From 65b0fd1685fa44b4630da04c09159badd6518209 Mon Sep 17 00:00:00 2001
From: Scott Koranda <skoranda@gmail.com>
Date: Mon, 14 Dec 2020 10:57:26 -0600
Subject: [PATCH] Container image for development including DebugKit (CO-2062)

---
 README.md                                     |   2 +
 comanage-registry-base/comanage_utils.sh      |  28 ++++
 .../.dockerignore                             |   1 +
 .../Dockerfile                                |  39 +++++
 .../README.md                                 | 133 ++++++++++++++++++
 .../docker-comanage-entrypoint                |  27 ++++
 6 files changed, 230 insertions(+)
 create mode 100644 comanage-registry-basic-auth-develop/.dockerignore
 create mode 100644 comanage-registry-basic-auth-develop/Dockerfile
 create mode 100644 comanage-registry-basic-auth-develop/README.md
 create mode 100755 comanage-registry-basic-auth-develop/docker-comanage-entrypoint

diff --git a/README.md b/README.md
index 6019b5e..f069e45 100644
--- a/README.md
+++ b/README.md
@@ -46,6 +46,7 @@ section for links to documentation on how to deploy the images as services.
 
 * [COmanage Registry base image](comanage-registry-base/README.md)
 * [COmanage Registry with Basic Authentication](comanage-registry-basic-auth/README.md)
+* [COmanage Registry for Developers with Basic Authentication](comanage-registry-basic-auth-develop/README.md)
 * [COmanage Registry with Shibboleth SP base image](comanage-registry-shibboleth-sp-base/README.md)
 * [COmanage Registry with Shibboleth SP](comanage-registry-shibboleth-sp/README.md)
 * [COmanage Registry with mod\_auth\_openidc](comanage-registry-mod-auth-openidc/README.md)
@@ -85,6 +86,7 @@ The following link to detailed instructions for a number of deployment scenarios
 
 * [COmanage Registry base image](comanage-registry-base/README.md)
 * [COmanage Registry with Basic Authentication](comanage-registry-basic-auth/README.md)
+* [COmanage Registry for Developers with Basic Authentication](comanage-registry-basic-auth-develop/README.md)
 * [COmanage Registry with Shibboleth SP base image](comanage-registry-shibboleth-sp-base/README.md)
 * [COmanage Registry with Shibboleth SP](comanage-registry-shibboleth-sp/README.md)
 * [COmanage Registry with mod\_auth\_openidc](comanage-registry-mod-auth-openidc/README.md)
diff --git a/comanage-registry-base/comanage_utils.sh b/comanage-registry-base/comanage_utils.sh
index bd05e86..4f5f0bc 100644
--- a/comanage-registry-base/comanage_utils.sh
+++ b/comanage-registry-base/comanage_utils.sh
@@ -26,6 +26,20 @@ else
     OUTPUT=/dev/null
 fi
 
+##########################################
+# Configure CakePHP debug level
+# Globals:
+#   COMANAGE_REGISTRY_DIR
+#   OUTPUT
+# Arguments:
+#   None
+# Returns:
+#   None
+##########################################
+function comanage_utils::configure_cakephp_debug() {
+    sed -i -e '/Configure::write(.debug/ s/0/2/' "$COMANAGE_REGISTRY_DIR/app/Config/core.php" 
+}
+
 ##########################################
 # Configure console (stdout) logging
 # Globals:
@@ -40,6 +54,20 @@ function comanage_utils::configure_console_logging() {
     sed -i -e '/FileLog/ s/FileLog/ConsoleLog/' "$COMANAGE_REGISTRY_DIR/app/Config/bootstrap.php" 
 }
 
+##########################################
+# Configure CakePHP DebugKit
+# Globals:
+#   COMANAGE_REGISTRY_DIR
+#   OUTPUT
+# Arguments:
+#   None
+# Returns:
+#   None
+##########################################
+function comanage_utils::configure_cakephp_debugkit() {
+    sed -i -e '/\$components = array/ s/$/'"'"'DebugKit.Toolbar'"'"',/' "$COMANAGE_REGISTRY_DIR/app/Controller/AppController.php" 
+}
+
 ##########################################
 # Configure TIER logging
 # Globals:
diff --git a/comanage-registry-basic-auth-develop/.dockerignore b/comanage-registry-basic-auth-develop/.dockerignore
new file mode 100644
index 0000000..b43bf86
--- /dev/null
+++ b/comanage-registry-basic-auth-develop/.dockerignore
@@ -0,0 +1 @@
+README.md
diff --git a/comanage-registry-basic-auth-develop/Dockerfile b/comanage-registry-basic-auth-develop/Dockerfile
new file mode 100644
index 0000000..f0a1222
--- /dev/null
+++ b/comanage-registry-basic-auth-develop/Dockerfile
@@ -0,0 +1,39 @@
+# COmanage Registry Dockerfile template
+#
+# Portions licensed to the University Corporation for Advanced Internet
+# Development, Inc. ("UCAID") under one or more contributor license agreements.
+# See the NOTICE file distributed with this work for additional information
+# regarding copyright ownership.
+#
+# UCAID licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+ARG COMANAGE_REGISTRY_VERSION=develop
+ARG COMANAGE_REGISTRY_BASE_IMAGE_VERSION=1
+FROM comanage-registry:${COMANAGE_REGISTRY_VERSION}-basic-auth-${COMANAGE_REGISTRY_BASE_IMAGE_VERSION}
+
+ARG COMANAGE_REGISTRY_BASE_IMAGE_VERSION
+ENV COMANAGE_REGISTRY_BASE_IMAGE_VERSION ${COMANAGE_REGISTRY_BASE_IMAGE_VERSION}
+LABEL comanage_registry_base_image_version=${COMANAGE_REGISTRY_BASE_IMAGE_VERSION}
+
+ARG CAKEPHP_DEBUGKIT_SRC_URL
+ENV CAKEPHP_DEBUGKIT_SRC_URL=https://github.com/cakephp/debug_kit/zipball/2.2
+
+RUN apt-get update && apt-get install -y unzip
+
+RUN wget -O cakephp-debug_kit.zip ${CAKEPHP_DEBUGKIT_SRC_URL} \
+    && unzip -d ${COMANAGE_REGISTRY_DIR}/app/Plugin cakephp-debug_kit.zip \
+    && mv ${COMANAGE_REGISTRY_DIR}/app/Plugin/cakephp-debug_kit* ${COMANAGE_REGISTRY_DIR}/app/Plugin/DebugKit \
+    && rm cakephp-debug_kit.zip \
+    && apt-get purge -y unzip \
+    && apt-get clean
+
+COPY docker-comanage-entrypoint /usr/local/bin/
diff --git a/comanage-registry-basic-auth-develop/README.md b/comanage-registry-basic-auth-develop/README.md
new file mode 100644
index 0000000..4182614
--- /dev/null
+++ b/comanage-registry-basic-auth-develop/README.md
@@ -0,0 +1,133 @@
+<!--
+COmanage Registry Docker documentation
+
+Portions licensed to the University Corporation for Advanced Internet
+Development, Inc. ("UCAID") under one or more contributor license agreements.
+See the NOTICE file distributed with this work for additional information
+regarding copyright ownership.
+
+UCAID licenses this file to you under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with the
+License. You may obtain a copy of the License at:
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+
+# COmanage Registry Develop with Basic Auth and DebugKit
+
+Intended to build a COmanage Registry image targeted at developers that
+uses Apache HTTP Server Basic Auth (Basic Auth) as the authentication mechanism
+and that includes the CakePHP DebugKit plugin. 
+
+Basic Auth is only suitable for COmanage Registry deployments
+not operating in a federated identity context, or for an introduction
+to COmanage Registry. 
+
+See other documentation in this repository for examples on how to build images 
+that support federated identity deployments.
+
+## Build Arguments
+
+Building the image requires the following build arguments:
+
+```
+--build-arg COMANAGE_REGISTRY_VERSION=<version number>
+--build-arg COMANAGE_REGISTRY_BASE_IMAGE_VERSION=<base image version number>
+```
+
+## Build Requirements
+
+This image uses a [multi-stage build](https://docs.docker.com/develop/develop-images/multistage-build/)
+and requires that the [COmanage Registry basic auth image](../comanage-registry-basic-auth/README.md) be built first.
+
+## Building
+
+
+```
+docker build \
+  --build-arg COMANAGE_REGISTRY_VERSION=<COmanage Registry version number> \
+  --build-arg COMANAGE_REGISTRY_BASE_IMAGE_VERSION=<base image version number> \
+  -t comanage-registry:<tag> .
+```
+
+## Building Example
+
+```
+export COMANAGE_REGISTRY_VERSION=3.3.1
+export COMANAGE_REGISTRY_BASE_IMAGE_VERSION=1
+export COMANAGE_REGISTRY_BASIC_AUTH_DEVELOP_IMAGE_VERSION=1
+TAG="${COMANAGE_REGISTRY_VERSION}-basic-auth-develop-${COMANAGE_REGISTRY_BASIC_AUTH_DEVELOP_IMAGE_VERSION}" 
+docker build \
+  --build-arg COMANAGE_REGISTRY_VERSION=${COMANAGE_REGISTRY_VERSION} \
+  --build-arg COMANAGE_REGISTRY_BASE_IMAGE_VERSION=${COMANAGE_REGISTRY_BASE_IMAGE_VERSION} \
+  -t comanage-registry:$TAG .
+```
+
+## Volumes and Data Persistence
+
+See [COmanage Registry Volumes and Data Persistence](../docs/volumes-and-data-persistence.md).
+
+## Environment Variables
+
+See the [list of environment variables common to all images](../docs/comanage-registry-common-environment-variables.md)
+including this image.
+
+## Authentication
+
+This image supports using Apache HTTP Server Basic Auth (Basic Auth) as the
+authentication mechanism. To aid simple deployments for evaluating and
+learning COmanage Registry a password file with a single user and password
+is included. See the section above on environment variables.
+
+To override the default bind mount or COPY in a password file created
+with the `htpasswd` command line tool. For example
+
+```
+COPY passwords /etc/apache2/passwords
+```
+
+## Ports
+
+The image listens for web traffic on ports 80 and 443. All requests
+on port 80 are redirected to port 443.
+
+## Running
+
+See other documentation in this repository for details on how to orchestrate
+running this image with other images using an orchestration tool like
+Docker Compose, Docker Swarm, or Kubernetes.
+
+To run this image:
+
+```
+docker run -d \
+  --name comanage-registry \
+  -v /opt/comanage-registry-local:/srv/comanage-registry/local \
+  -p 80:80 \
+  -p 443:443 \
+  comanage-registry:3.3.1-basic-auth-develop-1
+```
+
+## Logging
+
+Both Apache HTTP Server and COmanage Registry log to the stdout and
+stderr of the container.
+
+## HTTPS Configuration
+
+See the section on environment variables and the `HTTPS_CERT_FILE` and
+`HTTPS_PRIVKEY_FILE` variables.
+
+Additionally you may bind mount or COPY in an X.509 certificate file (containing the CA signing certificate(s), if any)
+and associated private key file. For example
+
+```
+COPY cert.pem /etc/apache2/cert.pem
+COPY privkey.pem /etc/apache2/privkey.pem
+```
diff --git a/comanage-registry-basic-auth-develop/docker-comanage-entrypoint b/comanage-registry-basic-auth-develop/docker-comanage-entrypoint
new file mode 100755
index 0000000..e502ee0
--- /dev/null
+++ b/comanage-registry-basic-auth-develop/docker-comanage-entrypoint
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+# COmanage Registry Dockerfile entrypoint
+#
+# Portions licensed to the University Corporation for Advanced Internet
+# Development, Inc. ("UCAID") under one or more contributor license agreements.
+# See the NOTICE file distributed with this work for additional information
+# regarding copyright ownership.
+#
+# UCAID licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+source /usr/local/lib/comanage_utils.sh
+
+comanage_utils::configure_cakephp_debug
+comanage_utils::configure_cakephp_debugkit
+
+comanage_utils::exec_apache_http_server "$@"