.gitignore

@@ -7,3 +7,5 @@ bin/run.sh
 bin/start.sh
 bin/stop.sh
 bin/test.sh
+/.project
+**/*~

Dockerfile

@@ -1,154 +1,110 @@
-FROM centos:centos7 as installing
+ARG GROUPER_CONTAINER_VERSION=5.9.1
+ARG GROUPER_VERSION=5.9.1
+ARG JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto
 
-RUN yum update -y \
-    && yum install -y wget tar unzip dos2unix \
-    && yum clean all
-
-ARG GROUPER_CONTAINER_VERSION
-
-ENV GROUPER_VERSION=2.4.0 \
-     JAVA_HOME=/usr/lib/jvm/zulu-8/ \
-     GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION
-
-# use Zulu package
-RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems \
-       && curl -o /etc/yum.repos.d/zulu.repo http://repos.azulsystems.com/rhel/zulu.repo \
-       && yum -y install zulu-8 
-
-#RUN java_version=8.0.172; \
-#    zulu_version=8.30.0.1; \
-#    echo 'Downloading the OpenJDK Zulu...' \
-#    && wget -q http://cdn.azul.com/zulu/bin/zulu$zulu_version-jdk$java_version-linux_x64.tar.gz \
-#    && echo "0a101a592a177c1c7bc63738d7bc2930  zulu$zulu_version-jdk$java_version-linux_x64.tar.gz" | md5sum -c - \
-#    && tar -zxvf zulu$zulu_version-jdk$java_version-linux_x64.tar.gz -C /opt \
-#    && ln -s /opt/zulu$zulu_version-jdk$java_version-linux_x64 $JAVA_HOME
-
-#RUN java_version=8u151; \
-#    java_bnumber=12; \
-#    java_semver=1.8.0_151; \
-#    java_hash=123b1d755416aa7579abc03f01ab946e612e141b6f7564130f2ada00ed913f1d; \
-#    echo 'Downloading the Oracle Java...' \ 
-#    && wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" \
-#    http://download.oracle.com/otn-pub/java/jdk/$java_version-b$java_bnumber/e758a0de34e24606bca991d704f6dcbf/server-jre-$java_version-linux-x64.tar.gz \
-#    && echo "$java_hash  server-jre-$java_version-linux-x64.tar.gz" | sha256sum -c - \
-#    && tar -zxvf server-jre-$java_version-linux-x64.tar.gz -C /opt \
-#    && ln -s /opt/jdk$java_semver/ $JAVA_HOME
-
-RUN echo 'Downloading Grouper Installer...' \
-    && mkdir -p /opt/grouper/$GROUPER_VERSION \
-    && wget -q -O /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar http://software.internet2.edu/grouper/release/$GROUPER_VERSION/grouperInstaller.jar
-
-COPY container_files/grouper.installer.properties /opt/grouper/$GROUPER_VERSION
-# Temporary morphString file used for building, not used in production
-COPY container_files/morphString.properties /opt/grouper/$GROUPER_VERSION
+FROM --platform=$TARGETPLATFORM rockylinux:8.8 as os-base
 
+LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
+      Vendor="TIER" \
+      ImageType="Grouper" \
+      ImageName=$imagename \
+      ImageOS=centos7
 
-RUN echo 'Installing Grouper'; \
-    PATH=$PATH:$JAVA_HOME/bin; \
-    cd /opt/grouper/$GROUPER_VERSION/ \
-    && $JAVA_HOME/bin/java -cp :grouperInstaller.jar edu.internet2.middleware.grouperInstaller.GrouperInstaller
+#  net-tools curl mlocate strace telnet man vim rsyslog cron mod_ssl cronie
+RUN yum update -y \
+&& yum install -y logrotate python3-pip rsync sudo patch wget tar unzip dos2unix file net-tools diffutils curl mlocate strace telnet man vim rsyslog cronie findutils procps \
+&& pip3 install --upgrade setuptools \
+&& yum clean -y all
 
+# Install Corretto Java JDK (newer more arch independent way)
+RUN rpm --import https://yum.corretto.aws/corretto.key \
+&& curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo \
+&& yum install -y java-17-amazon-corretto-devel
 
+RUN groupadd -g 994 -r tomcat \
+    && useradd -u 996 -r -m -s /sbin/nologin -g tomcat tomcat
 
-FROM centos:centos7 as cleanup
 
-ENV GROUPER_VERSION=2.4.0 \
-    TOMCAT_VERSION=8.5.42 \    
-    TOMEE_VERSION=7.0.0
+FROM os-base as stage
 
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouperInstaller.jar /opt/grouper/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.apiBinary-$GROUPER_VERSION/ /opt/grouper/grouper.apiBinary/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ui-$GROUPER_VERSION/dist/grouper/ /opt/grouper/grouper.ui/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ws-$GROUPER_VERSION/grouper-ws/build/dist/grouper-ws/ /opt/grouper/grouper.ws/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.ws-$GROUPER_VERSION/grouper-ws-scim/targetBuiltin/grouper-ws-scim/ /opt/grouper/grouper.scim/
-#COPY --from=installing /opt/grouper/$GROUPER_VERSION/grouper.clientBinary-$GROUPER_VERSION/ /opt/grouper/grouper.clientBinary/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/apache-tomcat-$TOMCAT_VERSION/ /opt/tomcat/
-COPY --from=installing /opt/grouper/$GROUPER_VERSION/apache-tomee-webprofile-$TOMEE_VERSION/ /opt/tomee/
-COPY --from=installing /etc/alternatives/java /etc/alternatives/java
+ARG GROUPER_CONTAINER_VERSION
+ARG GROUPER_VERSION
+ARG JAVA_HOME
 
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomcat/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomcat/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomcat/bin
+ENV GROUPER_VERSION=$GROUPER_VERSION \
+    GROUPER_CONTAINER_VERSION=GROUPER_CONTAINER_VERSION \
+    JAVA_HOME=$JAVA_HOME \
+    PATH=$PATH:$JAVA_HOME/bin \
+    GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF
 
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.11.0/log4j-core-2.11.0.jar /opt/tomee/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.11.0/log4j-api-2.11.0.jar /opt/tomee/bin
-ADD https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-jul/2.11.0/log4j-jul-2.11.0.jar /opt/tomee/bin
+# real copy command (if not caching), uncomment this and change comments of COPY above to work on install script
+COPY container_files/ /tmp/container_files/
 
-RUN cd /opt/grouper/grouper.apiBinary/; \
-    rm -fr ddlScripts/ grouper.properties grouper.lck grouper.log grouper.script grouper.tmp/ gshAddGrouperSystemWsGroup.gsh logs/
+# TODO put this back in one command
+RUN chmod +x /tmp/container_files/docker-build-bin/*.sh
+#(DEPRECATED) RUN /tmp/container_files/docker-build-bin/containerDockerfileInstallDos2unix.sh /tmp/container_files 
+RUN /tmp/container_files/docker-build-bin/containerDockerfileInstallGrouper.sh $JAVA_HOME $GROUPER_VERSION
+#(DEPRECATED) RUN /opt/container_files/docker-build-bin/containerDockerfileInstall.sh $JAVA_HOME $GROUPER_VERSION
 
-RUN cd /opt/tomcat/; \
-    chmod +r bin/log4j-*.jar; \
-    rm -fr webapps/docs/ webapps/examples/ webapps/host-manager/ webapps/manager/ webapps/ROOT/ logs/* temp/* work/* conf/logging.properties
 
-RUN cd /opt/tomee/; \
-    chmod +r bin/log4j-*.jar; \
-    rm -fr webapps/docs/ webapps/host-manager/ webapps/manager/ logs/* temp/* work/* conf/logging.properties
+# Temp adjustments
 
-COPY container_files/api/* /opt/grouper/grouper.apiBinary/conf/
-COPY container_files/ui/ /opt/grouper/grouper.ui/WEB-INF/
-COPY container_files/ws/ /opt/grouper/grouper.ws/WEB-INF/
-COPY container_files/tomcat/ /opt/tomcat/
-COPY container_files/tomee/ /opt/tomee/
+# FROM stage
+# 
+# ARG GROUPER_CONTAINER_VERSION
+# ARG GROUPER_VERSION
+# ARG JAVA_HOME
+# 
+# ENV GROUPER_VERSION=$GROUPER_VERSION \
+#     GROUPER_CONTAINER_VERSION=GROUPER_CONTAINER_VERSION \
+#     JAVA_HOME=$JAVA_HOME \
+#     PATH=$PATH:$JAVA_HOME/bin \
+#     GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF
+# 
+# COPY container_files/ /opt/container_files/
+# 
+# RUN /opt/container_files/docker-build-bin/containerDockerfileInstallGrouperTEMP.sh $JAVA_HOME $GROUPER_VERSION
+# 
 
 
-FROM tier/shibboleth_sp:3.0.4_03122019
+FROM os-base as grouper
 
-LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
-      Vendor="TIER" \
-      ImageType="Grouper" \
-      ImageName=$imagename \
-      ImageOS=centos7
-
 ARG GROUPER_CONTAINER_VERSION
+ARG GROUPER_VERSION
+ARG JAVA_HOME
 
-ENV JAVA_HOME=/usr/lib/jvm/zulu-8/ \
+ENV GROUPER_VERSION=$GROUPER_VERSION \
+    GROUPER_CONTAINER_VERSION=$GROUPER_VERSION \
+    JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto \
     PATH=$PATH:$JAVA_HOME/bin \
-    GROUPER_HOME=/opt/grouper/grouper.apiBinary \
-    GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION
+    GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF
+
+COPY --from=stage /tmp/stage/grouper/$GROUPER_VERSION/container /opt
 
-RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime
 
-RUN yum update -y \
-    && yum install -y cron logrotate python-pip \
-    && pip install --upgrade pip \
-    && pip install supervisor \
-    && yum clean -y all
-
-COPY --from=installing $JAVA_HOME $JAVA_HOME
-COPY --from=cleanup /opt/tomcat/ /opt/tomcat/
-COPY --from=cleanup /opt/tomee/ /opt/tomee/
-COPY --from=cleanup /opt/grouper/ /opt/grouper/
-
-RUN groupadd -r tomcat \
-    && useradd -r -m -s /sbin/nologin -g tomcat tomcat \
-    && mkdir -p /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/work/ \
-    && chown -R tomcat:tomcat /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/work/ \
-    && chown -R tomcat:tomcat /opt/tomee/logs/ /opt/tomee/temp/ /opt/tomee/work/ \
-    && ln -s $JAVA_HOME/bin/java /etc/alternatives/java
-
-# does shib sp3 not generate these files?
-# RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem
-
-COPY container_files/tier-support/ /opt/tier-support/
 COPY container_files/usr-local-bin/ /usr/local/bin/
-COPY container_files/httpd/* /etc/httpd/conf.d/
-COPY container_files/shibboleth/* /etc/shibboleth/
 
-RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \
-    && sed -i 's/LogFormat "/LogFormat "httpd;access_log;%{ENV}e;%{USERTOKEN}e;/g' /etc/httpd/conf/httpd.conf \
-    && echo -e "\nErrorLogFormat \"httpd;error_log;%{ENV}e;%{USERTOKEN}e;[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i\"" >> /etc/httpd/conf/httpd.conf \
-    && sed -i 's/CustomLog "logs\/access_log"/CustomLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \
-    && sed -i 's/ErrorLog "logs\/error_log"/ErrorLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \
-    && echo -e "\nPassEnv ENV" >> /etc/httpd/conf/httpd.conf \
-    && echo -e "\nPassEnv USERTOKEN" >> /etc/httpd/conf/httpd.conf
+RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime \
+    && rm -f /etc/alternatives/java \
+    && ln -s $JAVA_HOME/bin/java /etc/alternatives/java \
+    && chmod u+w $JAVA_HOME/lib/security/cacerts \
+    && /usr/lib/jvm/java/bin/keytool -import -noprompt -cacerts -storepass changeit -alias "localhost" -file "/opt/grouper/certs/localhost.pem" \
+    && chmod u-w $JAVA_HOME/lib/security/cacerts \
+    && echo 'umask 002' >> /home/tomcat/.bashrc
+
+# RUN /usr/local/bin/containerDockerfileInstallPermissions.sh tomcat root    
 
-WORKDIR /opt/grouper/grouper.apiBinary/
 
-EXPOSE 80 443
+# testing container
+# see output with  docker build . --tag my:grouper
+# DOCKER_BUILDKIT=0 docker build --progress=plain -t mygrouper .
+# docker run --detach --name mygrouper mygrouper:latest
+# docker exec -it mygrouper bash
 
+WORKDIR /opt/grouper/grouperWebapp/WEB-INF/
+EXPOSE 80 443 8080 8443
 HEALTHCHECK NONE
 
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
-
-CMD ["bin/gsh", "-loader"]
+#ENTRYPOINT ["ping"]
+#CMD ["google.com"]

Dockerfile3

@@ -0,0 +1,6 @@
+FROM i2incommon/grouper:5.7.0
+
+COPY container_files/usr-local-bin /usr/local/bin
+COPY container_files /opt
+
+EXPOSE 8080 8443 8009

Dockerfile_centos

@@ -0,0 +1,59 @@
+FROM i2incommon/grouper:4.1.5 as grouperContainer
+
+FROM centos:centos7
+
+COPY --from=grouperContainer /opt /opt
+COPY --from=grouperContainer /usr/local/bin /usr/local/bin
+
+
+LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
+      Vendor="TIER" \
+      ImageType="Grouper" \
+      ImageName=$imagename \
+      ImageOS=centos7
+
+ARG GROUPER_CONTAINER_VERSION
+
+ENV GROUPER_VERSION=4.1.5 \
+    GROUPER_CONTAINER_VERSION=4.1.5 \
+    JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto \
+    PATH=$PATH:$JAVA_HOME/bin \
+    GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF
+
+# net-tools curl mlocate strace telnet man vim rsyslog cron httpd mod_ssl cronie
+
+RUN rm -fr /var/cache/yum/* && yum clean all && yum -y install --setopt=tsflags=nodocs epel-release \ 
+    && yum update -y \
+    && yum install -y logrotate python3-pip rsync sudo patch supervisor wget tar unzip dos2unix file net-tools curl mlocate logrotate strace telnet man vim rsyslog cronie httpd mod_ssl findutils \
+    && pip3 install --upgrade setuptools \
+    && yum clean -y all \
+    && groupadd -r tomcat \
+    && useradd -r -m -s /sbin/nologin -g tomcat tomcat
+
+# Install Corretto Java JDK
+#Corretto download page: https://docs.aws.amazon.com/corretto/latest/corretto-8-ug/downloads-list.html
+
+# Install Corretto Java JDK (newer more arch independent way)
+RUN rpm --import https://yum.corretto.aws/corretto.key \
+    && curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo \
+    && yum install -y java-17-amazon-corretto-devel
+
+RUN /usr/local/bin/containerDockerfileInstallPermissions.sh tomcat root
+
+# testing container
+# docker build -f Dockerfile_centos -t mygrouper
+# see output with  
+# DOCKER_BUILDKIT=0 docker build --progress=plain -t mygrouper .
+# docker run --detach --name mygrouper mygrouper:latest
+# docker exec -it mygrouper bash
+# docker run --detach -e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_MAX_MEMORY='3g' -e GROUPER_RUN_SHIB_SP=false -e GROUPERSYSTEM_QUICKSTART_PASS=pass -e GROUPER_UI_GROUPER_AUTH=true -e GROUPER_DATABASE_URL=jdbc:postgresql://host.docker.internal:5433/grouper -e GROUPER_DATABASE_USERNAME=grouper -e GROUPER_DATABASE_PASSWORD=pass -e GROUPER_AUTO_DDL_UPTOVERSION='v4.*.*' -e GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES='0.0.0.0/0' -e GROUPER_START_DELAY_SECONDS=10 --publish 8081:8080  -e GROUPER_RUN_APACHE=false --name mygrouper mygrouper:latest ui
+
+
+
+WORKDIR /opt/grouper/grouperWebapp/WEB-INF/
+EXPOSE 80 443
+HEALTHCHECK NONE
+
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+#ENTRYPOINT ["ping"]
+#CMD ["google.com"]