.gitignore

@@ -7,3 +7,4 @@ bin/run.sh
 bin/start.sh
 bin/stop.sh
 bin/test.sh
+/.project

Dockerfile

@@ -1,154 +1,95 @@
 FROM centos:centos7 as installing
-
 RUN yum update -y \
-    && yum install -y wget tar unzip dos2unix \
+    && yum install -y wget tar unzip dos2unix patch \
     && yum clean all
 
+RUN yum install -y wget tar unzip dos2unix patch
+
 ARG GROUPER_CONTAINER_VERSION
-
-ENV GROUPER_VERSION=2.4.0 \
-     JAVA_HOME=/usr/lib/jvm/zulu-8/ \
+ENV GROUPER_VERSION=2.5.29 \
      GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION
 
-# use Zulu package
-RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems \
-       && curl -o /etc/yum.repos.d/zulu.repo http://repos.azulsystems.com/rhel/zulu.repo \
-       && yum -y install zulu-8 
-
-#RUN java_version=8.0.172; \
-#    zulu_version=8.30.0.1; \
-#    echo 'Downloading the OpenJDK Zulu...' \
-#    && wget -q http://cdn.azul.com/zulu/bin/zulu$zulu_version-jdk$java_version-linux_x64.tar.gz \
-#    && echo "0a101a592a177c1c7bc63738d7bc2930  zulu$zulu_version-jdk$java_version-linux_x64.tar.gz" | md5sum -c - \
-#    && tar -zxvf zulu$zulu_version-jdk$java_version-linux_x64.tar.gz -C /opt \
-#    && ln -s /opt/zulu$zulu_version-jdk$java_version-linux_x64 $JAVA_HOME
-
-#RUN java_version=8u151; \
-#    java_bnumber=12; \
-#    java_semver=1.8.0_151; \
-#    java_hash=123b1d755416aa7579abc03f01ab946e612e141b6f7564130f2ada00ed913f1d; \
-#    echo 'Downloading the Oracle Java...' \ 
-#    && wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" \
-#    http://download.oracle.com/otn-pub/java/jdk/$java_version-b$java_bnumber/e758a0de34e24606bca991d704f6dcbf/server-jre-$java_version-linux-x64.tar.gz \
-#    && echo "$java_hash  server-jre-$java_version-linux-x64.tar.gz" | sha256sum -c - \
-#    && tar -zxvf server-jre-$java_version-linux-x64.tar.gz -C /opt \
-#    && ln -s /opt/jdk$java_semver/ $JAVA_HOME
+# Install Corretto Java JDK
+#Corretto download page: https://docs.aws.amazon.com/corretto/latest/corretto-8-ug/downloads-list.html
+ARG CORRETTO_URL_PERM=https://corretto.aws/downloads/latest/amazon-corretto-8-x64-linux-jdk.rpm
+ARG CORRETTO_RPM=amazon-corretto-8-x64-linux-jdk.rpm
+COPY container_files/java-corretto/corretto-signing-key.pub .
+RUN curl -O -L $CORRETTO_URL_PERM \
+    && rpm --import corretto-signing-key.pub \
+    && rpm -K $CORRETTO_RPM \
+    && rpm -i $CORRETTO_RPM \
+    && rm -r corretto-signing-key.pub $CORRETTO_RPM
+ENV JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto
 
 RUN echo 'Downloading Grouper Installer...' \
     && mkdir -p /opt/grouper/$GROUPER_VERSION \
-    && wget -q -O /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar http://software.internet2.edu/grouper/release/$GROUPER_VERSION/grouperInstaller.jar
-
+    && wget -q -O /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar https://oss.sonatype.org/service/local/repositories/releases/content/edu/internet2/middleware/grouper/grouper-installer/$GROUPER_VERSION/grouper-installer-$GROUPER_VERSION.jar
 COPY container_files/grouper.installer.properties /opt/grouper/$GROUPER_VERSION
 # Temporary morphString file used for building, not used in production
 COPY container_files/morphString.properties /opt/grouper/$GROUPER_VERSION
-
-
 RUN echo 'Installing Grouper'; \
     PATH=$PATH:$JAVA_HOME/bin; \
     cd /opt/grouper/$GROUPER_VERSION/ \
     && $JAVA_HOME/bin/java -cp :grouperInstaller.jar edu.internet2.middleware.grouperInstaller.GrouperInstaller
-
-
-
 FROM centos:centos7 as cleanup
-
-ENV GROUPER_VERSION=2.4.0 \
-    TOMCAT_VERSION=8.5.42 \    
+ENV GROUPER_VERSION=2.5.29 \
     TOMEE_VERSION=7.0.0
-
+RUN mkdir -p /opt/grouper/grouperWebapp/
+RUN mkdir -p /opt/tomee/
 COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar /opt/grouper/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.apiBinary-$GROUPER_VERSION/ /opt/grouper/grouper.apiBinary/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ui-$GROUPER_VERSION/dist/grouper/ /opt/grouper/grouper.ui/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ws-$GROUPER_VERSION/grouper-ws/build/dist/grouper-ws/ /opt/grouper/grouper.ws/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ws-$GROUPER_VERSION/grouper-ws-scim/targetBuiltin/grouper-ws-scim/ /opt/grouper/grouper.scim/
-#COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.clientBinary-$GROUPER_VERSION/ /opt/grouper/grouper.clientBinary/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/apache-tomcat-$TOMCAT_VERSION/ /opt/tomcat/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/apache-tomee-webprofile-$TOMEE_VERSION/ /opt/tomee/
+COPY --from=installing /opt/grouper/$GROUPER_VERSION/container/tomee/ /opt/tomee/
+COPY --from=installing /opt/grouper/$GROUPER_VERSION/container/webapp/ /opt/grouper/grouperWebapp/
+RUN ls /opt/grouper/grouperWebapp/
 COPY --from=installing /etc/alternatives/java /etc/alternatives/java
-
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomcat/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomcat/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomcat/bin
-
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomee/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomee/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomee/bin
-
-RUN cd /opt/grouper/grouper.apiBinary/; \
-    rm -fr ddlScripts/ grouper.properties grouper.lck grouper.log grouper.script grouper.tmp/ gshAddGrouperSystemWsGroup.gsh logs/
-
-RUN cd /opt/tomcat/; \
-    chmod +r bin/log4j-*.jar; \
-    rm -fr webapps/docs/ webapps/examples/ webapps/host-manager/ webapps/manager/ webapps/ROOT/ logs/* temp/* work/* conf/logging.properties
-
+RUN ls /opt/grouper/
+RUN ls /opt/grouper/grouperWebapp/WEB-INF
+#ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomee/bin
+#ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomee/bin
+#ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomee/bin
 RUN cd /opt/tomee/; \
-    chmod +r bin/log4j-*.jar; \
     rm -fr webapps/docs/ webapps/host-manager/ webapps/manager/ logs/* temp/* work/* conf/logging.properties
-
-COPY container_files/api/* /opt/grouper/grouper.apiBinary/conf/
-COPY container_files/ui/ /opt/grouper/grouper.ui/WEB-INF/
-COPY container_files/ws/ /opt/grouper/grouper.ws/WEB-INF/
-COPY container_files/tomcat/ /opt/tomcat/
+COPY container_files/api/* /opt/grouper/grouperWebapp/WEB-INF/classes/
 COPY container_files/tomee/ /opt/tomee/
 
-
-FROM tier/shibboleth_sp:3.0.4_03122019
-
+FROM tier/shibboleth_sp:3.1.0_04172020
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
       Vendor="TIER" \
       ImageType="Grouper" \
       ImageName=$imagename \
       ImageOS=centos7
 
 ARG GROUPER_CONTAINER_VERSION
-
-ENV JAVA_HOME=/usr/lib/jvm/zulu-8/ \
-    PATH=$PATH:$JAVA_HOME/bin \
-    GROUPER_HOME=/opt/grouper/grouper.apiBinary \
+ENV JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto
+ENV PATH=$PATH:$JAVA_HOME/bin \
+    GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF \
     GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION
-
 RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime
-
 RUN yum update -y \
-    && yum install -y cron logrotate python-pip \
+    && yum install -y cron logrotate python-pip rsync sudo patch \
     && pip install --upgrade pip \
     && pip install supervisor \
     && yum clean -y all
-
 COPY --from=installing $JAVA_HOME $JAVA_HOME
-COPY --from=cleanup /opt/tomcat/ /opt/tomcat/
 COPY --from=cleanup /opt/tomee/ /opt/tomee/
 COPY --from=cleanup /opt/grouper/ /opt/grouper/
-
 RUN groupadd -r tomcat \
     && useradd -r -m -s /sbin/nologin -g tomcat tomcat \
-    && mkdir -p /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/work/ \
-    && chown -R tomcat:tomcat /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/work/ \
-    && chown -R tomcat:tomcat /opt/tomee/logs/ /opt/tomee/temp/ /opt/tomee/work/ \
-    && ln -s $JAVA_HOME/bin/java /etc/alternatives/java
-
-# does shib sp3 not generate these files?
-# RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem
+    && chown -R tomcat:tomcat /opt/tomee  \
+    && ln -s $JAVA_HOME/bin/java /etc/alternatives/java \
+    && mkdir -p /opt/tomee/conf/Catalina/localhost/ \
+    && chown -R tomcat:tomcat /opt/grouper \
+    && mkdir /opt/hsqldb \
+    && chown tomcat:tomcat /opt/hsqldb
 
 COPY container_files/tier-support/ /opt/tier-support/
 COPY container_files/usr-local-bin/ /usr/local/bin/
+RUN chmod +x /usr/local/bin/*.sh
 COPY container_files/httpd/* /etc/httpd/conf.d/
 COPY container_files/shibboleth/* /etc/shibboleth/
+RUN cp /dev/null /etc/httpd/conf.d/ssl.conf 
 
-RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \
-    && sed -i 's/LogFormat "/LogFormat "httpd;access_log;%{ENV}e;%{USERTOKEN}e;/g' /etc/httpd/conf/httpd.conf \
-    && echo -e "\nErrorLogFormat \"httpd;error_log;%{ENV}e;%{USERTOKEN}e;[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i\"" >> /etc/httpd/conf/httpd.conf \
-    && sed -i 's/CustomLog "logs\/access_log"/CustomLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \
-    && sed -i 's/ErrorLog "logs\/error_log"/ErrorLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \
-    && echo -e "\nPassEnv ENV" >> /etc/httpd/conf/httpd.conf \
-    && echo -e "\nPassEnv USERTOKEN" >> /etc/httpd/conf/httpd.conf
-
-WORKDIR /opt/grouper/grouper.apiBinary/
-
+WORKDIR /opt/grouper/grouperWebapp/WEB-INF/
 EXPOSE 80 443
-
 HEALTHCHECK NONE
-
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
-
-CMD ["bin/gsh", "-loader"]
+# CMD ["bin/gsh.sh", "-loader"]

Jenkinsfile

@@ -51,12 +51,17 @@ pipeline {
             steps {
                 script {
                   try{
-                      docker.withRegistry('https://registry.hub.docker.com/',   "dockerhub-$maintainer") {
+                      // statically defining jenkins credential value dockerhub-tier
+                      docker.withRegistry('https://registry.hub.docker.com/',   "dockerhub-tier") {
                         baseImg = docker.build("$maintainer/$imagename", "--build-arg GROUPER_CONTAINER_VERSION=$tag --no-cache .")
                       }
+                      // test the environment 
+                      // sh 'cd test-compose && ./compose.sh'
+                      // bring down after testing
+                      // sh 'cd test-compose && docker-compose down'
                   } catch(error) {
                      def error_details = readFile('./debug');
-                     def message = "BUILD ERROR: There was a problem building ${imagename}:${tag}. \n\n ${error_details}"
+                      def message = "BUILD ERROR: There was a problem building ${maintainer}/${imagename}:${tag}. \n\n ${error_details}"
                      sh "rm -f ./debug"
                      handleError(message)
                   }
@@ -70,7 +75,7 @@ pipeline {
                      sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0'
                    } catch (error) {
                      def error_details = readFile('./debug')
-                     def message = "BUILD ERROR: There was a problem testing ${imagename}:${tag}. \n\n ${error_details}"
+                     def message = "BUILD ERROR: There was a problem testing ${maintainer}/${imagename}:${tag}. \n\n ${error_details}"
                      sh "rm -f ./debug"
                      handleError(message)
                    } 
@@ -81,21 +86,8 @@ pipeline {
         stage('Push') {
             steps {
                 script {
-                      //// scan the image with clair
-                      // sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:latest'
-                      // sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5'
-                      // sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64'
-                      // sh 'chmod 755 clair-scanner'
-                      // sh "./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename:latest"
-                      //// test the environment
-                      // sh 'docker kill clairdb'
-                      // sh 'docker rm clairdb'
-                      // sh 'docker kill clair'
-                      // sh 'docker rm clair'
-                      // sh 'cd test-compose && ./compose.sh'
-                      //// bring down after testing
-                      //sh 'cd test-compose && docker-compose down'
-                      docker.withRegistry('https://registry.hub.docker.com/',   "dockerhub-$maintainer") {
+                        // statically defining jenkins credential value dockerhub-tier
+                        docker.withRegistry('https://registry.hub.docker.com/',   "dockerhub-tier") {
                         baseImg.push("$tag")
                       }
                   }

LICENSE

@@ -198,4 +198,4 @@
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License