v2.5.28 re-organization

container_files/httpd/grouper-www.conf

@@ -1,16 +1,21 @@
 
-Timeout 2400
-ProxyTimeout 2400
+Timeout __GROUPER_APACHE_AJP_TIMEOUT_SECONDS__
+ProxyTimeout __GROUPER_APACHE_AJP_TIMEOUT_SECONDS__
 ProxyBadHeader Ignore
 
-# the variable for __THE _ AJP _ URL__ (no spaces) will be replaced with something like: ajp://localhost:8009/grouper   on startup
-# the variable for __GROUPER _ PROXY _ PASS__ (no spaces) will be replaced with comment or blank on startup if running grouper url
-# the variable for __GROUPERWS _ PROXY _ PASS__ (no spaces) will be replaced with comment or blank on startup if running grouper-ws url
-# the variable for __GROUPERSCIM _ PROXY _ PASS__ (no spaces) will be replaced with comment of blank on startup if running grouper-ws-scim url
-__GROUPER_PROXY_PASS__ProxyPass /grouper         __THE_AJP_URL__  timeout=2400
-__GROUPERWS_PROXY_PASS__ProxyPass /grouper-ws      __THE_AJP_URL__  timeout=2400
-__GROUPERSCIM_PROXY_PASS__ProxyPass /grouper-ws-scim __THE_AJP_URL__  timeout=2400
+# the variable for _ _GROUPER_APACHE_AJP_TIMEOUT_SECONDS_ _ will be replaced to default for one hour on startup env var $GROUPER_APACHE_AJP_TIMEOUT_SECONDS
+# the variable for _ _THE_AJP_URL_ _ (no spaces) will be replaced with something like: ajp://localhost:port/grouper   on startup
+# the variable for _ _GROUPER_PROXY_PASS_ _ (no spaces) will be replaced with comment or blank on startup if running grouper url
+# the variable for _ _GROUPERWS_PROXY_PASS_ _ (no spaces) will be replaced with comment or blank on startup if running grouper-ws url
+# the variable for _ _GROUPERSCIM_PROXY_PASS_ _ (no spaces) will be replaced with comment of blank on startup if running grouper-ws-scim url
+# the variable for _ _GROUPER_TOMCAT_CONTEXT_ _ (no spaces) will be replaced with the env var $GROUPER_TOMCAT_CONTEXT
+# the variable for _ _GROUPER_URL_CONTEXT_ _ (no spaces) will be replaced with the env var $GROUPER_URL_CONTEXT
+# the variable for _ _GROUPERWS_URL_CONTEXT_ _ (no spaces) will be replaced with the env var $GROUPERWS_URL_CONTEXT
+# the variable for _ _GROUPERSCIM_URL_CONTEXT_ _ (no spaces) will be replaced with the env var $GROUPERSCIM_URL_CONTEXT
+__GROUPER_PROXY_PASS__ProxyPass /__GROUPER_URL_CONTEXT__ ajp://localhost:8009/__GROUPER_TOMCAT_CONTEXT__ timeout=__GROUPER_APACHE_AJP_TIMEOUT_SECONDS__
+__GROUPERWS_PROXY_PASS__ProxyPass /__GROUPERWS_URL_CONTEXT__ ajp://localhost:8009/__GROUPER_TOMCAT_CONTEXT__ timeout=__GROUPER_APACHE_AJP_TIMEOUT_SECONDS__
+__GROUPERSCIM_PROXY_PASS__ProxyPass /__GROUPERSCIM_URL_CONTEXT__ ajp://localhost:8009/__GROUPER_TOMCAT_CONTEXT__ timeout=__GROUPER_APACHE_AJP_TIMEOUT_SECONDS__
 
 __GROUPER_PROXY_PASS__RewriteEngine on
-__GROUPER_PROXY_PASS__RewriteRule   "^/$"  "/grouper/"  [R]
+__GROUPER_PROXY_PASS__RewriteRule "^/$" "/__GROUPER_URL_CONTEXT__/" [R]
 

container_files/httpd/ssl-enabled.conf

@@ -10,8 +10,11 @@ SSLStaplingResponderTimeout 5
 SSLStaplingReturnResponderErrors off
 SSLStaplingCache        shmcb:/var/run/ocsp(128000)
 
-Listen 443 https
-<VirtualHost *:443>
+Listen __GROUPER_APACHE_SSL_PORT__ https
+<VirtualHost *:__GROUPER_APACHE_SSL_PORT__>
+
+__GROUPER_PROXY_PASS__  RewriteEngine on
+__GROUPER_PROXY_PASS__  RewriteRule "^/$" "/grouper/"  [R]
 
   SSLEngine on
   SSLCertificateChainFile /etc/pki/tls/certs/cachain.pem

container_files/tier-support/ssl-enabled.conf

@@ -7,10 +7,12 @@ SSLUseStapling          on
 SSLStaplingResponderTimeout 5
 SSLStaplingReturnResponderErrors off
 SSLStaplingCache        shmcb:/var/run/ocsp(128000)
-Listen 443 https
-<VirtualHost *:443>
-  RewriteEngine on
-  RewriteRule   "^/$"  "/grouper/"  [R]
+Listen __GROUPER_APACHE_SSL_PORT__ https
+<VirtualHost *:__GROUPER_APACHE_SSL_PORT__>
+
+__GROUPER_PROXY_PASS__  RewriteEngine on
+__GROUPER_PROXY_PASS__  RewriteRule "^/$" "/grouper/"  [R]
+
   SSLEngine on
   #SSLCertificateChainFile /etc/pki/tls/certs/localhost.crt
   SSLCertificateFile /etc/pki/tls/certs/localhost.crt

container_files/tier-support/supervisord-base.conf

@@ -3,7 +3,7 @@ logfile=/tmp/logsuperd                               ; supervisord log file
 logfile_maxbytes=0                           ; maximum size of logfile before rotation
 loglevel=error                                  ; info, debug, warn, trace
 nodaemon=true                                  ; run supervisord as a daemon
-user=root                                       ; default user
+__GROUPER_RUN_PROCESSES_AS_USERS__user=root                                       ; default user
 
 [rpcinterface:supervisor]
 supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

container_files/tier-support/supervisord-hsqldb.conf

@@ -1,5 +1,5 @@
 [program:hsqldb]
-user=tomcat
+__GROUPER_RUN_PROCESSES_AS_USERS__user=tomcat
 directory=/opt/hsqldb
 command=/usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java -cp /opt/grouper/grouperWebapp/WEB-INF/lib/hsqldb-2.3.5.jar org.hsqldb.Server -port 9001 -database.0 file:/opt/hsqldb/grouperHSQL -dbname.0 grouper
 stderr_logfile = /tmp/loghsqldb

container_files/tier-support/supervisord-shibsp.conf

@@ -1,5 +1,5 @@
 [program:shibbolethsp]
-user=shibd
+__GROUPER_RUN_PROCESSES_AS_USERS__user=shibd
 command=/usr/sbin/shibd -f -F
 stderr_logfile = /tmp/logshibd
 stderr_logfile_maxbytes=0

container_files/tier-support/supervisord-tomee.conf

@@ -1,5 +1,5 @@
 [program:tomee]
-user=tomcat
+__GROUPER_RUN_PROCESSES_AS_USERS__user=tomcat
 command=/opt/tomee/bin/catalina.sh run 
 stderr_logfile = /tmp/logtomcat
 stderr_logfile_maxbytes=0

container_files/tier-support/supervisord.conf

@@ -3,7 +3,7 @@ logfile=/tmp/logsuperd                               ; supervisord log file
 logfile_maxbytes=0                           ; maximum size of logfile before rotation
 loglevel=error                                  ; info, debug, warn, trace
 nodaemon=true                                  ; run supervisord as a daemon
-user=root                                       ; default user
+__GROUPER_RUN_PROCESSES_AS_USERS__user=root                                       ; default user
 
 [rpcinterface:supervisor]
 supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

container_files/tier-support/test/grouperContainerUnitTest.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+
+if [ "$#" -ne 3 ]; then
+  echo "You must enter exactly 3 command line arguments: container-name, image-name and container version, e.g. grouper-test my-grouper-2.5.27:latest 2.5.27"
+  exit 1
+fi
+
+expectedSuccesses=412
+
+export containerName=$1
+export imageName=$2
+export containerVersion=$3
+export globalSleepSecondsAfterRun=5
+export globalExitOnError=false
+
+export successCount=0
+export failureCount=0
+
+. ./grouperContainerUnitTestLibrary.sh
+
+. ./grouperContainerUnitTestDaemon.sh
+. ./grouperContainerUnitTestUi.sh
+. ./grouperContainerUnitTestUiNoSsl.sh
+. ./grouperContainerUnitTestUiDifferentPorts.sh
+. ./grouperContainerUnitTestSlashRoot.sh
+. ./grouperContainerUnitTestSelfSigned.sh
+. ./grouperContainerUnitTestScim.sh
+. ./grouperContainerUnitTestWs.sh
+. ./grouperContainerUnitTestQuickstart.sh
+
+
+testContainerUi
+testContainerUiNoSsl
+testContainerSlashRoot
+testContainerSelfSigned
+testContainerUiDifferentPorts
+testContainerScim
+testContainerWs
+testContainerQuickstart
+testContainerDaemon
+
+dockerRemoveContainer
+echo ""
+echo "$successCount successes, $failureCount failures"
+if [ "$successCount" = "$expectedSuccesses" ] && [ "$failureCount" = "0" ]  ; then
+  success=true
+  echo "SUCCESS!"
+else
+  success=false
+  echo "ERROR, expected $expectedSuccesses successes and 0 failures"
+fi
+echo ""
+unset -f containerName
+unset -f imageName
+unset -f containerVersion
+unset -f globalSleepSecondsAfterRun
+unset -f testContainerQuickstart
+unset -f testContainerDaemon
+unset -f testContainerUi
+unset -f testContainerUiNoSsl
+unset -f testContainerUiDifferentPorts
+unset -f testContainerSlashRoot
+unset -f testContainerSelfSigned
+unset -f testContainerScim
+unset -f testContainerWs
+unset -f successCount
+unset -f failureCount
+grouperContainerUnitTestLibrary_unsetAll
+
+if [ "$success" = "true" ]; then
+  exit 0
+else
+  exit 1
+fi

container_files/tier-support/test/grouperContainerUnitTestDaemon.sh

@@ -0,0 +1,86 @@
+#!/bin/bash
+
+testContainerDaemon() {
+
+  if [ "$#" -ne 0 ]; then
+    echo "You must enter exactly 0 command line arguments"
+    exit 1
+  fi
+
+  dockerRemoveContainer
+
+  echo
+  echo '################'
+  echo Running container as daemon
+  echo "docker run --detach --name $containerName --publish 443:443 $imageName daemon"
+  echo '################'
+  echo
+
+  docker run --detach --name $containerName --publish 443:443 $imageName daemon
+  sleep $globalSleepSecondsAfterRun
+
+  assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libWs/axis2-kernel-1.6.4.jar
+  assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/axis2-kernel-1.6.4.jar
+  assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libScim/stax-api-1.0-2.jar
+  assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/stax-api-1.0-2.jar
+  assertFileExists /opt/grouper/grouperWebapp/WEB-INF/lib/grouper-messaging-activemq-2.5.27.jar
+  assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/grouper-messaging-activemq-2.5.27.jar
+
+  assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https"
+  assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__"
+  assertFileContains /etc/httpd/conf/httpd.conf "Listen 80"
+  assertFileNotContains /opt/tier-support/supervisord.conf "program:shibbolethsp"
+  assertFileContains /opt/tier-support/supervisord.conf "program:tomee"
+  assertFileNotContains /opt/tier-support/supervisord.conf "program:httpd"
+  assertFileNotContains /opt/tier-support/supervisord.conf "program:hsqldb"
+  assertFileNotContains /opt/tier-support/supervisord.conf "user=shibd"
+  assertFileNotContains /opt/tier-support/supervisord.conf "__"
+
+  assertFileContains /etc/httpd/conf.d/grouper-www.conf "3600"
+  assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__"
+
+  assertEnvVar GROUPERSCIM_PROXY_PASS "#"
+  assertEnvVar GROUPERSCIM_URL_CONTEXT "grouper-ws-scim"
+  assertEnvVar GROUPERWS_PROXY_PASS "#"
+  assertEnvVar GROUPERWS_URL_CONTEXT "grouper-ws"
+  assertEnvVar GROUPER_APACHE_AJP_TIMEOUT_SECONDS "3600"
+  assertEnvVar GROUPER_APACHE_NONSSL_PORT "80"
+  assertEnvVar GROUPER_APACHE_SSL_PORT "443"
+  assertEnvVar GROUPER_CHOWN_DIRS "true"
+  assertEnvVar GROUPER_CONTAINER_VERSION "$containerVersion"
+  assertEnvVar GROUPER_DAEMON "true"
+  assertEnvVar GROUPER_GSH_CHECK_USER "true"
+  assertEnvVar GROUPER_GSH_USER "tomcat"
+  assertEnvVar GROUPER_HOME "/opt/grouper/grouperWebapp/WEB-INF"
+  assertEnvVar GROUPER_LOG_PREFIX "grouper-daemon"
+  assertEnvVar GROUPER_MAX_MEMORY "1500m"
+  assertEnvVar GROUPER_PROXY_PASS "#"
+  assertEnvVarNot GROUPER_RUN_APACHE "true"
+  assertEnvVar GROUPER_RUN_PROCESSES_AS_USERS "true"
+  assertEnvVarNot GROUPER_RUN_SHIB_SP "true"
+  assertEnvVar GROUPER_RUN_TOMEE "true"
+  assertEnvVar GROUPER_SCIM "false"
+  assertEnvVar GROUPER_SCIM_GROUPER_AUTH "false"
+  assertEnvVar GROUPER_TOMCAT_CONTEXT "grouper"
+  assertEnvVar GROUPER_UI "false"
+  assertEnvVar GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES "127.0.0.1/32"
+  assertEnvVar GROUPER_UI_GROUPER_AUTH "false"
+  assertEnvVarNot GROUPER_UI_ONLY "true"
+  assertEnvVar GROUPER_URL_CONTEXT "grouper"
+  assertEnvVar GROUPER_USE_SSL "true"
+  assertEnvVar GROUPER_WS "false"
+  assertEnvVar GROUPER_WS_GROUPER_AUTH "false"
+
+  # one for hsqldb
+  assertNumberOfTomcatProcesses 1
+  # bad cert apache wont start
+  assertNumberOfApacheProcesses 0
+  assertNumberOfShibProcesses 0
+
+  assertNotListeningOnPort 443
+  assertNotListeningOnPort 80
+  assertListeningOnPort 8009
+  assertNotListeningOnPort 9001
+
+}
+export -f testContainerDaemon