Build for v5.13.0 (Rocky 9)

base/Dockerfile

@@ -3,7 +3,7 @@ FROM i2incommon/shib-idp:4.3.3_20240715_rocky8_multiarch AS idp
 #FROM i2incommon/grouper:4.10.2 as grouper4
 
 # Grouper version for the entire GTE
-FROM i2incommon/grouper:5.11.2
+FROM i2incommon/grouper:5.13.0
 
 # Disable docker HEALTHCHECK inherited from tier/shib-sp
 HEALTHCHECK NONE
@@ -26,24 +26,27 @@ COPY container_files/repos/shibboleth.repo /etc/yum.repos.d/security:shibboleth.
 # Add postgres (list available versions with `dnf module list postgresql`)
 #    Ref: https://www.baeldung.com/ops/postgresql-docker-setup
 #    Ref: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-rocky-linux-8
-RUN dnf install -y nano nc openldap-clients httpd mod_ssl https://archive.fedoraproject.org/pub/archive/epel/8.7/Everything/x86_64/Packages/p/phpldapadmin-1.2.6.3-1.el8.noarch.rpm \
+RUN dnf install -y nano nc openldap-clients httpd mod_ssl https://archive.fedoraproject.org/pub/archive/epel/9.3/Everything/x86_64/Packages/p/phpldapadmin-1.2.6.6-1.el9.noarch.rpm \
+    && dnf module -y enable postgresql:15 \
+    && dnf install -y postgresql-server postgresql-contrib \
     && dnf install -y 'dnf-command(config-manager)' \
-    && dnf config-manager --set-enabled powertools \
+    && dnf config-manager --set-enabled plus \
     && dnf install -y openldap-servers \
     && dnf install -y --setopt=tsflags=nodocs epel-release \
     && dnf install -y supervisor \
-    && dnf install -y shibboleth-3.4.1 \
-    && dnf module -y enable postgresql:15 \
-    && dnf install -y postgresql-server postgresql-contrib
+    && dnf install -y shibboleth-3.4.1
 
+# notes:
+# list availables repos: `dnf repolist all`
 
 
 # Init ldap and add basic schemas and OU's
 COPY container_files/ldap/ /tmp/base/ldap/
 
-RUN cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG \
-    && mkdir -p /var/ldap/example \
-    && chown -R ldap:ldap /var/lib/ldap /etc/openldap/slapd.d /var/ldap \
+# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG \
+#     && mkdir -p /var/ldap/example \
+#     && chown -R ldap:ldap /var/lib/ldap /etc/openldap/slapd.d /var/ldap
+RUN chown -R ldap:ldap /var/lib/ldap /etc/openldap/slapd.d \
     && (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! nc -z localhost 389 > /dev/null; do echo waiting for ldap to start; sleep 1; done \
     && ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/base/ldap/domain.ldif \

base/container_files/repos/shibboleth.repo

@@ -1,10 +1,9 @@
 [shibboleth]
-name=Shibboleth (rockylinux8)
+name=Shibboleth (rockylinux9)
 # Please report any problems to https://shibboleth.atlassian.net/jira
 type=rpm-md
-mirrorlist=https://shibboleth.net/cgi-bin/mirrorlist.cgi/rockylinux8
+mirrorlist=https://shibboleth.net/cgi-bin/mirrorlist.cgi/rockylinux9
 gpgcheck=1
 gpgkey=https://shibboleth.net/downloads/service-provider/RPMS/repomd.xml.key
         https://shibboleth.net/downloads/service-provider/RPMS/cantor.repomd.xml.key
 enabled=1
-