diff --git a/container_files/httpd/grouper-www.conf b/container_files/httpd/grouper-www.conf index 162141f0..adc13f6f 100644 --- a/container_files/httpd/grouper-www.conf +++ b/container_files/httpd/grouper-www.conf @@ -1,16 +1,21 @@ -Timeout 2400 -ProxyTimeout 2400 +Timeout __GROUPER_APACHE_AJP_TIMEOUT_SECONDS__ +ProxyTimeout __GROUPER_APACHE_AJP_TIMEOUT_SECONDS__ ProxyBadHeader Ignore -# the variable for __THE _ AJP _ URL__ (no spaces) will be replaced with something like: ajp://localhost:8009/grouper on startup -# the variable for __GROUPER _ PROXY _ PASS__ (no spaces) will be replaced with comment or blank on startup if running grouper url -# the variable for __GROUPERWS _ PROXY _ PASS__ (no spaces) will be replaced with comment or blank on startup if running grouper-ws url -# the variable for __GROUPERSCIM _ PROXY _ PASS__ (no spaces) will be replaced with comment of blank on startup if running grouper-ws-scim url -__GROUPER_PROXY_PASS__ProxyPass /grouper __THE_AJP_URL__ timeout=2400 -__GROUPERWS_PROXY_PASS__ProxyPass /grouper-ws __THE_AJP_URL__ timeout=2400 -__GROUPERSCIM_PROXY_PASS__ProxyPass /grouper-ws-scim __THE_AJP_URL__ timeout=2400 +# the variable for _ _GROUPER_APACHE_AJP_TIMEOUT_SECONDS_ _ will be replaced to default for one hour on startup env var $GROUPER_APACHE_AJP_TIMEOUT_SECONDS +# the variable for _ _THE_AJP_URL_ _ (no spaces) will be replaced with something like: ajp://localhost:port/grouper on startup +# the variable for _ _GROUPER_PROXY_PASS_ _ (no spaces) will be replaced with comment or blank on startup if running grouper url +# the variable for _ _GROUPERWS_PROXY_PASS_ _ (no spaces) will be replaced with comment or blank on startup if running grouper-ws url +# the variable for _ _GROUPERSCIM_PROXY_PASS_ _ (no spaces) will be replaced with comment of blank on startup if running grouper-ws-scim url +# the variable for _ _GROUPER_TOMCAT_CONTEXT_ _ (no spaces) will be replaced with the env var $GROUPER_TOMCAT_CONTEXT +# the variable for _ _GROUPER_URL_CONTEXT_ _ (no spaces) will be replaced with the env var $GROUPER_URL_CONTEXT +# the variable for _ _GROUPERWS_URL_CONTEXT_ _ (no spaces) will be replaced with the env var $GROUPERWS_URL_CONTEXT +# the variable for _ _GROUPERSCIM_URL_CONTEXT_ _ (no spaces) will be replaced with the env var $GROUPERSCIM_URL_CONTEXT +__GROUPER_PROXY_PASS__ProxyPass /__GROUPER_URL_CONTEXT__ ajp://localhost:8009/__GROUPER_TOMCAT_CONTEXT__ timeout=__GROUPER_APACHE_AJP_TIMEOUT_SECONDS__ +__GROUPERWS_PROXY_PASS__ProxyPass /__GROUPERWS_URL_CONTEXT__ ajp://localhost:8009/__GROUPER_TOMCAT_CONTEXT__ timeout=__GROUPER_APACHE_AJP_TIMEOUT_SECONDS__ +__GROUPERSCIM_PROXY_PASS__ProxyPass /__GROUPERSCIM_URL_CONTEXT__ ajp://localhost:8009/__GROUPER_TOMCAT_CONTEXT__ timeout=__GROUPER_APACHE_AJP_TIMEOUT_SECONDS__ __GROUPER_PROXY_PASS__RewriteEngine on -__GROUPER_PROXY_PASS__RewriteRule "^/$" "/grouper/" [R] +__GROUPER_PROXY_PASS__RewriteRule "^/$" "/__GROUPER_URL_CONTEXT__/" [R] diff --git a/container_files/httpd/ssl-enabled.conf b/container_files/httpd/ssl-enabled.conf index 0fd5c748..41bcad4b 100644 --- a/container_files/httpd/ssl-enabled.conf +++ b/container_files/httpd/ssl-enabled.conf @@ -10,8 +10,11 @@ SSLStaplingResponderTimeout 5 SSLStaplingReturnResponderErrors off SSLStaplingCache shmcb:/var/run/ocsp(128000) -Listen 443 https - +Listen __GROUPER_APACHE_SSL_PORT__ https + + +__GROUPER_PROXY_PASS__ RewriteEngine on +__GROUPER_PROXY_PASS__ RewriteRule "^/$" "/grouper/" [R] SSLEngine on SSLCertificateChainFile /etc/pki/tls/certs/cachain.pem diff --git a/container_files/tier-support/ssl-enabled.conf b/container_files/tier-support/ssl-enabled.conf index 09aa34c7..c172b744 100644 --- a/container_files/tier-support/ssl-enabled.conf +++ b/container_files/tier-support/ssl-enabled.conf @@ -7,10 +7,12 @@ SSLUseStapling on SSLStaplingResponderTimeout 5 SSLStaplingReturnResponderErrors off SSLStaplingCache shmcb:/var/run/ocsp(128000) -Listen 443 https - - RewriteEngine on - RewriteRule "^/$" "/grouper/" [R] +Listen __GROUPER_APACHE_SSL_PORT__ https + + +__GROUPER_PROXY_PASS__ RewriteEngine on +__GROUPER_PROXY_PASS__ RewriteRule "^/$" "/grouper/" [R] + SSLEngine on #SSLCertificateChainFile /etc/pki/tls/certs/localhost.crt SSLCertificateFile /etc/pki/tls/certs/localhost.crt diff --git a/container_files/tier-support/supervisord-base.conf b/container_files/tier-support/supervisord-base.conf index 3cacdd81..10768344 100644 --- a/container_files/tier-support/supervisord-base.conf +++ b/container_files/tier-support/supervisord-base.conf @@ -3,7 +3,7 @@ logfile=/tmp/logsuperd ; supervisord log file logfile_maxbytes=0 ; maximum size of logfile before rotation loglevel=error ; info, debug, warn, trace nodaemon=true ; run supervisord as a daemon -user=root ; default user +__GROUPER_RUN_PROCESSES_AS_USERS__user=root ; default user [rpcinterface:supervisor] supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface diff --git a/container_files/tier-support/supervisord-hsqldb.conf b/container_files/tier-support/supervisord-hsqldb.conf index 1ccf9adc..0f65fb81 100644 --- a/container_files/tier-support/supervisord-hsqldb.conf +++ b/container_files/tier-support/supervisord-hsqldb.conf @@ -1,5 +1,5 @@ [program:hsqldb] -user=tomcat +__GROUPER_RUN_PROCESSES_AS_USERS__user=tomcat directory=/opt/hsqldb command=/usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java -cp /opt/grouper/grouperWebapp/WEB-INF/lib/hsqldb-2.3.5.jar org.hsqldb.Server -port 9001 -database.0 file:/opt/hsqldb/grouperHSQL -dbname.0 grouper stderr_logfile = /tmp/loghsqldb diff --git a/container_files/tier-support/supervisord-shibsp.conf b/container_files/tier-support/supervisord-shibsp.conf index 81150d96..5b33a0a3 100644 --- a/container_files/tier-support/supervisord-shibsp.conf +++ b/container_files/tier-support/supervisord-shibsp.conf @@ -1,5 +1,5 @@ [program:shibbolethsp] -user=shibd +__GROUPER_RUN_PROCESSES_AS_USERS__user=shibd command=/usr/sbin/shibd -f -F stderr_logfile = /tmp/logshibd stderr_logfile_maxbytes=0 diff --git a/container_files/tier-support/supervisord-tomee.conf b/container_files/tier-support/supervisord-tomee.conf index 9003fad4..52fe3c43 100644 --- a/container_files/tier-support/supervisord-tomee.conf +++ b/container_files/tier-support/supervisord-tomee.conf @@ -1,5 +1,5 @@ [program:tomee] -user=tomcat +__GROUPER_RUN_PROCESSES_AS_USERS__user=tomcat command=/opt/tomee/bin/catalina.sh run stderr_logfile = /tmp/logtomcat stderr_logfile_maxbytes=0 diff --git a/container_files/tier-support/supervisord.conf b/container_files/tier-support/supervisord.conf index fc02363b..ecd11efe 100644 --- a/container_files/tier-support/supervisord.conf +++ b/container_files/tier-support/supervisord.conf @@ -3,7 +3,7 @@ logfile=/tmp/logsuperd ; supervisord log file logfile_maxbytes=0 ; maximum size of logfile before rotation loglevel=error ; info, debug, warn, trace nodaemon=true ; run supervisord as a daemon -user=root ; default user +__GROUPER_RUN_PROCESSES_AS_USERS__user=root ; default user [rpcinterface:supervisor] supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface diff --git a/container_files/tier-support/test/grouperContainerUnitTest.sh b/container_files/tier-support/test/grouperContainerUnitTest.sh new file mode 100644 index 00000000..5697897d --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTest.sh @@ -0,0 +1,74 @@ +#!/bin/bash + +if [ "$#" -ne 3 ]; then + echo "You must enter exactly 3 command line arguments: container-name, image-name and container version, e.g. grouper-test my-grouper-2.5.27:latest 2.5.27" + exit 1 +fi + +expectedSuccesses=412 + +export containerName=$1 +export imageName=$2 +export containerVersion=$3 +export globalSleepSecondsAfterRun=5 +export globalExitOnError=false + +export successCount=0 +export failureCount=0 + +. ./grouperContainerUnitTestLibrary.sh + +. ./grouperContainerUnitTestDaemon.sh +. ./grouperContainerUnitTestUi.sh +. ./grouperContainerUnitTestUiNoSsl.sh +. ./grouperContainerUnitTestUiDifferentPorts.sh +. ./grouperContainerUnitTestSlashRoot.sh +. ./grouperContainerUnitTestSelfSigned.sh +. ./grouperContainerUnitTestScim.sh +. ./grouperContainerUnitTestWs.sh +. ./grouperContainerUnitTestQuickstart.sh + + +testContainerUi +testContainerUiNoSsl +testContainerSlashRoot +testContainerSelfSigned +testContainerUiDifferentPorts +testContainerScim +testContainerWs +testContainerQuickstart +testContainerDaemon + +dockerRemoveContainer +echo "" +echo "$successCount successes, $failureCount failures" +if [ "$successCount" = "$expectedSuccesses" ] && [ "$failureCount" = "0" ] ; then + success=true + echo "SUCCESS!" +else + success=false + echo "ERROR, expected $expectedSuccesses successes and 0 failures" +fi +echo "" +unset -f containerName +unset -f imageName +unset -f containerVersion +unset -f globalSleepSecondsAfterRun +unset -f testContainerQuickstart +unset -f testContainerDaemon +unset -f testContainerUi +unset -f testContainerUiNoSsl +unset -f testContainerUiDifferentPorts +unset -f testContainerSlashRoot +unset -f testContainerSelfSigned +unset -f testContainerScim +unset -f testContainerWs +unset -f successCount +unset -f failureCount +grouperContainerUnitTestLibrary_unsetAll + +if [ "$success" = "true" ]; then + exit 0 +else + exit 1 +fi diff --git a/container_files/tier-support/test/grouperContainerUnitTestDaemon.sh b/container_files/tier-support/test/grouperContainerUnitTestDaemon.sh new file mode 100644 index 00000000..f43a0583 --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestDaemon.sh @@ -0,0 +1,86 @@ +#!/bin/bash + +testContainerDaemon() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as daemon + echo "docker run --detach --name $containerName --publish 443:443 $imageName daemon" + echo '################' + echo + + docker run --detach --name $containerName --publish 443:443 $imageName daemon + sleep $globalSleepSecondsAfterRun + + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libWs/axis2-kernel-1.6.4.jar + assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/axis2-kernel-1.6.4.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libScim/stax-api-1.0-2.jar + assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/stax-api-1.0-2.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/lib/grouper-messaging-activemq-2.5.27.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/grouper-messaging-activemq-2.5.27.jar + + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__" + assertFileContains /etc/httpd/conf/httpd.conf "Listen 80" + assertFileNotContains /opt/tier-support/supervisord.conf "program:shibbolethsp" + assertFileContains /opt/tier-support/supervisord.conf "program:tomee" + assertFileNotContains /opt/tier-support/supervisord.conf "program:httpd" + assertFileNotContains /opt/tier-support/supervisord.conf "program:hsqldb" + assertFileNotContains /opt/tier-support/supervisord.conf "user=shibd" + assertFileNotContains /opt/tier-support/supervisord.conf "__" + + assertFileContains /etc/httpd/conf.d/grouper-www.conf "3600" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__" + + assertEnvVar GROUPERSCIM_PROXY_PASS "#" + assertEnvVar GROUPERSCIM_URL_CONTEXT "grouper-ws-scim" + assertEnvVar GROUPERWS_PROXY_PASS "#" + assertEnvVar GROUPERWS_URL_CONTEXT "grouper-ws" + assertEnvVar GROUPER_APACHE_AJP_TIMEOUT_SECONDS "3600" + assertEnvVar GROUPER_APACHE_NONSSL_PORT "80" + assertEnvVar GROUPER_APACHE_SSL_PORT "443" + assertEnvVar GROUPER_CHOWN_DIRS "true" + assertEnvVar GROUPER_CONTAINER_VERSION "$containerVersion" + assertEnvVar GROUPER_DAEMON "true" + assertEnvVar GROUPER_GSH_CHECK_USER "true" + assertEnvVar GROUPER_GSH_USER "tomcat" + assertEnvVar GROUPER_HOME "/opt/grouper/grouperWebapp/WEB-INF" + assertEnvVar GROUPER_LOG_PREFIX "grouper-daemon" + assertEnvVar GROUPER_MAX_MEMORY "1500m" + assertEnvVar GROUPER_PROXY_PASS "#" + assertEnvVarNot GROUPER_RUN_APACHE "true" + assertEnvVar GROUPER_RUN_PROCESSES_AS_USERS "true" + assertEnvVarNot GROUPER_RUN_SHIB_SP "true" + assertEnvVar GROUPER_RUN_TOMEE "true" + assertEnvVar GROUPER_SCIM "false" + assertEnvVar GROUPER_SCIM_GROUPER_AUTH "false" + assertEnvVar GROUPER_TOMCAT_CONTEXT "grouper" + assertEnvVar GROUPER_UI "false" + assertEnvVar GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES "127.0.0.1/32" + assertEnvVar GROUPER_UI_GROUPER_AUTH "false" + assertEnvVarNot GROUPER_UI_ONLY "true" + assertEnvVar GROUPER_URL_CONTEXT "grouper" + assertEnvVar GROUPER_USE_SSL "true" + assertEnvVar GROUPER_WS "false" + assertEnvVar GROUPER_WS_GROUPER_AUTH "false" + + # one for hsqldb + assertNumberOfTomcatProcesses 1 + # bad cert apache wont start + assertNumberOfApacheProcesses 0 + assertNumberOfShibProcesses 0 + + assertNotListeningOnPort 443 + assertNotListeningOnPort 80 + assertListeningOnPort 8009 + assertNotListeningOnPort 9001 + +} +export -f testContainerDaemon diff --git a/container_files/tier-support/test/grouperContainerUnitTestLibrary.sh b/container_files/tier-support/test/grouperContainerUnitTestLibrary.sh new file mode 100644 index 00000000..db90535f --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestLibrary.sh @@ -0,0 +1,258 @@ +#!/bin/bash + +dockerRemoveContainer() { + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 arguments" + exit 1 + fi + if [ "$(docker ps -a | grep $containerName)" ] + then + docker rm -f $containerName + fi +} + +# pass in string description, expected value, actual value +assertEquals() { + if [ "$#" -ne 3 ]; then + echo "You must enter exactly 3 arguments: statement, expected value, actual value" + exit 1 + fi + + if [ "$2" != "$3" ] + then + echo "ERROR: $1: expected '$2' but received '$3'" + if [ "$globalExitOnError" = "true" ]; then + exit 1 + fi + export failureCount=$((failureCount+1)) + else + echo "SUCCESS: $1: $2" + export successCount=$((successCount+1)) + fi +} + +# pass in string description, expected value, actual value it should not be +assertNotEquals() { + if [ "$#" -ne 3 ]; then + echo "You must enter exactly 3 arguments: statement, expected value, actual value it should not be" + exit 1 + fi + + if [ "$2" = "$3" ] + then + echo "ERROR: $1: expected '$2' to not equals '$3' but was equal" + if [ "$globalExitOnError" = "true" ]; then + exit 1 + fi + export failureCount=$((failureCount+1)) + else + echo "SUCCESS: $1: not equal to: '$2', is: '$3'" + export successCount=$((successCount+1)) + fi +} + +# pass in string description, first value, less than second valuee +assertLessThan() { + if [ "$#" -ne 3 ]; then + echo "You must enter exactly 3 arguments: statement, first value, second value" + exit 1 + fi + + if [ "$2" -ge "$3" ] + then + echo "ERROR: $1: expecting '$2' < '$3'" + if [ "$globalExitOnError" = "true" ]; then + exit 1 + fi + export failureCount=$((failureCount+1)) + else + echo "SUCCESS: $1: '$2' < '$3'" + export successCount=$((successCount+1)) + fi +} + +# pass in file name, value +assertFileContains() { + if [ "$#" -ne 2 ]; then + echo "You must enter exactly 2 arguments: file name, and value" + exit 1 + fi + + local command="docker exec -it $containerName grep '$2' $1 | wc -l | xargs" + local var="$(runCommand "$command")" + assertLessThan "file $1 should contain at least one '$2'" "0" "$var" +} + +# pass in file name, value +assertLocalFileContains() { + if [ "$#" -ne 2 ]; then + echo "You must enter exactly 2 arguments: file name, and value" + exit 1 + fi + + local command="grep '$2' $1 | wc -l | xargs" + local var="$(runCommand "$command")" + assertLessThan "file $1 should contain at least one '$2'" "0" "$var" +} + +assertFileNotContains() { + if [ "$#" -ne 2 ]; then + echo "You must enter exactly 2 arguments: file name, and value" + exit 1 + fi + + local command="docker exec -it $containerName grep '$2' $1 | wc -l | xargs" + local var="$(runCommand "$command")" + assertEquals "file $1 should not contain '$2'" "0" "$var" +} + +assertFileExists() { + if [ "$#" -ne 1 ]; then + # generally 0 or 5 processes + echo "You must enter exactly 1 arguments: file to check" + exit 1 + fi + local command="docker exec -it $containerName grouperTestFileExist.sh $1 | wc -l | xargs" + local var="$(runCommand "$command")" + assertEquals "file $1 should exist" "1" "$var" +} + +assertFileNotExists() { + if [ "$#" -ne 1 ]; then + # generally 0 or 5 processes + echo "You must enter exactly 1 arguments: file to check" + exit 1 + fi + local command="docker exec -it $containerName grouperTestFileExist.sh $1 | wc -l | xargs" + local var="$(runCommand "$command")" + assertEquals "file $1 should not exist" "0" "$var" +} + +assertListeningOnPort() { + if [ "$#" -ne 1 ]; then + echo "You must enter exactly 1 argument: port" + exit 1 + fi + + local command="docker exec -it $containerName netstat -pan | grep LISTEN | grep ':$1 ' | wc -l | xargs" + local var="$(runCommand "$command")" + assertEquals "listening on port $1" "1" "$var" +} + +assertNotListeningOnPort() { + if [ "$#" -ne 1 ]; then + echo "You must enter exactly 1 argument: port" + exit 1 + fi + + local command="docker exec -it $containerName netstat -pan | grep LISTEN | grep ':$1 ' | wc -l | xargs" + local var="$(runCommand "$command")" + assertEquals "not listening on port $1" "0" "$var" +} + +runCommand() { + if [ "$#" -ne 1 ]; then + echo "Pass the command to run" + exit 1 + fi + local command=$1 + local var=$(eval "$command") + # for some reason sometimes whitespace is there + local var=$(echo -e "${var}" | tr -d '\r' | tr -d '\n') + echo $var +} + +assertNumberOfTomcatProcesses() { + if [ "$#" -ne 1 ]; then + echo "You must enter exactly 1 arguments: the number of tomcat processes" + exit 1 + fi + local command="docker exec -it $containerName ps -ef | grep "^tomcat" | wc -l | xargs" + local var="$(runCommand "$command")" + assertEquals "tomcat process count" "$1" "$var" +} + +assertNumberOfApacheProcesses() { + if [ "$#" -ne 1 ]; then + # generally 0 or 5 processes + echo "You must enter exactly 1 arguments: the number of apache processes" + exit 1 + fi + local command="docker exec -it $containerName ps -ef | grep "^apache" | wc -l | xargs" + local var="$(runCommand "$command")" + assertEquals "apache process count" "$1" "$var" +} + +assertNumberOfShibProcesses() { + if [ "$#" -ne 1 ]; then + # generally 0 or 5 processes + echo "You must enter exactly 1 arguments: the number of shib processes" + exit 1 + fi + local command="docker exec -it $containerName ps -ef | grep "^shibd" | wc -l | xargs" + local var="$(runCommand "$command")" + assertEquals "shib process count" "$1" "$var" +} + +assertEnvVar() { + if [ "$#" -ne 2 ]; then + echo "You must enter exactly 2 arguments: the env var name and value" + exit 1 + fi + local command="docker exec -it --user tomcat $containerName grouperTestPrintEnv.sh $1 | xargs" + local var="$(runCommand "$command")" + assertEquals "env var $1" "$2" "$var" +} + +assertEnvVarNot() { + if [ "$#" -ne 2 ]; then + echo "You must enter exactly 2 arguments: the env var name and value" + exit 1 + fi + local command="docker exec -it --user tomcat $containerName grouperTestPrintEnv.sh $1 | xargs" + local var="$(runCommand "$command")" + assertNotEquals "env var $1" "$2" "$var" +} + +grouperContainerUnitTestLibrary_unsetAll() { + unset -f assertEnvVar + unset -f assertEnvVarNot + unset -f assertEquals + unset -f assertFileContains + unset -f assertFileExists + unset -f assertFileNotContains + unset -f assertFileNotExists + unset -f assertLessThan + unset -f assertListeningOnPort + unset -f assertNotEquals + unset -f assertNotListeningOnPort + unset -f assertNumberOfApacheProcesses + unset -f assertNumberOfShibProcesses + unset -f assertNumberOfTomcatProcesses + unset -f dockerRemoveContainer + unset -f grouperContainerUnitTestLibrary_unsetAll + unset -f runCommand +} + +grouperContainerUnitTestLibrary_exportAll() { + export -f assertEnvVar + export -f assertEnvVarNot + export -f assertEquals + export -f assertFileContains + export -f assertFileExists + export -f assertFileNotContains + export -f assertFileNotExists + export -f assertLessThan + export -f assertListeningOnPort + export -f assertNotEquals + export -f assertNotListeningOnPort + export -f assertNumberOfApacheProcesses + export -f assertNumberOfShibProcesses + export -f assertNumberOfTomcatProcesses + export -f dockerRemoveContainer + export -f grouperContainerUnitTestLibrary_unsetAll + export -f runCommand +} + +# export everything +grouperContainerUnitTestLibrary_exportAll diff --git a/container_files/tier-support/test/grouperContainerUnitTestQuickstart.sh b/container_files/tier-support/test/grouperContainerUnitTestQuickstart.sh new file mode 100644 index 00000000..40ec9a9c --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestQuickstart.sh @@ -0,0 +1,125 @@ +#!/bin/bash + +testContainerQuickstart() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as quickstart + echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_MORPHSTRING_ENCRYPT_KEY=abcdefg12345dontUseThis \ " + echo "-e GROUPERSYSTEM_QUICKSTART_PASS=thisPassIsCopyrightedDontUse $imageName quickstart" + echo '################' + echo + + docker run --detach --name $containerName --publish 443:443 -e GROUPER_MORPHSTRING_ENCRYPT_KEY=abcdefg12345dontUseThis -e GROUPERSYSTEM_QUICKSTART_PASS=thisPassIsCopyrightedDontUse $imageName quickstart + sleep $globalSleepSecondsAfterRun + + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libWs/axis2-kernel-1.6.4.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/lib/axis2-kernel-1.6.4.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libScim/stax-api-1.0-2.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/lib/stax-api-1.0-2.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/lib/grouper-messaging-activemq-2.5.27.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/grouper-messaging-activemq-2.5.27.jar + + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__" + assertFileContains /etc/httpd/conf/httpd.conf "Listen 80" + assertFileNotContains /opt/tier-support/supervisord.conf "program:shibbolethsp" + assertFileContains /opt/tier-support/supervisord.conf "program:tomee" + assertFileContains /opt/tier-support/supervisord.conf "program:httpd" + assertFileContains /opt/tier-support/supervisord.conf "program:hsqldb" + assertFileNotContains /opt/tier-support/supervisord.conf "user=shibd" + assertFileNotContains /opt/tier-support/supervisord.conf "__" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf cachain.pem + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf /etc/pki/tls/certs/localhost.crt + + assertFileContains /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties grouperPasswordConfigOverride_UI_GrouperSystem_pass.elConfig + + assertFileContains /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties GROUPERSYSTEM_QUICKSTART_PASS + + assertFileContains /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties "grouper;" + + assertFileContains /etc/httpd/conf.d/grouper-www.conf "3600" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__" + + assertEnvVar GROUPERSCIM_PROXY_PASS "" + assertEnvVar GROUPERSCIM_URL_CONTEXT "grouper-ws-scim" + assertEnvVar GROUPERWS_PROXY_PASS "" + assertEnvVar GROUPERWS_URL_CONTEXT "grouper-ws" + assertEnvVar GROUPER_APACHE_AJP_TIMEOUT_SECONDS "3600" + assertEnvVar GROUPER_APACHE_NONSSL_PORT "80" + assertEnvVar GROUPER_APACHE_SSL_PORT "443" + assertEnvVar GROUPER_CHOWN_DIRS "true" + assertEnvVar GROUPER_CONTAINER_VERSION "$containerVersion" + assertEnvVar GROUPER_DAEMON "true" + assertEnvVar GROUPER_GSH_CHECK_USER "true" + assertEnvVar GROUPER_GSH_USER "tomcat" + assertEnvVar GROUPER_HOME "/opt/grouper/grouperWebapp/WEB-INF" + assertEnvVar GROUPER_LOG_PREFIX "grouper" + assertEnvVar GROUPER_MAX_MEMORY "1500m" + assertEnvVar GROUPER_PROXY_PASS "" + assertEnvVar GROUPER_RUN_APACHE "true" + assertEnvVar GROUPER_RUN_PROCESSES_AS_USERS "true" + assertEnvVar GROUPER_RUN_SHIB_SP "false" + assertEnvVar GROUPER_RUN_TOMEE "true" + assertEnvVar GROUPER_SCIM "true" + assertEnvVar GROUPER_SCIM_GROUPER_AUTH "true" + assertEnvVar GROUPER_TOMCAT_CONTEXT "grouper" + assertEnvVar GROUPER_UI "true" + assertEnvVar GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES "0.0.0.0/0" + assertEnvVar GROUPER_UI_GROUPER_AUTH "true" + assertEnvVarNot GROUPER_UI_ONLY "true" + assertEnvVar GROUPER_URL_CONTEXT "grouper" + assertEnvVar GROUPER_USE_SSL "true" + assertEnvVar GROUPER_WS "true" + assertEnvVar GROUPER_WS_GROUPER_AUTH "true" + + # one for hsqldb + assertNumberOfTomcatProcesses 2 + # bad cert apache wont start + assertNumberOfApacheProcesses 5 + assertNumberOfShibProcesses 0 + + assertListeningOnPort 443 + assertListeningOnPort 80 + assertListeningOnPort 8009 + assertListeningOnPort 9001 + + curl -L -k -u GrouperSystem:thisPassIsCopyrightedDontUse https://localhost -o index.html + assertLocalFileContains index.html document.location.href + + curl -L -k https://localhost/grouper/grouperUi/app/UiV2Main.index?operation=UiV2Main.indexMain -o index.html + assertLocalFileContains index.html 'HTTP Status 401' + + curl -L -k -u GrouperSystem:XthisPassIsCopyrightedDontUse https://localhost/grouper/grouperUi/app/UiV2Main.index?operation=UiV2Main.indexMain -o index.html + assertLocalFileContains index.html 'HTTP Status 401' + + curl -L -k -u GrouperSystem:thisPassIsCopyrightedDontUse https://localhost/grouper/grouperUi/app/UiV2Main.index?operation=UiV2Main.indexMain -o index.html + assertLocalFileContains index.html 'end index.jsp' + + curl -L -k https://localhost/grouper-ws/servicesRest/v2_4_000/subjects/GrouperSystem -o index.html + assertLocalFileContains index.html 'HTTP Status 401' + + curl -L -k -u GrouperSystem:XthisPassIsCopyrightedDontUse https://localhost/grouper-ws/servicesRest/v2_4_000/subjects/GrouperSystem -o index.html + assertLocalFileContains index.html 'HTTP Status 401' + + curl -L -k -u GrouperSystem:thisPassIsCopyrightedDontUse https://localhost/grouper-ws/servicesRest/v2_4_000/subjects/GrouperSystem -o index.html + assertLocalFileContains index.html '"resultCode":"SUCCESS"' + + curl -L -k https://localhost/grouper-ws-scim/v2/Groups/ -o index.html + assertLocalFileContains index.html 'HTTP Status 401' + + curl -L -k -u GrouperSystem:XthisPassIsCopyrightedDontUse https://localhost/grouper-ws-scim/v2/Groups/ -o index.html + assertLocalFileContains index.html 'HTTP Status 401' + + curl -L -k -u GrouperSystem:thisPassIsCopyrightedDontUse https://localhost/grouper-ws-scim/v2/Groups/ -o index.html + assertLocalFileContains index.html 'etc:workflowEditors' + +} +export -f testContainerQuickstart diff --git a/container_files/tier-support/test/grouperContainerUnitTestScim.sh b/container_files/tier-support/test/grouperContainerUnitTestScim.sh new file mode 100644 index 00000000..0bdde3a9 --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestScim.sh @@ -0,0 +1,88 @@ +#!/bin/bash + +testContainerScim() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as scim + echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_SELF_SIGNED_CERT=true $imageName scim" + echo '################' + echo + + docker run --detach --name $containerName --publish 443:443 -e GROUPER_SELF_SIGNED_CERT=true $imageName scim + sleep $globalSleepSecondsAfterRun + + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libWs/axis2-kernel-1.6.4.jar + assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/axis2-kernel-1.6.4.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libScim/stax-api-1.0-2.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/lib/stax-api-1.0-2.jar + assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/grouper-messaging-activemq-2.5.27.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/grouper-messaging-activemq-2.5.27.jar + + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__" + assertFileContains /etc/httpd/conf/httpd.conf "Listen 80" + assertFileNotContains /opt/tier-support/supervisord.conf "program:shibbolethsp" + assertFileContains /opt/tier-support/supervisord.conf "program:tomee" + assertFileContains /opt/tier-support/supervisord.conf "program:httpd" + assertFileNotContains /opt/tier-support/supervisord.conf "user=shibd" + assertFileNotContains /opt/tier-support/supervisord.conf "__" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf cachain.pem + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf /etc/pki/tls/certs/localhost.crt + + assertFileContains /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties "grouper-scim;" + + assertFileContains /etc/httpd/conf.d/grouper-www.conf "3600" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__" + + assertEnvVar GROUPERSCIM_PROXY_PASS "" + assertEnvVar GROUPERSCIM_URL_CONTEXT "grouper-ws-scim" + assertEnvVar GROUPERWS_PROXY_PASS "#" + assertEnvVar GROUPERWS_URL_CONTEXT "grouper-ws" + assertEnvVar GROUPER_APACHE_AJP_TIMEOUT_SECONDS "3600" + assertEnvVar GROUPER_APACHE_NONSSL_PORT "80" + assertEnvVar GROUPER_APACHE_SSL_PORT "443" + assertEnvVar GROUPER_CHOWN_DIRS "true" + assertEnvVar GROUPER_CONTAINER_VERSION "$containerVersion" + assertEnvVar GROUPER_DAEMON "false" + assertEnvVar GROUPER_GSH_CHECK_USER "true" + assertEnvVar GROUPER_GSH_USER "tomcat" + assertEnvVar GROUPER_HOME "/opt/grouper/grouperWebapp/WEB-INF" + assertEnvVar GROUPER_LOG_PREFIX "grouper-scim" + assertEnvVar GROUPER_MAX_MEMORY "1500m" + assertEnvVar GROUPER_PROXY_PASS "#" + assertEnvVar GROUPER_RUN_APACHE "true" + assertEnvVar GROUPER_RUN_PROCESSES_AS_USERS "true" + assertEnvVarNot GROUPER_RUN_SHIB_SP "true" + assertEnvVar GROUPER_RUN_TOMEE "true" + assertEnvVar GROUPER_SCIM "true" + assertEnvVar GROUPER_SCIM_GROUPER_AUTH "false" + assertEnvVar GROUPER_TOMCAT_CONTEXT "grouper-ws-scim" + assertEnvVar GROUPER_UI "false" + assertEnvVar GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES "127.0.0.1/32" + assertEnvVar GROUPER_UI_GROUPER_AUTH "false" + assertEnvVar GROUPER_URL_CONTEXT "grouper" + assertEnvVar GROUPER_USE_SSL "true" + assertEnvVar GROUPER_WS "false" + assertEnvVar GROUPER_WS_GROUPER_AUTH "false" + assertEnvVarNot GROUPER_WS_ONLY "true" + + assertNumberOfTomcatProcesses 1 + assertNumberOfApacheProcesses 5 + assertNumberOfShibProcesses 0 + + assertListeningOnPort 443 + assertListeningOnPort 80 + assertListeningOnPort 8009 + assertNotListeningOnPort 9001 + + +} +export -f testContainerScim diff --git a/container_files/tier-support/test/grouperContainerUnitTestSelfSigned.sh b/container_files/tier-support/test/grouperContainerUnitTestSelfSigned.sh new file mode 100644 index 00000000..e489efbb --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestSelfSigned.sh @@ -0,0 +1,71 @@ +#!/bin/bash + +testContainerSelfSigned() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as ui with self signed cert + echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_LOG_TO_HOST=true $imageName ui" + echo '################' + echo + + docker run --detach --name $containerName --publish 443:443 -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_LOG_TO_HOST=true $imageName ui + sleep $globalSleepSecondsAfterRun + + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf cachain.pem + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf /etc/pki/tls/certs/localhost.crt + + assertFileContains /etc/httpd/conf.d/grouper-www.conf "ProxyPass /grouper ajp://localhost:8009/grouper timeout=3600" + assertFileContains /etc/httpd/conf.d/grouper-www.conf "#ProxyPass /grouper-ws ajp://localhost:8009/grouper timeout=3600" + assertFileContains /etc/httpd/conf.d/grouper-www.conf "#ProxyPass /grouper-ws-scim ajp://localhost:8009/grouper timeout=3600" + assertFileContains /etc/httpd/conf.d/grouper-www.conf "\"/grouper/\"" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__" + + assertFileNotContains /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties "/tmp/logpipe" + + assertEnvVar GROUPERSCIM_PROXY_PASS "#" + assertEnvVar GROUPERSCIM_URL_CONTEXT "grouper-ws-scim" + assertEnvVar GROUPERWS_PROXY_PASS "#" + assertEnvVar GROUPERWS_URL_CONTEXT "grouper-ws" + assertEnvVar GROUPER_APACHE_NONSSL_PORT "80" + assertEnvVar GROUPER_APACHE_SSL_PORT "443" + assertEnvVar GROUPER_CHOWN_DIRS "true" + assertEnvVar GROUPER_CONTAINER_VERSION "$containerVersion" + assertEnvVar GROUPER_DAEMON "false" + assertEnvVar GROUPER_GSH_CHECK_USER "true" + assertEnvVar GROUPER_GSH_USER "tomcat" + assertEnvVar GROUPER_HOME "/opt/grouper/grouperWebapp/WEB-INF" + assertEnvVar GROUPER_LOG_PREFIX "grouper-ui" + assertEnvVar GROUPER_MAX_MEMORY "1500m" + assertEnvVar GROUPER_PROXY_PASS "" + assertEnvVar GROUPER_RUN_APACHE "true" + assertEnvVar GROUPER_RUN_PROCESSES_AS_USERS "true" + assertEnvVar GROUPER_RUN_SHIB_SP "true" + assertEnvVar GROUPER_RUN_TOMEE "true" + assertEnvVar GROUPER_SCIM "false" + assertEnvVar GROUPER_SCIM_GROUPER_AUTH "false" + assertEnvVar GROUPER_SELF_SIGNED_CERT "true" + assertEnvVar GROUPER_TOMCAT_CONTEXT "grouper" + assertEnvVar GROUPER_UI "true" + assertEnvVar GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES "127.0.0.1/32" + assertEnvVar GROUPER_UI_GROUPER_AUTH "false" + assertEnvVar GROUPER_UI_ONLY "true" + assertEnvVar GROUPER_URL_CONTEXT "grouper" + assertEnvVar GROUPER_USE_SSL "true" + assertEnvVar GROUPER_WS "false" + assertEnvVar GROUPER_WS_GROUPER_AUTH "false" + + assertNumberOfTomcatProcesses 1 + # bad cert apache wont start + assertNumberOfApacheProcesses 5 + assertNumberOfShibProcesses 1 + + +} diff --git a/container_files/tier-support/test/grouperContainerUnitTestSlashRoot.sh b/container_files/tier-support/test/grouperContainerUnitTestSlashRoot.sh new file mode 100644 index 00000000..b30201c4 --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestSlashRoot.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +testContainerSlashRoot() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as ui with slashRoot mounted + echo "docker run --detach --name $containerName --mount type=bind,src=$someDir,dst=/opt/grouper/slashRoot --publish 443:443 $imageName ui" + echo '################' + echo + + local someDir=$(pwd)/someDir + rm -rf someDir + mkdir -p someDir/tmp + echo 'whatever' > someDir/tmp/temp.txt + + docker run --detach --name $containerName --mount type=bind,src=$someDir,dst=/opt/grouper/slashRoot --publish 443:443 $imageName ui + sleep $globalSleepSecondsAfterRun + + assertFileExists /tmp/temp.txt + + #rm -rf someDir + +} +export -f testContainerSlashRoot diff --git a/container_files/tier-support/test/grouperContainerUnitTestUi.sh b/container_files/tier-support/test/grouperContainerUnitTestUi.sh new file mode 100644 index 00000000..eed5ef84 --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestUi.sh @@ -0,0 +1,94 @@ +#!/bin/bash + +testContainerUi() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as ui + echo "docker run --detach --name $containerName --publish 443:443 $imageName ui" + echo '################' + echo + + docker run --detach --name $containerName --publish 443:443 $imageName ui + sleep $globalSleepSecondsAfterRun + + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libWs/axis2-kernel-1.6.4.jar + assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/axis2-kernel-1.6.4.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libScim/stax-api-1.0-2.jar + assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/stax-api-1.0-2.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/lib/grouper-messaging-activemq-2.5.27.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/grouper-messaging-activemq-2.5.27.jar + + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__" + assertFileContains /etc/httpd/conf/httpd.conf "Listen 80" + assertFileContains /opt/tier-support/supervisord.conf "program:shibbolethsp" + assertFileContains /opt/tier-support/supervisord.conf "program:tomee" + assertFileContains /opt/tier-support/supervisord.conf "program:httpd" + assertFileContains /opt/tier-support/supervisord.conf "user=shibd" + assertFileNotContains /opt/tier-support/supervisord.conf "program:hsqldb" + assertFileNotContains /opt/tier-support/supervisord.conf "__" + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf cachain.pem + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf /etc/pki/tls/certs/localhost.crt + + assertFileContains /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties "/tmp/logpipe" + assertFileContains /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties "grouper-ui;" + + assertFileNotContains /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties grouperPasswordConfigOverride_UI_GrouperSystem_pass.elConfig + assertFileNotContains /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties thisPassIsCopyrightedDontUse + + assertFileContains /etc/httpd/conf.d/grouper-www.conf "3600" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__" + + assertEnvVar GROUPERSCIM_PROXY_PASS "#" + assertEnvVar GROUPERSCIM_URL_CONTEXT "grouper-ws-scim" + assertEnvVar GROUPERWS_PROXY_PASS "#" + assertEnvVar GROUPERWS_URL_CONTEXT "grouper-ws" + assertEnvVar GROUPER_APACHE_AJP_TIMEOUT_SECONDS "3600" + assertEnvVar GROUPER_APACHE_NONSSL_PORT "80" + assertEnvVar GROUPER_APACHE_SSL_PORT "443" + assertEnvVar GROUPER_CHOWN_DIRS "true" + assertEnvVar GROUPER_CONTAINER_VERSION "$containerVersion" + assertEnvVar GROUPER_DAEMON "false" + assertEnvVar GROUPER_GSH_CHECK_USER "true" + assertEnvVar GROUPER_GSH_USER "tomcat" + assertEnvVar GROUPER_HOME "/opt/grouper/grouperWebapp/WEB-INF" + assertEnvVar GROUPER_LOG_PREFIX "grouper-ui" + assertEnvVar GROUPER_MAX_MEMORY "1500m" + assertEnvVar GROUPER_PROXY_PASS "" + assertEnvVar GROUPER_RUN_APACHE "true" + assertEnvVar GROUPER_RUN_PROCESSES_AS_USERS "true" + assertEnvVar GROUPER_RUN_SHIB_SP "true" + assertEnvVar GROUPER_RUN_TOMEE "true" + assertEnvVar GROUPER_SCIM "false" + assertEnvVar GROUPER_SCIM_GROUPER_AUTH "false" + assertEnvVar GROUPER_TOMCAT_CONTEXT "grouper" + assertEnvVar GROUPER_UI "true" + assertEnvVar GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES "127.0.0.1/32" + assertEnvVar GROUPER_UI_GROUPER_AUTH "false" + assertEnvVar GROUPER_UI_ONLY "true" + assertEnvVar GROUPER_URL_CONTEXT "grouper" + assertEnvVar GROUPER_USE_SSL "true" + assertEnvVar GROUPER_WS "false" + assertEnvVar GROUPER_WS_GROUPER_AUTH "false" + + assertNumberOfTomcatProcesses 1 + # bad cert apache wont start + assertNumberOfApacheProcesses 0 + assertNumberOfShibProcesses 1 + + assertNotListeningOnPort 443 + assertNotListeningOnPort 80 + assertListeningOnPort 8009 + assertNotListeningOnPort 9001 + + +} +export -f testContainerUi diff --git a/container_files/tier-support/test/grouperContainerUnitTestUiDifferentPorts.sh b/container_files/tier-support/test/grouperContainerUnitTestUiDifferentPorts.sh new file mode 100644 index 00000000..28f98614 --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestUiDifferentPorts.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +testContainerUiDifferentPorts() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as ui with self signed cert with different ports + echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_APACHE_AJP_TIMEOUT_SECONDS=2999 -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_APACHE_SSL_PORT=444 -e GROUPER_APACHE_NONSSL_PORT=81 $imageName ui" + echo '################' + echo + + docker run --detach --name $containerName --publish 443:443 -e GROUPER_APACHE_AJP_TIMEOUT_SECONDS=2999 -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_APACHE_SSL_PORT=444 -e GROUPER_APACHE_NONSSL_PORT=81 $imageName ui + sleep $globalSleepSecondsAfterRun + + assertEnvVar GROUPER_APACHE_NONSSL_PORT "81" + assertEnvVar GROUPER_APACHE_SSL_PORT "444" + assertEnvVar GROUPER_APACHE_AJP_TIMEOUT_SECONDS "2999" + + + assertFileContains /etc/httpd/conf.d/grouper-www.conf "2999" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "3600" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "2400" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https" + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 444 https" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__" + assertFileNotContains /etc/httpd/conf/httpd.conf "Listen 80" + assertFileContains /etc/httpd/conf/httpd.conf "Listen 81" + + assertNumberOfTomcatProcesses 1 + # bad cert apache wont start + assertNumberOfApacheProcesses 5 + assertNumberOfShibProcesses 1 + + assertListeningOnPort 444 + assertListeningOnPort 81 + assertNotListeningOnPort 443 + assertNotListeningOnPort 80 + assertListeningOnPort 8009 + assertNotListeningOnPort 9001 + + +} +export -f testContainerUiDifferentPorts diff --git a/container_files/tier-support/test/grouperContainerUnitTestUiNoSsl.sh b/container_files/tier-support/test/grouperContainerUnitTestUiNoSsl.sh new file mode 100644 index 00000000..299beac0 --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestUiNoSsl.sh @@ -0,0 +1,76 @@ +#!/bin/bash + +testContainerUiNoSsl() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as ui without SSL + echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_USE_SSL=false $imageName ui" + echo '################' + echo + + docker run --detach --name $containerName --publish 443:443 -e GROUPER_USE_SSL=false $imageName ui + sleep $globalSleepSecondsAfterRun + + assertFileExists /etc/httpd/conf.d/ssl-enabled.conf.dontuse + assertFileExists /etc/httpd/conf.d/ssl.conf.dontuse + assertFileNotExists /etc/httpd/conf.d/ssl-enabled.conf + assertFileNotExists /etc/httpd/conf.d/ssl.conf + + assertFileContains /etc/httpd/conf/httpd.conf "Listen 80" + assertFileContains /opt/tier-support/supervisord.conf "program:shibbolethsp" + assertFileContains /opt/tier-support/supervisord.conf "program:tomee" + assertFileContains /opt/tier-support/supervisord.conf "program:httpd" + assertFileContains /opt/tier-support/supervisord.conf "user=shibd" + assertFileNotContains /opt/tier-support/supervisord.conf "__" + + assertEnvVar GROUPERSCIM_PROXY_PASS "#" + assertEnvVar GROUPERSCIM_URL_CONTEXT "grouper-ws-scim" + assertEnvVar GROUPERWS_PROXY_PASS "#" + assertEnvVar GROUPERWS_URL_CONTEXT "grouper-ws" + assertEnvVar GROUPER_APACHE_NONSSL_PORT "80" + assertEnvVar GROUPER_APACHE_SSL_PORT "443" + assertEnvVar GROUPER_CHOWN_DIRS "true" + assertEnvVar GROUPER_CONTAINER_VERSION "$containerVersion" + assertEnvVar GROUPER_DAEMON "false" + assertEnvVar GROUPER_GSH_CHECK_USER "true" + assertEnvVar GROUPER_GSH_USER "tomcat" + assertEnvVar GROUPER_HOME "/opt/grouper/grouperWebapp/WEB-INF" + assertEnvVar GROUPER_LOG_PREFIX "grouper-ui" + assertEnvVar GROUPER_MAX_MEMORY "1500m" + assertEnvVar GROUPER_PROXY_PASS "" + assertEnvVar GROUPER_RUN_APACHE "true" + assertEnvVar GROUPER_RUN_PROCESSES_AS_USERS "true" + assertEnvVar GROUPER_RUN_SHIB_SP "true" + assertEnvVar GROUPER_RUN_TOMEE "true" + assertEnvVar GROUPER_SCIM "false" + assertEnvVar GROUPER_SCIM_GROUPER_AUTH "false" + assertEnvVar GROUPER_TOMCAT_CONTEXT "grouper" + assertEnvVar GROUPER_UI "true" + assertEnvVar GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES "127.0.0.1/32" + assertEnvVar GROUPER_UI_GROUPER_AUTH "false" + assertEnvVar GROUPER_UI_ONLY "true" + assertEnvVar GROUPER_URL_CONTEXT "grouper" + assertEnvVar GROUPER_USE_SSL "false" + assertEnvVar GROUPER_WS "false" + assertEnvVar GROUPER_WS_GROUPER_AUTH "false" + + assertNumberOfTomcatProcesses 1 + assertNumberOfApacheProcesses 5 + assertNumberOfShibProcesses 1 + + assertNotListeningOnPort 443 + assertListeningOnPort 80 + assertListeningOnPort 8009 + assertNotListeningOnPort 9001 + + +} +export -f testContainerUiNoSsl diff --git a/container_files/tier-support/test/grouperContainerUnitTestWs.sh b/container_files/tier-support/test/grouperContainerUnitTestWs.sh new file mode 100644 index 00000000..4b4e9b8f --- /dev/null +++ b/container_files/tier-support/test/grouperContainerUnitTestWs.sh @@ -0,0 +1,88 @@ +#!/bin/bash + +testContainerWs() { + + if [ "$#" -ne 0 ]; then + echo "You must enter exactly 0 command line arguments" + exit 1 + fi + + dockerRemoveContainer + + echo + echo '################' + echo Running container as ws + echo "docker run --detach --name $containerName --publish 443:443 -e GROUPER_SELF_SIGNED_CERT=true $imageName ws" + echo '################' + echo + + docker run --detach --name $containerName --publish 443:443 -e GROUPER_SELF_SIGNED_CERT=true $imageName ws + sleep $globalSleepSecondsAfterRun + + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libWs/axis2-kernel-1.6.4.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/lib/axis2-kernel-1.6.4.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libScim/stax-api-1.0-2.jar + assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/stax-api-1.0-2.jar + assertFileNotExists /opt/grouper/grouperWebapp/WEB-INF/lib/grouper-messaging-activemq-2.5.27.jar + assertFileExists /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/grouper-messaging-activemq-2.5.27.jar + + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf "Listen 443 https" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf "__" + assertFileContains /etc/httpd/conf/httpd.conf "Listen 80" + assertFileNotContains /opt/tier-support/supervisord.conf "program:shibbolethsp" + assertFileContains /opt/tier-support/supervisord.conf "program:tomee" + assertFileContains /opt/tier-support/supervisord.conf "program:httpd" + assertFileNotContains /opt/tier-support/supervisord.conf "user=shibd" + assertFileNotContains /opt/tier-support/supervisord.conf "__" + assertFileNotContains /etc/httpd/conf.d/ssl-enabled.conf cachain.pem + assertFileContains /etc/httpd/conf.d/ssl-enabled.conf /etc/pki/tls/certs/localhost.crt + + assertFileContains /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties "grouper-ws;" + + assertFileContains /etc/httpd/conf.d/grouper-www.conf "3600" + assertFileNotContains /etc/httpd/conf.d/grouper-www.conf "__" + + assertEnvVar GROUPERSCIM_PROXY_PASS "#" + assertEnvVar GROUPERSCIM_URL_CONTEXT "grouper-ws-scim" + assertEnvVar GROUPERWS_PROXY_PASS "" + assertEnvVar GROUPERWS_URL_CONTEXT "grouper-ws" + assertEnvVar GROUPER_APACHE_AJP_TIMEOUT_SECONDS "3600" + assertEnvVar GROUPER_APACHE_NONSSL_PORT "80" + assertEnvVar GROUPER_APACHE_SSL_PORT "443" + assertEnvVar GROUPER_CHOWN_DIRS "true" + assertEnvVar GROUPER_CONTAINER_VERSION "$containerVersion" + assertEnvVar GROUPER_DAEMON "false" + assertEnvVar GROUPER_GSH_CHECK_USER "true" + assertEnvVar GROUPER_GSH_USER "tomcat" + assertEnvVar GROUPER_HOME "/opt/grouper/grouperWebapp/WEB-INF" + assertEnvVar GROUPER_LOG_PREFIX "grouper-ws" + assertEnvVar GROUPER_MAX_MEMORY "1500m" + assertEnvVar GROUPER_PROXY_PASS "#" + assertEnvVar GROUPER_RUN_APACHE "true" + assertEnvVar GROUPER_RUN_PROCESSES_AS_USERS "true" + assertEnvVarNot GROUPER_RUN_SHIB_SP "true" + assertEnvVar GROUPER_RUN_TOMEE "true" + assertEnvVar GROUPER_SCIM "false" + assertEnvVar GROUPER_SCIM_GROUPER_AUTH "false" + assertEnvVar GROUPER_TOMCAT_CONTEXT "grouper-ws" + assertEnvVar GROUPER_UI "false" + assertEnvVar GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES "127.0.0.1/32" + assertEnvVar GROUPER_UI_GROUPER_AUTH "false" + assertEnvVarNot GROUPER_UI_ONLY "true" + assertEnvVar GROUPER_URL_CONTEXT "grouper" + assertEnvVar GROUPER_USE_SSL "true" + assertEnvVar GROUPER_WS "true" + assertEnvVar GROUPER_WS_GROUPER_AUTH "false" + assertEnvVar GROUPER_WS_ONLY "true" + + assertNumberOfTomcatProcesses 1 + assertNumberOfApacheProcesses 5 + assertNumberOfShibProcesses 0 + + assertListeningOnPort 443 + assertListeningOnPort 80 + assertListeningOnPort 8009 + assertNotListeningOnPort 9001 + +} +export -f testContainerWs diff --git a/container_files/tomee/conf/Catalina/localhost/grouper.xml b/container_files/tomee/conf/Catalina/localhost/grouper.xml new file mode 100644 index 00000000..46298e8f --- /dev/null +++ b/container_files/tomee/conf/Catalina/localhost/grouper.xml @@ -0,0 +1,3 @@ + + + diff --git a/container_files/usr-local-bin/daemon b/container_files/usr-local-bin/daemon index 7898c89f..aef7603f 100755 --- a/container_files/usr-local-bin/daemon +++ b/container_files/usr-local-bin/daemon @@ -1,10 +1,7 @@ #!/bin/bash -. /usr/local/bin/library.sh +prep_daemon +prep_finish +setupFiles -prepDaemon -finishPrep - -export GSH_JVMARGS="$GSH_JVMARGS -DENV=$ENV -DUSERTOKEN=$USERTOKEN" - -exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf +runCommand \ No newline at end of file diff --git a/container_files/usr-local-bin/entrypoint.sh b/container_files/usr-local-bin/entrypoint.sh index 4c4a9099..fcafe4f8 100755 --- a/container_files/usr-local-bin/entrypoint.sh +++ b/container_files/usr-local-bin/entrypoint.sh @@ -1,13 +1,14 @@ #!/bin/sh . /usr/local/bin/library.sh -prepConf +prep_conf if [ "$#" -eq 0 ]; then echo no component set to run - finishPrep - exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf + prep_finish + setupFiles + runCommand else echo executing $@ exec "$@" diff --git a/container_files/usr-local-bin/grouperScriptHooks.sh b/container_files/usr-local-bin/grouperScriptHooks.sh new file mode 100644 index 00000000..5707f0c4 --- /dev/null +++ b/container_files/usr-local-bin/grouperScriptHooks.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +# Overlay this file with implementations of functions from grouperCustomShellHooksBase.sh +# dont forget to export -f your functions after implementing them like in the base file + + diff --git a/container_files/usr-local-bin/grouperScriptHooksBase.sh b/container_files/usr-local-bin/grouperScriptHooksBase.sh new file mode 100644 index 00000000..c6406837 --- /dev/null +++ b/container_files/usr-local-bin/grouperScriptHooksBase.sh @@ -0,0 +1,57 @@ +#!/bin/sh + +### DO NOT EDIT OR OVERLAY THIS FILE +# These definitions are here to define the functions. +# You can overlay the grouperCustomShellHooks.sh file with any definitions of these functions + +# called at the beginning of the container startup +# after logging is setup +grouperScriptHooks_prepConfPost() { + return +} + +# called after the component command has been prepped +grouperScriptHooks_prepComponentPost() { + return +} + +# called after the finishPrep is called before the setupFiles +grouperScriptHooks_finishPrepPost() { + return +} + +# called after the setupFiles functions is called, almost before the process starts +grouperScriptHooks_setupFilesPost() { + return +} + +# called after the chown at end of setupFiles, right before the process starts +grouperScriptHooks_setupFilesPostChown() { + return +} + +grouperScriptHooks_unsetAll() { + + unset -f grouperScriptHooks_finishPrepPost + unset -f grouperScriptHooks_prepComponentPost + unset -f grouperScriptHooks_prepConfPost + unset -f grouperScriptHooks_setupFilesPost + unset -f grouperScriptHooks_setupFilesPostChown + unset -f grouperScriptHooks_unsetAll + +} + +grouperScriptHooks_exportAll() { + + export -f grouperScriptHooks_finishPrepPost + export -f grouperScriptHooks_prepComponentPost + export -f grouperScriptHooks_prepConfPost + export -f grouperScriptHooks_setupFilesPost + export -f grouperScriptHooks_setupFilesPostChown + export -f grouperScriptHooks_unsetAll + +} + +# export everything +grouperScriptHooks_exportAll + diff --git a/container_files/usr-local-bin/grouperTestFileExist.sh b/container_files/usr-local-bin/grouperTestFileExist.sh new file mode 100755 index 00000000..68757a56 --- /dev/null +++ b/container_files/usr-local-bin/grouperTestFileExist.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +if [ "$#" -ne 1 ]; then + echo "You must enter exactly 1 argument: the file name" + exit 1 +fi + +if [ -f "$1" ]; then + echo "exists" +fi \ No newline at end of file diff --git a/container_files/usr-local-bin/grouperTestPrintEnv.sh b/container_files/usr-local-bin/grouperTestPrintEnv.sh new file mode 100755 index 00000000..90460495 --- /dev/null +++ b/container_files/usr-local-bin/grouperTestPrintEnv.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +if [ "$#" -ne 1 ]; then + echo "You must enter exactly 1 argument: the env var name" + exit 1 +fi + +. /etc/bashrc +. ~/.bashrc + +printenv $1 \ No newline at end of file diff --git a/container_files/usr-local-bin/gsh b/container_files/usr-local-bin/gsh index 5523d562..a17030c8 100755 --- a/container_files/usr-local-bin/gsh +++ b/container_files/usr-local-bin/gsh @@ -1,10 +1,19 @@ #!/bin/bash -. /usr/local/bin/library.sh - -prepDaemon -finishPrep +prep_daemon +prep_finish +setupFiles +runCommand_unsetAll export GSH_JVMARGS="$GSH_JVMARGS -DENV=$ENV -DUSERTOKEN=$USERTOKEN" -exec bin/gsh.sh "$@" | tee /tmp/loggrouper +username=$(whoami) + +if [ "$GROUPER_GSH_CHECK_USER" = "true" ] && [ "$GROUPER_GSH_USER" != "$username" ] + then + sudo -u tomcat bin/gsh.sh "$@" | tee /tmp/loggrouper + else + exec bin/gsh.sh "$@" | tee /tmp/loggrouper + +fi + diff --git a/container_files/usr-local-bin/library.sh b/container_files/usr-local-bin/library.sh index cddab962..b24e7555 100755 --- a/container_files/usr-local-bin/library.sh +++ b/container_files/usr-local-bin/library.sh @@ -1,354 +1,18 @@ #!/bin/sh -dest=/opt/grouper/grouperWebapp/WEB-INF/ +. /usr/local/bin/libraryPrep.sh +. /usr/local/bin/libraryPrepOnly.sh +. /usr/local/bin/libraryRunCommand.sh +. /usr/local/bin/librarySetupFiles.sh +. /usr/local/bin/librarySetupFilesApache.sh +. /usr/local/bin/librarySetupFilesForComponent.sh +. /usr/local/bin/librarySetupFilesForProcess.sh +. /usr/local/bin/librarySetupFilesTomcat.sh +. /usr/local/bin/librarySetupPipe.sh + +# base definitions of hooks +. /usr/local/bin/grouperScriptHooksBase.sh + +# implementations of custom hooks +. /usr/local/bin/grouperScriptHooks.sh -setupPipe() { - if [ -e $1 ]; then - rm $1 - fi - mkfifo -m 666 $1 -} - -setupLoggingPipe() { - # Make a "console" logging pipe that anyone can write too regardless of who owns the process. - setupPipe /tmp/logpipe - cat <> /tmp/logpipe & -} - -# Make loggers pipes for the supervisord connected apps' console, so that we can prepend the streams. -setupGrouperLogPipe() { - setupPipe /tmp/loggrouper - (cat <> /tmp/loggrouper | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "grouper;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & -} - -setupHttpdLogPipe() { - setupPipe /tmp/loghttpd - (cat <> /tmp/loghttpd | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "httpd;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & -} - -setupShibdLogPipe() { - setupPipe /tmp/logshibd - (cat <> /tmp/logshibd | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "shibd;console;%s;%s;%s", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & -} - -setupTomcatLogPipe() { - setupPipe /tmp/logtomcat - (cat <> /tmp/logtomcat | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "tomee;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & -} - -setupHsqldbLogPipe() { - setupPipe /tmp/loghsqldb - (cat <> /tmp/loghsqldb | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "hsqldb;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & -} - -setupSupervisordLogPipe() { - setupPipe /tmp/logsuperd - (cat <> /tmp/logsuperd | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "supervisord;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & -} - -linkGrouperSecrets() { - for filepath in /run/secrets/*; do - local label_file=`basename $filepath` - local file=$(echo $label_file| cut -d'_' -f 2) - - if [[ $label_file == grouper_* ]]; then - ln -sf /run/secrets/$label_file $dest/classes/$file - elif [[ $label_file == shib_* ]]; then - ln -sf /run/secrets/$label_file /etc/shibboleth/$file - elif [[ $label_file == httpd_* ]]; then - ln -sf /run/secrets/$label_file /etc/httpd/conf.d/$file - elif [ "$label_file" == "host-key.pem" ]; then - ln -sf /run/secrets/host-key.pem /etc/pki/tls/private/host-key.pem - fi - done -} - -prepQuickstart() { - - if [ -z "$RUN_HSQLDB" ]; then export RUN_HSQLDB=true; fi - if [ -z "$RUN_SHIB_SP" ]; then export RUN_SHIB_SP=false; fi - if [ -z "$SELF_SIGNED_CERT" ]; then export SELF_SIGNED_CERT=true; fi - if [ -z "$GROUPER_AUTO_DDL_UPTOVERSION" ]; then export GROUPER_AUTO_DDL_UPTOVERSION='v2.5.*'; fi - if [ -z "$GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES" ]; then export GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES='0.0.0.0/0'; fi - # wait for database to start - if [ -z "$GROUPER_START_DELAY_SECONDS" ]; then export GROUPER_START_DELAY_SECONDS='10'; fi - if [ -z "$GROUPER_UI_GROUPER_AUTH" ]; then export GROUPER_UI_GROUPER_AUTH='true'; fi - if [ -z "$GROUPER_WS_GROUPER_AUTH" ]; then export GROUPER_WS_GROUPER_AUTH='true'; fi - if [ -z "$GROUPER_SCIM_GROUPER_AUTH" ] ; then export GROUPER_SCIM_GROUPER_AUTH=true; fi - - if [ ! -z "$GROUPERSYSTEM_QUICKSTART_PASS" ] - then - if [ "$GROUPER_UI_GROUPER_AUTH" = 'true' ] - then - echo '' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.base.properties - echo 'grouperPasswordConfigOverride_UI_GrouperSystem_pass.elConfig = ${elUtils.processEnvVarOrFile('"'"'GROUPERSYSTEM_QUICKSTART_PASS'"'"')}' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties - fi - if [ "$GROUPER_WS_GROUPER_AUTH" = 'true' ] - then - echo '' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.base.properties - echo 'grouperPasswordConfigOverride_WS_GrouperSystem_pass.elConfig = ${elUtils.processEnvVarOrFile('"'"'GROUPERSYSTEM_QUICKSTART_PASS'"'"')}' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties - fi - fi - -} - -prepDaemon() { - - if [ -z "$GROUPER_DAEMON" ]; then export GROUPER_DAEMON=true; fi - if [ -z "$RUN_TOMEE" ]; then export RUN_TOMEE=true; fi -} - -prepSCIM() { - if [ -z "$GROUPER_SCIM" ]; then export GROUPER_SCIM=true; fi - if [ -z "$RUN_APACHE" ]; then export RUN_APACHE=true; fi - if [ -z "$RUN_TOMEE" ]; then export RUN_TOMEE=true; fi -} - -prepUI() { - if [ -z "$GROUPER_UI" ]; then export GROUPER_UI=true; fi - if [ -z "$RUN_APACHE" ]; then export RUN_APACHE=true; fi - if [ -z "$RUN_SHIB_SP" ]; then export RUN_SHIB_SP=true; fi - if [ -z "$RUN_TOMEE" ]; then export RUN_TOMEE=true; fi -} - -prepWS() { - - if [ -z "$GROUPER_WS" ]; then export GROUPER_WS=true; fi - if [ -z "$RUN_APACHE" ]; then export RUN_APACHE=true; fi - if [ -z "$RUN_TOMEE" ]; then export RUN_TOMEE=true; fi -} - - -prepConf() { - setupLoggingPipe - setupSupervisordLogPipe - setupGrouperLogPipe - - linkGrouperSecrets $dest/classes -} - -prepUIonly() { - if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper-ui; fi -} -prepWSonly() { - if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper-ws; fi -} -prepSCIMonly() { - if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper-scim; fi -} -prepDaemonOnly() { - if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper-daemon; fi -} - -tomeeContextGrouperForUiOrAll() { - # allow all grouper contexts to run - rm /opt/tomee/conf/Catalina/localhost/grouper-ws.xml - rm /opt/tomee/conf/Catalina/localhost/grouper-ws-scim.xml - sed -i "s|__THE_AJP_URL__|ajp://localhost:8009/grouper|g" /etc/httpd/conf.d/grouper-www.conf -} -tomeeContextGrouperWsOnly() { - # only WS env, optimize the context - rm /opt/tomee/conf/Catalina/localhost/grouper-ws-scim.xml - rm /opt/tomee/conf/Catalina/localhost/grouper.xml - sed -i "s|__THE_AJP_URL__|ajp://localhost:8009/grouper-ws|g" /etc/httpd/conf.d/grouper-www.conf -} -tomeeContextGrouperScimOnly() { - # only SCIM env, optimize the context - rm /opt/tomee/conf/Catalina/localhost/grouper-ws.xml - rm /opt/tomee/conf/Catalina/localhost/grouper.xml - sed -i "s|__THE_AJP_URL__|ajp://localhost:8009/grouper-ws-scim|g" /etc/httpd/conf.d/grouper-www.conf -} - - -#finishPrep() { -# -# finishPrep2 -# -# mv /opt/tomee/conf/Catalina/localhost/grouper.xml /opt/tomee/conf/Catalina/localhost/grouper2.xml -# sed -i 's|path="/grouper"|path="/grouper2"|g' /opt/tomee/conf/Catalina/localhost/grouper2.xml -# sed -i 's|ajp://localhost:8009/grouper|ajp://localhost:8009/grouper2|g' /etc/httpd/conf.d/grouper-www.conf -# sed -i 's|ProxyPass /grouper |ProxyPass /grouper2 |g' /etc/httpd/conf.d/grouper-www.conf -# sed -i 's|/grouper/|/grouper2/|g' /etc/httpd/conf.d/grouper-www.conf -# sed -i 's|/grouper/|/grouper2/|g' /etc/httpd/conf.d/ssl-enabled.conf -# # do the httpd-shibd.conf too if needed -# -#} -# -#finishPrep2() { - -finishPrep() { - - if [ -d "/opt/grouper/slashRoot" ]; then - # Copy any files into the root filesystem - rsync -l -r -v /opt/grouper/slashRoot/ / - fi - - # tomee hsql must match the grouper one, and the version cannot be 2.3.2 since it is query bugs (unit tests fail) - rm -v /opt/tomee/lib/hsqldb-*.jar - cp -v /opt/grouper/grouperWebapp/WEB-INF/lib/hsqldb-*.jar /opt/tomee/lib/ - - # clear out existing supervisord config - cat /opt/tier-support/supervisord-base.conf > /opt/tier-support/supervisord.conf - - # default a lot of env variables - # morph defaults to null - if [ -z "$GROUPER_DATABASE_URL_FILE" ] && [ -z "$GROUPER_DATABASE_URL" ] ; then export GROUPER_DATABASE_URL=jdbc:hsqldb:hsql://localhost:9001/grouper; fi - if [ -z "$GROUPER_DATABASE_USERNAME_FILE" ] && [ -z "$GROUPER_DATABASE_USERNAME" ] ; then export GROUPER_DATABASE_USERNAME=sa; fi - # database password defaults to null - if [ -z "$GROUPER_UI_GROUPER_AUTH" ] ; then export GROUPER_UI_GROUPER_AUTH=false; fi - if [ -z "$GROUPER_WS_GROUPER_AUTH" ] ; then export GROUPER_WS_GROUPER_AUTH=false; fi - if [ -z "$GROUPER_SCIM_GROUPER_AUTH" ] ; then export GROUPER_SCIM_GROUPER_AUTH=false; fi - if [ -z "$GROUPER_CHOWN_DIRS" ] ; then export GROUPER_CHOWN_DIRS=true; fi - if [ -z "$GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES" ]; then export GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES='127.0.0.1/32'; fi - # GROUPER_AUTO_DDL_UPTOVERSION defaults to null - # GROUPER_START_DELAY_SECONDS defaults to null - if [ -z "$GROUPER_UI" ] ; then export GROUPER_UI=false; fi - if [ -z "$GROUPER_SCIM" ] ; then export GROUPER_SCIM=false; fi - if [ -z "$GROUPER_WS" ] ; then export GROUPER_WS=false; fi - if [ -z "$GROUPER_DAEMON" ] ; then export GROUPER_DAEMON=false; fi - - if [ "$GROUPER_LOG_TO_HOST" = "true" ] - then - cp /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.grouperContainerHost.properties /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties - fi - if [ "$GROUPER_WS_TOMCAT_AUTHN" = "true" ] - then - cp /opt/grouper/grouperWebapp/WEB-INF/web.wsTomcatAuthn.xml /opt/grouper/grouperWebapp/WEB-INF/web.xml - cp /opt/grouper/grouperWebapp/WEB-INF/server.wsTomcatAuthn.xml /opt/tomee/conf/server.xml - fi - - # construct the supervisord file based on FLAGS passed in or what was in CMD - - if [ "$RUN_HSQLDB" = "true" ] - then - setupHsqldbLogPipe - cat /opt/tier-support/supervisord-hsqldb.conf >> /opt/tier-support/supervisord.conf - fi - - if [ "$RUN_APACHE" = "true" ] - then - setupHttpdLogPipe - cat /opt/tier-support/supervisord-httpd.conf >> /opt/tier-support/supervisord.conf - fi - - - if [ "$RUN_TOMEE" = "true" ] - then - setupTomcatLogPipe - cat /opt/tier-support/supervisord-tomee.conf >> /opt/tier-support/supervisord.conf - fi - - if [ -f /etc/httpd/conf.d/shib.conf ] - then - mv /etc/httpd/conf.d/shib.conf /etc/httpd/conf.d/shib.conf.dontuse - fi - - if [ "$RUN_SHIB_SP" = "true" ] - then - setupShibdLogPipe - export LD_LIBRARY_PATH=/opt/shibboleth/lib64:$LD_LIBRARY_PATH - cat /opt/tier-support/supervisord-shibsp.conf >> /opt/tier-support/supervisord.conf - cp /opt/tier-support/httpd-shib.conf /etc/httpd/conf.d/ - mv /etc/httpd/conf.d/shib.conf.dontuse /etc/httpd/conf.d/shib.conf - if [ -z "$GROUPERUI_LOGOUT_REDIRECTTOURL" ]; then export GROUPERUI_LOGOUT_REDIRECTTOURL=/Shibboleth.sso/Logout; fi - fi - - # copy files to their appropriate locations based on passed in flags - if [ "$GROUPER_WS" = "true" ] - then - cp -r $dest/libWs/* $dest/lib/ - sed -i "s|__GROUPERWS_PROXY_PASS__||g" /etc/httpd/conf.d/grouper-www.conf - else - sed -i "s|__GROUPERWS_PROXY_PASS__|# |g" /etc/httpd/conf.d/grouper-www.conf - fi - - if [ "$GROUPER_SCIM" = "true" ] - then - cp -r $dest/libScim/* $dest/lib/ - sed -i "s|__GROUPERSCIM_PROXY_PASS__||g" /etc/httpd/conf.d/grouper-www.conf - else - sed -i "s|__GROUPERSCIM_PROXY_PASS__|# |g" /etc/httpd/conf.d/grouper-www.conf - fi - - if [ "$GROUPER_UI" = "true" ] || [ "$GROUPER_DAEMON" = "true" ] - then - cp -r $dest/libUiAndDaemon/* $dest/lib/ - fi - - if [ "$GROUPER_UI" = "true" ] - then - sed -i "s|__GROUPER_PROXY_PASS__||g" /etc/httpd/conf.d/grouper-www.conf - else - sed -i "s|__GROUPER_PROXY_PASS__|# |g" /etc/httpd/conf.d/grouper-www.conf - fi - - # we need to arrange the grouper context files for tomee and point from apache - # keep it simple and use grouper - if [ "$GROUPER_USE_GROUPER_CONTEXT" = "true" ] - then - tomeeContextGrouperForUiOrAll - else - if [ "$GROUPER_WS" = "true" ] && [ "$GROUPER_UI" != "true" ] && [ "$GROUPER_SCIM" != "true" ] - then - - # only WS env, optimize the context - tomeeContextGrouperWsOnly - - else - if [ "$GROUPER_WS" != "true" ] && [ "$GROUPER_UI" != "true" ] && [ "$GROUPER_SCIM" = "true" ] - then - - # only SCIM env, optimize the context - tomeeContextGrouperScimOnly - else - - # otherwise we are just grouper and everything (similar to above) - # note things will be available as needed - tomeeContextGrouperForUiOrAll - - fi - fi - - fi - - if [ "$GROUPER_WS" = "true" ] && [ "$GROUPER_UI" != "true" ] && [ "$GROUPER_SCIM" != "true" ] && [ "$GROUPER_DAEMON" != "true" ] - then - prepWSonly - fi - - if [ "$GROUPER_WS" != "true" ] && [ "$GROUPER_UI" != "true" ] && [ "$GROUPER_SCIM" = "true" ] && [ "$GROUPER_DAEMON" != "true" ] - then - prepSCIMonly - fi - - if [ "$GROUPER_WS" != "true" ] && [ "$GROUPER_UI" = "true" ] && [ "$GROUPER_SCIM" != "true" ] && [ "$GROUPER_DAEMON" != "true" ] - then - prepUIonly - fi - - if [ "$GROUPER_WS" != "true" ] && [ "$GROUPER_UI" != "true" ] && [ "$GROUPER_SCIM" != "true" ] && [ "$GROUPER_DAEMON" = "true" ] - then - prepDaemonOnly - else - - if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper; fi - sed -i "s|__GROUPER_PROXY_PASS__|$GROUPER_LOG_PREFIX|g" /etc/httpd/conf.d/grouper-www.conf - - if [ "$SELF_SIGNED_CERT" = "true" ] - then - cp /opt/tier-support/ssl-enabled.conf /etc/httpd/conf.d/ - fi - - if [ -z "$GROUPER_MAX_MEMORY" ] - then - export GROUPER_MAX_MEMORY=1500m - fi - - # do this last - if [ "$GROUPER_CHOWN_DIRS" = "true" ] - then - chown -R tomcat:tomcat /opt/grouper/grouperWebapp - fi - - -} diff --git a/container_files/usr-local-bin/libraryPrep.sh b/container_files/usr-local-bin/libraryPrep.sh new file mode 100644 index 00000000..6361bf55 --- /dev/null +++ b/container_files/usr-local-bin/libraryPrep.sh @@ -0,0 +1,225 @@ +#!/bin/sh + +prep_quickstart() { + + if [ -z "$GROUPER_RUN_HSQLDB" ]; then export GROUPER_RUN_HSQLDB=true; fi + if [ -z "$GROUPER_RUN_SHIB_SP" ]; then export GROUPER_RUN_SHIB_SP=false; fi + if [ -z "$GROUPER_SELF_SIGNED_CERT" ]; then export GROUPER_SELF_SIGNED_CERT=true; fi + if [ -z "$GROUPER_AUTO_DDL_UPTOVERSION" ]; then export GROUPER_AUTO_DDL_UPTOVERSION='v2.5.*'; fi + if [ -z "$GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES" ]; then export GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES='0.0.0.0/0'; fi + # wait for database to start + if [ -z "$GROUPER_START_DELAY_SECONDS" ]; then export GROUPER_START_DELAY_SECONDS='10'; fi + if [ -z "$GROUPER_UI_GROUPER_AUTH" ]; then export GROUPER_UI_GROUPER_AUTH='true'; fi + if [ -z "$GROUPER_WS_GROUPER_AUTH" ]; then export GROUPER_WS_GROUPER_AUTH='true'; fi + if [ -z "$GROUPER_SCIM_GROUPER_AUTH" ] ; then export GROUPER_SCIM_GROUPER_AUTH=true; fi + + if [ -z "$GROUPER_DATABASE_URL_FILE" ] && [ -z "$GROUPER_DATABASE_URL" ] ; then export GROUPER_DATABASE_URL=jdbc:hsqldb:hsql://localhost:9001/grouper; fi + if [ -z "$GROUPER_DATABASE_USERNAME_FILE" ] && [ -z "$GROUPER_DATABASE_USERNAME" ] ; then export GROUPER_DATABASE_USERNAME=sa; fi + + if [ -z "$GROUPER_QUICKSTART" ]; then export GROUPER_QUICKSTART=true; fi + +} + +prep_daemon() { + + if [ -z "$GROUPER_DAEMON" ]; then export GROUPER_DAEMON=true; fi + if [ -z "$GROUPER_RUN_TOMEE" ]; then export GROUPER_RUN_TOMEE=true; fi +} + +prep_scim() { + if [ -z "$GROUPER_SCIM" ]; then export GROUPER_SCIM=true; fi + if [ -z "$GROUPER_RUN_APACHE" ]; then export GROUPER_RUN_APACHE=true; fi + if [ -z "$GROUPER_RUN_TOMEE" ]; then export GROUPER_RUN_TOMEE=true; fi +} + +prep_ui() { + if [ -z "$GROUPER_UI" ]; then export GROUPER_UI=true; fi + if [ -z "$GROUPER_RUN_APACHE" ]; then export GROUPER_RUN_APACHE=true; fi + if [ -z "$GROUPER_RUN_SHIB_SP" ]; then export GROUPER_RUN_SHIB_SP=true; fi + if [ -z "$GROUPER_RUN_TOMEE" ]; then export GROUPER_RUN_TOMEE=true; fi +} + +prep_runUi() { + if [ -z "$GROUPER_PROXY_PASS" ] + then + if [ "$GROUPER_UI" == 'true' ] + then + export GROUPER_PROXY_PASS= + else + export GROUPER_PROXY_PASS=# + fi + + fi +} +prep_runWs() { + if [ -z "$GROUPERWS_PROXY_PASS" ] + then + if [ "$GROUPER_WS" == 'true' ] + then + export GROUPERWS_PROXY_PASS= + else + export GROUPERWS_PROXY_PASS=# + fi + + fi +} +prep_runScim() { + if [ -z "$GROUPERSCIM_PROXY_PASS" ] + then + if [ "$GROUPER_SCIM" == 'true' ] + then + export GROUPERSCIM_PROXY_PASS= + else + export GROUPERSCIM_PROXY_PASS=# + fi + + fi +} + + +prep_ws() { + + if [ -z "$GROUPER_WS" ]; then export GROUPER_WS=true; fi + if [ -z "$GROUPER_RUN_APACHE" ]; then export GROUPER_RUN_APACHE=true; fi + if [ -z "$GROUPER_RUN_TOMEE" ]; then export GROUPER_RUN_TOMEE=true; fi +} + +prep_conf() { + + prep_initDeprecatedEnvVars + setupPipe_logging + setupPipe_supervisordLog + setupPipe_grouperLog + grouperScriptHooks_prepConfPost + +} + +prep_initDeprecatedEnvVars() { + + if [ ! -z "$RUN_APACHE" ] && [ -z "$GROUPER_RUN_APACHE" ] + then + export GROUPER_RUN_APACHE="$RUN_APACHE" + fi + + if [ ! -z "$RUN_SHIB_SP" ] && [ -z "$GROUPER_RUN_SHIB_SP" ] + then + export GROUPER_RUN_SHIB_SP="$RUN_SHIB_SP" + fi + + if [ ! -z "$RUN_TOMEE" ] && [ -z "$GROUPER_RUN_TOMEE" ] + then + export GROUPER_RUN_TOMEE="$RUN_TOMEE" + fi + + if [ ! -z "$RUN_HSQLDB" ] && [ -z "$GROUPER_RUN_HSQLDB" ] + then + export GROUPER_RUN_HSQLDB="$RUN_HSQLDB" + fi + + if [ ! -z "$SELF_SIGNED_CERT" ] && [ -z "$GROUPER_SELF_SIGNED_CERT" ] + then + export GROUPER_SELF_SIGNED_CERT="$SELF_SIGNED_CERT" + fi + +} + +prep_finishBegin() { + # default a lot of env variables + # morph defaults to null + # database password defaults to null + if [ -z "$GROUPER_UI_GROUPER_AUTH" ] ; then export GROUPER_UI_GROUPER_AUTH=false; fi + if [ -z "$GROUPER_WS_GROUPER_AUTH" ] ; then export GROUPER_WS_GROUPER_AUTH=false; fi + if [ -z "$GROUPER_SCIM_GROUPER_AUTH" ] ; then export GROUPER_SCIM_GROUPER_AUTH=false; fi + if [ -z "$GROUPER_CHOWN_DIRS" ] ; then export GROUPER_CHOWN_DIRS=true; fi + if [ -z "$GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES" ]; then export GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES='127.0.0.1/32'; fi + # GROUPER_AUTO_DDL_UPTOVERSION defaults to null + # GROUPER_START_DELAY_SECONDS defaults to null + if [ -z "$GROUPER_UI" ] ; then export GROUPER_UI=false; fi + if [ -z "$GROUPER_SCIM" ] ; then export GROUPER_SCIM=false; fi + if [ -z "$GROUPER_WS" ] ; then export GROUPER_WS=false; fi + if [ -z "$GROUPER_DAEMON" ] ; then export GROUPER_DAEMON=false; fi + if [ -z "$GROUPER_USE_SSL" ]; then export GROUPER_USE_SSL=true; fi + if [ -z "$GROUPER_RUN_PROCESSES_AS_USERS" ]; then export GROUPER_RUN_PROCESSES_AS_USERS=true; fi + + # do these before the "only" component + if [ -z "$GROUPER_URL_CONTEXT" ] ; then export GROUPER_URL_CONTEXT=grouper; fi + if [ -z "$GROUPERWS_URL_CONTEXT" ] ; then export GROUPERWS_URL_CONTEXT=grouper-ws; fi + if [ -z "$GROUPERSCIM_URL_CONTEXT" ] ; then export GROUPERSCIM_URL_CONTEXT=grouper-ws-scim; fi + if [ -z "$GROUPER_APACHE_AJP_TIMEOUT_SECONDS" ] ; then export GROUPER_APACHE_AJP_TIMEOUT_SECONDS=3600; fi + + + if [ -z "$GROUPER_APACHE_SSL_PORT" ] ; then export GROUPER_APACHE_SSL_PORT=443; fi + if [ -z "$GROUPER_APACHE_NONSSL_PORT" ] ; then export GROUPER_APACHE_NONSSL_PORT=80; fi + + if [ -z "$GROUPER_GSH_CHECK_USER" ] ; then export GROUPER_GSH_CHECK_USER=true; fi + if [ -z "$GROUPER_GSH_USER" ] ; then export GROUPER_GSH_USER=tomcat; fi + +} + +prep_finishEnd() { + + # defaults after the "only" part + if [ -z "$GROUPER_TOMCAT_CONTEXT" ] ; then export GROUPER_TOMCAT_CONTEXT=grouper; fi + if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper; fi + if [ -z "$GROUPER_MAX_MEMORY" ]; then export GROUPER_MAX_MEMORY=1500m; fi + +} + +prep_finish() { + + grouperScriptHooks_prepComponentPost + + prep_finishBegin + + prepOnly + + prep_runScim + prep_runUi + prep_runWs + + prep_finishEnd + + grouperScriptHooks_finishPrepPost + + prep_unsetAll + prepOnly_unsetAll +} + +prep_unsetAll() { + unset -f prep_conf + unset -f prep_daemon + unset -f prep_finish + unset -f prep_finishBegin + unset -f prep_finishEnd + unset -f prep_initDeprecatedEnvVars + unset -f prep_quickstart + unset -f prep_runScim + unset -f prep_runUi + unset -f prep_runWs + unset -f prep_scim + unset -f prep_unsetAll + unset -f prep_ui + unset -f prep_ws + +} + +prep_exportAll() { + export -f prep_conf + export -f prep_daemon + export -f prep_finish + export -f prep_finishBegin + export -f prep_finishEnd + export -f prep_initDeprecatedEnvVars + export -f prep_quickstart + export -f prep_runScim + export -f prep_runUi + export -f prep_runWs + export -f prep_scim + export -f prep_unsetAll + export -f prep_ui + export -f prep_ws +} + +# export everything +prep_exportAll + diff --git a/container_files/usr-local-bin/libraryPrepOnly.sh b/container_files/usr-local-bin/libraryPrepOnly.sh new file mode 100644 index 00000000..feb9d6f6 --- /dev/null +++ b/container_files/usr-local-bin/libraryPrepOnly.sh @@ -0,0 +1,93 @@ +#!/bin/sh + +prepOnly_component() { + if [ "$GROUPER_WS" = "true" ] && [ "$GROUPER_UI" != "true" ] && [ "$GROUPER_SCIM" != "true" ] && [ "$GROUPER_DAEMON" != "true" ] + then + if [ -z "$GROUPER_WS_ONLY" ] ; then export GROUPER_WS_ONLY=true; fi + fi + + if [ "$GROUPER_WS" != "true" ] && [ "$GROUPER_UI" != "true" ] && [ "$GROUPER_SCIM" = "true" ] && [ "$GROUPER_DAEMON" != "true" ] + then + if [ -z "$GROUPER_SCIM_ONLY" ] ; then export GROUPER_SCIM_ONLY=true; fi + fi + + if [ "$GROUPER_WS" != "true" ] && [ "$GROUPER_UI" = "true" ] && [ "$GROUPER_SCIM" != "true" ] && [ "$GROUPER_DAEMON" != "true" ] + then + if [ -z "$GROUPER_UI_ONLY" ] ; then export GROUPER_UI_ONLY=true; fi + fi + + if [ "$GROUPER_WS" != "true" ] && [ "$GROUPER_UI" != "true" ] && [ "$GROUPER_SCIM" != "true" ] && [ "$GROUPER_DAEMON" = "true" ] + then + if [ -z "$GROUPER_DAEMON_ONLY" ] ; then export GROUPER_DAEMON_ONLY=true; fi + fi +} + +prepOnly_ui() { + if [ "$GROUPER_UI_ONLY" = "true" ] + then + if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper-ui; fi + fi +} + +prepOnly_ws() { + if [ "$GROUPER_WS_ONLY" = "true" ] + then + if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper-ws; fi + if [ -z "$GROUPER_CONTEXT_COOKIES" ]; then export GROUPER_CONTEXT_COOKIES=false; fi + # default to whatever ws context is + if [ -z "$GROUPER_TOMCAT_CONTEXT" ] ; then export GROUPER_TOMCAT_CONTEXT="$GROUPERWS_URL_CONTEXT"; fi + fi +} + +prepOnly_scim() { + if [ "$GROUPER_SCIM_ONLY" = "true" ] + then + if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper-scim; fi + if [ -z "$GROUPER_CONTEXT_COOKIES" ]; then export GROUPER_CONTEXT_COOKIES=false; fi + # default to whatever scim context is + if [ -z "$GROUPER_TOMCAT_CONTEXT" ] ; then export GROUPER_TOMCAT_CONTEXT="$GROUPERSCIM_URL_CONTEXT"; fi + fi +} + +prepOnly_daemon() { + if [ "$GROUPER_DAEMON_ONLY" = "true" ] + then + if [ -z "$GROUPER_LOG_PREFIX" ]; then export GROUPER_LOG_PREFIX=grouper-daemon; fi + fi +} + +prepOnly() { + prepOnly_component + + prepOnly_ws + + prepOnly_scim + + prepOnly_ui + + prepOnly_daemon + +} + +prepOnly_unsetAll() { + unset -f prepOnly + unset -f prepOnly_component + unset -f prepOnly_daemon + unset -f prepOnly_scim + unset -f prepOnly_ui + unset -f prepOnly_unsetAll + unset -f prepOnly_ws +} + +prepOnly_exportAll() { + export -f prepOnly + export -f prepOnly_component + export -f prepOnly_daemon + export -f prepOnly_scim + export -f prepOnly_ui + export -f prepOnly_unsetAll + export -f prepOnly_ws +} + +# export everything +prepOnly_exportAll \ No newline at end of file diff --git a/container_files/usr-local-bin/libraryRunCommand.sh b/container_files/usr-local-bin/libraryRunCommand.sh new file mode 100644 index 00000000..c75568a0 --- /dev/null +++ b/container_files/usr-local-bin/libraryRunCommand.sh @@ -0,0 +1,29 @@ +#!/bin/sh + +runCommand() { + + runCommand_unsetAll + + if [ "$GROUPER_RUN_TOMCAT_NOT_SUPERVISOR" = "true" ] + then + /opt/tomee/bin/catalina.sh run + else + exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf + fi + +} + +runCommand_unsetAll() { + unset -f runCommand + unset -f runCommand_unsetAll +} + +runCommand_exportAll() { + export -f runCommand + export -f runCommand_unsetAll + +} + +# export everything +runCommand_exportAll + diff --git a/container_files/usr-local-bin/librarySetupFiles.sh b/container_files/usr-local-bin/librarySetupFiles.sh new file mode 100644 index 00000000..81844824 --- /dev/null +++ b/container_files/usr-local-bin/librarySetupFiles.sh @@ -0,0 +1,166 @@ +#!/bin/sh + +setupFiles_linkGrouperSecrets() { + for filepath in /run/secrets/*; do + local label_file=`basename $filepath` + local file=$(echo $label_file| cut -d'_' -f 2) + + if [[ $label_file == grouper_* ]]; then + ln -sf /run/secrets/$label_file /opt/grouper/grouperWebapp/WEB-INF/classes/$file + elif [[ $label_file == shib_* ]]; then + ln -sf /run/secrets/$label_file /etc/shibboleth/$file + elif [[ $label_file == httpd_* ]]; then + ln -sf /run/secrets/$label_file /etc/httpd/conf.d/$file + elif [ "$label_file" == "host-key.pem" ]; then + ln -sf /run/secrets/host-key.pem /etc/pki/tls/private/host-key.pem + fi + done +} + +setupFiles_rsyncSlashRoot() { + if [ -d "/opt/grouper/slashRoot" ]; then + # Copy any files into the root filesystem + rsync -l -r -v /opt/grouper/slashRoot/ / + fi + +} + +setupFiles_localLogging() { + if [ "$GROUPER_LOG_TO_HOST" = "true" ] + then + cp /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.grouperContainerHost.properties /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties + fi + +} + +setupFiles_loggingPrefix() { + sed -i "s|__GROUPER_LOG_PREFIX__|$GROUPER_LOG_PREFIX|g" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties +} + +setupFiles_chownDirs() { + # do this last + if [ "$GROUPER_CHOWN_DIRS" = "true" ] + then + chown -R tomcat:tomcat /opt/grouper/grouperWebapp + chown -R tomcat:tomcat /opt/tomee + fi +} + +setupFiles_storeEnvVars() { + + echo "#!/bin/sh" > /usr/local/bin/grouperEnv.sh + echo "" >> /usr/local/bin/grouperEnv.sh + + # go through env vars, should start with GROUPER and have an equals sign in there + env | grep "^GROUPER" | grep "=" >> /usr/local/bin/grouperEnv.sh + + sed -i "s|^GROUPER|export GROUPER|g" /usr/local/bin/grouperEnv.sh + + if [ ! -f /home/tomcat/.bashrc ] + then + echo "Why doesnt /home/tomcat/.bashrc exist????" + exit 1 + fi + if ! grep -q grouperEnv /home/tomcat/.bashrc + then + echo "" >> /home/tomcat/.bashrc + echo ". /usr/local/bin/grouperEnv.sh" >> /home/tomcat/.bashrc + echo "" >> /home/tomcat/.bashrc + fi + + + # we need these global + if [ ! -f /etc/bashrc ] + then + echo "Why doesnt /etc/bashrc exist????" + exit 1 + fi + if ! grep -q GROUPER_GSH_CHECK_USER /etc/bashrc + then + echo "" >> /etc/bashrc + echo "export GROUPER_GSH_CHECK_USER=$GROUPER_GSH_CHECK_USER" >> /etc/bashrc + echo "export GROUPER_GSH_USER=$GROUPER_GSH_USER" >> /etc/bashrc + echo "export JAVA_HOME=$JAVA_HOME" >> /etc/bashrc + echo "export PATH=$JAVA_HOME/bin:\$PATH" >> /etc/bashrc + echo "" >> /etc/bashrc + + fi +} + +setupFiles() { + + if [ "$GROUPER_SETUP_FILES_COMPLETE" = "true" ] + then + return + fi + + # do this first + setupFiles_storeEnvVars + + setupFiles_rsyncSlashRoot + + setupFiles_linkGrouperSecrets + + # this needs to be first + setupFilesForProcess_supervisor + + setupFilesApache + + setupFilesTomcat + + setupFilesForProcess + + # this needs to be last + setupFilesForProcess_supervisorFinal + + setupFilesForComponent + + setupFiles_localLogging + + setupFiles_loggingPrefix + + grouperScriptHooks_setupFilesPost + + # do this last + setupFiles_chownDirs + + grouperScriptHooks_setupFilesPostChown + + export GROUPER_SETUP_FILES_COMPLETE=true + + setupFiles_unsetAll + setupFilesApache_unsetAll + setupFilesForComponent_unsetAll + setupFilesForProcess_unsetAll + setupFilesTomcat_unsetAll + setupPipe_unsetAll + grouperScriptHooks_unsetAll + +} + +setupFiles_unsetAll() { + unset -f setupFiles + unset -f setupFiles_chownDirs + unset -f setupFiles_linkGrouperSecrets + unset -f setupFiles_localLogging + unset -f setupFiles_loggingPrefix + unset -f setupFiles_rsyncSlashRoot + unset -f setupFiles_storeEnvVars + unset -f setupFiles_unsetAll +} + +setupFiles_exportAll() { + export -f setupFiles + export -f setupFiles_chownDirs + export -f setupFiles_linkGrouperSecrets + export -f setupFiles_localLogging + export -f setupFiles_loggingPrefix + export -f setupFiles_rsyncSlashRoot + export -f setupFiles_storeEnvVars + export -f setupFiles_unsetAll +} + +# export everything +setupFiles_exportAll + + diff --git a/container_files/usr-local-bin/librarySetupFilesApache.sh b/container_files/usr-local-bin/librarySetupFilesApache.sh new file mode 100644 index 00000000..2d689ad2 --- /dev/null +++ b/container_files/usr-local-bin/librarySetupFilesApache.sh @@ -0,0 +1,87 @@ +#!/bin/bash + +setupFilesApache_selfSignedCert() { + if [ "$GROUPER_SELF_SIGNED_CERT" = "true" ] && [ "$GROUPER_USE_SSL" = "true" ] + then + cp /opt/tier-support/ssl-enabled.conf /etc/httpd/conf.d/ + fi +} + +setupFilesApache_ssl() { + if [ "$GROUPER_USE_SSL" != "true" ] + then + if [ -f /etc/httpd/conf.d/ssl.conf ] + then + mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.dontuse + fi + if [ -f /etc/httpd/conf.d/ssl-enabled.conf ] + then + mv /etc/httpd/conf.d/ssl-enabled.conf /etc/httpd/conf.d/ssl-enabled.conf.dontuse + fi + fi +} + +setupFilesApache_logging() { + if [ "$GROUPER_RUN_APACHE" = "true" ] + then + setupPipe_httpdLog + fi + +} + +setupFilesApache_supervisor() { + if [ "$GROUPER_RUN_APACHE" = "true" ] + then + cat /opt/tier-support/supervisord-httpd.conf >> /opt/tier-support/supervisord.conf + fi + +} + +setupFilesApache_ports() { + + # filter the ssl config for ssl port + + if [ -f /etc/httpd/conf.d/ssl-enabled.conf ] + then + sed -i "s|__GROUPER_APACHE_SSL_PORT__|$GROUPER_APACHE_SSL_PORT|g" /etc/httpd/conf.d/ssl-enabled.conf + fi + + if [ "$GROUPER_APACHE_NONSSL_PORT" != "80" ] + then + sed -i "s|Listen 80|Listen $GROUPER_APACHE_NONSSL_PORT|g" /etc/httpd/conf/httpd.conf + fi + +} + +setupFilesApache() { + setupFilesApache_logging + setupFilesApache_supervisor + setupFilesApache_selfSignedCert + setupFilesApache_ports + setupFilesApache_ssl +} + +setupFilesApache_unsetAll() { + unset -f setupFilesApache + unset -f setupFilesApache_logging + unset -f setupFilesApache_ports + unset -f setupFilesApache_selfSignedCert + unset -f setupFilesApache_ssl + unset -f setupFilesApache_supervisor + unset -f setupFilesApache_unsetAll +} + +setupFilesApache_exportAll() { + export -f setupFilesApache + export -f setupFilesApache_logging + export -f setupFilesApache_ports + export -f setupFilesApache_selfSignedCert + export -f setupFilesApache_ssl + export -f setupFilesApache_supervisor + export -f setupFilesApache_unsetAll +} + +# export everything +setupFilesApache_exportAll + + diff --git a/container_files/usr-local-bin/librarySetupFilesForComponent.sh b/container_files/usr-local-bin/librarySetupFilesForComponent.sh new file mode 100644 index 00000000..e7fd2b48 --- /dev/null +++ b/container_files/usr-local-bin/librarySetupFilesForComponent.sh @@ -0,0 +1,84 @@ +#!/bin/bash + +setupFilesForComponent_ws() { + + # copy files to their appropriate locations based on passed in flags + if [ "$GROUPER_WS" = "true" ] + then + cp -r /opt/grouper/grouperWebapp/WEB-INF/libWs/* /opt/grouper/grouperWebapp/WEB-INF/lib/ + fi + +} + +setupFilesForComponent_scim() { + + if [ "$GROUPER_SCIM" = "true" ] + then + cp -r /opt/grouper/grouperWebapp/WEB-INF/libScim/* /opt/grouper/grouperWebapp/WEB-INF/lib/ + fi + +} + +setupFilesForComponent_ui() { + + if [ "$GROUPER_UI" = "true" ] || [ "$GROUPER_DAEMON" = "true" ] + then + cp -r /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/* /opt/grouper/grouperWebapp/WEB-INF/lib/ + fi + +} + +setupFilesForComponent_quickstart() { + + if [ ! -z "$GROUPERSYSTEM_QUICKSTART_PASS" ] && [ "$GROUPER_QUICKSTART" = 'true' ] + then + if [ "$GROUPER_UI_GROUPER_AUTH" = 'true' ] + then + echo '' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.base.properties + echo 'grouperPasswordConfigOverride_UI_GrouperSystem_pass.elConfig = ${elUtils.processEnvVarOrFile('"'"'GROUPERSYSTEM_QUICKSTART_PASS'"'"')}' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties + fi + if [ "$GROUPER_WS_GROUPER_AUTH" = 'true' ] + then + echo '' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.base.properties + echo 'grouperPasswordConfigOverride_WS_GrouperSystem_pass.elConfig = ${elUtils.processEnvVarOrFile('"'"'GROUPERSYSTEM_QUICKSTART_PASS'"'"')}' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties + fi + fi + +} + +setupFilesForComponent() { + + setupFilesForComponent_ws + + setupFilesForComponent_scim + + setupFilesForComponent_ui + + setupFilesForComponent_quickstart + +} + + +setupFilesForComponent_unsetAll() { + unset -f setupFilesForComponent + unset -f setupFilesForComponent_quickstart + unset -f setupFilesForComponent_scim + unset -f setupFilesForComponent_ui + unset -f setupFilesForComponent_unsetAll + unset -f setupFilesForComponent_ws +} + +setupFilesForComponent_exportAll() { + export -f setupFilesForComponent + export -f setupFilesForComponent_quickstart + export -f setupFilesForComponent_scim + export -f setupFilesForComponent_ui + export -f setupFilesForComponent_unsetAll + export -f setupFilesForComponent_ws + +} + +# export everything +setupFilesForComponent_exportAll + + diff --git a/container_files/usr-local-bin/librarySetupFilesForProcess.sh b/container_files/usr-local-bin/librarySetupFilesForProcess.sh new file mode 100644 index 00000000..9ab7e6fd --- /dev/null +++ b/container_files/usr-local-bin/librarySetupFilesForProcess.sh @@ -0,0 +1,96 @@ +#!/bin/bash + +setupFilesForProcess_hsqldb() { + # construct the supervisord file based on FLAGS passed in or what was in CMD + + if [ "$GROUPER_RUN_HSQLDB" = "true" ] + then + setupPipe_hsqldbLog + cat /opt/tier-support/supervisord-hsqldb.conf >> /opt/tier-support/supervisord.conf + fi + +} + +setupFilesForProcess_hsqldbVersions() { + + # tomee hsql must match the grouper one, and the version cannot be 2.3.2 since it is query bugs (unit tests fail) + rm -v /opt/tomee/lib/hsqldb-*.jar + cp -v /opt/grouper/grouperWebapp/WEB-INF/lib/hsqldb-*.jar /opt/tomee/lib/ + +} + +setupFilesForProcess_supervisor() { + + # clear out existing supervisord config + cat /opt/tier-support/supervisord-base.conf > /opt/tier-support/supervisord.conf + +} + +setupFilesForProcess() { + + setupFilesForProcess_hsqldbVersions + + setupFilesForProcess_hsqldb + + setupFilesForProcess_shib + +} + +setupFilesForProcess_supervisorFinal() { + + if [ "$GROUPER_RUN_PROCESSES_AS_USERS" = "true" ] + then + # let these lines live + sed -i "s|__GROUPER_RUN_PROCESSES_AS_USERS__||g" /opt/tier-support/supervisord.conf + else + # comment out these lines + sed -i "s|__GROUPER_RUN_PROCESSES_AS_USERS__|;|g" /opt/tier-support/supervisord.conf + fi + +} + +setupFilesForProcess_shib() { + + if [ -f /etc/httpd/conf.d/shib.conf ] + then + mv /etc/httpd/conf.d/shib.conf /etc/httpd/conf.d/shib.conf.dontuse + fi + + if [ "$GROUPER_RUN_SHIB_SP" = "true" ] + then + setupPipe_shibdLog + export LD_LIBRARY_PATH=/opt/shibboleth/lib64:$LD_LIBRARY_PATH + cat /opt/tier-support/supervisord-shibsp.conf >> /opt/tier-support/supervisord.conf + cp /opt/tier-support/httpd-shib.conf /etc/httpd/conf.d/ + mv /etc/httpd/conf.d/shib.conf.dontuse /etc/httpd/conf.d/shib.conf + if [ -z "$GROUPERUI_LOGOUT_REDIRECTTOURL" ]; then export GROUPERUI_LOGOUT_REDIRECTTOURL=/Shibboleth.sso/Logout; fi + fi + + +} + +setupFilesForProcess_unsetAll() { + + unset -f setupFilesForProcess + unset -f setupFilesForProcess_hsqldb + unset -f setupFilesForProcess_hsqldbVersions + unset -f setupFilesForProcess_shib + unset -f setupFilesForProcess_supervisor + unset -f setupFilesForProcess_supervisorFinal + unset -f setupFilesForProcess_unsetAll + +} + +setupFilesForProcess_exportAll() { + + export -f setupFilesForProcess + export -f setupFilesForProcess_hsqldb + export -f setupFilesForProcess_hsqldbVersions + export -f setupFilesForProcess_shib + export -f setupFilesForProcess_supervisor + export -f setupFilesForProcess_supervisorFinal + export -f setupFilesForProcess_unsetAll +} + +# export everything +setupFilesForProcess_exportAll diff --git a/container_files/usr-local-bin/librarySetupFilesTomcat.sh b/container_files/usr-local-bin/librarySetupFilesTomcat.sh new file mode 100644 index 00000000..192822c0 --- /dev/null +++ b/container_files/usr-local-bin/librarySetupFilesTomcat.sh @@ -0,0 +1,102 @@ +#!/bin/bash + +setupFilesTomcat() { + setupFilesTomcat_logging + setupFilesTomcat_supervisor + setupFilesTomcat_authn + setupFilesTomcat_context +} + +setupFilesTomcat_context() { + + if [ -f /opt/tomee/conf/Catalina/localhost/grouper.xml ] + then + # ws only and scim only dont have cookies + if [ "$GROUPER_CONTEXT_COOKIES" = "false" ] + then + sed -i "s|__GROUPER_CONTEXT_COOKIES__|cookies="false"|g" /opt/tomee/conf/Catalina/localhost/grouper.xml + else + sed -i "s|__GROUPER_CONTEXT_COOKIES__||g" /opt/tomee/conf/Catalina/localhost/grouper.xml + fi + + # setup context + sed -i "s|__GROUPER_TOMCAT_CONTEXT__|$GROUPER_TOMCAT_CONTEXT|g" /opt/tomee/conf/Catalina/localhost/grouper.xml + + # rename file if needed since that can matter with tomcat + if [ "$GROUPER_TOMCAT_CONTEXT" != "grouper" ] + then + mv /opt/tomee/conf/Catalina/localhost/grouper.xml "/opt/tomee/conf/Catalina/localhost/$GROUPER_TOMCAT_CONTEXT.xml" + fi + + fi + + # setup the apache linkage to tomcat + if [ -f /etc/httpd/conf.d/grouper-www.conf ] + then + sed -i "s|__GROUPER_APACHE_AJP_TIMEOUT_SECONDS__|$GROUPER_APACHE_AJP_TIMEOUT_SECONDS|g" /etc/httpd/conf.d/grouper-www.conf + sed -i "s|__GROUPER_TOMCAT_CONTEXT__|$GROUPER_TOMCAT_CONTEXT|g" /etc/httpd/conf.d/grouper-www.conf + sed -i "s|__GROUPER_URL_CONTEXT__|$GROUPER_URL_CONTEXT|g" /etc/httpd/conf.d/grouper-www.conf + sed -i "s|__GROUPERWS_URL_CONTEXT__|$GROUPERWS_URL_CONTEXT|g" /etc/httpd/conf.d/grouper-www.conf + sed -i "s|__GROUPERSCIM_URL_CONTEXT__|$GROUPERSCIM_URL_CONTEXT|g" /etc/httpd/conf.d/grouper-www.conf + sed -i "s|__GROUPER_PROXY_PASS__|$GROUPER_PROXY_PASS|g" /etc/httpd/conf.d/grouper-www.conf + sed -i "s|__GROUPER_PROXY_PASS__|$GROUPER_PROXY_PASS|g" /etc/httpd/conf.d/ssl-enabled.conf + sed -i "s|__GROUPERSCIM_PROXY_PASS__|$GROUPERSCIM_PROXY_PASS|g" /etc/httpd/conf.d/grouper-www.conf + sed -i "s|__GROUPERWS_PROXY_PASS__|$GROUPERWS_PROXY_PASS|g" /etc/httpd/conf.d/grouper-www.conf + fi + +} + +setupFilesTomcat_authn() { + + if [ "$GROUPER_WS_TOMCAT_AUTHN" = "true" ] + then + cp /opt/grouper/grouperWebapp/WEB-INF/web.wsTomcatAuthn.xml /opt/grouper/grouperWebapp/WEB-INF/web.xml + cp /opt/grouper/grouperWebapp/WEB-INF/server.wsTomcatAuthn.xml /opt/tomee/conf/server.xml + fi + +} + +setupFilesTomcat_logging() { + + if [ "$GROUPER_RUN_TOMEE" = "true" ] + then + setupPipe_tomcatLog + fi + +} + +setupFilesTomcat_supervisor() { + + if [ "$GROUPER_RUN_TOMEE" = "true" ] + then + cat /opt/tier-support/supervisord-tomee.conf >> /opt/tier-support/supervisord.conf + fi + +} + + +setupFilesTomcat_unsetAll() { + + unset -f setupFilesTomcat + unset -f setupFilesTomcat_authn + unset -f setupFilesTomcat_context + unset -f setupFilesTomcat_logging + unset -f setupFilesTomcat_supervisor + unset -f setupFilesTomcat_unsetAll + +} + +setupFilesTomcat_exportAll() { + + export -f setupFilesTomcat + export -f setupFilesTomcat_authn + export -f setupFilesTomcat_context + export -f setupFilesTomcat_logging + export -f setupFilesTomcat_supervisor + export -f setupFilesTomcat_unsetAll + +} + +# export everything +setupFilesTomcat_exportAll + diff --git a/container_files/usr-local-bin/librarySetupPipe.sh b/container_files/usr-local-bin/librarySetupPipe.sh new file mode 100644 index 00000000..f38412c1 --- /dev/null +++ b/container_files/usr-local-bin/librarySetupPipe.sh @@ -0,0 +1,77 @@ +#!/bin/sh + +setupPipe() { + if [ -e $1 ]; then + rm $1 + fi + mkfifo -m 666 $1 +} + +setupPipe_logging() { + # Make a "console" logging pipe that anyone can write too regardless of who owns the process. + setupPipe /tmp/logpipe + cat <> /tmp/logpipe & +} + +# Make loggers pipes for the supervisord connected apps' console, so that we can prepend the streams. +setupPipe_grouperLog() { + setupPipe /tmp/loggrouper + (cat <> /tmp/loggrouper | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "grouper;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & +} + +setupPipe_httpdLog() { + setupPipe /tmp/loghttpd + (cat <> /tmp/loghttpd | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "httpd;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & +} + +setupPipe_shibdLog() { + setupPipe /tmp/logshibd + (cat <> /tmp/logshibd | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "shibd;console;%s;%s;%s", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & +} + +setupPipe_tomcatLog() { + setupPipe /tmp/logtomcat + (cat <> /tmp/logtomcat | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "tomee;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & +} + +setupPipe_hsqldbLog() { + setupPipe /tmp/loghsqldb + (cat <> /tmp/loghsqldb | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "hsqldb;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & +} + +setupPipe_supervisordLog() { + setupPipe /tmp/logsuperd + (cat <> /tmp/logsuperd | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "supervisord;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) & +} + +setupPipe_unsetAll() { + + unset -f setupPipe + unset -f setupPipe_grouperLog + unset -f setupPipe_hsqldbLog + unset -f setupPipe_httpdLog + unset -f setupPipe_logging + unset -f setupPipe_shibdLog + unset -f setupPipe_supervisordLog + unset -f setupPipe_tomcatLog + unset -f setupPipe_unsetAll + +} + +setupPipe_exportAll() { + + export -f setupPipe + export -f setupPipe_grouperLog + export -f setupPipe_hsqldbLog + export -f setupPipe_httpdLog + export -f setupPipe_logging + export -f setupPipe_shibdLog + export -f setupPipe_supervisordLog + export -f setupPipe_tomcatLog + export -f setupPipe_unsetAll + +} + +# export everything +setupPipe_exportAll + diff --git a/container_files/usr-local-bin/quickstart b/container_files/usr-local-bin/quickstart index 8ecdca46..0fb7d383 100755 --- a/container_files/usr-local-bin/quickstart +++ b/container_files/usr-local-bin/quickstart @@ -1,12 +1,11 @@ #!/bin/bash -. /usr/local/bin/library.sh +prep_quickstart +prep_ui +prep_ws +prep_scim +prep_daemon +prep_finish +setupFiles -prepQuickstart -prepUI -prepWS -prepSCIM -prepDaemon -finishPrep - -exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf +runCommand \ No newline at end of file diff --git a/container_files/usr-local-bin/scim b/container_files/usr-local-bin/scim index 9d208d37..f50697ac 100755 --- a/container_files/usr-local-bin/scim +++ b/container_files/usr-local-bin/scim @@ -1,8 +1,7 @@ #!/bin/bash -. /usr/local/bin/library.sh +prep_scim +prep_finish +setupFiles -prepSCIM -finishPrep - -exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf +runCommand \ No newline at end of file diff --git a/container_files/usr-local-bin/ui b/container_files/usr-local-bin/ui index af4d3cb4..ef417f8b 100755 --- a/container_files/usr-local-bin/ui +++ b/container_files/usr-local-bin/ui @@ -1,8 +1,7 @@ #!/bin/bash -. /usr/local/bin/library.sh +prep_ui +prep_finish +setupFiles -prepUI -finishPrep - -exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf +runCommand \ No newline at end of file diff --git a/container_files/usr-local-bin/ui-ws b/container_files/usr-local-bin/ui-ws index 75b8d99f..4e5dd61e 100755 --- a/container_files/usr-local-bin/ui-ws +++ b/container_files/usr-local-bin/ui-ws @@ -1,9 +1,8 @@ #!/bin/bash -. /usr/local/bin/library.sh +prep_ui +prep_ws +prep_finish +setupFiles -prepUI -prepWS -finishPrep - -exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf +runCommand \ No newline at end of file diff --git a/container_files/usr-local-bin/ws b/container_files/usr-local-bin/ws index 101461c3..6fafe7f0 100755 --- a/container_files/usr-local-bin/ws +++ b/container_files/usr-local-bin/ws @@ -1,8 +1,7 @@ #!/bin/bash -. /usr/local/bin/library.sh +prep_ws +prep_finish +setupFiles -prepWS -finishPrep - -exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf +runCommand \ No newline at end of file