Merge pull request #27 from linuxserver/3.21

Roxedus · web-flow · commit b852c84e2dd7 · 2024-12-23T09:49:44.000+01:00
diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml
@@ -23,8 +23,8 @@ jobs:
           echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
           echo "> External trigger running off of master branch. To disable this trigger, add \`airsonic-advanced_master\` into the Github organizational variable \`SKIP_EXTERNAL_TRIGGER\`." >> $GITHUB_STEP_SUMMARY
           printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY
-          EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/airsonic-advanced/airsonic-advanced/releases" | jq -r '.[0] | .tag_name')
-          echo "Type is \`github_devel\`" >> $GITHUB_STEP_SUMMARY
+          EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/kagemomiji/airsonic-advanced/releases/latest" | jq -r '. | .tag_name')
+          echo "Type is \`github_stable\`" >> $GITHUB_STEP_SUMMARY
           if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
             echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
             echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-alpine:3.20
+FROM ghcr.io/linuxserver/baseimage-alpine:3.21
 
 # set version label
 ARG BUILD_DATE
@@ -21,19 +21,19 @@ RUN \
     flac \
     fontconfig \
     lame \
-    openjdk11-jre \
+    openjdk17-jre \
     ttf-dejavu \
     vorbis-tools && \
   echo "**** install airsonic advanced ****" && \
   if [ -z ${AIRSONIC_ADVANCED_RELEASE+x} ]; then \
-    AIRSONIC_ADVANCED_RELEASE=$(curl -sX GET "https://api.github.com/repos/airsonic-advanced/airsonic-advanced/releases" \
+    AIRSONIC_ADVANCED_RELEASE=$(curl -sX GET "https://api.github.com/repos/kagemomiji/airsonic-advanced/releases/latest" \
     | awk '/tag_name/{print $4;exit}' FS='[""]'); \
   fi && \
   mkdir -p \
     ${AIRSONIC_ADVANCED_HOME} && \
   curl -o \
   ${AIRSONIC_ADVANCED_HOME}/airsonic.war -L \
-    "https://github.com/airsonic-advanced/airsonic-advanced/releases/download/${AIRSONIC_ADVANCED_RELEASE}/airsonic.war" && \
+    "https://github.com/kagemomiji/airsonic-advanced/releases/download/${AIRSONIC_ADVANCED_RELEASE}/airsonic.war" && \
   printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
   echo "**** cleanup ****" && \
   rm -rf \
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.20
+FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.21
 
 # set version label
 ARG BUILD_DATE
@@ -21,19 +21,19 @@ RUN \
     flac \
     fontconfig \
     lame \
-    openjdk11-jre \
+    openjdk17-jre \
     ttf-dejavu \
     vorbis-tools && \
   echo "**** install airsonic advanced ****" && \
   if [ -z ${AIRSONIC_ADVANCED_RELEASE+x} ]; then \
-    AIRSONIC_ADVANCED_RELEASE=$(curl -sX GET "https://api.github.com/repos/airsonic-advanced/airsonic-advanced/releases" \
+    AIRSONIC_ADVANCED_RELEASE=$(curl -sX GET "https://api.github.com/repos/kagemomiji/airsonic-advanced/releases/latest" \
     | awk '/tag_name/{print $4;exit}' FS='[""]'); \
   fi && \
   mkdir -p \
     ${AIRSONIC_ADVANCED_HOME} && \
   curl -o \
   ${AIRSONIC_ADVANCED_HOME}/airsonic.war -L \
-    "https://github.com/airsonic-advanced/airsonic-advanced/releases/download/${AIRSONIC_ADVANCED_RELEASE}/airsonic.war" && \
+    "https://github.com/kagemomiji/airsonic-advanced/releases/download/${AIRSONIC_ADVANCED_RELEASE}/airsonic.war" && \
   printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
   echo "**** cleanup ****" && \
   rm -rf \
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -19,8 +19,8 @@ pipeline {
     DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat')
     QUAYIO_API_TOKEN=credentials('quayio-repo-api-token')
     GIT_SIGNING_KEY=credentials('484fbca6-9a4f-455e-b9e3-97ac98785f5f')
-    EXT_GIT_BRANCH = 'master'
-    EXT_USER = 'airsonic-advanced'
+    EXT_GIT_BRANCH = 'main'
+    EXT_USER = 'kagemomiji'
     EXT_REPO = 'airsonic-advanced'
     BUILD_VERSION_ARG = 'AIRSONIC_ADVANCED_RELEASE'
     LS_USER = 'linuxserver'
@@ -129,23 +129,23 @@ pipeline {
     /* ########################
        External Release Tagging
        ######################## */
-    // If this is a devel github release use the first in an array from github to determine the ext tag
-    stage("Set ENV github_devel"){
-      steps{
-        script{
-          env.EXT_RELEASE = sh(
-            script: '''curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases | jq -r '.[0] | .tag_name' ''',
-            returnStdout: true).trim()
-        }
-      }
+    // If this is a stable github release use the latest endpoint from github to determine the ext tag
+    stage("Set ENV github_stable"){
+     steps{
+       script{
+         env.EXT_RELEASE = sh(
+           script: '''curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases/latest | jq -r '. | .tag_name' ''',
+           returnStdout: true).trim()
+       }
+     }
     }
     // If this is a stable or devel github release generate the link for the build message
     stage("Set ENV github_link"){
-      steps{
-        script{
-          env.RELEASE_LINK = 'https://github.com/' + env.EXT_USER + '/' + env.EXT_REPO + '/releases/tag/' + env.EXT_RELEASE
-        }
-      }
+     steps{
+       script{
+         env.RELEASE_LINK = 'https://github.com/' + env.EXT_USER + '/' + env.EXT_REPO + '/releases/tag/' + env.EXT_RELEASE
+       }
+     }
     }
     // Sanitize the release tag and strip illegal docker or github characters
     stage("Sanitize tag"){
@@ -980,12 +980,12 @@ pipeline {
              "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
         echo "Pushing New release for Tag"
         sh '''#! /bin/bash
-              curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases | jq '.[0] |.body' | sed 's:^.\\(.*\\).$:\\1:' > releasebody.json
+              curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases/latest | jq '. |.body' | sed 's:^.\\(.*\\).$:\\1:' > releasebody.json
               echo '{"tag_name":"'${META_TAG}'",\
                      "target_commitish": "master",\
                      "name": "'${META_TAG}'",\
                      "body": "**CI Report:**\\n\\n'${CI_URL:-N/A}'\\n\\n**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
-              printf '","draft": false,"prerelease": true}' >> releasebody.json
+              printf '","draft": false,"prerelease": false}' >> releasebody.json
               paste -d'\\0' start releasebody.json > releasebody.json.done
               curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
       }
diff --git a/README.md b/README.md
@@ -75,6 +75,10 @@ Note that if you want to use [Airsonic's Java jukebox player](https://airsonic.g
 
 This image can be run with a read-only container filesystem. For details please [read the docs](https://docs.linuxserver.io/misc/read-only/).
 
+## Non-Root Operation
+
+This image can be run with a non-root user. For details please [read the docs](https://docs.linuxserver.io/misc/non-root/).
+
 ## Usage
 
 To help you get started creating a container from this image you can either use docker-compose or the docker cli.
@@ -149,6 +153,7 @@ Containers are configured using parameters passed at runtime (such as those abov
 | `-v /media` | Location of other media. |
 | `--device /dev/snd` | Only needed to pass your host sound device to Airsonic's Java jukebox player. |
 | `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). |
+| `--user=1000:1000` | Run container with a non-root user. Please [read the docs](https://docs.linuxserver.io/misc/non-root/). |
 
 ## Environment variables from files (Docker secrets)
 
@@ -312,6 +317,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **21.12.24:** - Rebase to Alpine 3.21. Switch upstream to track https://github.com/kagemomiji/airsonic-advanced.
 * **24.05.24:** - Rebase to Alpine 3.20.
 * **20.03.24:** - Rebase to Alpine 3.19.
 * **30.05.23:** - Rebase to Alpine 3.18.
diff --git a/jenkins-vars.yml b/jenkins-vars.yml
@@ -2,13 +2,13 @@
 
 # jenkins variables
 project_name: docker-airsonic-advanced
-external_type: github_devel
-release_type: prerelease
+external_type: github_stable
+release_type: stable
 release_tag: latest
 ls_branch: master
 repo_vars:
-  - EXT_GIT_BRANCH = 'master'
-  - EXT_USER = 'airsonic-advanced'
+  - EXT_GIT_BRANCH = 'main'
+  - EXT_USER = 'kagemomiji'
   - EXT_REPO = 'airsonic-advanced'
   - BUILD_VERSION_ARG = 'AIRSONIC_ADVANCED_RELEASE'
   - LS_USER = 'linuxserver'
diff --git a/readme-vars.yml b/readme-vars.yml
@@ -34,6 +34,7 @@ opt_param_device_map: true
 opt_param_devices:
   - {device_path: "/dev/snd", device_host_path: "/dev/snd", desc: "Only needed to pass your host sound device to Airsonic's Java jukebox player."}
 readonly_supported: true
+nonroot_supported: true
 # application setup block
 app_setup_block_enabled: true
 app_setup_block: |
@@ -93,6 +94,7 @@ init_diagram: |
   "airsonic-advanced:latest" <- Base Images
 # changelog
 changelogs:
+  - {date: "21.12.24:", desc: "Rebase to Alpine 3.21. Switch upstream to track https://github.com/kagemomiji/airsonic-advanced."}
   - {date: "24.05.24:", desc: "Rebase to Alpine 3.20."}
   - {date: "20.03.24:", desc: "Rebase to Alpine 3.19."}
   - {date: "30.05.23:", desc: "Rebase to Alpine 3.18."}
diff --git a/root/etc/s6-overlay/s6-rc.d/init-airsonic-advanced-config/run b/root/etc/s6-overlay/s6-rc.d/init-airsonic-advanced-config/run
@@ -4,7 +4,9 @@
 mkdir -p "${AIRSONIC_ADVANCED_SETTINGS}"/transcode
 mkdir -p "/run/tomcat.4040"
 
-lsiown -R abc:abc /config "${AIRSONIC_ADVANCED_SETTINGS}" /run/tomcat.4040
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    lsiown -R abc:abc /config "${AIRSONIC_ADVANCED_SETTINGS}" /run/tomcat.4040
+fi
 
 if [[ ! -e "${AIRSONIC_ADVANCED_SETTINGS}"/transcode/ffmpeg || ! -e  "${AIRSONIC_ADVANCED_SETTINGS}"/transcode/flac || ! -e "${AIRSONIC_ADVANCED_SETTINGS}"/transcode/lame  ]]; then
     ln -sf /usr/bin/ffmpeg "${AIRSONIC_ADVANCED_SETTINGS}"/transcode/
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-airsonic-advanced/run b/root/etc/s6-overlay/s6-rc.d/svc-airsonic-advanced/run
@@ -12,19 +12,37 @@ URL_BASE="/${CONTEXT_PATH}"
 # add option to pass runtime arguments
 IFS=" " read -r -a RUN_ARRAY <<< "$JAVA_OPTS"
 
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
 exec \
-    s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 4040" \
-    cd "${AIRSONIC_ADVANCED_HOME}" s6-setuidgid abc \
-        java \
-            -Dlog4j2.formatMsgNoLookups=true \
-            -Dairsonic.defaultMusicFolder=/music \
-            -Dairsonic.defaultPlaylistFolder=/playlists \
-            -Dairsonic.defaultPodcastFolder=/podcasts \
-            -Dairsonic.home="${AIRSONIC_ADVANCED_SETTINGS}" \
-            -Djava.awt.headless=true \
-            -Djava.io.tmpdir="/run/tomcat.4040" \
-            -Dserver.servlet.context-path="${URL_BASE}" \
-            -Dserver.host=0.0.0.0 \
-            -Dserver.port=4040 \
-            "${RUN_ARRAY[@]}" \
-            -jar airsonic.war
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 4040" \
+        cd "${AIRSONIC_ADVANCED_HOME}" s6-setuidgid abc \
+            java \
+                -Dlog4j2.formatMsgNoLookups=true \
+                -Dairsonic.defaultMusicFolder=/music \
+                -Dairsonic.defaultPlaylistFolder=/playlists \
+                -Dairsonic.defaultPodcastFolder=/podcasts \
+                -Dairsonic.home="${AIRSONIC_ADVANCED_SETTINGS}" \
+                -Djava.awt.headless=true \
+                -Djava.io.tmpdir="/run/tomcat.4040" \
+                -Dserver.servlet.context-path="${URL_BASE}" \
+                -Dserver.host=0.0.0.0 \
+                -Dserver.port=4040 \
+                "${RUN_ARRAY[@]}" \
+                -jar airsonic.war
+else
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 4040" \
+        cd "${AIRSONIC_ADVANCED_HOME}" \
+            java \
+                -Dlog4j2.formatMsgNoLookups=true \
+                -Dairsonic.defaultMusicFolder=/music \
+                -Dairsonic.defaultPlaylistFolder=/playlists \
+                -Dairsonic.defaultPodcastFolder=/podcasts \
+                -Dairsonic.home="${AIRSONIC_ADVANCED_SETTINGS}" \
+                -Djava.awt.headless=true \
+                -Djava.io.tmpdir="/run/tomcat.4040" \
+                -Dserver.servlet.context-path="${URL_BASE}" \
+                -Dserver.host=0.0.0.0 \
+                -Dserver.port=4040 \
+                "${RUN_ARRAY[@]}" \
+                -jar airsonic.war
+fi
