diff --git a/README.md b/README.md
index 33f3ba7..434b0f9 100644
--- a/README.md
+++ b/README.md
@@ -2,11 +2,6 @@
Eventually here will be a dockerized version of midPoint suitable for the use within TIER environment.
-Currently there are some prototypes (concepts) of meeting TIER requirements, e.g.
+Currently there is [midPoint <-> Grouper integration demo](grouper-midpoint), a work still in progress.
-* logging,
-* MariaDB repository integration,
-* passing sensitive information as secrets,
-* and so on.
-
-More comprehensive configurations will follow.
+The documentation will be eventually [here](https://spaces.at.internet2.edu/display/TIERENTREG/midPoint+-+Grouper+integration+demo).
diff --git a/grouper-midpoint-demo-obsolete/objects/resources/ldap-edu.xml b/grouper-midpoint-demo-obsolete/objects/resources/ldap-edu.xml
deleted file mode 100644
index b8f1e0f..0000000
--- a/grouper-midpoint-demo-obsolete/objects/resources/ldap-edu.xml
+++ /dev/null
@@ -1,233 +0,0 @@
-
-
-
-
-
-
-
-
- OpenLDAP edu
-
-
-
-
- c:connectorType
- com.evolveum.polygon.connector.ldap.LdapConnector
-
-
-
-
-
-
- 389
- grouper
- dc=internet2,dc=edu
- cn=root,dc=internet2,dc=edu
-
- password
-
- always
- spr
- SSHA
-
- memberOf
- createTimestamp
-
-
- false
- false
- false
-
-
-
-
-
- ri:inetOrgPerson
- ri:eduPerson
- ri:groupOfUniqueNames
- ri:groupOfNames
- ri:organizationalUnit
-
-
-
-
-
- account
- Normal Account
- true
- ri:inetOrgPerson
- ri:eduPerson
-
- [ri:dn]
- Distinguished Name
-
- 0
-
- mr:stringIgnoreCase
-
-
- [ri:entryUUID]
- Entry UUID
-
-
- true
- false
- true
-
-
- mr:stringIgnoreCase
-
-
- [ri:cn]
- Common Name
-
- 0
-
-
-
- fullName
-
-
-
-
- [ri:sn]
- Surname
-
- 0
-
-
-
- familyName
-
-
-
-
- [ri:givenName]
- Given Name
-
-
- givenName
-
-
-
-
- [ri:uid]
- Login Name
- mr:stringIgnoreCase
-
-
- name
-
-
-
-
- [ri:mail]
- Mail
- mr:stringIgnoreCase
-
-
- emailAddress
-
-
-
-
- [ri:employeeNumber]
-
-
- employeeNumber
-
-
-
-
- [ri:businessCategory]
-
-
- extension/ldap_businessCategory
-
-
-
-
- [ri:eduPersonAffiliation]
-
-
- extension/ldap_eduPersonAffiliation
-
-
-
-
-
-
- http://prism.evolveum.com/xml/ns/public/matching-rule-3#stringIgnoreCase
- attributes/ri:dn
- cn=root,dc=internet2,dc=edu
-
-
-
-
-
-
-
-
-
- true
-
-
-
- name
-
-
- declare namespace ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3";
- $account/attributes/ri:uid
-
-
-
-
-
-
- linked
- true
-
-
- deleted
- true
-
- http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink
-
-
-
-
- unlinked
- true
-
- http://midpoint.evolveum.com/xml/ns/public/model/action-3#link
-
-
-
- unmatched
- true
-
- http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus
-
-
-
-
-
-
-
-
diff --git a/grouper-midpoint-demo-obsolete/objects/resources/scriptedsql-grouper.xml b/grouper-midpoint-demo-obsolete/objects/resources/scriptedsql-grouper.xml
deleted file mode 100644
index 9a2e8e6..0000000
--- a/grouper-midpoint-demo-obsolete/objects/resources/scriptedsql-grouper.xml
+++ /dev/null
@@ -1,132 +0,0 @@
-
-
-
-
- Grouper SQL
-
-
-
-
- connectorType
- net.tirasa.connid.bundles.db.scriptedsql.ScriptedSQLConnector
-
-
-
-
-
-
-
- grouper
- 3306
-
- root
-
-
-
- grouper
-
- GROOVY
-
- /opt/midpoint/var/res/SearchScript.groovy
- /opt/midpoint/var/res/TestScript.groovy
- /opt/midpoint/var/res/SchemaScript.groovy
-
- true
-
-
-
-
-
- org.mariadb.jdbc.Driver
- jdbc:mysql://%h:%p/%d?useUnicode=true&characterEncoding=utf8&connectionCollation=utf8_bin
- true
- true
- false
- false
-
-
-
-
-
-
-
-
-
-
- account
- Normal Account
- true
- ri:AccountObjectClass
-
- [ri:subject_id]
- Subject ID
-
-
- [ri:subject_identifier0]
- Subject Identifier
-
-
- [ri:name]
- Name
-
-
- [ri:group]
- Subject Groups
-
-
- extension/grouper_group
-
-
-
-
-
-
-
-
- true
-
-
-
- employeeNumber
-
-
- declare namespace ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3";
- $account/attributes/ri:subject_identifier0
-
-
-
-
-
-
- linked
- true
-
-
- deleted
- true
-
- http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink
-
-
-
-
- unlinked
- true
-
- http://midpoint.evolveum.com/xml/ns/public/model/action-3#link
-
-
-
- unmatched
- true
-
-
-
-
-
-
-
diff --git a/grouper-midpoint-demo-obsolete/schema/user-schema.xsd b/grouper-midpoint-demo-obsolete/schema/user-schema.xsd
deleted file mode 100644
index 4b745f1..0000000
--- a/grouper-midpoint-demo-obsolete/schema/user-schema.xsd
+++ /dev/null
@@ -1,22 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/grouper-midpoint-demo-obsolete/scriptedsql/grouper/SchemaScript.groovy b/grouper-midpoint-demo-obsolete/scriptedsql/grouper/SchemaScript.groovy
deleted file mode 100644
index 857e6c1..0000000
--- a/grouper-midpoint-demo-obsolete/scriptedsql/grouper/SchemaScript.groovy
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * ====================
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright 2013 ForgeRock. All rights reserved.
- *
- * The contents of this file are subject to the terms of the Common Development
- * and Distribution License("CDDL") (the "License"). You may not use this file
- * except in compliance with the License.
- *
- * You can obtain a copy of the License at
- * http://opensource.org/licenses/cddl1.php
- * See the License for the specific language governing permissions and limitations
- * under the License.
- *
- * When distributing the Covered Code, include this CDDL Header Notice in each file
- * and include the License file at http://opensource.org/licenses/cddl1.php.
- * If applicable, add the following below this CDDL Header, with the fields
- * enclosed by brackets [] replaced by your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- * ====================
- * Portions Copyrighted 2013 ConnId.
- */
-import org.identityconnectors.framework.common.objects.AttributeInfo;
-import org.identityconnectors.framework.common.objects.AttributeInfo.Flags;
-import org.identityconnectors.framework.common.objects.AttributeInfoBuilder;
-import org.identityconnectors.framework.common.objects.ObjectClassInfo;
-import org.identityconnectors.framework.common.objects.ObjectClassInfoBuilder;
-
-// Parameters:
-// The connector sends the following:
-// action: a string describing the action ("SCHEMA" here)
-// log: a handler to the Log facility
-// builder: SchemaBuilder instance for the connector
-//
-// The connector will make the final call to builder.build()
-// so the scipt just need to declare the different object types.
-
-// This sample shows how to create 3 basic ObjectTypes: __ACCOUNT__, __GROUP__ and organization.
-// Each of them contains one required attribute and normal String attributes
-
-
-log.info("Entering "+action+" Script");
-
-// Declare the __ACCOUNT__ attributes
-// Make the uid required
-uidAIB = new AttributeInfoBuilder("uid",String.class);
-uidAIB.setRequired(true);
-
-accAttrsInfo = new HashSet();
-accAttrsInfo.add(uidAIB.build());
-accAttrsInfo.add(AttributeInfoBuilder.build("subject_id", String.class));
-accAttrsInfo.add(AttributeInfoBuilder.build("subject_identifier0", String.class));
-accAttrsInfo.add(AttributeInfoBuilder.build("sort_string0", String.class));
-accAttrsInfo.add(AttributeInfoBuilder.build("search_string0", String.class));
-accAttrsInfo.add(AttributeInfoBuilder.build("name", String.class));
-accAttrsInfo.add(AttributeInfoBuilder.build("description", String.class));
-accAttrsInfo.add(AttributeInfoBuilder.build("group", String.class, [Flags.MULTIVALUED] as Set));
-// Create the __ACCOUNT__ Object class
-final ObjectClassInfo ociAccount = new ObjectClassInfoBuilder().setType("__ACCOUNT__").addAllAttributeInfo(accAttrsInfo).build();
-builder.defineObjectClass(ociAccount);
-
-/*
-// Declare the __GROUP__ attributes
-// Make the gid required
-gidAIB = new AttributeInfoBuilder("gid",String.class);
-gidAIB.setRequired(true);
-
-grpAttrsInfo = new HashSet();
-grpAttrsInfo.add(gidAIB.build());
-grpAttrsInfo.add(AttributeInfoBuilder.build("name", String.class));
-grpAttrsInfo.add(AttributeInfoBuilder.build("description", String.class));
-// Create the __GROUP__ Object class
-final ObjectClassInfo ociGroup = new ObjectClassInfoBuilder().setType("__GROUP__").addAllAttributeInfo(grpAttrsInfo).build();
-builder.defineObjectClass(ociGroup);
-
-
-// Declare the organization attributes
-// Make the name required
-nAIB = new AttributeInfoBuilder("name",String.class);
-nAIB.setRequired(true);
-
-orgAttrsInfo = new HashSet();
-orgAttrsInfo.add(nAIB.build());
-orgAttrsInfo.add(AttributeInfoBuilder.build("description", String.class));
-// Create the organization Object class
-final ObjectClassInfo ociOrg = new ObjectClassInfoBuilder().setType("organization").addAllAttributeInfo(orgAttrsInfo).build();
-builder.defineObjectClass(ociOrg);
-*/
-
-log.info("Schema script done");
diff --git a/grouper-midpoint-demo-obsolete/scriptedsql/grouper/SearchScript.groovy b/grouper-midpoint-demo-obsolete/scriptedsql/grouper/SearchScript.groovy
deleted file mode 100644
index 5da1e92..0000000
--- a/grouper-midpoint-demo-obsolete/scriptedsql/grouper/SearchScript.groovy
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * ====================
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright 2013 ForgeRock. All rights reserved.
- *
- * The contents of this file are subject to the terms of the Common Development
- * and Distribution License("CDDL") (the "License"). You may not use this file
- * except in compliance with the License.
- *
- * You can obtain a copy of the License at
- * http://opensource.org/licenses/cddl1.php
- * See the License for the specific language governing permissions and limitations
- * under the License.
- *
- * When distributing the Covered Code, include this CDDL Header Notice in each file
- * and include the License file at http://opensource.org/licenses/cddl1.php.
- * If applicable, add the following below this CDDL Header, with the fields
- * enclosed by brackets [] replaced by your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- * ====================
- * Portions Copyrighted 2013 ConnId.
- */
-import groovy.sql.Sql;
-import groovy.sql.DataSet;
-
-// Parameters:
-// The connector sends the following:
-// connection: handler to the SQL connection
-// objectClass: a String describing the Object class (__ACCOUNT__ / __GROUP__ / other)
-// action: a string describing the action ("SEARCH" here)
-// log: a handler to the Log facility
-// options: a handler to the OperationOptions Map
-// query: a handler to the Query Map
-//
-// The Query map describes the filter used.
-//
-// query = [ operation: "CONTAINS", left: attribute, right: "value", not: true/false ]
-// query = [ operation: "ENDSWITH", left: attribute, right: "value", not: true/false ]
-// query = [ operation: "STARTSWITH", left: attribute, right: "value", not: true/false ]
-// query = [ operation: "EQUALS", left: attribute, right: "value", not: true/false ]
-// query = [ operation: "GREATERTHAN", left: attribute, right: "value", not: true/false ]
-// query = [ operation: "GREATERTHANOREQUAL", left: attribute, right: "value", not: true/false ]
-// query = [ operation: "LESSTHAN", left: attribute, right: "value", not: true/false ]
-// query = [ operation: "LESSTHANOREQUAL", left: attribute, right: "value", not: true/false ]
-// query = null : then we assume we fetch everything
-//
-// AND and OR filter just embed a left/right couple of queries.
-// query = [ operation: "AND", left: query1, right: query2 ]
-// query = [ operation: "OR", left: query1, right: query2 ]
-//
-// Returns: A list of Maps. Each map describing one row.
-// !!!! Each Map must contain a '__UID__' and '__NAME__' attribute.
-// This is required to build a ConnectorObject.
-
-log.info("Entering "+action+" Script");
-
-def sql = new Sql(connection);
-def result = []
-def where = "";
-
-switch ( objectClass ) {
- case "__ACCOUNT__":
- sql.eachRow("select m.*, group_concat(distinct g.name) as groups from grouper_members m left join grouper_memberships_all_v gm on m.id=gm.member_id left join grouper_groups g on gm.owner_id=g.id group by m.id", {result.add([__UID__:it.id, __NAME__:it.subject_id, uid:it.id, subject_id:it.subject_id, subject_identifier0:it.subject_identifier0, sort_string0:it.sort_string0, search_string0:it.search_string0, name:it.name, description:it.description, group:it.groups?.tokenize(',')])} );
- break
-
-/* case "__GROUP__":
- sql.eachRow("SELECT * FROM Groups" + where, {result.add([__UID__:it.name, __NAME__:it.name, gid:it.gid, ,description:it.description])} );
- break
-
- case "organization":
- sql.eachRow("SELECT * FROM Organizations" + where, {result.add([__UID__:it.name, __NAME__:it.name, description:it.description])} );
- break */
-
- default:
- result;
-}
-
-return result;
diff --git a/grouper-midpoint-demo-obsolete/scriptedsql/grouper/TestScript.groovy b/grouper-midpoint-demo-obsolete/scriptedsql/grouper/TestScript.groovy
deleted file mode 100644
index a232c15..0000000
--- a/grouper-midpoint-demo-obsolete/scriptedsql/grouper/TestScript.groovy
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * ====================
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright 2013 ForgeRock. All rights reserved.
- *
- * The contents of this file are subject to the terms of the Common Development
- * and Distribution License("CDDL") (the "License"). You may not use this file
- * except in compliance with the License.
- *
- * You can obtain a copy of the License at
- * http://opensource.org/licenses/cddl1.php
- * See the License for the specific language governing permissions and limitations
- * under the License.
- *
- * When distributing the Covered Code, include this CDDL Header Notice in each file
- * and include the License file at http://opensource.org/licenses/cddl1.php.
- * If applicable, add the following below this CDDL Header, with the fields
- * enclosed by brackets [] replaced by your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- * ====================
- * Portions Copyrighted 2013 ConnId.
- */
-import groovy.sql.Sql;
-import groovy.sql.DataSet;
-
-// Parameters:
-// The connector sends the following:
-// connection: handler to the SQL connection
-// action: a string describing the action ("TEST" here)
-// log: a handler to the Log facility
-
-log.info("Entering "+action+" Script");
-def sql = new Sql(connection);
-
-sql.eachRow("select * from grouper_members limit 10", { println it.subject_id } );
-
-
diff --git a/grouper-midpoint/midpoint-objects/windows.properties b/grouper-midpoint/midpoint-objects/windows.properties
deleted file mode 100644
index 0ff8d7b..0000000
--- a/grouper-midpoint/midpoint-objects/windows.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-s-data.ldap.host=192.168.56.101
-s-data.ldap.port=1389
-i-data.ldap.host=192.168.56.101
-i-data.ldap.port=389
\ No newline at end of file
diff --git a/grouper-midpoint/mp-gr/docker-compose.yml b/grouper-midpoint/mp-gr/docker-compose.yml
index c510431..96553b8 100644
--- a/grouper-midpoint/mp-gr/docker-compose.yml
+++ b/grouper-midpoint/mp-gr/docker-compose.yml
@@ -1,3 +1,10 @@
+#
+# Building:
+# - docker-compose up --build
+#
+# It assumes that midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the 'midpoint-server' directory. (TODO: eliminate this!)
+#
+
version: "3.3"
services:
diff --git a/grouper-midpoint/mp-gr/midpoint-server/Dockerfile b/grouper-midpoint/mp-gr/midpoint-server/Dockerfile
index 3354b10..bc08d87 100644
--- a/grouper-midpoint/mp-gr/midpoint-server/Dockerfile
+++ b/grouper-midpoint/mp-gr/midpoint-server/Dockerfile
@@ -1,26 +1,15 @@
#
-# Just a demonstration of how to flexibly use MariaDB running in a separate container, receiving password as a Docker secret.
-# It requires v3.9devel-274-g1b9943e or later.
-#
-# Features:
-# - see docker-compose.yml
-#
-# Limitations (will be resolved):
-# - mariadb uses default database of 'registry' and default user of 'root'
-# - JDBC password is present exclusively as a Docker secret: it would be better to have it switchable between secret and a plaintext value
-# (probably requiring more elaborate working with -D... switches)
-#
-# Building: (assumes midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the current directory)
-#
-# (build tier/shib-sp-java beforehand)
-# docker build -t midpoint .
-# docker stack deploy -c docker-compose.yml mp
+# Building assumes midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the current directory.
#
-FROM tier/shib-sp-java
+FROM tier/shib-sp
MAINTAINER info@evolveum.com
+# TODO switch to other appropriate Java implementation
+
+RUN yum -y install java-1.8.0-openjdk
+
ARG MP_VERSION=3.9-SNAPSHOT
ARG MP_DIST_FILE=midpoint-${MP_VERSION}-dist.tar.gz
@@ -41,6 +30,8 @@ ENV REPO_PORT 3306
ENV REPO_USER root
ENV REPO_DATABASE midpoint
ENV REPO_PASSWORD_FILE /run/secrets/m_database_password.txt
+ENV ENV demo
+ENV USERTOKEN $MP_VERSION
CMD java -Xmx2048M -Xms2048M -Dfile.encoding=UTF8 \
-Dmidpoint.home=$MP_DIR/var \
@@ -51,4 +42,5 @@ CMD java -Xmx2048M -Xms2048M -Dfile.encoding=UTF8 \
-Dmidpoint.repository.hibernateHbm2ddl=none \
-Dmidpoint.repository.missingSchemaAction=create \
-Dmidpoint.repository.initializationFailTimeout=60000 \
+ -Dmidpoint.logging.console.enabled=true -Dmidpoint.logging.console.prefix="midpoint;midpoint.log;$ENV;$USERTOKEN;" -Dmidpoint.logging.console.timezone=UTC \
-jar $MP_DIR/lib/midpoint.war
diff --git a/logging/Dockerfile b/logging/Dockerfile
deleted file mode 100644
index eb3ec0a..0000000
--- a/logging/Dockerfile
+++ /dev/null
@@ -1,32 +0,0 @@
-#
-# Just a demonstration of how to use TIER logging feature of midPoint.
-# It requires v3.9devel-262-g2778b2c or later.
-#
-# This is derived from Evolveum's dockerization; this will be changed.
-#
-# Building: (assumes midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the current directory)
-#
-# docker build -t mp-h2 .
-#
-# Running:
-#
-# docker run -e ENV=testing -e USERTOKEN=3.9 mp-h2
-#
-
-FROM openjdk:8-jdk-alpine
-
-MAINTAINER info@evolveum.com
-
-ARG MP_VERSION=3.9-SNAPSHOT
-ARG MP_DIST_FILE=midpoint-${MP_VERSION}-dist.tar.gz
-
-ENV MP_DIR /opt/midpoint
-
-RUN mkdir -p ${MP_DIR}/var
-
-COPY ${MP_DIST_FILE} ${MP_DIR}
-
-RUN echo 'Extracting midPoint archive...' \
- && tar xzf ${MP_DIR}/midpoint-${MP_VERSION}-dist.tar.gz -C ${MP_DIR} --strip-components=1
-
-CMD java -Xmx2048M -Xms2048M -Dfile.encoding=UTF8 -Dmidpoint.home=$MP_DIR/var -Dmidpoint.logging.console.enabled=true -Dmidpoint.logging.console.prefix="midpoint;midpoint.log;$ENV;$USERTOKEN;" -Dmidpoint.logging.console.timezone=UTC -jar $MP_DIR/lib/midpoint.war
diff --git a/mariadb-plain-password/Dockerfile b/mariadb-plain-password/Dockerfile
deleted file mode 100644
index 7334ffd..0000000
--- a/mariadb-plain-password/Dockerfile
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# Just a demonstration of how to flexibly use MariaDB running in a separate container.
-# It requires v3.9devel-269-gbdd3017 or later.
-#
-# Features:
-# - see docker-compose.yml
-#
-# Limitations (will be resolved):
-# - image is derived from Evolveum's dockerization
-# - mariadb uses default database of 'registry' and default user of 'root'
-# - JDBC password is present as plaintext
-#
-# Building: (assumes midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the current directory)
-#
-# docker build -t midpoint .
-# docker stack deploy -c docker-compose.yml mp
-#
-
-FROM openjdk:8-jdk-alpine
-
-MAINTAINER info@evolveum.com
-
-ARG MP_VERSION=3.9-SNAPSHOT
-ARG MP_DIST_FILE=midpoint-${MP_VERSION}-dist.tar.gz
-
-ENV MP_DIR /opt/midpoint
-ENV REPO_HOST mariadb
-ENV REPO_PORT 3306
-ENV REPO_USER root
-ENV REPO_PASSWORD 123321
-
-RUN mkdir -p ${MP_DIR}/var
-
-COPY ${MP_DIST_FILE} ${MP_DIR}
-
-RUN echo 'Extracting midPoint archive...' \
- && tar xzf ${MP_DIR}/midpoint-${MP_VERSION}-dist.tar.gz -C ${MP_DIR} --strip-components=1
-
-VOLUME ${MP_DIR}/var
-
-CMD java -Xmx2048M -Xms2048M -Dfile.encoding=UTF8 \
- -Dmidpoint.home=$MP_DIR/var \
- -Dmidpoint.repository.database=mariadb \
- -Dmidpoint.repository.jdbcUsername=$REPO_USER \
- -Dmidpoint.repository.jdbcPassword=$REPO_PASSWORD \
- -Dmidpoint.repository.jdbcUrl=jdbc:mariadb://$REPO_HOST:$REPO_PORT/registry?characterEncoding=utf8 \
- -Dmidpoint.repository.hibernateHbm2ddl=none \
- -Dmidpoint.repository.missingSchemaAction=create \
- -Dmidpoint.repository.initializationFailTimeout=60000 \
- -jar $MP_DIR/lib/midpoint.war
diff --git a/mariadb-plain-password/docker-compose.yml b/mariadb-plain-password/docker-compose.yml
deleted file mode 100644
index e4eab5e..0000000
--- a/mariadb-plain-password/docker-compose.yml
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# Composition of midPoint and TIER MariaDB containers.
-#
-# MariaDB serves as a repository for midPoint.
-#
-# Features:
-# - a separate volume for repository data (MySQL database directory), so it persists between creation/removal cycle of this stack
-# - a separate volume for midPoint home directory, containing config.xml, logs, generated encryption keys, and so on
-#
-
-version: "3"
-services:
-
- mariadb:
- image: tier/mariadb:mariadb10
- deploy:
- restart_policy:
- condition: none
- volumes:
- - repo-db-data:/var/lib/mysqlmounted
- networks:
- - webnet
-
- mariadbadminer:
- image: adminer
- deploy:
- restart_policy:
- condition: none
- depends_on:
- - mariadb
- ports:
- - 18080:8080
- networks:
- - webnet
-
- midpoint:
- image: midpoint
- deploy:
- restart_policy:
- condition: none
- depends_on:
- - mariadb
- ports:
- - 8080:8080
- volumes:
- - midpoint-home:/opt/midpoint/var # change this if MP_DIR changes
- networks:
- - webnet
-
-networks:
- webnet:
-
-volumes:
- repo-db-data:
- midpoint-home:
diff --git a/mariadb-secret/Dockerfile b/mariadb-secret/Dockerfile
deleted file mode 100644
index 15c489c..0000000
--- a/mariadb-secret/Dockerfile
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# Just a demonstration of how to flexibly use MariaDB running in a separate container, receiving password as a Docker secret.
-# It requires v3.9devel-274-g1b9943e or later.
-#
-# Features:
-# - see docker-compose.yml
-#
-# Limitations (will be resolved):
-# - mariadb uses default database of 'registry' and default user of 'root'
-# - JDBC password is present exclusively as a Docker secret: it would be better to have it switchable between secret and a plaintext value
-# (probably requiring more elaborate working with -D... switches)
-#
-# Building: (assumes midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the current directory)
-#
-# (build tier/shib-sp-java beforehand)
-# docker build -t midpoint .
-# docker stack deploy -c docker-compose.yml mp
-#
-
-FROM tier/shib-sp-java
-
-MAINTAINER info@evolveum.com
-
-ARG MP_VERSION=3.9-SNAPSHOT
-ARG MP_DIST_FILE=midpoint-${MP_VERSION}-dist.tar.gz
-
-ENV MP_DIR /opt/midpoint
-ENV REPO_HOST mariadb
-ENV REPO_PORT 3306
-ENV REPO_USER root
-ENV REPO_PASSWORD_FILE /run/secrets/repo-password
-
-RUN mkdir -p ${MP_DIR}/var
-
-COPY ${MP_DIST_FILE} ${MP_DIR}
-
-RUN echo 'Extracting midPoint archive...' \
- && tar xzf ${MP_DIR}/midpoint-${MP_VERSION}-dist.tar.gz -C ${MP_DIR} --strip-components=1
-
-VOLUME ${MP_DIR}/var
-
-CMD java -Xmx2048M -Xms2048M -Dfile.encoding=UTF8 \
- -Dmidpoint.home=$MP_DIR/var \
- -Dmidpoint.repository.database=mariadb \
- -Dmidpoint.repository.jdbcUsername=$REPO_USER \
- -Dmidpoint.repository.jdbcPasswordFile=$REPO_PASSWORD_FILE \
- -Dmidpoint.repository.jdbcUrl=jdbc:mariadb://$REPO_HOST:$REPO_PORT/registry?characterEncoding=utf8 \
- -Dmidpoint.repository.hibernateHbm2ddl=none \
- -Dmidpoint.repository.missingSchemaAction=create \
- -Dmidpoint.repository.initializationFailTimeout=60000 \
- -jar $MP_DIR/lib/midpoint.war
diff --git a/mariadb-secret/docker-compose.yml b/mariadb-secret/docker-compose.yml
deleted file mode 100644
index 8dceb89..0000000
--- a/mariadb-secret/docker-compose.yml
+++ /dev/null
@@ -1,64 +0,0 @@
-#
-# Composition of midPoint and TIER MariaDB containers.
-#
-# MariaDB serves as a repository for midPoint.
-#
-# Features:
-# - a separate volume for repository data (MySQL database directory), so it persists between creation/removal cycle of this stack
-# - a separate volume for midPoint home directory, containing config.xml, logs, generated encryption keys, and so on
-# - MariaDB password is presented to midPoint as a Docker secret
-#
-
-version: "3.1"
-services:
-
- mariadb:
- image: tier/mariadb:mariadb10
- deploy:
- restart_policy:
- condition: none
- volumes:
- - repo-db-data:/var/lib/mysqlmounted
- networks:
- - webnet
- secrets:
- - repo-password
-
- mariadbadminer:
- image: adminer
- deploy:
- restart_policy:
- condition: none
- depends_on:
- - mariadb
- ports:
- - 18080:8080
- networks:
- - webnet
-
- midpoint:
- image: midpoint
- deploy:
- restart_policy:
- condition: none
- depends_on:
- - mariadb
- ports:
- - 8080:8080
- volumes:
- - midpoint-home:/opt/midpoint/var # change this if MP_DIR changes
- networks:
- - webnet
- secrets:
- - repo-password
-
-networks:
- webnet:
-
-volumes:
- repo-db-data:
- midpoint-home:
-
-secrets:
- repo-password:
- file: repo-password.txt
diff --git a/mariadb-secret/repo-password.txt b/mariadb-secret/repo-password.txt
deleted file mode 100644
index 28d983e..0000000
--- a/mariadb-secret/repo-password.txt
+++ /dev/null
@@ -1 +0,0 @@
-123321
diff --git a/shib-sp-java/Dockerfile b/shib-sp-java/Dockerfile
deleted file mode 100644
index 51f2a15..0000000
--- a/shib-sp-java/Dockerfile
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# An image that derives from shib-sp and contains a Java implementation.
-#
-# PRELIMINARY VERSION
-#
-# TODO:
-# - provide TIER-approved Java here
-#
-
-FROM tier/shib-sp
-
-ARG maintainer=tier
-ARG imagename=siteadmin-sp
-ARG version=1.0
-
-MAINTAINER $maintainer
-LABEL Vendor="Internet2"
-LABEL ImageType="SP"
-LABEL ImageName=$imagename
-LABEL ImageOS=centos7
-LABEL Version=$version
-
-LABEL Build docker build --rm --tag $maintainer/$imagename .
-
-# TODO switch to other appropriate Java implementation
-
-RUN yum -y install java-1.8.0-openjdk