CB 0.4

Dockerfile

@@ -1,17 +1,32 @@
-FROM centos:latest
+FROM centos:centos7
 
 # Install needed utils
 RUN rm -fr /var/cache/yum/* && yum clean all && yum -y install --setopt=tsflags=nodocs epel-release && \
     yum -y install wget zip unzip rsync openssl && \
     yum -y clean all
 
-#download/install Java
-ENV JAVA_HOME /usr
+# Install Corretto Java JDK
+#Corretto download page: https://docs.aws.amazon.com/corretto/latest/corretto-8-ug/downloads-list.html
+ARG CORRETTO_RPM=java-1.8.0-amazon-corretto-devel-1.8.0_222.b10-1.x86_64.rpm
+ARG CORRETTO_URL_BASE=https://d3pxv6yz143wms.cloudfront.net/8.222.10.1
+COPY corretto-signing-key.pub .
+RUN curl -O $CORRETTO_URL_BASE/$CORRETTO_RPM \
+    && rpm --import corretto-signing-key.pub \
+    && rpm -K $CORRETTO_RPM \
+    && rpm -i $CORRETTO_RPM \
+    && rm -r corretto-signing-key.pub $CORRETTO_RPM
+ENV JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto
+
+
+
+
+#download/install Azul Java
+#ENV JAVA_HOME /usr
 
 # Install Zulu Java
-RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems \
-        && curl -o /etc/yum.repos.d/zulu.repo http://repos.azulsystems.com/rhel/zulu.repo \
-        && yum -y install zulu-8 && alternatives --install /usr/bin/java java $JAVA_HOME/bin/java 200000
+#RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems \
+#        && curl -o /etc/yum.repos.d/zulu.repo http://repos.azulsystems.com/rhel/zulu.repo \
+#        && yum -y install zulu-8 && alternatives --install /usr/bin/java java $JAVA_HOME/bin/java 200000
 
 #RUN wget -nv --no-cookies --no-check-certificate "http://javadl.oracle.com/webapps/download/AutoDL?BundleId=233161_512cd62ec5174c3487ac17c61aaa89e8" -O /tmp/jre-8u171-linux-x64.rpm && \
 #     yum -y install /tmp/jre-8u171-linux-x64.rpm && \

Jenkinsfile

@@ -10,7 +10,8 @@ node {
     dir('tmp'){
       git([ url: "https://github.internet2.edu/docker/util.git",
           credentialsId: "jenkins-github-access-token" ])
-      sh 'mv ./bin/* ../bin/.'
+      sh 'rm -rf ./bin/windows/'
+      sh 'mv -f ./bin/* ../bin/.'
     }
     sh 'rm -rf tmp'
 

common.bash

@@ -2,4 +2,4 @@ registry="docker.io"
 maintainer="tier"
 basename="shibbidp_configbuilder_container"
 imagename="shibbidp_configbuilder_container"
-version="0.3"
+version="0.4"

configBuilder.sh

@@ -7,9 +7,9 @@ cd /scriptrun
 
 
 # script config items
-SHB_CFG_URL=https://github.internet2.edu/docker/shib-idp-conftree/archive/3.4release.zip
+SHB_CFG_URL=https://github.internet2.edu/docker/shib-idp-conftree/archive/3.4-InCommon.zip
 TOM_CFG_URL=https://github.internet2.edu/docker/shib-idp-tomcat-config/archive/master.zip
-TMP_DIR_S=/tmp/3.4release
+TMP_DIR_S=/tmp/3.4-InCommon
 TMP_DIR_T=/tmp/tomcfg
 TMP_DIR_D=/tmp/buildfiles
 #LINUX_BUILD_FILES_URL=https://github.internet2.edu/docker/shib-idp/archive/master.zip
@@ -118,12 +118,12 @@ unzip -o -d ${TMP_DIR_T} ${TMP_DIR_T}.zip > /dev/null 2>&1
 ################################################################################
 ### cp relevant folders from expanded zip to appropriate locations at $PWD/* ###
 ################################################################################
-cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4release/conf/* ${SHBCFG}
-cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4release/views/* ${SHBVIEWS}
-cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4release/edit-webapp/* ${SHBEDWAPP}
-cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4release/messages/* ${SHBMSGS}
-cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4release/metadata/* ${SHBMD}
-cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4release/credentials/* ${SHBCREDS}
+cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4-InCommon/conf/* ${SHBCFG}
+cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4-InCommon/views/* ${SHBVIEWS}
+cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4-InCommon/edit-webapp/* ${SHBEDWAPP}
+cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4-InCommon/messages/* ${SHBMSGS}
+cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4-InCommon/metadata/* ${SHBMD}
+cp -rf ${TMP_DIR_S}/shib-idp-conftree-3.4-InCommon/credentials/* ${SHBCREDS}
 cp -rf ${TMP_DIR_T}/shib-idp-tomcat-config-master/conf/* ${TOMCFG}
 cp -rf ${TMP_DIR_T}/shib-idp-tomcat-config-master/wwwroot/* ${TOMWWWROOT}
 
@@ -500,8 +500,8 @@ if test \! -f ${IDP_PROP}.dist; then
 fi
 
 sed "s/example.org\/idp\/shibboleth/${FQDN}\/idp\/shibboleth/" ${IDP_PROP}.dist > ${IDP_PROP}.tmp
-sed "s/= example.org/= ${SCOPE}/" ${IDP_PROP}.tmp > ${IDP_PROP}.tmp2
-sed "s#Password= changeit#Password= ${SEALERPWD}#" ${IDP_PROP}.tmp2 > ${IDP_PROP}
+sed "s/=example.org/=${SCOPE}/" ${IDP_PROP}.tmp > ${IDP_PROP}.tmp2
+sed "s#Password=changeit#Password=${SEALERPWD}#" ${IDP_PROP}.tmp2 > ${IDP_PROP}
 rm -f ${IDP_PROP}.tmp
 rm -f ${IDP_PROP}.tmp2
 #
@@ -513,7 +513,7 @@ if test \! -f ${LDAP_PROP}.dist; then
 fi
 
 sed "s/#idp.authn.LDAP.authenticator/idp.authn.LDAP.authenticator/" ${LDAP_PROP}.dist > ${LDAP_PROP}.tmp
-sed "s/= anonSearchAuthenticator/= bindSearchAuthenticator/" ${LDAP_PROP}.tmp > ${LDAP_PROP}.tmp2
+sed "s/=anonSearchAuthenticator/=bindSearchAuthenticator/" ${LDAP_PROP}.tmp > ${LDAP_PROP}.tmp2
 sed "s#ldap://localhost:10389#${LDAPURL}#" ${LDAP_PROP}.tmp2 > ${LDAP_PROP}.tmp3
 sed "s#uid=myservice,ou=system#${LDAPDN}#" ${LDAP_PROP}.tmp3 > ${LDAP_PROP}.tmp4
 sed "s#myServicePassword#${LDAPPWD}#" ${LDAP_PROP}.tmp4 > ${LDAP_PROP}.tmp5
@@ -761,9 +761,9 @@ rm -f ${TMP_DIR_T}.zip
 rm -rf ${TMP_DIR_T}/*
 rmdir ${TMP_DIR_T}
 
-rm -f ${TMP_DIR_D}.zip
-rm -rf ${TMP_DIR_D}/*
-rmdir ${TMP_DIR_D}
+#rm -f ${TMP_DIR_D}.zip
+#rm -rf ${TMP_DIR_D}/*
+#rmdir ${TMP_DIR_D}
 
 
 #copy config to output directory

corretto-signing-key.pub

@@ -0,0 +1,21 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+mQENBF0uBDoBCACvZR8N0drCT+9XmesLbldPf8X9wGHf96dw6ZDnSBypMNVZp9o4
+u1VUJ6YKjnbs9pyWmgiA+XcxKlZUyqNzT+LIoEDJJXE47YKks1ThltQ9R7Vwjsvb
+9fUWxrITDbPpy5EbZuWOf2l2dPdHJxOkQnf1xTUnkcHob9IwycKXdvCduKW1KbT7
+ODKN7ZYEfENj63D6eFmgWG7dVV7JvVXJMl6aDHUBCPteS+VTbghx78N1YvVpb4V0
+Hnp/LQMbz1gnKLjMUKw4PcZoRrYmEmQlWOWOFPspepLnb06wWO9lWEkIsngFiA3C
+oLxDUI8Oo67tKg/0hN2RsqWFBSSKa/F6Wc11ABEBAAG0UkFtYXpvbiBTZXJ2aWNl
+cyBMTEMgKEFtYXpvbiBDb3JyZXRvIDguMjIyLjEwLjMgcmVsZWFzZSkgPGNvcnJl
+dHRvLXRlYW1AYW1hem9uLmNvbT6JAT8EEwECACkFAl0uBDoCGy8FCQlmAYAHCwkI
+BwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRC9k98GtUDWKiqjB/wMzhyE+Fm7DXU6
+koYGHyjY9AtPNDSR9uxXT1PvCjz/Gz12x/kjMz8dOjFwI3qOJhHFmYmjLX7Xb2ZR
+1di3/AyCmCWNdxh6X9JOMFBASlcRjKQk5ha69DO4CT1cg9+VSDpvYW+01ha5VC/q
+a29WFoL7G5UWWjGku0CXkn+JIRDCBboIumcldm1qoU5LUQVbYY7yqz5gsw+3nsbO
+rpEZPjpUGSlQ7IY7aWB4FB0kCQkT8d/mWbJ5/nacy3ib8ZnpIzvrVLO2v9IqBT9f
+Ul/8fdyXfYWjv9n2vE86mrYn9VtLI5umLeljgWDTWIqDV2Atn1wVD/g4M+vvQNCe
+vjspN4eD
+=q2VU
+-----END PGP PUBLIC KEY BLOCK-----
+