From 286f307df0e59500234e7e3689b0e91fad84b281 Mon Sep 17 00:00:00 2001 From: Slavek Licehammer Date: Tue, 25 Jul 2023 14:35:25 +0200 Subject: [PATCH] upgrade to 4.7 --- Dockerfile | 6 +- common.bash | 2 +- demo/grouper/docker-compose.yml | 4 +- demo/grouper/midpoint_server/Dockerfile | 2 +- .../securityPolicy/000-security-policy.xml | 31 ++--- .../010-system-configuration.xml | 122 ++++++++++++++++-- demo/shibboleth/docker-compose-tests.yml | 4 +- demo/shibboleth/docker-compose.yml | 4 +- demo/shibboleth/midpoint_server/Dockerfile | 2 +- .../securityPolicy/SecurityPolicy.xml | 28 ++-- demo/simple/docker-compose.yml | 4 +- download-midpoint.sh | 2 +- 12 files changed, 149 insertions(+), 62 deletions(-) diff --git a/Dockerfile b/Dockerfile index 135655a..626f397 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,11 +6,11 @@ FROM tier/shibboleth_sp:3.3.0_12022021 MAINTAINER info@evolveum.com -RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems -RUN curl -o /etc/yum.repos.d/zulu.repo https://repos.azulsystems.com/rhel/zulu.repo +RUN rpm --import https://yum.corretto.aws/corretto.key +RUN curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo RUN yum -y update RUN yum -y install \ - zulu-11 \ + java-17-amazon-corretto-devel \ cron \ supervisor \ libcurl \ diff --git a/common.bash b/common.bash index b51a008..5cd93c3 100644 --- a/common.bash +++ b/common.bash @@ -1,3 +1,3 @@ maintainer="i2incommon" imagename="midpoint" -tag="4.6" +tag="4.7" diff --git a/demo/grouper/docker-compose.yml b/demo/grouper/docker-compose.yml index d7d9406..6932fb1 100644 --- a/demo/grouper/docker-compose.yml +++ b/demo/grouper/docker-compose.yml @@ -173,7 +173,7 @@ services: - CREATE_NEW_DATABASE=if_needed data_init: - image: i2incommon/midpoint:${tag:-4.6} + image: i2incommon/midpoint:${tag:-4.7} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -229,7 +229,7 @@ services: build: context: ./midpoint_server/ args: - tag: ${tag:-4.6} + tag: ${tag:-4.7} depends_on: - data_init - midpoint_data diff --git a/demo/grouper/midpoint_server/Dockerfile b/demo/grouper/midpoint_server/Dockerfile index e789c61..8ae8b5b 100644 --- a/demo/grouper/midpoint_server/Dockerfile +++ b/demo/grouper/midpoint_server/Dockerfile @@ -1,4 +1,4 @@ -ARG tag=4.6 +ARG tag=4.7 FROM i2incommon/midpoint:${tag} diff --git a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml index 300e5a9..58aeb9b 100644 --- a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml +++ b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml @@ -7,15 +7,13 @@ - loginForm - Internal username/password authentication, default user password, login form + loginForm - httpBasic - Internal username/password authentication, using HTTP basic auth + httpBasic - mySamlSso + mySamlSso My internal enterprise SAML-based SSO system. midpointdemo-shibboleth @@ -45,24 +43,21 @@ - admin-gui-default + admin-gui-default Default gui sequence - - Default GUI authentication sequence. - true http://midpoint.evolveum.com/xml/ns/public/common/channels-3#user gui-default - loginForm + loginForm 1 sufficient - admin-gui-emergency + admin-gui-emergency Special GUI authentication sequence that is using just the internal user password. @@ -80,33 +75,27 @@ - rest-default - - Authentication sequence for REST service. - + rest-default true http://midpoint.evolveum.com/xml/ns/public/common/channels-3#rest rest-default - httpBasic + httpBasic 1 sufficient - actuator-default - - Authentication sequence for actuator. - + actuator-default true http://midpoint.evolveum.com/xml/ns/public/common/channels-3#actuator actuator-default - httpBasic + httpBasic 1 sufficient diff --git a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml index cf88f07..2ecd04e 100644 --- a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml +++ b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml @@ -419,8 +419,7 @@ PageSelfDashboard.profile.description col-md-3 - fa fa-user - green + bg-green fa fa-user linkWidget @@ -443,8 +442,7 @@ PageSelfDashboard.credentials.description col-md-3 - fa fa-shield-alt - blue + bg-blue fa fa-shield-alt linkWidget @@ -466,8 +464,7 @@ col-md-3 - fa fa-database - purple + bg-purple fa fa-database linkWidget @@ -489,8 +486,7 @@ col-md-3 - fa fa-user - red + bg-red fa fa-user linkWidget @@ -589,6 +585,26 @@ + + correlation-case-view + + + + + All correlations + + AllCorrelations.title + + + Correlation + Correlation cases + + 1040 + CaseType + + + + reconciliation-tasks-view 30 @@ -860,6 +876,50 @@ + + application-role + add + RoleType + + + + + + business-role + add + RoleType + + + + + + application + + + + ServiceType + + + + + + event-mark + c:MarkType + + + + + + + + object-mark + c:MarkType + + + + + + @@ -988,6 +1048,30 @@ + + c:UserType + + applications + + + + roleMemberships + + applications + c:ServiceType + + + + + + hidden + ServiceType + ServiceType + + + + + rw-type-basic @@ -1287,6 +1371,12 @@ connectorConfiguration/configurationProperties/port + + connectorConfiguration/configurationProperties/host + + + connectorConfiguration/configurationProperties/database + hidden @@ -1327,6 +1417,14 @@ connectorConfiguration/configurationProperties/connectionSecurity + + connectorConfiguration/configurationProperties/bindDn + visible + + + connectorConfiguration/configurationProperties/bindPassword + visible + hidden @@ -1367,6 +1465,14 @@ connectorConfiguration/configurationProperties/connectionSecurity + + connectorConfiguration/configurationProperties/bindDn + visible + + + connectorConfiguration/configurationProperties/bindPassword + visible + hidden diff --git a/demo/shibboleth/docker-compose-tests.yml b/demo/shibboleth/docker-compose-tests.yml index b51d7bc..29d25c5 100644 --- a/demo/shibboleth/docker-compose-tests.yml +++ b/demo/shibboleth/docker-compose-tests.yml @@ -5,7 +5,7 @@ version: "3.3" services: data_init: - image: i2incommon/midpoint:${tag:-4.6} + image: i2incommon/midpoint:${tag:-4.7} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -61,7 +61,7 @@ services: build: context: ./midpoint_server/ args: - tag: ${tag:-4.6} + tag: ${tag:-4.7} command: /usr/local/bin/startup.sh depends_on: - data_init diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml index 64b9c2a..7259a89 100644 --- a/demo/shibboleth/docker-compose.yml +++ b/demo/shibboleth/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.3" services: data_init: - image: i2incommon/midpoint:${tag:-4.6} + image: i2incommon/midpoint:${tag:-4.7} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -58,7 +58,7 @@ services: build: context: ./midpoint_server/ args: - tag: ${tag:-4.6} + tag: ${tag:-4.7} command: /usr/local/bin/startup.sh depends_on: - data_init diff --git a/demo/shibboleth/midpoint_server/Dockerfile b/demo/shibboleth/midpoint_server/Dockerfile index e789c61..8ae8b5b 100644 --- a/demo/shibboleth/midpoint_server/Dockerfile +++ b/demo/shibboleth/midpoint_server/Dockerfile @@ -1,4 +1,4 @@ -ARG tag=4.6 +ARG tag=4.7 FROM i2incommon/midpoint:${tag} diff --git a/demo/shibboleth/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml b/demo/shibboleth/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml index 87cd75d..bb86eb7 100644 --- a/demo/shibboleth/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml +++ b/demo/shibboleth/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml @@ -7,15 +7,13 @@ - loginForm - Internal username/password authentication, default user password, login form + loginForm - httpBasic - Internal username/password authentication, using HTTP basic auth + httpBasic - mySamlSso + mySamlSso My internal enterprise SAML-based SSO system. midpointdemo-shibboleth @@ -50,7 +48,7 @@ - admin-gui-saml-internal + admin-gui-saml-internal Internal SAML2 GUI authentication sequence. @@ -60,7 +58,7 @@ saml-internal - mySamlSso + mySamlSso 30 sufficient @@ -95,39 +93,33 @@ shib - httpHeader + httpHeader 1 sufficient - rest-default - - Authentication sequence for REST service. - + rest-default true http://midpoint.evolveum.com/xml/ns/public/common/channels-3#rest rest-default - httpBasic + httpBasic 1 sufficient - actuator-default - - Authentication sequence for actuator. - + actuator-default true http://midpoint.evolveum.com/xml/ns/public/common/channels-3#actuator actuator-default - httpBasic + httpBasic 1 sufficient diff --git a/demo/simple/docker-compose.yml b/demo/simple/docker-compose.yml index f57dd15..dd4b304 100644 --- a/demo/simple/docker-compose.yml +++ b/demo/simple/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.3" services: data_init: - image: i2incommon/midpoint:${tag:-4.6} + image: i2incommon/midpoint:${tag:-4.7} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -57,7 +57,7 @@ services: - mp_pw:/opt/mp-pw midpoint_server: - image: i2incommon/midpoint:${tag:-4.6} + image: i2incommon/midpoint:${tag:-4.7} depends_on: - data_init - midpoint_data diff --git a/download-midpoint.sh b/download-midpoint.sh index abbd545..f36c221 100755 --- a/download-midpoint.sh +++ b/download-midpoint.sh @@ -10,7 +10,7 @@ else # But if we need to incorporate interim changes to I2 distribution during # midPoint development cycle, we can specify concrete file from "midpoint-tier" # download directory by using its name (like "latest-stable"). - MP_VERSION="4.6" + MP_VERSION="4.7" else MP_VERSION=$tag fi