[bitnami/jenkins] Release 2.387.2-debian-11-r5 (#31147)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
2023-04-20 20:25:49 +02:00 · 2023-04-20 20:25:49 +02:00 · 6b12ee0459
parent 57f1bfa283
commit 6b12ee0459
6 changed files with 108 additions and 18 deletions
--- a/bitnami/jenkins/2/debian-11/Dockerfile
+++ b/bitnami/jenkins/2/debian-11/Dockerfile
@ -3,11 +3,12 @@ FROM docker.io/bitnami/minideb:bullseye
 ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security"
 ARG TARGETARCH

-LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \
-      org.opencontainers.image.created="2023-04-17T17:07:14Z" \
+LABEL com.vmware.cp.artifact.flavor="sha256:109c7d51bd69bb6b3df71017440c1ea0699454f81fe188056c083f0b57c96ea6" \
+      org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \
+      org.opencontainers.image.created="2023-04-20T17:57:13Z" \
      org.opencontainers.image.description="Application packaged by VMware, Inc" \
      org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="2.387.2-debian-11-r4" \
+      org.opencontainers.image.ref.name="2.387.2-debian-11-r5" \
      org.opencontainers.image.title="jenkins" \
      org.opencontainers.image.vendor="VMware, Inc." \
      org.opencontainers.image.version="2.387.2"
@ -23,9 +24,8 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN install_packages ca-certificates curl fontconfig git jq libfontconfig1 openssh-client procps unzip zlib1g
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
    COMPONENTS=( \
-      "render-template-1.0.5-4-linux-${OS_ARCH}-debian-11" \
-      "java-11.0.18-10-4-linux-${OS_ARCH}-debian-11" \
-      "gosu-1.16.0-5-linux-${OS_ARCH}-debian-11" \
+      "render-template-1.0.5-5-linux-${OS_ARCH}-debian-11" \
+      "java-11.0.19-7-0-linux-${OS_ARCH}-debian-11" \
      "jenkins-2.387.2-0-linux-${OS_ARCH}-debian-11" \
    ) && \
    for COMPONENT in "${COMPONENTS[@]}"; do \
--- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
@ -1,15 +1,9 @@
 {
-    "gosu": {
-        "arch": "amd64",
-        "distro": "debian-11",
-        "type": "NAMI",
-        "version": "1.16.0-5"
-    },
    "java": {
        "arch": "amd64",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "11.0.18-10-4"
+        "version": "11.0.19-7-0"
    },
    "jenkins": {
        "arch": "amd64",
@ -21,6 +15,6 @@
        "arch": "amd64",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "1.0.5-4"
+        "version": "1.0.5-5"
    }
 }
--- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh
+++ b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh
@ -553,3 +553,98 @@ get_root_disk_device_id() {
 get_root_disk_size() {
    fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true
 }
+
+########################
+# Run command as a specific user and group (optional)
+# Arguments:
+#   $1 - USER(:GROUP) to switch to
+#   $2..$n - command to execute
+# Returns:
+#   Exit code of the specified command
+#########################
+run_as_user() {
+    run_chroot "$@"
+}
+
+########################
+# Execute command as a specific user and group (optional),
+# replacing the current process image
+# Arguments:
+#   $1 - USER(:GROUP) to switch to
+#   $2..$n - command to execute
+# Returns:
+#   Exit code of the specified command
+#########################
+exec_as_user() {
+    run_chroot --replace-process "$@"
+}
+
+########################
+# Run a command using chroot
+# Arguments:
+#   $1 - USER(:GROUP) to switch to
+#   $2..$n - command to execute
+# Flags:
+#   -r | --replace-process - Replace the current process image (optional)
+# Returns:
+#   Exit code of the specified command
+#########################
+run_chroot() {
+    local userspec
+    local user
+    local homedir
+    local replace=false
+    local -r cwd="$(pwd)"
+
+    # Parse and validate flags
+    while [[ "$#" -gt 0 ]]; do
+        case "$1" in
+            -r | --replace-process)
+                replace=true
+                ;;
+            --)
+                shift
+                break
+                ;;
+            -*)
+                stderr_print "unrecognized flag $1"
+                return 1
+                ;;
+            *)
+                break
+                ;;
+        esac
+        shift
+    done
+
+    # Parse and validate arguments
+    if [[ "$#" -lt 2 ]]; then
+        echo "expected at least 2 arguments"
+        return 1
+    else
+        userspec=$1
+        shift
+
+        # userspec can optionally include the group, so we parse the user
+        user=$(echo "$userspec" | cut -d':' -f1)
+    fi
+
+    if ! am_i_root; then
+        error "Could not switch to '${userspec}': Operation not permitted"
+        return 1
+    fi
+
+    # Get the HOME directory for the user to switch, as chroot does
+    # not properly update this env and some scripts rely on it
+    homedir=$(eval echo "~${user}")
+    if [[ ! -d $homedir ]]; then
+        homedir="${HOME:-/}"
+    fi
+
+    # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion
+    if [[ "$replace" = true ]]; then
+        exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@"
+    else
+        chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@"
+    fi
+}
--- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/entrypoint.sh
+++ b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/entrypoint.sh
@ -32,6 +32,7 @@ if ! am_i_root; then
        echo "jenkins:x:$(id -u):$(id -g):Jenkins:${JENKINS_HOME}:/bin/false" >"$NSS_WRAPPER_PASSWD"
        echo "jenkins:x:$(id -g):" >"$NSS_WRAPPER_GROUP"
        chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+        export HOME="$JENKINS_HOME"
    fi
 fi

--- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/run.sh
+++ b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/run.sh
@ -42,7 +42,7 @@ args+=("$@")

 info "** Starting Jenkins **"
 if am_i_root; then
-    exec gosu "$JENKINS_DAEMON_USER" java "${args[@]}"
+    exec_as_user "$JENKINS_DAEMON_USER" java "${args[@]}"
 else
    exec java "${args[@]}"
 fi
--- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/libjenkins.sh
+++ b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/libjenkins.sh
@ -76,7 +76,7 @@ jenkins_start_bg() {
    if am_i_root; then
        touch "$JENKINS_LOG_FILE"
        configure_permissions_ownership "$JENKINS_LOG_FILE" -u "$JENKINS_DAEMON_USER" -g "$JENKINS_DAEMON_GROUP"
-        gosu "$JENKINS_DAEMON_USER" java "${args[@]}" >>"$JENKINS_LOG_FILE" 2>&1 &
+        run_as_user "$JENKINS_DAEMON_USER" java "${args[@]}" >>"$JENKINS_LOG_FILE" 2>&1 &
    else
        java "${args[@]}" >>"$JENKINS_LOG_FILE" 2>&1 &
    fi
@ -100,7 +100,7 @@ jenkins_cli_execute() {

    debug "Executing command: java ${args[*]}"
    if am_i_root; then
-        debug_execute gosu "$JENKINS_DAEMON_USER" java "${args[@]}"
+        debug_execute run_as_user "$JENKINS_DAEMON_USER" java "${args[@]}"
    else
        debug_execute java "${args[@]}"
    fi
@ -439,7 +439,7 @@ jenkins_install_plugins() {
            echo "$i" >> "$tmp_plugins_file"
        done
        if am_i_root; then
-            debug_execute gosu "$JENKINS_DAEMON_USER" java "${args[@]}"
+            debug_execute run_as_user "$JENKINS_DAEMON_USER" java "${args[@]}"
        else
            debug_execute java "${args[@]}"
        fi