From 13421ac4b4469859586775fccd5165ca9c92f968 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 11:49:12 -0400 Subject: [PATCH 01/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 284e5dca..9ac32f07 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -14,9 +14,9 @@ grouperInstaller.default.installOrUpgrade = install ## ############################## -grouperInstaller.autorun.installAllPatches = false -grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_3_0_api_patch_108,grouper_v2_3_0_ui_patch_45,grouper_v2_3_0_ws_patch_12,grouper_v2_3_0_pspng_patch_16 +grouperInstaller.autorun.installAllPatches = true +# grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true +# grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_3_0_api_patch_108,grouper_v2_3_0_ui_patch_45,grouper_v2_3_0_ws_patch_12,grouper_v2_3_0_pspng_patch_16 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 9c931a0c83c39b95e0c751b8e315fe38fea65795 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 11:50:54 -0400 Subject: [PATCH 02/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 9ac32f07..7f0e354d 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -1,7 +1,7 @@ # this should be before the version number download.server.url = https://software.internet2.edu/grouper # default version to install -grouper.version = 2.3.0 +grouper.version = 2.4.0 # print out autorun keys in prompts so you can easily see how to configure the autorun grouperInstaller.print.autorunKeys = true # default to install or upgrade (default is install) From 8dc34ffb3578683f0e73e7297823ff1c3b0aea01 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 11:53:23 -0400 Subject: [PATCH 03/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 7f0e354d..35cab020 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -30,10 +30,10 @@ grouperInstaller.autorun.addQuickstartData = f grouperInstaller.autorun.installClient = f grouperInstaller.autorun.installGrouperActiveMqMessaging = f -grouperInstaller.autorun.activeMqWhereInstalled = /opt/grouper/2.3.0/grouper.apiBinary-2.3.0/ +grouperInstaller.autorun.activeMqWhereInstalled = /opt/grouper/2.4.0/grouper.apiBinary-2.4.0/ grouperInstaller.autorun.installGrouperAwsSqsMessaging = t -grouperInstaller.autorun.AwsSqsWhereInstalled = /opt/grouper/2.3.0/grouper.apiBinary-2.3.0/ +grouperInstaller.autorun.AwsSqsWhereInstalled = /opt/grouper/2.4.0/grouper.apiBinary-2.4.0/ grouperInstaller.autorun.installGrouperRabbitMqMessaging = t -grouperInstaller.autorun.rabbitMqWhereInstalled = /opt/grouper/2.3.0/grouper.apiBinary-2.3.0/ +grouperInstaller.autorun.rabbitMqWhereInstalled = /opt/grouper/2.4.0/grouper.apiBinary-2.4.0/ From 369cf6cac3b93b677b0ed28c58fa608b63b555bc Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 11:54:09 -0400 Subject: [PATCH 04/77] Update Dockerfile --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index ac08e98b..f600f750 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ RUN yum update -y \ && yum install -y wget tar unzip dos2unix \ && yum clean all -ENV GROUPER_VERSION=2.3.0 \ +ENV GROUPER_VERSION=2.4.0 \ JAVA_HOME=/usr/lib/jvm/zulu-8/ # use Zulu package @@ -46,7 +46,7 @@ RUN echo 'Installing Grouper'; \ FROM centos:centos7 as cleanup -ENV GROUPER_VERSION=2.3.0 \ +ENV GROUPER_VERSION=2.4.0 \ TOMCAT_VERSION=8.5.12 \ TOMEE_VERSION=7.0.0 From 5f638ebabe52dee5a0f00fb95437f316fdc3dde5 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 12:36:30 -0400 Subject: [PATCH 05/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 3 +++ 1 file changed, 3 insertions(+) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 35cab020..ef3aca3d 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -37,3 +37,6 @@ grouperInstaller.autorun.AwsSqsWhereInstalled = /opt/grouper/2.4.0/grouper.apiBi grouperInstaller.autorun.installGrouperRabbitMqMessaging = t grouperInstaller.autorun.rabbitMqWhereInstalled = /opt/grouper/2.4.0/grouper.apiBinary-2.4.0/ + +# disable installing pspng, for now +grouperInstaller.autorun.installPspng = f From 63af7e075c8af8ea55242fac93289e4d3eebfbc4 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 12:43:03 -0400 Subject: [PATCH 06/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 1 + 1 file changed, 1 insertion(+) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index ef3aca3d..8537cf91 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -40,3 +40,4 @@ grouperInstaller.autorun.rabbitMqWhereInstalled = /opt/grouper/2.4.0/grouper.api # disable installing pspng, for now grouperInstaller.autorun.installPspng = f +grouperInstaller.autorun.installPsp = f From 31f29bc689a7859fbb40e3ba4f944b2cce4343f5 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 12:57:07 -0400 Subject: [PATCH 07/77] Update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f600f750..be3b3c21 100644 --- a/Dockerfile +++ b/Dockerfile @@ -118,7 +118,7 @@ RUN groupadd -r tomcat \ && chown -R tomcat:tomcat /opt/tomee/logs/ /opt/tomee/temp/ /opt/tomee/work/ \ && ln -s $JAVA_HOME/bin/java /etc/alternatives/java -RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem +# RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem COPY container_files/tier-support/ /opt/tier-support/ COPY container_files/usr-local-bin/ /usr/local/bin/ From 46679ff5a1f6e42f5661ed55bb639779dabea725 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 13:41:19 -0400 Subject: [PATCH 08/77] Update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index be3b3c21..f600f750 100644 --- a/Dockerfile +++ b/Dockerfile @@ -118,7 +118,7 @@ RUN groupadd -r tomcat \ && chown -R tomcat:tomcat /opt/tomee/logs/ /opt/tomee/temp/ /opt/tomee/work/ \ && ln -s $JAVA_HOME/bin/java /etc/alternatives/java -# RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem +RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem COPY container_files/tier-support/ /opt/tier-support/ COPY container_files/usr-local-bin/ /usr/local/bin/ From fed93af0532a5b45728499d5252e3e2a0b11512e Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sat, 18 Aug 2018 14:18:45 -0400 Subject: [PATCH 09/77] Update Dockerfile --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f600f750..eee6c126 100644 --- a/Dockerfile +++ b/Dockerfile @@ -118,7 +118,8 @@ RUN groupadd -r tomcat \ && chown -R tomcat:tomcat /opt/tomee/logs/ /opt/tomee/temp/ /opt/tomee/work/ \ && ln -s $JAVA_HOME/bin/java /etc/alternatives/java -RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem +# does shib sp3 not generate these files? +# RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem COPY container_files/tier-support/ /opt/tier-support/ COPY container_files/usr-local-bin/ /usr/local/bin/ From effd79f8ce0a62d9da592d6ba92631d8ad295099 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 28 Aug 2018 14:58:18 -0400 Subject: [PATCH 10/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 8537cf91..be9cd2b0 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -39,5 +39,5 @@ grouperInstaller.autorun.installGrouperRabbitMqMessaging = t grouperInstaller.autorun.rabbitMqWhereInstalled = /opt/grouper/2.4.0/grouper.apiBinary-2.4.0/ # disable installing pspng, for now -grouperInstaller.autorun.installPspng = f +grouperInstaller.autorun.installPspng = t grouperInstaller.autorun.installPsp = f From 218db1712a311cbbedb823c247d451e35d85cc60 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Wed, 29 Aug 2018 11:20:44 -0400 Subject: [PATCH 11/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index be9cd2b0..33c3edf6 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -40,4 +40,4 @@ grouperInstaller.autorun.rabbitMqWhereInstalled = /opt/grouper/2.4.0/grouper.api # disable installing pspng, for now grouperInstaller.autorun.installPspng = t -grouperInstaller.autorun.installPsp = f +grouperInstaller.autorun.installPsp = t From 034f4cbdfde169d0ad87fe03a8dc716df45e0a17 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 31 Aug 2018 10:07:12 -0400 Subject: [PATCH 12/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 33c3edf6..be9cd2b0 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -40,4 +40,4 @@ grouperInstaller.autorun.rabbitMqWhereInstalled = /opt/grouper/2.4.0/grouper.api # disable installing pspng, for now grouperInstaller.autorun.installPspng = t -grouperInstaller.autorun.installPsp = t +grouperInstaller.autorun.installPsp = f From 059b9a93d0ab827b4985423316f66ec691fc5eff Mon Sep 17 00:00:00 2001 From: Chris Hubing Date: Tue, 4 Sep 2018 18:52:57 -0400 Subject: [PATCH 13/77] config changes for 2.4 --- container_files/grouper.installer.properties | 2 +- .../grouper/grouper-loader.properties | 7 ++--- .../grouper/subject.properties | 26 ++++++++++++------- .../container_files/conf/subject.properties | 26 ++++++++++++------- .../container_files/seed-data/bootstrap.gsh | 7 +++++ 5 files changed, 44 insertions(+), 24 deletions(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 33c3edf6..be9cd2b0 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -40,4 +40,4 @@ grouperInstaller.autorun.rabbitMqWhereInstalled = /opt/grouper/2.4.0/grouper.api # disable installing pspng, for now grouperInstaller.autorun.installPspng = t -grouperInstaller.autorun.installPsp = t +grouperInstaller.autorun.installPsp = f diff --git a/test-compose/configs-and-secrets/grouper/grouper-loader.properties b/test-compose/configs-and-secrets/grouper/grouper-loader.properties index 07c4f56a..c406f91a 100644 --- a/test-compose/configs-and-secrets/grouper/grouper-loader.properties +++ b/test-compose/configs-and-secrets/grouper/grouper-loader.properties @@ -4,17 +4,18 @@ # specify the ldap connection with user, pass, url # the string after "ldap." is the ID of the connection, and it should not have # spaces or other special chars in it. In this case is it "personLdap" - + #note the URL should start with ldap: or ldaps: if it is SSL. #It should contain the server and port (optional if not default), and baseDn, #e.g. ldaps://ldapserver.school.edu:636/dc=school,dc=edu -ldap.demo.url = ldap://data:389/dc=example,dc=edu +ldap.demo.url = ldap://data:389/dc=internet2,dc=edu #optional, if authenticated ldap.demo.user = cn=admin,dc=internet2,dc=edu #optional, if authenticated note the password can be stored encrypted in an external file -ldap.demo.pass = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')} +#ldap.demo.pass = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')} +ldap.demo.pass = password #optional, if you are using tls, set this to true. Generally you will not be using an SSL URL to use TLS... ldap.demo.tls = false diff --git a/test-compose/configs-and-secrets/grouper/subject.properties b/test-compose/configs-and-secrets/grouper/subject.properties index fd5b25cd..c9329fdb 100644 --- a/test-compose/configs-and-secrets/grouper/subject.properties +++ b/test-compose/configs-and-secrets/grouper/subject.properties @@ -1,19 +1,25 @@ -subject.sources.xml.location = +#subject.sources.xml.location = + +subjectApi.source.ldap.param.ldapServerId.value = demo + subjectApi.source.ldap.id = ldap subjectApi.source.ldap.name = EDU Ldap subjectApi.source.ldap.types = person subjectApi.source.ldap.adapterClass = edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter -subjectApi.source.ldap.param.INITIAL_CONTEXT_FACTORY.value = com.sun.jndi.ldap.LdapCtxFactory -subjectApi.source.ldap.param.PROVIDER_URL.value = ldap://data:389 -subjectApi.source.ldap.param.SECURITY_AUTHENTICATION.value = simple -subjectApi.source.ldap.param.SECURITY_PRINCIPAL.value = cn=admin,dc=internet2,dc=edu -subjectApi.source.ldap.param.SECURITY_CREDENTIALS.value.elConfig = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')} + +## replaced with new LDAPTIVE lib +#subjectApi.source.ldap.param.INITIAL_CONTEXT_FACTORY.value = com.sun.jndi.ldap.LdapCtxFactory +#subjectApi.source.ldap.param.PROVIDER_URL.value = ldap://data:389 +#subjectApi.source.ldap.param.SECURITY_AUTHENTICATION.value = simple +#subjectApi.source.ldap.param.SECURITY_PRINCIPAL.value = cn=admin,dc=internet2,dc=edu +#subjectApi.source.ldap.param.SECURITY_CREDENTIALS.value.elConfig = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')} +#subjectApi.source.ldap.param.VTLDAP_VALIDATOR.value = ConnectLdapValidator + subjectApi.source.ldap.param.SubjectID_AttributeType.value = uid subjectApi.source.ldap.param.SubjectID_formatToLowerCase.value = false subjectApi.source.ldap.param.Name_AttributeType.value = cn subjectApi.source.ldap.param.Description_AttributeType.value = cn -subjectApi.source.ldap.param.VTLDAP_VALIDATOR.value = ConnectLdapValidator subjectApi.source.ldap.param.subjectVirtualAttribute_0_searchAttribute0.value = ${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('uid'), "")},${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('cn'), "")},${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('exampleEduRegId'), "")} subjectApi.source.ldap.param.sortAttribute0.value = cn subjectApi.source.ldap.param.searchAttribute0.value = searchAttribute0 @@ -55,7 +61,7 @@ subjectApi.source.ldap.param.searchAttribute0.value = searchAttribute0 # Each subject has one and only on ID. Returns one result when searching for one ID. subjectApi.source.ldap.search.searchSubject.param.filter.value = (&(uid=%TERM%)(objectclass=person)) subjectApi.source.ldap.search.searchSubject.param.scope.value = SUBTREE_SCOPE -subjectApi.source.ldap.search.searchSubject.param.base.value = ou=people,dc=internet2,dc=edu +subjectApi.source.ldap.search.searchSubject.param.base.value = ou=people #searchSubjectByIdentifier: find a subject by identifier. Identifier is anything that uniquely # identifies the user, e.g. jsmith or jsmith@institution.edu. @@ -63,13 +69,13 @@ subjectApi.source.ldap.search.searchSubject.param.base.value = ou=people,dc=inte # even across sources. Returns one result when searching for one identifier. subjectApi.source.ldap.search.searchSubjectByIdentifier.param.filter.value = (&(|(uid=%TERM%)(employeeNumber=%TERM%))(objectclass=person)) subjectApi.source.ldap.search.searchSubjectByIdentifier.param.scope.value = SUBTREE_SCOPE -subjectApi.source.ldap.search.searchSubjectByIdentifier.param.base.value = ou=people,dc=internet2,dc=edu +subjectApi.source.ldap.search.searchSubjectByIdentifier.param.base.value = ou=people # search: find subjects by free form search. Returns multiple results. subjectApi.source.ldap.search.search.param.filter.value = (&(|(|(uid=%TERM%)(cn=*%TERM%*))(uid=%TERM%*))(objectclass=person)) subjectApi.source.ldap.search.search.param.scope.value = SUBTREE_SCOPE -subjectApi.source.ldap.search.search.param.base.value = ou=people,dc=internet2,dc=edu +subjectApi.source.ldap.search.search.param.base.value = ou=people subjectApi.source.ldap.attributes = givenName, sn, uid, mail, employeeNumber subjectApi.source.ldap.internalAttributes = searchAttribute0 diff --git a/test-compose/data/container_files/conf/subject.properties b/test-compose/data/container_files/conf/subject.properties index a8231911..c9329fdb 100644 --- a/test-compose/data/container_files/conf/subject.properties +++ b/test-compose/data/container_files/conf/subject.properties @@ -1,19 +1,25 @@ -subject.sources.xml.location = +#subject.sources.xml.location = + +subjectApi.source.ldap.param.ldapServerId.value = demo + subjectApi.source.ldap.id = ldap subjectApi.source.ldap.name = EDU Ldap subjectApi.source.ldap.types = person subjectApi.source.ldap.adapterClass = edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter -subjectApi.source.ldap.param.INITIAL_CONTEXT_FACTORY.value = com.sun.jndi.ldap.LdapCtxFactory -subjectApi.source.ldap.param.PROVIDER_URL.value = ldap://localhost:389 -subjectApi.source.ldap.param.SECURITY_AUTHENTICATION.value = simple -subjectApi.source.ldap.param.SECURITY_PRINCIPAL.value = cn=admin,dc=internet2,dc=edu -subjectApi.source.ldap.param.SECURITY_CREDENTIALS.value = password + +## replaced with new LDAPTIVE lib +#subjectApi.source.ldap.param.INITIAL_CONTEXT_FACTORY.value = com.sun.jndi.ldap.LdapCtxFactory +#subjectApi.source.ldap.param.PROVIDER_URL.value = ldap://data:389 +#subjectApi.source.ldap.param.SECURITY_AUTHENTICATION.value = simple +#subjectApi.source.ldap.param.SECURITY_PRINCIPAL.value = cn=admin,dc=internet2,dc=edu +#subjectApi.source.ldap.param.SECURITY_CREDENTIALS.value.elConfig = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')} +#subjectApi.source.ldap.param.VTLDAP_VALIDATOR.value = ConnectLdapValidator + subjectApi.source.ldap.param.SubjectID_AttributeType.value = uid subjectApi.source.ldap.param.SubjectID_formatToLowerCase.value = false subjectApi.source.ldap.param.Name_AttributeType.value = cn subjectApi.source.ldap.param.Description_AttributeType.value = cn -subjectApi.source.ldap.param.VTLDAP_VALIDATOR.value = ConnectLdapValidator subjectApi.source.ldap.param.subjectVirtualAttribute_0_searchAttribute0.value = ${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('uid'), "")},${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('cn'), "")},${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('exampleEduRegId'), "")} subjectApi.source.ldap.param.sortAttribute0.value = cn subjectApi.source.ldap.param.searchAttribute0.value = searchAttribute0 @@ -55,7 +61,7 @@ subjectApi.source.ldap.param.searchAttribute0.value = searchAttribute0 # Each subject has one and only on ID. Returns one result when searching for one ID. subjectApi.source.ldap.search.searchSubject.param.filter.value = (&(uid=%TERM%)(objectclass=person)) subjectApi.source.ldap.search.searchSubject.param.scope.value = SUBTREE_SCOPE -subjectApi.source.ldap.search.searchSubject.param.base.value = ou=people,dc=internet2,dc=edu +subjectApi.source.ldap.search.searchSubject.param.base.value = ou=people #searchSubjectByIdentifier: find a subject by identifier. Identifier is anything that uniquely # identifies the user, e.g. jsmith or jsmith@institution.edu. @@ -63,13 +69,13 @@ subjectApi.source.ldap.search.searchSubject.param.base.value = ou=people,dc=inte # even across sources. Returns one result when searching for one identifier. subjectApi.source.ldap.search.searchSubjectByIdentifier.param.filter.value = (&(|(uid=%TERM%)(employeeNumber=%TERM%))(objectclass=person)) subjectApi.source.ldap.search.searchSubjectByIdentifier.param.scope.value = SUBTREE_SCOPE -subjectApi.source.ldap.search.searchSubjectByIdentifier.param.base.value = ou=people,dc=internet2,dc=edu +subjectApi.source.ldap.search.searchSubjectByIdentifier.param.base.value = ou=people # search: find subjects by free form search. Returns multiple results. subjectApi.source.ldap.search.search.param.filter.value = (&(|(|(uid=%TERM%)(cn=*%TERM%*))(uid=%TERM%*))(objectclass=person)) subjectApi.source.ldap.search.search.param.scope.value = SUBTREE_SCOPE -subjectApi.source.ldap.search.search.param.base.value = ou=people,dc=internet2,dc=edu +subjectApi.source.ldap.search.search.param.base.value = ou=people subjectApi.source.ldap.attributes = givenName, sn, uid, mail, employeeNumber subjectApi.source.ldap.internalAttributes = searchAttribute0 diff --git a/test-compose/data/container_files/seed-data/bootstrap.gsh b/test-compose/data/container_files/seed-data/bootstrap.gsh index e2a018aa..b8d9c9f7 100644 --- a/test-compose/data/container_files/seed-data/bootstrap.gsh +++ b/test-compose/data/container_files/seed-data/bootstrap.gsh @@ -1,3 +1,10 @@ gs = GrouperSession.startRootSession() +addStem("","app", "enterprise applications access control policy") +addStem("","basis", "groups used exclusively by the IAM team to build reference groups") +addStem("","bundle", "sets of reference groups used in policy for many services") +addStem("","org", "delegated authority, ad-hoc groups, org owned apps or reference groups") +addStem("","ref", "reference groups (i.e. institutional meaningful cohorts)") +addStem("","test", "test folder for system verification") + addMember("etc:sysadmingroup","banderson"); From f36b8560e2070b2ce206833ae2ed5eab23673a93 Mon Sep 17 00:00:00 2001 From: Chris Hubing Date: Fri, 7 Sep 2018 09:48:14 -0400 Subject: [PATCH 14/77] 2.4 config updates --- .../grouper/grouper-loader.properties | 4 +- .../conf/grouper-loader.properties | 64 +++++++++++++++++++ test-compose/docker-compose.yml | 15 +++++ 3 files changed, 81 insertions(+), 2 deletions(-) create mode 100644 test-compose/data/container_files/conf/grouper-loader.properties diff --git a/test-compose/configs-and-secrets/grouper/grouper-loader.properties b/test-compose/configs-and-secrets/grouper/grouper-loader.properties index c406f91a..68bef05f 100644 --- a/test-compose/configs-and-secrets/grouper/grouper-loader.properties +++ b/test-compose/configs-and-secrets/grouper/grouper-loader.properties @@ -14,8 +14,8 @@ ldap.demo.url = ldap://data:389/dc=internet2,dc=edu ldap.demo.user = cn=admin,dc=internet2,dc=edu #optional, if authenticated note the password can be stored encrypted in an external file -#ldap.demo.pass = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')} -ldap.demo.pass = password +ldap.demo.pass.elConfig = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')} +#ldap.demo.pass = password #optional, if you are using tls, set this to true. Generally you will not be using an SSL URL to use TLS... ldap.demo.tls = false diff --git a/test-compose/data/container_files/conf/grouper-loader.properties b/test-compose/data/container_files/conf/grouper-loader.properties new file mode 100644 index 00000000..c7d0bcbc --- /dev/null +++ b/test-compose/data/container_files/conf/grouper-loader.properties @@ -0,0 +1,64 @@ +################################# +## LDAP connections +################################# +# specify the ldap connection with user, pass, url +# the string after "ldap." is the ID of the connection, and it should not have +# spaces or other special chars in it. In this case is it "personLdap" + +#note the URL should start with ldap: or ldaps: if it is SSL. +#It should contain the server and port (optional if not default), and baseDn, +#e.g. ldaps://ldapserver.school.edu:636/dc=school,dc=edu +ldap.demo.url = ldap://localhost:389/dc=internet2,dc=edu + +#optional, if authenticated +ldap.demo.user = cn=admin,dc=internet2,dc=edu +#ldap.demo.user = cn=admin + +#optional, if authenticated note the password can be stored encrypted in an external file +#ldap.demo.pass = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')} +ldap.demo.pass = password + +#optional, if you are using tls, set this to true. Generally you will not be using an SSL URL to use TLS... +ldap.demo.tls = false + +#optional, if using sasl +#ldap.personLdap.saslAuthorizationId = +#ldap.personLdap.saslRealm = + +#optional (note, time limit is for search operations, timeout is for connection timeouts), +#most of these default to vt-ldap defaults. times are in millis +#validateOnCheckout defaults to true if all other validate methods are false +#ldap.personLdap.batchSize = +#ldap.personLdap.countLimit = +#ldap.personLdap.timeLimit = +#ldap.personLdap.timeout = +#ldap.personLdap.minPoolSize = +#ldap.personLdap.maxPoolSize = +#ldap.personLdap.validateOnCheckIn = +#ldap.personLdap.validateOnCheckOut = +#ldap.personLdap.validatePeriodically = +#ldap.personLdap.validateTimerPeriod = +#ldap.personLdap.pruneTimerPeriod = +#if connections expire after a certain amount of time, this is it, in millis, defaults to 300000 (5 minutes) +#ldap.personLdap.expirationTime = + +#make the paths fully qualified and not relative to the loader group. +loader.ldap.requireTopStemAsStemFromConfigGroup=false + +##################################### +## Messaging integration with change log +##################################### +changeLog.consumer.rabbitMqMessagingSample.quartzCron = 0 * * * * ? + +# note, change "messagingSample" in key to be the name of the consumer. e.g. changeLog.consumer.someNameAnyName.class +changeLog.consumer.rabbitMqMessagingSample.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbConsumer + +changeLog.consumer.rabbitMqMessagingSample.publisher.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbMessagingPublisher +changeLog.consumer.rabbitMqMessagingSample.publisher.messagingSystemName = rabbitmq +# note, routingKey property is valid only for rabbitmq. For other messaging systems, it is ignored. +changeLog.consumer.rabbitMqMessagingSample.publisher.routingKey = +## queue or topic +changeLog.consumer.rabbitMqMessagingSample.publisher.messageQueueType = queue +changeLog.consumer.rabbitMqMessagingSample.publisher.queueOrTopicName = sampleQueue +## this is optional if not using "id" for subjectId, need to be a subject attribute in the sources.xml +#changeLog.consumer.rabbitMqMessagingSample.publisher.addSubjectAttributes = email diff --git a/test-compose/docker-compose.yml b/test-compose/docker-compose.yml index bf11466c..c0e21ed3 100644 --- a/test-compose/docker-compose.yml +++ b/test-compose/docker-compose.yml @@ -198,7 +198,22 @@ services: ports: - "389:389" - "3306:3306" + secrets: + - database_password.txt + - rabbitmq_password.txt + - source: grouper.hibernate.properties + target: grouper_grouper.hibernate.properties + - source: grouper-loader.properties + target: grouper_grouper-loader.properties + - source: subject.properties + target: grouper_subject.properties volumes: + - type: bind + source: ./configs-and-secrets/grouper/grouper.properties + target: /opt/grouper/conf/grouper.properties + - type: bind + source: ./configs-and-secrets/grouper/grouper.client.properties + target: /opt/grouper/conf/grouper.client.properties - grouper_mysql:/var/lib/mysql - grouper_ldap:/var/lib/dirsrv From e4af63fc294342ca20de78343f95bb7182558727 Mon Sep 17 00:00:00 2001 From: Chris Hubing Date: Mon, 10 Sep 2018 11:17:05 -0400 Subject: [PATCH 15/77] fixed web.xml shib for 2.4 --- container_files/grouper.installer.properties | 2 +- container_files/ui/web.xml | 174 ++++--------------- test-compose/ui/Dockerfile | 1 + 3 files changed, 32 insertions(+), 145 deletions(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index be9cd2b0..fa0f8b8d 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = true # grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -# grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_3_0_api_patch_108,grouper_v2_3_0_ui_patch_45,grouper_v2_3_0_ws_patch_12,grouper_v2_3_0_pspng_patch_16 + grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_3_0_api_patch_0,grouper_v2_3_0_ui_patch_0,grouper_v2_3_0_ws_patch_0,grouper_v2_3_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true diff --git a/container_files/ui/web.xml b/container_files/ui/web.xml index 92d4125d..f3aa302f 100644 --- a/container_files/ui/web.xml +++ b/container_files/ui/web.xml @@ -1,203 +1,89 @@ - - - - - - - + + GrouperUi edu.internet2.middleware.grouper.ui.GrouperUiFilter - - - - Error Catcher - edu.internet2.middleware.grouper.ui.ErrorFilter - - - Login check - edu.internet2.middleware.grouper.ui.LoginCheckFilter - - failureUrl - /index.jsp - - - ignore - :/populateIndex.do:/callLogin.do:/error.do:/logout.do:/status: - - - grouperRole - * - - - - - Caller page - edu.internet2.middleware.grouper.ui.CallerPageFilter - - - + CSRFGuard org.owasp.csrfguard.CsrfGuardFilter - - - - GrouperUi - *.do - - - + GrouperUi *.jsp - - - Error Catcher - *.do - - - - Error Catcher - /gotoCallerPage - - - + GrouperUi /grouperUi/app/* - - + GrouperUi /grouperUi/appHtml/* - - + GrouperUi /grouperExternal/app/* - - - GrouperUi - /grouperExternal/appHtml/* - - - + GrouperUi /grouperExternal/public/UiV2Public.index - - + GrouperUi /grouperExternal/public/UiV2Public.postIndex - - - Caller page - /gotoCallerPage - - - - Login check - *.do - - - + CSRFGuard /* - - - - edu.internet2.middleware.grouper.ui.GrouperSessionAttributeListener - - - + + edu.internet2.middleware.grouper.ui.GrouperSessionAttributeListener + + org.owasp.csrfguard.CsrfGuardServletContextListener - - + org.owasp.csrfguard.CsrfGuardHttpSessionListener - - - + StatusServlet Status Servlet edu.internet2.middleware.grouper.j2ee.status.GrouperStatusServlet 1 - - - - + UiServlet edu.internet2.middleware.grouper.j2ee.GrouperUiRestServlet 1 - - - OwaspJavaScriptServlet - org.owasp.csrfguard.servlet.JavaScriptServlet - - - - action - org.apache.struts.action.ActionServlet - - config - /WEB-INF/struts-config.xml - - 2 + + OwaspJavaScriptServlet + org.owasp.csrfguard.servlet.JavaScriptServlet - - - + StatusServlet /status - - + UiServlet /grouperUi/app/* - - + UiServlet /grouperExternal/app/* - - + UiServlet /grouperExternal/public/UiV2Public.index - - + UiServlet /grouperExternal/public/UiV2Public.postIndex - - - OwaspJavaScriptServlet - /grouperExternal/public/OwaspJavaScriptServlet - - - - action - *.do + + OwaspJavaScriptServlet + /grouperExternal/public/OwaspJavaScriptServlet - - - - - - - - - - - diff --git a/test-compose/ui/Dockerfile b/test-compose/ui/Dockerfile index 8fec2ae0..672230a8 100644 --- a/test-compose/ui/Dockerfile +++ b/test-compose/ui/Dockerfile @@ -3,5 +3,6 @@ FROM tier/grouper:latest LABEL author="tier-packaging@internet2.edu " #COPY in custom css, images, etc +ENV CLASSPATH=/ CMD ["ui"] From 1b3d216a5b9e4862c1b3f2bbe2cf7440261eaddc Mon Sep 17 00:00:00 2001 From: Chris Hubing Date: Mon, 10 Sep 2018 11:21:24 -0400 Subject: [PATCH 16/77] Added folders per the TIER Grouper Deployment Guide --- .../data/container_files/seed-data/bootstrap.gsh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/test-compose/data/container_files/seed-data/bootstrap.gsh b/test-compose/data/container_files/seed-data/bootstrap.gsh index b8d9c9f7..4f902129 100644 --- a/test-compose/data/container_files/seed-data/bootstrap.gsh +++ b/test-compose/data/container_files/seed-data/bootstrap.gsh @@ -1,10 +1,10 @@ gs = GrouperSession.startRootSession() -addStem("","app", "enterprise applications access control policy") -addStem("","basis", "groups used exclusively by the IAM team to build reference groups") -addStem("","bundle", "sets of reference groups used in policy for many services") -addStem("","org", "delegated authority, ad-hoc groups, org owned apps or reference groups") -addStem("","ref", "reference groups (i.e. institutional meaningful cohorts)") -addStem("","test", "test folder for system verification") +addStem("","app", "app") +addStem("","basis", "basis") +addStem("","bundle", "bundle") +addStem("","org", "org") +addStem("","ref", "ref") +addStem("","test", "test") addMember("etc:sysadmingroup","banderson"); From 6786a42ba91066f2ec451cc631c1aaf1113ac7b9 Mon Sep 17 00:00:00 2001 From: Chris Hubing Date: Mon, 10 Sep 2018 11:40:42 -0400 Subject: [PATCH 17/77] Removed unneeded line --- test-compose/ui/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/test-compose/ui/Dockerfile b/test-compose/ui/Dockerfile index 672230a8..8fec2ae0 100644 --- a/test-compose/ui/Dockerfile +++ b/test-compose/ui/Dockerfile @@ -3,6 +3,5 @@ FROM tier/grouper:latest LABEL author="tier-packaging@internet2.edu " #COPY in custom css, images, etc -ENV CLASSPATH=/ CMD ["ui"] From f08da3496bc79d2cabbf146d5c80339cbcc182af Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 10 Sep 2018 12:08:10 -0400 Subject: [PATCH 18/77] Update README.md --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index c00d0dd8..47bcfdd5 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,13 @@ [![Build Status](https://jenkins.testbed.tier.internet2.edu/job/docker/job/grouper/job/master/badge/icon)](https://jenkins.testbed.tier.internet2.edu/job/docker/job/grouper/job/master/) +# Upgrading from 2.3 to 2.4 + +If upgrading from Grouper version 2.3 to 2.4, modifications will be needed in subject.properties and grouper-loaders.proprties. Further details about this can be found at the following URL: +https://spaces.at.internet2.edu/display/Grouper/vt-ldap+to+ldaptive+migration+for+LDAP+access + +Additional upgrade information can be found at the following URL: https://spaces.at.internet2.edu/display/Grouper/v2.4+Upgrade+Instructions+from+v2.3 + # Supported tags - latest From 5f5120a79c74f6f2046a06ab14211353fd6fd094 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 10 Sep 2018 12:21:12 -0400 Subject: [PATCH 19/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index fa0f8b8d..6ee5ce3a 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -14,9 +14,9 @@ grouperInstaller.default.installOrUpgrade = install ## ############################## -grouperInstaller.autorun.installAllPatches = true -# grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true - grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_3_0_api_patch_0,grouper_v2_3_0_ui_patch_0,grouper_v2_3_0_ws_patch_0,grouper_v2_3_0_pspng_patch_0 +grouperInstaller.autorun.installAllPatches = false +grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_0,grouper_v2_4_0_ui_patch_0,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From a8a634ed4d07832862208dad22e8e314c8dc257b Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 11 Sep 2018 12:46:36 -0400 Subject: [PATCH 20/77] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 47bcfdd5..edd47bb5 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ # Upgrading from 2.3 to 2.4 -If upgrading from Grouper version 2.3 to 2.4, modifications will be needed in subject.properties and grouper-loaders.proprties. Further details about this can be found at the following URL: +If upgrading from Grouper version 2.3 to 2.4 and using LDAP, modifications will be needed in subject.properties and grouper-loaders.proprties. Further details about this can be found at the following URL: https://spaces.at.internet2.edu/display/Grouper/vt-ldap+to+ldaptive+migration+for+LDAP+access Additional upgrade information can be found at the following URL: https://spaces.at.internet2.edu/display/Grouper/v2.4+Upgrade+Instructions+from+v2.3 From 442c07f4b0cc30b937967f30d3aad4ab2a0d13f7 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sun, 16 Sep 2018 12:02:43 -0400 Subject: [PATCH 21/77] api patch 1 --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 6ee5ce3a..3d2b2f6d 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_0,grouper_v2_4_0_ui_patch_0,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_1,grouper_v2_4_0_ui_patch_0,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 20aedfd9d143943eab72ff9f10aefebbe6bb893a Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 18 Sep 2018 07:44:11 -0400 Subject: [PATCH 22/77] API patch 2 --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 3d2b2f6d..e3b3dc58 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_1,grouper_v2_4_0_ui_patch_0,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_2,grouper_v2_4_0_ui_patch_0,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 454e7c6db59d65b77330de284253d328dfd29744 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 1 Oct 2018 12:41:01 -0400 Subject: [PATCH 23/77] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index edd47bb5..933bbdf3 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,8 @@ If upgrading from Grouper version 2.3 to 2.4 and using LDAP, modifications will be needed in subject.properties and grouper-loaders.proprties. Further details about this can be found at the following URL: https://spaces.at.internet2.edu/display/Grouper/vt-ldap+to+ldaptive+migration+for+LDAP+access +In particular, in subject.properties, *.param.base.value should be adjusted to only contain the RDN (Relative Distinguished Name), not the full DN. For example, "OU=People", not "OU=People,DC=domain,DC=edu" + Additional upgrade information can be found at the following URL: https://spaces.at.internet2.edu/display/Grouper/v2.4+Upgrade+Instructions+from+v2.3 # Supported tags From 1f1797d7a98fd14559181fe0fec24b856f222384 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 2 Oct 2018 16:12:03 -0400 Subject: [PATCH 24/77] Testing Aqua Microscanner --- Jenkinsfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 8cb90349..c274a79a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -51,10 +51,12 @@ pipeline { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") // test the environment + aquaMicroscanner imageName: "$maintainer/$imagename" sh 'cd test-compose && ./compose.sh' // bring down after testing sh 'cd test-compose && docker-compose down' baseImg.push("$tag") + } } } From c83210b70804b22be5061bc18d914ec59c3e84b3 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 4 Oct 2018 14:34:07 -0400 Subject: [PATCH 25/77] testing clair scanner in jenkins --- Jenkinsfile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index c274a79a..95d84907 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -50,8 +50,13 @@ pipeline { script { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") + // scan the image with clair + docker run -p 5432:5432 -d --name db arminc/clair-db:2017-10-04 + docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5 + curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 + chmod 755 clair-scanner + ./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename // test the environment - aquaMicroscanner imageName: "$maintainer/$imagename" sh 'cd test-compose && ./compose.sh' // bring down after testing sh 'cd test-compose && docker-compose down' From 9445f3111860f2b4547bcd9f860987ee4adad368 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 4 Oct 2018 14:36:40 -0400 Subject: [PATCH 26/77] Update Jenkinsfile --- Jenkinsfile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 95d84907..a8c4c679 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -51,11 +51,11 @@ pipeline { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") // scan the image with clair - docker run -p 5432:5432 -d --name db arminc/clair-db:2017-10-04 - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5 - curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 - chmod 755 clair-scanner - ./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename + sh 'docker run -p 5432:5432 -d --name db arminc/clair-db:2017-10-04' + sh 'docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5' + sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' + sh 'chmod 755 clair-scanner' + sh './clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename' // test the environment sh 'cd test-compose && ./compose.sh' // bring down after testing From 298594f64d0733223e47d5f220d4a5d1ccd4ba64 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 4 Oct 2018 14:55:10 -0400 Subject: [PATCH 27/77] hard coding image name temporarily --- Jenkinsfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index a8c4c679..df57acc0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -49,18 +49,18 @@ pipeline { steps { script { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { - def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") + // def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") // scan the image with clair sh 'docker run -p 5432:5432 -d --name db arminc/clair-db:2017-10-04' sh 'docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5' sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' sh 'chmod 755 clair-scanner' - sh './clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename' + sh './clair-scanner --ip 172.17.0.1 -r test.out tier/grouper' // test the environment sh 'cd test-compose && ./compose.sh' // bring down after testing sh 'cd test-compose && docker-compose down' - baseImg.push("$tag") + // baseImg.push("$tag") } } From b156912162b65a7c005e74752b3ea955b079c2d7 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 4 Oct 2018 15:01:39 -0400 Subject: [PATCH 28/77] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index df57acc0..35cd096c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -55,7 +55,7 @@ pipeline { sh 'docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5' sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' sh 'chmod 755 clair-scanner' - sh './clair-scanner --ip 172.17.0.1 -r test.out tier/grouper' + sh "./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename:$tag" // test the environment sh 'cd test-compose && ./compose.sh' // bring down after testing From 6d0199c3e570b2864809f5097418668d2dbef3bc Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 4 Oct 2018 15:22:37 -0400 Subject: [PATCH 29/77] Update Jenkinsfile --- Jenkinsfile | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 35cd096c..5d5b035a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -49,18 +49,22 @@ pipeline { steps { script { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { - // def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") + def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") // scan the image with clair - sh 'docker run -p 5432:5432 -d --name db arminc/clair-db:2017-10-04' - sh 'docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5' + sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:2017-10-04' + sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5' sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' sh 'chmod 755 clair-scanner' sh "./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename:$tag" - // test the environment + // test the environment + sh 'docker kill clairdb' + sh 'docker rm clairdb' + sh 'docker kill clair' + sh 'docker rm clair' sh 'cd test-compose && ./compose.sh' // bring down after testing sh 'cd test-compose && docker-compose down' - // baseImg.push("$tag") + baseImg.push("$tag") } } From 846dc965af1c7b7a82e682d2170db3d13fd603e2 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 4 Oct 2018 15:35:02 -0400 Subject: [PATCH 30/77] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 5d5b035a..9db4574d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -55,7 +55,7 @@ pipeline { sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5' sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' sh 'chmod 755 clair-scanner' - sh "./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename:$tag" + sh "./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename:latest" // test the environment sh 'docker kill clairdb' sh 'docker rm clairdb' From a4fa056cf65378f9d01ff49307b1df8bcbd59196 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 4 Oct 2018 15:52:32 -0400 Subject: [PATCH 31/77] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 9db4574d..17cdd795 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -51,7 +51,7 @@ pipeline { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") // scan the image with clair - sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:2017-10-04' + sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:2018-10-04' sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5' sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' sh 'chmod 755 clair-scanner' From c08db92982f167125f376efcebabe0139591a771 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 4 Oct 2018 16:28:40 -0400 Subject: [PATCH 32/77] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 17cdd795..fb2ba008 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -51,7 +51,7 @@ pipeline { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") // scan the image with clair - sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:2018-10-04' + sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:latest' sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5' sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' sh 'chmod 755 clair-scanner' From fdfd1f6b82a615bd3d3a2add7720f811eea79577 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 12:31:29 -0400 Subject: [PATCH 33/77] Create clairscan.sh --- tests/clairscan.sh | 72 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 tests/clairscan.sh diff --git a/tests/clairscan.sh b/tests/clairscan.sh new file mode 100644 index 00000000..99e36141 --- /dev/null +++ b/tests/clairscan.sh @@ -0,0 +1,72 @@ +#!/bin/bash + +startsecs=$(date +'%s') +starttime=$(date +%H:%M:%S) + +echo 'starting:' ${starttime} + +#ensure clair-scanner +if [ ! -s ./clair-scanner ]; then + echo 'downloading curl-scanner...' + curl -s -L -o ./clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 + chmod 755 clair-scanner +else + echo 'using existing clair-scanner...' +fi + +#ensure DB container +echo 'ensuring a fresh clair-db container...' +docker ps | grep clair-db &>/dev/null +if [ $? == "0" ]; then + echo 'removing existing clair-db container...' + docker kill db &>/dev/null + docker rm db &>/dev/null + docker run -p 5432:5432 -d --name db arminc/clair-db:latest &>/dev/null +else + docker run -p 5432:5432 -d --name db arminc/clair-db:latest &>/dev/null +fi +sleep 30 + +#ensure clair-scan container +echo 'ensuring a fresh clair-scan container...' +docker ps | grep clair-local-scan &>/dev/null +if [ $? == "0" ]; then + echo 'removing existing clair-scan container...' + docker kill clair &>/dev/null + docker rm clair &>/dev/null + docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5 &>/dev/null +else + docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5 &>/dev/null +fi +sleep 30 + +#get ip where clair-scanner will listen +clairip=$(/sbin/ifconfig docker0 | grep 'inet ' | sed 's/^[[:space:]]*//g' | cut -f 2 -d ' ' | sed 's/^[[:space:]]*//g') +echo 'sending ip addr' ${clairip} 'to clair-scan server...' + +#run scan +echo 'running scan...' +./clair-scanner --ip ${clairip} $1 +retcode=$? + +#eval results +if [ $retcode == '0' ]; then + echo 'scan found nothing.' +else + echo 'scan found issues.' +fi + +#cleanup +echo 'removing temporary containers...' +docker kill clair &>/dev/null +docker rm clair &>/dev/null +docker kill db &>/dev/null +docker rm db &>/dev/null + +endsecs=$(date +'%s') +endtime=$(date +%H:%M:%S) +echo 'finished:' $endtime ' ('$((endsecs - startsecs)) 'seconds)' +echo "" + +#pass along return code from scan +exit $retcode From d5241b56d33d634e200f23b2c8e3b27f35a2bbaa Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 12:33:25 -0400 Subject: [PATCH 34/77] Create main.bats --- tests/main.bats | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 tests/main.bats diff --git a/tests/main.bats b/tests/main.bats new file mode 100644 index 00000000..73d3cf82 --- /dev/null +++ b/tests/main.bats @@ -0,0 +1,33 @@ +#!/usr/bin/env bats + +load ../common + +@test "010 Image is present and healthy" { + docker image inspect ${maintainer}/${imagename} +} + +@test "030 Port 443/https is listening" { + docker run -d ${maintainer}/${imagename} + sleep 25 + #get cont id + contid=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ') + run docker exec -i ${contid} sh -c 'cat < /dev/null > /dev/tcp/127.0.0.1/443' + docker kill ${contid} &>/dev/null + docker rm ${contid} &>/dev/null + [ "$status" -eq 0 ] +} + +@test "040 The Grouper Status page is present" { + docker run -d ${maintainer}/${imagename} + sleep 60 + contid2=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ') + run docker exec -i ${contid2} sh -c 'curl -I -k -s -f https://127.0.0.1/grouper/status?diagnosticType=trivial' + docker kill ${contid2} &>/dev/null + docker rm ${contid2} &>/dev/null + [ "$status" -eq 0 ] +} + + +@test "070 There are no known security vulnerabilities" { + ./tests/clairscan.sh ${maintainer}/${imagename} +} From 91c611f8aa3c172896b5f17009c56b60e6639dac Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 12:41:05 -0400 Subject: [PATCH 35/77] Update Jenkinsfile --- Jenkinsfile | 55 +++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 41 insertions(+), 14 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index fb2ba008..0d52ba13 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -46,24 +46,51 @@ pipeline { } } stage('Build') { + steps { + script { + try{ + sh 'bin/rebuild.sh &> debug' + } catch(error) { + def error_details = readFile('./debug'); + def message = "BUILD ERROR: There was a problem building ${imagename}:${tag}. \n\n ${error_details}" + sh "rm -f ./debug" + handleError(message) + } + } + } + stage('Test') { + steps { + script { + try { + sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0' + } catch (error) { + def error_details = readFile('./debug') + def message = "BUILD ERROR: There was a problem testing ${imagename}:${tag}. \n\n ${error_details}" + sh "rm -f ./debug" + handleError(message) + } + } + } + + stage('Push') { steps { script { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") - // scan the image with clair - sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:latest' - sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5' - sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' - sh 'chmod 755 clair-scanner' - sh "./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename:latest" - // test the environment - sh 'docker kill clairdb' - sh 'docker rm clairdb' - sh 'docker kill clair' - sh 'docker rm clair' - sh 'cd test-compose && ./compose.sh' - // bring down after testing - sh 'cd test-compose && docker-compose down' + //// scan the image with clair + // sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:latest' + // sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5' + // sh 'curl -L -o clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64' + // sh 'chmod 755 clair-scanner' + // sh "./clair-scanner --ip 172.17.0.1 -r test.out $maintainer/$imagename:latest" + //// test the environment + // sh 'docker kill clairdb' + // sh 'docker rm clairdb' + // sh 'docker kill clair' + // sh 'docker rm clair' + // sh 'cd test-compose && ./compose.sh' + //// bring down after testing + //sh 'cd test-compose && docker-compose down' baseImg.push("$tag") } From a783a1a4402382834e087338457bef28bd99b2dc Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 12:44:23 -0400 Subject: [PATCH 36/77] Update Jenkinsfile --- Jenkinsfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 0d52ba13..9b43e606 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -57,6 +57,7 @@ pipeline { handleError(message) } } + } } stage('Test') { steps { @@ -70,6 +71,7 @@ pipeline { handleError(message) } } + } } stage('Push') { From e56671814d9d7b9222ff482fa683601c5d1b867e Mon Sep 17 00:00:00 2001 From: Chris Hubing Date: Mon, 8 Oct 2018 12:56:23 -0400 Subject: [PATCH 37/77] added x bit --- tests/clairscan.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 tests/clairscan.sh diff --git a/tests/clairscan.sh b/tests/clairscan.sh old mode 100644 new mode 100755 From d37730b882f051c8a591d760ac22f657c485b63c Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 13:01:41 -0400 Subject: [PATCH 38/77] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 9b43e606..c764ea9b 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -49,7 +49,7 @@ pipeline { steps { script { try{ - sh 'bin/rebuild.sh &> debug' + sh 'bin/rebuild.sh | tee debug ; test ${PIPESTATUS[0]} -eq 0' } catch(error) { def error_details = readFile('./debug'); def message = "BUILD ERROR: There was a problem building ${imagename}:${tag}. \n\n ${error_details}" From effd5212d768694f1fe4c27760529ff233296219 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 13:03:05 -0400 Subject: [PATCH 39/77] Update main.bats --- tests/main.bats | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/tests/main.bats b/tests/main.bats index 73d3cf82..e7be030f 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -17,16 +17,6 @@ load ../common [ "$status" -eq 0 ] } -@test "040 The Grouper Status page is present" { - docker run -d ${maintainer}/${imagename} - sleep 60 - contid2=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ') - run docker exec -i ${contid2} sh -c 'curl -I -k -s -f https://127.0.0.1/grouper/status?diagnosticType=trivial' - docker kill ${contid2} &>/dev/null - docker rm ${contid2} &>/dev/null - [ "$status" -eq 0 ] -} - @test "070 There are no known security vulnerabilities" { ./tests/clairscan.sh ${maintainer}/${imagename} From 5a963c1c96633f5640f4acb5c4dacfd8e57f3506 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 13:07:01 -0400 Subject: [PATCH 40/77] Update main.bats --- tests/main.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/main.bats b/tests/main.bats index e7be030f..d70655b0 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -7,7 +7,7 @@ load ../common } @test "030 Port 443/https is listening" { - docker run -d ${maintainer}/${imagename} + docker run -d ${maintainer}/${imagename} ui sleep 25 #get cont id contid=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ') From 4cc64f08da86be058624260f87bcf6e53860f91d Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 13:23:49 -0400 Subject: [PATCH 41/77] Update main.bats --- tests/main.bats | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/tests/main.bats b/tests/main.bats index d70655b0..cbe8ea2d 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -6,14 +6,9 @@ load ../common docker image inspect ${maintainer}/${imagename} } -@test "030 Port 443/https is listening" { - docker run -d ${maintainer}/${imagename} ui - sleep 25 - #get cont id - contid=$(docker ps | grep ${maintainer}/${imagename} | cut -f 1 -d ' ') - run docker exec -i ${contid} sh -c 'cat < /dev/null > /dev/tcp/127.0.0.1/443' - docker kill ${contid} &>/dev/null - docker rm ${contid} &>/dev/null +@test "030 Test Compose the environment" { + cd test-compose && ./compose.sh + cd test-compose && docker-compose down [ "$status" -eq 0 ] } From cf745dae4e74bf2f12680a8a61876b09c886b197 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 13:31:46 -0400 Subject: [PATCH 42/77] Update main.bats --- tests/main.bats | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/main.bats b/tests/main.bats index cbe8ea2d..ade16fbd 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -7,8 +7,7 @@ load ../common } @test "030 Test Compose the environment" { - cd test-compose && ./compose.sh - cd test-compose && docker-compose down + cd test-compose && ./compose.sh && docker-compose down [ "$status" -eq 0 ] } From 5c9e23c40bf8b23aa96a385b05a3b523b02cd9ef Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 13:33:27 -0400 Subject: [PATCH 43/77] Update main.bats --- tests/main.bats | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/main.bats b/tests/main.bats index ade16fbd..8a865bfe 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -8,7 +8,6 @@ load ../common @test "030 Test Compose the environment" { cd test-compose && ./compose.sh && docker-compose down - [ "$status" -eq 0 ] } From 7d975abdfbfaed9fa2b845dda13b9da652a2728b Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 13:38:27 -0400 Subject: [PATCH 44/77] Update main.bats --- tests/main.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/main.bats b/tests/main.bats index 8a865bfe..973dc981 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -12,5 +12,5 @@ load ../common @test "070 There are no known security vulnerabilities" { - ./tests/clairscan.sh ${maintainer}/${imagename} + ./tests/clairscan.sh ${maintainer}/${imagename}:${tag} } From 1b24c3b8d9aee55f534577f0508f0a1c7d9cbfa3 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 8 Oct 2018 13:43:49 -0400 Subject: [PATCH 45/77] Update Jenkinsfile --- Jenkinsfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index c764ea9b..823b222e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -28,6 +28,9 @@ pipeline { sh 'ls' sh 'mv bin/* ../bin/.' } + // Build and test scripts expect that 'tag' is present in common.bash. This is necessary for both Jenkins and standalone testing. + // We don't care if there are more 'tag' assignments there. The latest one wins. + sh "echo >> common.bash ; echo \"tag=\\\"${tag}\\\"\" >> common.bash ; echo common.bash ; cat common.bash" } } } From fe4fdf42237d95ba7520777b99b7358311ba7a11 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 9 Oct 2018 11:45:25 -0400 Subject: [PATCH 46/77] Update Jenkinsfile --- Jenkinsfile | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 823b222e..a015af5e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,6 +1,7 @@ pipeline { agent any + def baseImg environment { maintainer = "t" imagename = 'g' @@ -52,7 +53,9 @@ pipeline { steps { script { try{ - sh 'bin/rebuild.sh | tee debug ; test ${PIPESTATUS[0]} -eq 0' + docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { + baseImg = docker.build("$maintainer/$imagename", "--no-cache .") + } } catch(error) { def error_details = readFile('./debug'); def message = "BUILD ERROR: There was a problem building ${imagename}:${tag}. \n\n ${error_details}" @@ -80,8 +83,6 @@ pipeline { stage('Push') { steps { script { - docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { - def baseImg = docker.build("$maintainer/$imagename", "--no-cache .") //// scan the image with clair // sh 'docker run -p 5432:5432 -d --name clairdb arminc/clair-db:latest' // sh 'docker run -p 6060:6060 --link clairdb:postgres -d --name clair arminc/clair-local-scan:v2.0.5' @@ -97,9 +98,7 @@ pipeline { //// bring down after testing //sh 'cd test-compose && docker-compose down' baseImg.push("$tag") - - } - } + } } } stage('Notify') { From ffd56bd7fa472fa646224f4dd57ec7eb060c2f99 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 9 Oct 2018 11:46:10 -0400 Subject: [PATCH 47/77] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index a015af5e..1fab98ac 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,7 +1,7 @@ pipeline { agent any - def baseImg + def baseImg = '' environment { maintainer = "t" imagename = 'g' From 5f9098a2238d90d149a28b3ff5b036f66bc13910 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 9 Oct 2018 11:46:48 -0400 Subject: [PATCH 48/77] Update Jenkinsfile --- Jenkinsfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 1fab98ac..0dedd0b3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,7 +1,6 @@ pipeline { agent any - def baseImg = '' environment { maintainer = "t" imagename = 'g' From f0eae16956f9a9ff45bfc1b6030b85492a96867b Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 9 Oct 2018 12:03:22 -0400 Subject: [PATCH 49/77] Update main.bats --- tests/main.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/main.bats b/tests/main.bats index 973dc981..8a865bfe 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -12,5 +12,5 @@ load ../common @test "070 There are no known security vulnerabilities" { - ./tests/clairscan.sh ${maintainer}/${imagename}:${tag} + ./tests/clairscan.sh ${maintainer}/${imagename} } From 44b1d57b8d38c300ad1af369329761a25448b4af Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 9 Oct 2018 12:24:02 -0400 Subject: [PATCH 50/77] Update Jenkinsfile --- Jenkinsfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 0dedd0b3..31cc94d1 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -96,7 +96,9 @@ pipeline { // sh 'cd test-compose && ./compose.sh' //// bring down after testing //sh 'cd test-compose && docker-compose down' - baseImg.push("$tag") + docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { + baseImg.push("$tag") + } } } } From 515c65090b0a1e93c426768cb71848aac0ad16dc Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 9 Oct 2018 12:38:08 -0400 Subject: [PATCH 51/77] Update main.bats --- tests/main.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/main.bats b/tests/main.bats index 8a865bfe..973dc981 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -12,5 +12,5 @@ load ../common @test "070 There are no known security vulnerabilities" { - ./tests/clairscan.sh ${maintainer}/${imagename} + ./tests/clairscan.sh ${maintainer}/${imagename}:${tag} } From d179cf7e4ccc253c793501d27a29d1f84298de71 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 9 Oct 2018 13:09:10 -0400 Subject: [PATCH 52/77] Update main.bats --- tests/main.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/main.bats b/tests/main.bats index 973dc981..9dc81676 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -12,5 +12,5 @@ load ../common @test "070 There are no known security vulnerabilities" { - ./tests/clairscan.sh ${maintainer}/${imagename}:${tag} + ./tests/clairscan.sh ${maintainer}/${imagename}:$latest } From 004636368bf0e53457ff203ca1caf27f5a9af8bf Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 9 Oct 2018 13:41:05 -0400 Subject: [PATCH 53/77] Update main.bats --- tests/main.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/main.bats b/tests/main.bats index 9dc81676..0c18d122 100644 --- a/tests/main.bats +++ b/tests/main.bats @@ -12,5 +12,5 @@ load ../common @test "070 There are no known security vulnerabilities" { - ./tests/clairscan.sh ${maintainer}/${imagename}:$latest + ./tests/clairscan.sh ${maintainer}/${imagename}:latest } From 2701cfa7fcc6a88a7485683c9e00c44407652cd5 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 16 Oct 2018 12:49:47 -0400 Subject: [PATCH 54/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index e3b3dc58..2ed11a54 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_2,grouper_v2_4_0_ui_patch_0,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_2,grouper_v2_4_0_ui_patch_1,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 7ea8949bd23dc107d920ee1cbaaa10cdd325b841 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Wed, 31 Oct 2018 22:20:12 -0400 Subject: [PATCH 55/77] API patch 3 --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 2ed11a54..7aeb8776 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_2,grouper_v2_4_0_ui_patch_1,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_3,grouper_v2_4_0_ui_patch_1,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From cada700298286c8191a772e742b8a69886993058 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Wed, 7 Nov 2018 14:28:26 -0500 Subject: [PATCH 56/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 7aeb8776..c3b77116 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_3,grouper_v2_4_0_ui_patch_1,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_6,grouper_v2_4_0_ui_patch_3,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 6f9502e1c22dd8e8dac4df28b57c23b7c57d0c89 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 7 Dec 2018 10:32:05 -0500 Subject: [PATCH 57/77] a11-u5-w0-p0 --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index c3b77116..967b0d10 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_6,grouper_v2_4_0_ui_patch_3,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_11,grouper_v2_4_0_ui_patch_5,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From de3486b0b3b62ba274e383e6fa92429b485577d7 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 7 Dec 2018 10:47:45 -0500 Subject: [PATCH 58/77] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 31cc94d1..2b7b801b 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -26,7 +26,7 @@ pipeline { dir('tmp'){ git([ url: "https://github.internet2.edu/docker/util.git", credentialsId: "jenkins-github-access-token" ]) sh 'ls' - sh 'mv bin/* ../bin/.' + sh 'mv bin/* ../bin' } // Build and test scripts expect that 'tag' is present in common.bash. This is necessary for both Jenkins and standalone testing. // We don't care if there are more 'tag' assignments there. The latest one wins. From 67cf458ab4b887510c633de3d7ca86159c79161f Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 4 Jan 2019 12:29:02 -0500 Subject: [PATCH 59/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 967b0d10..ce6477e9 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_11,grouper_v2_4_0_ui_patch_5,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_11,grouper_v2_4_0_ui_patch_6,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 9891cf0784fdcfd812f9c43b0e75cd0bb5daebca Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 4 Jan 2019 12:33:20 -0500 Subject: [PATCH 60/77] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 2b7b801b..d7b0dc62 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -53,7 +53,7 @@ pipeline { script { try{ docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { - baseImg = docker.build("$maintainer/$imagename", "--no-cache .") + baseImg = docker.build("$maintainer/$imagename", "--build-arg GROUPER_CONTAINER_VERSION=$tag --no-cache .") } } catch(error) { def error_details = readFile('./debug'); From b12c150413b73fa63c05845efbe1bc23ca15e7d8 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 4 Jan 2019 15:38:43 -0500 Subject: [PATCH 61/77] Update Dockerfile --- Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index eee6c126..d618b9fe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,9 +3,12 @@ FROM centos:centos7 as installing RUN yum update -y \ && yum install -y wget tar unzip dos2unix \ && yum clean all + +ARG GROUPER_CONTAINER_VERSION ENV GROUPER_VERSION=2.4.0 \ - JAVA_HOME=/usr/lib/jvm/zulu-8/ + JAVA_HOME=/usr/lib/jvm/zulu-8/ \ + GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION # use Zulu package RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems \ From f76052103703ee7855a7df24e53ecbc08deac249 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 4 Jan 2019 16:05:54 -0500 Subject: [PATCH 62/77] Update Dockerfile --- Dockerfile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d618b9fe..accfc65b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -96,10 +96,15 @@ LABEL author="tier-packaging@internet2.edu " \ ImageType="Grouper" \ ImageName=$imagename \ ImageOS=centos7 + +ARG GROUPER_CONTAINER_VERSION ENV JAVA_HOME=/usr/lib/jvm/zulu-8/ \ PATH=$PATH:$JAVA_HOME/bin \ - GROUPER_HOME=/opt/grouper/grouper.apiBinary + GROUPER_HOME=/opt/grouper/grouper.apiBinary \ + GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION \ + + RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime From bfa62a7b3c076370cc4e6b2abea1d297760425ee Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 4 Jan 2019 16:09:41 -0500 Subject: [PATCH 63/77] Update Dockerfile --- Dockerfile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index accfc65b..e5f412bf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -102,9 +102,7 @@ ARG GROUPER_CONTAINER_VERSION ENV JAVA_HOME=/usr/lib/jvm/zulu-8/ \ PATH=$PATH:$JAVA_HOME/bin \ GROUPER_HOME=/opt/grouper/grouper.apiBinary \ - GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION \ - - + GROUPER_CONTAINER_VERSION=$GROUPER_CONTAINER_VERSION RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime From 39679df77ca065557efdd77fecb3d2ccd0c223f4 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 7 Jan 2019 11:08:54 -0500 Subject: [PATCH 64/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index ce6477e9..d79ed61d 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_11,grouper_v2_4_0_ui_patch_6,grouper_v2_4_0_ws_patch_0,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_11,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From ed2fbd50591b24ceed77c583d23c4142ccf7b327 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 7 Jan 2019 13:31:11 -0500 Subject: [PATCH 65/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index d79ed61d..1d78ed2f 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_11,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_13,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 661fb87da7cb32433d0829f17dea1c02d92711d7 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 8 Jan 2019 16:32:08 -0500 Subject: [PATCH 66/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 1d78ed2f..2cbef7ea 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_13,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_14,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 8784d7534988a1ed84a5d4cc5d0df68eaa5866ea Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 15 Jan 2019 05:46:23 -0500 Subject: [PATCH 67/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 2cbef7ea..dd108d85 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_14,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_17,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 79be192561a81321d461efb440f90262e6eb0280 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Wed, 16 Jan 2019 20:35:24 -0500 Subject: [PATCH 68/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index dd108d85..b47a51eb 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_17,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_19,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 3bf230f45e822400155c6c55b38df857b2d0126f Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 29 Jan 2019 08:20:10 -0500 Subject: [PATCH 69/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index b47a51eb..7f2f9b4b 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_19,grouper_v2_4_0_ui_patch_8,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_0 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_19,grouper_v2_4_0_ui_patch_9,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_2 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From ab1f9481075b4538d1ad404ed1eeef97eb9ee21f Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Wed, 6 Feb 2019 12:04:48 -0500 Subject: [PATCH 70/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 7f2f9b4b..cafa7c87 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_19,grouper_v2_4_0_ui_patch_9,grouper_v2_4_0_ws_patch_1,grouper_v2_4_0_pspng_patch_2 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_23,grouper_v2_4_0_ui_patch_9,grouper_v2_4_0_ws_patch_2,grouper_v2_4_0_pspng_patch_2 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From f32bc0610f708873c8028fdf514956db139d1fe7 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Thu, 7 Feb 2019 15:46:56 -0500 Subject: [PATCH 71/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index cafa7c87..dbe725eb 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_23,grouper_v2_4_0_ui_patch_9,grouper_v2_4_0_ws_patch_2,grouper_v2_4_0_pspng_patch_2 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_25,grouper_v2_4_0_ui_patch_11,grouper_v2_4_0_ws_patch_2,grouper_v2_4_0_pspng_patch_2 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 795bd16cfdde80909df5855d26a88ea603416a22 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Fri, 8 Feb 2019 14:15:30 -0500 Subject: [PATCH 72/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index dbe725eb..5644c5cb 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_25,grouper_v2_4_0_ui_patch_11,grouper_v2_4_0_ws_patch_2,grouper_v2_4_0_pspng_patch_2 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_26,grouper_v2_4_0_ui_patch_11,grouper_v2_4_0_ws_patch_2,grouper_v2_4_0_pspng_patch_2 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 8ebeef12fa7f5e77f49059e4915d6cf84d80e097 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 11 Feb 2019 15:10:00 -0500 Subject: [PATCH 73/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 5644c5cb..a20f71f2 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_26,grouper_v2_4_0_ui_patch_11,grouper_v2_4_0_ws_patch_2,grouper_v2_4_0_pspng_patch_2 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_27,grouper_v2_4_0_ui_patch_11,grouper_v2_4_0_ws_patch_2,grouper_v2_4_0_pspng_patch_2 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 08e687a9d383bcc4d81e86886ddbc370dcef949f Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Sun, 17 Feb 2019 12:00:56 -0500 Subject: [PATCH 74/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index a20f71f2..6b0241d0 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_27,grouper_v2_4_0_ui_patch_11,grouper_v2_4_0_ws_patch_2,grouper_v2_4_0_pspng_patch_2 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_29,grouper_v2_4_0_ui_patch_14,grouper_v2_4_0_ws_patch_3,grouper_v2_4_0_pspng_patch_2 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true From 71bc2ee834aed674e30e44c245d668fc56c93fe0 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 26 Feb 2019 16:58:26 -0500 Subject: [PATCH 75/77] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 933bbdf3..2c5c73cb 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ -[![Build Status](https://jenkins.testbed.tier.internet2.edu/job/docker/job/grouper/job/master/badge/icon)](https://jenkins.testbed.tier.internet2.edu/job/docker/job/grouper/job/master/) +[![Build Status](https://jenkins.testbed.tier.internet2.edu/buildStatus/icon?job=docker/grouper/2.4.0-a29-u14-w3-p2-20190217)](https://jenkins.testbed.tier.internet2.edu/buildStatus/icon?job=docker/grouper/2.4.0-a29-u14-w3-p2-20190217) + # Upgrading from 2.3 to 2.4 From 6275b358b1c93c6e44605e7067ed45f070764baf Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 26 Feb 2019 17:05:02 -0500 Subject: [PATCH 76/77] Update Jenkinsfile --- Jenkinsfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index d7b0dc62..f07c3f43 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -21,12 +21,12 @@ pipeline { echo "You must define an imagename in common.bash" currentBuild.result = 'FAILURE' } - sh 'mkdir -p bin' - sh 'mkdir -p tmp' + + sh 'mkdir -p tmp && mkdir -p bin' dir('tmp'){ git([ url: "https://github.internet2.edu/docker/util.git", credentialsId: "jenkins-github-access-token" ]) - sh 'ls' - sh 'mv bin/* ../bin' + sh 'rm -rf ../bin/*' + sh 'mv ./bin/* ../bin/.' } // Build and test scripts expect that 'tag' is present in common.bash. This is necessary for both Jenkins and standalone testing. // We don't care if there are more 'tag' assignments there. The latest one wins. From 80ab1303d31dc0b37f6d8a9639899c7d7c2d3e95 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Mon, 4 Mar 2019 10:53:01 -0500 Subject: [PATCH 77/77] Update grouper.installer.properties --- container_files/grouper.installer.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container_files/grouper.installer.properties b/container_files/grouper.installer.properties index 6b0241d0..92d1ffc2 100644 --- a/container_files/grouper.installer.properties +++ b/container_files/grouper.installer.properties @@ -16,7 +16,7 @@ grouperInstaller.default.installOrUpgrade = install grouperInstaller.autorun.installAllPatches = false grouperInstaller.autorun.installPatchesUpToACertainPatchLevel = true -grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_29,grouper_v2_4_0_ui_patch_14,grouper_v2_4_0_ws_patch_3,grouper_v2_4_0_pspng_patch_2 +grouperInstaller.autorun.installPatchesUpToThesePatchLevels = grouper_v2_4_0_api_patch_31,grouper_v2_4_0_ui_patch_14,grouper_v2_4_0_ws_patch_3,grouper_v2_4_0_pspng_patch_3 #### set this to true to try to use defaults for everything. Only things without default values will need to be set grouperInstaller.autorun.useDefaultsAsMuchAsAvailable = true