Updates in prepartion for Match release 1.0.0

Updates in prepartion for Match release 1.0.0.

comanage-match-base/Dockerfile

@@ -16,7 +16,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM php:7.3.5-apache-stretch
+FROM php:7.3.31-apache-bullseye
 
 # Official PHP image with Apache HTTPD includes
 # --with-openssl
@@ -95,8 +95,6 @@ COPY comanage_match_console_logging.patch /usr/local/src/
 COPY DatabaseConnectivityTestCommand.php ${COMANAGE_MATCH_DIR}/app/src/Command/
 COPY DatabaseSetupAlreadyCommand.php ${COMANAGE_MATCH_DIR}/app/src/Command/
 
-VOLUME ${COMANAGE_MATCH_DIR}/local
-
 EXPOSE 80 443
 
 # Allow values for first administrator bootstrapped into the

comanage-match-base/comanage_utils.sh

@@ -138,6 +138,8 @@ function comanage_utils::exec_apache_http_server() {
 
     comanage_utils::prepare_database_config
 
+    comanage_utils::prepare_email_config
+
     comanage_utils::prepare_https_cert_key
 
     comanage_utils::prepare_server_name
@@ -234,6 +236,105 @@ EOF
     fi
 }
 
+##########################################
+# Prepare email configuration
+# Globals:
+#   COMANAGE_MATCH_EMAIL_ACCOUNT
+#   COMANAGE_MATCH_EMAIL_ACCOUNT_PASSWORD
+#   COMANAGE_MATCH_EMAIL_FROM
+#   COMANAGE_MATCH_EMAIL_HOST
+#   COMANAGE_MATCH_EMAIL_PORT
+#   COMANAGE_MATCH_EMAIL_TRANSPORT
+#   COMANAGE_MATCH_DIR
+# Arguments:
+#   None
+# Returns:
+#   None
+##########################################
+function comanage_utils::prepare_email_config() {
+
+    # If the COmanage Match email configuration file does not exist
+    # then try to create it from injected information with reasonable defaults
+    # that aid simple evaluation deployments.
+    local email_config
+    email_config="$COMANAGE_MATCH_DIR/local/Config/email.php"
+
+    # File already exists so return.
+    if [[ -e "$email_config" ]]; then
+        return
+    fi
+
+    # File does not exist so create it.
+    local php_string
+
+    read -r -d '' php_string <<'EOF'
+<?php
+
+  return [
+      'EmailTransport' => [
+         'default' => [
+
+EOF
+    php_string+=$'\n\t\t'
+
+    if [[ -n "${COMANAGE_MATCH_EMAIL_CLASS_NAME}" ]]; then
+        php_string+=$'\n\t\t'
+        php_string+="'className' => '${COMANAGE_MATCH_EMAIL_CLASS_NAME}',"
+    fi
+
+    if [[ -n "${COMANAGE_MATCH_EMAIL_HOST}" ]]; then
+        php_string+=$'\n\t\t'
+        php_string+="'host' => '${COMANAGE_MATCH_EMAIL_HOST}',"
+    fi
+
+    # The value of port is an integer.
+    if [[ -n "${COMANAGE_MATCH_EMAIL_PORT}" ]]; then
+        php_string+=$'\n\t\t'
+        php_string+="'port' => ${COMANAGE_MATCH_EMAIL_PORT},"
+    fi
+
+    if [[ -n "${COMANAGE_MATCH_EMAIL_ACCOUNT}" ]]; then
+        php_string+=$'\n\t\t'
+        php_string+="'username' => '${COMANAGE_MATCH_EMAIL_ACCOUNT}',"
+    fi
+
+    if [[ -n "${COMANAGE_MATCH_EMAIL_ACCOUNT_PASSWORD}" ]]; then
+        php_string+=$'\n\t\t'
+        php_string+="'password' => '${COMANAGE_MATCH_EMAIL_ACCOUNT_PASSWORD}',"
+    fi
+
+    php_string+=$'\n\t\t'
+    php_string+="'tls' => true,"
+
+    php_string+=$'\n\t'
+    php_string+="],"
+
+    php_string+=$'\n'
+    php_string+="],"
+
+    php_string+=$'\n'
+    php_string+="'Email' => ["
+
+    php_string+=$'\n\t'
+    php_string+="'default' => ["
+
+    php_string+=$'\n\t\t'
+    php_string+="'transport' => 'default',"
+
+    if [[ -n "${COMANAGE_MATCH_EMAIL_FROM_EMAIL}" ]]; then
+        php_string+=$'\n\t\t'
+        php_string+="'from' => '${COMANAGE_MATCH_EMAIL_FROM_EMAIL}',"
+    else
+        php_string+=$'\n\t\t'
+        php_string+="'from' => 'postmaster@organization.edu',"
+
+    fi
+
+    php_string+=$'\n\t\t],\n\t],\n];'
+
+    printf "%s" "$php_string" > $email_config
+}
+
 ##########################################
 # Prepare cert and key for HTTPS
 # Globals:

comanage-match-internet2-tap-base/Dockerfile

@@ -16,9 +16,11 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM centos:centos7 AS php-build
+FROM centos/python-38-centos7 AS php-build
 
-ARG PHP_VERSION=7.3.5
+USER root
+
+ARG PHP_VERSION=7.3.31
 ARG PHP_SRC_URL=https://github.com/php/php-src/archive/php-${PHP_VERSION}.tar.gz
 
 RUN yum -y install epel-release \
@@ -40,7 +42,7 @@ RUN yum -y update \
             libxslt-devel \
             make \
             openssl-devel \
-            postgresql-devel \
+            rh-postgresql13-devel \
             re2c \
             wget \
         && yum clean all

comanage-match-internet2-tap/Dockerfile

@@ -24,7 +24,9 @@ FROM comanage-match-base:${COMANAGE_MATCH_VERSION}-${COMANAGE_MATCH_BASE_IMAGE_V
 
 FROM comanage-match-internet2-tap-base:${COMANAGE_MATCH_I2_BASE_IMAGE_VERSION} AS php-build
 
-FROM centos:centos7
+FROM centos/python-38-centos7
+
+USER root
 
 ARG COMANAGE_MATCH_VERSION
 ENV COMANAGE_MATCH_VERSION ${COMANAGE_MATCH_VERSION}
@@ -132,7 +134,7 @@ EXPOSE 80 443
 # following line (to prevent other scripts from processing it).
 #####     ENV TIER_BEACON_OPT_OUT True
 
-ENV TIER_RELEASE=190527
+ENV TIER_RELEASE=211005
 ENV TIER_MAINTAINER=tier
 
 ENTRYPOINT ["docker-supervisord-entrypoint"]

comanage-match-postgres/Dockerfile

@@ -16,8 +16,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM postgres:11.3
-#FROM postgres:9.6.13
+FROM postgres:13.4
 
 #RUN apt-get update && apt-get install -y \
     #         postgresql-contrib-9.6 \
@@ -41,7 +40,7 @@ ARG COMANAGE_MATCH_POSTGRES_USER_PASSWORD
 
 ENV COMANAGE_MATCH_POSTGRES_DATABASE ${COMANAGE_MATCH_POSTGRES_DATABASE:-match}
 ENV COMANAGE_MATCH_POSTGRES_USER ${COMANAGE_MATCH_POSTGRES_USER:-match_user}
-ENV COMANAGE_MATCH_POSTGRES_USER_PASSWORD ${COMANAGE_MATCH_POSTGRES_USER_PASSWORD:-}
+ENV COMANAGE_MATCH_POSTGRES_USER_PASSWORD ${COMANAGE_MATCH_POSTGRES_USER_PASSWORD:-password}
 
 ENTRYPOINT ["/usr/local/bin/comanage-match-postgres-entrypoint.sh"]
 

comanage-match-postgres/comanage-match-postgres-entrypoint.sh

@@ -34,4 +34,9 @@ if [[ -f "${COMANAGE_MATCH_POSTGRES_USER_PASSWORD_FILE}" ]]; then
     export COMANAGE_MATCH_POSTGRES_USER_PASSWORD
 fi
 
-exec "/docker-entrypoint.sh" "$@"
+if [[ -z "${POSTGRES_PASSWORD}" && -z "${POSTGRES_PASSWORD_FILE}" ]]; then
+    POSTGRES_PASSWORD=${COMANAGE_MATCH_POSTGRES_USER_PASSWORD:-password}
+    export POSTGRES_PASSWORD
+fi
+
+exec "docker-entrypoint.sh" "$@"

comanage-match-shibboleth-sp/Dockerfile

@@ -18,7 +18,7 @@
 # limitations under the License.
 ARG COMANAGE_MATCH_VERSION=develop
 ARG COMANAGE_MATCH_BASE_IMAGE_VERSION=1
-ARG COMANAGE_SHIBBOLETH_SP_VERSION="3.0.4"
+ARG COMANAGE_SHIBBOLETH_SP_VERSION="3.2.3"
 ARG COMANAGE_SHIBBOLETH_SP_BASE_IMAGE_VERSION=1
 
 FROM comanage-shibboleth-sp-base:${COMANAGE_SHIBBOLETH_SP_VERSION}-${COMANAGE_SHIBBOLETH_SP_BASE_IMAGE_VERSION} AS shib-base