fix gvm

fix(sonarqube): fix jdk17
update versions
2025-05-07 18:45:36 +02:00 · 2025-05-07 18:27:31 +02:00 · 2025-05-07 18:16:02 +02:00 · 2025-05-07 17:58:49 +02:00 · 2025-05-07 17:56:13 +02:00
6 changed files with 34 additions and 35 deletions
--- a/gvm/Dockerfile
+++ b/gvm/Dockerfile
@@ -5,12 +5,12 @@ LABEL io.hass.name="GVM Scanner"
 LABEL io.hass.description="un a GVM (OpenVAS) scanner as a Home Assistant add-on."
 LABEL io.hass.arch="amd64|aarch64"
 LABEL io.hass.type="addon"
-LABEL io.hass.version="0.0.1-beta"
+LABEL io.hass.version="0.0.4-beta"

 # Set timezone
 ENV TZ=Europe/Rome

-# Install jq for parsing config
+# Install jq for config parsing
 RUN apt-get update && apt-get install -y jq \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

@@ -18,11 +18,11 @@ RUN apt-get update && apt-get install -y jq \
 COPY run.sh /run.sh
 RUN chmod +x /run.sh

-# Expose default GVM Web UI port
+# Expose GVM Web UI port
 EXPOSE 9392

-# Optionally persist data
+# Mountable volume
 VOLUME [ "/data" ]

-# Set entrypoint
-CMD [ "/run.sh" ]
+# Entrypoint
+CMD [ "/run.sh" ]
--- a/gvm/config.json
+++ b/gvm/config.json
@@ -1,6 +1,6 @@
 {
    "name": "GVM Scanner",
-    "version": "0.0.1-beta",
+    "version": "0.0.4-beta",
    "slug": "gvm",
    "description": "Run a GVM (OpenVAS) scanner as a Home Assistant add-on.",
    "startup": "services",
--- a/gvm/run.sh
+++ b/gvm/run.sh
@@ -7,7 +7,6 @@ log() {
    echo "[GVM ADD-ON] $(date +"%Y-%m-%d %H:%M:%S") - $*"
 }

-# Load user config passed by Home Assistant (as JSON env vars)
 CONFIG_PATH="/data/options.json"

 if [ ! -f "$CONFIG_PATH" ]; then
@@ -15,36 +14,38 @@ if [ ! -f "$CONFIG_PATH" ]; then
    exit 1
 fi

-# Extract variables using jq
 USERNAME=$(jq -r '.username' "$CONFIG_PATH")
 PASSWORD=$(jq -r '.password' "$CONFIG_PATH")
+TZ=$(jq -r '.TZ // empty' "$CONFIG_PATH")
+DB_PASSWORD=$(jq -r '.DB_PASSWORD // empty' "$CONFIG_PATH")
+HTTPS=$(jq -r '.HTTPS // "false"' "$CONFIG_PATH")
+SSHD=$(jq -r '.SSHD // "true"' "$CONFIG_PATH")

-# Validate
 if [ -z "$USERNAME" ] || [ -z "$PASSWORD" ]; then
    log "ERROR: username and/or password not set in options.json"
    exit 1
 fi

-# Set them for the environment
 export USERNAME
 export PASSWORD
-export DB_PASSWORD="$PASSWORD"
+export DB_PASSWORD
+export TZ
+export HTTPS
+export SSHD

-log "INFO: Starting GVM (OpenVAS) add-on as user $USERNAME..."
+log "INFO: Starting GVM (OpenVAS) add-on as user '$USERNAME'"
+log "INFO: Setting timezone to $TZ"

-# Setup timezone
 if [ -n "$TZ" ]; then
-    log "INFO: Setting timezone to $TZ"
-    ln -snf /usr/share/zoneinfo/$TZ /etc/localtime
+    ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime
    echo "$TZ" > /etc/timezone
 fi

-# Initialize data directory
 DATA_DIR="/data"
 if [ ! -d "$DATA_DIR" ]; then
    log "INFO: Creating data directory at $DATA_DIR"
    mkdir -p "$DATA_DIR"
 fi

-log "INFO: Launching GVM service..."
-exec /usr/local/bin/dumb-init gvm-start | tee -a "$DATA_DIR/gvm.log"
+log "INFO: Handing over control to /start.sh (default GVM init script)"
+exec /start.sh
--- a/sonarqube/Dockerfile
+++ b/sonarqube/Dockerfile
@@ -5,7 +5,7 @@ LABEL io.hass.name="SonarQube"
 LABEL io.hass.description="SonarQube Server helps you comply with common code security standards, such as the NIST SSDF, OWASP, CWE, STIG, and CASA."
 LABEL io.hass.arch="amd64|aarch64"
 LABEL io.hass.type="addon"
-LABEL io.hass.version="0.0.2-beta"
+LABEL io.hass.version="0.0.4-beta"

 # Build parameters
 ARG SONARQUBE_VERSION=9.9.6.92038
@@ -13,9 +13,9 @@ ENV SONARQUBE_VERSION=${SONARQUBE_VERSION} \
    SONARQUBE_HOME=/opt/sonarqube \
    SONARQUBE_BIN=/opt/sonarqube/bin/linux-x86-64

-# Install runtime dependencies
+# Install runtime dependencies (Java 17)
 RUN apk add --no-cache \
-      openjdk11-jre \
+      openjdk17-jre \
      curl \
      unzip \
      su-exec \
@@ -36,9 +36,8 @@ RUN curl -L "https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-$
 COPY run.sh /usr/local/bin/run.sh
 RUN chmod +x /usr/local/bin/run.sh

-# Expose the internal port (always 9000)
+# Expose the internal port
 EXPOSE 9000

-# Run as the 'sonarqube' user
-USER sonarqube
+# All setup runs as root; run.sh poi farà su-exec a sonarqube
 ENTRYPOINT ["/usr/local/bin/run.sh"]
--- a/sonarqube/config.json
+++ b/sonarqube/config.json
@@ -1,6 +1,6 @@
 {
    "name": "SonarQube",
-    "version": "0.0.2-beta",
+    "version": "0.0.4-beta",
    "slug": "sonarqube",
    "description": "SonarQube Server helps you comply with common code security standards, such as the NIST SSDF, OWASP, CWE, STIG, and CASA.",
    "arch": ["amd64", "armv7", "aarch64"],
@@ -11,7 +11,6 @@
    "options": {
      "data_path": "/share/sonarqube/data",
      "extensions_path": "/share/sonarqube/extensions",
-      "ui_port": 9000,
      "jdbc_url": "jdbc:postgresql://sonarqube_db:5432/sonar",
      "jdbc_username": "",
      "jdbc_password": "",
@@ -20,7 +19,6 @@
    "schema": {
      "data_path": "str",
      "extensions_path": "str",
-      "ui_port": "int",
      "jdbc_url": "str",
      "jdbc_username": "str",
      "jdbc_password": "str",
--- a/sonarqube/run.sh
+++ b/sonarqube/run.sh
@@ -12,17 +12,18 @@ set -e
 : "${SONAR_JDBC_PASSWORD:?Serve SONAR_JDBC_PASSWORD}"

 # --- Imposto timezone a container start ---
-ln -snf "/usr/share/zoneinfo/${TZ}" /etc/localtime && echo "${TZ}" > /etc/timezone
+ln -snf "/usr/share/zoneinfo/${TZ}" /etc/localtime
+echo "${TZ}" > /etc/timezone

 # --- Creo e monto le cartelle host in container ---
 mkdir -p "${DATA_PATH}" "${EXT_PATH}"
 cd "${SONARQUBE_HOME}"

-# sposto le cartelle interne originali (evt. backup)
-[ -d data ]      && mv data      data.orig || true
-[ -d extensions ]&& mv extensions extensions.orig || true
+# Sposto le cartelle interne originali (evt. backup)
+[ -d data ]       && mv data       data.orig || true
+[ -d extensions ] && mv extensions extensions.orig || true

-# link simbolici verso le cartelle condivise
+# Link simbolici verso le cartelle condivise
 ln -s "${DATA_PATH}"      data
 ln -s "${EXT_PATH}"       extensions

@@ -31,5 +32,5 @@ export SONAR_JDBC_URL
 export SONAR_JDBC_USERNAME
 export SONAR_JDBC_PASSWORD

-# --- Avvio SonarQube in foreground ---
-exec "${SONARQUBE_BIN}/sonar.sh" console
+# --- Avvio SonarQube in foreground come utente non-root ---
+exec su-exec sonarqube "${SONARQUBE_BIN}/sonar.sh" console
Author	SHA1	Message	Date
Martin	330a3348b9	fix gvm	2025-05-07 18:45:36 +02:00
Martin	44e6fae92d	fix(sonarqube): fix jdk17	2025-05-07 18:27:31 +02:00
Martin	23cbe69d3e	update versions	2025-05-07 18:16:02 +02:00
Martin	75079b2a37	Merge branch 'main' of https://git.mt-home.uk/martin/HomeAssistantAddons	2025-05-07 17:58:49 +02:00
Martin	d8e27c9feb	update version: sonarqube, gvm	2025-05-07 17:56:13 +02:00