bump Kong to 2.5.1

[javierguerragiraldez]

No description provided.

[yosifkit]

We recommend against using blanket package upgrades (apt upgrade/apk upgrade/yum upgrade/yum update) for official-images. When package upgrades are applied in a dependent image, it duplicates content of the base image, making the image larger than necessary. It also only delays the inevitable "there are outdated packages". The Official Images build pipeline makes heavy use of docker build cache, so that just rebuilding the all of the Dockerfiles won't cause any unnecessary change. So we rely on periodic base image updates.

We strive to publish updated images at least monthly for Debian and Ubuntu. We also rebuild earlier if there is a critical security need, e.g. docker-library/official-images#2171. Many Official Images are maintained by the community or their respective upstream projects, like Alpine and Oracle Linux, and are subject to their own maintenance schedule. These refreshed base images also means that any other image in the Official Images program that is FROM them will also be rebuilt (as described in the project README.md file).

- https://github.com/docker-library/faq/tree/73f10b0daf2fb8e7b38efaccc0e90b3510919d51#why-does-my-security-scanner-show-that-an-image-has-cves

[github-actions]

Diff for fd6a2c1:

diff --git a/_bashbrew-cat b/_bashbrew-cat
index 3fcb12a..af7256c 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -18,19 +18,19 @@ GitFetch: refs/tags/2.4.1
 GitCommit: e1b0a6c7eddd327926027692863a9900fd856977
 Directory: ubuntu
 
-Tags: 2.5.0-alpine, 2.5.0, 2.5, alpine, latest
+Tags: 2.5.1-alpine, 2.5.1, 2.5, alpine, latest
 Architectures: amd64, arm64v8
-GitFetch: refs/tags/2.5.0
-GitCommit: ff3efa2c53e785e655a9c7de24c8111a373900cb
+GitFetch: refs/tags/2.5.1
+GitCommit: 7b610b2e566274d70aed60dd3f10a8e43fe91fb4
 Directory: alpine
 
-Tags: 2.5.0-centos, 2.5-centos, centos
-GitFetch: refs/tags/2.5.0
-GitCommit: ff3efa2c53e785e655a9c7de24c8111a373900cb
+Tags: 2.5.1-centos, 2.5-centos, centos
+GitFetch: refs/tags/2.5.1
+GitCommit: 7b610b2e566274d70aed60dd3f10a8e43fe91fb4
 Directory: centos
 
-Tags: 2.5.0-ubuntu, 2.5-ubuntu, ubuntu
+Tags: 2.5.1-ubuntu, 2.5-ubuntu, ubuntu
 Architectures: amd64, arm64v8
-GitFetch: refs/tags/2.5.0
-GitCommit: ff3efa2c53e785e655a9c7de24c8111a373900cb
+GitFetch: refs/tags/2.5.1
+GitCommit: 7b610b2e566274d70aed60dd3f10a8e43fe91fb4
 Directory: ubuntu
diff --git a/_bashbrew-list b/_bashbrew-list
index daf9fb9..3c8690a 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -9,10 +9,10 @@ kong:2.4.1-ubuntu
 kong:2.5
 kong:2.5-centos
 kong:2.5-ubuntu
-kong:2.5.0
-kong:2.5.0-alpine
-kong:2.5.0-centos
-kong:2.5.0-ubuntu
+kong:2.5.1
+kong:2.5.1-alpine
+kong:2.5.1-centos
+kong:2.5.1-ubuntu
 kong:alpine
 kong:centos
 kong:latest
diff --git a/kong_centos/Dockerfile b/kong_centos/Dockerfile
index 8ebcb21..b3c38c1 100644
--- a/kong_centos/Dockerfile
+++ b/kong_centos/Dockerfile
@@ -1,4 +1,4 @@
-FROM centos:7
+FROM centos:8
 LABEL maintainer="Kong <support@konghq.com>"
 
 ARG ASSET=ce
@@ -8,11 +8,12 @@ ARG EE_PORTS
 
 COPY kong.rpm /tmp/kong.rpm
 
-ARG KONG_VERSION=2.5.0
+ARG KONG_VERSION=2.5.1
 ENV KONG_VERSION $KONG_VERSION
 
-ARG KONG_SHA256="87b789aed871991b92d264b02ceca3c66246c825c28dd71e73faac7293e43fa2"
+ARG KONG_SHA256="36c03c53a4e3a3f6f0968f68258fa93a584af5c33ed29fa5e05e089dfb97b730"
 
+# hadolint ignore=DL3033
 RUN set -ex; \
     if [ "$ASSET" = "ce" ] ; then \
       curl -fL https://download.konghq.com/gateway-${KONG_VERSION%%.*}.x-centos-7/Packages/k/kong-$KONG_VERSION.el7.amd64.rpm -o /tmp/kong.rpm \
diff --git a/kong_centos/docker-entrypoint.sh b/kong_centos/docker-entrypoint.sh
index e9c252a..f37496e 100755
--- a/kong_centos/docker-entrypoint.sh
+++ b/kong_centos/docker-entrypoint.sh
@@ -29,10 +29,17 @@ file_env() {
 export KONG_NGINX_DAEMON=${KONG_NGINX_DAEMON:=off}
 
 if [[ "$1" == "kong" ]]; then
+
+  all_kong_options="/usr/local/share/lua/5.1/kong/templates/kong_defaults.lua"
+  set +Eeo pipefail
+  while IFS='' read -r LINE || [ -n "${LINE}" ]; do
+      opt=$(echo "$LINE" | grep "=" | sed "s/=.*$//" | sed "s/ //" | tr '[:lower:]' '[:upper:]')
+      file_env "KONG_$opt"
+  done < $all_kong_options
+  set -Eeo pipefail
+
+  file_env KONG_PASSWORD
   PREFIX=${KONG_PREFIX:=/usr/local/kong}
-  file_env KONG_PG_PASSWORD
-  file_env KONG_PG_USER
-  file_env KONG_PG_DATABASE
 
   if [[ "$2" == "docker-start" ]]; then
     kong prepare -p "$PREFIX" "$@"
diff --git a/kong_latest/Dockerfile b/kong_latest/Dockerfile
index 10864fd..073ae86 100644
--- a/kong_latest/Dockerfile
+++ b/kong_latest/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.13
+FROM alpine:3.14
 
 LABEL maintainer="Kong <support@konghq.com>"
 
@@ -7,18 +7,20 @@ ENV ASSET $ASSET
 
 ARG EE_PORTS
 
+# hadolint ignore=DL3010
 COPY kong.tar.gz /tmp/kong.tar.gz
 
-ARG KONG_VERSION=2.5.0
+ARG KONG_VERSION=2.5.1
 ENV KONG_VERSION $KONG_VERSION
 
 
-ARG KONG_AMD64_SHA="ebe0cf3a3e71d202774ede5083c98e2ae39fae0459d11140f53401a66527e1b7"
+ARG KONG_AMD64_SHA="f3fc429372e473e8616cf6afc56543a151bd08ba2bc235176d671515f691f20b"
 ENV KONG_AMD64_SHA $KONG_AMD64_SHA
 
-ARG KONG_ARM64_SHA="131964ce443f2d08dc98191fcc442867f2dee2f741ccee9cc519bb99c765f3cf"
+ARG KONG_ARM64_SHA="e6d002b49aab10c1ae74cd533640eddc9e7f0ce30562cd7079d4b76d9eb70340"
 ENV KONG_ARM64_SHA $KONG_ARM64_SHA
 
+# hadolint ignore=DL3018
 RUN set -eux; \
     arch="$(apk --print-arch)"; \
     case "${arch}" in \
diff --git a/kong_latest/docker-entrypoint.sh b/kong_latest/docker-entrypoint.sh
index e9c252a..f37496e 100755
--- a/kong_latest/docker-entrypoint.sh
+++ b/kong_latest/docker-entrypoint.sh
@@ -29,10 +29,17 @@ file_env() {
 export KONG_NGINX_DAEMON=${KONG_NGINX_DAEMON:=off}
 
 if [[ "$1" == "kong" ]]; then
+
+  all_kong_options="/usr/local/share/lua/5.1/kong/templates/kong_defaults.lua"
+  set +Eeo pipefail
+  while IFS='' read -r LINE || [ -n "${LINE}" ]; do
+      opt=$(echo "$LINE" | grep "=" | sed "s/=.*$//" | sed "s/ //" | tr '[:lower:]' '[:upper:]')
+      file_env "KONG_$opt"
+  done < $all_kong_options
+  set -Eeo pipefail
+
+  file_env KONG_PASSWORD
   PREFIX=${KONG_PREFIX:=/usr/local/kong}
-  file_env KONG_PG_PASSWORD
-  file_env KONG_PG_USER
-  file_env KONG_PG_DATABASE
 
   if [[ "$2" == "docker-start" ]]; then
     kong prepare -p "$PREFIX" "$@"
diff --git a/kong_ubuntu/Dockerfile b/kong_ubuntu/Dockerfile
index e9d6a44..4106731 100644
--- a/kong_ubuntu/Dockerfile
+++ b/kong_ubuntu/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:xenial
+FROM ubuntu:focal
 
 ARG ASSET=ce
 ENV ASSET $ASSET
@@ -7,9 +7,10 @@ ARG EE_PORTS
 
 COPY kong.deb /tmp/kong.deb
 
-ARG KONG_VERSION=2.5.0
+ARG KONG_VERSION=2.5.1
 ENV KONG_VERSION $KONG_VERSION
 
+# hadolint ignore=DL3015
 RUN set -ex \
     && apt-get update \
     && if [ "$ASSET" = "ce" ] ; then \
diff --git a/kong_ubuntu/docker-entrypoint.sh b/kong_ubuntu/docker-entrypoint.sh
index 12900f7..f37496e 100755
--- a/kong_ubuntu/docker-entrypoint.sh
+++ b/kong_ubuntu/docker-entrypoint.sh
@@ -29,14 +29,25 @@ file_env() {
 export KONG_NGINX_DAEMON=${KONG_NGINX_DAEMON:=off}
 
 if [[ "$1" == "kong" ]]; then
+
+  all_kong_options="/usr/local/share/lua/5.1/kong/templates/kong_defaults.lua"
+  set +Eeo pipefail
+  while IFS='' read -r LINE || [ -n "${LINE}" ]; do
+      opt=$(echo "$LINE" | grep "=" | sed "s/=.*$//" | sed "s/ //" | tr '[:lower:]' '[:upper:]')
+      file_env "KONG_$opt"
+  done < $all_kong_options
+  set -Eeo pipefail
+
+  file_env KONG_PASSWORD
   PREFIX=${KONG_PREFIX:=/usr/local/kong}
-  file_env KONG_PG_PASSWORD
-  file_env KONG_PG_USER
-  file_env KONG_PG_DATABASE
 
   if [[ "$2" == "docker-start" ]]; then
     kong prepare -p "$PREFIX" "$@"
 
+    ln -sf /dev/stdout $PREFIX/logs/access.log
+    ln -sf /dev/stdout $PREFIX/logs/admin_access.log
+    ln -sf /dev/stderr $PREFIX/logs/error.log
+
     exec /usr/local/openresty/nginx/sbin/nginx \
       -p "$PREFIX" \
       -c nginx.conf