oracle-cne · oracle-cne-bot · Sep 22, 2025 · Sep 22, 2025 · Sep 22, 2025 · Sep 26, 2025
diff --git a/THIRD_PARTY_LICENSES.txt b/THIRD_PARTY_LICENSES.txt
diff --git a/olm/SECURITY.md b/olm/SECURITY.md
@@ -0,0 +1,21 @@
+# Reporting Security Vulnerabilities
+
+Oracle values the independent security research community and believes that responsible disclosure of security vulnerabilities helps us ensure the security and privacy of all our users.
+
+Please do NOT raise a GitHub Issue to report a security vulnerability. If you believe you have found a security vulnerability, please submit a report to secalert_us@oracle.com preferably with a proof of concept. We provide
+additional information on [how to report security vulnerabilities to Oracle](https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html) which includes public encryption keys for secure email.
+
+We ask that you do not use other channels or contact project contributors directly.
+
+Non-vulnerability related security issues such as great new ideas for security features are welcome on GitHub Issues.
+
+## Security Updates, Alerts and Bulletins
+
+Security updates will be released on a regular cadence. Many of our projects will typically release security fixes in conjunction with the [Oracle Critical Patch Update](https://www.oracle.com/security-alerts/) program. Security
+updates are released on the Tuesday closest to the 17th day of January, April, July and October. A pre-release announcement will be published on the Thursday preceding each release. Additional information, including past
+advisories, is available on our [Security Alerts](https://www.oracle.com/security-alerts/) page.
+
+## Security-Related Information
+
+We will provide security related information such as a threat model, considerations for secure use, or any known security issues in our documentation. Please note that labs and sample code are intended to demonstrate a concept and
+may not be sufficiently hardened for production use.
diff --git a/olm/build-image.sh b/olm/build-image.sh
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+name="prometheus"
+version="3.6.0"
+registry="container-registry.oracle.com/olcne"
+docker_tag=${registry}/${name}:v${version}
+
+# Copy the promu tool from the container image
+mkdir -p bin
+podman create --pull always --name tmpcopy container-registry.oracle.com/olcne/promu:v0.17.0
+podman cp tmpcopy:/bin/promu bin/promtool
+podman rm tmpcopy
+
+podman build --pull \
+    --build-arg https_proxy=${https_proxy} \
+    --volume /etc/yum.repos.d:/etc/yum.repos.d \
+    --volume ~/.npmrc:/.npmrc \
+    -t ${docker_tag} -f ./olm/builds/Dockerfile .
+podman save -o ${name}.tar ${docker_tag}
diff --git a/olm/builds/Dockerfile b/olm/builds/Dockerfile
@@ -0,0 +1,44 @@
+FROM container-registry.oracle.com/os/oraclelinux:9 AS builder
+
+RUN dnf config-manager --enable ol9_codeready_builder && \
+    dnf install -y oracle-epel-release-el9 && \
+    dnf config-manager --enable ol9_developer_EPEL && \
+    dnf module enable -y nodejs:22 && \
+    dnf install -y nodejs npm && \
+    dnf -y install git make golang bzip2 yq yarnpkg patch && \
+    go version
+
+# Copy the contents of the repository
+COPY . /workspace/go/src/github.com/oracle-cne/prometheus
+
+ENV NPM_CONFIG_USERCONFIG=/.npmrc
+ENV GOPATH=/workspace/go CGO_ENABLED=0
+ENV GOPATH_SRC=$GOPATH/src/github.com/oracle-cne/prometheus
+WORKDIR /workspace/go/src/github.com/oracle-cne/prometheus
+
+RUN git config --global --add safe.directory $(pwd) && \
+    cp bin/promtool /usr/bin && \
+    sh olm/go-build.sh
+
+FROM container-registry.oracle.com/os/oraclelinux:9-slim
+
+COPY --from=builder /workspace/go/src/github.com/oracle-cne/prometheus/prometheus /bin/prometheus
+COPY --from=builder /workspace/go/src/github.com/oracle-cne/prometheus/bin/promtool /bin/promtool
+COPY documentation/examples/prometheus.yml /etc/prometheus/prometheus.yml
+COPY LICENSE THIRD_PARTY_LICENSES.txt NOTICE olm/SECURITY.md /usr/share/licenses/prometheus/
+RUN microdnf update -y &&\
+    microdnf clean all &&\
+    ln -s /etc/prometheus/ &&\
+    mkdir -p /prometheus &&\
+    chown -R nobody:nobody etc/prometheus /prometheus &&\
+    test -d /LICENSES || ln -s /usr/share/licenses /LICENSES
+
+USER       nobody
+EXPOSE     9090
+VOLUME     [ "/prometheus" ]
+WORKDIR    /prometheus
+ENTRYPOINT [ "/bin/prometheus" ]
+CMD        [ "--config.file=/etc/prometheus/prometheus.yml", \
+             "--storage.tsdb.path=/prometheus", \
+             "--web.console.libraries=/usr/share/prometheus/console_libraries", \
+             "--web.console.templates=/usr/share/prometheus/consoles" ]
diff --git a/olm/go-build.sh b/olm/go-build.sh
@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+
+mkdir -p bin
+version="3.6.0"
+
+GIT_REVISION=$(git rev-parse HEAD)
+BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
+ldflags="
+        -X main.version=v${version}
+        -X github.com/prometheus/common/version.Version=${version}
+        -X github.com/prometheus/common/version.Revision=${GIT_REVISION}
+        -X github.com/prometheus/common/version.Branch=HEAD
+        -X github.com/prometheus/common/version.BuildUser=${USER}@${HOST}
+        -X github.com/prometheus/common/version.BuildDate=${BUILD_DATE}"
+
+patch  --no-backup-if-mismatch -p0 --fuzz=0 < olm/package.json.patch
+yq -i '.build.flags = "-trimpath=false"' .promu.yml
+yq -i '.build.ldflags += "-X main.version=v${version}"' .promu.yml
+
+echo "npm version"
+npm version
+echo "node --version"
+node --version
+echo "yarn --version"
+yarn --version
+go version
+
+echo "make assets npm_licenses assets-compress plugins"
+make assets npm_licenses assets-compress plugins
+
+echo "promtool build"
+promtool build
diff --git a/olm/jenkins/ci/Jenkinsfile b/olm/jenkins/ci/Jenkinsfile
@@ -0,0 +1,13 @@
+@Library('olcne-pipeline') _
+import com.oracle.olcne.pipeline.BranchPattern
+
+String version = '3.6.0'
+String imgTag  = "v" + version
+
+imagePipeline(
+        branchPattern: new BranchPattern(master: "oracle/release/" + version, feature: '(?!^release/.*$)(^.*$)'),
+        containers: [('container-registry.oracle.com/olcne/prometheus:' + imgTag): 'olcne/prometheus:' + imgTag],
+        platforms: ['ol9'],
+        architectures: ['x86_64', 'aarch64'],
+        buildScript: "sh olm/build-image.sh"
+)
diff --git a/olm/package.json.patch b/olm/package.json.patch
@@ -0,0 +1,13 @@
+--- web/ui/react-app/package.json
++++ web/ui/react-app/package.json
+@@ -43,8 +43,8 @@
+     "tempusdominus-core": "^5.19.3"
+   },
+   "scripts": {
+-    "start": "react-scripts start",
+-    "build": "react-scripts build",
++    "start": "react-scripts start --openssl-legacy-provider start",
++    "build": "react-scripts --openssl-legacy-provider build",
+     "test": "react-scripts test --runInBand --resetMocks=false",
+     "test:coverage": "react-scripts test --runInBand --resetMocks=false --no-watch --coverage",
+     "test:debug": "react-scripts --inspect-brk test --runInBand --no-cache",