Grouper -> v5.13.5; read imported configs from files rather than hard…

…coded gsh

base/Dockerfile

@@ -3,7 +3,7 @@ FROM i2incommon/shib-idp:4.3.3_20240715_rocky8_multiarch AS idp
 #FROM i2incommon/grouper:4.10.2 as grouper4
 
 # Grouper version for the entire GTE
-FROM i2incommon/grouper:5.13.0
+FROM i2incommon/grouper:5.13.5
 
 # Disable docker HEALTHCHECK inherited from tier/shib-sp
 HEALTHCHECK NONE

ex101/ex101.1.1/container_files/grouper/conf_import/grouper-loader.properties.import

@@ -0,0 +1,199 @@
+provisioner.eduPersonAffiliation.class = edu.internet2.middleware.grouper.app.ldapProvisioning.LdapSync
+provisioner.eduPersonAffiliation.customizeGroupCrud = true
+provisioner.eduPersonAffiliation.deleteGroups = false
+provisioner.eduPersonAffiliation.entityAttributeValueCache0entityAttribute = ldap_dn
+provisioner.eduPersonAffiliation.entityAttributeValueCache0has = true
+provisioner.eduPersonAffiliation.entityAttributeValueCache0source = target
+provisioner.eduPersonAffiliation.entityAttributeValueCache0type = entityAttribute
+provisioner.eduPersonAffiliation.entityAttributeValueCacheHas = true
+provisioner.eduPersonAffiliation.entityMatchingAttribute0name = uid
+provisioner.eduPersonAffiliation.entityMatchingAttributeCount = 1
+provisioner.eduPersonAffiliation.entityMembershipAttributeName = eduPersonAffiliation
+provisioner.eduPersonAffiliation.entityMembershipAttributeValue = groupAttributeValueCache0
+provisioner.eduPersonAffiliation.groupAttributeValueCache0groupAttribute = affiliation
+provisioner.eduPersonAffiliation.groupAttributeValueCache0has = true
+provisioner.eduPersonAffiliation.groupAttributeValueCache0source = grouper
+provisioner.eduPersonAffiliation.groupAttributeValueCache0type = groupAttribute
+provisioner.eduPersonAffiliation.groupAttributeValueCacheHas = true
+provisioner.eduPersonAffiliation.hasTargetEntityLink = true
+provisioner.eduPersonAffiliation.insertGroups = false
+provisioner.eduPersonAffiliation.ldapExternalSystemConfigId = demo
+provisioner.eduPersonAffiliation.numberOfEntityAttributes = 4
+provisioner.eduPersonAffiliation.numberOfGroupAttributes = 1
+provisioner.eduPersonAffiliation.operateOnGrouperEntities = true
+provisioner.eduPersonAffiliation.operateOnGrouperGroups = true
+provisioner.eduPersonAffiliation.operateOnGrouperMemberships = true
+provisioner.eduPersonAffiliation.provisioningType = entityAttributes
+provisioner.eduPersonAffiliation.selectAllEntities = true
+provisioner.eduPersonAffiliation.selectGroups = false
+provisioner.eduPersonAffiliation.startWith = this is start with read only
+provisioner.eduPersonAffiliation.subjectSourcesToProvision = eduLDAP
+provisioner.eduPersonAffiliation.targetEntityAttribute.0.name = ldap_dn
+provisioner.eduPersonAffiliation.targetEntityAttribute.1.multiValued = true
+provisioner.eduPersonAffiliation.targetEntityAttribute.1.name = eduPersonAffiliation
+provisioner.eduPersonAffiliation.targetEntityAttribute.1.showAdvancedAttribute = true
+provisioner.eduPersonAffiliation.targetEntityAttribute.1.showAttributeValueSettings = true
+provisioner.eduPersonAffiliation.targetEntityAttribute.2.name = uid
+provisioner.eduPersonAffiliation.targetEntityAttribute.2.translateExpressionType = grouperProvisioningEntityField
+provisioner.eduPersonAffiliation.targetEntityAttribute.2.translateFromGrouperProvisioningEntityField = subjectIdentifier0
+provisioner.eduPersonAffiliation.targetEntityAttribute.3.multiValued = true
+provisioner.eduPersonAffiliation.targetEntityAttribute.3.name = objectClass
+provisioner.eduPersonAffiliation.targetEntityAttribute.3.showAdvancedAttribute = true
+provisioner.eduPersonAffiliation.targetEntityAttribute.3.showAttributeValueSettings = true
+provisioner.eduPersonAffiliation.targetEntityAttribute.3.translateExpressionType = staticValues
+provisioner.eduPersonAffiliation.targetEntityAttribute.3.translateFromStaticValues = eduPerson
+provisioner.eduPersonAffiliation.targetGroupAttribute.0.name = affiliation
+provisioner.eduPersonAffiliation.targetGroupAttribute.0.translateExpressionType = grouperProvisioningGroupField
+provisioner.eduPersonAffiliation.targetGroupAttribute.0.translateFromGrouperProvisioningGroupField = extension
+provisioner.eduPersonAffiliation.updateGroups = false
+provisioner.eduPersonAffiliation.userSearchBaseDn = ou=people,dc=internet2,dc=edu
+changeLog.consumer.provisioner_incremental_eduPersonAffiliation.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbConsumer
+changeLog.consumer.provisioner_incremental_eduPersonAffiliation.provisionerConfigId = eduPersonAffiliation
+changeLog.consumer.provisioner_incremental_eduPersonAffiliation.publisher.class = edu.internet2.middleware.grouper.app.provisioning.ProvisioningConsumer
+changeLog.consumer.provisioner_incremental_eduPersonAffiliation.publisher.debug = false
+changeLog.consumer.provisioner_incremental_eduPersonAffiliation.quartzCron = 0 * * * * ?
+otherJob.provisioner_full_eduPersonAffiliation.class = edu.internet2.middleware.grouper.app.provisioning.GrouperProvisioningFullSyncJob
+otherJob.provisioner_full_eduPersonAffiliation.provisionerConfigId = eduPersonAffiliation
+otherJob.provisioner_full_eduPersonAffiliation.quartzCron = 0 8 4 * * ?
+
+provisioner.eduPersonEntitlement.class = edu.internet2.middleware.grouper.app.ldapProvisioning.LdapSync
+provisioner.eduPersonEntitlement.configureMetadata = true
+provisioner.eduPersonEntitlement.customizeGroupCrud = true
+provisioner.eduPersonEntitlement.deleteGroups = false
+provisioner.eduPersonEntitlement.entityAttributeValueCache0entityAttribute = ldap_dn
+provisioner.eduPersonEntitlement.entityAttributeValueCache0has = true
+provisioner.eduPersonEntitlement.entityAttributeValueCache0source = target
+provisioner.eduPersonEntitlement.entityAttributeValueCache0type = entityAttribute
+provisioner.eduPersonEntitlement.entityAttributeValueCacheHas = true
+provisioner.eduPersonEntitlement.entityMatchingAttribute0name = uid
+provisioner.eduPersonEntitlement.entityMatchingAttributeCount = 1
+provisioner.eduPersonEntitlement.entityMembershipAttributeName = eduPersonEntitlement
+provisioner.eduPersonEntitlement.entityMembershipAttributeValue = groupAttributeValueCache0
+provisioner.eduPersonEntitlement.groupAttributeValueCache0groupAttribute = entitlement_string
+provisioner.eduPersonEntitlement.groupAttributeValueCache0has = true
+provisioner.eduPersonEntitlement.groupAttributeValueCache0source = grouper
+provisioner.eduPersonEntitlement.groupAttributeValueCache0type = groupAttribute
+provisioner.eduPersonEntitlement.groupAttributeValueCacheHas = true
+provisioner.eduPersonEntitlement.hasTargetEntityLink = true
+provisioner.eduPersonEntitlement.insertGroups = false
+provisioner.eduPersonEntitlement.ldapExternalSystemConfigId = demo
+provisioner.eduPersonEntitlement.metadata.0.formElementType = text
+provisioner.eduPersonEntitlement.metadata.0.name = md_entitlementValue
+provisioner.eduPersonEntitlement.metadata.0.showForGroup = true
+provisioner.eduPersonEntitlement.metadata.0.valueType = string
+provisioner.eduPersonEntitlement.metadata.0.canChange = true
+provisioner.eduPersonEntitlement.metadata.0.canUpdate = true
+provisioner.eduPersonEntitlement.numberOfEntityAttributes = 4
+provisioner.eduPersonEntitlement.numberOfGroupAttributes = 1
+provisioner.eduPersonEntitlement.numberOfMetadata = 1
+provisioner.eduPersonEntitlement.operateOnGrouperEntities = true
+provisioner.eduPersonEntitlement.operateOnGrouperGroups = true
+provisioner.eduPersonEntitlement.operateOnGrouperMemberships = true
+provisioner.eduPersonEntitlement.provisioningType = entityAttributes
+provisioner.eduPersonEntitlement.selectAllEntities = true
+provisioner.eduPersonEntitlement.selectGroups = false
+provisioner.eduPersonEntitlement.startWith = this is start with read only
+provisioner.eduPersonEntitlement.subjectSourcesToProvision = eduLDAP
+provisioner.eduPersonEntitlement.targetEntityAttribute.0.name = ldap_dn
+provisioner.eduPersonEntitlement.targetEntityAttribute.1.name = eduPersonEntitlement
+provisioner.eduPersonEntitlement.targetEntityAttribute.2.name = uid
+provisioner.eduPersonEntitlement.targetEntityAttribute.2.translateExpressionType = grouperProvisioningEntityField
+provisioner.eduPersonEntitlement.targetEntityAttribute.2.translateFromGrouperProvisioningEntityField = subjectIdentifier0
+provisioner.eduPersonEntitlement.targetEntityAttribute.3.multiValued = true
+provisioner.eduPersonEntitlement.targetEntityAttribute.3.name = objectClass
+provisioner.eduPersonEntitlement.targetEntityAttribute.3.showAdvancedAttribute = true
+provisioner.eduPersonEntitlement.targetEntityAttribute.3.showAttributeValueSettings = true
+provisioner.eduPersonEntitlement.targetEntityAttribute.3.translateExpressionType = staticValues
+provisioner.eduPersonEntitlement.targetEntityAttribute.3.translateFromStaticValues = eduPerson
+provisioner.eduPersonEntitlement.targetGroupAttribute.0.name = entitlement_string
+provisioner.eduPersonEntitlement.targetGroupAttribute.0.translateExpression = ${grouperUtil.defaultIfBlank(grouperProvisioningGroup.retrieveAttributeValueString('md_entitlementValue') , grouperProvisioningGroup.name )}
+provisioner.eduPersonEntitlement.targetGroupAttribute.0.translateExpressionType = translationScript
+provisioner.eduPersonEntitlement.updateGroups = false
+provisioner.eduPersonEntitlement.userSearchBaseDn = ou=people,dc=internet2,dc=edu
+
+changeLog.consumer.provisioner_incremental_eduPersonEntitlement.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbConsumer
+changeLog.consumer.provisioner_incremental_eduPersonEntitlement.provisionerConfigId = eduPersonEntitlement
+changeLog.consumer.provisioner_incremental_eduPersonEntitlement.publisher.class = edu.internet2.middleware.grouper.app.provisioning.ProvisioningConsumer
+changeLog.consumer.provisioner_incremental_eduPersonEntitlement.publisher.debug = false
+changeLog.consumer.provisioner_incremental_eduPersonEntitlement.quartzCron = 0 * * * * ?
+otherJob.provisioner_full_eduPersonEntitlement.class = edu.internet2.middleware.grouper.app.provisioning.GrouperProvisioningFullSyncJob
+otherJob.provisioner_full_eduPersonEntitlement.provisionerConfigId = eduPersonEntitlement
+otherJob.provisioner_full_eduPersonEntitlement.quartzCron = 0 16 4 * * ?
+
+provisioner.groupOfNames.class = edu.internet2.middleware.grouper.app.ldapProvisioning.LdapSync
+provisioner.groupOfNames.entityAttributeValueCache0entityAttribute = ldap_dn
+provisioner.groupOfNames.entityAttributeValueCache0has = true
+provisioner.groupOfNames.entityAttributeValueCache0source = target
+provisioner.groupOfNames.entityAttributeValueCache0type = entityAttribute
+provisioner.groupOfNames.entityAttributeValueCacheHas = true
+provisioner.groupOfNames.entityMatchingAttribute0name = uid
+provisioner.groupOfNames.entityMatchingAttributeCount = 1
+provisioner.groupOfNames.groupAttributeValueCache0groupAttribute = ldap_dn
+provisioner.groupOfNames.groupAttributeValueCache0has = true
+provisioner.groupOfNames.groupAttributeValueCache0source = target
+provisioner.groupOfNames.groupAttributeValueCache0type = groupAttribute
+provisioner.groupOfNames.groupAttributeValueCacheHas = true
+provisioner.groupOfNames.groupDnType = flat
+provisioner.groupOfNames.groupMatchingAttribute0name = cn
+provisioner.groupOfNames.groupMatchingAttributeCount = 1
+provisioner.groupOfNames.groupMembershipAttributeName = member
+provisioner.groupOfNames.groupMembershipAttributeValue = entityAttributeValueCache0
+provisioner.groupOfNames.groupRdnAttribute = cn
+provisioner.groupOfNames.groupSearchBaseDn = ou=groups,dc=internet2,dc=edu
+provisioner.groupOfNames.hasTargetEntityLink = true
+provisioner.groupOfNames.hasTargetGroupLink = true
+provisioner.groupOfNames.ldapExternalSystemConfigId = demo
+provisioner.groupOfNames.numberOfEntityAttributes = 3
+provisioner.groupOfNames.numberOfGroupAttributes = 5
+provisioner.groupOfNames.operateOnGrouperEntities = true
+provisioner.groupOfNames.operateOnGrouperGroups = true
+provisioner.groupOfNames.operateOnGrouperMemberships = true
+provisioner.groupOfNames.provisioningType = groupAttributes
+provisioner.groupOfNames.selectAllEntities = false
+provisioner.groupOfNames.startWith = this is start with read only
+provisioner.groupOfNames.subjectSourcesToProvision = eduLDAP
+provisioner.groupOfNames.targetEntityAttribute.0.name = ldap_dn
+provisioner.groupOfNames.targetEntityAttribute.1.name = uid
+provisioner.groupOfNames.targetEntityAttribute.1.translateExpressionType = grouperProvisioningEntityField
+provisioner.groupOfNames.targetEntityAttribute.1.translateFromGrouperProvisioningEntityField = subjectIdentifier0
+provisioner.groupOfNames.targetEntityAttribute.2.multiValued = true
+provisioner.groupOfNames.targetEntityAttribute.2.name = objectClass
+provisioner.groupOfNames.targetEntityAttribute.2.showAdvancedAttribute = true
+provisioner.groupOfNames.targetEntityAttribute.2.showAttributeValueSettings = true
+provisioner.groupOfNames.targetEntityAttribute.2.translateExpressionType = staticValues
+provisioner.groupOfNames.targetEntityAttribute.2.translateFromStaticValues = eduPerson
+provisioner.groupOfNames.targetGroupAttribute.0.name = ldap_dn
+provisioner.groupOfNames.targetGroupAttribute.1.name = cn
+provisioner.groupOfNames.targetGroupAttribute.1.translateExpressionType = grouperProvisioningGroupField
+provisioner.groupOfNames.targetGroupAttribute.1.translateFromGrouperProvisioningGroupField = name
+provisioner.groupOfNames.targetGroupAttribute.2.defaultValue = <emptyString>
+provisioner.groupOfNames.targetGroupAttribute.2.multiValued = true
+provisioner.groupOfNames.targetGroupAttribute.2.name = member
+provisioner.groupOfNames.targetGroupAttribute.2.showAdvancedAttribute = true
+provisioner.groupOfNames.targetGroupAttribute.2.showAttributeValueSettings = true 
+provisioner.groupOfNames.targetGroupAttribute.3.multiValued = true
+provisioner.groupOfNames.targetGroupAttribute.3.name = objectClass
+provisioner.groupOfNames.targetGroupAttribute.3.showAdvancedAttribute = true
+provisioner.groupOfNames.targetGroupAttribute.3.showAttributeValueSettings = true
+provisioner.groupOfNames.targetGroupAttribute.3.translateExpressionType = staticValues
+provisioner.groupOfNames.targetGroupAttribute.3.translateFromStaticValues = top,groupOfNames
+provisioner.groupOfNames.targetGroupAttribute.4.name = description
+provisioner.groupOfNames.targetGroupAttribute.4.translateExpressionType = grouperProvisioningGroupField
+provisioner.groupOfNames.targetGroupAttribute.4.translateFromGrouperProvisioningGroupField = description
+provisioner.groupOfNames.userSearchBaseDn = ou=people,dc=internet2,dc=edu
+changeLog.consumer.provisioner_incremental_groupOfNames.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbConsumer
+changeLog.consumer.provisioner_incremental_groupOfNames.provisionerConfigId = groupOfNames
+changeLog.consumer.provisioner_incremental_groupOfNames.publisher.class = edu.internet2.middleware.grouper.app.provisioning.ProvisioningConsumer
+changeLog.consumer.provisioner_incremental_groupOfNames.publisher.debug = false
+changeLog.consumer.provisioner_incremental_groupOfNames.quartzCron = 0 * * * * ?
+otherJob.provisioner_full_groupOfNames.class = edu.internet2.middleware.grouper.app.provisioning.GrouperProvisioningFullSyncJob
+otherJob.provisioner_full_groupOfNames.provisionerConfigId = groupOfNames
+otherJob.provisioner_full_groupOfNames.quartzCron = 0 24 4 * * ?
+
+
+otherJob.dataProviderHR.class = edu.internet2.middleware.grouper.dataField.GrouperDataProviderFullSyncJob
+otherJob.dataProviderHR.dataProviderConfigId = hr_data
+otherJob.dataProviderHR.quartzCron = 0 0 5 * * ?
+otherJob.dataProviderHR_incremental.class = edu.internet2.middleware.grouper.dataField.GrouperDataProviderIncrementalSyncJob
+otherJob.dataProviderHR_incremental.dataProviderConfigId = hr_data
+otherJob.dataProviderHR_incremental.quartzCron = 35 * * * * ?