ex201 essentially completed

docker · Oct 5, 2018 · 5596a21 · 5596a21
1 parent f72340b
commit 5596a21
Show file tree

Hide file tree

Showing 30 changed files with 303 additions and 153 deletions.
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -15,7 +15,7 @@
 **/
 exceriseSets = [
 //    'ex101' : [3, 2],
-    'ex201' : [1, 1],
+    'ex201' : [1, 1, 1, 1, 1],
 //    'ex301' : [2, 2, 5, 6],
     'ex401' : [6, 9, 7, 1]
 ]

diff --git a/ex201/ex201.1.1/Dockerfile b/ex201/ex201.1.1/Dockerfile
@@ -12,7 +12,9 @@ COPY container_files/seed-data/ /seed-data/
 COPY container_files/grouper-loader.properties /opt/grouper/conf/
 COPY container_files/subject.properties /opt/grouper/conf/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prepConf; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \

diff --git a/ex201/ex201.1.1/container_files/grouper-loader.properties b/ex201/ex201.1.1/container_files/grouper-loader.properties
@@ -71,3 +71,23 @@ ldap.demo.tls = false
 
 #make the paths fully qualified and not relative to the loader group.
 loader.ldap.requireTopStemAsStemFromConfigGroup=false
+
+changeLog.consumer.pspng_affiliations.class = edu.internet2.middleware.grouper.pspng.PspChangelogConsumerShim
+changeLog.consumer.pspng_affiliations.type = edu.internet2.middleware.grouper.pspng.LdapAttributeProvisioner
+changeLog.consumer.pspng_affiliations.quartzCron = 0 * * * * ?
+changeLog.consumer.pspng_affiliations.ldapPoolName = demo
+changeLog.consumer.pspng_affiliations.provisionedAttributeName = eduPersonAffiliation
+changeLog.consumer.pspng_affiliations.provisionedAttributeValueFormat = ${group.extension.replace('ePA_', '')}
+changeLog.consumer.pspng_affiliations.userSearchBaseDn = ou=people,dc=internet2,dc=edu
+changeLog.consumer.pspng_affiliations.userSearchFilter = uid=${subject.id}
+changeLog.consumer.pspng_affiliations.allProvisionedValuesPrefix=*
+
+changeLog.consumer.pspng_entitlements.class = edu.internet2.middleware.grouper.pspng.PspChangelogConsumerShim
+changeLog.consumer.pspng_entitlements.type = edu.internet2.middleware.grouper.pspng.LdapAttributeProvisioner
+changeLog.consumer.pspng_entitlements.quartzCron = 0 * * * * ?
+changeLog.consumer.pspng_entitlements.ldapPoolName = demo
+changeLog.consumer.pspng_entitlements.provisionedAttributeName = eduPersonEntitlement
+changeLog.consumer.pspng_entitlements.provisionedAttributeValueFormat = ${group.name.equalsIgnoreCase('app:wiki:service:policy:wiki_authorized') ? 'http://sp.example.org/wiki' : 'urn:mace:example.edu:' + group.extension}
+changeLog.consumer.pspng_entitlements.userSearchBaseDn = ou=people,dc=internet2,dc=edu
+changeLog.consumer.pspng_entitlements.userSearchFilter = uid=${subject.id}
+changeLog.consumer.pspng_entitlements.allProvisionedValuesPrefix=*
diff --git a/ex201/ex201.2.1/Dockerfile b/ex201/ex201.2.1/Dockerfile
@@ -9,8 +9,6 @@ LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
 ENV USERTOKEN=ex201.2.1
 
 COPY container_files/seed-data/ /seed-data/
-COPY container_files/grouper-loader.properties /opt/grouper/conf/
-COPY container_files/subject.properties /opt/grouper/conf/
 
 RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \

diff --git a/ex201/ex201.2.1/container_files/grouper-loader.properties b/ex201/ex201.2.1/container_files/grouper-loader.properties
diff --git a/ex201/ex201.2.1/container_files/subject.properties b/ex201/ex201.2.1/container_files/subject.properties
diff --git a/ex201/ex201.3.1/Dockerfile b/ex201/ex201.3.1/Dockerfile
@@ -0,0 +1,24 @@
+FROM tier/grouper-training-env:ex201.2.end
+
+LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
+      Vendor="TIER" \
+      ImageType="Grouper Training" \
+      ImageName=$imagename \
+      ImageOS=centos7
+
+ENV USERTOKEN=ex201.3.1
+
+COPY container_files/seed-data/ /seed-data/
+
+RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
+    (mysqld_safe & ) \
+    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
+    cd /opt/grouper/grouper.apiBinary \
+    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
+    && mysql grouper < /seed-data/sisData.sql \
+    && bin/gsh /seed-data/bootstrap.gsh \
+    && pkill -HUP slapd \
+    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
+    pkill -u mysql mysqld \
+    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex201/ex201.3.1/container_files/seed-data/bootstrap.gsh b/ex201/ex201.3.1/container_files/seed-data/bootstrap.gsh
@@ -0,0 +1 @@
+GrouperSession.startRootSession()
diff --git a/ex201/ex201.3.1/container_files/seed-data/sisData.sql b/ex201/ex201.3.1/container_files/seed-data/sisData.sql
diff --git a/ex201/ex201.3.1/container_files/seed-data/users.ldif b/ex201/ex201.3.1/container_files/seed-data/users.ldif
diff --git a/ex201/ex201.3.end/Dockerfile b/ex201/ex201.3.end/Dockerfile
@@ -0,0 +1,24 @@
+FROM tier/grouper-training-env:ex201.3.1
+
+LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
+      Vendor="TIER" \
+      ImageType="Grouper Training" \
+      ImageName=$imagename \
+      ImageOS=centos7
+
+ENV USERTOKEN=ex201.3.end
+
+COPY container_files/seed-data/ /seed-data/
+
+RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
+    (mysqld_safe & ) \
+    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
+    cd /opt/grouper/grouper.apiBinary \
+    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
+    && mysql grouper < /seed-data/sisData.sql \
+    && bin/gsh /seed-data/bootstrap.gsh \
+    && pkill -HUP slapd \
+    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
+    pkill -u mysql mysqld \
+    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex201/ex201.3.end/container_files/seed-data/bootstrap.gsh b/ex201/ex201.3.end/container_files/seed-data/bootstrap.gsh
@@ -0,0 +1,38 @@
+gs = GrouperSession.startRootSession()
+
+//ex201.3.1
+addStem("app", "eduPersonAffiliation", "eduPersonAffiliation");
+addGroup("app:eduPersonAffiliation", "ePA_student", "ePA_student");
+addGroup("app:eduPersonAffiliation", "ePA_staff", "ePA_staff");
+addGroup("app:eduPersonAffiliation", "ePA_alum", "ePA_alum");
+addGroup("app:eduPersonAffiliation", "ePA_member", "ePA_member");
+addGroup("app:eduPersonAffiliation", "ePA_affiliate", "ePA_affiliate");
+addGroup("app:eduPersonAffiliation", "ePA_employee", "ePA_employee");
+addGroup("app:eduPersonAffiliation", "ePA_library-walk-in", "ePA_library-walk-in");
+
+//ex201.3.2
+addMember("app:eduPersonAffiliation:ePA_student", "ref:student:students");
+
+//ex201.3.3
+addMember("app:eduPersonAffiliation:ePA_member", "app:eduPersonAffiliation:ePA_student");
+addMember("app:eduPersonAffiliation:ePA_member", "app:eduPersonAffiliation:ePA_staff");
+addMember("app:eduPersonAffiliation:ePA_member", "app:eduPersonAffiliation:ePA_alum");
+addMember("app:eduPersonAffiliation:ePA_member", "app:eduPersonAffiliation:ePA_affiliate");
+addMember("app:eduPersonAffiliation:ePA_member", "app:eduPersonAffiliation:ePA_employee");
+
+//ex201.3.4
+
+//Assign the PSPNG attribute for the standard groups
+group = GroupFinder.findByName(gs, "app:eduPersonAffiliation:ePA_student");
+
+# Auto create the PSPNG attributes
+edu.internet2.middleware.grouper.pspng.FullSyncProvisionerFactory.getFullSyncer("pspng_affiliations");
+
+pspngAttribute = AttributeDefNameFinder.findByName("etc:pspng:provision_to", true);
+AttributeAssignSave attributeAssignSave = new AttributeAssignSave(gs).assignPrintChangesToSystemOut(true);
+attributeAssignSave.assignAttributeDefName(pspngAttribute);
+attributeAssignSave.assignOwnerGroup(group);
+attributeAssignSave.addValue("pspng_affiliations");
+attributeAssignSave.save();
+
+//ex201.3.5
diff --git a/ex201/ex201.3.end/container_files/seed-data/sisData.sql b/ex201/ex201.3.end/container_files/seed-data/sisData.sql
diff --git a/ex201/ex201.3.end/container_files/seed-data/users.ldif b/ex201/ex201.3.end/container_files/seed-data/users.ldif
diff --git a/ex201/ex201.4.1/Dockerfile b/ex201/ex201.4.1/Dockerfile
@@ -0,0 +1,24 @@
+FROM tier/grouper-training-env:ex201.3.end
+
+LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
+      Vendor="TIER" \
+      ImageType="Grouper Training" \
+      ImageName=$imagename \
+      ImageOS=centos7
+
+ENV USERTOKEN=ex201.4.1
+
+COPY container_files/seed-data/ /seed-data/
+
+RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
+    (mysqld_safe & ) \
+    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
+    cd /opt/grouper/grouper.apiBinary \
+    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
+    && mysql grouper < /seed-data/sisData.sql \
+    && bin/gsh /seed-data/bootstrap.gsh \
+    && pkill -HUP slapd \
+    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
+    pkill -u mysql mysqld \
+    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done
diff --git a/ex201/ex201.4.1/container_files/seed-data/bootstrap.gsh b/ex201/ex201.4.1/container_files/seed-data/bootstrap.gsh
@@ -0,0 +1,2 @@
+gs = GrouperSession.startRootSession()
+
diff --git a/ex201/ex201.4.1/container_files/seed-data/sisData.sql b/ex201/ex201.4.1/container_files/seed-data/sisData.sql
diff --git a/ex201/ex201.4.1/container_files/seed-data/users.ldif b/ex201/ex201.4.1/container_files/seed-data/users.ldif
diff --git a/ex201/ex201.4.end/Dockerfile b/ex201/ex201.4.end/Dockerfile
@@ -0,0 +1,24 @@
+FROM tier/grouper-training-env:ex201.4.1
+
+LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
+      Vendor="TIER" \
+      ImageType="Grouper Training" \
+      ImageName=$imagename \
+      ImageOS=centos7
+
+ENV USERTOKEN=ex201.4.end
+
+COPY container_files/seed-data/ /seed-data/
+
+RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
+    (mysqld_safe & ) \
+    && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
+    cd /opt/grouper/grouper.apiBinary \
+    && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
+    && mysql grouper < /seed-data/sisData.sql \
+    && bin/gsh /seed-data/bootstrap.gsh \
+    && pkill -HUP slapd \
+    && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
+    pkill -u mysql mysqld \
+    && while curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to stop; sleep 1; done