fix: make it work on alpine again

.github/workflows/build_container.yml

@@ -56,6 +56,7 @@ jobs:
             OPENVOXDB_VERSION=${{ matrix.db_version }}
             R10K_VERSION=${{ matrix.r10k_version }}
             RUGGED_VERSION=${{ matrix.rugged_version }}
+            JDK_VERSION=${{ matrix.jdk_version }}
           build_arch: linux/${{ matrix.platform }}
           build_context: openvoxserver
           buildfile: openvoxserver/Containerfile
@@ -71,6 +72,8 @@ jobs:
             OPENVOXSERVER_VERSION=${{ steps.server_version.outputs.server_version }}
             OPENVOXDB_VERSION=${{ steps.db_version.outputs.db_version }}
             R10K_VERSION=${{ matrix.r10k_version }}
+            RUGGED_VERSION=${{ matrix.rugged_version }}
+            JDK_VERSION=${{ matrix.jdk_version }}
           build_arch: linux/${{ matrix.platform }}
           build_context: openvoxserver
           buildfile: openvoxserver/Containerfile.alpine

.github/workflows/ci.yaml

@@ -71,6 +71,7 @@ jobs:
             OPENVOXDB_VERSION=${{ matrix.db_version }}
             R10K_VERSION=${{ matrix.r10k_version }}
             RUGGED_VERSION=${{ matrix.rugged_version }}
+            JDK_VERSION=${{ matrix.jdk_version }}
 
       - name: Build Alpine image
         uses: docker/build-push-action@v6
@@ -84,6 +85,8 @@ jobs:
             OPENVOXSERVER_VERSION=${{ steps.extract_server_version.outputs.server_version }}
             OPENVOXDB_VERSION=${{ steps.extract_db_version.outputs.db_version }}
             R10K_VERSION=${{ matrix.r10k_version }}
+            RUGGED_VERSION=${{ matrix.rugged_version }}
+            JDK_VERSION=${{ matrix.jdk_version }}
 
   tests:
     needs:

.github/workflows/security_scanning.yml

@@ -64,6 +64,7 @@ jobs:
             OPENVOXDB_VERSION=${{ matrix.db_version }}
             R10K_VERSION=${{ matrix.r10k_version }}
             RUGGED_VERSION=${{ matrix.rugged_version }}
+            JDK_VERSION=${{ matrix.jdk_version }}
 
       - name: Scan image with Anchore Grype
         uses: anchore/scan-action@v6

.markdownlint.yaml

@@ -0,0 +1,6 @@
+default: true
+MD033:
+  allowed_elements:
+    - br
+MD013:
+  line_length: 210

build_versions.yaml

@@ -7,3 +7,4 @@ include:
     db_version: "8.9.1-1+ubuntu24.04"
     r10k_version: "5.0.0"
     rugged_version: "1.9.0"
+    jdk_version: "21"

openvoxserver/Containerfile.alpine

@@ -1,100 +1,82 @@
 FROM alpine:3.22 AS base
 
 # Install JDK
+ARG JDK_VERSION=17
 RUN apk update && apk upgrade \
-    && apk add openjdk17-jre-headless  \
-    && apk add --update bash \
-    && rm -rf /var/cache/apk/*
+    && apk add --no-cache openjdk${JDK_VERSION}-jre-headless bash
 
 ################################################################################
 
 FROM base AS build
 
-ARG OPENVOXSERVER_VERSION=8.8.1
-ARG OPENVOXDB_VERSION=8.9.1
+ARG OPENVOXSERVER_VERSION=8.10.0
+ARG OPENVOXDB_VERSION=8.10.0
 
 ADD https://artifacts.voxpupuli.org/openvox-server/${OPENVOXSERVER_VERSION}/openvox-server-${OPENVOXSERVER_VERSION}.tar.gz /
 ADD https://artifacts.voxpupuli.org/openvoxdb/${OPENVOXDB_VERSION}/openvoxdb-${OPENVOXDB_VERSION}.tar.gz /
 
-ENV apps_dir=/opt/puppetlabs/server/apps
 ENV app_logdir=/var/log/puppetlabs
+ENV apps_dir=/opt/puppetlabs/server/apps
+ENV bindir=/opt/puppetlabs/server/apps/puppetserver/bin
 ENV data_dir=/opt/puppetlabs/server/data
 ENV etc_dir=/etc/puppetlabs
+ENV rubylibdir=/opt/puppetlabs/puppet/lib/ruby/vendor_ruby
 ENV run_dir=/var/run/puppetlabs
-ENV bindir=/opt/puppetlabs/server/apps/puppetserver/bin
 ENV symbindir=/opt/puppetlabs/server/bin
 ENV uxbindir=/opt/puppetlabs/bin
-ENV rubylibdir=/opt/puppetlabs/puppet/lib/ruby/vendor_ruby
 
 RUN apk update \
 && tar -xzf /openvox-server-${OPENVOXSERVER_VERSION}.tar.gz \
 && tar -xzf /openvoxdb-${OPENVOXDB_VERSION}.tar.gz \
 && cd /puppetserver-${OPENVOXSERVER_VERSION} \
+&& install -d -m 0700 "${app_logdir}/puppetserver" \
+&& install -d -m 0700 "${data_dir}/puppetserver/jars" \
+&& install -d -m 0700 "${data_dir}/puppetserver/yaml" \
+&& install -d -m 0750 "${etc_dir}/puppetserver/ca" \
 && install -d -m 0755 "${apps_dir}/puppetserver" \
-&& install -d -m 0770 "${data_dir}/puppetserver" \
-&& install -m 0644 puppet-server-release.jar "${apps_dir}/puppetserver" \
-&& install -m 0774 ext/ezbake-functions.sh "${apps_dir}/puppetserver" \
-&& install -m 0644 ext/ezbake.manifest "${apps_dir}/puppetserver" \
-&& install -d -m 0755 "${etc_dir}/puppetserver/conf.d" \
-&& install -d -m 0755 "${etc_dir}/puppetserver/services.d" \
-&& install -d -m 0755 "${apps_dir}/puppetserver/config/services.d" \
-&& install -m 0644 ext/system-config/services.d/bootstrap.cfg "${apps_dir}/puppetserver/config/services.d/bootstrap.cfg" \
-&& install -m 0644 ext/config/request-logging.xml "${etc_dir}/puppetserver/request-logging.xml" \
-&& install -m 0644 ext/config/conf.d/puppetserver.conf "${etc_dir}/puppetserver/conf.d/puppetserver.conf" \
-&& install -m 0644 ext/config/logback.xml "${etc_dir}/puppetserver/logback.xml" \
-&& install -m 0644 ext/config/services.d/ca.cfg "${etc_dir}/puppetserver/services.d/ca.cfg" \
-&& install -m 0644 ext/config/conf.d/global.conf "${etc_dir}/puppetserver/conf.d/global.conf" \
-&& install -m 0644 ext/config/conf.d/web-routes.conf "${etc_dir}/puppetserver/conf.d/web-routes.conf" \
-&& install -m 0644 ext/config/conf.d/auth.conf "${etc_dir}/puppetserver/conf.d/auth.conf" \
-&& install -m 0644 ext/config/conf.d/metrics.conf "${etc_dir}/puppetserver/conf.d/metrics.conf" \
-&& install -m 0644 ext/config/conf.d/ca.conf "${etc_dir}/puppetserver/conf.d/ca.conf" \
-&& install -m 0644 ext/config/conf.d/webserver.conf "${etc_dir}/puppetserver/conf.d/webserver.conf" \
 && install -d -m 0755 "${apps_dir}/puppetserver/cli" \
 && install -d -m 0755 "${apps_dir}/puppetserver/cli/apps" \
+&& install -d -m 0755 "${apps_dir}/puppetserver/config/services.d" \
 && install -d -m 0755 "${bindir}" \
+&& install -d -m 0755 "${data_dir}/puppetserver/jruby-gems" \
+&& install -d -m 0755 "${etc_dir}/code" \
+&& install -d -m 0755 "${etc_dir}/puppetserver/conf.d" \
+&& install -d -m 0755 "${etc_dir}/puppetserver/services.d" \
+&& install -d -m 0755 "${run_dir}/puppetserver" \
 && install -d -m 0755 "${symbindir}" \
 && install -d -m 0755 "${uxbindir}" \
-&& install -m 0755 "ext/bin/puppetserver" "${bindir}/puppetserver" \
-&& ln -s "../apps/puppetserver/bin/puppetserver" "${symbindir}/puppetserver" \
-&& ln -s "../server/apps/puppetserver/bin/puppetserver" "${uxbindir}/puppetserver" \
-&& install -m 0755 ext/cli/foreground "${apps_dir}/puppetserver/cli/apps/foreground" \
-&& install -m 0755 ext/cli/dropsonde "${apps_dir}/puppetserver/cli/apps/dropsonde" \
-&& install -m 0755 ext/cli/ca "${apps_dir}/puppetserver/cli/apps/ca" \
-&& install -m 0755 ext/cli/irb "${apps_dir}/puppetserver/cli/apps/irb" \
-&& install -m 0755 ext/cli/gem "${apps_dir}/puppetserver/cli/apps/gem" \
-&& install -m 0755 ext/cli/reload "${apps_dir}/puppetserver/cli/apps/reload" \
-&& install -m 0755 ext/cli/ruby "${apps_dir}/puppetserver/cli/apps/ruby" \
-&& install -m 0755 ext/cli/stop "${apps_dir}/puppetserver/cli/apps/stop" \
-&& install -m 0755 ext/cli/start "${apps_dir}/puppetserver/cli/apps/start" \
-&& install -m 0755 ext/cli_defaults/cli-defaults.sh "${apps_dir}/puppetserver/cli" \
-&& install -d -m 0700 "${app_logdir}/puppetserver" \
-&& install -d -m 0755 "${run_dir}/puppetserver" \
-&& install -d -m 700 "${data_dir}/puppetserver/jars" \
-&& install -d -m 700 "${data_dir}/puppetserver/yaml" \
-&& install -d /opt/puppetlabs/server/data/puppetserver/jruby-gems \
-&& install -d -m=775 /opt/puppetlabs/server/data \
-&& install -d "${etc_dir}/puppet/ssl" \
-&& install -d -m=755 "${etc_dir}/code" \
-&& install -d "${etc_dir}/puppetserver/ca" \
+&& install -d -m 0770 "${data_dir}/puppetserver" \
+&& install -d -m 0770 "${etc_dir}/puppet/ssl" \
+&& install -d -m 0775 "${data_dir}" \
+&& install -m 0644 ext/config/conf.d/auth.conf                "${etc_dir}/puppetserver/conf.d/auth.conf" \
+&& install -m 0644 ext/config/conf.d/ca.conf                  "${etc_dir}/puppetserver/conf.d/ca.conf" \
+&& install -m 0644 ext/config/conf.d/global.conf              "${etc_dir}/puppetserver/conf.d/global.conf" \
+&& install -m 0644 ext/config/conf.d/metrics.conf             "${etc_dir}/puppetserver/conf.d/metrics.conf" \
+&& install -m 0644 ext/config/conf.d/puppetserver.conf        "${etc_dir}/puppetserver/conf.d/puppetserver.conf" \
+&& install -m 0644 ext/config/conf.d/web-routes.conf          "${etc_dir}/puppetserver/conf.d/web-routes.conf" \
+&& install -m 0644 ext/config/conf.d/webserver.conf           "${etc_dir}/puppetserver/conf.d/webserver.conf" \
+&& install -m 0644 ext/config/logback.xml                     "${etc_dir}/puppetserver/logback.xml" \
+&& install -m 0644 ext/config/request-logging.xml             "${etc_dir}/puppetserver/request-logging.xml" \
+&& install -m 0644 ext/config/services.d/ca.cfg               "${etc_dir}/puppetserver/services.d/ca.cfg" \
+&& install -m 0644 ext/system-config/services.d/bootstrap.cfg "${apps_dir}/puppetserver/config/services.d/bootstrap.cfg" \
+&& install -m 0644 puppet-server-release.jar                  "${apps_dir}/puppetserver" \
+&& install -m 0755 ext/bin/puppetserver                       "${bindir}/puppetserver" \
+&& install -m 0755 ext/cli_defaults/cli-defaults.sh           "${apps_dir}/puppetserver/cli" \
+&& install -m 0755 ext/cli/ca                                 "${apps_dir}/puppetserver/cli/apps/ca" \
+&& install -m 0755 ext/cli/foreground                         "${apps_dir}/puppetserver/cli/apps/foreground" \
+&& install -m 0755 ext/cli/gem                                "${apps_dir}/puppetserver/cli/apps/gem" \
+&& install -m 0755 ext/cli/irb                                "${apps_dir}/puppetserver/cli/apps/irb" \
+&& install -m 0755 ext/cli/prune                              "${apps_dir}/puppetserver/cli/apps/prune" \
+&& install -m 0755 ext/cli/ruby                               "${apps_dir}/puppetserver/cli/apps/ruby" \
+&& ln -s "../apps/puppetserver/bin/puppetserver"              "${symbindir}/puppetserver" \
+&& ln -s "../server/apps/puppetserver/bin/puppetserver"       "${uxbindir}/puppetserver" \
 && bash ext/build-scripts/install-vendored-gems.sh \
-### puppetdb-termini
+# puppetdb-termini
 && cd /puppetdb-${OPENVOXDB_VERSION} \
-&& install -Dm 0644 puppet/face/node/deactivate.rb "${rubylibdir}/puppet/face/node/deactivate.rb" \
-&& install -Dm 0644 puppet/face/node/status.rb "${rubylibdir}/puppet/face/node/status.rb" \
-&& install -Dm 0644 puppet/functions/puppetdb_query.rb "${rubylibdir}/puppet/functions/puppetdb_query.rb" \
-&& install -Dm 0644 puppet/indirector/catalog/puppetdb.rb "${rubylibdir}/puppet/indirector/catalog/puppetdb.rb" \
-&& install -Dm 0644 puppet/indirector/facts/puppetdb_apply.rb "${rubylibdir}/puppet/indirector/facts/puppetdb_apply.rb" \
-&& install -Dm 0644 puppet/indirector/facts/puppetdb.rb "${rubylibdir}/puppet/indirector/facts/puppetdb.rb" \
-&& install -Dm 0644 puppet/indirector/node/puppetdb.rb "${rubylibdir}/puppet/indirector/node/puppetdb.rb" \
-&& install -Dm 0644 puppet/indirector/resource/puppetdb.rb "${rubylibdir}/puppet/indirector/resource/puppetdb.rb" \
-&& install -Dm 0644 puppet/reports/puppetdb.rb "${rubylibdir}/puppet/reports/puppetdb.rb" \
-&& install -Dm 0644 puppet/util/puppetdb.rb "${rubylibdir}/puppet/util/puppetdb.rb" \
-&& install -Dm 0644 puppet/util/puppetdb/atom.rb "${rubylibdir}/puppet/util/puppetdb/atom.rb" \
-&& install -Dm 0644 puppet/util/puppetdb/char_encoding.rb "${rubylibdir}/puppet/util/puppetdb/char_encoding.rb" \
-&& install -Dm 0644 puppet/util/puppetdb/command_names.rb "${rubylibdir}/puppet/util/puppetdb/command_names.rb" \
-&& install -Dm 0644 puppet/util/puppetdb/command.rb "${rubylibdir}/puppet/util/puppetdb/command.rb" \
-&& install -Dm 0644 puppet/util/puppetdb/config.rb "${rubylibdir}/puppet/util/puppetdb/config.rb" \
-&& install -Dm 0644 puppet/util/puppetdb/http.rb "${rubylibdir}/puppet/util/puppetdb/http.rb"
+&& for f in puppet/face/node/deactivate.rb puppet/face/node/status.rb puppet/functions/puppetdb_query.rb puppet/indirector/catalog/puppetdb.rb puppet/indirector/facts/puppetdb_apply.rb puppet/indirector/facts/puppetdb.rb puppet/indirector/node/puppetdb.rb puppet/indirector/resource/puppetdb.rb puppet/reports/puppetdb.rb puppet/util/puppetdb.rb puppet/util/puppetdb/atom.rb puppet/util/puppetdb/char_encoding.rb puppet/util/puppetdb/command_names.rb puppet/util/puppetdb/command.rb puppet/util/puppetdb/config.rb puppet/util/puppetdb/http.rb; do \
+         install -Dm 0644 $f "${rubylibdir}/$f"; \
+     done \
+&& rm -rf /openvox-server-${OPENVOXSERVER_VERSION}.tar.gz /openvoxdb-${OPENVOXDB_VERSION}.tar.gz /puppetserver-${OPENVOXSERVER_VERSION} /puppetdb-${OPENVOXDB_VERSION}
 
 ################################################################################
 
@@ -104,7 +86,7 @@
 ARG build_date
 ARG R10K_VERSION=5.0.0
 
 LABEL org.label-schema.maintainer="Voxpupuli Team <voxpupuli@groups.io>" \
       org.label-schema.vendor="OpenVoxProject" \
       org.label-schema.url="https://github.com/OpenVoxProject/container-openvoxserver" \
       org.label-schema.vcs-url="https://github.com/OpenVoxProject/container-openvoxserver" \
@@ -115,7 +97,7 @@
       org.label-schema.vcs-ref="$vcs_ref" \
       org.label-schema.build-date="$build_date"
 
 ENV AUTOSIGN=true \
     CA_ALLOW_SUBJECT_ALT_NAMES=false \
     CA_ENABLED=true \
     CA_TTL=157680000 \
@@ -179,22 +161,8 @@
 COPY request-logging.xml /etc/puppetlabs/puppetserver/
 
 RUN apk update \
-&& apk add --update dumb-init \
-&& apk add --update alpine-sdk \
-&& apk add --update openssh-client \
-&& apk add --update openssl \
-&& apk add --update libssh2 \
-&& apk add --update ruby \
-&& apk add --update ruby-dev \
-# && apk add --update cmake \
-# install puppet gem as agent into system ruby
-&& gem install --no-doc puppet -v 8.10.0 \
-&& gem install --no-doc hocon  -v 1.4.0 \
-&& gem install --no-doc racc -v 1.8.1 \
-&& gem install --no-doc r10k -v ${R10K_VERSION} \
-&& gem install --no-doc hiera-eyaml -v 4.1.0 \
-&& gem install --no-doc puppetserver-ca -v 2.6.0 \
-# && gem install --no-doc rugged -- --with-ssh \
+&& apk add --no-cache dumb-init alpine-sdk openssh-client openssl libssh2 ruby ruby-dev runuser coreutils gcompat \
+&& gem install --no-document openvox:8.21.1 syslog hocon:1.4.0 racc:1.8.1 r10k:${R10K_VERSION} hiera-eyaml:4.3.0 openvoxserver-ca:3.0.0 \
 && apk del --purge alpine-sdk \
 && addgroup -g 1001 puppet \
 && adduser -G puppet -u 1001 -h ${data_dir}/puppetserver -H -D -s /sbin/nologin puppet \
@@ -222,7 +190,7 @@
 && ln -s /usr/bin/r10k /opt/puppetlabs/puppet/bin/r10k \
 && ln -s /usr/bin/hiera-eyaml /opt/puppetlabs/puppet/bin/hiera-eyaml \
 # install puppet gem as library into jruby loadpath
-&& puppetserver gem install puppet
+&& puppetserver gem install --no-document openvox
 
 # k8s uses livenessProbe, startupProbe, readinessProbe and ignores HEALTHCHECK
 HEALTHCHECK --interval=20s --timeout=15s --retries=12 --start-period=3m CMD ["/healthcheck.sh"]

openvoxserver/container-entrypoint.d/20-use-templates-initially.sh

@@ -8,9 +8,11 @@ set -e
 TEMPLATES=/var/tmp/puppet
 
 cd /etc/puppetlabs/puppet
-for f in auth.conf hiera.yaml puppet.conf puppetdb.conf
-do
-    test -f "$TEMPLATES/$f" && cp -p --update=none "$TEMPLATES/$f" .
+for f in auth.conf hiera.yaml puppet.conf puppetdb.conf; do
+  [ -f "$TEMPLATES/$f" ] && [ ! -f "$f" ] && {
+    echo "Copying template $f from $TEMPLATES"
+    cp -p "$TEMPLATES/$f" .
+  }
 done
 cd /
 

openvoxserver/container-entrypoint.d/55-set-masterport.sh

@@ -2,10 +2,6 @@
 
 set -e
 
-hocon() {
-  /opt/puppetlabs/puppet/lib/ruby/vendor_gems/bin/hocon "$@"
-}
-
 if test -n "$OPENVOXSERVER_PORT"; then
   cd /etc/puppetlabs/puppetserver/conf.d/
   hocon -f webserver.conf set webserver.ssl-port $OPENVOXSERVER_PORT

openvoxserver/container-entrypoint.d/90-ca.sh

@@ -7,10 +7,6 @@ ca_running() {
   test "$status" = "running"
 }
 
-hocon() {
-  /opt/puppetlabs/puppet/lib/ruby/vendor_gems/bin/hocon "$@"
-}
-
 if [[ "$CA_ENABLED" != "true" ]]; then
   # we are just an ordinary compiler
   echo "turning off CA"

openvoxserver/container-entrypoint.sh

@@ -11,6 +11,8 @@ set -o nounset  # exit on use of undeclared var, use `${possibly_undefined-}` to
                 # `: ${possibly_undefined_or_empty:=default}` will also replace an empty (but declared) value
 # set -o xtrace
 
+PATH=$PATH:/opt/puppetlabs/puppet/lib/ruby/vendor_gems/bin:/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems/bin/
+
 pid=0
 
 echoerr() { echo "$@" 1>&2; }