From ea0d603eeba3d600be7b660582f43a4bfb82701e Mon Sep 17 00:00:00 2001
From: Rene Groeschke <rene@elastic.co>
Date: Thu, 10 Apr 2025 18:23:01 +0200
Subject: [PATCH 1/2] Add docker hub specific docker context

---
 .buildkite/scripts/dra-workflow.sh            |  1 +
 distribution/docker/build.gradle              | 32 +++++++++++++------
 .../docker/src/docker/Dockerfile.default      |  2 ++
 3 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/.buildkite/scripts/dra-workflow.sh b/.buildkite/scripts/dra-workflow.sh
index aa3e871b6dc18..5e88a7be430af 100755
--- a/.buildkite/scripts/dra-workflow.sh
+++ b/.buildkite/scripts/dra-workflow.sh
@@ -70,6 +70,7 @@ echo --- Building release artifacts
   $VERSION_QUALIFIER_ARG \
   buildReleaseArtifacts \
   exportCompressedDockerImages \
+  exportDockerContexts \
   :distribution:generateDependenciesReport
 
 PATH="$PATH:${JAVA_HOME}/bin" # Required by the following script
diff --git a/distribution/docker/build.gradle b/distribution/docker/build.gradle
index 0cd9b705f7fbc..ee9b86cbca27e 100644
--- a/distribution/docker/build.gradle
+++ b/distribution/docker/build.gradle
@@ -132,7 +132,7 @@ dependencies {
   fips "org.bouncycastle:bctls-fips:1.0.19"
 }
 
-ext.expansions = { Architecture architecture, DockerBase base ->
+ext.expansions = { Architecture architecture, DockerBase base, String publicationContext = '' ->
   def (major, minor) = VersionProperties.elasticsearch.split("\\.")
 
   // We tag our Docker images with various pieces of information, including a timestamp
@@ -152,6 +152,7 @@ ext.expansions = { Architecture architecture, DockerBase base ->
     'license'            : base == DockerBase.IRON_BANK ? 'Elastic License 2.0' : 'Elastic-License-2.0',
     'package_manager'    : base.packageManager,
     'docker_base'        : base.name().toLowerCase(),
+    'docker_context'     : publicationContext,
     'version'            : VersionProperties.elasticsearch,
     'major_minor_version': "${major}.${minor}",
     'retry'              : ShellRetry
@@ -179,9 +180,9 @@ private static String taskName(String prefix, Architecture architecture, DockerB
     suffix
 }
 
-ext.dockerBuildContext = { Architecture architecture, DockerBase base ->
+ext.dockerBuildContext = { Architecture architecture, DockerBase base, String publicationContext = '' ->
   copySpec {
-    final Map<String, String> varExpansions = expansions(architecture, base)
+    final Map<String, String> varExpansions = expansions(architecture, base, publicationContext)
     final Path projectDir = project.projectDir.toPath()
 
     if (base == DockerBase.IRON_BANK) {
@@ -291,17 +292,22 @@ tasks.named("composeUp").configure {
   dependsOn tasks.named("preProcessFixture")
 }
 
-void addBuildDockerContextTask(Architecture architecture, DockerBase base) {
+
+def exportDockerImages = tasks.register("exportDockerImages")
+def exportCompressedDockerImages = tasks.register("exportCompressedDockerImages")
+def exportDockerContexts = tasks.register("exportDockerContexts")
+
+void addBuildDockerContextTask(Architecture architecture, DockerBase base, String taskSuffix = 'DockerContext', String classifier = "docker-build-context") {
   String configDirectory = base == DockerBase.IRON_BANK ? 'scripts' : 'config'
   String arch = architecture == Architecture.AARCH64 ? '-aarch64' : ''
 
   final TaskProvider<Tar> buildDockerContextTask =
-    tasks.register(taskName('build', architecture, base, 'DockerContext'), Tar) {
+    tasks.register(taskName('build', architecture, base, taskSuffix), Tar) {
       archiveExtension = 'tar.gz'
       compression = Compression.GZIP
-      archiveClassifier = "docker-build-context${arch}"
+      archiveClassifier = "${classifier}${arch}"
       archiveBaseName = "elasticsearch${base.suffix}"
-      with dockerBuildContext(architecture, base)
+      with dockerBuildContext(architecture, base, classifier)
 
       into(configDirectory) {
         from(configurations.log4jConfig) {
@@ -344,6 +350,10 @@ void addBuildDockerContextTask(Architecture architecture, DockerBase base) {
       onlyIf("$architecture supported") { serviceProvider.get().isArchitectureSupported(architecture) }
     }
 
+  exportDockerContexts.configure {
+    dependsOn buildDockerContextTask
+  }
+
   if (base == DockerBase.IRON_BANK) {
     tasks.named("assemble").configure {
       dependsOn(buildDockerContextTask)
@@ -578,12 +588,14 @@ for (final Architecture architecture : Architecture.values()) {
       addTransformDockerContextTask(architecture, base)
       addBuildDockerImageTask(architecture, base)
     }
+    if(base == DockerBase.DEFAULT) {
+      // Add additional docker hub specific context which we use solely for publishing to docker hub.
+      // At the moment it only differs in not labels added that we need for openshit certification
+      addBuildDockerContextTask(architecture, base, 'DockerHubContext', "docker-hub-build-context")
+    }
   }
 }
 
-def exportDockerImages = tasks.register("exportDockerImages")
-def exportCompressedDockerImages = tasks.register("exportCompressedDockerImages")
-
 /*
  * The export subprojects write out the generated Docker images to disk, so
  * that they can be easily reloaded, for example into a VM for distribution testing
diff --git a/distribution/docker/src/docker/Dockerfile.default b/distribution/docker/src/docker/Dockerfile.default
index 47d4840e61698..9186a78cea514 100644
--- a/distribution/docker/src/docker/Dockerfile.default
+++ b/distribution/docker/src/docker/Dockerfile.default
@@ -139,6 +139,7 @@ LABEL org.label-schema.build-date="${build_date}" \\
   org.opencontainers.image.vendor="Elastic" \\
   org.opencontainers.image.version="${version}"
 
+<% if (docker_context != 'docker-hub-build-context') { %>
 LABEL name="Elasticsearch" \\
   maintainer="infra@elastic.co" \\
   vendor="Elastic" \\
@@ -146,6 +147,7 @@ LABEL name="Elasticsearch" \\
   release="1" \\
   summary="Elasticsearch" \\
   description="You know, for search."
+<% } %>
 
 RUN mkdir /licenses && ln LICENSE.txt /licenses/LICENSE
 

From ed3da0385773c5c071f7d426f8a2e0a55e8ac2c5 Mon Sep 17 00:00:00 2001
From: Rene Groeschke <rene@breskeby.com>
Date: Fri, 11 Apr 2025 09:59:44 +0200
Subject: [PATCH 2/2] Fix typo after review

---
 distribution/docker/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/distribution/docker/build.gradle b/distribution/docker/build.gradle
index ee9b86cbca27e..f8b18251a4b73 100644
--- a/distribution/docker/build.gradle
+++ b/distribution/docker/build.gradle
@@ -590,7 +590,7 @@ for (final Architecture architecture : Architecture.values()) {
     }
     if(base == DockerBase.DEFAULT) {
       // Add additional docker hub specific context which we use solely for publishing to docker hub.
-      // At the moment it only differs in not labels added that we need for openshit certification
+      // At the moment it only differs in not labels added that we need for openshift certification
       addBuildDockerContextTask(architecture, base, 'DockerHubContext', "docker-hub-build-context")
     }
   }