From a0e127541011114a12dba868b98b27c821c4695f Mon Sep 17 00:00:00 2001
From: Nigel Banks <nigel.g.banks@gmail.com>
Date: Thu, 6 Feb 2025 17:13:49 +0100
Subject: [PATCH 1/3] Replace legacy cont-init.d for Cantaloupe service

Changes the cantaloupe service init such that it respects service
dependencies.

This insures that the precedence for container environment follows what
is outlined in the container-environment service.
---
 cantaloupe/rootfs/etc/cont-init.d/01-set-api-secret.sh   | 8 --------
 .../dependencies.d/container-environment                 | 0
 .../etc/s6-overlay/s6-rc.d/cantaloupe-defaults/type      | 1 +
 .../rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/up | 1 +
 .../confd-oneshot/dependencies.d/cantaloupe-defaults     | 0
 .../rootfs/etc/s6-overlay/scripts/cantaloupe-defaults.sh | 9 +++++++++
 6 files changed, 11 insertions(+), 8 deletions(-)
 delete mode 100755 cantaloupe/rootfs/etc/cont-init.d/01-set-api-secret.sh
 create mode 100644 cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/dependencies.d/container-environment
 create mode 100644 cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/type
 create mode 100755 cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/up
 create mode 100644 cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/confd-oneshot/dependencies.d/cantaloupe-defaults
 create mode 100755 cantaloupe/rootfs/etc/s6-overlay/scripts/cantaloupe-defaults.sh

diff --git a/cantaloupe/rootfs/etc/cont-init.d/01-set-api-secret.sh b/cantaloupe/rootfs/etc/cont-init.d/01-set-api-secret.sh
deleted file mode 100755
index f6461de2..00000000
--- a/cantaloupe/rootfs/etc/cont-init.d/01-set-api-secret.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/with-contenv bash
-set -e
-
-ENV_FILE="/var/run/s6/container_environment/CANTALOUPE_ENDPOINT_API_SECRET"
-if [ ! -s "$ENV_FILE" ]; then
-    openssl rand -hex 16 > "$ENV_FILE"
-    echo "CANTALOUPE_ENDPOINT_API_SECRET was empty. Set to a new random value."
-fi
diff --git a/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/dependencies.d/container-environment b/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/dependencies.d/container-environment
new file mode 100644
index 00000000..e69de29b
diff --git a/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/type b/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/type
new file mode 100644
index 00000000..bdd22a18
--- /dev/null
+++ b/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/type
@@ -0,0 +1 @@
+oneshot
diff --git a/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/up b/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/up
new file mode 100755
index 00000000..34bb7476
--- /dev/null
+++ b/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/cantaloupe-defaults/up
@@ -0,0 +1 @@
+/etc/s6-overlay/scripts/cantaloupe-defaults.sh
diff --git a/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/confd-oneshot/dependencies.d/cantaloupe-defaults b/cantaloupe/rootfs/etc/s6-overlay/s6-rc.d/confd-oneshot/dependencies.d/cantaloupe-defaults
new file mode 100644
index 00000000..e69de29b
diff --git a/cantaloupe/rootfs/etc/s6-overlay/scripts/cantaloupe-defaults.sh b/cantaloupe/rootfs/etc/s6-overlay/scripts/cantaloupe-defaults.sh
new file mode 100755
index 00000000..caab0146
--- /dev/null
+++ b/cantaloupe/rootfs/etc/s6-overlay/scripts/cantaloupe-defaults.sh
@@ -0,0 +1,9 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+set -ex
+
+# Set the default value for CANTALOUPE_ENDPOINT_API_SECRET if none provided.
+DEFAULT_SECRET=$(openssl rand -hex 16)
+cat <<EOF | /usr/local/bin/confd-import-environment.sh
+CANTALOUPE_ENDPOINT_API_SECRET="{{ getenv "CANTALOUPE_ENDPOINT_API_SECRET" "${DEFAULT_SECRET}" }}"
+EOF

From 5d9a6f7d800216ee332e8b2f2ea0c442258f9cf3 Mon Sep 17 00:00:00 2001
From: Nigel Banks <nigel.g.banks@gmail.com>
Date: Thu, 6 Feb 2025 17:25:17 +0100
Subject: [PATCH 2/3] Test compose projects require names.

---
 cantaloupe/tests/ServiceHealthcheck/docker-compose.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cantaloupe/tests/ServiceHealthcheck/docker-compose.yml b/cantaloupe/tests/ServiceHealthcheck/docker-compose.yml
index 937a1db8..528bf02c 100644
--- a/cantaloupe/tests/ServiceHealthcheck/docker-compose.yml
+++ b/cantaloupe/tests/ServiceHealthcheck/docker-compose.yml
@@ -4,6 +4,7 @@
 x-common: &common
   restart: "no"
 
+name: cantaloupe-servicehealthcheck
 services:
   cantaloupe:
     <<: *common

From b119b7b2083b566582e94ba241fe0fcf1161d0e4 Mon Sep 17 00:00:00 2001
From: Nigel Banks <nigel.g.banks@gmail.com>
Date: Thu, 6 Feb 2025 17:28:25 +0100
Subject: [PATCH 3/3] Bump github action upload artifact

---
 .github/workflows/grype.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/grype.yml b/.github/workflows/grype.yml
index c0b643b8..6fe28452 100644
--- a/.github/workflows/grype.yml
+++ b/.github/workflows/grype.yml
@@ -33,8 +33,8 @@ jobs:
         with:
           cache-read-only: false
           arguments: ${{ inputs.image }}:grype ${{ inputs.digest }} --info
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         if: always()
         with:
-          name: Grype Reports
+          name: ${{ inputs.image }} Grype Reports
           path: build/**/*-grype.*