.gitignore

@@ -7,3 +7,5 @@ bin/run.sh
 bin/start.sh
 bin/stop.sh
 bin/test.sh
+/.project
+**/*~

Dockerfile

@@ -1,154 +1,52 @@
-FROM centos:centos7 as installing
-
-RUN yum update -y \
-    && yum install -y wget tar unzip dos2unix \
-    && yum clean all
-
-ARG GROUPER_CONTAINER_VERSION
-
-ENV GROUPER_VERSION=2.4.0 \
-     JAVA_HOME=/usr/lib/jvm/zulu-8/ \
-     GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION
-
-# use Zulu package
-RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems \
-       && curl -o /etc/yum.repos.d/zulu.repo http://repos.azulsystems.com/rhel/zulu.repo \
-       && yum -y install zulu-8 
-
-#RUN java_version=8.0.172; \
-#    zulu_version=8.30.0.1; \
-#    echo 'Downloading the OpenJDK Zulu...' \
-#    && wget -q http://cdn.azul.com/zulu/bin/zulu$zulu_version-jdk$java_version-linux_x64.tar.gz \
-#    && echo "0a101a592a177c1c7bc63738d7bc2930  zulu$zulu_version-jdk$java_version-linux_x64.tar.gz" | md5sum -c - \
-#    && tar -zxvf zulu$zulu_version-jdk$java_version-linux_x64.tar.gz -C /opt \
-#    && ln -s /opt/zulu$zulu_version-jdk$java_version-linux_x64 $JAVA_HOME
-
-#RUN java_version=8u151; \
-#    java_bnumber=12; \
-#    java_semver=1.8.0_151; \
-#    java_hash=123b1d755416aa7579abc03f01ab946e612e141b6f7564130f2ada00ed913f1d; \
-#    echo 'Downloading the Oracle Java...' \ 
-#    && wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" \
-#    http://download.oracle.com/otn-pub/java/jdk/$java_version-b$java_bnumber/e758a0de34e24606bca991d704f6dcbf/server-jre-$java_version-linux-x64.tar.gz \
-#    && echo "$java_hash  server-jre-$java_version-linux-x64.tar.gz" | sha256sum -c - \
-#    && tar -zxvf server-jre-$java_version-linux-x64.tar.gz -C /opt \
-#    && ln -s /opt/jdk$java_semver/ $JAVA_HOME
-
-RUN echo 'Downloading Grouper Installer...' \
-    && mkdir -p /opt/grouper/$GROUPER_VERSION \
-    && wget -q -O /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar http://software.internet2.edu/grouper/release/$GROUPER_VERSION/grouperInstaller.jar
-
-COPY container_files/grouper.installer.properties /opt/grouper/$GROUPER_VERSION
-# Temporary morphString file used for building, not used in production
-COPY container_files/morphString.properties /opt/grouper/$GROUPER_VERSION
-
-
-RUN echo 'Installing Grouper'; \
-    PATH=$PATH:$JAVA_HOME/bin; \
-    cd /opt/grouper/$GROUPER_VERSION/ \
-    && $JAVA_HOME/bin/java -cp :grouperInstaller.jar edu.internet2.middleware.grouperInstaller.GrouperInstaller
-
-
-
-FROM centos:centos7 as cleanup
-
-ENV GROUPER_VERSION=2.4.0 \
-    TOMCAT_VERSION=8.5.42 \    
-    TOMEE_VERSION=7.0.0
-
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar /opt/grouper/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.apiBinary-$GROUPER_VERSION/ /opt/grouper/grouper.apiBinary/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ui-$GROUPER_VERSION/dist/grouper/ /opt/grouper/grouper.ui/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ws-$GROUPER_VERSION/grouper-ws/build/dist/grouper-ws/ /opt/grouper/grouper.ws/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ws-$GROUPER_VERSION/grouper-ws-scim/targetBuiltin/grouper-ws-scim/ /opt/grouper/grouper.scim/
-#COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.clientBinary-$GROUPER_VERSION/ /opt/grouper/grouper.clientBinary/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/apache-tomcat-$TOMCAT_VERSION/ /opt/tomcat/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/apache-tomee-webprofile-$TOMEE_VERSION/ /opt/tomee/
-COPY --from=installing /etc/alternatives/java /etc/alternatives/java
-
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomcat/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomcat/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomcat/bin
-
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomee/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomee/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomee/bin
-
-RUN cd /opt/grouper/grouper.apiBinary/; \
-    rm -fr ddlScripts/ grouper.properties grouper.lck grouper.log grouper.script grouper.tmp/ gshAddGrouperSystemWsGroup.gsh logs/
-
-RUN cd /opt/tomcat/; \
-    chmod +r bin/log4j-*.jar; \
-    rm -fr webapps/docs/ webapps/examples/ webapps/host-manager/ webapps/manager/ webapps/ROOT/ logs/* temp/* work/* conf/logging.properties
-
-RUN cd /opt/tomee/; \
-    chmod +r bin/log4j-*.jar; \
-    rm -fr webapps/docs/ webapps/host-manager/ webapps/manager/ logs/* temp/* work/* conf/logging.properties
-
-COPY container_files/api/* /opt/grouper/grouper.apiBinary/conf/
-COPY container_files/ui/ /opt/grouper/grouper.ui/WEB-INF/
-COPY container_files/ws/ /opt/grouper/grouper.ws/WEB-INF/
-COPY container_files/tomcat/ /opt/tomcat/
-COPY container_files/tomee/ /opt/tomee/
-
-
-FROM tier/shibboleth_sp:3.0.4_03122019
+FROM tier/shibboleth_sp:3.1.0_04172020
 
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
       Vendor="TIER" \
       ImageType="Grouper" \
       ImageName=$imagename \
       ImageOS=centos7
-      
+
 ARG GROUPER_CONTAINER_VERSION
 
-ENV JAVA_HOME=/usr/lib/jvm/zulu-8/ \
+ENV GROUPER_VERSION=2.6.17 \
+    GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION \
+    JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto \
     PATH=$PATH:$JAVA_HOME/bin \
-    GROUPER_HOME=/opt/grouper/grouper.apiBinary \
-    GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION
-
-RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime
+    GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF
 
+# net-tools curl mlocate strace telnet man vim rsyslog cron httpd mod_ssl cronie
 RUN yum update -y \
-    && yum install -y cron logrotate python-pip \
-    && pip install --upgrade pip \
-    && pip install supervisor \
-    && yum clean -y all
+    && yum install -y logrotate python3-pip rsync sudo patch supervisor wget tar unzip dos2unix file \
+    && pip3 install --upgrade setuptools \
+    && yum clean -y all \
+    && groupadd -r tomcat \
+    && useradd -r -m -s /sbin/nologin -g tomcat tomcat \
+    && mkdir -p /opt/container_files
 
-COPY --from=installing $JAVA_HOME $JAVA_HOME
-COPY --from=cleanup /opt/tomcat/ /opt/tomcat/
-COPY --from=cleanup /opt/tomee/ /opt/tomee/
-COPY --from=cleanup /opt/grouper/ /opt/grouper/
+# Install Corretto Java JDK
+#Corretto download page: https://docs.aws.amazon.com/corretto/latest/corretto-8-ug/downloads-list.html
 
-RUN groupadd -r tomcat \
-    && useradd -r -m -s /sbin/nologin -g tomcat tomcat \
-    && mkdir -p /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/work/ \
-    && chown -R tomcat:tomcat /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/work/ \
-    && chown -R tomcat:tomcat /opt/tomee/logs/ /opt/tomee/temp/ /opt/tomee/work/ \
-    && ln -s $JAVA_HOME/bin/java /etc/alternatives/java
+ARG JAVA_VERSION=1.8.0
 
-# does shib sp3 not generate these files?
-# RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem
+# real copy command (if not caching), uncomment this and change comments of COPY above to work on install script
+COPY container_files/ /opt/container_files/
 
-COPY container_files/tier-support/ /opt/tier-support/
-COPY container_files/usr-local-bin/ /usr/local/bin/
-COPY container_files/httpd/* /etc/httpd/conf.d/
-COPY container_files/shibboleth/* /etc/shibboleth/
+RUN cd /tmp \
+    && chmod +x /opt/container_files/docker-build-bin/*.sh \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstallDos2unix.sh /opt/container_files \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstallJava.sh $JAVA_VERSION \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstallGrouper.sh $JAVA_HOME $GROUPER_VERSION \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstall.sh $JAVA_HOME $GROUPER_VERSION
 
-RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \
-    && sed -i 's/LogFormat "/LogFormat "httpd;access_log;%{ENV}e;%{USERTOKEN}e;/g' /etc/httpd/conf/httpd.conf \
-    && echo -e "\nErrorLogFormat \"httpd;error_log;%{ENV}e;%{USERTOKEN}e;[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i\"" >> /etc/httpd/conf/httpd.conf \
-    && sed -i 's/CustomLog "logs\/access_log"/CustomLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \
-    && sed -i 's/ErrorLog "logs\/error_log"/ErrorLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \
-    && echo -e "\nPassEnv ENV" >> /etc/httpd/conf/httpd.conf \
-    && echo -e "\nPassEnv USERTOKEN" >> /etc/httpd/conf/httpd.conf
 
-WORKDIR /opt/grouper/grouper.apiBinary/
+# testing container
+# see output with  docker build . --tag my:grouper
+# DOCKER_BUILDKIT=0 docker build --progress=plain -t mygrouper .
+# docker run --detach --name mygrouper mygrouper:latest
+# docker exec -it mygrouper bash
 
+WORKDIR /opt/grouper/grouperWebapp/WEB-INF/
 EXPOSE 80 443
-
 HEALTHCHECK NONE
 
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
-
-CMD ["bin/gsh", "-loader"]

Dockerfile2

@@ -0,0 +1,75 @@
+FROM centos:centos7
+
+LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
+      Vendor="TIER" \
+      ImageType="Grouper" \
+      ImageName=$imagename \
+      ImageOS=centos7
+
+ARG GROUPER_CONTAINER_VERSION
+
+ENV GROUPER_VERSION=2.6.17 \
+    GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION \
+    JAVA_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto \
+    PATH=$PATH:$JAVA_HOME/bin \
+    GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF
+
+RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime \
+    && echo "NETWORKING=yes" > /etc/sysconfig/network
+RUN rm -fr /var/cache/yum/* && yum clean all && yum -y install --setopt=tsflags=nodocs epel-release && yum -y update && \
+    yum -y install net-tools wget curl tar unzip mlocate logrotate strace telnet man vim rsyslog cron httpd mod_ssl dos2unix cronie supervisor && \
+    yum clean all
+
+RUN yum update -y \
+    && yum install -y logrotate python3-pip rsync sudo patch supervisor wget tar unzip dos2unix file \
+    && pip3 install --upgrade setuptools \
+    && yum clean -y all \
+    && groupadd -r tomcat \
+    && useradd -r -m -s /sbin/nologin -g tomcat tomcat \
+    && mkdir -p /opt/container_files
+
+# Install Corretto Java JDK
+#Corretto download page: https://docs.aws.amazon.com/corretto/latest/corretto-8-ug/downloads-list.html
+
+ARG JAVA_VERSION=1.8.0
+
+
+COPY container_files/docker-build-bin /opt/container_files/docker-build-bin/
+COPY container_files/morphString.properties /opt/container_files/
+COPY container_files/grouper.installer.properties /opt/container_files/
+RUN mkdir /opt/container_files/java-corretto
+COPY container_files/java-corretto/corretto-signing-key.pub /opt/container_files/java-corretto
+COPY container_files/tier-support /opt/container_files/tier-support/
+RUN cd /tmp \
+    && chmod +x /opt/container_files/docker-build-bin/*.sh \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstallDos2unix.sh /opt/container_files \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstallJava.sh  $JAVA_VERSION \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstallGrouper.sh $JAVA_HOME $GROUPER_VERSION 
+
+
+# real copy command (if not caching), uncomment this and change comments of COPY above to work on install script
+COPY container_files/ /opt/container_files/
+
+RUN cd /tmp \
+    && mkdir /etc/shibboleth \
+    && chmod +x /opt/container_files/docker-build-bin/*.sh \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstallDos2unix.sh /opt/container_files \
+    && /opt/container_files/docker-build-bin/containerDockerfileInstall.sh $JAVA_HOME $GROUPER_VERSION
+
+
+# testing container
+# see output with  docker build . --tag my:grouper
+# DOCKER_BUILDKIT=0 docker build --progress=plain -t mygrouper .
+# docker run --detach --name mygrouper mygrouper:latest
+# docker exec -it mygrouper bash
+
+WORKDIR /opt/grouper/grouperWebapp/WEB-INF/
+EXPOSE 80 443
+HEALTHCHECK NONE
+
+#ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+
+# LOCAL start uncomment ping, and comment out other entrypoint to just have a simple runnable container
+ENTRYPOINT ["ping"]
+CMD ["google.com"]
+# LOCAL end

Jenkinsfile

@@ -1,6 +1,6 @@
 
 pipeline {
-    agent any
+    agent { node { label 'docker' } }
     environment { 
         maintainer = "t"
         imagename = 'g'
@@ -12,8 +12,11 @@ pipeline {
                 script {
                     maintainer = maintain()
                     imagename = imagename()
-                    if(env.BRANCH_NAME == "master") {
+                    if(env.BRANCH_NAME == "main") {
                        tag = "latest"
+    //                } else if (env.BRANCH_NAME == "2.6.9") {
+    //                   // skip it for now
+    //                   sh 'exit -1'       
                     } else {
                        tag = env.BRANCH_NAME
                     }
@@ -51,12 +54,17 @@ pipeline {
             steps {
                 script {
                   try{
-                      docker.withRegistry('https://registry.hub.docker.com/',   "dockerhub-$maintainer") {
+                      // statically defining jenkins credential value dockerhub-tier
+                      docker.withRegistry('https://registry.hub.docker.com/',   "dockerhub-tier") {
                         baseImg = docker.build("$maintainer/$imagename", "--build-arg GROUPER_CONTAINER_VERSION=$tag --no-cache .")
                       }
+                      // test the environment 
+                      // sh 'cd test-compose && ./compose.sh'
+                      // bring down after testing
+                      // sh 'cd test-compose && docker-compose down'
                   } catch(error) {
                      def error_details = readFile('./debug');
-                     def message = "BUILD ERROR: There was a problem building ${imagename}:${tag}. \n\n ${error_details}"
+                      def message = "BUILD ERROR: There was a problem building ${maintainer}/${imagename}:${tag}. \n\n ${error_details}"
                      sh "rm -f ./debug"
                      handleError(message)
                   }
@@ -70,7 +78,7 @@ pipeline {
                      sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0'
                    } catch (error) {
                      def error_details = readFile('./debug')
-                     def message = "BUILD ERROR: There was a problem testing ${imagename}:${tag}. \n\n ${error_details}"
+                     def message = "BUILD ERROR: There was a problem testing ${maintainer}/${imagename}:${tag}. \n\n ${error_details}"
                      sh "rm -f ./debug"
                      handleError(message)
                    } 
@@ -81,21 +89,8 @@ pipeline {
         stage('Push') {
             steps {
                 script {
-                      //// scan the image with clair
-                      // sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:latest'
-                      // sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5'
-                      // sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64'
-                      // sh 'chmod 755 clair-scanner'
-                      // sh "./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename:latest"
-                      //// test the environment
-                      // sh 'docker kill clairdb'
-                      // sh 'docker rm clairdb'
-                      // sh 'docker kill clair'
-                      // sh 'docker rm clair'
-                      // sh 'cd test-compose && ./compose.sh'
-                      //// bring down after testing
-                      //sh 'cd test-compose && docker-compose down'
-                      docker.withRegistry('https://registry.hub.docker.com/',   "dockerhub-$maintainer") {
+                        // statically defining jenkins credential value dockerhub-tier
+                        docker.withRegistry('https://registry.hub.docker.com/',   "dockerhub-tier") {
                         baseImg.push("$tag")
                       }
                   }

LICENSE

@@ -7,7 +7,7 @@
    1. Definitions.
 
       "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
+      and distribution as defined by Sections 1 through 9 of this document
 
       "Licensor" shall mean the copyright owner or entity authorized by
       the copyright owner that is granting the License.