Lost options ACTIVATE_ALL_STABLE_EXTENSIONS and ACTIVATE_ALL_COMMUNITY_EXTENSIONS

[tlvu]

What is the bug or the crash?

PR https://github.com/kartoza/docker-geoserver/pull/659/ has removed options ACTIVATE_ALL_STABLE_EXTENSIONS and ACTIVATE_ALL_COMMUNITY_EXTENSIONS. Is this intended? If yes, then they should also be removed from https://github.com/kartoza/docker-geoserver/blob/e0ea86ec9dd69cd2c4b3f22a84babf82375e6369/scripts/env-data.sh#L278-L284

However these options are pretty handy to enable all plugins so why are they removed?

Steps to reproduce the issue

These 2 options have been removed from tip of develop branch.

Versions

2.25.1

Additional context

No response

[NyakudyaA]

What is the bug or the crash?

PR #659 has removed options ACTIVATE_ALL_STABLE_EXTENSIONS and ACTIVATE_ALL_COMMUNITY_EXTENSIONS. Is this intended? If yes, then they should also be removed from

https://github.com/kartoza/docker-geoserver/blob/e0ea86ec9dd69cd2c4b3f22a84babf82375e6369/scripts/env-data.sh#L278-L284

However these options are pretty handy to enable all plugins so why are they removed?

Steps to reproduce the issue

These 2 options have been removed from tip of develop branch.

Versions

2.25.1

Additional context

No response

Yes, this is intended, The assumption here was that all these community extensions or stable extensions didn't come with some side effects of having extra configurations i.e JDBCCONFIG or other extensions that require you to download extra packages. This usually led to broken image and it was difficult to explore which extension caused a crash, I will remove it

[tlvu]

@NyakudyaA

I was investigating vulnerability https://nsfocusglobal.com/remote-code-execution-vulnerability-between-geoserver-and-geotools-cve-2024-36401-cve-2024-36404-notification/ so I enabled all plugins to see which plugins are using the mentionned faulty jars.

These 2 options can be pretty handy for that case. How about keeping those 2 options but just do not document them. They will be used for debugging only and not for production use.

[NyakudyaA]

@tlvu I have no objections to adding them back, but could you not achieve activation of all plugins by mounting an entrypoint script that has the logic to loop and install all the plugins?

[tlvu]

@tlvu I have no objections to adding them back, but could you not achieve activation of all plugins by mounting an entrypoint script that has the logic to loop and install all the plugins?

@NyakudyaA I'd rather not override your entrypoint with a copy of mine. Otherwise I might remove new features or bug fixes you added because I see all your scripts are constantly being improved and I might not catch up.

[NyakudyaA]

@tlvu I am referring to https://github.com/kartoza/docker-geoserver?tab=readme-ov-file#running-sql-scripts-on-container-startup. Most of the changes that are happening in the image are based on trying to fix issues or just improving workflows , The reason we are trying to add some scenario test is to make sure the image doesn't break

[tlvu]

@tlvu I am referring to https://github.com/kartoza/docker-geoserver?tab=readme-ov-file#running-sql-scripts-on-container-startup. Most of the changes that are happening in the image are based on trying to fix issues or just improving workflows , The reason we are trying to add some scenario test is to make sure the image doesn't break

Oh ! I wasn't aware of this entrypoint "plugin" feature ! Will be handy for many other things in fact.

So just setting an env var is easier but this generic entrypoint plugin feature will do as well.