diff --git a/Dockerfile b/Dockerfile index d81fe36..891eb45 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=$TARGETPLATFORM rockylinux:8.9 +FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:8.10 ######################## ### VERSION SETTINGS ### @@ -10,7 +10,7 @@ ENV TOMCAT_MAJOR=10 \ ##shib-idp \ VERSION=5.1.3 \ ##TIER \ - TIERVERSION=20240813_rocky8_multiarch \ + TIERVERSION=20240816_rocky8_multiarch \ #################### \ #### OTHER VARS #### \ #################### \ diff --git a/container_files/idp/rotateSealerKey.sh b/container_files/idp/rotateSealerKey.sh index 0fd9e97..1b6b0ef 100644 --- a/container_files/idp/rotateSealerKey.sh +++ b/container_files/idp/rotateSealerKey.sh @@ -16,15 +16,6 @@ then exit 1 fi - # Default JAVA_HOME if not already set - if [ -d "${JAVA_HOME:=/usr}" ] - then - export JAVA_HOME=${JAVA_HOME:=/usr} - else - echo "ERROR: JAVA_HOME Directory does not exist: ${JAVA_HOME:=/usr}" >&2 - exit 1 - fi - function get_config { # Key to lookup (escape . for regex lookup) local KEY=${1:?"No key provided to look up value"} @@ -32,6 +23,10 @@ then local DEFAULT="${2:-}" # Lookup key, strip spaces, replace idp.home with IDP_HOME value local RESULT=$(sed -rn '/^'"${KEY//./\\.}"'\s*=/ { s|^[^=]*=(.*)\s*$|\1|; s|%\{idp\.home\}|'"${IDP_HOME}"'|g; p}' ${IDP_HOME}/conf/idp.properties) + if [ -z "$RESULT" ] + then + local RESULT=$(sed -rn '/^'"${KEY//./\\.}"'\s*=/ { s|^[^=]*=(.*)\s*$|\1|; s|%\{idp\.home\}|'"${IDP_HOME}"'|g; p}' ${IDP_HOME}/credentials/secrets.properties) + fi # Set if no result with default - exit if no default echo ${RESULT:-${DEFAULT:?"No value in config and no default defined for: '${KEY}'"}} } @@ -48,12 +43,19 @@ then sync_hosts=$(get_config idp.sealer._sync_hosts ${HOSTNAME}) # Run the keygen utility - ${0%/*}/runclass.sh net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategyTool \ - --storefile "${storefile}" \ - --storepass "${storepass}" \ - --versionfile "${versionfile}" \ - --alias "${alias}" \ - --count "${count}" + ${0%/*}/seckeygen.sh \ + --storefile "${storefile}" \ + --storepass "${storepass}" \ + --versionfile "${versionfile}" \ + --alias "${alias}" \ + --count "${count}" + +# ${0%/*}/runclass.sh net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategyTool \ +# --storefile "${storefile}" \ +# --storepass "${storepass}" \ +# --versionfile "${versionfile}" \ +# --alias "${alias}" \ +# --count "${count}" # Display current version echo "INFO: $(tac "${versionfile}" | tr "\n" " ")" >&2 @@ -73,3 +75,4 @@ then done fi + diff --git a/test-compose/sp/Dockerfile b/test-compose/sp/Dockerfile index 700cfdf..da97747 100644 --- a/test-compose/sp/Dockerfile +++ b/test-compose/sp/Dockerfile @@ -1,4 +1,4 @@ -FROM i2incommon/shibboleth_sp:latest +FROM i2incommon/shibboleth_sp:3.4.1_05152024_rocky9_multiarch LABEL author="tier-packaging@internet2.edu " \ Vendor="TIER" \ @@ -6,7 +6,7 @@ LABEL author="tier-packaging@internet2.edu " \ ImageName=$imagename \ ImageOS=centos7 -RUN yum -y update; yum -y install php +RUN dnf -y update; dnf -y install php ADD container_files/shibboleth2.xml /etc/shibboleth/ ADD container_files/idp-metadata.xml /etc/shibboleth/