GRP-3088: enable grouper container to work with openshift

docker · Jan 11, 2021 · d8bc1e7 · d8bc1e7
1 parent 04563ff
commit d8bc1e7
Showing 7 changed files with 38 additions and 20 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -100,6 +100,12 @@ COPY container_files/httpd/* /etc/httpd/conf.d/
 COPY container_files/shibboleth/* /etc/shibboleth/
 RUN cp /dev/null /etc/httpd/conf.d/ssl.conf 
 
+# this is to improve openshift
+RUN touch /opt/grouper/grouperEnv.sh \
+    && mkdir -p /opt/tomee/work/Catalina/localhost/ \
+    && chgrp -R root  /opt/grouper/ /etc/httpd/conf/ /home/tomcat/ /opt/tomee/ /usr/local/bin /etc/httpd/conf.d/ /opt/hsqldb/ /opt/tier-support/ \
+    && chmod -R g+rwx /opt/grouper/ /etc/httpd/conf/ /home/tomcat/ /opt/tomee/ /usr/local/bin /etc/httpd/conf.d/ /opt/hsqldb/ /opt/tier-support/
+
 # keep backup of files
 RUN mkdir -p /opt/tier-support/originalFiles ; \
   cp /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties /opt/tier-support/originalFiles 2>/dev/null ; \

diff --git a/container_files/usr-local-bin/gsh b/container_files/usr-local-bin/gsh
@@ -7,9 +7,8 @@ runCommand_unsetAll
 
 export GSH_JVMARGS="$GSH_JVMARGS -DENV=$ENV -DUSERTOKEN=$USERTOKEN"
 
-username=$(whoami)
-
-if [ "$GROUPER_GSH_CHECK_USER" = "true"  ] && [ "$GROUPER_GSH_USER" != "$username" ]
+# openshift cannot do whoami
+if [ "$GROUPER_GSH_CHECK_USER" = "true"  ] && [ "$GROUPER_GSH_USER" != "$(whoami)" ]
   then
     sudo -u tomcat bin/gsh.sh "$@" | tee /tmp/loggrouper
   else 

diff --git a/container_files/usr-local-bin/library.sh b/container_files/usr-local-bin/library.sh
@@ -1,10 +1,15 @@
 #!/bin/bash
 
 echo "grouperContainer; INFO: (library.sh) Start loading library.sh"
-dos2unix /usr/local/bin/library*.sh
-echo "grouperContainer; INFO: (library.sh) dos2unix /usr/local/bin/library*.sh , result=$?"
-dos2unix /usr/local/bin/grouper*.sh
-echo "grouperContainer; INFO: (library.sh) dos2unix /usr/local/bin/grouper*.sh , result=$?"
+#dos2unix /usr/local/bin/library*.sh
+#echo "grouperContainer; INFO: (library.sh) dos2unix /usr/local/bin/library*.sh , result=$?"
+#dos2unix /usr/local/bin/grouper*.sh
+#echo "grouperContainer; INFO: (library.sh) dos2unix /usr/local/bin/grouper*.sh , result=$?"
+#for f in /usr/local/bin/library*.sh /usr/local/bin/grouper*.sh; do
+#  TFILE=$(mktemp) && dos2unix -q -n $f $TFILE && cat $TFILE > $f
+#  echo "grouperContainer; INFO: (library.sh) dos2unix $f, result=$?"
+#  rm $TFILE
+#done
 
 . /usr/local/bin/libraryPrep.sh
 . /usr/local/bin/libraryPrepOnly.sh

diff --git a/container_files/usr-local-bin/libraryPrep.sh b/container_files/usr-local-bin/libraryPrep.sh
@@ -1,9 +1,14 @@
 #!/bin/bash
 
+prep_openshift() {
+  if [ -z "$GROUPER_CHOWN_DIRS" ]; then export GROUPER_CHOWN_DIRS=false; fi
+  if [ -z "$GROUPER_SHIB_LOG_USE_PIPE" ]; then export GROUPER_SHIB_LOG_USE_PIPE=false; fi
+  if [ -z "$GROUPER_GSH_CHECK_USER" ]; then export GROUPER_GSH_CHECK_USER=false; fi
+  if [ -z "$GROUPER_RUN_PROCESSES_AS_USERS" ]; then export GROUPER_RUN_PROCESSES_AS_USERS=false; fi
+}
+
 prep_quickstart() {
 
-
-
     if [ "$GROUPER_RUN_TOMCAT_NOT_SUPERVISOR" != "true" ]; then
       if [ -z "$GROUPER_RUN_HSQLDB" ]; then export GROUPER_RUN_HSQLDB=true; fi
       if [ -z "$GROUPER_SELF_SIGNED_CERT" ]; then export GROUPER_SELF_SIGNED_CERT=true; fi
@@ -141,8 +146,9 @@ prep_finishBegin() {
     # default a lot of env variables
     # morph defaults to null
     # database password defaults to null
-
-
+    if [ "$GROUPER_OPENSHIFT" == 'true' ]; then
+      prep_openshift
+    fi  
     if [ -z "$GROUPER_UI_GROUPER_AUTH" ] ; then export GROUPER_UI_GROUPER_AUTH=false; fi
     if [ -z "$GROUPER_WS_GROUPER_AUTH" ] ; then export GROUPER_WS_GROUPER_AUTH=false; fi
     if [ -z "$GROUPER_SCIM_GROUPER_AUTH" ] ; then export GROUPER_SCIM_GROUPER_AUTH=false; fi
@@ -244,6 +250,7 @@ prep_unsetAll() {
   unset -f prep_finishBegin
   unset -f prep_finishEnd
   unset -f prep_initDeprecatedEnvVars
+  unset -f prep_openshift
   unset -f prep_quickstart
   unset -f prep_runScim
   unset -f prep_runUi
@@ -263,6 +270,7 @@ prep_exportAll() {
   export -f prep_finishBegin
   export -f prep_finishEnd
   export -f prep_initDeprecatedEnvVars
+  export -f prep_openshift
   export -f prep_quickstart
   export -f prep_runScim
   export -f prep_runUi

diff --git a/container_files/usr-local-bin/librarySetupFilesForProcess.sh b/container_files/usr-local-bin/librarySetupFilesForProcess.sh
@@ -14,8 +14,8 @@ setupFilesForProcess_hsqldb() {
 setupFilesForProcess_hsqldbVersions() {
 
     # tomee hsql must match the grouper one, and the version cannot be 2.3.2 since it is query bugs (unit tests fail)
-    rm /opt/tomee/lib/hsqldb-*.jar
-    echo "grouperContainer; INFO: (librarySetupFilesForProcess.sh-setupFilesForProcess_hsqldbVersions) rm /opt/tomee/lib/hsqldb-*.jar , result: $?"
+    rm -f /opt/tomee/lib/hsqldb-*.jar
+    echo "grouperContainer; INFO: (librarySetupFilesForProcess.sh-setupFilesForProcess_hsqldbVersions) rm -f /opt/tomee/lib/hsqldb-*.jar , result: $?"
     cp /opt/grouper/grouperWebapp/WEB-INF/lib/hsqldb-*.jar /opt/tomee/lib/
     echo "grouperContainer; INFO: (librarySetupFilesForProcess.sh-setupFilesForProcess_hsqldbVersions) cp /opt/grouper/grouperWebapp/WEB-INF/lib/hsqldb-*.jar /opt/tomee/lib/ , result: $?"
 

diff --git a/container_files/usr-local-bin/librarySetupFilesTomcat.sh b/container_files/usr-local-bin/librarySetupFilesTomcat.sh
@@ -142,18 +142,18 @@ setupFilesTomcat_authn() {
 
 setupFilesTomcat_loggingSlf4j() {
 
-  rm /opt/tomee/lib/slf4j-api*.jar
-  echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_loggingSlf4j) rm /opt/tomee/lib/slf4j-api*.jar , result: $?"
-  rm /opt/tomee/lib/slf4j-jdk*.jar
-  echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_loggingSlf4j) rm /opt/tomee/lib/slf4j-jdk*.jar , result: $?"
+  rm -f /opt/tomee/lib/slf4j-api*.jar
+  echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_loggingSlf4j) rm -f /opt/tomee/lib/slf4j-api*.jar , result: $?"
+  rm -f /opt/tomee/lib/slf4j-jdk*.jar
+  echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_loggingSlf4j) rm -f /opt/tomee/lib/slf4j-jdk*.jar , result: $?"
   cp /opt/grouper/grouperWebapp/WEB-INF/lib/slf4j-api-*.jar /opt/tomee/lib
   echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_loggingSlf4j) cp /opt/grouper/grouperWebapp/WEB-INF/lib/slf4j-api-*.jar /opt/tomee/lib , result: $?"
   # tomee uses the jdk one
   cp /opt/grouper/grouperWebapp/WEB-INF/lib/slf4j-jdk*.jar /opt/tomee/lib
   echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_loggingSlf4j) cp /opt/grouper/grouperWebapp/WEB-INF/lib/slf4j-jdk*.jar /opt/tomee/lib , result: $?"
   # grouper uses the log4j one
-  rm /opt/grouper/grouperWebapp/WEB-INF/lib/slf4j-jdk*.jar
-  echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_loggingSlf4j) rm /opt/grouper/grouperWebapp/WEB-INF/lib/slf4j-jdk*.jar , result: $?"
+  rm -f /opt/grouper/grouperWebapp/WEB-INF/lib/slf4j-jdk*.jar
+  echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_loggingSlf4j) rm -f /opt/grouper/grouperWebapp/WEB-INF/lib/slf4j-jdk*.jar , result: $?"
 
 }
 

diff --git a/container_files/usr-local-bin/librarySetupPipe.sh b/container_files/usr-local-bin/librarySetupPipe.sh
@@ -3,7 +3,7 @@
 setupPipe() {
     echo "grouperContainer; INFO: (librarySetupPipe.sh-setupPipe) Setup pipe: $1"
     if [ -e $1 ]; then
-        rm $1
+        rm -f $1
     fi
     mkfifo -m 666 $1
 }