From 41496104ed9c367d421ef31daed7b736b697ac8b Mon Sep 17 00:00:00 2001 From: Pavol Mederly Date: Tue, 30 Mar 2021 19:59:14 +0200 Subject: [PATCH 01/16] Update Grouper connector to 0.7 This resolves issues with deleted groups (MID-6756, MID-6900). --- ...0.6.jar => connector-grouper-rest-0.7.jar} | Bin 1475490 -> 1477493 bytes 1 file changed, 0 insertions(+), 0 deletions(-) rename demo/grouper/midpoint_server/container_files/mp-home/icf-connectors/{connector-grouper-rest-0.6.jar => connector-grouper-rest-0.7.jar} (98%) diff --git a/demo/grouper/midpoint_server/container_files/mp-home/icf-connectors/connector-grouper-rest-0.6.jar b/demo/grouper/midpoint_server/container_files/mp-home/icf-connectors/connector-grouper-rest-0.7.jar similarity index 98% rename from demo/grouper/midpoint_server/container_files/mp-home/icf-connectors/connector-grouper-rest-0.6.jar rename to demo/grouper/midpoint_server/container_files/mp-home/icf-connectors/connector-grouper-rest-0.7.jar index e0ba84d986709c56e815582030123a84aed60caf..d03a75ba0dac1647a627230596535c7c13afd061 100644 GIT binary patch delta 18997 zcmY)UV{qWV8}<#?-P*Qo+qP}n#<$qowzhV=)z;eDcDuE0-@pHT>Gy=S6Z%CV7#} znan3S&R-F_kLkLI%5vZkups{{EI$KPlMu-enEz`#(9V9;|JR3@B!~|r^urD?Ba2@L ze~1MV$FxWkap~O$NJh08YwPqV;TpU0LHVM7gBzEV(pO}QZ^}DlWTM1T zxyfBpe8^b+D~ONz3NZpmd+$5B@XLwj6BjI!ZWfi0v7cn&n7pnFY5c1^RrT^kF+$vd z`kMYUbgQx?Lva6hMKu4dB%_uIlMv$nRWnSORR2f4F<~BA{2zN`#PQ6J z*2qeb&h$UaUHF44kui70k*TtdxxBeC{+<%&@6ND^Q5J>1))ya`Uqz&XYI>dS8@QvR%WKiFr*}P8!qFBdc_23oV=+7lN$Fb2bo2fC!ZnN=~?c->QWIixg zEYI@>6zA1k$1S{~lBcaZ_{}T$C^Teb%6?fy>XNr>EvV~^H&{z@nvd_h6W7|cUkC$~ zl}D;~h345mqbmG9kTgHLFWi@JGvQo6V?xqi!biC+}fp`f}YYip(CSac^32#^~G%Ch{fVsDq= zgr{L}N~anlS6p@H_5(YUvf$A37oQ~BMfm-PaVJ~Noo7fNa(#f59A|f% zp^m36^3}1r`L{`BKq4EyDp_>bAg|@P%*OI!iiWm5*?(Pn1?pqo$wbEc5G@fS4o3ST zr4cfZ>3*YS$%%bD(k}K@dV&w=Tp9C8?}=8QS_vX$>nsUr^4pT_mwkH2fK#0>*Kf#V z{IBUjr#WrYQ=Zq-H=C5gr8@(+C-rfpqHFy89~0Jrv$BEs^<3q@fsTmDVX2hjz~zm}_B@g%AsVGrfs$E@>%I!?9T96QJZQ-P$?;NXN^kVix!Mnjkp>t`8 z)Zp)esfN_om1M@r{tXPX%NzXiwTri5C$ z6oJh!#)EYEes*kvk+8$X14Ib**6ib_uq&;Em%WlW2AS+9dG=BZOqFUSB5YQzx^%#a zf=~791%t-`rLA^)rl+Vl^xmQ)QcYLh1Fdz}R0l?%lEeqR5Ej79Y{%zzR(1{)H@7=X zF08F?j5P*sbN_3uxxz&0?PKzJ!5C8aW8X3E(4$^jFBa6O&q4ZL=gnnOo;E2sn+Sc(@kptU>=qL6wt&{lQ`pP>P$}QiAVc%PfulPf(Gd<-L zDk7F&7V2W^^AWI^JVEjS3Y64g?&HJF#k?v#u%{%;_!>amSjjdLp6eCsBSS|vZkMb6 z7*7rEoH#z;#0_*aME96oax)P|8fbrf3o)-_Ys}JF)$+`Q?Pdpyo|Ah^Nb}KDDK&JN z>qQ=g`CZpkWG2`Z?U$R^h`EeQlat1#KDl#31%y+L9|Da%S*>!bhlf+n+lmSJI27B( z=kw%4QgV|>O*`iu;p@Q`K?p;twZb_ZsnLKbD0vXEGe;ghhuPW(Cv_G)ao zYdouxO^>Zb-Og}-wz5(8-q-5N{ls8;(_tzmN~pybx4u*(*E0C%Y#9wXUU$UTx~4I5 zVot8unn;*vd%QQh0VU@|{q(S0#pSP?Ps_|Lqo_ekv77VJNFa?FWYHCc^dO1vd z*@dt{V2&552kB<#z!x74)|@C|AjiL=gNl2p77y`d>c`SRVpN!BSh&>$PGDKchkY{5 zKa2Mftmzy4ggmp&D(vJQbT!~eRH$KCm@^JyU<+DnS?Gs-q5%J3iFd-lx!$%<5NKW9 z1z6Wpapp`E9yXY{qk=a2T)KNR@W!1PP*L~ecx=!>1kpfjlrh&AiVD2AbYqCv4~h<` zCpL~Ip@>6}N$awzCI-->-sv6;vtsI4>y#uj{LWxVwv35IRp}QL;``a<`6p_1OMe(K z*E7~;lB>(M8(Xc(OdV&R+iVh97fK+@kWR2RXj}xn3hrQs?gMHqGjWiwaB4n0p9(zr`2MWY`7{+=bck)db>t7r5 zpPZljG7WcHGEua#4STT+dmYP-5qu%mKZAAWcyFsgS(oqM@C5{OdItyEdYbh_0Kq*O z!959)*UuxX|AxGY8u|30%rZi6!F#X=4P%ie<8MP_ZyASQNJs-$iOg1GZb?j^opEBf z5Qh`~5ZqmhAF2&*9w?fAnM}rrqb3xF`b9PM{9Km%^U^IJ1KFH8GuIyz)?C5+hK@^? zp_$ij(Mh`zUN-BF8{^rM*SF{P7igOoT^1oA@<#vYePbppj`YD-;Sa{-m#GgXQ}<0! zWhNvOA}R+HuqfIQ9z8qx+QK}d+pO1owu^h0cp+fmn>(1jYMj&~a6}&Z4vF@RwI=d- z6qMGz?~d0Deq%yP<5#~$-YZInPKw|qJoBOc?eX93t!&lD_TT}9z#Rk04M@!w459Kz z(B1OO_y;%pHIB{^T(RvZZde++CgQuU%OBj)==X0I(rmJZQ6!ae7R^(LJBV7tPLNJq zUh8_@%jOX0i?ant)cwxzn7%`J`n@f%ZHhMFBl_ZrE916L|;o;CG%!k=UM$3`x;LSAgP@s~r;id)ZFy@y7?Dp2It@KM$&&3;TV;_+|*I zcj2F$xqU{?_CGmjQdiwiW~9oriRsB71SC1t_uBPCzyeI-2q&K#jZKlmQ8W4i_sQ!gt&`)S`Ko~lL=U*>< zEyxALU3-CJATh_;RT>zyb#>eMm?`M#X}Kw=5u}vgvVL;{8nZ-awYD)5U`5+Q@~;zv zMb?u<(Y3eG`QDt3aYaPaUZAEqc zskQxeRjp0+xvgEjo$0s^>JLa$xvVo;yw1S@jpbHn=Nydd>N6y0ucvS^jjdhf(X;q4 zGL7ye=dPV-b%`458rxC>P_rDc?%PNq%pVb$8MP*^3`oyGLj%LYqqgzS4$T1RVW>Q(EnIcM>Mg}iYnwae8uFq0?U#`L%hlYzTJ zAy`T#Y6d%aDc@=^0ZnSm$V>U;7)^)hm-m{>-BHY%xs{000bA2%+At954$}1Ah|{Qf zl!Z0)AH#i4-M$Qjw-1_hxJbb8uj-GY{D0O*ZNh@Gj0~T5v9t=u_Gs*)%o3cI`;Ed4 zRV>JHCgts4*nOQWgrV_LJ^Bi!tkj3AdJ!)p)a;Z2P2E75g;^SLWSE1>kM&`C#WI-F z<;Er<6OyLzA6_!ip$&5_-j$icdXqcdrDHqwWvBdw_knnWu-h$sIsE|KLT%~b=L7(q z{SeuLVI9q~rg?Pz?B#W`a7sj<}$Qla&z(>S%8Z@om@Y=EuF?dAagd|^(jqQ)3w znzZD=Fcq(#xtiS5Pq1=%()vd5?irRUzIiKM$VvF)=?7zcXLF>G?$X@)KX{3Mfy&3= zyh0`S{p>tmf58R5TU-Id1cwofP)hDP7$}T|zMFT+tK=^wWn-uzcuk6nMFhqidKl7w zN&Nvbv>Q{q<~w&R_e|A(s4jocDj%h4TQip;Dr_zrI(B2uz>D&K{;8u8u!*%4Kg!Gs zqyDXdEH{Il+{cBy_C}%(!e72((!rgVmM#6a7mfR?V;TwR%GCmh?sF@4k*Ejt9y?X5 zEyPC{A=^rC&hpIZrl$8c8;I46^9Cl+%$=%EiGweMK6P&T1V_4jrkd1Ms%%>FuP-&KjcuaZO3#=qO&tV@ zgzW0c{Z8Yf7t~M^kOAHsMK#h2nmO{5(;9D0og3kmma*?D*^_G6PJ{CSfn`f(6F=}o za|S|HaogwcGg5IP%hp}CM)S;uXOkFY2u|X5nDu3NJF@^v=+6K=zmKNy*JK?lW{-4E zbI~=LMrke(q8O>mVrVX5Fqm(x>bp>XI#d`bs83N5aU6vdjQi&ov)Pgj#|9YeBIg=G ze5C%NG;Tgw1imIrW`ZxK$P6>6=9A_IzV4(-%Sm^VX-*9CL?5x-{e>C3dq@a*s|49w z%FEK3eQAINO3kE-@Y4iMvJm%Y0+91S=1bTaIrhs25p)XP~`mf zXD=Qd_Q`r}7wMHJ#e*~RDBpbC@-E@UCo&O$zp(s~p7_2_UBknfiPB0r%?PA}f0;1OKHyS-F{YdcjJK-kUe;HP zFGT<6rxOVmy5CLP?a;YSz-EqQ0M6YZG$wv+PYa1L80I9kdJtE)@1 zn@h_o8{4`OB9H^Dq)}6x&5yL-!v`y`ZOR|()>Xb~=bW!zAAUT%GG@Ookv^nSzJb30 z=PN?sz(Mbgk-{61Z&T!bV{vcRhu2rc*f$v`LU!f2%KcJ5mx^m2ndd{<*!Mx3d?22s z#CJ&>vmbMT%4t10$4&D_alB^#c<R4TQwWn{n$FFTAJ5AItCf9>S_`Jj%LrP5YRBo~s8zzQsKS*N7+7~V{& z1GdSUDOW{)3JNRmY7AG`VSezVfsQE+7}TdY=`9C=Ie8F`)Av0Tj#BHTCStn z>gHQe)p80I%(Jsy1oTGS0I8z6Nu9<@h50US(D*l6)-=q^CCZ$2bcd=+g@rP>SS2=& z0?&@hDPfHqngpG7dxIP^TelWfHM&p*+rtmau9flS^mw?=Y`yi)Gd@cZi%t%RJr(~x{Ex_&Zy=YbJq71U!FEj>5b`742wH;Q4me)Js-c~l zZ3%OZ^KeZ{jzwU~TNLolTUQ~NCf=p)+nr6(hV z-4-&bZm4epNI*AwQk}Ev2vU;bG-+(IEyfYVQ<4pnbxd&}(@C1qMV~wYxe^{ic-obK z-&hAYV3sO(P#t4L;FJfQVe}?Ma~FCnFZ6N-pYTx;G;OXraSU`Q74gR?_(I6=&rhan zRl^PR2A=bwMb99=b-X9x^Zmr2;>qh?{SIP~@@cXFm4iPfiXx6a*i`L~?-?ZJS9Sw; zDkWxvPSkL}!~(Zmwx}7$)B-nMV7W5Em(`)%T!ufc7Xx$$c|D^s1!eGaJ6eY7TL(uk znay}x(w?xUl8dtRaz1aVsI0?$&2o~w5lkm3@inyG^!9@zm+%qS!ugMd%m-zto6`}e z#*{<=YQhZH0+eW-Zd3*jkKpy+GWu@1W#_TZ?xs7CxwwZ!&uDYGXjT=76)U3@*@fho ztCnlpI)LoUxO)wzwm8KmtpM0JLg~2@&S7>V{@%}2?q~Jul|ufLN3v(!Q+1^x*`ZPn z&@fPs)t?{HY3ydV(xYdUTkQku2U1LkMU^AKhP9t}X}}Zh1Tq_%R$ypbylMDXML-L4 zCwp-Uwr3wlLv5xIF&C)mGeQpPj$IQ2U$u4yids2&aHnxBqgj_!=PDMXzYDd1?y=b??Hj5r+J#DULXUijtWi-tZTxkSAAv3$ zjar=K79dHS42rg;4@xxj;Jyi!58{ig>0tCvb3sH zSqeu$@_7L~Xn_4q0AV(;1`LB@F=9TnaIoqDnE<`8@WI0u+u8fCN}IyI$}IQKbehxx zAa&fsSH9dyK1+?i=g*5n_OEV*l$No~FKz*o{orqq)RW8`?N^Yg3ePk^tdPwM?JrBU znmMZa1OJ9_Lw zHo__S$H{N;B{$3?diml2PHQX*>jJXo>##}K!r&HWns);U0p`5=BFElpVurZ`-%Q*& ziA29@T%I)E!Z45772PVJn4>wHcg~l^_FQE>Xw3kTIV^u|VhZmH9RJm?1Tp&7Xuh zuQa=)Er?FM&6~CkEUCnL0CL9zCiI#S{-;+46D^-*9c9oG8;twW*8wQ|GN{ zA7*v#gGA~WYvTuY)={~|@<-24Tg)h1Me!H!@d8iML#nX?x`VX6jl$or)19#6f0Ssp z1F6uRa-4~9&<92Xscq=cQ9}2MmHi>AqRpN-g^l?Z{dg>mqSC8RG&`~dWv;{L>w{%_ z;pRIr)px+ty0vJ44_9ns%CLHwD)pD&8W>7dUvN0;J8+4s`-K_gKM?2K5Pu+2h&Yde z23G{4SP+2k<7j+yW{m_r#s(1ohsxV93mhhjJG z5YPWSiez$sG0csj%AG**JNd(qkBrAUEst;N0G;~%Pg6ua1*B?zSk3MAv)MZ+{l|DX$kT_o zN#!wE@B(X;L-)dd2gb(?fc-$9A9&&bxH^~cBP?Bh8hA78 zb7|AAu~ptxz-_XEuT}m{1bT!!zqKTT_qxU z2&8sRVy1Ac`ntSjX;?%TTG>nUSeBDLcGQ;wFl}22$aK8zkofDf%`f%Wg(fOep`Paa zAj9uo0M9%R%&Fhx&Ku5NufscNyFG_;TPnl5<6kz@<>Vb^Pz}Jukcfk4Az9RR!|YnC z@3aegw)}%rjeg%R_x9EHqw%~eeB|y3aki}GzH5}p4{6pi?ujOCy?u$YWDz1mH|WCx z023F0ff=`vRyh)t@laNSQ*TCuUHc)n3a0i4QRSAh@5>S7dt$WiX<@t*fd~Aq6%wwPT&+CTEq|rV(4}S zQAn1{s9%X8lgAz{D#sqvrBWyb3~-L=ynA3_x+E!>t4?Q?G1y(94hnuyP)=#8P7Fj= z%G#o;xQLLYGXK$zb*p8olc4W_#; zOjbT*B_lLa)CEyBm6vk;(?}Kh`+~3u4f}6sKSC+1YVkfu+cemWUrE3miWQSdYW%fYg^Yt8Df}QWYTz(x07Fr_P8y-lFoTN^MLZR)OSOF*KLbs?4xP&@ z&HK+$w|YgN)~Qd1_^A*0!_^l1J+VQa_$CMEUNry8UXk%LAyp+cObWvuZFFbWaZTBZKgg<|PKfd*MMBP8rj&!*b#rz5gPZs-? zP-I5Ieu;@f2EJ4-@Fga?Y9!MkGhu&Buy(yLFOfR~8T?JisB4woPfw~YBazZ+c$GeN znb!eD_59q(aVcsfN_OaW0V?!RdM2q-L<7Z9YfwlY!`y4({iW}z=X48VjS&lsu4wzpLxrA@i|JOna3iy8+)bN7Z@FrZJ% zrr)hYtnLEe3jb6BIVK%MxP^L9CxcPbm7d4V@Ok-#XL5GG)zKsa$?bv!vrllFUpbiZ z_p(-B=xN2fvf_U*hsxP-W~k7drRgK0Ys^FPC)oN3E){L}X)N|z&GL3J9kJ2$!Br;A zlm!Y#{Hky|mY~TH<0B}-5uUo%Vf1HzRcI!Qrel#5=j+@9nA?jA5-usQxHJgMlE z_X*EI0z^Y;JxY4&YWn?Ux5REu$B!v!-m>x*XYA7o*hCM=r!Crw<3wE#85Vf1e<<|1 z;b7Ug2An$I@e&hH7wW(hj6~_7(1ugcw1FCRl7s(8Mv%#jSK-GPWz|gr1*wZSdB+E- z2N$H^AHW$v*kdK#^@m9F31q$>lox5P6SKiUM%wk?Gg>7Px3pt%7MyW=jjY6Y(~&6n zzB+pr_@}q}fEQs}U)?i^dW-o$l~JD}BF(E6L8;qCP&+)PS8DWaszJsLgw={2vr)~T zLj3rX1#ovi$X3AsqEe&Tt(re{ZBmr&bkc+ou(|uP$g=!NRKcC}=@-(WGM^e*TA1Cz zNs$a6xGdkiR9bvmdNp~_W}UN|L`FZqH5~_gQ^EXkzAjspT+YA2{;vV_zigp4Yy-?& z@c%arh-Z+|gaix(Bp3n&MEZYeKuj3{p_niLxtNK)y{d(qvy-En1*4h0iJM!ks)Eyk zFmk~8s!MWqU`eX#xKtrzvhoe2q6q#EQ7|0_Qfks}o~vMiRtOdX}^2Rg8Kmmp9F%twlREDZ_xG8d5prU|Q?cAo7e?C67QQdMN z+lQ(geCfzFl&yW!0%aWyE8K{3o3i-W06aaK7PjMeCuR6htRebZIIktn5mE^dpHfM? z9)br9DOP7Z3OJ}++rTxi;f~8vY>mrO>x7yv!dmZ-o+oCI@oDXVSJz*ORy$pgKGQJd zDNVQsbq7rw{u(t*3SZGK^tRBKe5D}nrom0$Mo*G_plaYRvLP-w!h9<7dI-QK*qgZS z|KO&OC2HWJ`NI(yo1#sk*H@`#U${vWv~39jTFos0`g^P@SLGZ2axiJnD9RB8xFWK|qNAi?IJsbV<0nI=M=l zIGWpAxc;B$%1abd3SmJWE&#h5Cqh}v)yH>lj8T-AB~MPYCT4M=fAkNKIZd)NLha2C zCF(=6pofR0Bk=8>aC`0)+z~1;0;!vua8BLTE_!tQs4n(HNryKGd+OunDrzt%qAn%7 zmVui7DJ-&kXv&_S1EkGOzvwF!qYGXe#WOIm*RIx9=$}w@CggUv=IT0_&$TBwrM$sT(PWs~X#e?p`7u_v%pbNOb86ODcub1UCe^m>#@;C14Qr*xhal&) zVzDnNnB0XU_X$r0>-Emi?s8;emQ2p)xo{=)?82$!_B4FaAsN`TlGqU<3VB{^3#(y% zsxf5JL1$f;JoJ>N;#; z&@F0Kw`#{QnBrBaH{^KwZ5e8Hc6Fco85m`hSN!MAK2IIUvC^CFTt5fy`9E*^U9}(Q zU*@|x^}G$=k3?EGzC|Wbx;cUR`~hYTBK!3ewvWt&q!g~WxR1zE{1oCRy!xPP>`K#^ zxlfA)a;g8Jmj^WGw7py7UnfTKg)JA3t>E}~Cpi5xV6|%-yH3823)3Iv!trlPD7)`O z=ovcDvzT`feH5VFxhl@`j~Kg7%erQJQ6!q$@AUWQ+94Bq&h{^;@$4N#!UjGH6RLa? z#*lD60*M%sj|N#gRz}`mzy=0W?=8&1OsM&Pz};u~*v^9r(lt$q)r%e!u<`FY^CN*0(8B!6PiPfUed#~j;d+7o zeNOa7O>&cP@E+YS#Q8!cxK1+4_sW<8(87OC9ssN_1qxqSDNM=n0KoCOBmd>qzeaWg zV1Kx!0K3H-5Zi;j?5|paUmV|MiQg&T69+r8$Jg**-3eE_LYe>jQa8T?;2x|(zfJFq zhK9c=OTMIH_ccO|?&ky>tI;TX9q;g1A1DLSgYAayiXkTNX%gtxNQ zL9<}K#c)zQOv$WZAmk~0J)@5HXl*7Jpf++AUS~W~^@#9zX;6)~evX?X&kiNH;JLWM1rh42y=XjvqJG5u8V*$EoavW+JQ@%X#8oSBXtlLy|1p4T z-j&TXY-ns5Qa@fpb-c8$b~-`5@R84d?BFOE>ujv6gma@D)0(i=DAyx6Tup^v;@}Wz zA5iks1AoH`8jNopuG8@753fV;xIAx&_Q#h9(m}B42gjJ6M>|!Z60MZxA8xLKVN^47 zNC2eT^iIFBgT37wunHX5o zjH(Y|W{mnvTA3z~aOeaSLE@3rzjeYyM(o-Q4Tq8x zF(sSpzNIg3Cq{bdjhXWY=V5rB-?%&Af&=nGbSo}Y?8s+VO}1~UmBHCp)(|2UWjnHu zLxW@49w&CQB9$b|1aVX-TDfc0qB3^v`8^y_EflaVj%(3}83hDxZd)!cuOUt3d+|N1 zby=g5dlcmxwgRnIQJEGqjJQ6Z|NRybkyEa*aH7`R*gLGQIUsN!nUb@Dbw4u%)b!PdsEi?L9D5)-pU=o#AJmz!9!_?M2-b3J>S0B+DEYp%>IS?^(3U1;#c_3ML&^~c|dm7P?SK{8a#EkPSJV&W=3auQBkC@XTNo9tEsbMm&-ltWTk$Y zpv-)*{0ve?gXiqWP+Oi(4W&-Lh5@3wpt2ZoJGo0vv#FEA&O&dm95ij?1QeEAeJ1M+ z*uoV{0OIVmC}zX!d=S{zC+vmS@?2iid(OB+o%_XXmz-m5PDKVkF%6t5To#)?&h%aT zqoIW=mNwllA_)lKIr8JezS|02gXnjSI$vgM?6<_L-#CTNp#RHX7w7Q^s<{h4XWU;m8h zG1gC8g=U1Qmm)5lAO`LBU;-#bY10m!ELvoW#~{=+0af%3D-S2QvQ7yxd5pvMnX<;; zYt$p+{Q0(XyA#ru)PLB{?13AGzh`j*2z+E?=*o;^-J?hPxT7NULUnr5X{1ktln0qG zamEU@EBbZ@9%V5;Vo~Bh`W^P9Sv}@sOyc(e>YhTOJo(d45f^H`8Gqj=^m_5uILs5FqyFNe;l&zCV}xcZ-oG;sY}ov z_hn-gh`mTEUeIQSI^yI>-OI(zJ)NLQH~wa0w&iSV8L49ViJ8^EZaQgF_K4M1W1>~O zt1wzqMd%Pv;gpBbl>dhJ@t;u4Sxy^_vynp_apBJnd5#X}S){X&_k_i*RxLQgPoO~C zR@QZzNK$1_iV=+KfoSxSBT-7krW zGm6sdDEA0eO-7nvEGI7`>JW-)J~CWmik}A+0nQ*W3!=gqeSa?Qi0k$DqM5Ljs5)vn zP{y`KER+($L^qUx-G+iMX&_k+Tt?Eg(v~FbW4~sayiBJk7znOtfZCY1Y~&C6Bv00~ zmEc`c3urW2qL!|ZX6^7MbB;qrWWojJB&73iL?Q-P4j=8d|N_J<@8iZ7&d%fo?oS@GR5A`x7|FSmEkE$+}1p z*dki{;0BWs0-R5tmfwEz$Mmn1!dGW8^EY)fq3n>1lo}b7ow16Mp?NMwDwd(0z(j2= zK_M$JmkS|Zhj*Z9aw99o;Dg2MK<0i3HjpKs!5LRz%GIkrl4dO3gslhF_toQyv-%9= z=oTA;+3hGkIN#ER=-E|x1TIm-YBNnF8X44OXI4q10l!0PA1=am_dv%+!S_mo4}z8u zQZS(H1mW^=%{Ij5r2i1QCixVd{Fu(ps#2U5FT-@ccYa;FZ|EmEo~Kxe_GrPbTB_%) zp!=v&fJ9ij(ju@eHgZta8pxWd01JYw6U9uFrw|37@_gbDH1fc_UwY9$)XG`n`#8%x zvn_+00eJXeEy)EZIzr9F;|wPSF} z6$tQ{GrUPWJNJU|T$cVjQQJ?mKYYM5Ki`v=E8j`1@T=xftZ=Jed zwbgY8i1i896KE}l++ql8iR3wVKIf|cz_Agh4udFSM`Hlf+uIeP`a5}nIAnT@zKj$G z9>wy5w1^-uf97!X{$agietFl4iXI_O#HGg#tR)zqvOrOr8~l!W)SWYH5Q=V&NQQFG z5O5g!N5hCx#{=g|(CEPXi@!D!t{uEC#Q|{QDZBW=Ti94j342>a*QMHBCQ0g zbI@1d0jdROgQBq(CWRa*r*VHp=Y)k6EdcM(OfeM=VmZy1E|E#=@a}hESiVGBCcC8g zmT95E$)$SFQ#PIyO!aH&0UERoGHJMVa)G4Jjv{8_px^K5*N@PTa< zS*X7(dF$0w1YxN`Z6P+(*qUdk-KQ!fmi}Vj!nVxBI1a+m3cbEq&`DDqvJpj&57jw~ zQ{ldCMq9reA*I$J{q|0^vFR!|j8)7g5PE$RQ1#%5p(0E{I2Tr zf!e?xFrl-6GsWHxIHAp9E!;E5-VUj)bFJsfcZA0vBY}!1>@$*H-`@4mJK*KQar9E9 z*H`;eqVDPG+G;v`bTp%bCa0ONw#9hdRjFXou$Yg`jLl2SvB81doGrJj05>7?2~b?&pO zCo()VjF*+C_JlmU5)g&khk54chC)ynB(Pw$VUI?kK%C5FW`gga&R0sc?? z@6(eJpBs3n(TKFF=kB~Asf{2u*%)%RMqDW!WwzpN$&JY@N^;tE2RWzbWHIVm!DrElkVVek1oMOe6#2!RGXYHL2|&nvw8-cZ4-xFw|XNyzqf;f=jy&XX@MqcBnNGT}LA^nP8ZYtV1d( z{RSV5AL&kp6nNCa3AM!dwq{Iv5s&3bf9+w+2hxNO8wFC;;X2r+7JBQK zc!EiFrzPC)roYB<-Y3aJk?!e%8^8Nw=M*vD$2{!PcjER$41wn985f&?j+MM*lMrf- zV$C1#56x{J#KH>JxNNPPJ*+E_MHupuT$XlXYab!_X#TbZZ$Tef<797|jRHxM!iX`h zZu$*YwwiHapC($}uD!aXUaTEWI0i6_@AA8MWt&U?R?n9j$w%t`%WUAj#=RnT~Jp7t@v;|G!0u#prw-kF0BdZ(DVf;Enrth?BOE+@+g z7Mj?6+y&g}OVylT3ePsI|49;fb8(8<%GTaq%`_YCS~%btRPyqSqe}Y2LKR|8_crr| z3?>O-w{`m0Gk}wG{q-Y!@*c|6Z`!Kw;%9gs8I?TGSTW4gIe%>~Yw*P9`h2}n5GpF$ z<|Nq|tn3rcd8_MWTS464(czoL+@fP;MO&eCuUbImSHI+-CTqw|27{x+aoYk(o_{Sp z5!q~t;PT-MoUB;DY`tKK;Ki}m-4aeHZOmoWzrpDC~O#iI@PW<%MYY z>A9mNKG+lFZv$S+j1O5?!^#R@|nkPkPk54gTw_x|32w_eYFF0&6V#up*b?+myvh8y5GWFZK+4ylL!fX3>A z>jg@LP%xCza+rkGZoZ99>ib^sbnSwQZyq)9DeEde*ek6byT1FcxyJ{uIU4!^WQNK4zX0Ld>!+tYw#8Fk!hadfwZR-Z&-6j_Qec z;8L1sz*HswJz7GTE!W)~`xb;V*Cf`A(5o`J5w3$W89hI^h(r|I54{KIZl4p6Aft5kWt~>2YcLM=v6$ajoq@ zPNgv=_5N-)jih~^uL0((Ff)EuJAi6=iRQs2Xn{7;#%QO2yCnVhG}}}mch}bT1r4lX zwe;9U(WUR7*BlU~{p$oPD{bbqVFPtp2y$5>f&9+;XA-vqRCY}wuNluWuo&~h^aqcy zh3=*g_Ed8Nlhh{V<-zUxQnXD_%$%z3=>F(E?-a8&*O$V*k{I9wlfnDj2jcfF*l{09 zN5v~LL!-oh2Z3>0ZX$l3^`fk`G`pbu@F#QNSXpuNuO{C}O~PMtNDCG%`Lrx^9SWq0 z8a~LQ$V+B3)p}JVAy6A4%jWn8Y|a0XCC{<^)g784EVQQNdCs>Z zM)%ZlUHVxV@7d(&b9Mkch_HmpIwAd?581YCK{US)O~ivn;hzjY4!S_<0S!OK(TeP$ z{_wG}J6XKc2FsNTJ{i&j<{(R%&4N&(M=ZEAymrGfk~NT9_y{%Qol+%jqnA&k*@cmv zJp?-Wv+PdL7Mevvn}>cRjkJu;{&l(`j5o|qpwAkO1lj?zxsz-$u&U~Dn!1Py$c(m3 zbv{Juk=pD-`jlY?yvYR%$6-#nP z-z__kIS3qDQo4kD<&s8gkVQvjQ#C+Dt;H6|8BTi{l(W&x{tDjvP_Wf&i{oy#Vae2hm-CX#!x@C zY;u+o)L3R4p6O4XfP8*$6q0$5bX6|V@+xJc=Ls0Hv(+~n>2f2Rawh%$7(^FhtoVJ@ zcf0<<5<)kDC6x&-R#%+$fi5&NVois&|8C`q}y4~Qu!cDhG-LnJCC z3fZ{6i+Kq6g82*r#Dt*QgbsV>XHuhbCGnj=M1JQVovRJOA(pLCAy{Yf=Nu~wT58#@ zjE{6hdCK9F@0(jkvHfm-$SNM4ak^{g#{yKd273n(5tAa|vhc_EVl(D{a*?3E6A!T5 z!{fWO392b7(*zoo%AiFX7MG#9^FYBy-x#^v=8pY8ZCraiR9hR~<2H;5!`SWy$C#9B zXhumz9jQ6);~Jg%$gNX{Aq|cBL=(v+Gup|W8C~U;I)|tzN*I@Pd|gB)a!JOu4(iNI zUpmt{d;i|wUVE+eJZt~ZEcPlrB^zFks|r6nwnK&nf%=Uf1SEv;eJMl0Z8Q1fG> zxY1Y#LiD}<_LRY3m=|H$2Bv+oknLdD9SUFJ?%!?Y6=Y=b%SF9~v0AEo_KxxVER{8$ zT4fXI;kJ)MVRmJ?oL72-pX78G7F9orlXO&+Y}Z%zAKP?ly&7+g3yN_4sitX1|JZX8YDm+CTbwi4C7gj2X zreyjiwZ`y9xnE7m2KlzS=qCq{-+-d!8|B%p=ZtU}lprqrYeOF>H3RrurRHFTQ7=JUrIu z#fnQBfbcT=X$ze;S*(xOiPDX42$-mmfi&*(CF{Ci)0aLY)U#7(f3?}MSfKl0=>>Xz z2ZwQEIjUwVrsQKo9u zG4naae4mVXV*wPF7@Amxyt~$OhHXYypk|mRM#NoauK!Ig!uLg>*HcVPP`gYy>5^9V z;gtPvcwsc(mibKussAx5D&gT2rUUFrGn;Cg?2&cwuAqu6*X4Eo)9WbCU1*7EO65%7 zi_FJur``^Adp5p4vnAN7A|fPS-V$qh`1+;1^vU_BzRo$LK^G#E7p6*iU2a3J&){pQ z+u9$OcA#^>_PN1FHx`o_V!so0uQumAD;~cD%&5U>6bT*3x<5d&-{<~B^+}2TN7Z+% zAAcG-S9ZXm=F# z(y;yr&7iAFtz6v5dnX(3<#BF+up>h+1f$C49{r=i&h=G(<(yn$|DFfR z*=8fSg|kEdb1t|oUTS29Os&d<=9>^pKbxWg!~BXLCQqCv7p}akJEY|x`^;vq0PdHP}?0yEa+hH;55Aq;r`kpr1YBDe?t(%^(NH}%}G+-8ytsSlMN@iiE zJDqaP?~|))oElGa^$sYa<90ZJ7r!tsic-Xs+_^8-o0j$yHGor#E`Y;DDORwGq?;<%<=tkf%KuF55czTt86b;I%u zr-Ba=?UWORT->MC`~T?I3gCZEyL%0x4kIz9&Go;KzA8tkizUMt30M^< z!wf_ieNW7b8|#;{Wf8@i zRaO9CC3uKJF^qakq|U!pI)6p665@~|tI0z)CqPvp=3Ch_0BrjT;6GUjL{J2SfG(Z@ zHFN}jlB^@X_PjU%T#yEUts)ppGZBm=q>u<=gzJc8-iTlfEx*GEGIAt^89C5BxB?pD zixx=X1 zfspb1U2P#T9AQ?Fe>{J$1>pjP3wl#i8FF~dztIVYssuyYbx=nj8B{>UG*AsKDJAFz O`8N&@0E8rv|MnMd*5<1K delta 17237 zcmZs@18`tL)36)cwr$(o*tTu+#I|j7FIvV&@GA7MN*anhkyh5&y%C(qm*gf1y7hNq6vkR{jXI(*s<39uLlJ*Gr0>M z53op@gd1c*k$eh%7Y`&6*OM&k)^sMNY1okcHmWPnZn3WZ;a9o`-j(mh>t)$K!cBbv z9UyXrf7dBXnp|S+=O}fs?R|ZN<@*S#npW%*%5;sIot%e3e@ApFq7P-nyJW}3Xc)~5 zobj3`%~Y;AQ3Okt#aaG5qh#hYo2_cM1SA?QzXv@S7@R72_|Ro05wtMm^LaH1X=UjC z{IMNX9G z1OfREtpB57=H%#TVdn1Ca-&hs31Q+!Bo~?;8<`yo`VX*wfd2#HACUim`UmtsVEzI7 z54eu(SolOH2-AO~A{n~i|AFui#D5@lFmxf`y+O2mH~rQ@){fG33y~8n^DT0x67?Tw z|3Lo-M#oMirZO}H|G&v~a5Q2|D#`j&*t*@t!f`9`n zNY`z83fO+Sg??C6Dzvin^z>rOy@?jSc$<0axqcJaJ`Q|Z{>tZrH>UhV7o$g-7G+1e zzriIE!vA?J22}kjh9P`Wg+bn%?D3C!B0Aco7Z4a6((-x6Lr%QA(S}Lfk0vQV*sCT< zfN)8xR)Th62(l96Nf-xF4Eqj39s107FEBiGN>YHhhXDL5^igKRZv+fs_J&Ce;r0$e z`cTCX8X=queEiviw7{P;g6=*Ud%<*HIR!DbQe4*o^{MEv48=)UwZ(XEF?{^R1s4su z@-%n4t;X_oNQekZ@vVwlFtQK7G8ftg*;a1rGxxCeP#y7=#f2>SLfml{$Hj-TAUjJG zld0Yxtf$Tc}Y3+HWAm3it6Sx%lSC_xwO#}5!uz| z>^^ruY?|s2besbgUB&B#w0*W=ThG6JWDMz=G$~Y9Q|UWfg?$#+J@5P4WF~~V2aV0J zzH~(#;~%D?5^1@G-L61NMyHts#L3qrj=BkZdPdS@q^?1`NNtk@nuwsQz-BRhqSYlA zUVf}u>obWM`#oJ+N6@s#ABwK~y?_6`;aU?=)!A%@u|bs`xAdA}zc-zH=WzI)L;03C z{s&W>6vW`P)l&BfRzjK<`Eq4E`(SwfN3zPEq$#v}d{P$rudb90hVw&=D^gIm)R<(I z@@R!-lW(*>r2?WVkMQra5zwbPTxbi8w)Sc~&zoO_lNVgGJx2mE+97``AJH%%D1J z`JZBiantAi+1m~EfxRkX`THDsUDZkxVb@7xdb^gTi5|~wISx-yE#soc|0K?8y7@ApwUOWIVD_3w- zmZ9RDEIavw&=5i{?TP9D0eYQ^T=EWDftIyPW{Q)*((@7JI3eteBPGeP=3N~1 z$t*OgV-F9tHtW{54z(#G($moMW-huG{5d&_c%K>~rG>W3!46PoEm=}6!8O3I6ic@+ zty+_BTZ-IDYRQ@1GNpDciLi*KrIu(VRV4J6PzE%2Pm$d*`wXUzo$eRsc5%Jxd~RZL^s!So~b?az1%d`4|U=l z68xnl$p?Lp2)O_A9=x}7S*C9tk7YsbR%;XAwf6J;JGX>(Cp=g~KxrZhYX8tRWLiMKDNwBW-KXI@5$AnDZsk$WEJF1T6&uRA8Jp_i;`@ zHYMVm3(|!b$>aWLaqpXHIOaZ*P(e4~#fN&J$}{Mml{?}?&n*ZKu*j{RGb1m;*)03A zj?ToyJh#C9pbpL>Ip@RYI~uC}KD~x(XHuWShRdt)_&yzYR|)u(>l2-4J9bAIC~k2a zUp|bbsO%YZF)1kfa}2+;ya|4Nh($=C`hHJ$Yuf8$T1OZTQwcf>lN#C-9<~z|~ zKrl?3sVwZTR}oxybYXjd*>wEssj|{cJk$bxk4-yWZB@C-XvC!3XZfBx=Ap`0Jt0*Z z&>T=BBWpmAGX{*c{Ara`1iaRkHi=|3pfS~`7C-fVYG9WmW4@oxn!u)KYbqxd=X|E9 zX_ZjR;69n#8SYLkW!Gox)^Ikuo-AqC`_!{{@IN3~U9}#C|0>iKj9*=#Q*04&v$%(a zk*+s0;Lz0hRen;T(u!OJ?Q|@xsGW%DUh{m%PQ$;~*#j&byE1=Zp&at57d0ZUnw16z z+OvJf)$=qB^4topM{4%?RUg;M*+C$!L!>)a(m+*U#{m2ImsT1KXzIoJUBo=+$~-rd z9gM^}=YZhuhjfDYDKgnB(j8^x1zW_;C*oyXi983#Jcmdb#MB<7$u?(z@IVFS+k*Ij zg@4I^%LE9wVj8xtqUXj_&bj_(<%Bayq}^D^WMWc#XAFic#DszYS7uBI3)Y9x)eJUvs)Ipw25W5^OQuOuDyqsjv5-*A zkbgts!jZ`YT9JQ*;|$+$*)VQAo3$p+C62Wsx(axa)@;MxhiOuiHP%0r(1hxEHOA=0 zVP`j6!Yv)ZQ6RHqy^2(MFy)9gXorwu(uzCfGK%9gjC->h`H{)0$TH%E?ouc`g2z0< zAGMiJ$HT&Su>j#<{kPdqTMt|HK(G zjQgh%DQA4)&Jy_hG6^83E5zHQ@UfN^fjD}d*WGp=i3or;s`%f~OJ1pG>OT+G(!R))lWKp9Gr&c<(l|Ruy?z7(AyU@+0V!e8V)kR!w+nMwYe%N~UYjzriZO=CoA|hQ1P4=Yk@~ONt zS6KsL*3bsMPpK>ZjrBT3pOfOe$e03Q-c?7U2gMPQxF!; zO!C9=cbM6I*`6RALyAj7I%oIXx2Yf74(!bQ-;nqms9awt8jPLhFdTD!m5iC@Dqo?M zaFKFEQzn=H^=j+(DOW&IDoO4m(^{LvvwETO(>W({YKGkT8wg`VIaTa_TDzqg9~Y0Ig9_^C#3iy2Z-Ft ztm??s-4_Mf2}Ng^RSDa!vCP&alkKWuy(#VcVI8pfLnH5XYq-%2ent1E8VOyCe1hc% z1T9<#e}Vt6nF|B*9|N!@8etmtzf3_=U=(o}8w3Pa2n0mre@sER%%VsvWMEnk)?a;j zS@?LG;@aY_nI+8PH-S!zXshjfkO&$Yj6#SdDO9yfihN4&xO^65l-*^?a=WcwZFsva z_o?sOxVp9M9#{R+$uT{4z!DAr9k6P&V zNIVf`er;Vp-+;+$tNZj!L!?&4*T$qqoCm)A>XQtCQ%S- zHs#u$_UIeysw5TmSgQ|IVaAZ5kO9^V_ley?r^s=*n1>1y^U)&WYXe6Hj=sHf^g#In zU22K`aXFLW2qu&6nAM4YMQjF4M+c67hG=BDNBb1N^l`^o&&G~hIp9$+kPg+DG@rg8 zw7sJN)yU-?-&(UFp`RJL&WGK2>>J9B^Uf8DkKjAKBNdv9uw{J%$@U}`ntS-i)VbFG zkA6?|AGa5>t0dEw2Lt;Xtk7-88_I>Vv^`Z?e^vL>jmr|QHMd03eyoT}(1MkUmY>Ff|J^s~WDKSDqZh+OiNZIX*2 zrDZ~A%A7pGRP9!^)sk^(8@Oh9#tYrHx#>m->=?LCzSpn4_kikO-8naKFSmZX^bf_S z@$MfWcD{}GPaWVse;36zpciO7L_U2t!8Vxf_;!m*>zKaB1>n9_EqTf{jSdsuI?XcGOQnJ2Hf$AHrB zllu9w64W0g2X94zGP1qI5xNx}MEg4KIqbw|(_m+7$#E(wD}^7>dJNVuVebmJ!AwBe z@+#)TKTHPt1_g>~Dbb;(gd{Sb{%=l1Msq~5#FBm-1EHU_& zTWu0;U>+rE#Cd_h2w~?kX0&KOx}{c@0jk{o`~>BTB7CImN$=Q7mt6-oMEf^dc#*@x zo_S7zBcXUGEW8en)DLtWP16mxR`0IAYKcsBdkEwCQ;eK0`LB& zxfQSwd0CFzFlom{chZZ1Qpv^WaDAa&c+-D%Bn~} zjp!#ZYKG5}qL+E$JXf42c`oJe1n9ty=z7|M9)l8Xh7MBNUX`7^)n(D4Z&+orgRN^6 zmK8V5EFO+^Qk;UfmSRWgWvmd_;a{P;eEs3o1dj*VvyeWpf4s}o8c`_ES#R#q4ZWJH%`&t#7Q2IQT;%l@1q9gL)cV5uFBZ|8vEE|b1JXUZteKcNUI zu?;kA5$J9dP!}?cgS;e#r4h-liW8pxT~A&Jvgc$mK2KcVVao zXZ?mqziw$y-iyZHPPtNv_rR%ubm9nh{BHVGq7raEVbcY#6PXHE5C29=cqf6gYfxe* z0gQNLqzH0Wj#LKvUisJ&rET1(M?dl12OmiXT8z3i*Fou*A{psqsQDChdETV_oOc`m zQT3n^{1>h%g2XmaxXvgbm6~%T!Bx=DUgL{LLh+FMj`&$2!#tOmZ5c0H!HYD9@T``` ztA`lz&N`l>7a_*F-H-e7iqx5YIPt&=3Pwd}Z7- zx@}rcVfVpmL_*{DmLbDDzSV<^L&Hn09k&_UQ&e_o!hmQehKC5G78F|rC!IO-V8u)N zhsI}Iz&F4A34fOep4n!7k@;+pDWu#$D`0!^dk49)tXfWQ7K^aaA_ zlvrV_+3A#8cw_|}K#}B+_gTF}egjnqOemBlvc5}vc1$(eA3)+1FhQ!X3?qrZSqFH?u&%yn8)`P$@BE*=I4i`?uo#TO1McfQ%#nIN49j#! zt5K7F2Vy*N0 zyH|BDQyT!>h*q4I28y`$tAyr)F&2{}cBqw}3SxO~V*S22HeSE`|zDCQMPjP*IXu>xXkaQJvrG z&&H}0&iTz=>?UV5Jf9+aeQ0G^eQ!tAKNFdKWDb~H(t3}}RI$6=S>FNAFpKM{f%0?Pe{9lRYrNZhTU)!zJSLP!hS5219!u6!MLCX||n)7E;eK}L??fG+Rw)N`(BX9+> zOH*Xrh?SE~tet29S@Af5d5wigo0h)=zd<#5xK0%4apaN9E-;d2?&|^BB*MlfuXMj1 z9cA+2kLhrC9W$q^r zCUx{|!okxYcWh}Hn+85cv5W*%0zKC}cw7ykMuJ#D4!@y>0s@Tn=25U#D5(W-*$_zt zLxQcGIk2sMC;u=pO6>71m4`h@HuJS8pUGjlg4|q5JgmIJ>^P!mj=Xg;c$sGv_BQfD zOH8Hh_bMC&w=}b(+i@JvYRKy<#Qr%tK{H4l6{*JDcGlXZxx(A_rk3TRlZ|CT5n z_H~~{dKC|73Y^4Wv(3#p!a@W5=JW-)=mj7LjAbXnxiRjaWGw4yz1re?_r@1o8T}#{ zEzg_1Z6AE5R{su<&L-REIi^Hns`xW}A9AV&?rGPwDrz&W@un!uA;|(oy868DX-oAv zv+cr?(1852xwCY&p1{2XfF%EnR=wK0TB?YpsDVGpC^^NFfe7}+uO@Qk)h_^Nn3Lu) z1k(Yrv8DMd1;K>nmVx7yjWXjfR`+Q^av1kAa07GlXOn4PkUqJV(gN*RV{7}6ULYFY zu-Ko%qKaQ-c9Iob3inwT2X(Eh&mz{+-nsoHq91%qCy6h<0b+zQfWp;JYq?cRGo=-D z7JoItzbGnQ$=09dHTAzA>LQgVRV1)=;n^t=Ms;asb`PK!Ge(W{*aBOjc&*`GzhicB zLDLBr-?L2fe+uyB=lzmMQy}U}cNG69wYEtM|9h48SHAVBto3+-;Z<9fKj=2GvbCG# zGdj%^Q(@rAvkP3%3n*!a3&^=)WW*=EB;q_yr7@`S!hP17t5nW)oGwvXw2D%{Y;n(A zzcqZ#Q#iMGts+_lb#?#IB1Q9dMbT@|d50xA*=k8?6Hw4+tTM;(jWjnZGfhy@(&l9W zb>ZnQuX%Lrw?gD3QVOd)Z@OaQJ&NF=3sPz=+hnRo)SZCN8$gTQp~`m&l1&Ir(`XiU zw+T6km?s!Aw<^_lhhkP6|mmgw3zp_@L-bD1nr)Gm0fjNfm>d{FdBGg?Ve;g z-fnqa?wid+&Fj*T!{c`G%jeQ>aV?)KV$(1ulkZ~Kd5u+CNr@QKgE!qfw;JY9Z(di? z$DK*{7!)s^11Qu~hOL*FeOZFD@LI6#A|UyZT|@egx2|M&N?TJZJm>2hezsQB;ljju zV`{5fqYLSgHfQ!AxeiS;RW7`cc`~^JhDo^;xvq8Ms6uP|G}jA;v2<1X1{w)%@1e&L zA!-I8*h0&EjYzkADw_Xy)=;0Lt?GnjdIf2b!2v5n7?6Nw5V$D}LL-DHq9?3)NuN=L zaUUQG;lc8ZLcorn+ncBZZ-p47^~|K8E1!u}aihqwNYeI!|J?1Lu%{VIH4qY$E6y^u z$l%DoVvjhTl4e&6nEaAj4!~N;%a?j1m}8Qk3#^^%gJzqIgjzRIUFit%C24z`YwyEM z%CL522jt^V#KwAcrt`!d<_0C_wD^}7sMbXYPc}nVESH!@&J<(j%H82ThJJM$uL~CK zhq}Cqb`Yoe6^9G$xYRD3kQ{~_bv|hL;;jD$0TmWY4AFyrMHZ9ODQce}>ZRv>6>-Iw z_=b07_P}|lTV`oT#3^^bro6X$iqF$w?GMVE2$)Xl@CB$dYPR^> z0XFeNi+1ak3d1S;1_T#la7vWMh93hpbgxv|AEGA4>=8-Cn0m<%SJNoCfWA1$iv&y` z5x`p&VbmJP?L$}JhD`6(qkU(?F{TQ4lC4qyYf(*Cp#E{pUe$+8(sU%sEQ3N&cD+u* zlLav#iVsopdU(JS6K|#dVZxROc8)tLazguBK&a~o$vUtVqWaBypr+H0Mhk4k$Ir&r zM(0KR#vS5m$E8FruY_`52Tkq-D(!m62G~+^>_ScX0jqc$D$8aSdO#2tNZjp7mqazw zDv}?jp`ch|vZDVAD(FxsLwyO;*$DzZJJ-_Q(gnIX=-f?GqXMGgxLaNQ5U9&4PY-Ef z2I3c3(mc_tyVELVn!D?ARnFj*?ylZ#$M6m}(kz?l+dRRroxZBx)wwgl4Y&`@ zWv*>QRL~Xch1iXSfK-aewd{~(fHR&aliN!e&c*4MAiB7*Z%A=#K9Dh=44FWY5+~33 z64=05!cq}v8z>1wU{W6))40P>xnl4UxZae#xBt1DEGZI;t0==lp;orC!>{>lSDY2S zOsikKm;ER`RM8ReED#DTP!#5a1EzUW)G*y$f8Id8HpS;_xxj#Ldy-gW*d$R^er+MtYfsgaM{u3LIcEV8>Sm*Z?tMKqIh0kha^C z(m|6mxv9dIObMFCsjM*hIgQdC>LV}E1X`V&cdM)=?OR~=V(dLqZQWIQ7)-0)&r%Q+ zMtMxpRLT&0IWPsX;CMztohx{f2zcZLw8Ie!P+P3y3_*Fu?$fu4$#`YE^1z_=pbdre zh$t6=WKYUT0;L(!uC-KhpxNC=znx)U6}+A zV@RN5xZ_nA)fMz>e>lrChx4aE(kGkqE1mH(p5OqU;P{KPX~{LdNwm^X?mOJy)Wqfd ztQVRGfEwl2?%^=lmiYt9dJM9^anb42YcAXQLr|3&yvIp8i|wZFtHv%?yU z+A2F_5wbHsL(Qp=YrhH00L$lX+|A2*FOPC4Q!*~x+rdw|U|v&@OTJ(Zj%?YXcGkF| zr;CIROLbCE*#$jQI2sM8esTFKm6^<|w7!3;lym1BG!CYeC3nke8I=$2%?^r`w~qP#cij?(+YXn?z4 z9zM9t)%b(~D5`{dmZ7-WDG(6N=OeDo$x{Lk*Ld(+A}Df8h&fbLrq_bOh<^|Lv?-*F zTWfBfVw=5;r0HL3NKpP&BPq>aN{)e#II@VzDsy5K?EEEGDf+G4SiqN*p@o~bBu+I~ z6T-7`q5tBz5QdMO6V>22| z>SCN3eQmog2MOnWcr{5m#za^_|936~+}#4rK}*M)-rXo(O!SJ-li{k;feveu8#T7p zgb*#Rc?W;vf$ud@WXtI%)mNz8x`{4$>bi(@HE#2X6|{p{1?Y29{zX|WPpqS~Il75M zFtRf_;DSuhQzM*3Gf(23Jxq(lRWtI{6xp6|(GE#V)$+E?*GN>Tjl2X!oapjHN$ zOJ`T0@VD!TI7*+svW>pBO4vt1-0&RdMY?h`;APv^ZG4C-f5@j5PVq0=4?)y~)pff@Kky4_<=m40nIcS->8hD=Kl0@_xJTXoMK6#Se7t1}>D9dIZ4qn?6 zpumE+SIy&%ih0A4Gs4R0j!`qs3tjalCs@r=0!eP6=cuMBqapMnn zBSvD2in!-XEa^wxa9ZlbFWx?fVD8ipi8Y)^m_An`;R2~kwk~NAIR^RR@662G+4PR0 zKo2Ad9bBy|5w8@<5@y#fvgV*wTTw6pr2R3*;*{^N`vw`?c6;H zice`)or|dwlm9Amfx?9xzpG{)Fb+K=v+2VgU6wv%R^VfHtJ+zn7zDC4&UW1UF7e>s zcqWAom)ho)POIZvIdpN!<$`8u=&|kLP3cUwJzFhrjoN)d|6gtblz)B#Hxh7~EbxDK zgJ3{Fg#X7o0NE1A(gyxt&VyEjL5&xD5RiOf5D@HY@lh_+;4kaK=81IuG~wz0mUJ zF#O=~`#3+s6(=vSXBGP<|Id-~Q;EvR(N(=q>p8ehO_wzk`hz3UES%sttnlwmQX$oS zIvXo(t149`;>@!T_H~AipFB~YWFbk<$&L*rC*E&-hO6M{AH1>$3t? zzYfhNo!qA7-DMzO>@~{^qu7;V==NEqY~SRp(|-5iF;OaTjfr)|{t_5Ue6#4{8K^s(nTdA$R@Sz?^ECMc9{w)+ znN)c85;XPpeViB-Nr>*JsIV}psvvC-V2=jm3GW`G3Q@o);l8&H%;Na}K2Umn(diS% z=~FoXW)1*yvgLa!K=z-NelVN$u9GTkbps#hOTKM=bNu1n>EFLoNqF~BQb>09kuq-d zSFMnvf3LFY+h2{)eyR}vO(oXge$s6xym!XX{>w`G7ydxmI|HhI8arV1;2QTmAQdon zEq8yPJ0Q+}HyfCr`uMd|nDfpqyh(B+@Yy-ue*@ezzi6dCufF4_0`&RJxbOVJn=}2~ zFUVA1^9RDP4@Oj99Xtz#;WJ-R(C>`{!0lqdo&do4;zadjz;R1x^3Ejs8u|XNmi3kS z{;u~k^W&XZh)%fi`9(wMNUQ9(GMuai5tWkM8&$bT`9s3c=B8=~ z@!5)mzYUB`7{rTtE;Pk6BbwM!pg2o7K>&YO@WR5{Zxgyun}{o{2NyG{#k!+ta9tra z%(MB5_K1uI#CXBthS#H!h?xS!_=I85fW_HppmYQBYq~x;Ta-|1UE5?z;JAuAx z`C%PL*Zf6equiP+CmW}J7=~=yu8c9MA=`Wp{4>7u2fX5jh=>to7$)QM4Nbg?DdW4u z6t-pgijbp%hK35nik$L4y3iXXZL8j}?+i;zTb4C!dij?Ig#RWU5&)Ijq0?c>{?fkE z_TbK@klCmyAJC!q`V6U=5IC~61XFR7YU3S&J zIT(r?5n_BPd{=!!7A|caMIqelR~-zx5u8O`{7C8PqkQ~fBT!7KSKJsO0YI2&Z=l8N zIb;tIYBsB7q@E}|M40IfjaU6ttmGC%QDCk2Rj_lCq4KR)r%MhqPZeQbF)_#<09l-I z%{Lzu-`xVOwIsyye4#@p|0l7N%>m2E(*sAKo=K(DH; zr>gjtK>z(chtkKdnBO@y8Zgm8k0-6d0;?Cm1xM6gLfZ{bMY1A_@_|zOV1fN6-?6CA zp|ZHN^`mkX&o$1PqQ%tkhOZo=zWBzO0X1RF_9dJiu6(GMUvEf!UA2lCffMib^-v6$nN_u@x)E^7dR`PxVBRv!={LP(pX|{WXYRKTj>U<`W7U|RaUhJ%@Smr72?a^ENFkwGh1;f!jAPB7gaa9C~>4it*pPF+s|4>!anS5 zz-|so;kONEU7EFSa(BpOs+`<^3d{GUCaSDR1*HlC$o)D|!!oz(3PI&b<*1Xm{UIoN*`~ z^VdwbCYU0>&6aeE4-}4fGLrEH*BfY|v~Ocdsqt>-ryB{%DR*HE!Eu>gjMgz82mZ+;BN!D;hlfU2*enxvq_5$a;x7q(tQ6!h?z-doRrf}oS8SOFCyJBSQ2y`|f8|UMYjofHGV33b%D+E=$WjE-{ZU1#&Y@0VOiw{X4}cf{WCm{+*HL=Y3UiXVA!H+1_Z&sOpAWJt~ zzCaT0>ZjwGazPHYZCLI-xGkqq#O-`KKXgj;X0sEtdcAHcA)a3C-rU|2+(6&=XBP() zU=7v{Dm2>ghtfg}1Uc@!*__K_k=ix!p3~JpIP79{vM1)DmQgPU2Vv zlln26gRkJ)*l=T%u2t1*kSz+hW0D0;5#F*?g{=#u&cNT?JQ0WJqNP^R=vQOgu`@}S zZ$H}$pp+DD4R*CT7C?H(dYq@q$7}W*fkMWz%}FEo*GVUru}-XGU6(0^h;;&Gg&N#& zBN2l#U4&&kWrrHUqV}rTWIV;{kch99(&lgFsk_CR-7pMH%7kj(^g_i!XX*x^Z5j?{ zd`}!T=RsW(|Na~cLF)}$B!7DtingkJm1(#iN72`pS$L};mt*P>BfKa}l8f?$fzbIM zJk}JYr%+3WFtl^<__oksRC)nWhf!vc8D|=(;-nC->ixw~V01MNFje_`sj(yfP7EPD zn}fTwg}uKaBXqg*0}OkTE6y+>+Dvib=q$QJx6b{XFy~!!e0UxR(QXv4B(v5m`3%oo zUY?Gy>)rk6QM#<3VoQHP3npC&ff5%6+H;STA*xAh1lg!O)H=kY+Zp)<-3g9HZh}PW zg&j%)SgQL20%S|}d_~cwVOb<8HQH8gZ5QueIc$8TP<<_bD}g5dEldw|KEl5B77ckT z_c>Yf4K7=LLe^9)7IKwfE?c=S7$&0WF@sxmOKX~BdA(!;Xr`$JWwLAnpaE_K-Fc@^ zXcDcB`?G(^h3EEn9ONPiQ)P2rIUzZ-(6BCh(Vp+>)Yay4x0>_&K?BX-E2OoN$D>v| zpV^oKi^&W~^^jxsX`ulddVC{YafPO=W#WWz=LUlK#vr^DN<_bL^`K+e>5!bXfWKL6 zfs@kVrbbUBKHs7p3TS7O+0m$U~pY?qcVGnJ-!HK0p&RMTVR-)9euzBtaUI1Hzs)zR89Vb|g)G ze_4a(Vo7SXsslY{BU09?wFB$PScN|Edhk=fEgf97U?zJs0M)0-!uw`!n!JM~r`@8p zl?6W>QIDEFqcL1Pti>G65ja?7*|AM8xZLrr9}&XIK~ z7wl~MOjCRlOSz*~4{!++?B!SX<0!gPb`ov-q40J=1>ZpSR9L<7SjOJWikJ8s`g3C} zZXPutVipnOQqdr1eW#ozrEya1mYC2tw-3d_RpPH}?2I+2{2rUsoUnsIYG`Y5K|Jf{Ia^&s{P z%*eCa`>j60V}OA2c*LD7*9!Z$51|#@u{YF#vjCc+6rMefS^@hxEFQGQ#)W*s}CQgMQ-v_PK-tvWu2B6 zm~!1eo{4F<8?&&GMsHuazz=TmXv95c?9|HK_nTCoTbPxZudVw=zapiBP{H6QSIyJZ zonUc3xcYWxu^r-hNW@bCGEq?8{_EjT1~i0?03Yx<=$g38u%mY0#{11g(SXt9Yv(Dk zzkA>uZw}<8(@@DWe(acruKma+Wy+h4g6yptJj_1K6Hs(-rjATe3E}AUlZ;tUmCrru$*o$cim=nv_gx$_>3h5XP2a z47&Pt_(kp@N5ZSUgg%;_L#?cb@(a~&5Aj4I1szxw+GaA0AvF&4IlhOU+j!D=xD zn`^@|Tbf`gQM%k37Rjh?G3xi}ds%S2NtiJ??WVNX`a;}oYq*b5#uji*ucUP6o-e$g zkN}uPvnL3jRagp}`%GkV#KTrlWtAE+IGp5k_bP$?7$+n}irBcJ_KXST%%`E8aPW@A zlv?YzAgP8&@3#l6Jt)oYGRSpk1&zIqRV%DW^7t=K5XFhHRhyH=QL4#jm}WcpI~&R& z5zm!~{*)Redj77rIaE;av1H(riDr3aF$W68DMC38C6nU&NU<`WLaNPD;;!6XQ)V_5 zJQaE<{oE4r(w>rOxr<$9f5WmTx)CG$dl=P79o+CZ)OE8q&}D zze$S83kO%OFbGDv%Dxo}WXGu?Ld0uV(+qNXF|_2bY&CdnHuw35h$X%ur5*RX;sR$5 zpdKAv!aogqJf>KA@V3)`+mJeqg@)(VxFKJpLP?W~3&L1l41vtRDQMGIccN7H?Hx@Q zTNyDqN)6+*sKQ@H`_wG&E2Oc{pCYcy6?k8zM3*A&YBPkP3v)c83|^)khfbB|6}k*Wf&vSW!tl?$*!~bV_e{@fLBf|I!r;#>OwVpXM$Q9;(C?7g z?~*@_TnCJx-Z8P?HBQd$n7narRt;`6ett#3e^Tu@b?!KUe^m%br^#1#{NAN7s*5FZ-T|gAJ~D^snGp`H$Nt;lLjBQgDijl{&ypU zm~0d6ENY*F)DJ&*LsDE!sz5 z&s0B-KkNJTOi{x`+8BCeU!zPnGFAl!&(PiXiL?X}n@dbT=$1|adX{l>*>BZzR}Az# z+UNB5%f6HT(zeqA>~O55&Ql2Y-}E$pgeTRwhRqNaOP0sZHxL!O>M7^mQzBUzI%~RQ z(REMu?DU_(;69-ArV>fId(9a{vA)rNk-o>?%s7F5LX=4CP)Quixnu2QKCG59wk6Bn z;FG2@=za@m&3O$5ctPk?)F#-uMFSU%!E6^VAHih-ipSX}G{;ZvhMLj8hAh}KU9=2+^YM`AuWVIRm%8#)1~ z0fbOP&XcU*`q(vNi|?Z->KxQB2{K!FkwuYQ``0)M<%73CsDuuNUpsXqNxq@#ow=PK zxl#nTFYA6pOkyft@fp@zcWc`nB%FH2O59v?FGv4F9#>{~jRQF2b%f81pep3A8iKtT zfv98Hy$SLJ;-8RI=?#NQ8Y`2tK#V3a1af;@#sbCrRYcq0ISlin&M`jGuAB_gSFJ^l z??;c{w-A>A1@1v#ZoAsLAjS~&3dWrQ>vqUa0{9?2e7?KNpCwef?T}QdPnbEim{-|^ zS%{k$&D-%oDHgi%WyQiF7Gd{}i?VWxF0& zu|Ej2ckoz;YvH_bYpBRB}-SCjmbHje{%DCU$^Jn(#BTOh*RbvhO_a$9 sw{ z^@U?C=C{Ud#WZzSWnV=A+v0kshR>%TSuY?AcO<=t^Up-jy(b@tWBzW|v`Qggek^Wu z*aM|N&vWLUX#p5vhZ=9DGp$qynIffTPZ7&%(=3tpRiS`})iii#olnr`^rA6%(=3Ck zboJWK>1b6<8V}nn3UdLh-1HtBb>)_WUQA;n!Sa3=FXcnH*J2qjrTz=iolx+#U}6$+ z;Tuu8=6JSV%j+i8@C+Vug{ zm>#b}s-uZYLG+IheDf^Lay(&_2;|_>mrwMJYeqGR~ z`vIBTQfATkLxzdbsL=ooldJL>p@0#f1bg#ID7dw_F{^ZU`DL5qk73F5ip)uvT32kK za#t@+y__v=!@nLb`OIxGk$p4MsdF8s49SN*-RRCWp;K?Vk>8%E&PUqw0&75nK~mPd zo?E;)t2OuJ@eqhv$$*d|&7yP*IseD4kP4I!6^ z-nX2w40m0Yad}7W)obX0Q(xq-&&-Jbsi8opEJu*hAS`)6ownk=@IJ&5>JJUOBU2so zV!acr5hpFzjIsK3I7*C^u2ldhWBSC zXMD`U6zRGLi&iM+$yMP=I2acoJJT9_udtnO^~!vw$b3vW^B|qa=xQKoG0@T~9n;|G zbn0C7N6Q!U!qY?VloMv%;?26inznYx?o!*Z%+Rqt z@3DXwX?I4naq}wM3xQz*F83J!wM5RAKgXAE42M$+w+Xe`c1S1GlE1^F+Z)B^#+-rg zK55r!lvTM`SH~-_(*diYwvOOtw||)9mNfm*MR~d7<-HN?b z*A)!0`_UHF<5}g&-(GjXD*M`}tGB(V&N%FfM>59AMQsVaH*qm1b-GJ!p_D`}130IN zZU&o$*|cEiaAJlGEB0Z0vpF1x=~IB&D|3FT;@{jm{Am0v(#2@&S<$0idp_ztSdIUK zB-SqZ5~Vn&IzziZHWjA7C(cDHRm_Jkc}AAi2-dJ7Ickj$H^Bm^8ekmmqr550W6p8X zRQ+`$4G5y1Pi6S>aAErhmpidwvOreaPq(f=%Q9Fp01=<(9yA9jU%eE3bJ5|7u;r&s)5 zaxQJ@M{kKMQcU={i|burfu)el(^aXdw#|Y`7cy3t(Z*!$CI&UlkJEvDooi65bB|83 znTUIL5ylEJ0#+(=KgeXRnFHCHAkEC%1^r?KPuB~l*`|I#uvVkBRkLZ|{RT42&Td($ zpcEsFtrMnJKgwVg>-JJHS^xMu{iEDzsOLae)dQ&?wa+ueu|PGU^4bOAa)*%4edm}b zy)|Xwv1t#}sCRw?e)uh4!>V3vE8fFMfaev%h;yG*03>0n@119vo%5hUbNbIvIE0M-hFMJ@3j8J5!Mslt~ z3PmG|nktxHR6!E~&3&k8=Or73##7k>ZF1~W@Hg&hA-?hloC~|r0g5n){hFVqMqq(| z0l25+O@ijz+YA@MjciSU_}~IspB=M8byXO9za24vyY+GKNPu%3JbeIp3g#G&-9C@t zSSh;&Cf?rN&ik~rUGnrf-U^{324)S#xWjcBToPk?ht(qnk03?T0nKDyRgQaLKO+q5 zj=sIDk#k?ues-+sD@Y%(7_iuzI6ruH+IN_8TUa7(8_x!w@O%Q(>&N`k1MPTw`)MZZ zdK(B-pzJB$Y(Z{y%oFs5&4>x=3}r6x25H?|@Jb87rx?WfE(Vn<9HTrlqfoiB)q9$! zXjW#>(vR1giy<6Aevxfs^y?#;DO2dcy1Vcl5+0}Uq{nxa?Kv37y4UJufVh=?`1AK% zAR5oFOosbXsp!zU4x8zS2gF@52F$8GJdcW6ub*&c7@-@+nBB5XmnWuKuMIgZ)jm|c zaiG=uErFjI((R9a!%+-kk z(+#%?$Y~)Q1=`%dfurxREISJW2uq?EWEni2v0F?Xyw88SPPdqpW^a@z_<(|};`}^a zBLhP-0}Dd~y{yC{wWL-Z~!C7n>Z= zCIvnkV7lQSE-B_WK#@WwF#&WlrWdvX{UmPyl2w?#u2qZ&q6yeAl46bl3v1}2Yl7Pa zWaz*-Ad44*b?8oyZ4={B1i2CAJOa2 Date: Thu, 13 May 2021 19:34:03 +0200 Subject: [PATCH 02/16] Upgrade to postgreSQL and midPoint 4.3.2-SNAPSHOT --- Dockerfile | 6 +- demo/grouper/.env | 6 +- .../application/database_password.txt | 2 +- .../application/keystore_password.txt | 2 +- demo/grouper/docker-compose.yml | 19 ++--- .../resources/100-grouper.xml | 2 +- .../010-system-configuration.xml | 72 ++++++++++++++++--- demo/shibboleth/.env | 7 +- .../application/database_password.txt | 2 +- .../application/keystore_password.txt | 2 +- demo/shibboleth/docker-compose-tests.yml | 22 +++--- demo/shibboleth/docker-compose.yml | 16 +++-- demo/simple/.env | 6 +- .../application/database_password.txt | 2 +- .../application/keystore_password.txt | 2 +- demo/simple/docker-compose.yml | 15 ++-- demo/simple/tests/main.bats | 4 +- download-midpoint.sh | 2 +- 18 files changed, 123 insertions(+), 66 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0b8a5c5..6c8565c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -64,12 +64,12 @@ RUN echo 'Extracting midPoint archive...' \ # Repository parameters -ENV REPO_DATABASE_TYPE mariadb +ENV REPO_DATABASE_TYPE postgresql ENV REPO_JDBC_URL default ENV REPO_HOST midpoint_data ENV REPO_PORT default -ENV REPO_DATABASE registry -ENV REPO_USER registry_user +ENV REPO_DATABASE midpoint +ENV REPO_USER midpoint ENV REPO_PASSWORD_FILE /run/secrets/mp_database_password.txt ENV REPO_MISSING_SCHEMA_ACTION create ENV REPO_UPGRADEABLE_SCHEMA_ACTION stop diff --git a/demo/grouper/.env b/demo/grouper/.env index 6cca1f1..5dbfdcd 100644 --- a/demo/grouper/.env +++ b/demo/grouper/.env @@ -1,10 +1,10 @@ ENV=demo -REPO_DATABASE_TYPE=mariadb +REPO_DATABASE_TYPE=postgresql REPO_JDBC_URL=default REPO_HOST=midpoint_data REPO_PORT=default -REPO_DATABASE=registry -REPO_USER=registry_user +REPO_DATABASE=midpoint +REPO_USER=midpoint REPO_MISSING_SCHEMA_ACTION=create REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m diff --git a/demo/grouper/configs-and-secrets/midpoint/application/database_password.txt b/demo/grouper/configs-and-secrets/midpoint/application/database_password.txt index 11bff19..0037494 100644 --- a/demo/grouper/configs-and-secrets/midpoint/application/database_password.txt +++ b/demo/grouper/configs-and-secrets/midpoint/application/database_password.txt @@ -1 +1 @@ -WJzesbe3poNZ91qIbmR7 +WJzesbe3poNZ91qIbmR7 \ No newline at end of file diff --git a/demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt b/demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt index 1d40192..5bbaf87 100644 --- a/demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt +++ b/demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt @@ -1 +1 @@ -changeit +changeit \ No newline at end of file diff --git a/demo/grouper/docker-compose.yml b/demo/grouper/docker-compose.yml index 83071fc..9e1e724 100644 --- a/demo/grouper/docker-compose.yml +++ b/demo/grouper/docker-compose.yml @@ -173,18 +173,19 @@ services: - CREATE_NEW_DATABASE=if_needed midpoint_data: - image: tier/mariadb:mariadb10 + image: postgres:11 + environment: + - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt + - POSTGRES_USER=midpoint + - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 ports: - - 33306:3306 + - 5432:5432 networks: - net: - aliases: - - midpoint-data + - net + secrets: + - mp_database_password.txt volumes: - - midpoint_mysql:/var/lib/mysql - - midpoint_data:/var/lib/mysqlmounted - environment: - - CREATE_NEW_DATABASE=if_needed + - midpoint_data:/var/lib/postgresql/data midpoint_server: build: ./midpoint_server/ diff --git a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-grouper.xml b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-grouper.xml index 74fd191..af60e56 100644 --- a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-grouper.xml +++ b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-grouper.xml @@ -14,7 +14,7 @@ xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3" xmlns:rest="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-grouper-rest/com.evolveum.polygon.connector.grouper.rest.GrouperConnector" - xmlns:conf="http://midpoint.evolveum.com/xml/ns/public/connector/builtin-1/bundle/com.evolveum.midpoint.provisioning.ucf.impl.builtin.async/AsyncUpdateConnector" + xmlns:conf="http://midpoint.evolveum.com/xml/ns/public/connector/builtin-1/bundle/com.evolveum.midpoint.provisioning.ucf.impl.builtin.async.update/AsyncUpdateConnector" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> diff --git a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml index cfe767f..189ab40 100644 --- a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml +++ b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml @@ -26,6 +26,12 @@ ERROR ro.isdc.wro.extensions.processor.css.Less4jProcessor + + + OFF + org.springframework.security.web.DefaultSecurityFilterChain + @@ -47,7 +53,7 @@ WARN org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl - + OFF org.hibernate.internal.ExceptionMapperStandardImpl @@ -246,8 +252,8 @@ /self/profile - - View/edit your profile + + PageSelfDashboard.profile.description fa fa-user @@ -257,8 +263,8 @@ /self/credentials - - View/edit your credentials + + PageSelfDashboard.credentials.description fa fa-shield @@ -268,7 +274,7 @@ /admin/users - + fa fa-users @@ -277,7 +283,7 @@ /admin/resources - + fa fa-database @@ -290,7 +296,12 @@ - My cases + + My cases + + MyCases.title + + My case fe fe-case-object @@ -308,7 +319,12 @@ - All manual cases + + All manual cases + + AllManualCases.title + + Manual case Manual provisioning cases @@ -324,7 +340,12 @@ - All requests + + All requests + + AllRequests.title + + Request Operation requests @@ -340,7 +361,12 @@ - All approvals + + All approvals + + AllApprovals.title + + Approval Approval cases @@ -455,6 +481,20 @@ + + dashboard-reports-view + ReportType + + + + + + collection-reports-view + ReportType + + + + @@ -485,6 +525,9 @@ executionStatus + + schedulingState + node @@ -518,6 +561,9 @@ stateBeforeSuspend + + schedulingStateBeforeSuspend + category @@ -563,6 +609,10 @@ true + + admin-dashboard + + never diff --git a/demo/shibboleth/.env b/demo/shibboleth/.env index 9f71d51..01d5c83 100644 --- a/demo/shibboleth/.env +++ b/demo/shibboleth/.env @@ -1,15 +1,14 @@ # These parameters can be overridden by setting environment variables before calling docker-compose up ENV=demo USERTOKEN= -REPO_DATABASE_TYPE=mariadb +REPO_DATABASE_TYPE=postgresql REPO_JDBC_URL=default REPO_HOST=midpoint_data REPO_PORT=default -REPO_DATABASE=registry -REPO_USER=registry_user +REPO_DATABASE=midpoint +REPO_USER=midpoint REPO_MISSING_SCHEMA_ACTION=create REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m MP_MEM_INIT=1024m TIMEZONE=UTC - diff --git a/demo/shibboleth/configs-and-secrets/midpoint/application/database_password.txt b/demo/shibboleth/configs-and-secrets/midpoint/application/database_password.txt index 11bff19..0037494 100644 --- a/demo/shibboleth/configs-and-secrets/midpoint/application/database_password.txt +++ b/demo/shibboleth/configs-and-secrets/midpoint/application/database_password.txt @@ -1 +1 @@ -WJzesbe3poNZ91qIbmR7 +WJzesbe3poNZ91qIbmR7 \ No newline at end of file diff --git a/demo/shibboleth/configs-and-secrets/midpoint/application/keystore_password.txt b/demo/shibboleth/configs-and-secrets/midpoint/application/keystore_password.txt index 1d40192..5bbaf87 100644 --- a/demo/shibboleth/configs-and-secrets/midpoint/application/keystore_password.txt +++ b/demo/shibboleth/configs-and-secrets/midpoint/application/keystore_password.txt @@ -1 +1 @@ -changeit +changeit \ No newline at end of file diff --git a/demo/shibboleth/docker-compose-tests.yml b/demo/shibboleth/docker-compose-tests.yml index 25a28a4..682d69a 100644 --- a/demo/shibboleth/docker-compose-tests.yml +++ b/demo/shibboleth/docker-compose-tests.yml @@ -4,18 +4,20 @@ version: "3.3" services: - midpoint_data: - image: tier/mariadb:mariadb10 - expose: - - 3306 + image: postgres:11 + environment: + - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt + - POSTGRES_USER=midpoint + - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 + ports: + - 5432:5432 networks: - net + secrets: + - mp_database_password.txt volumes: - - midpoint_mysql:/var/lib/mysql - - midpoint_data:/var/lib/mysqlmounted - environment: - - CREATE_NEW_DATABASE=if_needed + - midpoint_data:/var/lib/postgresql/data midpoint_server: build: ./midpoint_server/ @@ -75,8 +77,8 @@ services: directory: build: ./directory/ - expose: - - 389 + ports: + - 389:389 networks: - net volumes: diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml index 3817e6b..ba05efc 100644 --- a/demo/shibboleth/docker-compose.yml +++ b/demo/shibboleth/docker-compose.yml @@ -1,18 +1,20 @@ version: "3.3" services: - midpoint_data: - image: tier/mariadb:mariadb10 + image: postgres:11 + environment: + - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt + - POSTGRES_USER=midpoint + - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 ports: - - 3306:3306 + - 5432:5432 networks: - net + secrets: + - mp_database_password.txt volumes: - - midpoint_mysql:/var/lib/mysql - - midpoint_data:/var/lib/mysqlmounted - environment: - - CREATE_NEW_DATABASE=if_needed + - midpoint_data:/var/lib/postgresql/data midpoint_server: build: ./midpoint_server/ diff --git a/demo/simple/.env b/demo/simple/.env index c4cb989..01d5c83 100644 --- a/demo/simple/.env +++ b/demo/simple/.env @@ -1,12 +1,12 @@ # These parameters can be overridden by setting environment variables before calling docker-compose up ENV=demo USERTOKEN= -REPO_DATABASE_TYPE=mariadb +REPO_DATABASE_TYPE=postgresql REPO_JDBC_URL=default REPO_HOST=midpoint_data REPO_PORT=default -REPO_DATABASE=registry -REPO_USER=registry_user +REPO_DATABASE=midpoint +REPO_USER=midpoint REPO_MISSING_SCHEMA_ACTION=create REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m diff --git a/demo/simple/configs-and-secrets/midpoint/application/database_password.txt b/demo/simple/configs-and-secrets/midpoint/application/database_password.txt index 11bff19..0037494 100644 --- a/demo/simple/configs-and-secrets/midpoint/application/database_password.txt +++ b/demo/simple/configs-and-secrets/midpoint/application/database_password.txt @@ -1 +1 @@ -WJzesbe3poNZ91qIbmR7 +WJzesbe3poNZ91qIbmR7 \ No newline at end of file diff --git a/demo/simple/configs-and-secrets/midpoint/application/keystore_password.txt b/demo/simple/configs-and-secrets/midpoint/application/keystore_password.txt index 1d40192..5bbaf87 100644 --- a/demo/simple/configs-and-secrets/midpoint/application/keystore_password.txt +++ b/demo/simple/configs-and-secrets/midpoint/application/keystore_password.txt @@ -1 +1 @@ -changeit +changeit \ No newline at end of file diff --git a/demo/simple/docker-compose.yml b/demo/simple/docker-compose.yml index c098dae..8f4766e 100644 --- a/demo/simple/docker-compose.yml +++ b/demo/simple/docker-compose.yml @@ -2,16 +2,19 @@ version: "3.3" services: midpoint_data: - image: tier/mariadb:mariadb10 + image: postgres:11 + environment: + - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt + - POSTGRES_USER=midpoint + - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 ports: - - 3306:3306 + - 5432:5432 networks: - net + secrets: + - mp_database_password.txt volumes: - - midpoint_mysql:/var/lib/mysql - - midpoint_data:/var/lib/mysqlmounted - environment: - - CREATE_NEW_DATABASE=if_needed + - midpoint_data:/var/lib/postgresql/data midpoint_server: image: tier/midpoint:latest diff --git a/demo/simple/tests/main.bats b/demo/simple/tests/main.bats index 0aae1fa..cc06ca6 100755 --- a/demo/simple/tests/main.bats +++ b/demo/simple/tests/main.bats @@ -52,7 +52,7 @@ load ../../../library @test "350 Test DB schema version check" { echo "Removing version information from m_global_metadata" - docker exec simple_midpoint_data_1 mysql -p123321 registry -e "drop table m_global_metadata" + docker exec simple_midpoint_data_1 psql midpoint midpoint -c "drop table m_global_metadata" echo "Bringing the containers down" docker-compose down @@ -64,7 +64,7 @@ load ../../../library } @test "360 Test DB schema upgrade" { - skip 'Not supported for 4.0-SNAPSHOT' + skip 'Not supported for 4.3.2-SNAPSHOT' echo "Stopping midpoint_server container" docker stop simple_midpoint_server_1 diff --git a/download-midpoint.sh b/download-midpoint.sh index 5964c16..a418ee4 100755 --- a/download-midpoint.sh +++ b/download-midpoint.sh @@ -10,7 +10,7 @@ else # But if we need to incorporate interim changes to I2 distribution during # midPoint development cycle, we can specify concrete file from "midpoint-tier" # download directory by using its name (like "latest-stable"). - MP_VERSION="4.2" + MP_VERSION="4.3.2-SNAPSHOT" else MP_VERSION=$tag fi From 83b06ea76b3aebbb047ba094341fce337c331efd Mon Sep 17 00:00:00 2001 From: Slavek Licehammer Date: Mon, 30 Aug 2021 23:22:48 +0200 Subject: [PATCH 03/16] Reworked tagging of images to use correct version Images are tagged using midPoint version insted of using always tag latest --- Jenkinsfile | 17 +++++++++++------ common.bash | 2 +- demo/extrepo/docker-compose.yml | 2 +- demo/grouper/docker-compose.yml | 5 ++++- demo/grouper/midpoint_server/Dockerfile | 4 +++- demo/postgresql/docker-compose-tests.yml | 2 +- demo/postgresql/docker-compose.yml | 2 +- demo/shibboleth/docker-compose-tests.yml | 5 ++++- demo/shibboleth/docker-compose.yml | 5 ++++- demo/shibboleth/midpoint_server/Dockerfile | 4 +++- demo/simple/docker-compose.yml | 2 +- 11 files changed, 34 insertions(+), 16 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 5aa7067..f5b73e9 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -11,11 +11,7 @@ pipeline { script { maintainer = maintain() imagename = imagename() - if (env.BRANCH_NAME == "master") { - tag = "latest" - } else { - tag = env.BRANCH_NAME - } + tag = tag() if (!imagename) { echo "You must define imagename in common.bash" currentBuild.result = 'FAILURE' @@ -75,8 +71,12 @@ pipeline { steps { script { docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { - def baseImg = docker.build("$maintainer/$imagename") + def baseImg = docker.image("$maintainer/$imagename:$tag") baseImg.push("$tag") + + if (env.BRANCH_NAME == "master") { + baseImg.push("latest") + } } } } @@ -110,6 +110,11 @@ def imagename() { matcher ? matcher[0][1] : null } +def tag() { + def matcher = readFile('common.bash') =~ 'tag="(.+)"' + matcher ? matcher[0][1] : latest +} + def handleError(String message) { echo "${message}" currentBuild.setResult("FAILED") diff --git a/common.bash b/common.bash index f61b220..566bdd9 100644 --- a/common.bash +++ b/common.bash @@ -1,3 +1,3 @@ maintainer="tier" imagename="midpoint" -tag="latest" +tag="4.3.2-SNAPSHOT" diff --git a/demo/extrepo/docker-compose.yml b/demo/extrepo/docker-compose.yml index ae4ad6a..48faab3 100644 --- a/demo/extrepo/docker-compose.yml +++ b/demo/extrepo/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.3" services: midpoint_server: - image: tier/midpoint:latest + image: tier/midpoint:${tag:-4.3.2-SNAPSHOT} ports: - 8443:443 environment: diff --git a/demo/grouper/docker-compose.yml b/demo/grouper/docker-compose.yml index 9e1e724..fd875a0 100644 --- a/demo/grouper/docker-compose.yml +++ b/demo/grouper/docker-compose.yml @@ -188,7 +188,10 @@ services: - midpoint_data:/var/lib/postgresql/data midpoint_server: - build: ./midpoint_server/ + build: + context: ./midpoint_server/ + args: + tag: ${tag:-4.3.2-SNAPSHOT} depends_on: - midpoint_data ports: diff --git a/demo/grouper/midpoint_server/Dockerfile b/demo/grouper/midpoint_server/Dockerfile index 34ce0cd..b63eeb3 100644 --- a/demo/grouper/midpoint_server/Dockerfile +++ b/demo/grouper/midpoint_server/Dockerfile @@ -1,4 +1,6 @@ -FROM tier/midpoint:latest +ARG tag=4.3.2-SNAPSHOT + +FROM tier/midpoint:${tag} MAINTAINER info@evolveum.com diff --git a/demo/postgresql/docker-compose-tests.yml b/demo/postgresql/docker-compose-tests.yml index b0c2363..4629675 100644 --- a/demo/postgresql/docker-compose-tests.yml +++ b/demo/postgresql/docker-compose-tests.yml @@ -20,7 +20,7 @@ services: - midpoint_data:/var/lib/postgresql/data midpoint_server: - image: tier/midpoint:latest + image: tier/midpoint:${tag:-4.3.2-SNAPSHOT} ports: - 8443:443 environment: diff --git a/demo/postgresql/docker-compose.yml b/demo/postgresql/docker-compose.yml index 5bab706..834a599 100644 --- a/demo/postgresql/docker-compose.yml +++ b/demo/postgresql/docker-compose.yml @@ -17,7 +17,7 @@ services: - midpoint_data:/var/lib/postgresql/data midpoint_server: - image: tier/midpoint:latest + image: tier/midpoint:${tag:-4.3.2-SNAPSHOT} ports: - 8443:443 environment: diff --git a/demo/shibboleth/docker-compose-tests.yml b/demo/shibboleth/docker-compose-tests.yml index 682d69a..42ee0f6 100644 --- a/demo/shibboleth/docker-compose-tests.yml +++ b/demo/shibboleth/docker-compose-tests.yml @@ -20,7 +20,10 @@ services: - midpoint_data:/var/lib/postgresql/data midpoint_server: - build: ./midpoint_server/ + build: + context: ./midpoint_server/ + args: + tag: ${tag:-4.3.2-SNAPSHOT} ports: - 8443:443 environment: diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml index ba05efc..eb68f4f 100644 --- a/demo/shibboleth/docker-compose.yml +++ b/demo/shibboleth/docker-compose.yml @@ -17,7 +17,10 @@ services: - midpoint_data:/var/lib/postgresql/data midpoint_server: - build: ./midpoint_server/ + build: + context: ./midpoint_server/ + args: + tag: ${tag:-4.3.2-SNAPSHOT} command: /usr/local/bin/startup.sh ports: - 8443:443 diff --git a/demo/shibboleth/midpoint_server/Dockerfile b/demo/shibboleth/midpoint_server/Dockerfile index 34ce0cd..b63eeb3 100644 --- a/demo/shibboleth/midpoint_server/Dockerfile +++ b/demo/shibboleth/midpoint_server/Dockerfile @@ -1,4 +1,6 @@ -FROM tier/midpoint:latest +ARG tag=4.3.2-SNAPSHOT + +FROM tier/midpoint:${tag} MAINTAINER info@evolveum.com diff --git a/demo/simple/docker-compose.yml b/demo/simple/docker-compose.yml index 8f4766e..a72594a 100644 --- a/demo/simple/docker-compose.yml +++ b/demo/simple/docker-compose.yml @@ -17,7 +17,7 @@ services: - midpoint_data:/var/lib/postgresql/data midpoint_server: - image: tier/midpoint:latest + image: tier/midpoint:${tag:-4.3.2-SNAPSHOT} ports: - 8443:443 environment: From d57175af07db31e17a027001536d9e81ca5485aa Mon Sep 17 00:00:00 2001 From: Slavek Licehammer Date: Thu, 18 Nov 2021 18:13:15 +0100 Subject: [PATCH 04/16] Upgrade to 4.4. --- Dockerfile | 19 - common.bash | 2 +- .../usr-local-bin/start-midpoint.sh | 36 +- demo/extrepo/.env | 10 - .../application/database_password.txt | 1 - .../application/keystore_password.txt | 1 - .../midpoint/httpd/host-cert.pem | 22 -- .../midpoint/httpd/host-key.pem | 28 -- demo/extrepo/docker-compose.yml | 54 --- demo/grouper/.env | 8 - .../application/database_password.txt | 1 - .../application/keystore_password.txt | 1 - demo/grouper/docker-compose.yml | 79 +++-- .../tasks/task-async-update-grouper.xml | 55 +-- .../tasks/task-import-sis-persons.xml | 67 ++-- .../tasks/task-recomputation-users.xml | 26 +- .../task-reconciliation-grouper-groups.xml | 55 +-- demo/grouper/midpoint_server/Dockerfile | 2 +- .../container_files/mp-home/config.xml | 10 +- .../300-archetype-midpoint-group.xml | 2 +- .../010-system-configuration.xml | 331 ++++++++++-------- .../tasks/995-task-group-scavenger.xml | 86 ++--- demo/grouper/tests/main.bats | 1 - demo/postgresql/.env | 8 - .../application/database_password.txt | 1 - .../application/keystore_password.txt | 1 - .../midpoint/httpd/host-cert.pem | 22 -- .../midpoint/httpd/host-key.pem | 28 -- demo/postgresql/docker-compose-tests.yml | 71 ---- demo/postgresql/docker-compose.yml | 68 ---- demo/postgresql/tests/main.bats | 34 -- demo/shibboleth/.env | 8 - .../application/database_password.txt | 1 - .../application/keystore_password.txt | 1 - demo/shibboleth/docker-compose-tests.yml | 88 +++-- demo/shibboleth/docker-compose.yml | 87 +++-- demo/shibboleth/midpoint_server/Dockerfile | 2 +- .../securityPolicy/SecurityPolicy.xml | 47 +-- demo/shibboleth/tests/main.bats | 7 +- demo/simple/.env | 8 - .../application/database_password.txt | 1 - .../application/keystore_password.txt | 1 - demo/simple/docker-compose.yml | 89 +++-- demo/simple/tests/main.bats | 39 +-- download-midpoint.sh | 2 +- library.bash | 2 +- 46 files changed, 643 insertions(+), 870 deletions(-) delete mode 100644 demo/extrepo/.env delete mode 100644 demo/extrepo/configs-and-secrets/midpoint/application/database_password.txt delete mode 100644 demo/extrepo/configs-and-secrets/midpoint/application/keystore_password.txt delete mode 100644 demo/extrepo/configs-and-secrets/midpoint/httpd/host-cert.pem delete mode 100644 demo/extrepo/configs-and-secrets/midpoint/httpd/host-key.pem delete mode 100644 demo/extrepo/docker-compose.yml delete mode 100644 demo/grouper/configs-and-secrets/midpoint/application/database_password.txt delete mode 100644 demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt delete mode 100644 demo/postgresql/.env delete mode 100644 demo/postgresql/configs-and-secrets/midpoint/application/database_password.txt delete mode 100644 demo/postgresql/configs-and-secrets/midpoint/application/keystore_password.txt delete mode 100644 demo/postgresql/configs-and-secrets/midpoint/httpd/host-cert.pem delete mode 100644 demo/postgresql/configs-and-secrets/midpoint/httpd/host-key.pem delete mode 100644 demo/postgresql/docker-compose-tests.yml delete mode 100644 demo/postgresql/docker-compose.yml delete mode 100755 demo/postgresql/tests/main.bats delete mode 100644 demo/shibboleth/configs-and-secrets/midpoint/application/database_password.txt delete mode 100644 demo/shibboleth/configs-and-secrets/midpoint/application/keystore_password.txt delete mode 100644 demo/simple/configs-and-secrets/midpoint/application/database_password.txt delete mode 100644 demo/simple/configs-and-secrets/midpoint/application/keystore_password.txt diff --git a/Dockerfile b/Dockerfile index 6c8565c..1b1b1e8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -45,7 +45,6 @@ RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \ # Build arguments -ARG MP_VERSION=4.0.1 ARG MP_DIST_FILE=midpoint-dist.tar.gz ENV MP_DIR /opt/midpoint @@ -62,31 +61,13 @@ RUN echo 'Extracting midPoint archive...' \ # TODO: consider all the consequences #VOLUME ${MP_DIR}/var -# Repository parameters - -ENV REPO_DATABASE_TYPE postgresql -ENV REPO_JDBC_URL default -ENV REPO_HOST midpoint_data -ENV REPO_PORT default -ENV REPO_DATABASE midpoint -ENV REPO_USER midpoint -ENV REPO_PASSWORD_FILE /run/secrets/mp_database_password.txt -ENV REPO_MISSING_SCHEMA_ACTION create -ENV REPO_UPGRADEABLE_SCHEMA_ACTION stop - # Logging parameters ENV ENV demo ENV USERTOKEN "" -# Authentication/web - -ENV AJP_ENABLED true -ENV AJP_PORT 9090 - # Other parameters -ENV MP_KEYSTORE_PASSWORD_FILE /run/secrets/mp_keystore_password.txt ENV MP_MEM_MAX 2048m ENV MP_MEM_INIT 1024m ENV TIMEZONE UTC diff --git a/common.bash b/common.bash index 566bdd9..fe2b4ab 100644 --- a/common.bash +++ b/common.bash @@ -1,3 +1,3 @@ maintainer="tier" imagename="midpoint" -tag="4.3.2-SNAPSHOT" +tag="4.4" diff --git a/container_files/usr-local-bin/start-midpoint.sh b/container_files/usr-local-bin/start-midpoint.sh index 4b19fb3..12727e0 100755 --- a/container_files/usr-local-bin/start-midpoint.sh +++ b/container_files/usr-local-bin/start-midpoint.sh @@ -25,34 +25,10 @@ done check MP_MEM_MAX check MP_MEM_INIT check MP_DIR -check REPO_DATABASE_TYPE -check REPO_USER -check REPO_PASSWORD_FILE -check REPO_MISSING_SCHEMA_ACTION -check REPO_UPGRADEABLE_SCHEMA_ACTION -check MP_KEYSTORE_PASSWORD_FILE -check AJP_ENABLED -check AJP_PORT -java -Xmx$MP_MEM_MAX -Xms$MP_MEM_INIT -Dfile.encoding=UTF8 \ - -Dmidpoint.home=$MP_DIR/var \ - -Dmidpoint.repository.database=$REPO_DATABASE_TYPE \ - -Dmidpoint.repository.jdbcUsername=$REPO_USER \ - -Dmidpoint.repository.jdbcPassword_FILE=$REPO_PASSWORD_FILE \ - -Dmidpoint.repository.jdbcUrl="`$MP_DIR/repository-url`" \ - -Dmidpoint.repository.hibernateHbm2ddl=none \ - -Dmidpoint.repository.missingSchemaAction=$REPO_MISSING_SCHEMA_ACTION \ - -Dmidpoint.repository.upgradeableSchemaAction=$REPO_UPGRADEABLE_SCHEMA_ACTION \ - $(if [ -n "$REPO_SCHEMA_VERSION_IF_MISSING" ]; then echo "-Dmidpoint.repository.schemaVersionIfMissing=$REPO_SCHEMA_VERSION_IF_MISSING"; fi) \ - $(if [ -n "$REPO_SCHEMA_VARIANT" ]; then echo "-Dmidpoint.repository.schemaVariant=$REPO_SCHEMA_VARIANT"; fi) \ - -Dmidpoint.repository.initializationFailTimeout=60000 \ - -Dmidpoint.keystore.keyStorePassword_FILE=$MP_KEYSTORE_PASSWORD_FILE \ - -Dmidpoint.logging.alt.enabled=true \ - -Dmidpoint.logging.alt.filename=/tmp/logmidpoint \ - -Dspring.profiles.active="`$MP_DIR/active-spring-profiles`" \ - -Dserver.tomcat.ajp.enabled=$AJP_ENABLED \ - -Dserver.tomcat.ajp.port=$AJP_PORT \ - -Dserver.tomcat.ajp.secret=s3cr3t \ - -Dlogging.path=/tmp/logtomcat \ - $MP_JAVA_OPTS \ - -jar $MP_DIR/lib/midpoint.war &>/tmp/logmidpoint-console +export MP_SET_midpoint_logging_alt_enabled=true +export MP_SET_midpoint_logging_alt_filename=/tmp/logmidpoint +export MP_SET_spring_profiles_active="`$MP_DIR/active-spring-profiles`" +export MP_SET_logging_path=/tmp/logtomcat + +/opt/midpoint/bin/midpoint.sh 'container' &>/tmp/logmidpoint-console diff --git a/demo/extrepo/.env b/demo/extrepo/.env deleted file mode 100644 index 589cfcf..0000000 --- a/demo/extrepo/.env +++ /dev/null @@ -1,10 +0,0 @@ -# These parameters can be overridden by setting environment variables before calling docker-compose up -ENV=demo -USERTOKEN= -REPO_JDBC_URL=default -REPO_PORT=default -REPO_MISSING_SCHEMA_ACTION=create -REPO_UPGRADEABLE_SCHEMA_ACTION=stop -MP_MEM_MAX=2048m -MP_MEM_INIT=1024m -TIMEZONE=UTC diff --git a/demo/extrepo/configs-and-secrets/midpoint/application/database_password.txt b/demo/extrepo/configs-and-secrets/midpoint/application/database_password.txt deleted file mode 100644 index d71d29d..0000000 --- a/demo/extrepo/configs-and-secrets/midpoint/application/database_password.txt +++ /dev/null @@ -1 +0,0 @@ -oracle diff --git a/demo/extrepo/configs-and-secrets/midpoint/application/keystore_password.txt b/demo/extrepo/configs-and-secrets/midpoint/application/keystore_password.txt deleted file mode 100644 index 1d40192..0000000 --- a/demo/extrepo/configs-and-secrets/midpoint/application/keystore_password.txt +++ /dev/null @@ -1 +0,0 @@ -changeit diff --git a/demo/extrepo/configs-and-secrets/midpoint/httpd/host-cert.pem b/demo/extrepo/configs-and-secrets/midpoint/httpd/host-cert.pem deleted file mode 100644 index 9b1021b..0000000 --- a/demo/extrepo/configs-and-secrets/midpoint/httpd/host-cert.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAMOSkn4oS2aAMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV -BAYTAlVTMQswCQYDVQQIDAJNSTESMBAGA1UEBwwJQW5uIEFyYm9yMRcwFQYDVQQK -DA5JbnRlcm5ldDIvVElFUjEgMB4GA1UEAwwXbWlkcG9pbnQuc3AuZXhhbXBsZS5v -cmcwHhcNMTgwOTE0MDU1OTQ1WhcNMTkwOTE0MDU1OTQ1WjBpMQswCQYDVQQGEwJV -UzELMAkGA1UECAwCTUkxEjAQBgNVBAcMCUFubiBBcmJvcjEXMBUGA1UECgwOSW50 -ZXJuZXQyL1RJRVIxIDAeBgNVBAMMF21pZHBvaW50LnNwLmV4YW1wbGUub3JnMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj/b7MEUSfu3oXMfNgRwTse7 -a5UV7Jswf1M/ZN/ZZkAkIxNBevZgozjesvLPWrmsTgONi7XigJUJvCjdjmlW9eDM -lri/rkD8HuOR1DQCVKL9nvoS2c3D7sq5Emda3V8Tlj82VqfEmePd3sajx7mcTfbH -8jwAL9NhkC+WMib5IpjLGpG0FEAC0ha7Lxb+7jIiqHVJaqLXJGCyGN4mh6c1Q9S1 -f8RVTiW2a8x22G+9wnZYbkiA2Kxls177imHlhSz8EdvV4IpGw1amrEWhhuDEum7B -vZ1xQDLatgRqh4qAKLIVYeRnJ8H1FelMa90qB4G08MIPifmTsQwqJyBYaEdgWQID -AQABo1MwUTAdBgNVHQ4EFgQUqb9BteODF6wv5R57aEON/wGXMiowHwYDVR0jBBgw -FoAUqb9BteODF6wv5R57aEON/wGXMiowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG -9w0BAQsFAAOCAQEAAcKhxI+tSItrXmqC0PSmgWyAYpqbkz6W/cefTutXqhIgY09f -h0LSv7ogTahoGpyiZk9vy6u3OE9bYwxapEfa4KBjO6HxBMIVBBb3RegVjoPzjElN -BDwAx0VGFcZTXwMxDWycWdG8ql7rCZBvS50w04uTaIgnGmqXAdWWmBgfJ9cRbxW+ -JwO/mOl1QM1lR/5142NpvuUVWlmZSKEGydE5A1qPz2wpDbBR1ym1BQNS4NEqw6Kp -GSB8jKyCS1Ve0v2wVze2038Wukz02dq9uKPTIO3T+B+ibZmxn6Op/kFCc1/kK5NS -Q6JdO1B6KquGAYdGmKAcQ19mv+jqGktqWEEf0g== ------END CERTIFICATE----- diff --git a/demo/extrepo/configs-and-secrets/midpoint/httpd/host-key.pem b/demo/extrepo/configs-and-secrets/midpoint/httpd/host-key.pem deleted file mode 100644 index 5746e59..0000000 --- a/demo/extrepo/configs-and-secrets/midpoint/httpd/host-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCmP9vswRRJ+7eh -cx82BHBOx7trlRXsmzB/Uz9k39lmQCQjE0F69mCjON6y8s9auaxOA42LteKAlQm8 -KN2OaVb14MyWuL+uQPwe45HUNAJUov2e+hLZzcPuyrkSZ1rdXxOWPzZWp8SZ493e -xqPHuZxN9sfyPAAv02GQL5YyJvkimMsakbQUQALSFrsvFv7uMiKodUlqotckYLIY -3iaHpzVD1LV/xFVOJbZrzHbYb73CdlhuSIDYrGWzXvuKYeWFLPwR29XgikbDVqas -RaGG4MS6bsG9nXFAMtq2BGqHioAoshVh5GcnwfUV6Uxr3SoHgbTwwg+J+ZOxDCon -IFhoR2BZAgMBAAECggEAEIRBpjjceiku6jRUwnoYaks/nIWYQwR8AfpUTwJKR/VR -Yca097Fokm7A+UhUP3A45RtHQb0VPq8P44iv0kk24YCu8r5yFK7SHYOAZnOwU5ZJ -2jSAEPF3aM7tKh3okhuzB3dKP7u1NZDE5zAW723KUJiW7sL1RcsbY0bHBj6G+9/H -NplmsjuGt684vRBB0qOBfKF7EiG7mT69tHuNj4gRza9SMY31UtKbZdt2fNY6mp5V -HscMba7egZP+Ke0pVX4+go9j7K8GG8hYaQDLjrzlPqrxZ2c5X9cC+CRDI/CHuL/s -V/2yGZJ6n6UabwZoH83RdFrbQ94rU8Hkli6EvxXvMQKBgQDRpheNW5jDG5TfeJKh -yfKTDQqH2Tk3BsBYYBN7Hf3m7vbkzlxnAKJAoSLmtRMuoeXvI5MrhzaHGsNIUS76 -LDIZnvB7DLUxhFUZsCPkpAA1QHuTWY96oR3PHnPjpk8lSUvtbOPwDLdzVApeFJgZ -VqMNArZ7AHsK3Kkyi+f4WVQjbQKBgQDLAWiGb5dx6fAM2W6B6HjNmzjBWOuVEXa2 -76to9jzupBZmETfZgxtWUaWUDuNS+f7dtVUTE+p6v/w8clrHEhEZYkqunIOLo/UA -LFPiuoTfEsWb1rh+nsCjCgy4uimixj/bSkf7NC6NyKTvCygA1mGnVVJUEPegYlDy -LXCkaKWxHQKBgQCmyHSKL2lrJkEcOwakEU2acNCE3Gno/cT9SYmV83kvQ8JEqmrW -QqnRsp9aXIljGscapPmKsmnNt5vNp1AxFAHTYh88NRLczsMIyZj0ZwgHVUI6KhC7 -5Psa78YQQBlMt2/g9TSsnuE+rYgF6mpKFiNm0Vasqeg47uzn2mdzqlUGTQKBgE04 -JutkTUY+h1pL5vYxWKpVDfy19z7H2tFxT1FowPrBneeLSyRI88Ac5I/yLdRlVeY9 -0LOmEr5Igwj3MsKgg7KVKfVLgdo/LrW3Jt2Kt3onKNXDkoBPoNUjwH0QC0Boiue+ -VK0gR0kVdm+bXccbxR+im+NwZNE0NLg6Qqu3RredAoGBALuVoqbPPmTCZXYG328H -bzOs2aiR7BzPSVByV+qG6jW7w03RAnFPJZp7HMU+ViI5VY0wabUscMSvz5163+gM -4KwY3v9ZjZzZGukIfLuudkdqtaiVOx/KeAC0n+nG21YU+wpZww8gkfHh1/sa2CME -CWYCgOnmiTHcj83UaTqEXtmv ------END PRIVATE KEY----- diff --git a/demo/extrepo/docker-compose.yml b/demo/extrepo/docker-compose.yml deleted file mode 100644 index 48faab3..0000000 --- a/demo/extrepo/docker-compose.yml +++ /dev/null @@ -1,54 +0,0 @@ -version: "3.3" - -services: - midpoint_server: - image: tier/midpoint:${tag:-4.3.2-SNAPSHOT} - ports: - - 8443:443 - environment: - - ENV - - USERTOKEN - - REPO_DATABASE_TYPE - - REPO_JDBC_URL - - REPO_HOST - - REPO_PORT - - REPO_DATABASE - - REPO_USER - - REPO_MISSING_SCHEMA_ACTION - - REPO_UPGRADEABLE_SCHEMA_ACTION - - REPO_SCHEMA_VERSION_IF_MISSING - - REPO_SCHEMA_VARIANT - - MP_MEM_MAX - - MP_MEM_INIT - - MP_JAVA_OPTS - - TIER_BEACON_OPT_OUT - - TIMEZONE - networks: - - net - secrets: - - mp_database_password.txt - - mp_keystore_password.txt - - mp_host-key.pem - volumes: - - midpoint_home:/opt/midpoint/var - - type: bind - source: ./configs-and-secrets/midpoint/httpd/host-cert.pem - target: /etc/pki/tls/certs/host-cert.pem - - type: bind - source: ./configs-and-secrets/midpoint/httpd/host-cert.pem - target: /etc/pki/tls/certs/cachain.pem - -networks: - net: - driver: bridge - -secrets: - mp_database_password.txt: - file: ./configs-and-secrets/midpoint/application/database_password.txt - mp_keystore_password.txt: - file: ./configs-and-secrets/midpoint/application/keystore_password.txt - mp_host-key.pem: - file: ./configs-and-secrets/midpoint/httpd/host-key.pem - -volumes: - midpoint_home: diff --git a/demo/grouper/.env b/demo/grouper/.env index 5dbfdcd..e927f1c 100644 --- a/demo/grouper/.env +++ b/demo/grouper/.env @@ -1,12 +1,4 @@ ENV=demo -REPO_DATABASE_TYPE=postgresql -REPO_JDBC_URL=default -REPO_HOST=midpoint_data -REPO_PORT=default -REPO_DATABASE=midpoint -REPO_USER=midpoint -REPO_MISSING_SCHEMA_ACTION=create -REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m MP_MEM_INIT=1024m TIMEZONE=UTC diff --git a/demo/grouper/configs-and-secrets/midpoint/application/database_password.txt b/demo/grouper/configs-and-secrets/midpoint/application/database_password.txt deleted file mode 100644 index 0037494..0000000 --- a/demo/grouper/configs-and-secrets/midpoint/application/database_password.txt +++ /dev/null @@ -1 +0,0 @@ -WJzesbe3poNZ91qIbmR7 \ No newline at end of file diff --git a/demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt b/demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt deleted file mode 100644 index 5bbaf87..0000000 --- a/demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt +++ /dev/null @@ -1 +0,0 @@ -changeit \ No newline at end of file diff --git a/demo/grouper/docker-compose.yml b/demo/grouper/docker-compose.yml index fd875a0..fd57b8c 100644 --- a/demo/grouper/docker-compose.yml +++ b/demo/grouper/docker-compose.yml @@ -172,43 +172,82 @@ services: environment: - CREATE_NEW_DATABASE=if_needed + data_init: + image: tier/midpoint:${tag:-4.4} + command: > + bash -c " + chmod 777 /opt/mp-pw/ ; + touch /opt/mp-pw/db_init_in_progress ; + echo -e '#!/bin/sh\ntouch /opt/mp-pw/db_init' >/opt/db-init/000-start.sh ; + echo -e '#!/bin/sh\necho DB structure init process has finished...\nrm -f /opt/mp-pw/db_init_in_progress /opt/mp-pw/db_init' > /opt/db-init/999-finish.sh ; + /opt/midpoint/bin/midpoint.sh init-native + " + environment: + - MP_INIT_DB_CONCAT=/opt/db-init/init.sql + - MP_DB_PW=/opt/mp-pw/dbpassword + - MP_PW_DEF=/opt/mp-pw/keystorepw + volumes: + - db_init:/opt/db-init + - mp_pw:/opt/mp-pw + midpoint_data: - image: postgres:11 + image: postgres:13-alpine + command: > + bash -c " + rm -f /var/lib/postgresql/data/postmaster.pid ; + while [ ! -s /opt/mp-pw/dbpassword -o -e /opt/mp-pw/init_in_progress ] ; do + echo 'Waiting to the end of the init process...'; + sleep 1; + done ; + { + sleep 2 ; + if [ ! -e /opt/mp-pw/db_init -a -e /opt/mp-pw/db_init_in_progress ] ; + then echo 'DB init did not start...' ; + rm -f /opt/mp-pw/db_ini*; + echo 'The lock files has been removed...'; + fi ; + } & + docker-entrypoint.sh postgres + " + user: "70:70" + depends_on: + - data_init environment: - - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt + - POSTGRES_PASSWORD_FILE=/opt/mp-pw/dbpassword - POSTGRES_USER=midpoint - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 ports: - 5432:5432 networks: - net - secrets: - - mp_database_password.txt volumes: - midpoint_data:/var/lib/postgresql/data + - db_init:/docker-entrypoint-initdb.d/ + - mp_pw:/opt/mp-pw midpoint_server: build: context: ./midpoint_server/ args: - tag: ${tag:-4.3.2-SNAPSHOT} + tag: ${tag:-4.4} depends_on: + - data_init - midpoint_data ports: - 8443:443 environment: - ENV - USERTOKEN - - REPO_DATABASE_TYPE - - REPO_JDBC_URL - - REPO_HOST - - REPO_PORT - - REPO_DATABASE - - REPO_USER - - REPO_MISSING_SCHEMA_ACTION - - REPO_UPGRADEABLE_SCHEMA_ACTION - - REPO_SCHEMA_VERSION_IF_MISSING - - REPO_SCHEMA_VARIANT + - MP_SET_midpoint_repository_jdbcUsername=midpoint + - MP_SET_midpoint_repository_jdbcPassword_FILE=/opt/mp-pw/dbpassword + - MP_SET_midpoint_repository_jdbcUrl=jdbc:postgresql://midpoint_data:5432/midpoint + - MP_SET_midpoint_keystore_keyStorePassword_FILE=/opt/mp-pw/keystorepw + - MP_SET_server_tomcat_ajp_enabled=true + - MP_SET_server_tomcat_ajp_port=9090 + - MP_SET_server_tomcat_ajp_secret=s3cr3t + - MP_SET_logging_path=/tmp/logtomcat + - MP_UNSET_midpoint_repository_hibernateHbm2ddl=1 + - MP_NO_ENV_COMPAT=1 - MP_MEM_MAX - MP_MEM_INIT - MP_JAVA_OPTS @@ -219,8 +258,6 @@ services: aliases: - midpoint-server secrets: - - mp_database_password.txt - - mp_keystore_password.txt - mp_host-key.pem - mp_shibboleth_sp_keys.jks volumes: @@ -234,6 +271,7 @@ services: - type: bind source: ./configs-and-secrets/midpoint/httpd/host-cert.pem target: /etc/pki/tls/certs/cachain.pem + - mp_pw:/opt/mp-pw idp: build: ./idp/ @@ -283,10 +321,6 @@ secrets: # midPoint mp_host-key.pem: file: ./configs-and-secrets/midpoint/httpd/host-key.pem - mp_database_password.txt: - file: ./configs-and-secrets/midpoint/application/database_password.txt - mp_keystore_password.txt: - file: ./configs-and-secrets/midpoint/application/keystore_password.txt mp_shibboleth_sp_keys.jks: file: ./configs-and-secrets/midpoint/shibboleth/shibboleth_sp_keys.jks @@ -296,7 +330,8 @@ volumes: source_mysql: target_data: ldap: + db_init: + mp_pw: midpoint_data: - midpoint_mysql: midpoint_home: mq: diff --git a/demo/grouper/midpoint-objects-manual/tasks/task-async-update-grouper.xml b/demo/grouper/midpoint-objects-manual/tasks/task-async-update-grouper.xml index 5007ae4..08f3c1a 100644 --- a/demo/grouper/midpoint-objects-manual/tasks/task-async-update-grouper.xml +++ b/demo/grouper/midpoint-objects-manual/tasks/task-async-update-grouper.xml @@ -15,26 +15,37 @@ --> - Grouper async updates - - 1 - - - - - 1552664339630-0-2 - - - - runnable - AsynchronousUpdate - - - - single - loose - restart + xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" + xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" + oid="47fc57bd-8c34-4555-9b9f-7087ff179860"> + Grouper async updates + + + + + 1552664339630-0-2 + + + + runnable + + + + + single + + loose + restart + + + + + + + + + + 1 + + diff --git a/demo/grouper/midpoint-objects-manual/tasks/task-import-sis-persons.xml b/demo/grouper/midpoint-objects-manual/tasks/task-import-sis-persons.xml index 58189c0..c4f396b 100644 --- a/demo/grouper/midpoint-objects-manual/tasks/task-import-sis-persons.xml +++ b/demo/grouper/midpoint-objects-manual/tasks/task-import-sis-persons.xml @@ -1,34 +1,43 @@ - Import from SIS persons - - account - ri:AccountObjectClass - - - - - - 1535407239440-0-1 - - runnable - ImportingAccounts - - single - loose + + + + + + 1535407239440-0-1 + + + + runnable + + + + + single + + loose + + + + + + account + ri:AccountObjectClass + + + + diff --git a/demo/grouper/midpoint-objects-manual/tasks/task-recomputation-users.xml b/demo/grouper/midpoint-objects-manual/tasks/task-recomputation-users.xml index 179b565..03fe35f 100644 --- a/demo/grouper/midpoint-objects-manual/tasks/task-recomputation-users.xml +++ b/demo/grouper/midpoint-objects-manual/tasks/task-recomputation-users.xml @@ -1,22 +1,32 @@ + xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" + xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" + oid="83a737ea-5eb7-4e78-b431-331cccf02354"> User recomputation - c:UserType - + + 1571729899646-0-1 http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#recompute - runnable - Recomputation - single + runnable + + single + tight + + + + + c:UserType + + + + diff --git a/demo/grouper/midpoint-objects-manual/tasks/task-reconciliation-grouper-groups.xml b/demo/grouper/midpoint-objects-manual/tasks/task-reconciliation-grouper-groups.xml index 4e024cc..421c1a0 100644 --- a/demo/grouper/midpoint-objects-manual/tasks/task-reconciliation-grouper-groups.xml +++ b/demo/grouper/midpoint-objects-manual/tasks/task-reconciliation-grouper-groups.xml @@ -15,27 +15,36 @@ --> - Grouper reconciliation (groups) - - ri:Group - - - - - 605a0127-a313-442a-9d5e-151eac8b0745 - - - - runnable - Reconciliation - - - - single - loose - restart + xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" + xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" + xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" + oid="605a0127-a313-442a-9d5e-151eac8b0745"> + Grouper reconciliation (groups) + + + + + 605a0127-a313-442a-9d5e-151eac8b0745 + + + + runnable + + + + + single + + loose + restart + + + + + + ri:Group + + + + diff --git a/demo/grouper/midpoint_server/Dockerfile b/demo/grouper/midpoint_server/Dockerfile index b63eeb3..849ba14 100644 --- a/demo/grouper/midpoint_server/Dockerfile +++ b/demo/grouper/midpoint_server/Dockerfile @@ -1,4 +1,4 @@ -ARG tag=4.3.2-SNAPSHOT +ARG tag=4.4 FROM tier/midpoint:${tag} diff --git a/demo/grouper/midpoint_server/container_files/mp-home/config.xml b/demo/grouper/midpoint_server/container_files/mp-home/config.xml index 5a4e0ea..c45e612 100644 --- a/demo/grouper/midpoint_server/container_files/mp-home/config.xml +++ b/demo/grouper/midpoint_server/container_files/mp-home/config.xml @@ -20,19 +20,15 @@ ${midpoint.home}/import - com.evolveum.midpoint.repo.sql.SqlRepositoryFactory - ${midpoint.home} - true - true - true - true + native + jdbc:postgresql://localhost:5432/midpoint com.evolveum.midpoint.audit.impl.LoggerAuditServiceFactory - com.evolveum.midpoint.repo.sql.SqlAuditServiceFactory + com.evolveum.midpoint.repo.sqale.audit.SqaleAuditServiceFactory diff --git a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/300-archetype-midpoint-group.xml b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/300-archetype-midpoint-group.xml index e3bc872..bb9c140 100644 --- a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/300-archetype-midpoint-group.xml +++ b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/300-archetype-midpoint-group.xml @@ -19,7 +19,7 @@ midPoint Groups fa fa-users - darkgviolet + darkviolet diff --git a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml index 189ab40..9c607c7 100644 --- a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml +++ b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml @@ -1,6 +1,6 @@ @@ -27,8 +28,7 @@ ro.isdc.wro.extensions.processor.css.Less4jProcessor - + OFF org.springframework.security.web.DefaultSecurityFilterChain @@ -58,11 +58,6 @@ OFF org.hibernate.internal.ExceptionMapperStandardImpl - - - OFF - net.sf.jasperreports.engine.fill.JRFillDataset - @@ -91,7 +86,7 @@ + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> %date [%X{subsystem}] [%thread] %level \(%logger\): %msg%n ${midpoint.home}/log/midpoint.log ${midpoint.home}/log/midpoint-%d{yyyy-MM-dd}.%i.log @@ -101,7 +96,7 @@ + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> %date %level: %msg%n ${midpoint.home}/log/midpoint-profile.log ${midpoint.home}/log/midpoint-profile-%d{yyyy-MM-dd}.%i.log @@ -430,11 +425,11 @@ 30 TaskType - + - single-bulk-action-tasks-view + non-iterative-bulk-tasks-view 30 TaskType @@ -442,13 +437,44 @@ - iterative-bulk-action-tasks-view + iterative-bulk-tasks-view 30 TaskType + + report-import-task-view + 30 + add + TaskType + + + + + + export-report-tasks-view + add + 30 + TaskType + + + + + + + + export-report-distributed-tasks-view + add + 30 + TaskType + + + + + + certification-tasks-view 30 @@ -499,113 +525,129 @@ c:TaskType - - 150 + + advanced-options-panel - - cleanupAfterCompletion - - - threadStopAction - - - binding - - - dependent - - - - 900 + formPanel + + advanced-options + 150 + + + + + cleanupAfterCompletion + + + threadStopAction + + + binding + + + dependent + + + + + operational-attributes-panel - + - - executionStatus - - - schedulingState - - - node - - - nodeAsObserved - - - resultStatus - - - result - - - nextRunStartTimestamp - - - nextRetryTimestamp - - - unpauseAction - - - taskIdentifier - - - parent - - - waitingReason - - - stateBeforeSuspend - - - schedulingStateBeforeSuspend - - - category - - - otherHandlersUriStack - - - channel - - - subtaskRef - - - dependentTaskRef - - - lastRunStartTimestamp - - - lastRunFinishTimestamp - - - completionTimestamp - - - - 910 - hidden - - - - - progress - - - expectedTotal - - - stalledSince - - - + formPanel + + operational-attributes + 900 + + + + + executionState + + + schedulingState + + + node + + + nodeAsObserved + + + resultStatus + + + result + + + nextRunStartTimestamp + + + nextRetryTimestamp + + + unpauseAction + + + taskIdentifier + + + parent + + + waitingReason + + + stateBeforeSuspend + + + schedulingStateBeforeSuspend + + + category + + + otherHandlersUriStack + + + channel + + + subtaskRef + + + dependentTaskRef + + + lastRunStartTimestamp + + + lastRunFinishTimestamp + + + completionTimestamp + + + + 910 + hidden + operation-attributes-progress + + + + + progress + + + expectedTotal + + + stalledSince + + + true @@ -677,50 +719,51 @@ java.lang.Object - Basic Java operations. - deny - - equals - allow - - hashCode - allow - + Basic Java operations. + deny + + equals + allow + + + hashCode + allow + java.lang.String - String operations are generally safe. But Groovy is adding execute() method which is very dangerous. - allow - - execute - deny - + String operations are generally safe. But Groovy is adding execute() method which is very dangerous. + allow + + execute + deny + java.lang.CharSequence - allow + allow java.lang.Enum - allow + allow java.util.List - List operations are generally safe. But Groovy is adding execute() method which is very dangerous. - allow - - execute - deny - + List operations are generally safe. But Groovy is adding execute() method which is very dangerous. + allow + + execute + deny + java.util.ArrayList - List operations are generally safe. But Groovy is adding execute() method which is very dangerous. - allow - - execute - deny - + List operations are generally safe. But Groovy is adding execute() method which is very dangerous. + allow + + execute + deny + java.util.Map diff --git a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/tasks/995-task-group-scavenger.xml b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/tasks/995-task-group-scavenger.xml index 50c98af..11a3005 100644 --- a/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/tasks/995-task-group-scavenger.xml +++ b/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/tasks/995-task-group-scavenger.xml @@ -14,22 +14,45 @@ Looks for groups with the lifecycleState of 'retired' and completes their deleti --> - Group Scavenger - - - - execute-script - - script - - import com.evolveum.midpoint.xml.ns._public.common.common_3.* + xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" + xmlns:mext="http://midpoint.evolveum.com/xml/ns/public/model/extension-3" + xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" + xmlns:s="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3" + xmlns:scext="http://midpoint.evolveum.com/xml/ns/public/model/scripting/extension-3" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + oid="1d7bef40-953e-443e-8e9a-ec6e313668c4"> + Group Scavenger + + + + + + runnable + + recurring + 60 + + + + + + OrgType + + + + lifecycleState + retired + + + + + + + execute-script + + script + + import com.evolveum.midpoint.xml.ns._public.common.common_3.* result = midpoint.currentResult log.info('Processing dead group: {}', input) @@ -59,28 +82,11 @@ Looks for groups with the lifecycleState of 'retired' and completes their deleti } log.info('Dead group processing done: {}', input) - - - - - OrgType - - - - lifecycleState - retired - - - - - - - - - runnable - BulkActions - recurring - - 60 - + + + + + + + diff --git a/demo/grouper/tests/main.bats b/demo/grouper/tests/main.bats index 2065bbf..31fe679 100644 --- a/demo/grouper/tests/main.bats +++ b/demo/grouper/tests/main.bats @@ -6,7 +6,6 @@ load ../../../library @test "000 Cleanup before running the tests" { (cd ../simple ; docker-compose down -v) (cd ../shibboleth ; docker-compose down -v) - (cd ../postgresql ; docker-compose down -v) docker-compose down -v } diff --git a/demo/postgresql/.env b/demo/postgresql/.env deleted file mode 100644 index 06d99ad..0000000 --- a/demo/postgresql/.env +++ /dev/null @@ -1,8 +0,0 @@ -# These parameters can be overridden by setting environment variables before calling docker-compose up -ENV=demo -USERTOKEN= -REPO_MISSING_SCHEMA_ACTION=create -REPO_UPGRADEABLE_SCHEMA_ACTION=stop -MP_MEM_MAX=2048m -MP_MEM_INIT=1024m -TIMEZONE=UTC diff --git a/demo/postgresql/configs-and-secrets/midpoint/application/database_password.txt b/demo/postgresql/configs-and-secrets/midpoint/application/database_password.txt deleted file mode 100644 index 11bff19..0000000 --- a/demo/postgresql/configs-and-secrets/midpoint/application/database_password.txt +++ /dev/null @@ -1 +0,0 @@ -WJzesbe3poNZ91qIbmR7 diff --git a/demo/postgresql/configs-and-secrets/midpoint/application/keystore_password.txt b/demo/postgresql/configs-and-secrets/midpoint/application/keystore_password.txt deleted file mode 100644 index 1d40192..0000000 --- a/demo/postgresql/configs-and-secrets/midpoint/application/keystore_password.txt +++ /dev/null @@ -1 +0,0 @@ -changeit diff --git a/demo/postgresql/configs-and-secrets/midpoint/httpd/host-cert.pem b/demo/postgresql/configs-and-secrets/midpoint/httpd/host-cert.pem deleted file mode 100644 index 9b1021b..0000000 --- a/demo/postgresql/configs-and-secrets/midpoint/httpd/host-cert.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAMOSkn4oS2aAMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV -BAYTAlVTMQswCQYDVQQIDAJNSTESMBAGA1UEBwwJQW5uIEFyYm9yMRcwFQYDVQQK -DA5JbnRlcm5ldDIvVElFUjEgMB4GA1UEAwwXbWlkcG9pbnQuc3AuZXhhbXBsZS5v -cmcwHhcNMTgwOTE0MDU1OTQ1WhcNMTkwOTE0MDU1OTQ1WjBpMQswCQYDVQQGEwJV -UzELMAkGA1UECAwCTUkxEjAQBgNVBAcMCUFubiBBcmJvcjEXMBUGA1UECgwOSW50 -ZXJuZXQyL1RJRVIxIDAeBgNVBAMMF21pZHBvaW50LnNwLmV4YW1wbGUub3JnMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj/b7MEUSfu3oXMfNgRwTse7 -a5UV7Jswf1M/ZN/ZZkAkIxNBevZgozjesvLPWrmsTgONi7XigJUJvCjdjmlW9eDM -lri/rkD8HuOR1DQCVKL9nvoS2c3D7sq5Emda3V8Tlj82VqfEmePd3sajx7mcTfbH -8jwAL9NhkC+WMib5IpjLGpG0FEAC0ha7Lxb+7jIiqHVJaqLXJGCyGN4mh6c1Q9S1 -f8RVTiW2a8x22G+9wnZYbkiA2Kxls177imHlhSz8EdvV4IpGw1amrEWhhuDEum7B -vZ1xQDLatgRqh4qAKLIVYeRnJ8H1FelMa90qB4G08MIPifmTsQwqJyBYaEdgWQID -AQABo1MwUTAdBgNVHQ4EFgQUqb9BteODF6wv5R57aEON/wGXMiowHwYDVR0jBBgw -FoAUqb9BteODF6wv5R57aEON/wGXMiowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG -9w0BAQsFAAOCAQEAAcKhxI+tSItrXmqC0PSmgWyAYpqbkz6W/cefTutXqhIgY09f -h0LSv7ogTahoGpyiZk9vy6u3OE9bYwxapEfa4KBjO6HxBMIVBBb3RegVjoPzjElN -BDwAx0VGFcZTXwMxDWycWdG8ql7rCZBvS50w04uTaIgnGmqXAdWWmBgfJ9cRbxW+ -JwO/mOl1QM1lR/5142NpvuUVWlmZSKEGydE5A1qPz2wpDbBR1ym1BQNS4NEqw6Kp -GSB8jKyCS1Ve0v2wVze2038Wukz02dq9uKPTIO3T+B+ibZmxn6Op/kFCc1/kK5NS -Q6JdO1B6KquGAYdGmKAcQ19mv+jqGktqWEEf0g== ------END CERTIFICATE----- diff --git a/demo/postgresql/configs-and-secrets/midpoint/httpd/host-key.pem b/demo/postgresql/configs-and-secrets/midpoint/httpd/host-key.pem deleted file mode 100644 index 5746e59..0000000 --- a/demo/postgresql/configs-and-secrets/midpoint/httpd/host-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCmP9vswRRJ+7eh -cx82BHBOx7trlRXsmzB/Uz9k39lmQCQjE0F69mCjON6y8s9auaxOA42LteKAlQm8 -KN2OaVb14MyWuL+uQPwe45HUNAJUov2e+hLZzcPuyrkSZ1rdXxOWPzZWp8SZ493e -xqPHuZxN9sfyPAAv02GQL5YyJvkimMsakbQUQALSFrsvFv7uMiKodUlqotckYLIY -3iaHpzVD1LV/xFVOJbZrzHbYb73CdlhuSIDYrGWzXvuKYeWFLPwR29XgikbDVqas -RaGG4MS6bsG9nXFAMtq2BGqHioAoshVh5GcnwfUV6Uxr3SoHgbTwwg+J+ZOxDCon -IFhoR2BZAgMBAAECggEAEIRBpjjceiku6jRUwnoYaks/nIWYQwR8AfpUTwJKR/VR -Yca097Fokm7A+UhUP3A45RtHQb0VPq8P44iv0kk24YCu8r5yFK7SHYOAZnOwU5ZJ -2jSAEPF3aM7tKh3okhuzB3dKP7u1NZDE5zAW723KUJiW7sL1RcsbY0bHBj6G+9/H -NplmsjuGt684vRBB0qOBfKF7EiG7mT69tHuNj4gRza9SMY31UtKbZdt2fNY6mp5V -HscMba7egZP+Ke0pVX4+go9j7K8GG8hYaQDLjrzlPqrxZ2c5X9cC+CRDI/CHuL/s -V/2yGZJ6n6UabwZoH83RdFrbQ94rU8Hkli6EvxXvMQKBgQDRpheNW5jDG5TfeJKh -yfKTDQqH2Tk3BsBYYBN7Hf3m7vbkzlxnAKJAoSLmtRMuoeXvI5MrhzaHGsNIUS76 -LDIZnvB7DLUxhFUZsCPkpAA1QHuTWY96oR3PHnPjpk8lSUvtbOPwDLdzVApeFJgZ -VqMNArZ7AHsK3Kkyi+f4WVQjbQKBgQDLAWiGb5dx6fAM2W6B6HjNmzjBWOuVEXa2 -76to9jzupBZmETfZgxtWUaWUDuNS+f7dtVUTE+p6v/w8clrHEhEZYkqunIOLo/UA -LFPiuoTfEsWb1rh+nsCjCgy4uimixj/bSkf7NC6NyKTvCygA1mGnVVJUEPegYlDy -LXCkaKWxHQKBgQCmyHSKL2lrJkEcOwakEU2acNCE3Gno/cT9SYmV83kvQ8JEqmrW -QqnRsp9aXIljGscapPmKsmnNt5vNp1AxFAHTYh88NRLczsMIyZj0ZwgHVUI6KhC7 -5Psa78YQQBlMt2/g9TSsnuE+rYgF6mpKFiNm0Vasqeg47uzn2mdzqlUGTQKBgE04 -JutkTUY+h1pL5vYxWKpVDfy19z7H2tFxT1FowPrBneeLSyRI88Ac5I/yLdRlVeY9 -0LOmEr5Igwj3MsKgg7KVKfVLgdo/LrW3Jt2Kt3onKNXDkoBPoNUjwH0QC0Boiue+ -VK0gR0kVdm+bXccbxR+im+NwZNE0NLg6Qqu3RredAoGBALuVoqbPPmTCZXYG328H -bzOs2aiR7BzPSVByV+qG6jW7w03RAnFPJZp7HMU+ViI5VY0wabUscMSvz5163+gM -4KwY3v9ZjZzZGukIfLuudkdqtaiVOx/KeAC0n+nG21YU+wpZww8gkfHh1/sa2CME -CWYCgOnmiTHcj83UaTqEXtmv ------END PRIVATE KEY----- diff --git a/demo/postgresql/docker-compose-tests.yml b/demo/postgresql/docker-compose-tests.yml deleted file mode 100644 index 4629675..0000000 --- a/demo/postgresql/docker-compose-tests.yml +++ /dev/null @@ -1,71 +0,0 @@ -# Version for running Bats tests. -# Minimizes the number of ports mapped to localhost, to avoid collisions during testing. - -version: "3.3" - -services: - midpoint_data: - image: postgres:11 - environment: - - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt - - POSTGRES_USER=midpoint - - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 - expose: - - 5432 - networks: - - net - secrets: - - mp_database_password.txt - volumes: - - midpoint_data:/var/lib/postgresql/data - - midpoint_server: - image: tier/midpoint:${tag:-4.3.2-SNAPSHOT} - ports: - - 8443:443 - environment: - - ENV - - USERTOKEN - - REPO_DATABASE_TYPE=postgresql - - REPO_HOST=midpoint_data - - REPO_DATABASE=midpoint - - REPO_USER=midpoint - - REPO_MISSING_SCHEMA_ACTION - - REPO_UPGRADEABLE_SCHEMA_ACTION - - REPO_SCHEMA_VERSION_IF_MISSING - - REPO_SCHEMA_VARIANT - - MP_MEM_MAX - - MP_MEM_INIT - - MP_JAVA_OPTS - - TIER_BEACON_OPT_OUT - - TIMEZONE - networks: - - net - secrets: - - mp_database_password.txt - - mp_keystore_password.txt - - mp_host-key.pem - volumes: - - midpoint_home:/opt/midpoint/var - - type: bind - source: ./configs-and-secrets/midpoint/httpd/host-cert.pem - target: /etc/pki/tls/certs/host-cert.pem - - type: bind - source: ./configs-and-secrets/midpoint/httpd/host-cert.pem - target: /etc/pki/tls/certs/cachain.pem - -networks: - net: - driver: bridge - -secrets: - mp_database_password.txt: - file: ./configs-and-secrets/midpoint/application/database_password.txt - mp_keystore_password.txt: - file: ./configs-and-secrets/midpoint/application/keystore_password.txt - mp_host-key.pem: - file: ./configs-and-secrets/midpoint/httpd/host-key.pem - -volumes: - midpoint_data: - midpoint_home: diff --git a/demo/postgresql/docker-compose.yml b/demo/postgresql/docker-compose.yml deleted file mode 100644 index 834a599..0000000 --- a/demo/postgresql/docker-compose.yml +++ /dev/null @@ -1,68 +0,0 @@ -version: "3.3" - -services: - midpoint_data: - image: postgres:11 - environment: - - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt - - POSTGRES_USER=midpoint - - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 - ports: - - 5432:5432 - networks: - - net - secrets: - - mp_database_password.txt - volumes: - - midpoint_data:/var/lib/postgresql/data - - midpoint_server: - image: tier/midpoint:${tag:-4.3.2-SNAPSHOT} - ports: - - 8443:443 - environment: - - ENV - - USERTOKEN - - REPO_DATABASE_TYPE=postgresql - - REPO_HOST=midpoint_data - - REPO_DATABASE=midpoint - - REPO_USER=midpoint - - REPO_MISSING_SCHEMA_ACTION - - REPO_UPGRADEABLE_SCHEMA_ACTION - - REPO_SCHEMA_VERSION_IF_MISSING - - REPO_SCHEMA_VARIANT - - MP_MEM_MAX - - MP_MEM_INIT - - MP_JAVA_OPTS - - TIER_BEACON_OPT_OUT - - TIMEZONE - networks: - - net - secrets: - - mp_database_password.txt - - mp_keystore_password.txt - - mp_host-key.pem - volumes: - - midpoint_home:/opt/midpoint/var - - type: bind - source: ./configs-and-secrets/midpoint/httpd/host-cert.pem - target: /etc/pki/tls/certs/host-cert.pem - - type: bind - source: ./configs-and-secrets/midpoint/httpd/host-cert.pem - target: /etc/pki/tls/certs/cachain.pem - -networks: - net: - driver: bridge - -secrets: - mp_database_password.txt: - file: ./configs-and-secrets/midpoint/application/database_password.txt - mp_keystore_password.txt: - file: ./configs-and-secrets/midpoint/application/keystore_password.txt - mp_host-key.pem: - file: ./configs-and-secrets/midpoint/httpd/host-key.pem - -volumes: - midpoint_data: - midpoint_home: diff --git a/demo/postgresql/tests/main.bats b/demo/postgresql/tests/main.bats deleted file mode 100755 index e5681f5..0000000 --- a/demo/postgresql/tests/main.bats +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bats - -load ../../../common -load ../../../library - -@test "000 Cleanup before running the tests" { - run docker-compose down -v -} - -@test "010 Initialize and start midPoint" { - docker-compose -f docker-compose-tests.yml up --build -d - wait_for_midpoint_start postgresql_midpoint_server_1 -} - -@test "020 Check health" { - check_health -} - -@test "100 Get 'administrator'" { - check_health - get_and_check_object users 00000000-0000-0000-0000-000000000002 administrator -} - -@test "110 And and get 'test110'" { - check_health - echo "test110" >/tmp/test110.xml - add_object users /tmp/test110.xml - rm /tmp/test110.xml - search_and_check_object users test110 -} - -@test "999 Clean up" { - docker-compose down -v -} diff --git a/demo/shibboleth/.env b/demo/shibboleth/.env index 01d5c83..f99ab0c 100644 --- a/demo/shibboleth/.env +++ b/demo/shibboleth/.env @@ -1,14 +1,6 @@ # These parameters can be overridden by setting environment variables before calling docker-compose up ENV=demo USERTOKEN= -REPO_DATABASE_TYPE=postgresql -REPO_JDBC_URL=default -REPO_HOST=midpoint_data -REPO_PORT=default -REPO_DATABASE=midpoint -REPO_USER=midpoint -REPO_MISSING_SCHEMA_ACTION=create -REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m MP_MEM_INIT=1024m TIMEZONE=UTC diff --git a/demo/shibboleth/configs-and-secrets/midpoint/application/database_password.txt b/demo/shibboleth/configs-and-secrets/midpoint/application/database_password.txt deleted file mode 100644 index 0037494..0000000 --- a/demo/shibboleth/configs-and-secrets/midpoint/application/database_password.txt +++ /dev/null @@ -1 +0,0 @@ -WJzesbe3poNZ91qIbmR7 \ No newline at end of file diff --git a/demo/shibboleth/configs-and-secrets/midpoint/application/keystore_password.txt b/demo/shibboleth/configs-and-secrets/midpoint/application/keystore_password.txt deleted file mode 100644 index 5bbaf87..0000000 --- a/demo/shibboleth/configs-and-secrets/midpoint/application/keystore_password.txt +++ /dev/null @@ -1 +0,0 @@ -changeit \ No newline at end of file diff --git a/demo/shibboleth/docker-compose-tests.yml b/demo/shibboleth/docker-compose-tests.yml index 42ee0f6..1079d67 100644 --- a/demo/shibboleth/docker-compose-tests.yml +++ b/demo/shibboleth/docker-compose-tests.yml @@ -4,51 +4,93 @@ version: "3.3" services: + data_init: + image: tier/midpoint:${tag:-4.4} + command: > + bash -c " + chmod 777 /opt/mp-pw/ ; + touch /opt/mp-pw/db_init_in_progress ; + echo -e '#!/bin/sh\ntouch /opt/mp-pw/db_init' >/opt/db-init/000-start.sh ; + echo -e '#!/bin/sh\necho DB structure init process has finished...\nrm -f /opt/mp-pw/db_init_in_progress /opt/mp-pw/db_init' > /opt/db-init/999-finish.sh ; + /opt/midpoint/bin/midpoint.sh init-native + " + environment: + - MP_INIT_DB_CONCAT=/opt/db-init/init.sql + - MP_DB_PW=/opt/mp-pw/dbpassword + - MP_PW_DEF=/opt/mp-pw/keystorepw + volumes: + - db_init:/opt/db-init + - mp_pw:/opt/mp-pw + midpoint_data: - image: postgres:11 + image: postgres:13-alpine + command: > + bash -c " + rm -f /var/lib/postgresql/data/postmaster.pid ; + while [ ! -s /opt/mp-pw/dbpassword -o -e /opt/mp-pw/init_in_progress ] ; do + echo 'Waiting to the end of the init process...'; + sleep 1; + done ; + { + sleep 2 ; + if [ ! -e /opt/mp-pw/db_init -a -e /opt/mp-pw/db_init_in_progress ] ; + then echo 'DB init did not start...' ; + rm -f /opt/mp-pw/db_ini*; + echo 'The lock files has been removed...'; + fi ; + } & + docker-entrypoint.sh postgres + " + user: "70:70" + depends_on: + - data_init environment: - - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt + - POSTGRES_PASSWORD_FILE=/opt/mp-pw/dbpassword - POSTGRES_USER=midpoint - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 ports: - 5432:5432 networks: - net - secrets: - - mp_database_password.txt volumes: - midpoint_data:/var/lib/postgresql/data + - db_init:/docker-entrypoint-initdb.d/ + - mp_pw:/opt/mp-pw midpoint_server: build: context: ./midpoint_server/ args: - tag: ${tag:-4.3.2-SNAPSHOT} + tag: ${tag:-4.4} + command: /usr/local/bin/startup.sh + depends_on: + - data_init + - midpoint_data ports: - - 8443:443 + - 8443:443 environment: - ENV - USERTOKEN - - REPO_DATABASE_TYPE - - REPO_JDBC_URL - - REPO_HOST - - REPO_PORT - - REPO_DATABASE - - REPO_USER - - REPO_MISSING_SCHEMA_ACTION - - REPO_UPGRADEABLE_SCHEMA_ACTION - - REPO_SCHEMA_VERSION_IF_MISSING - - REPO_SCHEMA_VARIANT + - MP_SET_midpoint_repository_jdbcUsername=midpoint + - MP_SET_midpoint_repository_jdbcPassword_FILE=/opt/mp-pw/dbpassword + - MP_SET_midpoint_repository_jdbcUrl=jdbc:postgresql://midpoint_data:5432/midpoint + - MP_SET_midpoint_keystore_keyStorePassword_FILE=/opt/mp-pw/keystorepw + - MP_SET_server_tomcat_ajp_enabled=true + - MP_SET_server_tomcat_ajp_port=9090 + - MP_SET_server_tomcat_ajp_secret=s3cr3t + - MP_SET_logging_path=/tmp/logtomcat + - MP_UNSET_midpoint_repository_hibernateHbm2ddl=1 + - MP_NO_ENV_COMPAT=1 - MP_MEM_MAX - MP_MEM_INIT - MP_JAVA_OPTS - TIER_BEACON_OPT_OUT - TIMEZONE networks: - - net + net: + aliases: + - midpoint-server secrets: - - mp_database_password.txt - - mp_keystore_password.txt - mp_host-key.pem - mp_shibboleth_sp_keys.jks volumes: @@ -77,6 +119,7 @@ services: - type: bind source: ./configs-and-secrets/midpoint/httpd/vhosts.conf target: /etc/httpd/conf.d/vhosts/vhosts.conf + - mp_pw:/opt/mp-pw directory: build: ./directory/ @@ -107,15 +150,12 @@ networks: secrets: mp_host-key.pem: file: ./configs-and-secrets/midpoint/httpd/host-key.pem - mp_database_password.txt: - file: ./configs-and-secrets/midpoint/application/database_password.txt - mp_keystore_password.txt: - file: ./configs-and-secrets/midpoint/application/keystore_password.txt mp_shibboleth_sp_keys.jks: file: ./configs-and-secrets/midpoint/shibboleth/shibboleth_sp_keys.jks volumes: - midpoint_mysql: + db_init: + mp_pw: midpoint_data: midpoint_home: ldap: diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml index eb68f4f..3a28814 100644 --- a/demo/shibboleth/docker-compose.yml +++ b/demo/shibboleth/docker-compose.yml @@ -1,52 +1,93 @@ version: "3.3" services: + data_init: + image: tier/midpoint:${tag:-4.4} + command: > + bash -c " + chmod 777 /opt/mp-pw/ ; + touch /opt/mp-pw/db_init_in_progress ; + echo -e '#!/bin/sh\ntouch /opt/mp-pw/db_init' >/opt/db-init/000-start.sh ; + echo -e '#!/bin/sh\necho DB structure init process has finished...\nrm -f /opt/mp-pw/db_init_in_progress /opt/mp-pw/db_init' > /opt/db-init/999-finish.sh ; + /opt/midpoint/bin/midpoint.sh init-native + " + environment: + - MP_INIT_DB_CONCAT=/opt/db-init/init.sql + - MP_DB_PW=/opt/mp-pw/dbpassword + - MP_PW_DEF=/opt/mp-pw/keystorepw + volumes: + - db_init:/opt/db-init + - mp_pw:/opt/mp-pw + midpoint_data: - image: postgres:11 + image: postgres:13-alpine + command: > + bash -c " + rm -f /var/lib/postgresql/data/postmaster.pid ; + while [ ! -s /opt/mp-pw/dbpassword -o -e /opt/mp-pw/init_in_progress ] ; do + echo 'Waiting to the end of the init process...'; + sleep 1; + done ; + { + sleep 2 ; + if [ ! -e /opt/mp-pw/db_init -a -e /opt/mp-pw/db_init_in_progress ] ; + then echo 'DB init did not start...' ; + rm -f /opt/mp-pw/db_ini*; + echo 'The lock files has been removed...'; + fi ; + } & + docker-entrypoint.sh postgres + " + user: "70:70" + depends_on: + - data_init environment: - - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt + - POSTGRES_PASSWORD_FILE=/opt/mp-pw/dbpassword - POSTGRES_USER=midpoint - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 ports: - 5432:5432 networks: - net - secrets: - - mp_database_password.txt volumes: - midpoint_data:/var/lib/postgresql/data + - db_init:/docker-entrypoint-initdb.d/ + - mp_pw:/opt/mp-pw midpoint_server: build: context: ./midpoint_server/ args: - tag: ${tag:-4.3.2-SNAPSHOT} + tag: ${tag:-4.4} command: /usr/local/bin/startup.sh + depends_on: + - data_init + - midpoint_data ports: - - 8443:443 + - 8443:443 environment: - ENV - USERTOKEN - - REPO_DATABASE_TYPE - - REPO_JDBC_URL - - REPO_HOST - - REPO_PORT - - REPO_DATABASE - - REPO_USER - - REPO_MISSING_SCHEMA_ACTION - - REPO_UPGRADEABLE_SCHEMA_ACTION - - REPO_SCHEMA_VERSION_IF_MISSING - - REPO_SCHEMA_VARIANT + - MP_SET_midpoint_repository_jdbcUsername=midpoint + - MP_SET_midpoint_repository_jdbcPassword_FILE=/opt/mp-pw/dbpassword + - MP_SET_midpoint_repository_jdbcUrl=jdbc:postgresql://midpoint_data:5432/midpoint + - MP_SET_midpoint_keystore_keyStorePassword_FILE=/opt/mp-pw/keystorepw + - MP_SET_server_tomcat_ajp_enabled=true + - MP_SET_server_tomcat_ajp_port=9090 + - MP_SET_server_tomcat_ajp_secret=s3cr3t + - MP_SET_logging_path=/tmp/logtomcat + - MP_UNSET_midpoint_repository_hibernateHbm2ddl=1 + - MP_NO_ENV_COMPAT=1 - MP_MEM_MAX - MP_MEM_INIT - MP_JAVA_OPTS - TIER_BEACON_OPT_OUT - TIMEZONE networks: - - net + net: + aliases: + - midpoint-server secrets: - - mp_database_password.txt - - mp_keystore_password.txt - mp_host-key.pem - mp_shibboleth_sp_keys.jks volumes: @@ -75,6 +116,7 @@ services: - type: bind source: ./configs-and-secrets/midpoint/httpd/vhosts.conf target: /etc/httpd/conf.d/vhosts/vhosts.conf + - mp_pw:/opt/mp-pw directory: build: ./directory/ @@ -105,15 +147,12 @@ networks: secrets: mp_host-key.pem: file: ./configs-and-secrets/midpoint/httpd/host-key.pem - mp_database_password.txt: - file: ./configs-and-secrets/midpoint/application/database_password.txt - mp_keystore_password.txt: - file: ./configs-and-secrets/midpoint/application/keystore_password.txt mp_shibboleth_sp_keys.jks: file: ./configs-and-secrets/midpoint/shibboleth/shibboleth_sp_keys.jks volumes: - midpoint_mysql: + db_init: + mp_pw: midpoint_data: midpoint_home: ldap: diff --git a/demo/shibboleth/midpoint_server/Dockerfile b/demo/shibboleth/midpoint_server/Dockerfile index b63eeb3..849ba14 100644 --- a/demo/shibboleth/midpoint_server/Dockerfile +++ b/demo/shibboleth/midpoint_server/Dockerfile @@ -1,4 +1,4 @@ -ARG tag=4.3.2-SNAPSHOT +ARG tag=4.4 FROM tier/midpoint:${tag} diff --git a/demo/shibboleth/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml b/demo/shibboleth/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml index 4abf399..d033a3d 100644 --- a/demo/shibboleth/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml +++ b/demo/shibboleth/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml @@ -1,8 +1,8 @@ - + xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" + xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"> + Default Security Policy @@ -28,30 +28,19 @@ true urn:oasis:names:tc:SAML:2.0:nameid-format:transient - - /etc/pki/mp/sp-shibboleth-keys.jks - - changeit - - signing-key - - password - - - - /etc/pki/mp/sp-shibboleth-keys.jks - - changeit - - encrypt-key - - password - - encryption - + + /etc/pki/mp/sp-shibboleth-keys.jks + + changeit + + signing-key + + password + + - - https://idptestbed/idp/shibboleth + + https://idptestbed/idp/shibboleth idp-shibboleth /etc/shibboleth/idp-metadata.xml @@ -60,7 +49,7 @@ Shibboleth urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST uid - + @@ -151,8 +140,8 @@ sufficient - /actuator - /actuator/health + /actuator + /actuator/health diff --git a/demo/shibboleth/tests/main.bats b/demo/shibboleth/tests/main.bats index dd17314..e48527e 100755 --- a/demo/shibboleth/tests/main.bats +++ b/demo/shibboleth/tests/main.bats @@ -4,7 +4,8 @@ load ../../../common load ../../../library @test "000 Cleanup before running the tests" { - cd ../simple ; docker-compose down -v ; true + (cd ../simple ; docker-compose down -v) + (cd ../grouper ; docker-compose down -v) run docker-compose down -v } @@ -33,12 +34,12 @@ load ../../../library } @test "040 Check internal SAML redirection (/midpoint/auth/saml-internal)" { - curl -k --write-out %{redirect_url} --silent --output /dev/null https://localhost:8443/midpoint/auth/saml-internal/ | grep 'https:\/\/localhost:8443\/midpoint\/auth\/saml-internal\/mySamlSso\/discovery?idp=https%3A%2F%2Fidptestbed%2Fidp%2Fshibboleth' + curl -k --write-out %{redirect_url} --silent --output /dev/null https://localhost:8443/midpoint/auth/saml-internal/ | grep 'https:\/\/localhost:8443\/midpoint\/auth\/saml-internal\/mySamlSso\/authenticate\/midpointdemo-shibboleth' } @test "041 Check internal SAML redirection action (midpoint/..../discovery?...)" { TMPFILE=$(mktemp /tmp/samlForm.XXXXXX) - curl -k https://localhost:8443/midpoint/auth/saml-internal/mySamlSso/discovery?idp=https://idptestbed/idp/shibboleth >$TMPFILE || (rm $TMPFILE ; return 1) + curl -k https:\/\/localhost:8443\/midpoint\/auth\/saml-internal\/mySamlSso\/authenticate\/midpointdemo-shibboleth >$TMPFILE || (rm $TMPFILE ; return 1) if (grep -q " + bash -c " + chmod 777 /opt/mp-pw/ ; + touch /opt/mp-pw/db_init_in_progress ; + echo -e '#!/bin/sh\ntouch /opt/mp-pw/db_init' >/opt/db-init/000-start.sh ; + echo -e '#!/bin/sh\necho DB structure init process has finished...\nrm -f /opt/mp-pw/db_init_in_progress /opt/mp-pw/db_init' > /opt/db-init/999-finish.sh ; + /opt/midpoint/bin/midpoint.sh init-native + " + environment: + - MP_INIT_CFG=/opt/mp-home + - MP_INIT_DB_CONCAT=/opt/db-init/init.sql + - MP_DB_PW=/opt/mp-pw/dbpassword + - MP_PW_DEF=/opt/mp-pw/keystorepw + volumes: + - db_init:/opt/db-init + - mp_pw:/opt/mp-pw + - midpoint_home:/opt/mp-home + midpoint_data: - image: postgres:11 + image: postgres:13-alpine + command: > + bash -c " + rm -f /var/lib/postgresql/data/postmaster.pid ; + while [ ! -s /opt/mp-pw/dbpassword -o -e /opt/mp-pw/init_in_progress ] ; do + echo 'Waiting to the end of the init process...'; + sleep 1; + done ; + { + sleep 2 ; + if [ ! -e /opt/mp-pw/db_init -a -e /opt/mp-pw/db_init_in_progress ] ; + then echo 'DB init did not start...' ; + rm -f /opt/mp-pw/db_ini*; + echo 'The lock files has been removed...'; + fi ; + } & + docker-entrypoint.sh postgres + " + user: "70:70" + depends_on: + - data_init environment: - - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt + - POSTGRES_PASSWORD_FILE=/opt/mp-pw/dbpassword - POSTGRES_USER=midpoint - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8 ports: - 5432:5432 networks: - net - secrets: - - mp_database_password.txt volumes: - midpoint_data:/var/lib/postgresql/data + - db_init:/docker-entrypoint-initdb.d/ + - mp_pw:/opt/mp-pw midpoint_server: - image: tier/midpoint:${tag:-4.3.2-SNAPSHOT} + image: tier/midpoint:${tag:-4.4} + depends_on: + - data_init + - midpoint_data ports: - - 8443:443 + - 8443:443 environment: - ENV - USERTOKEN - - REPO_DATABASE_TYPE - - REPO_JDBC_URL - - REPO_HOST - - REPO_PORT - - REPO_DATABASE - - REPO_USER - - REPO_MISSING_SCHEMA_ACTION - - REPO_UPGRADEABLE_SCHEMA_ACTION - - REPO_SCHEMA_VERSION_IF_MISSING - - REPO_SCHEMA_VARIANT + - MP_SET_midpoint_repository_jdbcUsername=midpoint + - MP_SET_midpoint_repository_jdbcPassword_FILE=/opt/mp-pw/dbpassword + - MP_SET_midpoint_repository_jdbcUrl=jdbc:postgresql://midpoint_data:5432/midpoint + - MP_SET_midpoint_keystore_keyStorePassword_FILE=/opt/mp-pw/keystorepw + - MP_SET_server_tomcat_ajp_enabled=true + - MP_SET_server_tomcat_ajp_port=9090 + - MP_SET_server_tomcat_ajp_secret=s3cr3t + - MP_SET_logging_path=/tmp/logtomcat + - MP_UNSET_midpoint_repository_hibernateHbm2ddl=1 + - MP_NO_ENV_COMPAT=1 - MP_MEM_MAX - MP_MEM_INIT - MP_JAVA_OPTS - TIER_BEACON_OPT_OUT - TIMEZONE networks: - - net + net: + aliases: + - midpoint-server secrets: - - mp_database_password.txt - - mp_keystore_password.txt - mp_host-key.pem volumes: - midpoint_home:/opt/midpoint/var @@ -52,20 +95,18 @@ services: - type: bind source: ./configs-and-secrets/midpoint/httpd/host-cert.pem target: /etc/pki/tls/certs/cachain.pem + - mp_pw:/opt/mp-pw networks: net: driver: bridge secrets: - mp_database_password.txt: - file: ./configs-and-secrets/midpoint/application/database_password.txt - mp_keystore_password.txt: - file: ./configs-and-secrets/midpoint/application/keystore_password.txt mp_host-key.pem: file: ./configs-and-secrets/midpoint/httpd/host-key.pem volumes: - midpoint_mysql: + db_init: + mp_pw: midpoint_data: midpoint_home: diff --git a/demo/simple/tests/main.bats b/demo/simple/tests/main.bats index cc06ca6..2445dd5 100755 --- a/demo/simple/tests/main.bats +++ b/demo/simple/tests/main.bats @@ -4,7 +4,9 @@ load ../../../common load ../../../library @test "000 Cleanup before running the tests" { - run docker-compose down -v + (cd ../grouper ; docker-compose down -v) + (cd ../shibboleth ; docker-compose down -v) + docker-compose down -v } @test "010 Initialize and start midPoint" { @@ -50,41 +52,6 @@ load ../../../library search_and_check_object users test300 } -@test "350 Test DB schema version check" { - echo "Removing version information from m_global_metadata" - docker exec simple_midpoint_data_1 psql midpoint midpoint -c "drop table m_global_metadata" - - echo "Bringing the containers down" - docker-compose down - - echo "Re-creating the containers" - docker-compose up -d - - wait_for_log_message simple_midpoint_server_1 "Database schema is not compatible with the executing code; however, an upgrade path is available." -} - -@test "360 Test DB schema upgrade" { - skip 'Not supported for 4.3.2-SNAPSHOT' - echo "Stopping midpoint_server container" - docker stop simple_midpoint_server_1 - - echo "Installing empty 3.8 repository" - docker exec simple_midpoint_data_1 mysql -p123321 -e "DROP DATABASE registry" - docker exec simple_midpoint_data_1 bash -c " curl https://raw.githubusercontent.com/Evolveum/midpoint/v3.8/config/sql/_all/mysql-3.8-all-utf8mb4.sql > /tmp/create-3.8-utf8mb4.sql" - docker exec simple_midpoint_data_1 mysql -p123321 -e "CREATE DATABASE IF NOT EXISTS registry;" - docker exec simple_midpoint_data_1 mysql -p123321 -e "GRANT ALL ON registry.* TO 'registry_user'@'%' IDENTIFIED BY 'WJzesbe3poNZ91qIbmR7' ;" - docker exec simple_midpoint_data_1 bash -c "mysql -p123321 registry < /tmp/create-3.8-utf8mb4.sql" - - echo "Bringing the containers down" - docker-compose down - - echo "Re-creating the containers" - env REPO_SCHEMA_VERSION_IF_MISSING=3.8 REPO_UPGRADEABLE_SCHEMA_ACTION=upgrade REPO_SCHEMA_VARIANT=utf8mb4 docker-compose up -d - - wait_for_log_message simple_midpoint_server_1 "Schema was successfully upgraded from 3.8 to 3.9 using script 'mysql-upgrade-3.8-3.9-utf8mb4.sql'" - wait_for_midpoint_start simple_midpoint_server_1 -} - @test "999 Clean up" { docker-compose down -v } diff --git a/download-midpoint.sh b/download-midpoint.sh index a418ee4..e2d3766 100755 --- a/download-midpoint.sh +++ b/download-midpoint.sh @@ -10,7 +10,7 @@ else # But if we need to incorporate interim changes to I2 distribution during # midPoint development cycle, we can specify concrete file from "midpoint-tier" # download directory by using its name (like "latest-stable"). - MP_VERSION="4.3.2-SNAPSHOT" + MP_VERSION="4.4" else MP_VERSION=$tag fi diff --git a/library.bash b/library.bash index ff08822..edfa80a 100644 --- a/library.bash +++ b/library.bash @@ -411,7 +411,7 @@ function wait_for_task_completion () { echo "Waiting $DELAY seconds for task with oid $OID to finish (attempt $ATTEMPT) ..." sleep $DELAY get_object tasks $OID - TASK_EXECUTION_STATUS=$(xmllint --xpath "/*/*[local-name()='executionStatus']/text()" $OUTFILE) || (echo "Couldn't extract task status from task $OID" ; cat $OUTFILE ; rm $OUTFILE ; return 1) + TASK_EXECUTION_STATUS=$(xmllint --xpath "/*/*[local-name()='executionState']/text()" $OUTFILE) || (echo "Couldn't extract task status from task $OID" ; cat $OUTFILE ; rm $OUTFILE ; return 1) if [[ $TASK_EXECUTION_STATUS = "suspended" ]] || [[ $TASK_EXECUTION_STATUS = "closed" ]]; then echo "Task $OID is finished" rm $OUTFILE From 281bce9c3fae300e919af6ad8eb5f44512fc6426 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 30 Nov 2021 20:21:43 -0500 Subject: [PATCH 05/16] remove test for now non-existent demo/postgres directory --- tests/main.bats | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tests/main.bats b/tests/main.bats index eadbc5b..74de978 100755 --- a/tests/main.bats +++ b/tests/main.bats @@ -25,11 +25,6 @@ load ../common cd demo/shibboleth ; docker-compose down -v ; true } -@test "120 Cleanup before further tests - demo/postgresql" { - docker ps -a - cd demo/postgresql ; docker-compose down -v ; true -} - @test "130 Cleanup before further tests - demo/grouper" { docker ps -a cd demo/grouper ; docker-compose down -v ; true From 56c76a52ee6de1e6b48314aea86cb9c57e2b1177 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 30 Nov 2021 20:28:41 -0500 Subject: [PATCH 06/16] Update common.bash --- common.bash | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common.bash b/common.bash index fe2b4ab..a85e8b0 100644 --- a/common.bash +++ b/common.bash @@ -1,3 +1,3 @@ -maintainer="tier" +maintainer="i2incommon" imagename="midpoint" tag="4.4" From f301239795b4ff9c384c113fee97ef1dd6af2155 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 30 Nov 2021 20:41:29 -0500 Subject: [PATCH 07/16] Update Jenkinsfile --- Jenkinsfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index f5b73e9..9376b98 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -56,7 +56,6 @@ pipeline { sh '(cd demo/simple ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' - sh '(cd demo/postgresql ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' sh '(cd demo/grouper ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' } catch (error) { def error_details = readFile('./debug') From 4e446b42c426b676d56c460c68ba86a74611e78c Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 30 Nov 2021 20:54:32 -0500 Subject: [PATCH 08/16] Update main.bats --- tests/main.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/main.bats b/tests/main.bats index 74de978..d04ed36 100755 --- a/tests/main.bats +++ b/tests/main.bats @@ -3,7 +3,7 @@ load ../common @test "010 Image is present" { - docker image inspect tier/midpoint:$tag + docker image inspect $maintainer/$imagename:$tag } @test "020 Check basic components" { From 2832b94cc53b7cca35d63c697fcd56193b53bdcd Mon Sep 17 00:00:00 2001 From: Slavek Licehammer Date: Wed, 1 Dec 2021 10:38:37 +0100 Subject: [PATCH 09/16] Finalize renaming the image to i2incommon/midpoint The image was renamed in 56c76a52ee6de1e6b48314aea86cb9c57e2b1177 but in order to work, it has to be changed in additional files. --- demo/grouper/docker-compose.yml | 2 +- demo/grouper/midpoint_server/Dockerfile | 2 +- demo/shibboleth/docker-compose-tests.yml | 2 +- demo/shibboleth/docker-compose.yml | 2 +- demo/shibboleth/midpoint_server/Dockerfile | 2 +- demo/simple/docker-compose.yml | 4 ++-- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/demo/grouper/docker-compose.yml b/demo/grouper/docker-compose.yml index fd57b8c..2098eed 100644 --- a/demo/grouper/docker-compose.yml +++ b/demo/grouper/docker-compose.yml @@ -173,7 +173,7 @@ services: - CREATE_NEW_DATABASE=if_needed data_init: - image: tier/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4} command: > bash -c " chmod 777 /opt/mp-pw/ ; diff --git a/demo/grouper/midpoint_server/Dockerfile b/demo/grouper/midpoint_server/Dockerfile index 849ba14..c053fbe 100644 --- a/demo/grouper/midpoint_server/Dockerfile +++ b/demo/grouper/midpoint_server/Dockerfile @@ -1,6 +1,6 @@ ARG tag=4.4 -FROM tier/midpoint:${tag} +FROM i2incommon/midpoint:${tag} MAINTAINER info@evolveum.com diff --git a/demo/shibboleth/docker-compose-tests.yml b/demo/shibboleth/docker-compose-tests.yml index 1079d67..a53f33c 100644 --- a/demo/shibboleth/docker-compose-tests.yml +++ b/demo/shibboleth/docker-compose-tests.yml @@ -5,7 +5,7 @@ version: "3.3" services: data_init: - image: tier/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4} command: > bash -c " chmod 777 /opt/mp-pw/ ; diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml index 3a28814..f7b5064 100644 --- a/demo/shibboleth/docker-compose.yml +++ b/demo/shibboleth/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.3" services: data_init: - image: tier/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4} command: > bash -c " chmod 777 /opt/mp-pw/ ; diff --git a/demo/shibboleth/midpoint_server/Dockerfile b/demo/shibboleth/midpoint_server/Dockerfile index 849ba14..c053fbe 100644 --- a/demo/shibboleth/midpoint_server/Dockerfile +++ b/demo/shibboleth/midpoint_server/Dockerfile @@ -1,6 +1,6 @@ ARG tag=4.4 -FROM tier/midpoint:${tag} +FROM i2incommon/midpoint:${tag} MAINTAINER info@evolveum.com diff --git a/demo/simple/docker-compose.yml b/demo/simple/docker-compose.yml index da1aa3f..ae6ee68 100644 --- a/demo/simple/docker-compose.yml +++ b/demo/simple/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.3" services: data_init: - image: tier/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -57,7 +57,7 @@ services: - mp_pw:/opt/mp-pw midpoint_server: - image: tier/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4} depends_on: - data_init - midpoint_data From f104fccd725293f8eefe87ac6dea856b18823cbd Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 11 Jan 2022 13:06:31 -0500 Subject: [PATCH 10/16] commenting out tests temporarily --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 9376b98..cefe85f 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -55,8 +55,8 @@ pipeline { sh 'echo Docker containers before compositions tests ; docker ps -a' // temporary sh '(cd demo/simple ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' - sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' - sh '(cd demo/grouper ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' + //sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' + //sh '(cd demo/grouper ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' } catch (error) { def error_details = readFile('./debug') def message = "BUILD ERROR: There was a problem testing ${imagename}:${tag}. \n\n ${error_details}" From 3f3f8bba5b9c328621757e4fce86e6fbf96457bd Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 11 Jan 2022 13:24:01 -0500 Subject: [PATCH 11/16] disabling tests --- Jenkinsfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index cefe85f..51ba27c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -51,10 +51,10 @@ pipeline { script { try { sh 'echo Docker containers before root tests ; docker ps -a' // temporary - sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0' - sh 'echo Docker containers before compositions tests ; docker ps -a' // temporary + // sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0' + // sh 'echo Docker containers before compositions tests ; docker ps -a' // temporary - sh '(cd demo/simple ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' + // sh '(cd demo/simple ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' //sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' //sh '(cd demo/grouper ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' } catch (error) { From 506dd7d6485ea6e5ee06d058827631eb70b02233 Mon Sep 17 00:00:00 2001 From: Christopher Hubing Date: Tue, 11 Jan 2022 13:44:16 -0500 Subject: [PATCH 12/16] Dockerhub creds --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 51ba27c..d430f89 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -69,7 +69,7 @@ pipeline { stage ('Push') { steps { script { - docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { + docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-tier") { def baseImg = docker.image("$maintainer/$imagename:$tag") baseImg.push("$tag") From 932b562e3f8c51d192720a886397e34f25b22200 Mon Sep 17 00:00:00 2001 From: Slavek Licehammer Date: Thu, 13 Jan 2022 13:17:55 +0100 Subject: [PATCH 13/16] Add forgoten midPoint config file for Shib demo --- .../container_files/mp-home/config.xml | 60 +++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 demo/shibboleth/midpoint_server/container_files/mp-home/config.xml diff --git a/demo/shibboleth/midpoint_server/container_files/mp-home/config.xml b/demo/shibboleth/midpoint_server/container_files/mp-home/config.xml new file mode 100644 index 0000000..0fc3410 --- /dev/null +++ b/demo/shibboleth/midpoint_server/container_files/mp-home/config.xml @@ -0,0 +1,60 @@ + + + + + + + + ${midpoint.home}/import + + + native + jdbc:postgresql://localhost:5432/midpoint + midpoint + password + + + + com.evolveum.midpoint.audit.impl.LoggerAuditServiceFactory + + + com.evolveum.midpoint.repo.sqale.audit.SqaleAuditServiceFactory + + + + true + ${midpoint.home}/icf-connectors + + + ${midpoint.home}/keystore.jceks + changeit + default + + + From 1795874c5d325fd1eb69575458381d2ee8f7142e Mon Sep 17 00:00:00 2001 From: Slavek Licehammer Date: Tue, 22 Feb 2022 15:13:06 +0100 Subject: [PATCH 14/16] Update to midPoint 4.4.1 --- common.bash | 2 +- demo/grouper/docker-compose.yml | 4 ++-- demo/grouper/midpoint_server/Dockerfile | 2 +- demo/shibboleth/docker-compose-tests.yml | 4 ++-- demo/shibboleth/docker-compose.yml | 4 ++-- demo/shibboleth/midpoint_server/Dockerfile | 2 +- demo/simple/docker-compose.yml | 4 ++-- download-midpoint.sh | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/common.bash b/common.bash index a85e8b0..90dc7cd 100644 --- a/common.bash +++ b/common.bash @@ -1,3 +1,3 @@ maintainer="i2incommon" imagename="midpoint" -tag="4.4" +tag="4.4.1" diff --git a/demo/grouper/docker-compose.yml b/demo/grouper/docker-compose.yml index 2098eed..6f44a86 100644 --- a/demo/grouper/docker-compose.yml +++ b/demo/grouper/docker-compose.yml @@ -173,7 +173,7 @@ services: - CREATE_NEW_DATABASE=if_needed data_init: - image: i2incommon/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4.1} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -229,7 +229,7 @@ services: build: context: ./midpoint_server/ args: - tag: ${tag:-4.4} + tag: ${tag:-4.4.1} depends_on: - data_init - midpoint_data diff --git a/demo/grouper/midpoint_server/Dockerfile b/demo/grouper/midpoint_server/Dockerfile index c053fbe..00f664a 100644 --- a/demo/grouper/midpoint_server/Dockerfile +++ b/demo/grouper/midpoint_server/Dockerfile @@ -1,4 +1,4 @@ -ARG tag=4.4 +ARG tag=4.4.1 FROM i2incommon/midpoint:${tag} diff --git a/demo/shibboleth/docker-compose-tests.yml b/demo/shibboleth/docker-compose-tests.yml index a53f33c..f28b318 100644 --- a/demo/shibboleth/docker-compose-tests.yml +++ b/demo/shibboleth/docker-compose-tests.yml @@ -5,7 +5,7 @@ version: "3.3" services: data_init: - image: i2incommon/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4.1} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -61,7 +61,7 @@ services: build: context: ./midpoint_server/ args: - tag: ${tag:-4.4} + tag: ${tag:-4.4.1} command: /usr/local/bin/startup.sh depends_on: - data_init diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml index f7b5064..b496ffb 100644 --- a/demo/shibboleth/docker-compose.yml +++ b/demo/shibboleth/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.3" services: data_init: - image: i2incommon/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4.1} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -58,7 +58,7 @@ services: build: context: ./midpoint_server/ args: - tag: ${tag:-4.4} + tag: ${tag:-4.4.1} command: /usr/local/bin/startup.sh depends_on: - data_init diff --git a/demo/shibboleth/midpoint_server/Dockerfile b/demo/shibboleth/midpoint_server/Dockerfile index c053fbe..00f664a 100644 --- a/demo/shibboleth/midpoint_server/Dockerfile +++ b/demo/shibboleth/midpoint_server/Dockerfile @@ -1,4 +1,4 @@ -ARG tag=4.4 +ARG tag=4.4.1 FROM i2incommon/midpoint:${tag} diff --git a/demo/simple/docker-compose.yml b/demo/simple/docker-compose.yml index ae6ee68..d803e88 100644 --- a/demo/simple/docker-compose.yml +++ b/demo/simple/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.3" services: data_init: - image: i2incommon/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4.1} command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -57,7 +57,7 @@ services: - mp_pw:/opt/mp-pw midpoint_server: - image: i2incommon/midpoint:${tag:-4.4} + image: i2incommon/midpoint:${tag:-4.4.1} depends_on: - data_init - midpoint_data diff --git a/download-midpoint.sh b/download-midpoint.sh index e2d3766..92c356c 100755 --- a/download-midpoint.sh +++ b/download-midpoint.sh @@ -10,7 +10,7 @@ else # But if we need to incorporate interim changes to I2 distribution during # midPoint development cycle, we can specify concrete file from "midpoint-tier" # download directory by using its name (like "latest-stable"). - MP_VERSION="4.4" + MP_VERSION="4.4.1" else MP_VERSION=$tag fi From dc3294acd768329b8ccbab803282429507c6a891 Mon Sep 17 00:00:00 2001 From: Slavek Licehammer Date: Tue, 22 Feb 2022 15:17:08 +0100 Subject: [PATCH 15/16] Allow tests during build --- Jenkinsfile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index d430f89..9d5e4bf 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -51,12 +51,12 @@ pipeline { script { try { sh 'echo Docker containers before root tests ; docker ps -a' // temporary - // sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0' - // sh 'echo Docker containers before compositions tests ; docker ps -a' // temporary + sh 'bin/test.sh 2>&1 | tee debug ; test ${PIPESTATUS[0]} -eq 0' + sh 'echo Docker containers before compositions tests ; docker ps -a' // temporary - // sh '(cd demo/simple ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' - //sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' - //sh '(cd demo/grouper ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' + sh '(cd demo/simple ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' + sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' + sh '(cd demo/grouper ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' } catch (error) { def error_details = readFile('./debug') def message = "BUILD ERROR: There was a problem testing ${imagename}:${tag}. \n\n ${error_details}" From 52d72da4edf60671a0f8e42ee2e0d2cde0e47259 Mon Sep 17 00:00:00 2001 From: Slavek Licehammer Date: Tue, 22 Feb 2022 16:20:31 +0100 Subject: [PATCH 16/16] Increase waiting time in tests midPoint might take longer to start in some environments --- library.bash | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library.bash b/library.bash index edfa80a..e57b4c6 100644 --- a/library.bash +++ b/library.bash @@ -12,7 +12,7 @@ function generic_wait_for_log () { FAILURE="$4" ADDITIONAL_CONTAINER_NAME=$5 ATTEMPT=0 - MAX_ATTEMPTS=20 + MAX_ATTEMPTS=30 DELAY=10 until [[ $ATTEMPT = $MAX_ATTEMPTS ]]; do