Skip to content
This repository has been archived by the owner. It is now read-only.

Backporting appliance for debug #4

Merged
3 commits merged into from Sep 23, 2016
Merged

Backporting appliance for debug #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4cfa05b
Backporting the work done in appliance to get to the bottom of a cach…
Sep 23, 2016
d6054b0
Tests passing locally
Sep 23, 2016
befb03d
Making sure the directory is there
Sep 23, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 4 additions & 1 deletion Dockerfile
View file
Open in desktop
Expand Up @@ -8,5 +8,8 @@ LABEL Version=$version
ENV VERSION=$version

#ADD ./container_files /opt/
#RUN ln -s /opt/etc/httpd/conf.d/virtual_host_443.conf /etc/httpd/conf.d/00-comanage-443.conf
COPY autoexec/ /opt/autoexec/
COPY certs/ /opt/httpd/ssl/
COPY conf/00-comanage-443.conf /opt/etc/httpd/conf.d/virtual_host_443.conf
RUN ln -s /opt/etc/httpd/conf.d/virtual_host_443.conf /etc/httpd/conf.d/00-comanage-443.conf
VOLUME /etc/httpd/logs
Empty file added autoexec/.gitkeep
View file
Open in desktop
Empty file.
2 changes: 1 addition & 1 deletion bin/recompose.sh
View file
Open in desktop
@@ -1,3 +1,3 @@
#!/bin/bash

source bin/decompose.sh && source bin/destroy.sh && source bin/prune.sh && source bin/build.sh && source bin/compose.sh
source bin/decompose.sh && source bin/destroy.sh && source bin/prune.sh && source bin/rebuild.sh && source bin/compose.sh
22 changes: 22 additions & 0 deletions certs/server.crt
View file
Open in desktop
@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDrDCCApQCCQCqx2/xzYm5ejANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMC
VVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRIwEAYDVQQHEwlDaGFybG90dGUx
DzANBgNVBAoTBkxldnZlbDEPMA0GA1UECxMGRG9ja2VyMREwDwYDVQQDEwhiaWdm
bGVldDEmMCQGCSqGSIb3DQEJARYXamltLnZhbi5mbGVldEBsZXZ2ZWwuaW8wHhcN
MTYwODEyMTY0MTMyWhcNMTcwODEyMTY0MTMyWjCBlzELMAkGA1UEBhMCVVMxFzAV
BgNVBAgTDk5vcnRoIENhcm9saW5hMRIwEAYDVQQHEwlDaGFybG90dGUxDzANBgNV
BAoTBkxldnZlbDEPMA0GA1UECxMGRG9ja2VyMREwDwYDVQQDEwhiaWdmbGVldDEm
MCQGCSqGSIb3DQEJARYXamltLnZhbi5mbGVldEBsZXZ2ZWwuaW8wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe3SNdeVXz0QEvwI8WSKp3XjF1Z6baCbhK
tlxwCexvt1CbtUmvBM6ztDmYwqdMwKvQB/UfVdilgUR8Ywo6VQTQ4pv+xYVAaVTo
AWNR/UD2/F+MriV+kVDLRfeql4os0C96c6yNthe1bQbrT4BZR0eOT7vBi3ozN38G
acUH2+owv2TnzVp27dGW2WIrWxL8G49w+Jy8K/nVdrEr48F/6349NHXizBdycpVG
MIdD62qmBb3SdWezKXmczOlHTLtXhKSZO+bQaYA81sGPkDB7NsUkHV1t8kMBt8sC
MPP4K5BAqIJdigg6nBINIuoa0mdMI37W7phUcLnjg5FsZUn95DMvAgMBAAEwDQYJ
KoZIhvcNAQELBQADggEBAGhWie1wkXg8V3rG4nGvDLVCFi8V4fPLF5dL5HCULGde
i9Xz+v412qt1kxgDDwlSZ3oRP1z/tKIywRgLD0NcBJYHqzJN+5gg+ZJMHLEn/bOf
CS6H91dWD93vlcdBMhyh/rz1PafBWc+TyaNuvihSz4V7kpUdUQ7ovXwv3yeSJelT
OFzQbjx+roSfFOK7CuIEOee42MAcaqD5LpnGCIujPQgAje3OdyDeofoFA0XehY/Y
QzooAqSqYhomN6G4RFRAiYwXVkhKbeLBdOOs3rjdymcrFSvwWUJKx7EtpUegucEw
krFR4hpkGmKABuhVZp/g1zxzeodkwRyJFrQEecFQIN4=
-----END CERTIFICATE-----
18 changes: 18 additions & 0 deletions certs/server.csr
View file
Open in desktop
@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE REQUEST-----
MIIC3TCCAcUCAQAwgZcxCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJv
bGluYTESMBAGA1UEBxMJQ2hhcmxvdHRlMQ8wDQYDVQQKEwZMZXZ2ZWwxDzANBgNV
BAsTBkRvY2tlcjERMA8GA1UEAxMIYmlnZmxlZXQxJjAkBgkqhkiG9w0BCQEWF2pp
bS52YW4uZmxlZXRAbGV2dmVsLmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3t0jXXlV89EBL8CPFkiqd14xdWem2gm4SrZccAnsb7dQm7VJrwTOs7Q5
mMKnTMCr0Af1H1XYpYFEfGMKOlUE0OKb/sWFQGlU6AFjUf1A9vxfjK4lfpFQy0X3
qpeKLNAvenOsjbYXtW0G60+AWUdHjk+7wYt6Mzd/BmnFB9vqML9k581adu3Rltli
K1sS/BuPcPicvCv51XaxK+PBf+t+PTR14swXcnKVRjCHQ+tqpgW90nVnsyl5nMzp
R0y7V4SkmTvm0GmAPNbBj5AwezbFJB1dbfJDAbfLAjDz+CuQQKiCXYoIOpwSDSLq
GtJnTCN+1u6YVHC544ORbGVJ/eQzLwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEB
AJ6hDOof0VueZkGT9wIz/5pKJgoTe9kTNnnHfnXitROwxEEF5gyFPICXkALbJkC7
HqNl+wd/cG010CoeAI5rcoYDvfY5WAmIOXQF2Zo4EV6XgfBwnk/Jz1T6TvryB14o
Pp/jwJzurEi90bCHmxELIJwHQPGxbLdF5ScNTg26xXkt6FI4w9utTzh85Pgmxir6
7niVc3MvR9eyWVXF3NiakQw9oM8FsfRY2i3c87ugcuH0LDrVUFkz4GqS8vC6N1Ao
L/KAmBvfz25bq+GaXSKb2OQyvNHcM8lquP0vQKsvrs1ecUY4YILBy1yCEGUSxDGM
kH3F2FuaT22hbNM1JxrLo2Q=
-----END CERTIFICATE REQUEST-----
27 changes: 27 additions & 0 deletions certs/server.key
View file
Open in desktop
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA3t0jXXlV89EBL8CPFkiqd14xdWem2gm4SrZccAnsb7dQm7VJ
rwTOs7Q5mMKnTMCr0Af1H1XYpYFEfGMKOlUE0OKb/sWFQGlU6AFjUf1A9vxfjK4l
fpFQy0X3qpeKLNAvenOsjbYXtW0G60+AWUdHjk+7wYt6Mzd/BmnFB9vqML9k581a
du3RltliK1sS/BuPcPicvCv51XaxK+PBf+t+PTR14swXcnKVRjCHQ+tqpgW90nVn
syl5nMzpR0y7V4SkmTvm0GmAPNbBj5AwezbFJB1dbfJDAbfLAjDz+CuQQKiCXYoI
OpwSDSLqGtJnTCN+1u6YVHC544ORbGVJ/eQzLwIDAQABAoIBAEDDmLRgP1ckRKkA
11QNd+RKbisFHRq9ul2T0xcH+zqX1gf5zdjbl8nnNNmsr3uBfixtM5GQm+20vBc9
nMpIzKZ7RAPsmIWYVoE5bgh0hT2BJ681KFY4mncH9SoQ8amGMlXuaZWg9hDWBy24
o77OFQBJMXHUO4XIudQ+RnC7OrpBSZDIRq9pF4CIAOZ5muWTeK8IHF7CYfMlcz9z
F2y+MbUHYwVstQZlnhHA8zB2jAdy58PhCf44niGSI/ny9ww/ntSpqM/qM6pqv0H6
GMV/ZA4UhJ7rbDzfUrTVfuJJDZr0X00RjKQBwLYqGA+vegwgyQU0RX0uL+vKHNYz
z5Uba1ECgYEA9BK4Y/ofxZTiXVEc1JM3NsCTPJgySzsgcmvtLh9Md4tXHd9kliW2
4I2e/Alt6dwXwEOxUV1drc6B+A4Y09KMaAWQRxAsVY5khotChPAIhYXXDir9srEW
nR1Y5pBdMw89PQgIDKBHK9gp+Fo3InxsHN+QdfJmyXDzOvFBRLOgkdkCgYEA6cEY
konEDB7Kd4S7lYKuk1euvFp1XUk5MSXmz2JR6uvB5RaJJNvXBuZB0i60jeUHgA3V
mouwjuX1zsVSRQEtQ37eiQ2p7ivd1j86SlMBRzFxFempGV00IZevXiBxtfnx38Lw
mYYOWMXdX0CsV/HHvUpTrkC1F8rIP1tXj0IhwEcCgYEAq1q1P+OsCLBlWDSJNCkC
+5qqBEGqFa02M37YLqhkrA0UpXFgEhX6VZ63/qS0GRqfRimAROpyyYKRNtDW12gb
kTBOwcV2Cr8Ejn0Yv3Ix2WREvrqqEJlJkha3gm/aLu3FBaMs24hvTzXdCXJ1AO4v
jPncVyJOzaBR85DLTOt7kMkCgYAHoRjHN53hc2PSUM+6ioBeKL94QE+SUuB9/Smy
XRglXbp/WqPxQweanwtI6+NSukXrZQgyuhpyH4lNTV1pCSfMCykCOiLwthfQdVHW
uSzSgQea2nx9anBYJFZB8Tck5FqDnh4yNJDlTtfx0u+NE0Qcpn9isZP3idPNVZLf
Bx6I4wKBgQDagUD7YJ3oX/4mbBmWJ/z7fAWcUqdRC2kwVfOn2qdeRgVNXQD97u0f
ZUw7fH6MSKHkuQsM0UWxex2dxxfJaFH5aF5EqXzlT/9by4Ela9p6GtecyuNPDnm+
jReIeDTO73BnM0LJNPPyd/CSHvaVEgvVmjjNTkuBYpyk8HVXf/Cd/A==
-----END RSA PRIVATE KEY-----
1 change: 1 addition & 0 deletions common.bash
View file
Open in desktop
@@ -1,2 +1,3 @@
maintainer="my"
imagename="comanage"
version="1.0.5"
99 changes: 99 additions & 0 deletions conf/00-comanage-443.conf
View file
Open in desktop
@@ -0,0 +1,99 @@
# Licensed to the University Corporation for Advanced Internet Development,
# Inc. (UCAID) under one or more contributor license agreements. See the
# NOTICE file distributed with this work for additional information regarding
# copyright ownership. The UCAID licenses this file to You under the Apache
# License, Version 2.0 (the "License"); you may not use this file except in
# compliance with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
<VirtualHost _default_:443>
ServerName https://localhost:443
UseCanonicalName On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLHonorCipherOrder on
SSLCompression off
SSLCertificateFile /opt/httpd/ssl/server.crt
SSLCertificateKeyFile /opt/httpd/ssl/server.key

# Optional parameter that will only be uncommented on initialization
# if the file exists:
#SSLCertificateChainFile CHANGE_TO_SSL_HTTPD_CHAIN

BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0


<Directory />
AllowOverride none
Require all denied
</Directory>

DocumentRoot "/var/www/html"

<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>

<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>

<Directory "/var/www/html/registry">
Options Indexes FollowSymLinks MultiViews
DirectoryIndex index.php
AllowOverride All
Require all granted
</Directory>

ShibCompatValidUser Off
<Location "/Shibboleth.sso">
AuthType None
Require all granted
</Location>

<Location "/shibboleth-sp">
AuthType None
Require all granted
</Location>
Alias /shibboleth-sp/main.css /usr/share/shibboleth/main.css

<Directory "/var/www/html/registry/auth/login">
AuthType shibboleth
ShibRequestSetting requireSession 1
Require shib-session
</Directory>

Redirect "/registry/users/logout" "https://localhost/Shibboleth.sso/Logout?return=https%3A//localhost/registry/"

<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>

<Files ".ht*">
Require all denied
</Files>

</VirtualHost>
1 change: 0 additions & 1 deletion conf/db.env
View file
Open in desktop
@@ -1,4 +1,3 @@
CREATE_NEW_DATABASE=1
MYSQL_ROOT_PASSWORD=123321
MYSQL_DATADIR=/var/lib/mysqlmounted
TERM=dumb
11 changes: 11 additions & 0 deletions tests/running.bats
View file
Open in desktop
Expand Up @@ -16,4 +16,15 @@ load ../common

@test "Leaves running comanage process" {
docker ps | grep my/comanage
}

@test "Cache directory created" {
docker exec -i $imagename find /opt/comanage/comanage-registry-$version/app/tmp/cache
}

@test "200 response possible" {
run docker exec -i comanage curl -k -o /dev/null --silent --head --write-out '%{http_code}\n' https://localhost/registry/
echo ${output}
[ "$status" -eq 0 ]
[[ ${output} == *"302"* || ${output} == *"200"* ]]
}