REL-3521 Release SonarQube Community Build 25.2 #18375
Conversation
This comment has been minimized.
This comment has been minimized.
+COPY --chown=sonarqube:root --chmod=550 run.sh sonar.sh ${SONARQUBE_HOME}/docker/This is weird -- isn't |
Hello @tianon, thanks for the kind feedback. We reworked a bit the permission system so it work for both openshift (any uid and gid=0) as well as other user's use case (uid=1000 and gid!=0) and applied this to everything.
Ha yes, as an owner we can change permissions anyway, indeed this can cause a security risk. What would be your best practice over there, making them owned by root user and assigning read/execute to anyone ? Thanks again for the nice discussions |
This comment has been minimized.
This comment has been minimized.
|
Hey @tianon. Thanks again for the feedback. I assume that the images can rely on Buildkit since Nov 2024, isn't that correct? If Buildkit is supported, what am I missing here? |
Diff for 0117c17:diff --git a/_bashbrew-cat b/_bashbrew-cat
index 52251f1..beb0008 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -2,6 +2,7 @@ Maintainers: Carmine Vassallo <carmine.vassallo@sonarsource.com> (@carminevassal
Architectures: amd64, arm64v8
GitRepo: https://github.com/SonarSource/docker-sonarqube.git
GitCommit: 1edbd4a3f756a8b6eba3f039be62fd9c4862e9b9
+Builder: buildkit
Tags: 9.9.8-community, 9.9-community, 9-community, lts, lts-community
Directory: 9/community
@@ -18,7 +19,8 @@ Directory: 9/developer
Tags: 9.9.8-enterprise, 9.9-enterprise, 9-enterprise, lts-enterprise
Directory: 9/enterprise
-Tags: 25.1.0.102122-community, community, latest
+Tags: 25.2.0.102705-community, community, latest
+GitCommit: 339bb786d43dfba8bfdda1045e45225142d313bb
Directory: community-build
Tags: 2025.1.0-datacenter-app, 2025.1-datacenter-app, 2025-lta-datacenter-app, datacenter-app
diff --git a/_bashbrew-list b/_bashbrew-list
index a069404..9a27864 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -13,7 +13,7 @@ sonarqube:9.9.8-datacenter-app
sonarqube:9.9.8-datacenter-search
sonarqube:9.9.8-developer
sonarqube:9.9.8-enterprise
-sonarqube:25.1.0.102122-community
+sonarqube:25.2.0.102705-community
sonarqube:2025-lta-datacenter-app
sonarqube:2025-lta-datacenter-search
sonarqube:2025-lta-developer
diff --git a/sonarqube_latest/Dockerfile b/sonarqube_latest/Dockerfile
index 9158d3b..f1dfca9 100644
--- a/sonarqube_latest/Dockerfile
+++ b/sonarqube_latest/Dockerfile
@@ -14,7 +14,7 @@ ENV LANG='en_US.UTF-8' \
#
# SonarQube setup
#
-ARG SONARQUBE_VERSION=25.1.0.102122
+ARG SONARQUBE_VERSION=25.2.0.102705
ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-${SONARQUBE_VERSION}.zip
ENV DOCKER_RUNNING="true" \
JAVA_HOME='/opt/java/openjdk' \
@@ -58,6 +58,8 @@ RUN set -eux; \
rm sonarqube.zip*; \
rm -rf ${SONARQUBE_HOME}/bin/*; \
ln -s "${SONARQUBE_HOME}/lib/sonar-application-${SONARQUBE_VERSION}.jar" "${SONARQUBE_HOME}/lib/sonarqube.jar"; \
+ chown -R sonarqube:root ${SONARQUBE_HOME}; \
+ chown -R sonarqube:root "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}"; \
chmod -R 550 ${SONARQUBE_HOME}; \
chmod -R 770 "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}"; \
apt-get remove -y gnupg unzip; \
@@ -65,7 +67,7 @@ RUN set -eux; \
VOLUME ["${SQ_DATA_DIR}", "${SQ_EXTENSIONS_DIR}", "${SQ_LOGS_DIR}", "${SQ_TEMP_DIR}"]
-COPY entrypoint.sh ${SONARQUBE_HOME}/docker/
+COPY --chown=root:root --chmod=555 entrypoint.sh ${SONARQUBE_HOME}/docker/
WORKDIR ${SONARQUBE_HOME}
EXPOSE 9000Relevant Maintainers:
|
Hello team!
We just released a new SonarQube Community Build: 25.2!
Please let me know if I need to adjust anything here. :)