Upgrade to 4.4.

Dockerfile

@@ -45,7 +45,6 @@ RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \
 
 # Build arguments
 
-ARG MP_VERSION=4.0.1
 ARG MP_DIST_FILE=midpoint-dist.tar.gz
 
 ENV MP_DIR /opt/midpoint
@@ -62,31 +61,13 @@ RUN echo 'Extracting midPoint archive...' \
 # TODO: consider all the consequences
 #VOLUME ${MP_DIR}/var
 
-# Repository parameters
-
-ENV REPO_DATABASE_TYPE postgresql
-ENV REPO_JDBC_URL default
-ENV REPO_HOST midpoint_data
-ENV REPO_PORT default
-ENV REPO_DATABASE midpoint
-ENV REPO_USER midpoint
-ENV REPO_PASSWORD_FILE /run/secrets/mp_database_password.txt
-ENV REPO_MISSING_SCHEMA_ACTION create
-ENV REPO_UPGRADEABLE_SCHEMA_ACTION stop
-
 # Logging parameters
 
 ENV ENV demo
 ENV USERTOKEN ""
 
-# Authentication/web
-
-ENV AJP_ENABLED true
-ENV AJP_PORT 9090
-
 # Other parameters
 
-ENV MP_KEYSTORE_PASSWORD_FILE /run/secrets/mp_keystore_password.txt
 ENV MP_MEM_MAX 2048m
 ENV MP_MEM_INIT 1024m
 ENV TIMEZONE UTC

common.bash

@@ -1,3 +1,3 @@
 maintainer="tier"
 imagename="midpoint"
-tag="4.3.2-SNAPSHOT"
+tag="4.4"

container_files/usr-local-bin/start-midpoint.sh

@@ -25,34 +25,10 @@ done
 check MP_MEM_MAX
 check MP_MEM_INIT
 check MP_DIR
-check REPO_DATABASE_TYPE
-check REPO_USER
-check REPO_PASSWORD_FILE
-check REPO_MISSING_SCHEMA_ACTION
-check REPO_UPGRADEABLE_SCHEMA_ACTION
-check MP_KEYSTORE_PASSWORD_FILE
-check AJP_ENABLED
-check AJP_PORT
 
-java -Xmx$MP_MEM_MAX -Xms$MP_MEM_INIT -Dfile.encoding=UTF8 \
-       -Dmidpoint.home=$MP_DIR/var \
-       -Dmidpoint.repository.database=$REPO_DATABASE_TYPE \
-       -Dmidpoint.repository.jdbcUsername=$REPO_USER \
-       -Dmidpoint.repository.jdbcPassword_FILE=$REPO_PASSWORD_FILE \
-       -Dmidpoint.repository.jdbcUrl="`$MP_DIR/repository-url`" \
-       -Dmidpoint.repository.hibernateHbm2ddl=none \
-       -Dmidpoint.repository.missingSchemaAction=$REPO_MISSING_SCHEMA_ACTION \
-       -Dmidpoint.repository.upgradeableSchemaAction=$REPO_UPGRADEABLE_SCHEMA_ACTION \
-       $(if [ -n "$REPO_SCHEMA_VERSION_IF_MISSING" ]; then echo "-Dmidpoint.repository.schemaVersionIfMissing=$REPO_SCHEMA_VERSION_IF_MISSING"; fi) \
-       $(if [ -n "$REPO_SCHEMA_VARIANT" ]; then echo "-Dmidpoint.repository.schemaVariant=$REPO_SCHEMA_VARIANT"; fi) \
-       -Dmidpoint.repository.initializationFailTimeout=60000 \
-       -Dmidpoint.keystore.keyStorePassword_FILE=$MP_KEYSTORE_PASSWORD_FILE \
-       -Dmidpoint.logging.alt.enabled=true \
-       -Dmidpoint.logging.alt.filename=/tmp/logmidpoint \
-       -Dspring.profiles.active="`$MP_DIR/active-spring-profiles`" \
-       -Dserver.tomcat.ajp.enabled=$AJP_ENABLED \
-       -Dserver.tomcat.ajp.port=$AJP_PORT \
-       -Dserver.tomcat.ajp.secret=s3cr3t \
-       -Dlogging.path=/tmp/logtomcat \
-       $MP_JAVA_OPTS \
-       -jar $MP_DIR/lib/midpoint.war &>/tmp/logmidpoint-console
+export MP_SET_midpoint_logging_alt_enabled=true
+export MP_SET_midpoint_logging_alt_filename=/tmp/logmidpoint
+export MP_SET_spring_profiles_active="`$MP_DIR/active-spring-profiles`"
+export MP_SET_logging_path=/tmp/logtomcat
+
+/opt/midpoint/bin/midpoint.sh 'container' &>/tmp/logmidpoint-console

demo/grouper/.env

@@ -1,12 +1,4 @@
 ENV=demo
-REPO_DATABASE_TYPE=postgresql
-REPO_JDBC_URL=default
-REPO_HOST=midpoint_data
-REPO_PORT=default
-REPO_DATABASE=midpoint
-REPO_USER=midpoint
-REPO_MISSING_SCHEMA_ACTION=create
-REPO_UPGRADEABLE_SCHEMA_ACTION=stop
 MP_MEM_MAX=2048m
 MP_MEM_INIT=1024m
 TIMEZONE=UTC

demo/grouper/docker-compose.yml

@@ -172,43 +172,82 @@ services:
     environment:
      - CREATE_NEW_DATABASE=if_needed
 
+  data_init:
+    image: tier/midpoint:${tag:-4.4}
+    command: >
+        bash -c "
+        chmod 777 /opt/mp-pw/ ;
+        touch /opt/mp-pw/db_init_in_progress ;
+        echo -e '#!/bin/sh\ntouch /opt/mp-pw/db_init' >/opt/db-init/000-start.sh ;
+        echo -e '#!/bin/sh\necho DB structure init process has finished...\nrm -f /opt/mp-pw/db_init_in_progress /opt/mp-pw/db_init' > /opt/db-init/999-finish.sh ;
+        /opt/midpoint/bin/midpoint.sh init-native
+        "
+    environment:
+     - MP_INIT_DB_CONCAT=/opt/db-init/init.sql
+     - MP_DB_PW=/opt/mp-pw/dbpassword
+     - MP_PW_DEF=/opt/mp-pw/keystorepw
+    volumes:
+     - db_init:/opt/db-init
+     - mp_pw:/opt/mp-pw
+
   midpoint_data:
-    image: postgres:11
+    image: postgres:13-alpine
+    command: >
+        bash -c "
+        rm -f /var/lib/postgresql/data/postmaster.pid ;
+        while [ ! -s /opt/mp-pw/dbpassword -o -e /opt/mp-pw/init_in_progress ] ; do
+         echo 'Waiting to the end of the init process...';
+         sleep 1;
+        done ;
+        {
+         sleep 2 ;
+         if [ ! -e /opt/mp-pw/db_init -a -e /opt/mp-pw/db_init_in_progress ] ;
+          then echo 'DB init did not start...' ;
+          rm -f /opt/mp-pw/db_ini*;
+          echo 'The lock files has been removed...';
+         fi ;
+        } &
+        docker-entrypoint.sh postgres
+        "
+    user: "70:70"
+    depends_on:
+     - data_init
     environment:
-     - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt
+     - POSTGRES_PASSWORD_FILE=/opt/mp-pw/dbpassword
      - POSTGRES_USER=midpoint
      - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8
     ports:
      - 5432:5432
     networks:
      - net
-    secrets:
-     - mp_database_password.txt
     volumes:
      - midpoint_data:/var/lib/postgresql/data
+     - db_init:/docker-entrypoint-initdb.d/
+     - mp_pw:/opt/mp-pw
 
   midpoint_server:
     build:
       context: ./midpoint_server/
       args:
-        tag: ${tag:-4.3.2-SNAPSHOT}
+        tag: ${tag:-4.4}
     depends_on:
+     - data_init
      - midpoint_data
     ports:
      - 8443:443
     environment:
      - ENV
      - USERTOKEN
-     - REPO_DATABASE_TYPE
-     - REPO_JDBC_URL
-     - REPO_HOST
-     - REPO_PORT
-     - REPO_DATABASE
-     - REPO_USER
-     - REPO_MISSING_SCHEMA_ACTION
-     - REPO_UPGRADEABLE_SCHEMA_ACTION
-     - REPO_SCHEMA_VERSION_IF_MISSING
-     - REPO_SCHEMA_VARIANT
+     - MP_SET_midpoint_repository_jdbcUsername=midpoint
+     - MP_SET_midpoint_repository_jdbcPassword_FILE=/opt/mp-pw/dbpassword
+     - MP_SET_midpoint_repository_jdbcUrl=jdbc:postgresql://midpoint_data:5432/midpoint
+     - MP_SET_midpoint_keystore_keyStorePassword_FILE=/opt/mp-pw/keystorepw
+     - MP_SET_server_tomcat_ajp_enabled=true
+     - MP_SET_server_tomcat_ajp_port=9090
+     - MP_SET_server_tomcat_ajp_secret=s3cr3t
+     - MP_SET_logging_path=/tmp/logtomcat
+     - MP_UNSET_midpoint_repository_hibernateHbm2ddl=1
+     - MP_NO_ENV_COMPAT=1
      - MP_MEM_MAX
      - MP_MEM_INIT
      - MP_JAVA_OPTS
@@ -219,8 +258,6 @@ services:
         aliases:
          - midpoint-server
     secrets:
-     - mp_database_password.txt
-     - mp_keystore_password.txt
      - mp_host-key.pem
      - mp_shibboleth_sp_keys.jks
     volumes:
@@ -234,6 +271,7 @@ services:
      - type: bind
        source: ./configs-and-secrets/midpoint/httpd/host-cert.pem
        target: /etc/pki/tls/certs/cachain.pem
+     - mp_pw:/opt/mp-pw
 
   idp:
     build: ./idp/
@@ -283,10 +321,6 @@ secrets:
 # midPoint
   mp_host-key.pem:
     file: ./configs-and-secrets/midpoint/httpd/host-key.pem
-  mp_database_password.txt:
-    file: ./configs-and-secrets/midpoint/application/database_password.txt
-  mp_keystore_password.txt:
-    file: ./configs-and-secrets/midpoint/application/keystore_password.txt    
   mp_shibboleth_sp_keys.jks:
     file: ./configs-and-secrets/midpoint/shibboleth/shibboleth_sp_keys.jks
 
@@ -296,7 +330,8 @@ volumes:
   source_mysql:
   target_data:
   ldap:
+  db_init:
+  mp_pw:
   midpoint_data:
-  midpoint_mysql:
   midpoint_home:
   mq: