GRP-3467: alternative status url that is outside of the authenticated

path

Dockerfile

@@ -6,7 +6,7 @@ RUN yum update -y \
 RUN yum install -y wget tar unzip dos2unix patch
 
 ARG GROUPER_CONTAINER_VERSION
-ENV GROUPER_VERSION=2.5.50 \
+ENV GROUPER_VERSION=2.5.51 \
      GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION
 
 # Install Corretto Java JDK
@@ -32,7 +32,7 @@ RUN echo 'Installing Grouper'; \
     cd /opt/grouper/$GROUPER_VERSION/ \
     && $JAVA_HOME/bin/java -cp :grouperInstaller.jar edu.internet2.middleware.grouperInstaller.GrouperInstaller
 FROM centos:centos7 as cleanup
-ENV GROUPER_VERSION=2.5.50 \
+ENV GROUPER_VERSION=2.5.51 \
     TOMEE_VERSION=7.0.0
 RUN mkdir -p /opt/grouper/grouperWebapp/
 RUN mkdir -p /opt/tomee/

container_files/tier-support/test/grouperContainerUnitTest.sh

@@ -5,7 +5,7 @@ if [ "$#" -ne 4 ]; then
   exit 1
 fi
 
-expectedSuccesses=712
+expectedSuccesses=715
 
 export containerName=$1
 export imageName=$2

container_files/tier-support/test/grouperContainerUnitTestUi.sh

@@ -46,6 +46,7 @@ testContainerUi() {
   assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "RewriteRule"
   assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "#RewriteRule"
   assertFileContains /etc/httpd/conf.d/grouper-www.conf "RewriteRule"
+  assertFileContains /etc/httpd/conf.d/grouper-www.conf "ProxyPass /status_grouper/status ajp://localhost:8009/grouper/status timeout=2401"
   assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "#RewriteRule"
   assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__"
   assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf cachain.pem

container_files/tier-support/test/grouperContainerUnitTestUi2.sh

@@ -12,11 +12,11 @@ testContainerUi2() {
   echo
   echo '################'
   echo Running container as ui
-  echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_SSL_USE_STAPLING=false -e GROUPER_SSL_CERT_FILE=/a/b/cert -e GROUPER_SSL_KEY_FILE=/a/b/key -e GROUPER_SSL_CHAIN_FILE=/a/b/chain -e GROUPER_REDIRECT_FROM_SLASH_TO_GROUPER=false $imageName ui"
+  echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_SSL_USE_STAPLING=false -e GROUPER_SSL_CERT_FILE=/a/b/cert -e GROUPER_SSL_KEY_FILE=/a/b/key -e GROUPER_SSL_CHAIN_FILE=/a/b/chain -e GROUPER_REDIRECT_FROM_SLASH_TO_GROUPER=false -e GROUPER_APACHE_STATUS_PATH=none $imageName ui"
   echo '################'
   echo
 
-  docker run --detach --name $containerName --publish 443:443 -e GROUPER_SSL_USE_STAPLING=false -e GROUPER_SSL_CERT_FILE=/a/b/cert -e GROUPER_SSL_KEY_FILE=/a/b/key -e GROUPER_SSL_CHAIN_FILE=/a/b/chain -e GROUPER_REDIRECT_FROM_SLASH_TO_GROUPER=false  $imageName ui
+  docker run --detach --name $containerName --publish 443:443 -e GROUPER_SSL_USE_STAPLING=false -e GROUPER_SSL_CERT_FILE=/a/b/cert -e GROUPER_SSL_KEY_FILE=/a/b/key -e GROUPER_SSL_CHAIN_FILE=/a/b/chain -e GROUPER_REDIRECT_FROM_SLASH_TO_GROUPER=false -e GROUPER_APACHE_STATUS_PATH=none $imageName ui
   sleep $globalSleepSecondsAfterRun
 
 
@@ -45,6 +45,8 @@ testContainerUi2() {
   assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https"
   assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "#RewriteRule"
   assertFileContains /etc/httpd/conf.d/grouper-www.conf "#RewriteRule"
+  assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "grouper/status"
+
   assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__"
   assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf cachain.pem
   assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf /etc/pki/tls/certs/localhost.crt

container_files/tier-support/test/grouperContainerUnitTestUiDifferentPorts.sh

@@ -12,11 +12,11 @@ testContainerUiDifferentPorts() {
   echo
   echo '################'
   echo Running container as ui with self signed cert with different ports
-  echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_APACHE_AJP_TIMEOUT_SECONDS=2999 -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_APACHE_SSL_PORT=444 -e GROUPER_APACHE_NONSSL_PORT=81 -e GROUPER_TOMCAT_HTTP_PORT=8600 -e GROUPER_TOMCAT_AJP_PORT=8601 -e GROUPER_TOMCAT_SHUTDOWN_PORT=8602 $imageName ui"
+  echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_APACHE_AJP_TIMEOUT_SECONDS=2999 -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_APACHE_SSL_PORT=444 -e GROUPER_APACHE_NONSSL_PORT=81 -e GROUPER_TOMCAT_HTTP_PORT=8600 -e GROUPER_TOMCAT_AJP_PORT=8601 -e GROUPER_TOMCAT_SHUTDOWN_PORT=8602 -e GROUPER_APACHE_STATUS_PATH=/status2_grouper/status $imageName ui"
   echo '################'
   echo
 
-  docker run --detach --name $containerName --publish 443:443 -e GROUPER_APACHE_AJP_TIMEOUT_SECONDS=2999 -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_APACHE_SSL_PORT=444 -e GROUPER_APACHE_NONSSL_PORT=81 -e GROUPER_TOMCAT_HTTP_PORT=8600 -e GROUPER_TOMCAT_AJP_PORT=8601 -e GROUPER_TOMCAT_SHUTDOWN_PORT=8602 $imageName ui
+  docker run --detach --name $containerName --publish 443:443 -e GROUPER_APACHE_AJP_TIMEOUT_SECONDS=2999 -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_APACHE_SSL_PORT=444 -e GROUPER_APACHE_NONSSL_PORT=81 -e GROUPER_TOMCAT_HTTP_PORT=8600 -e GROUPER_TOMCAT_AJP_PORT=8601 -e GROUPER_TOMCAT_SHUTDOWN_PORT=8602 -e GROUPER_APACHE_STATUS_PATH=/status2_grouper/status $imageName ui
   sleep $globalSleepSecondsAfterRun
 
   assertEnvVar GROUPER_APACHE_NONSSL_PORT "81"
@@ -31,6 +31,7 @@ testContainerUiDifferentPorts() {
   assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "3600"
   assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "2400"
   assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__"
+  assertFileContains /etc/httpd/conf.d/grouper-www.conf "ProxyPass /status2_grouper/status ajp://localhost:8601/grouper/status timeout=2401"
   assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https"
   assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 444 https"
   assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__"

container_files/tier-support/test/rebuildTestContainer.sh

@@ -1,36 +1,36 @@
-#/bin/bash
-
-if [ "$#" -ne 3 ]; then
-  echo "You must enter exactly 3 command line arguments: grouper base image name, grouper base container version, grouper_container_git_base_dir"
-  echo "rebuildTestContainer.sh i2incommon/grouper:2.5.35 2.5.35 /mnt/c/git/grouper_container"
-  exit 1
-fi
-
-export grouperBaseImageName=$1
-export grouperBaseContainerVersion=$2
-export grouperContainerGitPath=$3
-export subimageName=my-grouper-$2
-
-export reldir=`dirname $0`
-cd $reldir
-
-# /mnt/c/mchyzer/git/grouper_container
-mkdir -p slashRoot/usr/local/bin
-rsync -avzpl $grouperContainerGitPath/container_files/usr-local-bin/* slashRoot/usr/local/bin
-
-mkdir -p slashRoot/etc/httpd/conf.d
-rsync -avzpl $grouperContainerGitPath/container_files/httpd/* slashRoot/etc/httpd/conf.d
-
-mkdir -p slashRoot/opt/tier-support/originalFiles
-rsync -avzpl etc/httpd/conf.d/ssl-enabled.conf slashRoot/opt/tier-support/originalFiles
-
-rsync -avzpl $grouperContainerGitPath/container_files/tier-support/test/grouper*.sh $reldir
-
-#mkdir -p slashRoot/opt/tomee/conf
-#rsync -avzpl $grouperContainerGitPath/container_files/tomee/conf/* slashRoot/opt/tomee/conf/
-
-sed -i "s|__BASE_CONTAINER__|$grouperBaseImageName|g" "testContainer.Dockerfile"
-
-docker build -f testContainer.Dockerfile -t $subimageName --build-arg GROUPER_VERSION=$grouperBaseContainerVersion $reldir
-
+#/bin/bash
+
+if [ "$#" -ne 3 ]; then
+  echo "You must enter exactly 3 command line arguments: grouper base image name, grouper base container version, grouper_container_git_base_dir"
+  echo "rebuildTestContainer.sh i2incommon/grouper:2.5.35 2.5.35 /mnt/c/git/grouper_container"
+  exit 1
+fi
+
+export grouperBaseImageName=$1
+export grouperBaseContainerVersion=$2
+export grouperContainerGitPath=$3
+export subimageName=my-grouper-$2
+
+export reldir=`dirname $0`
+cd $reldir
+
+# /mnt/c/mchyzer/git/grouper_container
+mkdir -p slashRoot/usr/local/bin
+rsync -avzpl $grouperContainerGitPath/container_files/usr-local-bin/* slashRoot/usr/local/bin
+
+mkdir -p slashRoot/etc/httpd/conf.d
+rsync -avzpl $grouperContainerGitPath/container_files/httpd/* slashRoot/etc/httpd/conf.d
+
+mkdir -p slashRoot/opt/tier-support/originalFiles
+rsync -avzpl $grouperContainerGitPath/container_files/httpd/ssl-enabled.conf slashRoot/opt/tier-support/originalFiles
+
+rsync -avzpl $grouperContainerGitPath/container_files/tier-support/test/grouper*.sh $reldir
+
+#mkdir -p slashRoot/opt/tomee/conf
+#rsync -avzpl $grouperContainerGitPath/container_files/tomee/conf/* slashRoot/opt/tomee/conf/
+
+sed -i "s|__BASE_CONTAINER__|$grouperBaseImageName|g" "testContainer.Dockerfile"
+
+docker build -f testContainer.Dockerfile -t $subimageName --build-arg GROUPER_VERSION=$grouperBaseContainerVersion $reldir
+
 echo "Run tests with: ./grouperContainerUnitTest.sh grouper-test $subimageName:latest $grouperBaseContainerVersion $grouperBaseContainerVersion"

container_files/usr-local-bin/libraryPrep.sh

@@ -451,6 +451,11 @@ prep_finishBegin() {
       export GROUPER_SHIB_LOG_USE_PIPE=true
     fi
 
+    if [ -z "$GROUPER_APACHE_STATUS_PATH" ] ; then 
+      echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_APACHE_STATUS_PATH=/status_grouper/status"
+      export GROUPER_APACHE_STATUS_PATH=/status_grouper/status
+    fi
+
     #Replace web.xml session timeout with env variable
     if [[ -z "$GROUPER_TOMCAT_SESSION_TIMEOUT_MINUTES" ]]; then
       if [[ "$GROUPER_UI" != 'true' ]] && [[ "$GROUPER_WS" = 'true' ]]; then

container_files/usr-local-bin/librarySetupFilesApache.sh

@@ -124,6 +124,19 @@ setupFilesApache_remoteip() {
 
 }
 
+setupFilesApache_status() {
+  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_STATUS_PATH" ] && [ "$GROUPER_APACHE_STATUS_PATH" != "" ] && [ "$GROUPER_APACHE_STATUS_PATH" != "none" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
+    then
+      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_status) Appending status to grouper-www.conf"
+      echo >> /etc/httpd/conf.d/grouper-www.conf
+      # ProxyPass /status_grouper/status ajp://localhost:8009/grouper/status timeout=2401
+      echo "ProxyPass $GROUPER_APACHE_STATUS_PATH ajp://localhost:$GROUPER_TOMCAT_AJP_PORT/$GROUPER_TOMCAT_CONTEXT/status timeout=2401" >> /etc/httpd/conf.d/grouper-www.conf
+      returnCode=$?
+      echo >> /etc/httpd/conf.d/grouper-www.conf
+      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_status) echo \"ProxyPass $GROUPER_APACHE_STATUS_PATH ajp://localhost:$GROUPER_TOMCAT_AJP_PORT/$GROUPER_TOMCAT_CONTEXT/status timeout=2401\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
+      if [ $returnCode != 0 ]; then exit $returnCode; fi
+  fi
+}
 
 setupFilesApache_supervisor() {
   if [ "$GROUPER_RUN_APACHE" = "true" ]
@@ -164,6 +177,7 @@ setupFilesApache() {
   setupFilesApache_ports
   setupFilesApache_remoteip
   setupFilesApache_ssl
+  setupFilesApache_status
   setupFilesApache_serverName
   setupFilesApache_indexes
 }
@@ -174,6 +188,7 @@ setupFilesApache_unsetAll() {
   unset -f setupFilesApache_ports
   unset -f setupFilesApache_remoteip
   unset -f setupFilesApache_ssl
+  unset -f setupFilesApache_status
   unset -f setupFilesApache_supervisor
   unset -f setupFilesApache_unsetAll
   unset -f setupFilesApache_serverName
@@ -185,6 +200,7 @@ setupFilesApache_exportAll() {
   export -f setupFilesApache_ports
   export -f setupFilesApache_remoteip
   export -f setupFilesApache_ssl
+  export -f setupFilesApache_status
   export -f setupFilesApache_supervisor
   export -f setupFilesApache_unsetAll
   export -f setupFilesApache_serverName