From c007315764afcb9a7fb162b79671d32436ce22ea Mon Sep 17 00:00:00 2001
From: Karla Felix <karla.karolinenogueirafelix@windriver.com>
Date: Wed, 18 Oct 2023 21:51:11 -0300
Subject: [PATCH] Upversion docker-distribution to v2.8.2+ds1-1

Upversioning docker-distribution to v2.8.2+ds1-1 to be able to block
TLS1.0, TLS1.1 in registry-distribution.

Test Plan:

PASS: $downloader.
PASS: $build-pkgs docker-distribution --clean.
PASS: $build-image.
PASS: List docker-distribution package installed with apt list |
      grep docker.
PASS: Verify if ports 9001 and 9002 are blocking tls1.0, 1.1 and
      1.2 with nmap.

Closes-Bug: 2043217

Change-Id: Id0fc5f8794af54fc4b87b9cab6cec8b454775410
Signed-off-by: Karla Felix <karla.karolinenogueirafelix@windriver.com>
---
 .../0001-update-paths-and-service.patch       | 36 ++++++++++-------
 .../debian/deb_patches/0002-no-gecos.patch    | 11 +++---
 ...003-Override-docker-registry-service.patch | 26 ++++++-------
 ...Remove-User-directive-from-unit-file.patch |  8 ++--
 .../docker-distribution/debian/meta_data.yaml |  2 +-
 .../debian/patches/0001-update-paths.patch    | 39 +++++++------------
 6 files changed, 60 insertions(+), 62 deletions(-)

diff --git a/kubernetes/docker-distribution/debian/deb_patches/0001-update-paths-and-service.patch b/kubernetes/docker-distribution/debian/deb_patches/0001-update-paths-and-service.patch
index e9b6e6984..e3251dca2 100644
--- a/kubernetes/docker-distribution/debian/deb_patches/0001-update-paths-and-service.patch
+++ b/kubernetes/docker-distribution/debian/deb_patches/0001-update-paths-and-service.patch
@@ -1,14 +1,14 @@
-From 922d937e24a4a0cd9d826579eeb9afed4f7c234c Mon Sep 17 00:00:00 2001
-From: Daniel Safta <daniel.safta@windriver.com>
-Date: Wed, 3 Nov 2021 09:48:45 +0000
+From d59ec80b26c352416d84eb22e8dc8c743eb9a8e6 Mon Sep 17 00:00:00 2001
+From: Karla Felix <karla.karolinenogueirafelix@windriver.com>
+Date: Wed, 18 Oct 2023 19:05:21 -0300
 Subject: [PATCH] debian-patches
 
 ---
  debian/docker-registry.init     | 2 +-
- debian/docker-registry.install  | 2 +-
  debian/docker-registry.postinst | 2 +-
  debian/docker-registry.service  | 7 ++++++-
- 4 files changed, 9 insertions(+), 4 deletions(-)
+ debian/rules                    | 4 ++--
+ 4 files changed, 10 insertions(+), 5 deletions(-)
 
 diff --git a/debian/docker-registry.init b/debian/docker-registry.init
 index c225130..c03a67a 100644
@@ -23,15 +23,6 @@ index c225130..c03a67a 100644
  EXECUSER=docker-registry
  PIDFILE=/var/run/$BASE.pid
  LOGFILE=/var/log/$BASE.log
-diff --git a/debian/docker-registry.install b/debian/docker-registry.install
-index ea1de25..6ed37e3 100755
---- a/debian/docker-registry.install
-+++ b/debian/docker-registry.install
-@@ -1,3 +1,3 @@
- #!/usr/bin/dh-exec
- usr/bin/registry => usr/bin/docker-registry
--cmd/registry/config-example.yml => etc/docker/registry/config.yml
-+cmd/registry/config-example.yml => etc/docker-distribution/registry/config.yml
 diff --git a/debian/docker-registry.postinst b/debian/docker-registry.postinst
 index 96ded3c..d179197 100755
 --- a/debian/docker-registry.postinst
@@ -63,6 +54,21 @@ index 066e38a..a2feaa6 100644
  
  [Install]
  WantedBy=multi-user.target
+diff --git a/debian/rules b/debian/rules
+index 8f0ea9f..ec4fa26 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -15,8 +15,8 @@ override_dh_auto_build:
+ 
+ execute_after_dh_auto_install:
+ 	mv debian/tmp/usr/bin/registry debian/tmp/usr/bin/docker-registry
+-	mkdir -p debian/tmp/etc/docker/registry
+-	cp cmd/registry/config-example.yml debian/tmp/etc/docker/registry/config.yml
++	mkdir -p debian/tmp/etc/docker-distribution/registry
++	cp cmd/registry/config-example.yml debian/tmp/etc/docker-distribution/registry/config.yml
+ 
+ override_dh_auto_test:
+ 	dh_auto_test -- -test.short -test.timeout=1h
 -- 
-2.30.2
+2.25.1
 
diff --git a/kubernetes/docker-distribution/debian/deb_patches/0002-no-gecos.patch b/kubernetes/docker-distribution/debian/deb_patches/0002-no-gecos.patch
index c114963a8..78fcb06d7 100644
--- a/kubernetes/docker-distribution/debian/deb_patches/0002-no-gecos.patch
+++ b/kubernetes/docker-distribution/debian/deb_patches/0002-no-gecos.patch
@@ -1,18 +1,19 @@
-From 4b27111fbe6b626d08e212eb48693a228da203bc Mon Sep 17 00:00:00 2001
-From: Charles Short <charles.short@windriver.com>
-Date: Tue, 7 Dec 2021 18:49:39 +0000
+From 166ccc11c71ce7d68073e4231c6423a8eae9c1c2 Mon Sep 17 00:00:00 2001
+From: Karla Felix <karla.karolinenogueirafelix@windriver.com>
+Date: Wed, 18 Oct 2023 19:32:16 -0300
 Subject: [PATCH] Do not set gecos when creating user
 
 Remove the gecos creation since it causes issue while running
 debootstrap.
 
 Signed-off-by: Charles Short <charles.short@windriver.com>
+---
 ---
  debian/docker-registry.postinst | 1 -
  1 file changed, 1 deletion(-)
 
 diff --git a/debian/docker-registry.postinst b/debian/docker-registry.postinst
-index 96ded3c..13df951 100755
+index d179197..d6a93ba 100755
 --- a/debian/docker-registry.postinst
 +++ b/debian/docker-registry.postinst
 @@ -7,7 +7,6 @@ if [ "$1" = 'configure' ]; then
@@ -24,5 +25,5 @@ index 96ded3c..13df951 100755
  	fi
  
 -- 
-2.30.2
+2.25.1
 
diff --git a/kubernetes/docker-distribution/debian/deb_patches/0003-Override-docker-registry-service.patch b/kubernetes/docker-distribution/debian/deb_patches/0003-Override-docker-registry-service.patch
index ae8ef5a9b..9263ccd66 100644
--- a/kubernetes/docker-distribution/debian/deb_patches/0003-Override-docker-registry-service.patch
+++ b/kubernetes/docker-distribution/debian/deb_patches/0003-Override-docker-registry-service.patch
@@ -1,29 +1,29 @@
-From ec4d2b9704df16e3ffe4256b3eae6b7bd8d25807 Mon Sep 17 00:00:00 2001
-From: Charles Short <charles.short@windriver.com>
-Date: Sun, 5 Dec 2021 13:33:26 +0000
+From 7e2c90b4c9bcb35a81a737eb50b4720f52b79fa2 Mon Sep 17 00:00:00 2001
+From: Karla Felix <karla.karolinenogueirafelix@windriver.com>
+Date: Wed, 18 Oct 2023 19:42:53 -0300
 Subject: [PATCH] Override docker-registry service
 
 Prevent the docker-registry from starting when package is installed.
 
 Signed-off-by: Charles Short <charles.short@windriver.com>
 ---
- debian/rules | 4 ++++
- 1 file changed, 4 insertions(+)
+ debian/rules | 3 +++
+ 1 file changed, 3 insertions(+)
 
 diff --git a/debian/rules b/debian/rules
-index 8383ccd..f02c9ef 100755
+index 02ce7be..32ef06f 100755
 --- a/debian/rules
 +++ b/debian/rules
-@@ -17,5 +17,9 @@ override_dh_auto_test:
- 	# health/checks hit the internet, and thus fail
- 	#DH_GOLANG_EXCLUDES='distribution/registry/handlers health/checks' dh_auto_test -- -test.short
+@@ -10,6 +10,9 @@ export DH_GOLANG_EXCLUDES := \
+ %:
+ 	dh $@ --buildsystem=golang --with=golang
  
 +override_dh_installsystemd:
 +	dh_installsystemd -p docker-registry --no-enable docker-registry.service
 +
- %:
- 	dh $@ --buildsystem=golang --with=golang
-+
+ override_dh_auto_build:
+ 	dh_auto_build -- -ldflags '-X github.com/docker/distribution/version.Version=$(DEB_VERSION_UPSTREAM)'
+ 
 -- 
-2.30.2
+2.25.1
 
diff --git a/kubernetes/docker-distribution/debian/deb_patches/0004-Remove-User-directive-from-unit-file.patch b/kubernetes/docker-distribution/debian/deb_patches/0004-Remove-User-directive-from-unit-file.patch
index 0f468d805..51757683b 100644
--- a/kubernetes/docker-distribution/debian/deb_patches/0004-Remove-User-directive-from-unit-file.patch
+++ b/kubernetes/docker-distribution/debian/deb_patches/0004-Remove-User-directive-from-unit-file.patch
@@ -1,6 +1,6 @@
-From 1f52f7857bdfd54af3409f0dc4a56ed866582327 Mon Sep 17 00:00:00 2001
-From: Fabricio Henrique Ramos <fabriciohenrique.ramos@windriver.com>
-Date: Fri, 28 Jan 2022 16:31:00 -0300
+From 0ada96a42a4c7738f492ae870afb32c4029162c8 Mon Sep 17 00:00:00 2001
+From: Karla Felix <karla.karolinenogueirafelix@windriver.com>
+Date: Wed, 18 Oct 2023 19:51:56 -0300
 Subject: [PATCH] Remove User directive from unit file
 
 By removing:
@@ -26,5 +26,5 @@ index a2feaa6..a4652b3 100644
  Environment=REGISTRY_STORAGE_DELETE_ENABLED=true
  ExecStart=/usr/bin/docker-registry serve /etc/docker-distribution/registry/config.yml
 -- 
-2.17.1
+2.25.1
 
diff --git a/kubernetes/docker-distribution/debian/meta_data.yaml b/kubernetes/docker-distribution/debian/meta_data.yaml
index 18fbc2318..bec4ebde0 100644
--- a/kubernetes/docker-distribution/debian/meta_data.yaml
+++ b/kubernetes/docker-distribution/debian/meta_data.yaml
@@ -1,6 +1,6 @@
 ---
 debname: docker-registry
-debver: 2.7.1+ds2-7+deb11u1
+debver: 2.8.2+ds1-1
 archive: https://snapshot.debian.org/archive/debian/20230529T205957Z/pool/main/d/docker-registry
 revision:
   dist: $STX_DIST
diff --git a/kubernetes/docker-distribution/debian/patches/0001-update-paths.patch b/kubernetes/docker-distribution/debian/patches/0001-update-paths.patch
index d13e9e150..a2c77b03c 100644
--- a/kubernetes/docker-distribution/debian/patches/0001-update-paths.patch
+++ b/kubernetes/docker-distribution/debian/patches/0001-update-paths.patch
@@ -1,28 +1,28 @@
-From 8d41cb5a84e9d7a51a02e3e33289008bdf2a5491 Mon Sep 17 00:00:00 2001
-From: Daniel Safta <daniel.safta@windriver.com>
-Date: Wed, 3 Nov 2021 09:50:59 +0000
-Subject: [PATCH] code-patches
+From c4682c6ef5deba520d2e6cf4ec24459c86eb6399 Mon Sep 17 00:00:00 2001
+From: Karla Felix <karla.karolinenogueirafelix@windriver.com>
+Date: Thu, 19 Oct 2023 14:08:31 -0300
+Subject: [PATCH] code_patches
 
 ---
  Dockerfile                                    |  4 ++--
  cmd/registry/config-example.yml               |  2 +-
- contrib/docker-integration/docker-compose.yml | 22 +++++++++----------
+ contrib/docker-integration/docker-compose.yml | 20 +++++++++----------
  .../registry-config-notls.yml                 |  2 +-
- .../tokenserver-oauth/registry-config.yml     |  6 ++---
- .../tokenserver/registry-config.yml           |  6 ++---
- 6 files changed, 21 insertions(+), 21 deletions(-)
+ .../tokenserver-oauth/registry-config.yml     |  6 +++---
+ .../tokenserver/registry-config.yml           |  6 +++---
+ 6 files changed, 20 insertions(+), 20 deletions(-)
 
 diff --git a/Dockerfile b/Dockerfile
-index 9537817..5c92094 100644
+index fb54b68..a8233ad 100644
 --- a/Dockerfile
 +++ b/Dockerfile
-@@ -15,9 +15,9 @@ COPY . $DISTRIBUTION_DIR
- RUN CGO_ENABLED=0 make PREFIX=/go clean binaries && file ./bin/registry | grep "statically linked"
+@@ -52,9 +52,9 @@ COPY --from=releaser /out /
  
- FROM alpine
+ FROM alpine:${ALPINE_VERSION}
+ RUN apk add --no-cache ca-certificates
 -COPY cmd/registry/config-dev.yml /etc/docker/registry/config.yml
 +COPY cmd/registry/config-dev.yml /etc/docker-distribution/registry/config.yml
- COPY --from=build /go/src/github.com/docker/distribution/bin/registry /bin/registry
+ COPY --from=binary /registry /bin/registry
  VOLUME ["/var/lib/registry"]
  EXPOSE 5000
  ENTRYPOINT ["registry"]
@@ -42,7 +42,7 @@ index d2aecbb..30c9f62 100644
    storagedriver:
      enabled: true
 diff --git a/contrib/docker-integration/docker-compose.yml b/contrib/docker-integration/docker-compose.yml
-index 374197a..74f203f 100644
+index 374197a..bd981a6 100644
 --- a/contrib/docker-integration/docker-compose.yml
 +++ b/contrib/docker-integration/docker-compose.yml
 @@ -37,10 +37,10 @@ registryv2token:
@@ -84,15 +84,6 @@ index 374197a..74f203f 100644
  tokenserveroauth:
    build: "tokenserver-oauth"
    command: "--debug -addr 0.0.0.0:5559 -issuer registry-test -passwd .htpasswd -tlscert tls.cert -tlskey tls.key -key sign.key -realm http://auth.localregistry:5559 -enforce-class"
-@@ -84,7 +84,7 @@ docker:
-   environment:
-     DOCKER_GRAPHDRIVER:
-   volumes:
--    - /etc/generated_certs.d:/etc/docker/certs.d
-+    - /etc/generated_certs.d:/etc/docker-distribution/certs.d
-     - /var/lib/docker
-   links:
-     - nginx:localregistry
 diff --git a/contrib/docker-integration/tokenserver-oauth/registry-config-notls.yml b/contrib/docker-integration/tokenserver-oauth/registry-config-notls.yml
 index a700d08..bbde741 100644
 --- a/contrib/docker-integration/tokenserver-oauth/registry-config-notls.yml
@@ -146,5 +137,5 @@ index b9efdd3..11be98e 100644
 -        rootcertbundle: "/etc/docker/registry/tokenbundle.pem"
 +        rootcertbundle: "/etc/docker-distribution/registry/tokenbundle.pem"
 -- 
-2.30.2
+2.25.1