom scripts in $NGINX_INITSCRIPTS_DIR"
     fi
 }
+
+########################
+# Generate sample TLS certificates without passphrase for sample HTTPS server_block
+# Globals:
+#   NGINX_*
+# Arguments:
+#   None
+# Returns:
+#   None
+#########################
+nginx_generate_sample_certs() {
+    local certs_dir="${NGINX_CONF_DIR}/bitnami/certs"
+
+    if ! is_boolean_yes "$NGINX_SKIP_SAMPLE_CERTS" && [[ ! -f "${certs_dir}/server.crt" ]]; then
+        ensure_dir_exists "$certs_dir"
+        if is_file_writable "${certs_dir}/server.crt"; then
+            SSL_KEY_FILE="${certs_dir}/server.key"
+            SSL_CERT_FILE="${certs_dir}/server.crt"
+            SSL_CSR_FILE="${certs_dir}/server.csr"
+            SSL_SUBJ="/CN=example.com"
+            SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1"
+            rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE"
+            openssl genrsa -out "$SSL_KEY_FILE" 4096
+            openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"
+            openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT")
+            rm -f "$SSL_CSR_FILE"
+        else
+            warn "The certificates directories '${certs_dir}' is not writable, skipping sample HTTPS certificates generation"
+        fi
+    fi
+}
diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh
index 2abd9daf2453..dd1e5f738f51 100644
--- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh
+++ b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh
@@ -24,6 +24,7 @@ export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
 nginx_env_vars=(
     NGINX_HTTP_PORT_NUMBER
     NGINX_HTTPS_PORT_NUMBER
+    NGINX_SKIP_SAMPLE_CERTS
     NGINX_ENABLE_ABSOLUTE_REDIRECT
     NGINX_ENABLE_PORT_IN_REDIRECT
 )
@@ -70,6 +71,7 @@ export NGINX_HTTP_PORT_NUMBER="${NGINX_HTTP_PORT_NUMBER:-}"
 export WEB_SERVER_HTTP_PORT_NUMBER="$NGINX_HTTP_PORT_NUMBER"
 export NGINX_HTTPS_PORT_NUMBER="${NGINX_HTTPS_PORT_NUMBER:-}"
 export WEB_SERVER_HTTPS_PORT_NUMBER="$NGINX_HTTPS_PORT_NUMBER"
+export NGINX_SKIP_SAMPLE_CERTS="${NGINX_SKIP_SAMPLE_CERTS:-false}"
 export NGINX_ENABLE_ABSOLUTE_REDIRECT="${NGINX_ENABLE_ABSOLUTE_REDIRECT:-no}"
 export NGINX_ENABLE_PORT_IN_REDIRECT="${NGINX_ENABLE_PORT_IN_REDIRECT:-no}"
 
diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh
index 6618c4ceb867..506421c0bf36 100755
--- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh
+++ b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh
@@ -24,20 +24,9 @@ trap "nginx_stop" EXIT
 # Ensure NGINX daemon user exists when running as 'root'
 am_i_root && ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP"
 
-# Regenerate SSL certs (without a passphrase)
-ensure_dir_exists "${NGINX_CONF_DIR}/bitnami/certs"
-if [[ ! -f "${NGINX_CONF_DIR}/bitnami/certs/server.crt" ]]; then
-    SSL_KEY_FILE="${NGINX_CONF_DIR}/bitnami/certs/server.key"
-    SSL_CERT_FILE="${NGINX_CONF_DIR}/bitnami/certs/server.crt"
-    SSL_CSR_FILE="${NGINX_CONF_DIR}/bitnami/certs/server.csr"
-    SSL_SUBJ="/CN=example.com"
-    SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1"
-    rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE"
-    openssl genrsa -out "$SSL_KEY_FILE" 4096
-    openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"
-    openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT")
-    rm -f "$SSL_CSR_FILE"
-fi
+# Configure HTTPS sample block using generated SSL certs
+nginx_generate_sample_certs
+
 # Run init scripts
 nginx_custom_init_scripts
 
@@ -45,7 +34,7 @@ nginx_custom_init_scripts
 ! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"
 
 # Configure HTTPS port number
-if [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ ! -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]] && is_file_writable "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"; then
+if [[ -f "${NGINX_CONF_DIR}/bitnami/certs/server.crt" ]] && [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ ! -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]] && is_file_writable "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"; then
     cp "${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates/default-https-server-block.conf" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"
 fi
 
diff --git a/bitnami/appsmith/1/debian-11/tags-info.yaml b/bitnami/appsmith/1/debian-11/tags-info.yaml
index bb369670d36d..73de624ebdda 100644
--- a/bitnami/appsmith/1/debian-11/tags-info.yaml
+++ b/bitnami/appsmith/1/debian-11/tags-info.yaml
@@ -1,5 +1,5 @@
 rolling-tags:
 - "1"
 - 1-debian-11
-- 1.9.18
+- 1.9.19
 - latest
diff --git a/bitnami/appsmith/README.md b/bitnami/appsmith/README.md
index 311823f70819..dbc61e6e2595 100644
--- a/bitnami/appsmith/README.md
+++ b/bitnami/appsmith/README.md
@@ -29,6 +29,8 @@ docker-compose up -d
 * All Bitnami images available in Docker Hub are signed with [Docker Content Trust (DCT)](https://docs.docker.com/engine/security/trust/content_trust/). You can use `DOCKER_CONTENT_TRUST=1` to verify the integrity of the images.
 * Bitnami container images are released on a regular basis with the latest distribution packages available.
 
+Looking to use Appsmith in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog.
+
 ## Supported tags and respective `Dockerfile` links
 
 Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/).