add nginx-bitnami #44005

Dentrax · 2025-02-27T13:43:31Z

Signed-off-by: Dentrax furkan.turkal@chainguard.dev<!---
Provide a short summary in the Title above. Examples of good PR titles:

"ruby-3.1: new package"
"haproxy: fix CVE-2014-123456"
-->

Fixes:

For new package PRs only

This PR is marked as fixing a pre-existing package request bug
- Alternatively, the PR is marked as related to a pre-existing package request bug, such as a dependency
REQUIRED - The package is available under an OSI-approved or FSF-approved license
REQUIRED - The version of the package is still receiving security updates
This PR links to the upstream project's support policy (e.g. endoflife.date)

For new version streams

The upstream project actually supports multiple concurrent versions.
Any subpackages include the version string in their package name (e.g. name: ${{package.name}}-compat)
The package (and subpackages) provides: logical unversioned forms of the package (e.g. nodejs, nodejs-lts)
If non-streamed package names no longer built, open PR to withdraw them (see WITHDRAWING PACKAGES)

For package updates (renames) in the base images

When updating packages part of base images (i.e. cgr.dev/chainguard/wolfi-base or ghcr.io/wolfi-dev/sdk)

REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk images successfully build
REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk contain no obsolete (no longer built) packages
Upon launch, does apk upgrade --latest successfully upgrades packages or performs no actions

For security-related PRs

The security fix is recorded in the advisories repo

For version bump PRs

The epoch field is reset to 0

For PRs that add patches

Patch source is documented

Signed-off-by: Dentrax <furkan.turkal@chainguard.dev>

Signed-off-by: Aditvil-Dev <aditya.tirmanwar@chainguard.dev>

EyeCantCU

I believe nginx-stable should also be updated

EyeCantCU · 2025-03-03T22:08:39Z

nginx-mainline.yaml

Let's run the postunpack script like we do for other bitnami packages: https://github.com/bitnami/containers/blob/main/bitnami/nginx/1.27/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh

EyeCantCU · 2025-03-03T22:08:47Z

nginx-mainline.yaml

@@ -2,7 +2,7 @@ package:
  name: nginx-mainline
  # Must also bump njs at the same time
  version: "1.27.4"
-  epoch: 0


Should only be 1

add nginx-bitnami

ec8a635

Signed-off-by: Dentrax <furkan.turkal@chainguard.dev>

octo-sts bot added the bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. label Feb 27, 2025

Dentrax marked this pull request as ready for review February 27, 2025 18:59

add nginx-bitnami

01d17ec

Signed-off-by: Dentrax <furkan.turkal@chainguard.dev>

Dentrax force-pushed the nginx-bitnami branch from a088744 to 01d17ec Compare February 28, 2025 09:12

copy contents instead of symlink for /logs

4a0a1bc

Signed-off-by: Aditvil-Dev <aditya.tirmanwar@chainguard.dev>

EyeCantCU requested changes Mar 3, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

add nginx-bitnami #44005

add nginx-bitnami #44005

Dentrax commented Feb 27, 2025

EyeCantCU left a comment

EyeCantCU Mar 3, 2025

EyeCantCU Mar 3, 2025

add nginx-bitnami #44005

Are you sure you want to change the base?

add nginx-bitnami #44005

Conversation

Dentrax commented Feb 27, 2025

Pre-review Checklist

For new package PRs only

For new version streams

For package updates (renames) in the base images

For security-related PRs

For version bump PRs

For PRs that add patches

EyeCantCU left a comment

Choose a reason for hiding this comment

EyeCantCU Mar 3, 2025

Choose a reason for hiding this comment

EyeCantCU Mar 3, 2025

Choose a reason for hiding this comment