From f6f04eb23f501b34d0b7d286946b641e6dd5f5ec Mon Sep 17 00:00:00 2001
From: Bitnami Bot <bitnami-bot@vmware.com>
Date: Sun, 21 May 2023 20:19:49 +0100
Subject: [PATCH] [bitnami/harbor-portal] Release 2.8.1-debian-11-r5 (#34824)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
---
 bitnami/harbor-portal/2/debian-11/Dockerfile         | 12 ++++++------
 .../prebuildfs/opt/bitnami/.bitnami_components.json  |  6 +++---
 .../debian-11/rootfs/opt/bitnami/scripts/libnginx.sh |  7 ++++++-
 .../rootfs/opt/bitnami/scripts/nginx/postunpack.sh   |  6 ++++++
 4 files changed, 21 insertions(+), 10 deletions(-)

diff --git a/bitnami/harbor-portal/2/debian-11/Dockerfile b/bitnami/harbor-portal/2/debian-11/Dockerfile
index 24f1770fdaeb..ad4f18ae7e7c 100644
--- a/bitnami/harbor-portal/2/debian-11/Dockerfile
+++ b/bitnami/harbor-portal/2/debian-11/Dockerfile
@@ -3,10 +3,10 @@ FROM docker.io/bitnami/minideb:bullseye
 ARG TARGETARCH
 
 LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \
-      org.opencontainers.image.created="2023-05-16T18:27:17Z" \
+      org.opencontainers.image.created="2023-05-21T18:20:36Z" \
       org.opencontainers.image.description="Application packaged by VMware, Inc" \
       org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="2.8.1-debian-11-r4" \
+      org.opencontainers.image.ref.name="2.8.1-debian-11-r5" \
       org.opencontainers.image.title="harbor-portal" \
       org.opencontainers.image.vendor="VMware, Inc." \
       org.opencontainers.image.version="2.8.1"
@@ -19,12 +19,12 @@ ENV HOME="/" \
 COPY prebuildfs /
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 # Install required system packages and dependencies
-RUN install_packages ca-certificates curl libcrypt1 libgeoip1 libpcre3 libssl1.1 procps zlib1g
+RUN install_packages ca-certificates curl libcrypt1 libgeoip1 libpcre3 libssl1.1 openssl procps zlib1g
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
     COMPONENTS=( \
-      "nginx-1.23.4-3-linux-${OS_ARCH}-debian-11" \
-      "render-template-1.0.5-5-linux-${OS_ARCH}-debian-11" \
-      "harbor-2.8.1-2-linux-${OS_ARCH}-debian-11" \
+      "nginx-1.23.4-4-linux-${OS_ARCH}-debian-11" \
+      "render-template-1.0.5-6-linux-${OS_ARCH}-debian-11" \
+      "harbor-2.8.1-3-linux-${OS_ARCH}-debian-11" \
     ) && \
     for COMPONENT in "${COMPONENTS[@]}"; do \
       if [ ! -f "${COMPONENT}.tar.gz" ]; then \
diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
index a5a1d65cde40..80752fb2e22d 100644
--- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
@@ -3,18 +3,18 @@
         "arch": "amd64",
         "distro": "debian-11",
         "type": "NAMI",
-        "version": "2.8.1-2"
+        "version": "2.8.1-3"
     },
     "nginx": {
         "arch": "amd64",
         "distro": "debian-11",
         "type": "NAMI",
-        "version": "1.23.4-3"
+        "version": "1.23.4-4"
     },
     "render-template": {
         "arch": "amd64",
         "distro": "debian-11",
         "type": "NAMI",
-        "version": "1.0.5-5"
+        "version": "1.0.5-6"
     }
 }
\ No newline at end of file
diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh
index 8dffa1576177..ef12f1cf24b7 100644
--- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh
+++ b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh
@@ -652,7 +652,12 @@ nginx_generate_sample_certs() {
             SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1"
             rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE"
             openssl genrsa -out "$SSL_KEY_FILE" 4096
-            openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"
+            # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x
+            if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then
+                openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ"
+            else
+                openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"
+            fi
             openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT")
             rm -f "$SSL_CSR_FILE"
         else
diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh
index 58259b072314..93964da92f41 100755
--- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh
+++ b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh
@@ -64,3 +64,9 @@ ln -sf /certs "${NGINX_CONF_DIR}/bitnami/certs"
 
 ln -sf "/dev/stdout" "${NGINX_LOGS_DIR}/access.log"
 ln -sf "/dev/stderr" "${NGINX_LOGS_DIR}/error.log"
+
+# This file is necessary for avoiding the error
+# "unable to write random state"
+# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean
+
+touch /.rnd && chmod g+rw /.rnd