From a1c03dc54f6d1467caf16364ac089473c45345b8 Mon Sep 17 00:00:00 2001
From: Laurent Goderre <laurent.goderre@docker.com>
Date: Thu, 4 Jul 2024 10:07:29 -0400
Subject: [PATCH] Make js-yaml detectable by SBOM scanners

---
 percona-server-mongodb-4.2/Dockerfile | 10 ++++++++--
 percona-server-mongodb-4.4/Dockerfile |  8 ++++++--
 percona-server-mongodb-5.0/Dockerfile |  8 ++++++--
 percona-server-mongodb-6.0/Dockerfile |  8 ++++++--
 percona-server-mongodb-7.0/Dockerfile |  8 ++++++--
 5 files changed, 32 insertions(+), 10 deletions(-)

diff --git a/percona-server-mongodb-4.2/Dockerfile b/percona-server-mongodb-4.2/Dockerfile
index bd94a554..b4c3ca8b 100644
--- a/percona-server-mongodb-4.2/Dockerfile
+++ b/percona-server-mongodb-4.2/Dockerfile
@@ -70,14 +70,20 @@ RUN set -eux; \
     chmod +x /usr/bin/gosu; \
     curl -f -o /licenses/LICENSE.gosu https://raw.githubusercontent.com/tianon/gosu/${GOSU_VERSION}/LICENSE
 
+RUN set -ex; \
+    mkdir -p /opt/js-yaml/; \
+    curl -fSL https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz -o /opt/js-yaml/js-yaml.tgz; \
+    echo "0dae332559cf22b21c26ea70e732afd8303ff99412f9c3d9d209faa8882cf2ca  /opt/js-yaml/js-yaml.tgz" | sha256sum -c -; \
+    tar -xz --strip-components=1 -f /opt/js-yaml/js-yaml.tgz -C /opt/js-yaml; \
+    rm -rf /opt/js-yaml/js-yaml.tgz /opt/js-yaml/bin /opt/js-yaml/lib; \
+    ln -s /opt/js-yaml/dist/js-yaml.js /js-yaml.js;
+
 RUN set -ex; \
     curl -fSL https://github.com/percona/mongodb-orchestration-tools/releases/download/${K8S_TOOLS_VERSION}/k8s-mongodb-initiator -o /usr/local/bin/k8s-mongodb-initiator; \
     curl -fSL  https://github.com/percona/mongodb-orchestration-tools/releases/download/${K8S_TOOLS_VERSION}/mongodb-healthcheck -o /usr/local/bin/mongodb-healthcheck; \
     curl -fSL  https://github.com/percona/mongodb-orchestration-tools/releases/download/${K8S_TOOLS_VERSION}/SHA256SUMS -o /tmp/SHA256SUMS; \
-    curl -fSL https://cdnjs.cloudflare.com/ajax/libs/js-yaml/4.1.0/js-yaml.min.js -o /js-yaml.js; \
     echo "$(grep 'k8s-mongodb-initiator' /tmp/SHA256SUMS | awk '{print $1}')" /usr/local/bin/k8s-mongodb-initiator | sha256sum -c -; \
     echo "$(grep 'mongodb-healthcheck' /tmp/SHA256SUMS   | awk '{print $1}')" /usr/local/bin/mongodb-healthcheck   | sha256sum -c -; \
-    echo "45dc3dd03dc07a06705a2c2989b8c7f709013f04bd5386e3279d4e447f07ebd7  /js-yaml.js" | sha256sum -c -; \
     rm -f /tmp/SHA256SUMS; \
     chmod 0755 /usr/local/bin/k8s-mongodb-initiator /usr/local/bin/mongodb-healthcheck
 
diff --git a/percona-server-mongodb-4.4/Dockerfile b/percona-server-mongodb-4.4/Dockerfile
index 1b215955..d0dfa453 100644
--- a/percona-server-mongodb-4.4/Dockerfile
+++ b/percona-server-mongodb-4.4/Dockerfile
@@ -86,8 +86,12 @@ RUN set -ex; \
 VOLUME ["/data/db"]
 
 RUN set -ex; \
-    curl -fSL https://cdnjs.cloudflare.com/ajax/libs/js-yaml/4.1.0/js-yaml.min.js -o /js-yaml.js; \
-    echo "45dc3dd03dc07a06705a2c2989b8c7f709013f04bd5386e3279d4e447f07ebd7  /js-yaml.js" | sha256sum -c -
+    mkdir -p /opt/js-yaml/; \
+    curl -fSL https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz -o /opt/js-yaml/js-yaml.tgz; \
+    echo "0dae332559cf22b21c26ea70e732afd8303ff99412f9c3d9d209faa8882cf2ca  /opt/js-yaml/js-yaml.tgz" | sha256sum -c -; \
+    tar -xz --strip-components=1 -f /opt/js-yaml/js-yaml.tgz -C /opt/js-yaml; \
+    rm -rf /opt/js-yaml/js-yaml.tgz /opt/js-yaml/bin /opt/js-yaml/lib; \
+    ln -s /opt/js-yaml/dist/js-yaml.js /js-yaml.js;
 
 ADD https://raw.githubusercontent.com/Percona-Lab/telemetry-agent/phase-0/call-home.sh /call-home.sh
 RUN chmod a+rx call-home.sh
diff --git a/percona-server-mongodb-5.0/Dockerfile b/percona-server-mongodb-5.0/Dockerfile
index c47714bb..fe9165cb 100644
--- a/percona-server-mongodb-5.0/Dockerfile
+++ b/percona-server-mongodb-5.0/Dockerfile
@@ -76,8 +76,12 @@ RUN set -eux; \
 VOLUME ["/data/db"]
 
 RUN set -ex; \
-    curl -fSL https://cdnjs.cloudflare.com/ajax/libs/js-yaml/4.1.0/js-yaml.min.js -o /js-yaml.js; \
-    echo "45dc3dd03dc07a06705a2c2989b8c7f709013f04bd5386e3279d4e447f07ebd7  /js-yaml.js" | sha256sum -c -
+    mkdir -p /opt/js-yaml/; \
+    curl -fSL https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz -o /opt/js-yaml/js-yaml.tgz; \
+    echo "0dae332559cf22b21c26ea70e732afd8303ff99412f9c3d9d209faa8882cf2ca  /opt/js-yaml/js-yaml.tgz" | sha256sum -c -; \
+    tar -xz --strip-components=1 -f /opt/js-yaml/js-yaml.tgz -C /opt/js-yaml; \
+    rm -rf /opt/js-yaml/js-yaml.tgz /opt/js-yaml/bin /opt/js-yaml/lib; \
+    ln -s /opt/js-yaml/dist/js-yaml.js /js-yaml.js;
 
 ADD https://raw.githubusercontent.com/Percona-Lab/telemetry-agent/phase-0/call-home.sh /call-home.sh
 RUN chmod a+rx call-home.sh
diff --git a/percona-server-mongodb-6.0/Dockerfile b/percona-server-mongodb-6.0/Dockerfile
index 697a2804..02ca0ac9 100644
--- a/percona-server-mongodb-6.0/Dockerfile
+++ b/percona-server-mongodb-6.0/Dockerfile
@@ -77,8 +77,12 @@ RUN set -eux; \
 VOLUME ["/data/db"]
 
 RUN set -ex; \
-    curl -fSL https://cdnjs.cloudflare.com/ajax/libs/js-yaml/4.1.0/js-yaml.min.js -o /js-yaml.js; \
-    echo "45dc3dd03dc07a06705a2c2989b8c7f709013f04bd5386e3279d4e447f07ebd7  /js-yaml.js" | sha256sum -c -
+    mkdir -p /opt/js-yaml/; \
+    curl -fSL https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz -o /opt/js-yaml/js-yaml.tgz; \
+    echo "0dae332559cf22b21c26ea70e732afd8303ff99412f9c3d9d209faa8882cf2ca  /opt/js-yaml/js-yaml.tgz" | sha256sum -c -; \
+    tar -xz --strip-components=1 -f /opt/js-yaml/js-yaml.tgz -C /opt/js-yaml; \
+    rm -rf /opt/js-yaml/js-yaml.tgz /opt/js-yaml/bin /opt/js-yaml/lib; \
+    ln -s /opt/js-yaml/dist/js-yaml.js /js-yaml.js;
 
 ADD https://raw.githubusercontent.com/Percona-Lab/telemetry-agent/phase-0/call-home.sh /call-home.sh
 RUN chmod a+rx call-home.sh
diff --git a/percona-server-mongodb-7.0/Dockerfile b/percona-server-mongodb-7.0/Dockerfile
index 59dabc5e..2edd7f5c 100644
--- a/percona-server-mongodb-7.0/Dockerfile
+++ b/percona-server-mongodb-7.0/Dockerfile
@@ -77,8 +77,12 @@ RUN set -eux; \
 VOLUME ["/data/db"]
 
 RUN set -ex; \
-    curl -fSL https://cdnjs.cloudflare.com/ajax/libs/js-yaml/4.1.0/js-yaml.min.js -o /js-yaml.js; \
-    echo "45dc3dd03dc07a06705a2c2989b8c7f709013f04bd5386e3279d4e447f07ebd7  /js-yaml.js" | sha256sum -c -
+    mkdir -p /opt/js-yaml/; \
+    curl -fSL https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz -o /opt/js-yaml/js-yaml.tgz; \
+    echo "0dae332559cf22b21c26ea70e732afd8303ff99412f9c3d9d209faa8882cf2ca  /opt/js-yaml/js-yaml.tgz" | sha256sum -c -; \
+    tar -xz --strip-components=1 -f /opt/js-yaml/js-yaml.tgz -C /opt/js-yaml; \
+    rm -rf /opt/js-yaml/js-yaml.tgz /opt/js-yaml/bin /opt/js-yaml/lib; \
+    ln -s /opt/js-yaml/dist/js-yaml.js /js-yaml.js;
 
 ADD https://raw.githubusercontent.com/Percona-Lab/telemetry-agent/phase-0/call-home.sh /call-home.sh
 RUN chmod a+rx call-home.sh