From e4354299f123ec402114a60c65c64043dc93ab26 Mon Sep 17 00:00:00 2001
From: Scott Koranda <skoranda@gmail.com>
Date: Sat, 13 Feb 2021 17:51:32 -0600
Subject: [PATCH] PHP and Shibboleth SP version increase and rhscl image

Increase the PHP version to 7.3.27 and the Shibboleth SP
version to 3.2.0. Change the base for the TAP images from
centos:centos7 to rhscl/python-38-centos7 to have the
latest version of supervisor run with a supported version
of Python.
---
 comanage-registry-base/Dockerfile                           | 2 +-
 comanage-registry-internet2-tier-base/Dockerfile            | 6 ++++--
 comanage-registry-internet2-tier/Dockerfile                 | 6 ++++--
 .../docker-supervisord-entrypoint                           | 2 +-
 comanage-registry-shibboleth-sp-base/Dockerfile             | 6 +++---
 comanage-registry-shibboleth-sp/Dockerfile                  | 2 +-
 6 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/comanage-registry-base/Dockerfile b/comanage-registry-base/Dockerfile
index 6e30b37..2f0bc64 100644
--- a/comanage-registry-base/Dockerfile
+++ b/comanage-registry-base/Dockerfile
@@ -16,7 +16,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM php:7.3.23-apache-buster
+FROM php:7.3.27-apache-buster
 
 # Official PHP image with Apache HTTPD includes
 # --with-openssl
diff --git a/comanage-registry-internet2-tier-base/Dockerfile b/comanage-registry-internet2-tier-base/Dockerfile
index a40f449..fa21db3 100644
--- a/comanage-registry-internet2-tier-base/Dockerfile
+++ b/comanage-registry-internet2-tier-base/Dockerfile
@@ -16,9 +16,11 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM centos:centos7 AS php-build
+FROM centos/python-38-centos7 AS php-build
 
-ARG PHP_VERSION=7.3.23
+USER root
+
+ARG PHP_VERSION=7.3.27
 ARG PHP_SRC_URL=https://github.com/php/php-src/archive/php-${PHP_VERSION}.tar.gz
 
 RUN yum -y install epel-release \
diff --git a/comanage-registry-internet2-tier/Dockerfile b/comanage-registry-internet2-tier/Dockerfile
index b51c8c0..672145e 100644
--- a/comanage-registry-internet2-tier/Dockerfile
+++ b/comanage-registry-internet2-tier/Dockerfile
@@ -24,7 +24,9 @@ FROM comanage-registry-base:${COMANAGE_REGISTRY_VERSION}-${COMANAGE_REGISTRY_BAS
 
 FROM comanage-registry-internet2-tier-base:${COMANAGE_REGISTRY_I2_BASE_IMAGE_VERSION} AS php-build
 
-FROM centos:centos7
+FROM centos/python-38-centos7
+
+USER root
 
 ARG COMANAGE_REGISTRY_VERSION
 ENV COMANAGE_REGISTRY_VERSION ${COMANAGE_REGISTRY_VERSION}
@@ -136,7 +138,7 @@ EXPOSE 80 443
 # following line (to prevent other scripts from processing it).
 #####     ENV TIER_BEACON_OPT_OUT True
 
-ENV TIER_RELEASE=200430
+ENV TIER_RELEASE=210213
 ENV TIER_MAINTAINER=tier
 
 ENTRYPOINT ["docker-supervisord-entrypoint"]
diff --git a/comanage-registry-internet2-tier/docker-supervisord-entrypoint b/comanage-registry-internet2-tier/docker-supervisord-entrypoint
index 9c218a6..a1f871e 100755
--- a/comanage-registry-internet2-tier/docker-supervisord-entrypoint
+++ b/comanage-registry-internet2-tier/docker-supervisord-entrypoint
@@ -57,4 +57,4 @@ exec 1<&-
 exec 2<&-
 
 # Start supervisord
-exec /usr/bin/supervisord -c /usr/local/etc/supervisord.conf
+exec /opt/app-root/bin/supervisord -c /usr/local/etc/supervisord.conf
diff --git a/comanage-registry-shibboleth-sp-base/Dockerfile b/comanage-registry-shibboleth-sp-base/Dockerfile
index 2a04347..dededff 100644
--- a/comanage-registry-shibboleth-sp-base/Dockerfile
+++ b/comanage-registry-shibboleth-sp-base/Dockerfile
@@ -104,7 +104,7 @@ RUN for distUrl in ${XMLSECC_DIST_URLS}; \
       && cd .. \
       && rm -r src 
 
-ARG XMLTOOLING_URL=http://shibboleth.net/downloads/c++-opensaml/3.1.0/xmltooling-3.1.0.tar.gz
+ARG XMLTOOLING_URL=http://shibboleth.net/downloads/c++-opensaml/3.2.0/xmltooling-3.2.0.tar.gz
 
 RUN wget -O xmltooling.tar.gz "${XMLTOOLING_URL}" \
       && mkdir -p src \
@@ -121,7 +121,7 @@ RUN wget -O xmltooling.tar.gz "${XMLTOOLING_URL}" \
       && cd .. \
       && rm -r src 
 
-ARG OPENSAMLC_URL=http://shibboleth.net/downloads/c++-opensaml/3.1.0/opensaml-3.1.0.tar.gz
+ARG OPENSAMLC_URL=http://shibboleth.net/downloads/c++-opensaml/3.2.0/opensaml-3.2.0.tar.gz
 
 RUN wget -O opensamlc.tar.gz "${OPENSAMLC_URL}" \
       && mkdir -p src \
@@ -138,7 +138,7 @@ RUN wget -O opensamlc.tar.gz "${OPENSAMLC_URL}" \
       && cd .. \
       && rm -r src 
 
-ARG SHIBBOLETH_SP_URL=http://shibboleth.net/downloads/service-provider/3.1.0/shibboleth-sp-3.1.0.tar.gz
+ARG SHIBBOLETH_SP_URL=http://shibboleth.net/downloads/service-provider/3.2.0/shibboleth-sp-3.2.0.tar.gz
 
 RUN wget -O shibboleth-sp.tar.gz "${SHIBBOLETH_SP_URL}" \
       && mkdir -p src \
diff --git a/comanage-registry-shibboleth-sp/Dockerfile b/comanage-registry-shibboleth-sp/Dockerfile
index 9f9f0d1..4f6441d 100644
--- a/comanage-registry-shibboleth-sp/Dockerfile
+++ b/comanage-registry-shibboleth-sp/Dockerfile
@@ -18,7 +18,7 @@
 # limitations under the License.
 ARG COMANAGE_REGISTRY_VERSION=develop
 ARG COMANAGE_REGISTRY_BASE_IMAGE_VERSION=1
-ARG COMANAGE_REGISTRY_SHIBBOLETH_SP_VERSION="3.1.0"
+ARG COMANAGE_REGISTRY_SHIBBOLETH_SP_VERSION="3.2.0"
 ARG COMANAGE_REGISTRY_SHIBBOLETH_SP_BASE_IMAGE_VERSION=1
 
 FROM comanage-registry-shibboleth-sp-base:${COMANAGE_REGISTRY_SHIBBOLETH_SP_VERSION}-${COMANAGE_REGISTRY_SHIBBOLETH_SP_BASE_IMAGE_VERSION} AS shib-base