dfccd5a058
This upgrade takes care of our move to JDK 17, Spring Boot 3.0.1 and a few other security upgrades along the way. Fixes #18993 TODO: - [x] Check CI changes for Java 17 - [x] Check vulnerability report - [x] Mongock needs an upgrade - [x] Add JVM args at all possible places for exposing java.time module - [x] Add type adapters everywhere / use the same config for type adapters everywhere
47 lines
1.4 KiB
Bash
Executable File
47 lines
1.4 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -o errexit
|
|
set -o pipefail
|
|
set -o nounset
|
|
set -o noglob
|
|
|
|
declare -a proxy_args
|
|
proxy_configured=0
|
|
|
|
if [[ ${HTTP_PROXY-} =~ ^http://(.*):([[:digit:]]*)/?$ && ${BASH_REMATCH[2]} != 0 ]]; then
|
|
proxy_args+=(-Dhttp.proxyHost="${BASH_REMATCH[1]}" -Dhttp.proxyPort="${BASH_REMATCH[2]}")
|
|
proxy_configured=1
|
|
fi
|
|
|
|
if [[ ${HTTPS_PROXY-} =~ ^https?://(.*):([[:digit:]]*)/?$ && ${BASH_REMATCH[2]} != 0 ]]; then
|
|
proxy_args+=(-Dhttps.proxyHost="${BASH_REMATCH[1]}" -Dhttps.proxyPort="${BASH_REMATCH[2]}")
|
|
proxy_configured=1
|
|
fi
|
|
|
|
if [[ -z "${NO_PROXY-}" ]]; then
|
|
# A default for this value is set in entrypoint.sh script.
|
|
# If this variable is not set, just set it to empty string.
|
|
NO_PROXY=""
|
|
fi
|
|
|
|
if [[ $proxy_configured == 1 ]]; then
|
|
proxy_args+=(-Djava.net.useSystemProxies=true -Dhttp.nonProxyHosts="${NO_PROXY/,/|}")
|
|
fi
|
|
|
|
# Wait until RTS started and listens on port 8091
|
|
while ! curl --fail --silent localhost/rts-api/v1/health-check; do
|
|
echo 'Waiting for RTS to start ...'
|
|
sleep 1
|
|
done
|
|
echo 'RTS started.'
|
|
|
|
|
|
# Ref -Dlog4j2.formatMsgNoLookups=true https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
|
|
exec java ${APPSMITH_JAVA_ARGS:-} ${APPSMITH_JAVA_HEAP_ARG:-} \
|
|
--add-opens java.base/java.time=ALL-UNNAMED \
|
|
-Dserver.port=8080 \
|
|
-Djava.security.egd=file:/dev/./urandom \
|
|
-Dlog4j2.formatMsgNoLookups=true \
|
|
"${proxy_args[@]}" \
|
|
-jar server.jar
|