From 9c7eb4e1e7d328760bdbc6d92121b1456aebb3a7 Mon Sep 17 00:00:00 2001
From: Bitnami Bot <bitnami.bot@broadcom.com>
Date: Tue, 3 Mar 2026 10:41:20 +0100
Subject: [PATCH] [bitnami/phpmyadmin] Release 5.2.3-debian-12-r16 (#91212)

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>
---
 bitnami/phpmyadmin/5/debian-12/Dockerfile     |  14 +-
 .../bitnami/scripts/libpostgresqlclient.sh    | 424 ++++++++++++++++++
 .../bitnami/scripts/postgresql-client-env.sh  |  88 ++++
 .../scripts/postgresql-client/setup.sh        |  21 +
 bitnami/phpmyadmin/README.md                  |  40 +-
 5 files changed, 561 insertions(+), 26 deletions(-)
 create mode 100644 bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh
 create mode 100644 bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/postgresql-client-env.sh
 create mode 100755 bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh

diff --git a/bitnami/phpmyadmin/5/debian-12/Dockerfile b/bitnami/phpmyadmin/5/debian-12/Dockerfile
index c7f10751cfd9..990650d5c081 100644
--- a/bitnami/phpmyadmin/5/debian-12/Dockerfile
+++ b/bitnami/phpmyadmin/5/debian-12/Dockerfile
@@ -7,7 +7,7 @@ ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith"
 ARG TARGETARCH
 
 LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \
-      org.opencontainers.image.created="2026-02-24T21:18:00Z" \
+      org.opencontainers.image.created="2026-03-03T09:27:17Z" \
       org.opencontainers.image.description="Application packaged by Broadcom, Inc." \
       org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/phpmyadmin/README.md" \
       org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/phpmyadmin" \
@@ -29,12 +29,12 @@ RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \
     mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \
     COMPONENTS=( \
       "render-template-1.0.9-162-linux-${OS_ARCH}-debian-12" \
-      "php-8.4.18-3-linux-${OS_ARCH}-debian-12" \
-      "apache-2.4.66-0-linux-${OS_ARCH}-debian-12" \
+      "php-8.4.18-7-linux-${OS_ARCH}-debian-12" \
+      "apache-2.4.66-1-linux-${OS_ARCH}-debian-12" \
       "mysql-client-12.2.2-0-linux-${OS_ARCH}-debian-12" \
-      "postgresql-client-18.2.0-0-linux-${OS_ARCH}-debian-12" \
-      "libphp-8.4.18-3-linux-${OS_ARCH}-debian-12" \
-      "phpmyadmin-5.2.3-1-linux-${OS_ARCH}-debian-12" \
+      "postgresql-client-18.3.0-0-linux-${OS_ARCH}-debian-12" \
+      "libphp-8.4.18-5-linux-${OS_ARCH}-debian-12" \
+      "phpmyadmin-5.2.3-2-linux-${OS_ARCH}-debian-12" \
     ) ; \
     for COMPONENT in "${COMPONENTS[@]}"; do \
       if [ ! -f "${COMPONENT}.tar.gz" ]; then \
@@ -60,7 +60,7 @@ ENV APACHE_HTTPS_PORT_NUMBER="" \
     APACHE_HTTP_PORT_NUMBER="" \
     APP_VERSION="5.2.3" \
     BITNAMI_APP_NAME="phpmyadmin" \
-    IMAGE_REVISION="15" \
+    IMAGE_REVISION="16" \
     LD_LIBRARY_PATH="/opt/bitnami/postgresql/lib:$LD_LIBRARY_PATH" \
     PATH="/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/apache/bin:/opt/bitnami/mysql/bin:/opt/bitnami/postgresql/bin:$PATH"
 
diff --git a/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh b/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh
new file mode 100644
index 000000000000..65238dfff60b
--- /dev/null
+++ b/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh
@@ -0,0 +1,424 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+#
+# Bitnami PostgreSQL Client library
+
+# shellcheck disable=SC1091
+
+# Load Generic Libraries
+. /opt/bitnami/scripts/liblog.sh
+. /opt/bitnami/scripts/libos.sh
+. /opt/bitnami/scripts/libvalidations.sh
+
+########################
+# Validate settings in POSTGRESQL_CLIENT_* environment variables
+# Globals:
+#   POSTGRESQL_CLIENT_*
+# Arguments:
+#   None
+# Returns:
+#   None
+#########################
+postgresql_client_validate() {
+    info "Validating settings in POSTGRESQL_CLIENT_* env vars"
+    local error_code=0
+
+    # Auxiliary functions
+    print_validation_error() {
+        error "$1"
+        error_code=1
+    }
+
+    empty_password_enabled_warn() {
+        warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment."
+    }
+    empty_password_error() {
+        print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development."
+    }
+
+    # Only validate environment variables if any action needs to be performed
+    local -a database_names
+    read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")"
+    if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then
+        if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then
+            empty_password_enabled_warn
+        else
+            if [[ -z "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" ]]; then
+                empty_password_error "POSTGRESQL_CLIENT_POSTGRES_PASSWORD"
+            fi
+            if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && [[ -z "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then
+                empty_password_error "POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD"
+            fi
+        fi
+    fi
+    # When enabling extensions, the DB name must be provided
+    local -a extensions
+    read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")"
+    if [[ "${#database_names[@]}" -le 0 && "${#extensions[@]}" -gt 0 ]]; then
+        print_validation_error "POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS requires POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES to be set."
+    fi
+    return "$error_code"
+}
+
+########################
+# Perform actions to a database
+# Globals:
+#   POSTGRESQL_CLIENT_*
+# Arguments:
+#   None
+# Returns:
+#   None
+#########################
+postgresql_client_initialize() {
+    local -a database_names
+    read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")"
+    # Wait for the database to be accessible if any action needs to be performed
+    if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then
+        info "Trying to connect to the database server"
+        check_postgresql_connection() {
+            echo "SELECT 1" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD"
+        }
+        if ! retry_while "check_postgresql_connection"; then
+            error "Could not connect to the database server"
+            return 1
+        fi
+    fi
+    # Ensure a database user exists in the server
+    if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]]; then
+        info "Creating database user ${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME}"
+        local -a args=("$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER")
+        [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD")
+        postgresql_ensure_user_exists "${args[@]}"
+    fi
+    # Ensure a database exists in the server (and that the user has write privileges, if specified)
+    if [[ "${#database_names[@]}" -gt 0 ]]; then
+        local -a createdb_args extensions
+        read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")"
+        for database_name in "${database_names[@]}"; do
+            info "Creating database ${database_name}"
+            createdb_args=("$database_name" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER")
+            [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && createdb_args+=("-u" "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME")
+            postgresql_ensure_database_exists "${createdb_args[@]}"
+            # Ensure the list of extensions are enabled in the specified database
+            if [[ "${#extensions[@]}" -gt 0 ]]; then
+                for extension_to_create in "${extensions[@]}"; do
+                    echo "CREATE EXTENSION IF NOT EXISTS ${extension_to_create}" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "$database_name" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD"
+                done
+            fi
+        done
+    fi
+    # Execute a custom SQL script
+    if [[ -n "$POSTGRESQL_CLIENT_EXECUTE_SQL" ]]; then
+        info "Executing custom SQL script"
+        echo "$POSTGRESQL_CLIENT_EXECUTE_SQL" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD"
+    fi
+    # Avoid exit code of previous commands to affect the result of this function
+    true
+}
+
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC2148
+
+########################
+# Return PostgreSQL major version
+# Globals:
+#   POSTGRESQL_*
+# Arguments:
+#   None
+# Returns:
+#   String
+#########################
+postgresql_get_major_version() {
+    psql --version | grep -oE "[0-9]+\.[0-9]+" | grep -oE "^[0-9]+"
+}
+
+########################
+# Gets an environment variable name based on the suffix
+# Arguments:
+#   $1 - environment variable suffix
+# Returns:
+#   environment variable name
+#########################
+get_env_var_value() {
+    local env_var_suffix="${1:?missing suffix}"
+    local env_var_name
+    for env_var_prefix in POSTGRESQL POSTGRESQL_CLIENT; do
+        env_var_name="${env_var_prefix}_${env_var_suffix}"
+        if [[ -n "${!env_var_name:-}" ]]; then
+            echo "${!env_var_name}"
+            break
+        fi
+    done
+}
+
+########################
+# Execute an arbitrary query/queries against the running PostgreSQL service and print the output
+# Stdin:
+#   Query/queries to execute
+# Globals:
+#   BITNAMI_DEBUG
+#   POSTGRESQL_*
+# Arguments:
+#   $1 - Database where to run the queries
+#   $2 - User to run queries
+#   $3 - Password
+#   $4 - Extra options (eg. -tA)
+# Returns:
+#   None
+#########################
+postgresql_execute_print_output() {
+    local -r db="${1:-}"
+    local -r user="${2:-postgres}"
+    local -r pass="${3:-}"
+    local opts
+    read -r -a opts <<<"${@:4}"
+
+    local args=("-U" "$user" "-p" "${POSTGRESQL_PORT_NUMBER:-5432}" "-h" "127.0.0.1")
+    [[ -n "$db" ]] && args+=("-d" "$db")
+    [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}")
+
+    # Execute the Query/queries from stdin
+    PGPASSWORD=$pass psql "${args[@]}"
+}
+
+########################
+# Execute an arbitrary query/queries against the running PostgreSQL service
+# Stdin:
+#   Query/queries to execute
+# Globals:
+#   BITNAMI_DEBUG
+#   POSTGRESQL_*
+# Arguments:
+#   $1 - Database where to run the queries
+#   $2 - User to run queries
+#   $3 - Password
+#   $4 - Extra options (eg. -tA)
+# Returns:
+#   None
+#########################
+postgresql_execute() {
+    if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then
+        "postgresql_execute_print_output" "$@"
+    elif [[ "${NO_ERRORS:-false}" = true ]]; then
+        "postgresql_execute_print_output" "$@" 2>/dev/null
+    else
+        "postgresql_execute_print_output" "$@" >/dev/null 2>&1
+    fi
+}
+
+########################
+# Execute an arbitrary query/queries against a remote PostgreSQL service and print to stdout
+# Stdin:
+#   Query/queries to execute
+# Globals:
+#   BITNAMI_DEBUG
+#   DB_*
+# Arguments:
+#   $1 - Remote PostgreSQL service hostname
+#   $2 - Remote PostgreSQL service port
+#   $3 - Database where to run the queries
+#   $4 - User to run queries
+#   $5 - Password
+#   $6 - Extra options (eg. -tA)
+# Returns:
+#   None
+postgresql_remote_execute_print_output() {
+    local -r hostname="${1:?hostname is required}"
+    local -r port="${2:?port is required}"
+    local -a args=("-h" "$hostname" "-p" "$port")
+    shift 2
+    "postgresql_execute_print_output" "$@" "${args[@]}"
+}
+
+########################
+# Execute an arbitrary query/queries against a remote PostgreSQL service
+# Stdin:
+#   Query/queries to execute
+# Globals:
+#   BITNAMI_DEBUG
+#   DB_*
+# Arguments:
+#   $1 - Remote PostgreSQL service hostname
+#   $2 - Remote PostgreSQL service port
+#   $3 - Database where to run the queries
+#   $4 - User to run queries
+#   $5 - Password
+#   $6 - Extra options (eg. -tA)
+# Returns:
+#   None
+postgresql_remote_execute() {
+    if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then
+        "postgresql_remote_execute_print_output" "$@"
+    elif [[ "${NO_ERRORS:-false}" = true ]]; then
+        "postgresql_remote_execute_print_output" "$@" 2>/dev/null
+    else
+        "postgresql_remote_execute_print_output" "$@" >/dev/null 2>&1
+    fi
+}
+
+########################
+# Optionally create the given database user
+# Flags:
+#   -p|--password - database password
+#   --host - database host
+#   --port - database port
+# Arguments:
+#   $1 - user
+# Returns:
+#   None
+#########################
+postgresql_ensure_user_exists() {
+    local -r user="${1:?user is missing}"
+    local password=""
+    # For accessing an external database
+    local db_host=""
+    local db_port=""
+
+    # Validate arguments
+    shift 1
+    while [ "$#" -gt 0 ]; do
+        case "$1" in
+        -p | --password)
+            shift
+            password="${1:?missing password}"
+            ;;
+        --host)
+            shift
+            db_host="${1:?missing database host}"
+            ;;
+        --port)
+            shift
+            db_port="${1:?missing database port}"
+            ;;
+        *)
+            echo "Invalid command line flag $1" >&2
+            return 1
+            ;;
+        esac
+        shift
+    done
+
+    local -a postgresql_execute_cmd=("postgresql_execute")
+    [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port")
+    local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)")
+
+    "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <<EOF
+DO
+\$do\$
+BEGIN
+   IF NOT EXISTS (
+      SELECT FROM pg_catalog.pg_roles WHERE rolname = '${user}'
+   ) THEN
+      CREATE ROLE "${user}" LOGIN PASSWORD '${password}';
+   END IF;
+END
+\$do\$;
+EOF
+}
+
+########################
+# Ensure a user has all privileges to access a database
+# Arguments:
+#   $1 - database name
+#   $2 - database user
+#   $3 - database host (optional)
+#   $4 - database port (optional)
+# Returns:
+#   None
+#########################
+postgresql_ensure_user_has_database_privileges() {
+    local -r user="${1:?user is required}"
+    local -r database="${2:?db is required}"
+    local -r db_host="${3:-}"
+    local -r db_port="${4:-}"
+
+    local -a postgresql_execute_cmd=("postgresql_execute")
+    [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port")
+    local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)")
+
+    debug "Providing privileges to username ${user} on database ${database}"
+    "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <<EOF
+GRANT ALL PRIVILEGES ON DATABASE "${database}" TO "${user}";
+ALTER DATABASE "${database}" OWNER TO "${user}";
+EOF
+}
+
+########################
+# Optionally create the given database, and then optionally give a user
+# full privileges on the database.
+# Flags:
+#   -u|--user - database user
+#   --host - database host
+#   --port - database port
+# Arguments:
+#   $1 - database name
+# Returns:
+#   None
+#########################
+postgresql_ensure_database_exists() {
+    local -r database="${1:?database is missing}"
+    local user=""
+    # For accessing an external database
+    local db_host=""
+    local db_port=""
+
+    # Validate arguments
+    shift 1
+    while [ "$#" -gt 0 ]; do
+        case "$1" in
+        -u | --user)
+            shift
+            user="${1:?missing database user}"
+            ;;
+        --host)
+            shift
+            db_host="${1:?missing database host}"
+            ;;
+        --port)
+            shift
+            db_port="${1:?missing database port}"
+            ;;
+        *)
+            echo "Invalid command line flag $1" >&2
+            return 1
+            ;;
+        esac
+        shift
+    done
+
+    local -a postgresql_execute_cmd=("postgresql_execute")
+    [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port")
+    local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)")
+
+    "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <<EOF
+SELECT 'CREATE DATABASE "${database}"'
+WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '${database}')\gexec
+EOF
+    if [[ -n "$user" ]]; then
+        local -a grant_flags=("$user" "$database")
+        [[ -n "$db_host" ]] && grant_flags+=("$db_host")
+        [[ -n "$db_port" ]] && grant_flags+=("$db_port")
+        postgresql_ensure_user_has_database_privileges "${grant_flags[@]}"
+    fi
+}
+
+########################
+# Retrieves the WAL directory in use by PostgreSQL / to use if not initialized yet
+# Globals:
+#   REPMGR_*
+# Arguments:
+#   None
+# Returns:
+#   the path to the WAL directory, or empty if not set
+#########################
+postgresql_get_waldir() {
+    if [[ -L "${POSTGRESQL_DATA_DIR}/pg_wal" && -d "${POSTGRESQL_DATA_DIR}/pg_wal" ]]; then
+        readlink -f "${POSTGRESQL_DATA_DIR}/pg_wal"
+    else
+        # Uninitialized - using value from $POSTGRESQL_INITDB_WAL_DIR if set
+        echo "$POSTGRESQL_INITDB_WAL_DIR"
+    fi
+}
diff --git a/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/postgresql-client-env.sh b/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/postgresql-client-env.sh
new file mode 100644
index 000000000000..40015070a445
--- /dev/null
+++ b/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/postgresql-client-env.sh
@@ -0,0 +1,88 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+#
+# Environment configuration for postgresql-client
+
+# The values for all environment variables will be set in the below order of precedence
+# 1. Custom environment variables defined below after Bitnami defaults
+# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
+# 3. Environment variables overridden via external files using *_FILE variables (see below)
+# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
+
+# Load logging library
+# shellcheck disable=SC1090,SC1091
+. /opt/bitnami/scripts/liblog.sh
+
+export BITNAMI_ROOT_DIR="/opt/bitnami"
+export BITNAMI_VOLUME_DIR="/bitnami"
+
+# Logging configuration
+export MODULE="${MODULE:-postgresql-client}"
+export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
+
+# By setting an environment variable matching *_FILE to a file path, the prefixed environment
+# variable will be overridden with the value specified in that file
+postgresql_client_env_vars=(
+    ALLOW_EMPTY_PASSWORD
+    POSTGRESQL_CLIENT_DATABASE_HOST
+    POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER
+    POSTGRESQL_CLIENT_POSTGRES_USER
+    POSTGRESQL_CLIENT_POSTGRES_PASSWORD
+    POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES
+    POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME
+    POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD
+    POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS
+    POSTGRESQL_CLIENT_EXECUTE_SQL
+    POSTGRESQL_HOST
+    POSTGRESQL_PORT_NUMBER
+    POSTGRESQL_CLIENT_ROOT_USER
+    POSTGRESQL_POSTGRES_USER
+    POSTGRESQL_ROOT_USER
+    POSTGRESQL_CLIENT_ROOT_PASSWORD
+    POSTGRESQL_POSTGRES_PASSWORD
+    POSTGRESQL_ROOT_PASSWORD
+    POSTGRESQL_CLIENT_CREATE_DATABASE_NAME
+    POSTGRESQL_CLIENT_CREATE_DATABASE_USER
+)
+for env_var in "${postgresql_client_env_vars[@]}"; do
+    file_env_var="${env_var}_FILE"
+    if [[ -n "${!file_env_var:-}" ]]; then
+        if [[ -r "${!file_env_var:-}" ]]; then
+            export "${env_var}=$(< "${!file_env_var}")"
+            unset "${file_env_var}"
+        else
+            warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
+        fi
+    fi
+done
+unset postgresql_client_env_vars
+
+# Paths
+export POSTGRESQL_BASE_DIR="/opt/bitnami/postgresql"
+export POSTGRESQL_BIN_DIR="$POSTGRESQL_BASE_DIR/bin"
+export PATH="${POSTGRESQL_BIN_DIR}:${PATH}"
+
+# PostgreSQL settings
+export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}"
+POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-"${POSTGRESQL_HOST:-}"}"
+export POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-postgresql}"
+POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-"${POSTGRESQL_PORT_NUMBER:-}"}"
+export POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-5432}"
+POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_CLIENT_ROOT_USER:-}"}"
+POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_POSTGRES_USER:-}"}"
+POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_ROOT_USER:-}"}"
+export POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-postgres}" # only used during the first initialization
+POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_CLIENT_ROOT_PASSWORD:-}"}"
+POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_POSTGRES_PASSWORD:-}"}"
+POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_ROOT_PASSWORD:-}"}"
+export POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-}" # only used during the first initialization
+POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_NAME:-}"}"
+export POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-}" # only used during the first initialization
+POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_USER:-}"}"
+export POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-}" # only used during the first initialization
+export POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD="${POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" # only used during the first initialization
+export POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS="${POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS:-}" # only used during the first initialization
+export POSTGRESQL_CLIENT_EXECUTE_SQL="${POSTGRESQL_CLIENT_EXECUTE_SQL:-}" # only used during the first initialization
+
+# Custom environment variables may be defined below
diff --git a/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh b/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh
new file mode 100755
index 000000000000..3b04711ab8d2
--- /dev/null
+++ b/bitnami/phpmyadmin/5/debian-12/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libpostgresqlclient.sh
+
+# Load PostgreSQL Client environment variables
+. /opt/bitnami/scripts/postgresql-client-env.sh
+
+# Ensure PostgreSQL Client environment variables settings are valid
+postgresql_client_validate
+# Ensure PostgreSQL Client is initialized
+postgresql_client_initialize
diff --git a/bitnami/phpmyadmin/README.md b/bitnami/phpmyadmin/README.md
index 5db66e4797d4..90ac0bc1df15 100644
--- a/bitnami/phpmyadmin/README.md
+++ b/bitnami/phpmyadmin/README.md
@@ -1,15 +1,13 @@
 # Bitnami Secure Image for phpMyAdmin
 
-## What is phpMyAdmin?
-
 > phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB.
 
 [Overview of phpMyAdmin](https://www.phpmyadmin.net/)
 Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
 
-## TL;DR
+## <a id="tl-dr"></a> TL;DR
 
-### Docker Compose
+### <a id="docker-compose"></a> Docker Compose
 
 ```console
 docker run --name phpmyadmin bitnami/phpmyadmin:latest
@@ -17,7 +15,7 @@ docker run --name phpmyadmin bitnami/phpmyadmin:latest
 
 You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section.
 
-## Why use Bitnami Secure Images?
+## <a id="why-use-bitnami-secure-images"></a> Why use Bitnami Secure Images?
 
 Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images?
 
@@ -34,23 +32,23 @@ Each image comes with valuable security metadata. You can view the metadata in [
 
 If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy).
 
-## How to deploy phpMyAdmin in Kubernetes?
+## <a id="how-to-deploy-in-kubernetes"></a> How to deploy phpMyAdmin in Kubernetes?
 
 Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami phpMyAdmin Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/phpmyadmin).
 
-## Supported tags and respective `Dockerfile` links
+## <a id="supported-tags"></a> Supported tags and respective `Dockerfile` links
 
 Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html).
 
-## How to use this image
+## <a id="how-to-use-this-image"></a> How to use this image
 
 phpMyAdmin requires access to a MySQL database or MariaDB database to work. We'll use the [Bitnami MariaDB image](https://github.com/bitnami/containers/tree/main/bitnami/mariadb).
 
-### Using Docker Compose
+### <a id="using-docker-compose"></a> Using Docker Compose
 
 Please be aware this file has not undergone internal testing. Consequently, we advise its use exclusively for development or testing purposes. For production-ready deployments, we highly recommend utilizing its associated [Bitnami Helm chart](https://github.com/bitnami/charts/tree/main/bitnami/phpmyadmin).
 
-### Persisting your application
+### <a id="persisting-your-application"></a> Persisting your application
 
 If you remove the container all your data and configurations will be lost, and the next time you run the image the database will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.
 
@@ -58,7 +56,7 @@ For persistence you should mount a volume at the `/bitnami` path. Additionally y
 
 To avoid inadvertent removal of these volumes you can [mount host directories as data volumes](https://docs.docker.com/engine/tutorials/dockervolumes/). Alternatively you can make use of volume plugins to host the volume data.
 
-## Upgrading phpMyAdmin
+## <a id="upgrading"></a> Upgrading phpMyAdmin
 
 Bitnami provides up-to-date versions of MariaDB and phpMyAdmin, including security patches, soon after they are made upstream. We recommend that you follow these steps to upgrade your container. We will cover here the upgrade of the phpMyAdmin container. For the MariaDB upgrade see <https://github.com/bitnami/containers/tree/main/bitnami/mariadb#upgrade-this-image>
 
@@ -85,9 +83,13 @@ The `bitnami/phpmyadmin:latest` tag always points to the most recent release. To
     - For docker-compose: `$ docker-compose up phpmyadmin`
     - For manual execution: `docker run --name phpmyadmin bitnami/phpmyadmin:latest`
 
-## Configuration
+## <a id="configuration"></a> Configuration
 
-### Environment variables
+The following section describes the supported environment variables
+
+### <a id="environment-variables"></a> Environment variables
+
+The following tables list the main variables you can set.
 
 #### Customizable environment variables
 
@@ -138,17 +140,17 @@ The `bitnami/phpmyadmin:latest` tag always points to the most recent release. To
 | `PHP_DEFAULT_POST_MAX_SIZE`                   | Default max PHP POST size.                                                                                                               | `80M`                                     |
 | `PHP_DEFAULT_MEMORY_LIMIT`                    | Default PHP memory limit.                                                                                                                | `256M`                                    |
 
-### FIPS configuration in Bitnami Secure Images
+### <a id="fips-configuration"></a> FIPS configuration in Bitnami Secure Images
 
 The Bitnami phpMyAdmin Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables:
 
 - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`.
 
-## Customize this image
+## <a id="customize-this-image"></a> Customize this image
 
 The Bitnami phpMyAdmin Docker image is designed to be extended so it can be used as the base image for your custom web applications.
 
-### Extend this image
+### <a id="extend-this-image"></a> Extend this image
 
 Before extending this image, please note there are certain configuration settings you can modify using the original image:
 
@@ -161,11 +163,11 @@ If your desired customizations cannot be covered using the methods mentioned abo
 
 ```Dockerfile
 FROM bitnami/phpmyadmin
-### Put your customizations below
+### <a id="put-your-customizations-below"></a> Put your customizations below
 ...
 ```
 
-## Notable Changes
+## <a id="notable-changes"></a> Notable Changes
 
 ### 5.0.2-debian-10-r73
 
@@ -180,7 +182,7 @@ FROM bitnami/phpmyadmin
 - The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually.
 - Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`.
 
-## License
+## <a id="license"></a> License
 
 Copyright &copy; 2026 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.