From 5e8fd658103604baafd7cafb017583516226e03c Mon Sep 17 00:00:00 2001 From: Shilen Patel Date: Fri, 13 Jan 2023 10:55:00 -0500 Subject: [PATCH] GRP-4567: Upgrade Java and Tomcat and remove PSU SCIM (commit 1) --- Dockerfile | 4 ++-- .../containerDockerfileInstall.sh | 2 +- .../containerDockerfileInstallGrouper.sh | 2 +- .../containerDockerfileInstallJava.sh | 2 +- .../containerDockerfileInstallPermissions.sh | 24 +++++++++---------- container_files/usr-local-bin/libraryPrep.sh | 4 ++-- .../usr-local-bin/librarySetupFilesTomcat.sh | 12 +++++----- 7 files changed, 25 insertions(+), 25 deletions(-) diff --git a/Dockerfile b/Dockerfile index 53a8d68f..fbb3b2b3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ ARG GROUPER_CONTAINER_VERSION ENV GROUPER_VERSION=2.6.20 \ GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION \ - JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto \ + JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto \ PATH=$PATH:$JAVA_HOME/bin \ GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF @@ -26,7 +26,7 @@ RUN yum update -y \ # Install Corretto Java JDK #Corretto download page: https://docs.aws.amazon.com/corretto/latest/corretto-8-ug/downloads-list.html -ARG JAVA_VERSION=1.8.0 +ARG JAVA_VERSION=17 # real copy command (if not caching), uncomment this and change comments of COPY above to work on install script COPY container_files/ /opt/container_files/ diff --git a/container_files/docker-build-bin/containerDockerfileInstall.sh b/container_files/docker-build-bin/containerDockerfileInstall.sh index 4d768ec3..9410893d 100644 --- a/container_files/docker-build-bin/containerDockerfileInstall.sh +++ b/container_files/docker-build-bin/containerDockerfileInstall.sh @@ -1,6 +1,6 @@ #!/bin/bash -# $1 ARG JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto +# $1 ARG JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto # $2 ARG GROUPER_VERSION=2.6.14 JAVA_HOME=$1 GROUPER_VERSION=$2 diff --git a/container_files/docker-build-bin/containerDockerfileInstallGrouper.sh b/container_files/docker-build-bin/containerDockerfileInstallGrouper.sh index 3fc531d3..9d2f6d50 100644 --- a/container_files/docker-build-bin/containerDockerfileInstallGrouper.sh +++ b/container_files/docker-build-bin/containerDockerfileInstallGrouper.sh @@ -1,6 +1,6 @@ #!/bin/bash -# $1 ARG JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto +# $1 ARG JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto # $2 ARG GROUPER_VERSION=2.6.14 JAVA_HOME=$1 GROUPER_VERSION=$2 diff --git a/container_files/docker-build-bin/containerDockerfileInstallJava.sh b/container_files/docker-build-bin/containerDockerfileInstallJava.sh index 4bf92a49..e39ff36c 100644 --- a/container_files/docker-build-bin/containerDockerfileInstallJava.sh +++ b/container_files/docker-build-bin/containerDockerfileInstallJava.sh @@ -1,6 +1,6 @@ #!/bin/bash -# $1 ARG JAVA_VERSION=1.8.0 +# $1 ARG JAVA_VERSION=17 JAVA_VERSION=$1 diff --git a/container_files/docker-build-bin/containerDockerfileInstallPermissions.sh b/container_files/docker-build-bin/containerDockerfileInstallPermissions.sh index 74ed75f6..541307ee 100644 --- a/container_files/docker-build-bin/containerDockerfileInstallPermissions.sh +++ b/container_files/docker-build-bin/containerDockerfileInstallPermissions.sh @@ -11,19 +11,19 @@ group=$2 # this needs to exist mkdir -p /opt/tier -lines=$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -user $user -print | wc -l) +lines=$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -user $user -print | wc -l) if [ $lines -ne 0 ]; then - chown $user:$group $(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -user $user -print) + chown $user:$group $(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -user $user -print) returnCode=$? - echo "grouperDockerfile; INFO: ($0) chown $user:$group \$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -user $user -print), result: $returnCode" + echo "grouperDockerfile; INFO: ($0) chown $user:$group \$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -user $user -print), result: $returnCode" if [ $returnCode != 0 ]; then exit $returnCode; fi fi -lines=$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -group $group -print | wc -l) +lines=$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -group $group -print | wc -l) if [ $lines -ne 0 ]; then - chown $user:$group $(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -group $group -print) + chown $user:$group $(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -group $group -print) returnCode=$? - echo "grouperDockerfile; INFO: ($0) chown $user:$group \$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -group $group -print), result: $returnCode" + echo "grouperDockerfile; INFO: ($0) chown $user:$group \$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o ! -group $group -print), result: $returnCode" if [ $returnCode != 0 ]; then exit $returnCode; fi fi @@ -35,19 +35,19 @@ if [ $lines -ne 0 ]; then if [ $returnCode != 0 ]; then exit $returnCode; fi fi -lines=$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -type f ! -perm -g+rw -print | wc -l) +lines=$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -type f ! -perm -g+rw -print | wc -l) if [ $lines -ne 0 ]; then - chmod g+rw $(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -type f ! -perm -g+rw -print) + chmod g+rw $(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -type f ! -perm -g+rw -print) returnCode=$? - echo "grouperDockerfile; INFO: ($0) chmod g+rw \$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -type f ! -perm -g+rw -print), result: $returnCode" + echo "grouperDockerfile; INFO: ($0) chmod g+rw \$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -type f ! -perm -g+rw -print), result: $returnCode" if [ $returnCode != 0 ]; then exit $returnCode; fi fi -lines=$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -perm -o+w -print | wc -l) +lines=$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -perm -o+w -print | wc -l) if [ $lines -ne 0 ]; then - chmod o-w $(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -perm -o+w -print) + chmod o-w $(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -perm -o+w -print) returnCode=$? - echo "grouperDockerfile; INFO: ($0) chmod o-w \$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d /usr/lib/jvm/java/jre/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -perm -o+w -print), result: $returnCode" + echo "grouperDockerfile; INFO: ($0) chmod o-w \$(find /home/$user /opt/container_files /opt/grouper /opt/tier /opt/tier-support /opt/tomee /etc/httpd/conf /home/tomcat /usr/local/bin /etc/httpd/conf.d $JAVA_HOME/lib/security/cacerts -path /opt/grouper/slashRoot -prune -o -path /opt/grouper/logs -prune -o -perm -o+w -print), result: $returnCode" if [ $returnCode != 0 ]; then exit $returnCode; fi fi diff --git a/container_files/usr-local-bin/libraryPrep.sh b/container_files/usr-local-bin/libraryPrep.sh index 5a6c4fcc..44639952 100644 --- a/container_files/usr-local-bin/libraryPrep.sh +++ b/container_files/usr-local-bin/libraryPrep.sh @@ -500,8 +500,8 @@ prep_finishEnd() { export GROUPER_PUT_JAVA_HOME_IN_BASHRC=true fi if [ -z "$GROUPER_JAVA_HOME" ]; then - echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishEnd) export GROUPER_JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto" - export GROUPER_JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto + echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishEnd) export GROUPER_JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto" + export GROUPER_JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto fi if [ -z "$GROUPER_TOMCAT_LOG_ACCESS" ]; then echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishEnd) export GROUPER_TOMCAT_LOG_ACCESS=false" diff --git a/container_files/usr-local-bin/librarySetupFilesTomcat.sh b/container_files/usr-local-bin/librarySetupFilesTomcat.sh index ad6d73a0..4e23c820 100644 --- a/container_files/usr-local-bin/librarySetupFilesTomcat.sh +++ b/container_files/usr-local-bin/librarySetupFilesTomcat.sh @@ -280,9 +280,9 @@ setupFilesTomcat_sslCertsClient() { if [ -n "$(ls -A /opt/grouper/certs/client/*.pem 2>/dev/null)" ]; then - chmod u+w /usr/lib/jvm/java/jre/lib/security/cacerts + chmod u+w $JAVA_HOME/lib/security/cacerts returnCode=$? - echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_sslCertsAnchors) chmod u+w /usr/lib/jvm/java/jre/lib/security/cacerts , result=$returnCode" + echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_sslCertsAnchors) chmod u+w $JAVA_HOME/lib/security/cacerts , result=$returnCode" if [ $returnCode != 0 ] then exit $returnCode @@ -293,10 +293,10 @@ setupFilesTomcat_sslCertsClient() { fileNameNoExtension=$(basename -- "$fileName") fileNameNoExtension="${fileNameNoExtension%.*}" - /usr/lib/jvm/java/bin/keytool -import -noprompt -keystore /usr/lib/jvm/java/jre/lib/security/cacerts -storepass changeit -alias "$fileNameNoExtension" -file "$fileName" + /usr/lib/jvm/java/bin/keytool -import -noprompt -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -alias "$fileNameNoExtension" -file "$fileName" returnCode=$? - echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_sslCertsAnchors) /usr/lib/jvm/java/bin/keytool -import -noprompt -keystore /usr/lib/jvm/java/jre/lib/security/cacerts -storepass changeit -alias \"$fileNameNoExtension\" -file \"$fileName\" , result=$returnCode" + echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_sslCertsAnchors) /usr/lib/jvm/java/bin/keytool -import -noprompt -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -alias \"$fileNameNoExtension\" -file \"$fileName\" , result=$returnCode" if [ $returnCode != 0 ] then exit $returnCode @@ -304,9 +304,9 @@ setupFilesTomcat_sslCertsClient() { done - chmod u-w /usr/lib/jvm/java/jre/lib/security/cacerts + chmod u-w $JAVA_HOME/lib/security/cacerts returnCode=$? - echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_sslCertsAnchors) chmod u-w /usr/lib/jvm/java/jre/lib/security/cacerts , result=$returnCode" + echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_sslCertsAnchors) chmod u-w $JAVA_HOME/lib/security/cacerts , result=$returnCode" if [ $returnCode != 0 ] then exit $returnCode