From 68c09d4340ddde25c2be2ddeeb3b4ac8f019d481 Mon Sep 17 00:00:00 2001
From: Sebastian Maier <sebastian.maier@siemens.com>
Date: Fri, 25 Jul 2025 08:10:21 +0200
Subject: [PATCH 1/5] refactor: rename docker-entrypoint.{d,sh} to
 container-entrypoint.{d,sh}; adjust scripts and readme

Signed-off-by: Sebastian Maier <sebastian.maier@siemens.com>
---
 README.md                                     |  13 ++-
 openvoxserver/Containerfile                   |   8 +-
 openvoxserver/Containerfile.alpine            |   8 +-
 .../20-use-templates-initially.sh             |   0
 .../30-set-permissions.sh                     |   0
 .../40-update-puppetdb-conf.sh                |   0
 .../50-set-certname.sh                        |   0
 .../55-set-masterport.sh                      |   0
 .../56-set-environmentpath.sh                 |   0
 .../57-set-hiera_config.sh                    |   0
 .../60-setup-autosign.sh                      |   0
 .../70-set-dns-alt-names.sh                   |   0
 .../83-environment-cache.sh                   |   0
 .../84-enable_graphite.sh                     |   2 +-
 .../84-metrics.conf.tmpl                      |   0
 .../85-setup-storeconfigs.sh                  |   0
 .../88-add_cache_del_api_auth_rules.rb        |   0
 .../88-enable-cache-delete-api.sh             |   2 +-
 .../89-csr_attributes.rb                      |   0
 .../89-csr_attributes.sh                      |   2 +-
 .../90-ca.sh                                  |   0
 .../99-log-config.sh                          |   0
 ...-entrypoint.sh => container-entrypoint.sh} | 105 ++++++++----------
 23 files changed, 62 insertions(+), 78 deletions(-)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/20-use-templates-initially.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/30-set-permissions.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/40-update-puppetdb-conf.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/50-set-certname.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/55-set-masterport.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/56-set-environmentpath.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/57-set-hiera_config.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/60-setup-autosign.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/70-set-dns-alt-names.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/83-environment-cache.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/84-enable_graphite.sh (73%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/84-metrics.conf.tmpl (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/85-setup-storeconfigs.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/88-add_cache_del_api_auth_rules.rb (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/88-enable-cache-delete-api.sh (70%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/89-csr_attributes.rb (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/89-csr_attributes.sh (56%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/90-ca.sh (100%)
 rename openvoxserver/{docker-entrypoint.d => container-entrypoint.d}/99-log-config.sh (100%)
 rename openvoxserver/{docker-entrypoint.sh => container-entrypoint.sh} (51%)

diff --git a/README.md b/README.md
index f237c75..d7a9a6a 100644
--- a/README.md
+++ b/README.md
@@ -116,14 +116,15 @@ The following environment variables are supported:
 
 ## Initialization Scripts
 
-If you would like to do additional initialization, add a directory called `/docker-custom-entrypoint.d/` and fill it with `.sh` scripts.
+If you would like to do additional initialization, add a directory called `/container-custom-entrypoint.d/` and fill it with `.sh` scripts.
 
-You can also create sub-directories in `/docker-custom-entrypoint.d/` for scripts that have to run at different stages.
+You can also create sub-directories in `/container-custom-entrypoint.d/` for scripts that have to run at different stages.
 
-- `/docker-custom-entrypoint.d/` - scripts that run after the default entrypoint scripts, but before the openvoxserver service is started.
-- `/docker-custom-entrypoint.d/post-startup/` - scripts that run after the openvoxserver service is started.
-- `/docker-custom-entrypoint.d/sigterm-handler/` - scripts that run when the container receives a SIGTERM signal.
-- `/docker-custom-entrypoint.d/post-execution/` - scripts that run after the openvoxserver service has stopped.
+- `/container-custom-entrypoint.d/pre-default/` - scripts that run before the default entrypoints scripts.
+- `/container-custom-entrypoint.d/` - scripts that run after the default entrypoint scripts, but before the openvoxserver service is started.
+- `/container-custom-entrypoint.d/post-startup/` - scripts that run after the openvoxserver service is started.
+- `/container-custom-entrypoint.d/sigterm-handler/` - scripts that run when the container receives a SIGTERM signal.
+- `/container-custom-entrypoint.d/post-execution/` - scripts that run after the openvoxserver service has stopped.
 
 ## Persistence
 
diff --git a/openvoxserver/Containerfile b/openvoxserver/Containerfile
index c00a996..271e2e4 100644
--- a/openvoxserver/Containerfile
+++ b/openvoxserver/Containerfile
@@ -70,12 +70,12 @@ ENV AUTOSIGN=true \
     SSLDIR=/etc/puppetlabs/puppet/ssl \
     USE_OPENVOXDB=true
 
-COPY docker-entrypoint.sh \
+COPY container-entrypoint.sh \
      healthcheck.sh \
      Containerfile \
      /
 
-COPY docker-entrypoint.d /docker-entrypoint.d
+COPY container-entrypoint.d /container-entrypoint.d
 COPY --from=builder /var/lib/gems/ /var/lib/gems/
 COPY --from=builder /usr/local/bin/r10k /usr/local/bin/
 
@@ -86,7 +86,7 @@ RUN apt-get update && \
 
 RUN groupadd -g ${OPENVOX_USER_GID} puppet && \
     useradd -m -u ${OPENVOX_USER_UID} -g puppet puppet && \
-    chmod +x /docker-entrypoint.sh /healthcheck.sh /docker-entrypoint.d/*.sh && \
+    chmod +x /container-entrypoint.sh /healthcheck.sh /container-entrypoint.d/*.sh && \
     apt-get update && \
     apt-get upgrade -y && \
     apt-get install -y \
@@ -120,5 +120,5 @@ HEALTHCHECK --interval=20s --timeout=15s --retries=12 --start-period=3m CMD ["/h
 # NOTE: this is just documentation on defaults
 EXPOSE 8140
 
-ENTRYPOINT ["dumb-init", "/docker-entrypoint.sh"]
+ENTRYPOINT ["dumb-init", "/container-entrypoint.sh"]
 CMD ["foreground"]
diff --git a/openvoxserver/Containerfile.alpine b/openvoxserver/Containerfile.alpine
index 51c4486..9104a3d 100644
--- a/openvoxserver/Containerfile.alpine
+++ b/openvoxserver/Containerfile.alpine
@@ -164,14 +164,14 @@ COPY --from=build /etc/puppetlabs /etc/puppetlabs
 COPY --from=build /var/log/puppetlabs /var/log/puppetlabs
 COPY --from=build /var/run/puppetlabs /var/run/puppetlabs
 
-COPY docker-entrypoint.sh \
+COPY container-entrypoint.sh \
      healthcheck.sh \
      Containerfile.alpine \
      /
 
 COPY conf.d/product.conf /etc/puppetlabs/puppetserver/conf.d/
 COPY conf.d/puppetserver.conf /etc/puppetlabs/puppetserver/conf.d/
-COPY docker-entrypoint.d /docker-entrypoint.d
+COPY container-entrypoint.d /container-entrypoint.d
 COPY logback.xml /etc/puppetlabs/puppetserver/
 COPY puppetdb.conf /var/tmp/puppet/
 COPY puppetserver /etc/default/puppetserver
@@ -210,7 +210,7 @@ RUN apk update \
 && chmod 700 ${data_dir}/puppetserver/yaml \
 && find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 \
 && echo 'alias ll="ls -la --color=auto"' >> ~/.bashrc \
-&& chmod +x /docker-entrypoint.sh /healthcheck.sh /docker-entrypoint.d/*.sh \
+&& chmod +x /container-entrypoint.sh /healthcheck.sh /container-entrypoint.d/*.sh \
 && mkdir -p /opt/puppetlabs/puppet/bin \
 && ln -s /usr/bin/puppet /opt/puppetlabs/puppet/bin/puppet \
 && ln -s /usr/bin/facter /opt/puppetlabs/puppet/bin/facter \
@@ -228,5 +228,5 @@ HEALTHCHECK --interval=20s --timeout=15s --retries=12 --start-period=3m CMD ["/h
 
 EXPOSE 8140
 
-ENTRYPOINT ["dumb-init", "/docker-entrypoint.sh"]
+ENTRYPOINT ["dumb-init", "/container-entrypoint.sh"]
 CMD ["foreground"]
diff --git a/openvoxserver/docker-entrypoint.d/20-use-templates-initially.sh b/openvoxserver/container-entrypoint.d/20-use-templates-initially.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/20-use-templates-initially.sh
rename to openvoxserver/container-entrypoint.d/20-use-templates-initially.sh
diff --git a/openvoxserver/docker-entrypoint.d/30-set-permissions.sh b/openvoxserver/container-entrypoint.d/30-set-permissions.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/30-set-permissions.sh
rename to openvoxserver/container-entrypoint.d/30-set-permissions.sh
diff --git a/openvoxserver/docker-entrypoint.d/40-update-puppetdb-conf.sh b/openvoxserver/container-entrypoint.d/40-update-puppetdb-conf.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/40-update-puppetdb-conf.sh
rename to openvoxserver/container-entrypoint.d/40-update-puppetdb-conf.sh
diff --git a/openvoxserver/docker-entrypoint.d/50-set-certname.sh b/openvoxserver/container-entrypoint.d/50-set-certname.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/50-set-certname.sh
rename to openvoxserver/container-entrypoint.d/50-set-certname.sh
diff --git a/openvoxserver/docker-entrypoint.d/55-set-masterport.sh b/openvoxserver/container-entrypoint.d/55-set-masterport.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/55-set-masterport.sh
rename to openvoxserver/container-entrypoint.d/55-set-masterport.sh
diff --git a/openvoxserver/docker-entrypoint.d/56-set-environmentpath.sh b/openvoxserver/container-entrypoint.d/56-set-environmentpath.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/56-set-environmentpath.sh
rename to openvoxserver/container-entrypoint.d/56-set-environmentpath.sh
diff --git a/openvoxserver/docker-entrypoint.d/57-set-hiera_config.sh b/openvoxserver/container-entrypoint.d/57-set-hiera_config.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/57-set-hiera_config.sh
rename to openvoxserver/container-entrypoint.d/57-set-hiera_config.sh
diff --git a/openvoxserver/docker-entrypoint.d/60-setup-autosign.sh b/openvoxserver/container-entrypoint.d/60-setup-autosign.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/60-setup-autosign.sh
rename to openvoxserver/container-entrypoint.d/60-setup-autosign.sh
diff --git a/openvoxserver/docker-entrypoint.d/70-set-dns-alt-names.sh b/openvoxserver/container-entrypoint.d/70-set-dns-alt-names.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/70-set-dns-alt-names.sh
rename to openvoxserver/container-entrypoint.d/70-set-dns-alt-names.sh
diff --git a/openvoxserver/docker-entrypoint.d/83-environment-cache.sh b/openvoxserver/container-entrypoint.d/83-environment-cache.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/83-environment-cache.sh
rename to openvoxserver/container-entrypoint.d/83-environment-cache.sh
diff --git a/openvoxserver/docker-entrypoint.d/84-enable_graphite.sh b/openvoxserver/container-entrypoint.d/84-enable_graphite.sh
similarity index 73%
rename from openvoxserver/docker-entrypoint.d/84-enable_graphite.sh
rename to openvoxserver/container-entrypoint.d/84-enable_graphite.sh
index fd506b4..159a1f2 100755
--- a/openvoxserver/docker-entrypoint.d/84-enable_graphite.sh
+++ b/openvoxserver/container-entrypoint.d/84-enable_graphite.sh
@@ -5,7 +5,7 @@ set -e
 if [[ "$OPENVOXSERVER_GRAPHITE_EXPORTER_ENABLED" == "true" ]]; then
   if [[ -n "$OPENVOXSERVER_GRAPHITE_HOST" && -n "$OPENVOXSERVER_GRAPHITE_PORT" ]]; then
     echo "Enabling graphite exporter"
-    sed -e "s/GRAPHITE_HOST/$OPENVOXSERVER_GRAPHITE_HOST/" -e "s/GRAPHITE_PORT/$OPENVOXSERVER_GRAPHITE_PORT/" /docker-entrypoint.d/84-metrics.conf.tmpl > /etc/puppetlabs/puppetserver/conf.d/metrics.conf
+    sed -e "s/GRAPHITE_HOST/$OPENVOXSERVER_GRAPHITE_HOST/" -e "s/GRAPHITE_PORT/$OPENVOXSERVER_GRAPHITE_PORT/" /container-entrypoint.d/84-metrics.conf.tmpl > /etc/puppetlabs/puppetserver/conf.d/metrics.conf
   else
     echo "ERROR: no OPENVOXSERVER_GRAPHITE_HOST or OPENVOXSERVER_GRAPHITE_PORT set."
     exit 99
diff --git a/openvoxserver/docker-entrypoint.d/84-metrics.conf.tmpl b/openvoxserver/container-entrypoint.d/84-metrics.conf.tmpl
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/84-metrics.conf.tmpl
rename to openvoxserver/container-entrypoint.d/84-metrics.conf.tmpl
diff --git a/openvoxserver/docker-entrypoint.d/85-setup-storeconfigs.sh b/openvoxserver/container-entrypoint.d/85-setup-storeconfigs.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/85-setup-storeconfigs.sh
rename to openvoxserver/container-entrypoint.d/85-setup-storeconfigs.sh
diff --git a/openvoxserver/docker-entrypoint.d/88-add_cache_del_api_auth_rules.rb b/openvoxserver/container-entrypoint.d/88-add_cache_del_api_auth_rules.rb
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/88-add_cache_del_api_auth_rules.rb
rename to openvoxserver/container-entrypoint.d/88-add_cache_del_api_auth_rules.rb
diff --git a/openvoxserver/docker-entrypoint.d/88-enable-cache-delete-api.sh b/openvoxserver/container-entrypoint.d/88-enable-cache-delete-api.sh
similarity index 70%
rename from openvoxserver/docker-entrypoint.d/88-enable-cache-delete-api.sh
rename to openvoxserver/container-entrypoint.d/88-enable-cache-delete-api.sh
index dbb4959..a4666f4 100755
--- a/openvoxserver/docker-entrypoint.d/88-enable-cache-delete-api.sh
+++ b/openvoxserver/container-entrypoint.d/88-enable-cache-delete-api.sh
@@ -6,6 +6,6 @@ if [[ "$OPENVOXSERVER_ENABLE_ENV_CACHE_DEL_API" == true ]]; then
   if [[ $(grep 'puppet-admin-api' /etc/puppetlabs/puppetserver/conf.d/auth.conf) ]]; then
     echo "Admin API already set"
   else
-    /opt/puppetlabs/puppet/bin/ruby /docker-entrypoint.d/88-add_cache_del_api_auth_rules.rb
+    /opt/puppetlabs/puppet/bin/ruby /container-entrypoint.d/88-add_cache_del_api_auth_rules.rb
   fi
 fi
diff --git a/openvoxserver/docker-entrypoint.d/89-csr_attributes.rb b/openvoxserver/container-entrypoint.d/89-csr_attributes.rb
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/89-csr_attributes.rb
rename to openvoxserver/container-entrypoint.d/89-csr_attributes.rb
diff --git a/openvoxserver/docker-entrypoint.d/89-csr_attributes.sh b/openvoxserver/container-entrypoint.d/89-csr_attributes.sh
similarity index 56%
rename from openvoxserver/docker-entrypoint.d/89-csr_attributes.sh
rename to openvoxserver/container-entrypoint.d/89-csr_attributes.sh
index 162b734..92fcfba 100755
--- a/openvoxserver/docker-entrypoint.d/89-csr_attributes.sh
+++ b/openvoxserver/container-entrypoint.d/89-csr_attributes.sh
@@ -4,5 +4,5 @@ set -e
 
 if [ -n "${CSR_ATTRIBUTES}" ]; then
     echo "CSR Attributes: ${CSR_ATTRIBUTES}"
-    /opt/puppetlabs/puppet/bin/ruby /docker-entrypoint.d/89-csr_attributes.rb
+    /opt/puppetlabs/puppet/bin/ruby /container-entrypoint.d/89-csr_attributes.rb
 fi
diff --git a/openvoxserver/docker-entrypoint.d/90-ca.sh b/openvoxserver/container-entrypoint.d/90-ca.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/90-ca.sh
rename to openvoxserver/container-entrypoint.d/90-ca.sh
diff --git a/openvoxserver/docker-entrypoint.d/99-log-config.sh b/openvoxserver/container-entrypoint.d/99-log-config.sh
similarity index 100%
rename from openvoxserver/docker-entrypoint.d/99-log-config.sh
rename to openvoxserver/container-entrypoint.d/99-log-config.sh
diff --git a/openvoxserver/docker-entrypoint.sh b/openvoxserver/container-entrypoint.sh
similarity index 51%
rename from openvoxserver/docker-entrypoint.sh
rename to openvoxserver/container-entrypoint.sh
index bb574ff..aefcd89 100755
--- a/openvoxserver/docker-entrypoint.sh
+++ b/openvoxserver/container-entrypoint.sh
@@ -17,96 +17,79 @@ echoerr() { echo "$@" 1>&2; }
 
 echoerr "Entrypoint PID $$"
 
-## Pre execution handler
-pre_execution_handler() {
-  if [ -d /docker-custom-entrypoint.d/ ]; then
-    if [ -d /docker-custom-entrypoint.d/pre-default/ ]; then
-      find /docker-custom-entrypoint.d/pre-default/ -type f -name "*.sh" \
-        -exec chmod +x {} \;
-      sync
-      for f in /docker-custom-entrypoint.d/pre-default/*.sh; do
-        if [[ -f "$f" && -x $(realpath "$f") ]]; then
-          echo "Running $f"
-          "$f"
-        fi
-      done
+# Generic execution function for custom handlers
+# Usage: run_custom_handler [handler_name]
+run_custom_handler() {
+  local CUSTOM_HANDLER_ROOT_DIRECTORY=""
+  local CUSTOM_HANDLER_DIRECTORY=""
+
+  if [ -d /container-custom-entrypoint.d/ ]; then
+    # use /container-custom-entrypoint.d/ for custom entrypoint scripts
+    CUSTOM_HANDLER_ROOT_DIRECTORY=/container-custom-entrypoint.d
+  elif [ -d /docker-custom-entrypoint.d/ ]; then
+    # legacy support for /docker-custom-entrypoint.d/
+    if [[ $# -eq 1 && "$1" == "pre-default" ]]; then
+      echoerr "DEPRECATED: Use /container-custom-entrypoint.d/ instead of /docker-custom-entrypoint.d/"
     fi
+    CUSTOM_HANDLER_ROOT_DIRECTORY=/docker-custom-entrypoint.d
+  else
+    return 0
   fi
 
-  for f in /docker-entrypoint.d/*.sh; do
-    echo "Running $f"
-    "$f"
-  done
+  if [[ $# -eq 0 || "$1" == "" ]]; then
+    CUSTOM_HANDLER_DIRECTORY=${CUSTOM_HANDLER_ROOT_DIRECTORY}
+  else
+    CUSTOM_HANDLER_DIRECTORY=${CUSTOM_HANDLER_ROOT_DIRECTORY}/$1
+  fi
 
-  if [ -d /docker-custom-entrypoint.d/ ]; then
-    find /docker-custom-entrypoint.d/ -type f -name "*.sh" \
+  if [ -d ${CUSTOM_HANDLER_DIRECTORY}/ ]; then
+    find ${CUSTOM_HANDLER_DIRECTORY}/ -type f -name "*.sh" \
       -exec chmod +x {} \;
     sync
-    for f in /docker-custom-entrypoint.d/*.sh; do
+    for f in ${CUSTOM_HANDLER_DIRECTORY}/*.sh; do
       if [[ -f "$f" && -x $(realpath "$f") ]]; then
         echo "Running $f"
         "$f"
       fi
     done
   fi
+
+  return 0
+}
+
+## Pre execution handler
+pre_execution_handler() {
+  run_custom_handler pre-default
+
+  for f in /container-entrypoint.d/*.sh; do
+    echo "Running $f"
+    "$f"
+  done
+
+  run_custom_handler
 }
 
 ## Post startup handler
 post_startup_handler() {
-  if [ -d /docker-custom-entrypoint.d/ ]; then
-    if [ -d /docker-custom-entrypoint.d/post-startup/ ]; then
-      find /docker-custom-entrypoint.d/post-startup/ -type f -name "*.sh" \
-        -exec chmod +x {} \;
-      sync
-      for f in /docker-custom-entrypoint.d/post-startup/*.sh; do
-        if [[ -f "$f" && -x $(realpath "$f") ]]; then
-          echo "Running $f"
-          "$f"
-        fi
-      done
-    fi
-  fi
+  run_custom_handler post-startup
 }
 
 ## Post execution handler
 post_execution_handler() {
-  if [ -d /docker-custom-entrypoint.d/ ]; then
-    if [ -d /docker-custom-entrypoint.d/post-execution/ ]; then
-      find /docker-custom-entrypoint.d/post-execution/ -type f -name "*.sh" \
-        -exec chmod +x {} \;
-      sync
-      for f in /docker-custom-entrypoint.d/post-execution/*.sh; do
-        if [[ -f "$f" && -x $(realpath "$f") ]]; then
-          echo "Running $f"
-          "$f"
-        fi
-      done
-    fi
-  fi
+  run_custom_handler post-execution
 }
 
 ## Sigterm Handler
-sigterm_handler() { 
+# shellcheck disable=SC2317 # function is called when the container receives a SIGTERM signal
+sigterm_handler() {
   echoerr "Catching SIGTERM"
   if [ $pid -ne 0 ]; then
     echoerr "sigterm_handler for PID '${pid}' triggered"
-    # the above if statement is important because it ensures 
+    # the above if statement is important because it ensures
     # that the application has already started. without it you
     # could attempt cleanup steps if the application failed to
     # start, causing errors.
-    if [ -d /docker-custom-entrypoint.d/ ]; then
-      if [ -d /docker-custom-entrypoint.d/sigterm-handler/ ]; then
-        find /docker-custom-entrypoint.d/sigterm-handler/ -type f -name "*.sh" \
-          -exec chmod +x {} \;
-        sync
-        for f in /docker-custom-entrypoint.d/sigterm-handler/*.sh; do
-          if [[ -f "$f" && -x $(realpath "$f") ]]; then
-            echo "Running $f"
-            "$f"
-          fi
-        done
-      fi
-    fi
+    run_custom_handler sigterm-handler
     kill -15 "$pid"
     wait "$pid"
     post_execution_handler

From 87ed773e53d4c76193ea3080da354edb1a714d8f Mon Sep 17 00:00:00 2001
From: Sebastian Maier <sebastian.maier@siemens.com>
Date: Fri, 25 Jul 2025 08:13:40 +0200
Subject: [PATCH 2/5] refactor: add docker-entrypoint.sh for backwards
 compatibility

Signed-off-by: Sebastian Maier <sebastian.maier@siemens.com>
---
 openvoxserver/Containerfile        |  3 ++-
 openvoxserver/Containerfile.alpine |  3 ++-
 openvoxserver/docker-entrypoint.sh | 17 +++++++++++++++++
 3 files changed, 21 insertions(+), 2 deletions(-)
 create mode 100755 openvoxserver/docker-entrypoint.sh

diff --git a/openvoxserver/Containerfile b/openvoxserver/Containerfile
index 271e2e4..2ca8989 100644
--- a/openvoxserver/Containerfile
+++ b/openvoxserver/Containerfile
@@ -71,6 +71,7 @@ ENV AUTOSIGN=true \
     USE_OPENVOXDB=true
 
 COPY container-entrypoint.sh \
+     docker-entrypoint.sh \
      healthcheck.sh \
      Containerfile \
      /
@@ -86,7 +87,7 @@ RUN apt-get update && \
 
 RUN groupadd -g ${OPENVOX_USER_GID} puppet && \
     useradd -m -u ${OPENVOX_USER_UID} -g puppet puppet && \
-    chmod +x /container-entrypoint.sh /healthcheck.sh /container-entrypoint.d/*.sh && \
+    chmod +x /container-entrypoint.sh /docker-entrypoint.sh /healthcheck.sh /container-entrypoint.d/*.sh && \
     apt-get update && \
     apt-get upgrade -y && \
     apt-get install -y \
diff --git a/openvoxserver/Containerfile.alpine b/openvoxserver/Containerfile.alpine
index 9104a3d..0cc6323 100644
--- a/openvoxserver/Containerfile.alpine
+++ b/openvoxserver/Containerfile.alpine
@@ -165,6 +165,7 @@ COPY --from=build /var/log/puppetlabs /var/log/puppetlabs
 COPY --from=build /var/run/puppetlabs /var/run/puppetlabs
 
 COPY container-entrypoint.sh \
+     docker-entrypoint.sh \
      healthcheck.sh \
      Containerfile.alpine \
      /
@@ -210,7 +211,7 @@ RUN apk update \
 && chmod 700 ${data_dir}/puppetserver/yaml \
 && find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 \
 && echo 'alias ll="ls -la --color=auto"' >> ~/.bashrc \
-&& chmod +x /container-entrypoint.sh /healthcheck.sh /container-entrypoint.d/*.sh \
+&& chmod +x /container-entrypoint.sh /docker-entrypoint.sh /healthcheck.sh /container-entrypoint.d/*.sh \
 && mkdir -p /opt/puppetlabs/puppet/bin \
 && ln -s /usr/bin/puppet /opt/puppetlabs/puppet/bin/puppet \
 && ln -s /usr/bin/facter /opt/puppetlabs/puppet/bin/facter \
diff --git a/openvoxserver/docker-entrypoint.sh b/openvoxserver/docker-entrypoint.sh
new file mode 100755
index 0000000..4257155
--- /dev/null
+++ b/openvoxserver/docker-entrypoint.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+# bash is required to pass ENV vars with dots as sh cannot
+
+set -o errexit  # exit on any command failure; use `whatever || true` to accept failures
+                # use `if something; then` instead of `something; if [ $? -eq 0 ]; then`
+                # use `rv=0; something || rv=$?` if you really need the exact exit code
+set -o pipefail # pipes fail when any command fails, not just the last one. Use: ( whatever || true ) | somethingelse
+set -o nounset  # exit on use of undeclared var, use `${possibly_undefined-}` to substitute the empty string in that case
+                # You can assign default values like this:
+                # `: ${possibly_undefined=default}`
+                # `: ${possibly_undefined_or_empty:=default}` will also replace an empty (but declared) value
+# set -o xtrace
+
+echoerr() { echo "$@" 1>&2; }
+
+echoerr "DEPRECATED: Use /container-entrypoint.sh instead of /docker-entrypoint.sh"
+exec ./container-entrypoint.sh "$@"

From 1d62603982794f11c22e64020d36dadde6589f0e Mon Sep 17 00:00:00 2001
From: Sebastian Maier <sebastian.maier@siemens.com>
Date: Wed, 30 Jul 2025 13:39:52 +0200
Subject: [PATCH 3/5] refactor: execute scripts from both /docker-entrypoint.d/
 and /container-entrypoint.d/

Signed-off-by: Sebastian Maier <sebastian.maier@siemens.com>
---
 openvoxserver/container-entrypoint.sh | 56 +++++++++++++--------------
 1 file changed, 26 insertions(+), 30 deletions(-)

diff --git a/openvoxserver/container-entrypoint.sh b/openvoxserver/container-entrypoint.sh
index aefcd89..4516b74 100755
--- a/openvoxserver/container-entrypoint.sh
+++ b/openvoxserver/container-entrypoint.sh
@@ -22,39 +22,35 @@ echoerr "Entrypoint PID $$"
 run_custom_handler() {
   local CUSTOM_HANDLER_ROOT_DIRECTORY=""
   local CUSTOM_HANDLER_DIRECTORY=""
+  local -a DIR_LIST=("/docker-custom-entrypoint.d" "/container-custom-entrypoint.d")
+
+  for CUSTOM_HANDLER_ROOT_DIRECTORY in "${DIR_LIST[@]}"; do
+    if [ -d "${CUSTOM_HANDLER_ROOT_DIRECTORY}" ]; then
+      if [[ "${CUSTOM_HANDLER_ROOT_DIRECTORY}" == "/docker-custom-entrypoint.d" ]]; then
+        if [[ $# -eq 1 && "$1" == "pre-default" ]]; then
+          echoerr "DEPRECATED: Use /container-custom-entrypoint.d/ instead of /docker-custom-entrypoint.d/"
+        fi
+      fi
 
-  if [ -d /container-custom-entrypoint.d/ ]; then
-    # use /container-custom-entrypoint.d/ for custom entrypoint scripts
-    CUSTOM_HANDLER_ROOT_DIRECTORY=/container-custom-entrypoint.d
-  elif [ -d /docker-custom-entrypoint.d/ ]; then
-    # legacy support for /docker-custom-entrypoint.d/
-    if [[ $# -eq 1 && "$1" == "pre-default" ]]; then
-      echoerr "DEPRECATED: Use /container-custom-entrypoint.d/ instead of /docker-custom-entrypoint.d/"
-    fi
-    CUSTOM_HANDLER_ROOT_DIRECTORY=/docker-custom-entrypoint.d
-  else
-    return 0
-  fi
-
-  if [[ $# -eq 0 || "$1" == "" ]]; then
-    CUSTOM_HANDLER_DIRECTORY=${CUSTOM_HANDLER_ROOT_DIRECTORY}
-  else
-    CUSTOM_HANDLER_DIRECTORY=${CUSTOM_HANDLER_ROOT_DIRECTORY}/$1
-  fi
-
-  if [ -d ${CUSTOM_HANDLER_DIRECTORY}/ ]; then
-    find ${CUSTOM_HANDLER_DIRECTORY}/ -type f -name "*.sh" \
-      -exec chmod +x {} \;
-    sync
-    for f in ${CUSTOM_HANDLER_DIRECTORY}/*.sh; do
-      if [[ -f "$f" && -x $(realpath "$f") ]]; then
-        echo "Running $f"
-        "$f"
+      if [[ $# -eq 0 || "$1" == "" ]]; then
+        CUSTOM_HANDLER_DIRECTORY=${CUSTOM_HANDLER_ROOT_DIRECTORY}
+      else
+        CUSTOM_HANDLER_DIRECTORY=${CUSTOM_HANDLER_ROOT_DIRECTORY}/$1
       fi
-    done
-  fi
 
-  return 0
+      if [ -d ${CUSTOM_HANDLER_DIRECTORY}/ ]; then
+        find ${CUSTOM_HANDLER_DIRECTORY}/ -type f -name "*.sh" \
+          -exec chmod +x {} \;
+        sync
+        for f in ${CUSTOM_HANDLER_DIRECTORY}/*.sh; do
+          if [[ -f "$f" && -x $(realpath "$f") ]]; then
+            echo "Running $f"
+            "$f"
+          fi
+        done
+      fi
+    fi
+  done
 }
 
 ## Pre execution handler

From 08d9200584c02c180e357c06ed486b1ef8aed31f Mon Sep 17 00:00:00 2001
From: Sebastian Maier <sebastian.maier@siemens.com>
Date: Thu, 31 Jul 2025 11:15:04 +0200
Subject: [PATCH 4/5] refactor: also execute scripts in /docker-entrypoint.d/
 for now

Signed-off-by: Sebastian Maier <sebastian.maier@siemens.com>
---
 openvoxserver/container-entrypoint.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/openvoxserver/container-entrypoint.sh b/openvoxserver/container-entrypoint.sh
index 4516b74..59b15b1 100755
--- a/openvoxserver/container-entrypoint.sh
+++ b/openvoxserver/container-entrypoint.sh
@@ -57,6 +57,14 @@ run_custom_handler() {
 pre_execution_handler() {
   run_custom_handler pre-default
 
+  if [ -d /container-entrypoint.d ]; then
+    echoerr "DEPRECATED: Use /container-entrypoint.d/ instead of /docker-entrypoint.d/"
+    for f in /docker-entrypoint.d/*.sh; do
+      echo "Running $f"
+      "$f"
+    done
+  fi
+
   for f in /container-entrypoint.d/*.sh; do
     echo "Running $f"
     "$f"

From 577f134b087c29b0265560cc37ef59099da0b5b4 Mon Sep 17 00:00:00 2001
From: Sebastian Maier <sebastian.maier@siemens.com>
Date: Thu, 31 Jul 2025 11:16:15 +0200
Subject: [PATCH 5/5] refactor: avoid hard-coded file paths

Signed-off-by: Sebastian Maier <sebastian.maier@siemens.com>
---
 openvoxserver/container-entrypoint.d/84-enable_graphite.sh  | 6 +++++-
 .../container-entrypoint.d/88-enable-cache-delete-api.sh    | 6 +++++-
 openvoxserver/container-entrypoint.d/89-csr_attributes.sh   | 6 +++++-
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/openvoxserver/container-entrypoint.d/84-enable_graphite.sh b/openvoxserver/container-entrypoint.d/84-enable_graphite.sh
index 159a1f2..19c576b 100755
--- a/openvoxserver/container-entrypoint.d/84-enable_graphite.sh
+++ b/openvoxserver/container-entrypoint.d/84-enable_graphite.sh
@@ -2,10 +2,14 @@
 
 set -e
 
+# determine script location
+readonly SCRIPT_FILENAME=$(readlink -f "${BASH_SOURCE[0]}")
+readonly SCRIPT_PATH=$(dirname "$SCRIPT_FILENAME")
+
 if [[ "$OPENVOXSERVER_GRAPHITE_EXPORTER_ENABLED" == "true" ]]; then
   if [[ -n "$OPENVOXSERVER_GRAPHITE_HOST" && -n "$OPENVOXSERVER_GRAPHITE_PORT" ]]; then
     echo "Enabling graphite exporter"
-    sed -e "s/GRAPHITE_HOST/$OPENVOXSERVER_GRAPHITE_HOST/" -e "s/GRAPHITE_PORT/$OPENVOXSERVER_GRAPHITE_PORT/" /container-entrypoint.d/84-metrics.conf.tmpl > /etc/puppetlabs/puppetserver/conf.d/metrics.conf
+    sed -e "s/GRAPHITE_HOST/$OPENVOXSERVER_GRAPHITE_HOST/" -e "s/GRAPHITE_PORT/$OPENVOXSERVER_GRAPHITE_PORT/" "$SCRIPT_PATH/84-metrics.conf.tmpl" > /etc/puppetlabs/puppetserver/conf.d/metrics.conf
   else
     echo "ERROR: no OPENVOXSERVER_GRAPHITE_HOST or OPENVOXSERVER_GRAPHITE_PORT set."
     exit 99
diff --git a/openvoxserver/container-entrypoint.d/88-enable-cache-delete-api.sh b/openvoxserver/container-entrypoint.d/88-enable-cache-delete-api.sh
index a4666f4..0976a7c 100755
--- a/openvoxserver/container-entrypoint.d/88-enable-cache-delete-api.sh
+++ b/openvoxserver/container-entrypoint.d/88-enable-cache-delete-api.sh
@@ -2,10 +2,14 @@
 
 set -e
 
+# determine script location
+readonly SCRIPT_FILENAME=$(readlink -f "${BASH_SOURCE[0]}")
+readonly SCRIPT_PATH=$(dirname "$SCRIPT_FILENAME")
+
 if [[ "$OPENVOXSERVER_ENABLE_ENV_CACHE_DEL_API" == true ]]; then
   if [[ $(grep 'puppet-admin-api' /etc/puppetlabs/puppetserver/conf.d/auth.conf) ]]; then
     echo "Admin API already set"
   else
-    /opt/puppetlabs/puppet/bin/ruby /container-entrypoint.d/88-add_cache_del_api_auth_rules.rb
+    /opt/puppetlabs/puppet/bin/ruby "$SCRIPT_PATH/88-add_cache_del_api_auth_rules.rb"
   fi
 fi
diff --git a/openvoxserver/container-entrypoint.d/89-csr_attributes.sh b/openvoxserver/container-entrypoint.d/89-csr_attributes.sh
index 92fcfba..08cab7a 100755
--- a/openvoxserver/container-entrypoint.d/89-csr_attributes.sh
+++ b/openvoxserver/container-entrypoint.d/89-csr_attributes.sh
@@ -2,7 +2,11 @@
 
 set -e
 
+# determine script location
+readonly SCRIPT_FILENAME=$(readlink -f "${BASH_SOURCE[0]}")
+readonly SCRIPT_PATH=$(dirname "$SCRIPT_FILENAME")
+
 if [ -n "${CSR_ATTRIBUTES}" ]; then
     echo "CSR Attributes: ${CSR_ATTRIBUTES}"
-    /opt/puppetlabs/puppet/bin/ruby /container-entrypoint.d/89-csr_attributes.rb
+    /opt/puppetlabs/puppet/bin/ruby "$SCRIPT_PATH/89-csr_attributes.rb"
 fi