From e62d67cacf0b7e5d71bb2e3fd8a349a0415cbf22 Mon Sep 17 00:00:00 2001
From: Alexey Pustovalov <alexey.pustovalov@zabbix.com>
Date: Mon, 30 Dec 2024 20:17:45 +0900
Subject: [PATCH] Prepare for env variables in Windows containers

---
 Dockerfiles/agent/windows/Dockerfile          | 23 ++++++----
 .../agent/windows/docker-entrypoint.ps1       | 43 +++++--------------
 .../build-mysql/windows/Dockerfile.agent      |  1 -
 3 files changed, 26 insertions(+), 41 deletions(-)

diff --git a/Dockerfiles/agent/windows/Dockerfile b/Dockerfiles/agent/windows/Dockerfile
index cdd8ba73d..11e154f4e 100644
--- a/Dockerfiles/agent/windows/Dockerfile
+++ b/Dockerfiles/agent/windows/Dockerfile
@@ -14,6 +14,12 @@ ARG MAJOR_VERSION
 ARG ZBX_VERSION
 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
+ENV ZABBIX_USER_HOME_DIR="C:\zabbix" \
+    ZABBIX_CONF_DIR="C:\zabbix\conf"
+
+ENV ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
+    ZBX_USERPARAMETERDIR=${ZABBIX_USER_HOME_DIR}/user_scripts
+
 LABEL org.opencontainers.image.title="Zabbix agent" `
       org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" `
       org.opencontainers.image.vendor="Zabbix SIA" `
@@ -36,25 +42,26 @@ USER ContainerAdministrator
 RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemDrive) + $env:PATH; `
     [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); `
     `
-    $env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); `
-    [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); `
+    [Environment]::SetEnvironmentVariable('ZABBIX_USER_HOME_DIR', $env:ZABBIX_USER_HOME_DIR, [EnvironmentVariableTarget]::Machine); `
     `
     Write-Host ('Verifying Zabbix agent {0} ...' -f $env:ZBX_VERSION); `
     zabbix_agentd.exe -V;
 
 RUN Set-Location -Path $env:SystemDrive\.; `
     `
-    New-Item -Force -ItemType directory -Path $env:ZBX_HOME\conf\zabbix_agentd.d | Out-Null; `
-    New-Item -Force -ItemType directory -Path $env:ZBX_HOME\enc | Out-Null; `
-    New-Item -Force -ItemType directory -Path $env:ZBX_HOME\modules | Out-Null; `
-    New-Item -Force -ItemType directory -Path $env:ZBX_HOME\buffer | Out-Null; `
+    New-Item -Force -ItemType directory -Path $env:ZABBIX_CONF_DIR | Out-Null; `
+    New-Item -Force -ItemType directory -Path $env:ZABBIX_CONF_DIR\zabbix_agentd.d | Out-Null; `
+    New-Item -Force -ItemType directory -Path $env:ZABBIX_USER_HOME_DIR\enc | Out-Null; `
+    New-Item -Force -ItemType directory -Path $env:ZABBIX_USER_HOME_DIR\buffer | Out-Null; `
+    New-Item -Force -ItemType directory -Path $env:ZBX_LOADMODULEPATH | Out-Null; `
+    New-Item -Force -ItemType directory -Path $env:ZBX_USERPARAMETERDIR | Out-Null; `
     `
     net accounts /MaxPWAge:unlimited; `
     net user /add zabbix /expire:never /passwordreq:no; `
-    $acl = Get-Acl -Path $env:ZBX_HOME; `
+    $acl = Get-Acl -Path $env:ZABBIX_USER_HOME_DIR; `
     $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); `
     $acl.AddAccessRule($ace); `
-    Set-Acl -AclObject $acl -Path $env:ZBX_HOME;
+    Set-Acl -AclObject $acl -Path $env:ZABBIX_USER_HOME_DIR;
 
 USER zabbix
 
diff --git a/Dockerfiles/agent/windows/docker-entrypoint.ps1 b/Dockerfiles/agent/windows/docker-entrypoint.ps1
index 75f9628ba..b7b9e0d1b 100644
--- a/Dockerfiles/agent/windows/docker-entrypoint.ps1
+++ b/Dockerfiles/agent/windows/docker-entrypoint.ps1
@@ -16,10 +16,8 @@ if ([string]::IsNullOrWhitespace($env:ZBX_SERVER_PORT)) {
 
 
 # Default directories
-# User 'zabbix' home directory
-$ZabbixUserHomeDir="C:\zabbix"
-# Configuration files directory
-$ZabbixConfigDir="C:\zabbix\conf"
+# Internal directory for TLS related files, used when TLS*File specified as plain text values
+$ZabbixInternalEncDir="$env:ZABBIX_USER_HOME_DIR/enc_internal"
 
 function Update-Config-Var {
     Param (
@@ -122,7 +120,7 @@ function Update-Config-Multiple-Var {
 function Prepare-Zbx-Agent-Config {
     Write-Host "** Preparing Zabbix agent configuration file"
 
-    $ZbxAgentConfig="$ZabbixConfigDir\zabbix_agentd.conf"
+    $ZbxAgentConfig="$env:ZABBIX_CONF_DIR\zabbix_agentd.conf"
 
     if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVESERVERS)) {
         $env:ZBX_PASSIVESERVERS=""
@@ -161,10 +159,6 @@ function Prepare-Zbx-Agent-Config {
         Update-Config-Var $ZbxAgentConfig "Server"
     }
 
-    Update-Config-Var $ZbxAgentConfig "ListenPort" "$env:ZBX_LISTENPORT"
-    Update-Config-Var $ZbxAgentConfig "ListenIP" "$env:ZBX_LISTENIP"
-    Update-Config-Var $ZbxAgentConfig "StartAgents" "$env:ZBX_STARTAGENTS"
-
     if ([string]::IsNullOrWhitespace($env:ZBX_ACTIVE_ALLOW)) {
         $env:ZBX_ACTIVE_ALLOW="true"
     }
@@ -176,52 +170,37 @@ function Prepare-Zbx-Agent-Config {
     else {
         Update-Config-Var $ZbxAgentConfig "ServerActive"
     }
-    Update-Config-Var $ZbxAgentConfig "HeartbeatFrequency" "$env:ZBX_HEARTBEAT_FREQUENCY"
 
-    Update-Config-Var $ZbxAgentConfig "HostInterface" "$env:ZBX_HOSTINTERFACE"
-    Update-Config-Var $ZbxAgentConfig "HostInterfaceItem" "$env:ZBX_HOSTINTERFACEITEM"
-
-    Update-Config-Var $ZbxAgentConfig "Hostname" "$env:ZBX_HOSTNAME"
-    Update-Config-Var $ZbxAgentConfig "HostnameItem" "$env:ZBX_HOSTNAMEITEM"
-    Update-Config-Var $ZbxAgentConfig "HostMetadata" "$env:ZBX_METADATA"
-    Update-Config-Var $ZbxAgentConfig "HostMetadataItem" "$env:ZBX_METADATAITEM"
-    Update-Config-Var $ZbxAgentConfig "RefreshActiveChecks" "$env:ZBX_REFRESHACTIVECHECKS"
-    Update-Config-Var $ZbxAgentConfig "BufferSend" "$env:ZBX_BUFFERSEND"
-    Update-Config-Var $ZbxAgentConfig "BufferSize" "$env:ZBX_BUFFERSIZE"
-    Update-Config-Var $ZbxAgentConfig "MaxLinesPerSecond" "$env:ZBX_MAXLINESPERSECOND"
     # Please use include to enable Alias feature
 #    update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" $env:ZBX_ALIAS
     # Please use include to enable Perfcounter feature
 #    update_config_multiple_var $ZBX_AGENT_CONFIG "PerfCounter" $env:ZBX_PERFCOUNTER
-    Update-Config-Var $ZbxAgentConfig "Timeout" "$env:ZBX_TIMEOUT"
-    Update-Config-Var $ZbxAgentConfig "Include" "$ZabbixConfigDir\zabbix_agentd.d\*.conf"
-    Update-Config-Var $ZbxAgentConfig "UnsafeUserParameters" "$env:ZBX_UNSAFEUSERPARAMETERS"
-    Update-Config-Var $ZbxAgentConfig "UserParameterDir" "$ZabbixUserHomeDir\user_scripts\"
-    Update-Config-Var $ZbxAgentConfig "TLSConnect" "$env:ZBX_TLSCONNECT"
-    Update-Config-Var $ZbxAgentConfig "TLSAccept" "$env:ZBX_TLSACCEPT"
+
     Update-Config-Var $ZbxAgentConfig "TLSCAFile" "$env:ZBX_TLSCAFILE"
     Update-Config-Var $ZbxAgentConfig "TLSCRLFile" "$env:ZBX_TLSCRLFILE"
-    Update-Config-Var $ZbxAgentConfig "TLSServerCertIssuer" "$env:ZBX_TLSSERVERCERTISSUER"
-    Update-Config-Var $ZbxAgentConfig "TLSServerCertSubject" "$env:ZBX_TLSSERVERCERTSUBJECT"
     Update-Config-Var $ZbxAgentConfig "TLSCertFile" "$env:ZBX_TLSCERTFILE"
-    Update-Config-Var $ZbxAgentConfig "TLSCipherAll" "$env:ZBX_TLSCIPHERALL"
-    Update-Config-Var $ZbxAgentConfig "TLSCipherAll13" "$env:ZBX_TLSCIPHERALL13"
     Update-Config-Var $ZbxAgentConfig "TLSCipherCert" "$env:ZBX_TLSCIPHERCERT"
     Update-Config-Var $ZbxAgentConfig "TLSCipherCert13" "$env:ZBX_TLSCIPHERCERT13"
     Update-Config-Var $ZbxAgentConfig "TLSCipherPSK" "$env:ZBX_TLSCIPHERPSK"
     Update-Config-Var $ZbxAgentConfig "TLSCipherPSK13" "$env:ZBX_TLSCIPHERPSK13"
     Update-Config-Var $ZbxAgentConfig "TLSKeyFile" "$env:ZBX_TLSKEYFILE"
-    Update-Config-Var $ZbxAgentConfig "TLSPSKIdentity" "$env:ZBX_TLSPSKIDENTITY"
     Update-Config-Var $ZbxAgentConfig "TLSPSKFile" "$env:ZBX_TLSPSKFILE"
 
     Update-Config-Multiple-Var $ZbxAgentConfig "DenyKey" "$env:ZBX_DENYKEY"
     Update-Config-Multiple-Var $ZbxAgentConfig "AllowKey" "$env:ZBX_ALLOWKEY"
+}
 
+function ClearZbxEnv() {
+    if ([string]::IsNullOrWhitespace($env:ZBX_CLEAR_ENV)) {
+        return
+    }
 }
 
 function PrepareAgent {
     Write-Host "** Preparing Zabbix agent"
+
     Prepare-Zbx-Agent-Config
+    ClearZbxEnv
 }
 
 $commandArgs=$args
diff --git a/Dockerfiles/build-mysql/windows/Dockerfile.agent b/Dockerfiles/build-mysql/windows/Dockerfile.agent
index bdd01d398..cb6d61113 100644
--- a/Dockerfiles/build-mysql/windows/Dockerfile.agent
+++ b/Dockerfiles/build-mysql/windows/Dockerfile.agent
@@ -33,7 +33,6 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
 ADD config_templates C:\config_templates
 
 RUN Set-Location -Path $env:SystemDrive\.; `
-    dir C:\config_templates; `
     `
     New-Item -ItemType directory -Path $env:SystemDrive\zabbix_src | Out-Null; `
     New-Item -ItemType directory -Path $env:ZBX_OUTPUT_DIR | Out-Null; `