Skip to content
Permalink
Browse files

Merging grouper_noVM into grouper master

  • Loading branch information...
chubing committed Apr 4, 2018
1 parent 4d78613 commit 18933308c56a8a4d15d5bed0d74a3a22ed220fd7
Showing with 23,277 additions and 659 deletions.
  1. +129 −71 Dockerfile
  2. +56 −75 Jenkinsfile
  3. +201 −0 LICENSE
  4. +281 −3 README.md
  5. +1 −2 common.bash
  6. +144 −0 container_files/api/log4j.properties
  7. +0 −22 container_files/autoexec/onbuild/0_install_java.sh
  8. +0 −15 container_files/bin/check.sh
  9. +0 −11 container_files/bin/cleanup.sh
  10. +0 −33 container_files/bin/configure.sh
  11. +0 −23 container_files/bin/main.sh
  12. +0 −4 container_files/bin/run.sh
  13. +0 −69 container_files/bin/start.sh
  14. +0 −8 container_files/bin/tier-bootstrap.gsh
  15. +0 −7 container_files/etc/MariaDB.repo
  16. +0 −8 container_files/etc/grouper.hibernate.pointer.properties
  17. +0 −43 container_files/etc/grouper.installer.properties
  18. +0 −2 container_files/etc/grouper.properties
  19. +39 −0 container_files/grouper.installer.properties
  20. +16 −0 container_files/httpd/grouper-www.conf
  21. +28 −0 container_files/httpd/ssl-enabled.conf
  22. +153 −0 container_files/shibboleth/attribute-map.xml
  23. +59 −0 container_files/shibboleth/shibd.logger
  24. +6 −0 container_files/tier-support/grouper-ws-scim.xml
  25. +4 −0 container_files/tier-support/grouper-ws.xml
  26. +4 −0 container_files/tier-support/grouper.xml
  27. +39 −0 container_files/tier-support/supervisord-tomcat.conf
  28. +31 −0 container_files/tier-support/supervisord-tomee.conf
  29. +3 −0 container_files/tomcat/bin/setenv.sh
  30. +26 −0 container_files/tomcat/conf/log4j2.xml
  31. +173 −0 container_files/tomcat/conf/server.xml
  32. +46 −0 container_files/tomcat/conf/tomcat-users.xml
  33. +3 −0 container_files/tomee/bin/setenv.sh
  34. +26 −0 container_files/tomee/conf/log4j2.xml
  35. +164 −0 container_files/tomee/conf/server.xml
  36. +51 −0 container_files/tomee/conf/tomcat-users.xml
  37. +144 −0 container_files/ui/classes/log4j.properties
  38. +203 −0 container_files/ui/web.xml
  39. +9 −0 container_files/usr-local-bin/daemon
  40. +9 −0 container_files/usr-local-bin/gsh
  41. +100 −0 container_files/usr-local-bin/library.sh
  42. +7 −0 container_files/usr-local-bin/scim
  43. +9 −0 container_files/usr-local-bin/ui
  44. +10 −0 container_files/usr-local-bin/ui-ws
  45. +7 −0 container_files/usr-local-bin/ws
  46. +0 −20 container_files/wait-for-it/LICENSE
  47. +0 −59 container_files/wait-for-it/README.md
  48. +0 −161 container_files/wait-for-it/wait-for-it.sh
  49. +144 −0 container_files/ws/classes/log4j.properties
  50. +5 −0 manualBuild.sh
  51. +64 −0 test-compose/README.md
  52. +2 −0 test-compose/compose.sh
  53. 0 test-compose/configs-and-secrets/grouper/database_password.txt
  54. +62 −0 test-compose/configs-and-secrets/grouper/grouper-loader.properties
  55. +112 −0 test-compose/configs-and-secrets/grouper/grouper.client.properties
  56. +3 −23 {container_files/etc → test-compose/configs-and-secrets/grouper}/grouper.hibernate.properties
  57. +25 −0 test-compose/configs-and-secrets/grouper/grouper.properties
  58. +1 −0 test-compose/configs-and-secrets/grouper/rabbitmq_password.txt
  59. +75 −0 test-compose/configs-and-secrets/grouper/subject.properties
  60. 0 test-compose/configs-and-secrets/httpd/cachain-cer.pem
  61. +20 −0 test-compose/configs-and-secrets/httpd/host-cert.pem
  62. +28 −0 test-compose/configs-and-secrets/httpd/host-key.pem
  63. +219 −0 test-compose/configs-and-secrets/shibboleth/idp-metadata.xml
  64. +136 −0 test-compose/configs-and-secrets/shibboleth/shibboleth2.xml
  65. +20 −0 test-compose/configs-and-secrets/shibboleth/sp-cert.pem
  66. +28 −0 test-compose/configs-and-secrets/shibboleth/sp-key.pem
  67. +5 −0 test-compose/daemon/Dockerfile
  68. +51 −0 test-compose/data/Dockerfile
  69. +29 −0 test-compose/data/container_files/conf/grouper.hibernate.properties
  70. +25 −0 test-compose/data/container_files/conf/grouper.properties
  71. +75 −0 test-compose/data/container_files/conf/subject.properties
  72. +3 −0 test-compose/data/container_files/seed-data/bootstrap.gsh
  73. +28 −0 test-compose/data/container_files/seed-data/ds-setup.inf
  74. +2,540 −0 test-compose/data/container_files/seed-data/sisData.sql
  75. +15,522 −0 test-compose/data/container_files/seed-data/users.ldif
  76. +263 −0 test-compose/docker-compose.yml
  77. +5 −0 test-compose/gsh/Dockerfile
  78. +5 −0 test-compose/idp/Dockerfile
  79. +37 −0 test-compose/idp/shibboleth-idp/conf/attribute-filter.xml
  80. +293 −0 test-compose/idp/shibboleth-idp/conf/attribute-resolver.xml
  81. +195 −0 test-compose/idp/shibboleth-idp/conf/idp.properties
  82. +58 −0 test-compose/idp/shibboleth-idp/conf/ldap.properties
  83. +80 −0 test-compose/idp/shibboleth-idp/conf/metadata-providers.xml
  84. +19 −0 test-compose/idp/shibboleth-idp/credentials/idp-backchannel.crt
  85. BIN test-compose/idp/shibboleth-idp/credentials/idp-backchannel.p12
  86. BIN test-compose/idp/shibboleth-idp/credentials/idp-browser.p12
  87. +19 −0 test-compose/idp/shibboleth-idp/credentials/idp-encryption.crt
  88. +27 −0 test-compose/idp/shibboleth-idp/credentials/idp-encryption.key
  89. +19 −0 test-compose/idp/shibboleth-idp/credentials/idp-signing.crt
  90. +27 −0 test-compose/idp/shibboleth-idp/credentials/idp-signing.key
  91. BIN test-compose/idp/shibboleth-idp/credentials/sealer.jks
  92. +2 −0 test-compose/idp/shibboleth-idp/credentials/sealer.kver
  93. +78 −0 test-compose/idp/shibboleth-idp/metadata/grouper-sp.xml
  94. +219 −0 test-compose/idp/shibboleth-idp/metadata/idp-metadata.xml
  95. +8 −0 test-compose/scim/Dockerfile
  96. +51 −0 test-compose/scim/container_files/tomcat-users.xml
  97. +30 −0 test-compose/scim/container_files/web.xml
  98. +7 −0 test-compose/ui/Dockerfile
  99. +69 −0 test-compose/ui/container_files/shibboleth/shibd.logger
  100. +9 −0 test-compose/ws/Dockerfile
  101. +180 −0 test-compose/ws/container_files/server.xml
  102. +46 −0 test-compose/ws/container_files/tomcat-users.xml
  103. +128 −0 test-compose/ws/container_files/web.xml
@@ -1,73 +1,131 @@
FROM centos:centos7 as installing

RUN yum update -y \
&& yum install -y wget tar unzip dos2unix \
&& yum clean all

ENV GROUPER_VERSION=2.3.0 \
JAVA_HOME=/opt/java

RUN java_version=8.0.131; \
zulu_version=8.21.0.1; \
echo 'Downloading the OpenJDK Zulu...' \
&& wget -q http://cdn.azul.com/zulu/bin/zulu$zulu_version-jdk$java_version-linux_x64.tar.gz \
&& echo "1931ed3beedee0b16fb7fd37e069b162 zulu$zulu_version-jdk$java_version-linux_x64.tar.gz" | md5sum -c - \
&& tar -zxvf zulu$zulu_version-jdk$java_version-linux_x64.tar.gz -C /opt \
&& ln -s /opt/zulu$zulu_version-jdk$java_version-linux_x64 $JAVA_HOME

#RUN java_version=8u151; \
# java_bnumber=12; \
# java_semver=1.8.0_151; \
# java_hash=123b1d755416aa7579abc03f01ab946e612e141b6f7564130f2ada00ed913f1d; \
# echo 'Downloading the Oracle Java...' \
# && wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" \
# http://download.oracle.com/otn-pub/java/jdk/$java_version-b$java_bnumber/e758a0de34e24606bca991d704f6dcbf/server-jre-$java_version-linux-x64.tar.gz \
# && echo "$java_hash server-jre-$java_version-linux-x64.tar.gz" | sha256sum -c - \
# && tar -zxvf server-jre-$java_version-linux-x64.tar.gz -C /opt \
# && ln -s /opt/jdk$java_semver/ $JAVA_HOME

RUN echo 'Downloading Grouper Installer...' \
&& mkdir -p /opt/grouper/$GROUPER_VERSION \
&& wget -q -O /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar http://software.internet2.edu/grouper/release/$GROUPER_VERSION/grouperInstaller.jar

COPY container_files/grouper.installer.properties /opt/grouper/$GROUPER_VERSION

RUN echo 'Installing Grouper'; \
PATH=$PATH:$JAVA_HOME/bin; \
cd /opt/grouper/$GROUPER_VERSION/ \
&& $JAVA_HOME/bin/java -cp :grouperInstaller.jar edu.internet2.middleware.grouperInstaller.GrouperInstaller



FROM centos:centos7 as cleanup

ENV GROUPER_VERSION=2.3.0 \
TOMCAT_VERSION=8.5.12 \
TOMEE_VERSION=7.0.0

COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar /opt/grouper/
COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.apiBinary-$GROUPER_VERSION/ /opt/grouper/grouper.apiBinary/
COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ui-$GROUPER_VERSION/dist/grouper/ /opt/grouper/grouper.ui/
COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ws-$GROUPER_VERSION/grouper-ws/build/dist/grouper-ws/ /opt/grouper/grouper.ws/
COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ws-$GROUPER_VERSION/grouper-ws-scim/targetBuiltin/grouper-ws-scim/ /opt/grouper/grouper.scim/
#COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.clientBinary-$GROUPER_VERSION/ /opt/grouper/grouper.clientBinary/
COPY --from=installing /opt/grouper/$GROUPER_VERSION/apache-tomcat-$TOMCAT_VERSION/ /opt/tomcat/
COPY --from=installing /opt/grouper/$GROUPER_VERSION/apache-tomee-webprofile-$TOMEE_VERSION/ /opt/tomee/

ADD http://central.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomcat/bin
ADD http://central.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomcat/bin
ADD http://central.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomcat/bin

ADD http://central.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomee/bin
ADD http://central.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomee/bin
ADD http://central.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomee/bin

RUN cd /opt/grouper/grouper.apiBinary/; \
rm -fr ddlScripts/ grouper.lck grouper.log grouper.script grouper.tmp/ gshAddGrouperSystemWsGroup.gsh logs/

RUN cd /opt/tomcat/; \
chmod +r bin/log4j-*.jar; \
rm -fr webapps/docs/ webapps/examples/ webapps/host-manager/ webapps/manager/ logs/* temp/* work/* conf/logging.properties

RUN cd /opt/tomee/; \
chmod +r bin/log4j-*.jar; \
rm -fr webapps/docs/ webapps/host-manager/ webapps/manager/ logs/* temp/* work/* conf/logging.properties

COPY container_files/api/* /opt/grouper/grouper.apiBinary/conf/
COPY container_files/ui/ /opt/grouper/grouper.ui/WEB-INF/
COPY container_files/ws/ /opt/grouper/grouper.ws/WEB-INF/
COPY container_files/tomcat/ /opt/tomcat/
COPY container_files/tomee/ /opt/tomee/


FROM tier/shibboleth_sp

# Define args and set a default value
ARG maintainer=tier
ARG imagename=grouper
ARG version=2.3.0
ARG tierversion=17070

MAINTAINER $maintainer
LABEL Vendor="Internet2"
LABEL ImageType="Base"
LABEL ImageName=$imagename
LABEL ImageOS=centos7
LABEL Version=$version

ENV VERSION=$version
ENV TIERVERSION=$tierversion
ENV IMAGENAME=$imagename
ENV MAINTAINER=$maintainer

ENV TOMCAT_VERSION="8.5.12"
ENV WAIT_TIME=60

LABEL Build docker build --rm --tag $maintainer/$imagename .

ADD container_files /opt
ONBUILD ADD additional_container_files /opt

RUN mkdir -p /opt/grouper/$VERSION \
&& mv /opt/etc/grouper.installer.properties /opt/grouper/$VERSION/. \
&& mv /opt/etc/MariaDB.repo /etc/yum.repos.d/MariaDB.repo \
&& curl -o /opt/grouper/$VERSION/grouperInstaller.jar https://software.internet2.edu/grouper/release/$VERSION/grouperInstaller.jar \
&& yum -y update \
&& yum -y install --setopt=tsflags=nodocs \
dos2unix \
MariaDB-client \
telnet \
emacs \
mlocate \
&& yum clean all \
&& /opt/autoexec/bin/onbuild.sh \
&& rm /opt/grouper/$version/grouper.apiBinary-$version/conf/grouper.hibernate.properties && \
cp /opt/etc/grouper.hibernate.pointer.properties /opt/grouper/$version/grouper.apiBinary-$version/conf/grouper.hibernate.properties && \
rm /opt/grouper/$version/grouper.ws-$version/grouper-ws/build/dist/grouper-ws/WEB-INF/classes/grouper.hibernate.properties && \
cp /opt/etc/grouper.hibernate.pointer.properties /opt/grouper/$version/grouper.ws-$version/grouper-ws/build/dist/grouper-ws/WEB-INF/classes/grouper.hibernate.properties && \
rm /opt/grouper/$version/grouper.ui-$version/dist/grouper/WEB-INF/classes/grouper.hibernate.properties && \
cp /opt/etc/grouper.hibernate.pointer.properties /opt/grouper/$version/grouper.ui-$version/dist/grouper/WEB-INF/classes/grouper.hibernate.properties && \
ln -sf /opt/bin/run.sh /usr/local/bin/run.sh && \
updatedb

#/opt/grouper/2.3.0/grouper.apiBinary-2.3.0/conf/grouper.hibernate.properties

# Export this variable so that shibd can find it's CURL library
RUN LD_LIBRARY_PATH="/opt/shibboleth/lib64"
RUN export LD_LIBRARY_PATH

# The installer creates a HSQL DB which we ignore later

WORKDIR /opt/grouper/$version

#VOLUME /opt/grouper/2.3.0/apache-tomcat-$TOMCAT_VERSION/logs

EXPOSE 8080 8009 8005

ADD files/bin/setenv.sh /opt/tier/setenv.sh
RUN chmod +x /opt/tier/setenv.sh
ADD files/bin/startup.sh /usr/bin/startup.sh
RUN chmod +x /usr/bin/startup.sh
ADD files/bin/sendtierbeacon.sh /usr/bin/sendtierbeacon.sh
RUN chmod +x /usr/bin/sendtierbeacon.sh


CMD ["/usr/bin/startup.sh"]
LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
Vendor="TIER" \
ImageType="Grouper" \
ImageName=$imagename \
ImageOS=centos7

ENV JAVA_HOME=/opt/java \
PATH=$PATH:$JAVA_HOME/bin \
GROUPER_HOME=/opt/grouper/grouper.apiBinary

RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime

RUN yum update -y \
&& yum install -y cron logrotate python-pip \
&& pip install --upgrade pip \
&& pip install supervisor \
&& yum clean -y all

COPY --from=installing $JAVA_HOME $JAVA_HOME
COPY --from=cleanup /opt/tomcat/ /opt/tomcat/
COPY --from=cleanup /opt/tomee/ /opt/tomee/
COPY --from=cleanup /opt/grouper/ /opt/grouper/

RUN groupadd -r tomcat \
&& useradd -r -m -s /sbin/nologin -g tomcat tomcat \
&& mkdir -p /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/work/ \
&& chown -R tomcat:tomcat /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/work/ \
&& chown -R tomcat:tomcat /opt/tomee/logs/ /opt/tomee/temp/ /opt/tomee/work/

COPY container_files/tier-support/ /opt/tier-support/
COPY container_files/usr-local-bin/ /usr/local/bin/
COPY container_files/httpd/* /etc/httpd/conf.d/
COPY container_files/shibboleth/* /etc/shibboleth/

RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \
&& sed -i 's/LogFormat "/LogFormat "httpd;access_log;%{ENV}e;%{USERTOKEN}e;/g' /etc/httpd/conf/httpd.conf \
&& echo -e "\nErrorLogFormat \"httpd;error_log;%{ENV}e;%{USERTOKEN}e;[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i\"" >> /etc/httpd/conf/httpd.conf \
&& sed -i 's/CustomLog "logs\/access_log"/CustomLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \
&& sed -i 's/ErrorLog "logs\/error_log"/ErrorLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \
&& echo -e "\nPassEnv ENV" >> /etc/httpd/conf/httpd.conf \
&& echo -e "\nPassEnv USERTOKEN" >> /etc/httpd/conf/httpd.conf

WORKDIR /opt/grouper/grouper.apiBinary/

EXPOSE 80 443

CMD ["bin/gsh", "-loader"]
@@ -1,84 +1,64 @@
node('docker') {

stage 'Checkout'

checkout scm

stage 'Acquire util'

sh 'mkdir -p tmp'
dir('tmp'){
git([ url: "https://github.internet2.edu/docker/util.git",
credentialsId: "jenkins-github-access-token" ])
sh 'ls'
sh 'mv bin/* ../bin/.'
}
stage 'Environment'

def maintainer = maintainer()
def imagename = imagename()
def tag = env.BRANCH_NAME

// Tag images created on master branch with 'latest'
if(env.BRANCH_NAME == "master"){
tag = "latest"
}else{
tag = env.BRANCH_NAME
}

if(!imagename){
echo "You must define an imagename in common.bash"
currentBuild.result = 'FAILURE'
pipeline {
agent any
environment {
maintainer = "t"
imagename = 'g'
tag = 'l'
}
if(maintainer){
echo "Building ${maintainer}:${tag} for ${maintainer}"
stages {
stage('Setting build context') {
steps {
script {
maintainer = maintain()
imagename = imagename()
if(env.BRANCH_NAME == "master") {
tag = "latest"
} else {
tag = env.BRANCH_NAME
}
if(!imagename){
echo "You must define an imagename in common.bash"
currentBuild.result = 'FAILURE'
}
}
}
}
stage('Build') {
steps {
echo 'step 2'
}
}
stage('Push') {
steps {
script {
docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") {
def baseImg = docker.build("$maintainer/$imagename")
baseImg.push("$tag")
}
}
}
}
stage('Notify') {
steps{
echo "$maintainer"
slackSend color: 'good', message: "$maintainer/$imagename:$tag pushed to DockerHub"
}
}
}

stage 'Build'
try{
sh 'bin/rebuild.sh >> debug'
} catch(error) {
def error_details = readFile('./debug');
def message = "BUILD ERROR: There was a problem building the Base Image. \n\n ${error_details}"
sh "rm -f ./debug"
handleError(message)
post {
always {
echo 'I will always say Hello again!'
}
failure {
// slackSend color: 'good', message: "Build failed"
handleError("BUILD ERROR: There was a problem building ${maintainer}/${imagename}:${tag}.")
}
}
stage 'Start container'

sh 'bin/ci-run.sh'

stage 'Tests'

try{
sh 'bin/test.sh &> debug'
} catch(error) {
def error_details = readFile('./debug');
def message = "BUILD ERROR: There was a problem testing ${imagename}:${tag}. \n\n ${error_details}"
sh "rm -f ./debug"
handleError(message)
}

stage 'Stop container'

sh 'bin/ci-stop.sh'

stage 'Push'
docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") {
def baseImg = docker.build("$maintainer/$imagename", "--no-cache .")
baseImg.push("$tag")
// Push to private repo to do security scan on container
// baseImg = docker.build("tieradmin/security-scan-$imagename")
// baseImg.push("$tag")
}

stage 'Notify'

slackSend color: 'good', message: "$maintainer/$imagename:$tag pushed to DockerHub"


}

def maintainer() {

def maintain() {
def matcher = readFile('common.bash') =~ 'maintainer="(.+)"'
matcher ? matcher[0][1] : 'tier'
}
@@ -92,5 +72,6 @@ def handleError(String message){
echo "${message}"
currentBuild.setResult("FAILED")
slackSend color: 'danger', message: "${message}"
//step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'chris.bynum@levvel.io', sendToIndividuals: true])
sh 'exit 1'
}
Oops, something went wrong.

0 comments on commit 1893330

Please sign in to comment.
You can’t perform that action at this time.