Merge pull request #143 from docker/latest5

merge latest5 branch

Dockerfile

@@ -1,16 +1,16 @@
-FROM --platform=$TARGETPLATFORM rockylinux:8.9
+FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:8.10
 
 ########################
 ### VERSION SETTINGS ###
 ########################
 #
 ##tomcat \
 ENV TOMCAT_MAJOR=10 \
-    TOMCAT_VERSION=10.1.18 \
+    TOMCAT_VERSION=10.1.30 \
 ##shib-idp \
-    VERSION=5.0.0 \
+    VERSION=5.1.3 \
 ##TIER \
-    TIERVERSION=20240124_rocky8_multiarch \
+    TIERVERSION=20240930_rocky8_multiarch \
 #################### \
 #### OTHER VARS #### \
 #################### \
@@ -95,7 +95,6 @@ RUN mkdir -p /tmp/shibboleth && cd /tmp/shibboleth && \
 	./bin/install.sh \
         --noPrompt true \
       	--propertyFile /tmp/idp.installer.properties && \
-
 # Cleanup
     cd ~ && \
     rm -rf /tmp/shibboleth

container_files/idp/idp.installer.properties

@@ -1,4 +1,4 @@
-idp.src.dir=/tmp/shibboleth/shibboleth-identity-provider-5.0.0
+idp.src.dir=/tmp/shibboleth/shibboleth-identity-provider-5.1.3
 idp.target.dir=/opt/shibboleth-idp
 idp.host.name=idp.example.org
 idp.sealer.password=changeit

container_files/idp/rotateSealerKey.sh

@@ -16,22 +16,17 @@ then
     exit 1
  fi
 
- # Default JAVA_HOME if not already set
- if [ -d "${JAVA_HOME:=/usr}" ]
- then
-    export JAVA_HOME=${JAVA_HOME:=/usr}
- else
-    echo "ERROR: JAVA_HOME Directory does not exist: ${JAVA_HOME:=/usr}" >&2
-    exit 1
- fi
-
  function get_config {
     # Key to lookup (escape . for regex lookup)
     local KEY=${1:?"No key provided to look up value"}
     # Passed default value
     local DEFAULT="${2:-}"
     # Lookup key, strip spaces, replace idp.home with IDP_HOME value
     local RESULT=$(sed -rn '/^'"${KEY//./\\.}"'\s*=/ { s|^[^=]*=(.*)\s*$|\1|; s|%\{idp\.home\}|'"${IDP_HOME}"'|g; p}' ${IDP_HOME}/conf/idp.properties)
+    if [ -z "$RESULT" ]
+    then
+       local RESULT=$(sed -rn '/^'"${KEY//./\\.}"'\s*=/ { s|^[^=]*=(.*)\s*$|\1|; s|%\{idp\.home\}|'"${IDP_HOME}"'|g; p}' ${IDP_HOME}/credentials/secrets.properties)
+    fi
     # Set if no result with default - exit if no default
     echo ${RESULT:-${DEFAULT:?"No value in config and no default defined for: '${KEY}'"}}
  }
@@ -48,12 +43,19 @@ then
  sync_hosts=$(get_config idp.sealer._sync_hosts ${HOSTNAME})
 
  # Run the keygen utility
- ${0%/*}/runclass.sh net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategyTool \
-    --storefile "${storefile}" \
-    --storepass "${storepass}" \
-    --versionfile "${versionfile}" \
-    --alias "${alias}" \
-    --count "${count}"
+ ${0%/*}/seckeygen.sh \
+     --storefile "${storefile}" \
+     --storepass "${storepass}" \
+     --versionfile "${versionfile}" \
+     --alias "${alias}" \
+     --count "${count}"
+
+# ${0%/*}/runclass.sh net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategyTool \
+#    --storefile "${storefile}" \
+#    --storepass "${storepass}" \
+#    --versionfile "${versionfile}" \
+#    --alias "${alias}" \
+#    --count "${count}"
 
  # Display current version
  echo "INFO: $(tac "${versionfile}" | tr "\n" " ")" >&2
@@ -73,3 +75,4 @@ then
  done
 
 fi
+

test-compose/data/Dockerfile

@@ -1,19 +1,24 @@
-FROM centos:centos7
+FROM rockylinux:8.9
 
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
 
 # Set UTC Timezone & Networking
 RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime \
     && echo "NETWORKING=yes" > /etc/sysconfig/network
 
-# Install base deps
-RUN rm -fr /var/cache/yum/* && yum clean all && yum -y update && yum -y install --setopt=tsflags=nodocs epel-release && \
-    yum -y install 389-ds-base 389-admin 389-adminutil net-tools wget curl tar unzip mlocate logrotate strace telnet man unzip vim wget rsyslog cronie krb5-workstation openssl-devel wget supervisor && \
-    yum -y clean all && \
-    mkdir -p /opt/tier && \
-# Install Trusted Certificates
-    update-ca-trust force-enable
-
+RUN dnf module enable -y php:7.4
+RUN yum install -y epel-release \
+    && yum update -y \
+    && yum install -y phpldapadmin mod_ssl net-tools wget epel-release yum-utils php php-common php-opcache php-cli php-gd mod_php php-pgsql php-curl php-zip php-mbstring \
+    && yum clean all \
+    && rm -rf /var/cache/yum
+RUN yum module enable -y 389-ds:1.4
+RUN yum install -y 389-ds-base 389-ds-base-devel 389-ds-base-legacy-tools
+RUN yum install --allowerasing -y curl-full libcurl-full
+RUN rpm -Uvh https://rpms.remirepo.net/enterprise/remi-release-8.9.rpm
+RUN yum --enablerepo=remi,remi-test  install -y phpMyAdmin
+RUN yum install -y php71-php-mcrypt
+
 COPY container_files/seed-data/ /seed-data/
 
 RUN useradd ldapadmin \
@@ -25,17 +30,23 @@ RUN useradd ldapadmin \
     # Do not restart at the end \
     && sed -i '/if (@errs = startServer($inf))/,/}/d' /usr/lib64/dirsrv/perl/* \
     && setup-ds.pl --silent --file /seed-data/ds-setup.inf \
-    && /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-dir \ 
+    && /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-dir \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
-    ldapadd -H ldap:/// -f /seed-data/users.ldif -x -D "cn=Directory Manager" -w password
+    ldapadd -H ldap:/// -f /seed-data/data.ldif -x -D "cn=Directory Manager" -w password \
+    && ldapmodify -H ldap:/// -f /seed-data/edumember-obj.ldif -x -D "cn=Directory Manager" -w password \
+    && ldapmodify -H ldap:/// -f /seed-data/ldappublickey-obj.ldif -x -D "cn=Directory Manager" -w password \
+    && ldapmodify -H ldap:/// -f /seed-data/voperson-obj.ldif -x -D "cn=Directory Manager" -w password \
+    && ldapmodify -H ldap:/// -f /seed-data/voposixaccount-obj.ldif -x -D "cn=Directory Manager" -w password \
+    && ldapadd -c -H ldap:/// -f /seed-data/users.ldif -x -D "cn=Directory Manager" -w password
 
-RUN (/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-dir &) \
-    && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done;
+RUN openssl req -new -nodes -newkey rsa:2048 -subj "/commonName=localhost.localdomain" -batch -keyout /etc/pki/tls/private/localhost.key -out localhost.csr
+RUN openssl x509 -req -days 1825 -in localhost.csr -signkey /etc/pki/tls/private/localhost.key -out /etc/pki/tls/certs/localhost.crt
+RUN mkdir -p /run/php-fpm/
 
 EXPOSE 389
 
 HEALTHCHECK --interval=1m --timeout=10s \
   CMD cat < /dev/null > /dev/tcp/127.0.0.1/389 || exit 1
 
-CMD /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-dir && tail -F /var/log/dirsrv/slapd-dir/errors
+CMD rm -rf /var/lock/dirsrv/slapd-dir/server/* && /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-dir && php-fpm -D && httpd -DFOREGROUND && sleep infinity
 

test-compose/data/container_files/seed-data/data.ldif

@@ -0,0 +1,69 @@
+dn: cn=admin,dc=internet2,dc=edu
+objectClass: simpleSecurityObject
+objectClass: organizationalRole
+cn: admin
+userPassword: password
+description: LDAP administrator
+
+dn: uid=banderson,ou=People,dc=internet2,dc=edu
+objectClass: eduPerson
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+cn: Bob Anderson
+sn: Anderson
+givenName: Bob
+userPassword: password
+description: LDAP administrator
+
+dn: ou=Affiliations,ou=Groups,dc=internet2,dc=edu
+objectClass: top
+objectClass: organizationalUnit
+ou: Affiliations
+
+dn: ou=Courses,ou=Groups,dc=internet2,dc=edu
+objectClass: top
+objectClass: organizationalUnit
+ou: Courses
+
+dn: ou=midpoint,ou=Groups,dc=internet2,dc=edu
+objectClass: top
+objectClass: organizationalUnit
+ou: midpoint
+
+dn: ou=Generic,ou=Groups,dc=internet2,dc=edu
+objectClass: top
+objectClass: organizationalUnit
+ou: Generic
+
+dn: cn=users,ou=Groups,dc=internet2,dc=edu
+objectClass: groupOfUniqueNames
+objectClass: top
+uniqueMember: uid=banderson,ou=People,dc=internet2,dc=edu
+cn: users
+
+dn: cn=sysadmingroup,ou=midpoint,ou=Groups,dc=internet2,dc=edu
+objectClass: groupOfUniqueNames
+objectClass: top
+uniqueMember: uid=banderson,ou=People,dc=internet2,dc=edu
+cn: sysadmingroup
+
+dn: ou=Guests,dc=internet2,dc=edu
+objectClass: top
+objectClass: organizationalUnit
+ou: Guests
+
+dn: uid=aguest,ou=Guests,dc=internet2,dc=edu
+objectClass: eduPerson
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+cn: Andy Guest
+sn: Aguest
+mail: andyaguestcspuser@workbench.incommon.org
+givenName: Andy
+userPassword: password
+description: A guest user
+

test-compose/data/container_files/seed-data/ds-setup.inf

@@ -16,7 +16,7 @@ ServerIpAddress = 0.0.0.0
 SysUser = nobody
 
 [slapd]
-AddOrgEntries = Yes
+AddOrgEntries = No
 AddSampleEntries = No
 InstallLdifFile = suggest
 RootDN = cn=Directory Manager

test-compose/data/container_files/seed-data/edumember-obj.ldif

@@ -0,0 +1,30 @@
+#
+# eduMember Objectclass
+#
+#
+# "eduMember" attributes
+#
+dn: cn=schema
+changetype: modify
+#
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.5923.1.5.1.1 
+ NAME 'isMemberOf' 
+ DESC 'identifiers for groups to which containing entity belongs' 
+ EQUALITY caseExactMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+attributeTypes: ( 1.3.6.1.4.1.5923.1.5.1.2 
+ NAME 'hasMember' 
+ DESC 'identifiers for entities that are members of the group' 
+ EQUALITY caseExactMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+-
+#
+add: objectclasses
+objectClasses: ( 1.3.6.1.4.1.5923.1.5.2 NAME 'eduMember' 
+ AUXILIARY 
+ MAY ( isMemberOf $ hasMember ) 
+ )
+#
+# end of LDIF
+#

test-compose/data/container_files/seed-data/ldappublickey-obj.ldif

@@ -0,0 +1,29 @@
+#
+# ldapPublicKey Objectclass
+#
+#
+# ldapPublicKey attribute
+#
+dn: cn=schema
+changetype: modify
+#
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 
+ NAME 'sshPublicKey' 
+ DESC 'MANDATORY: OpenSSH Public key' 
+ EQUALITY octetStringMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+-
+#
+add: objectclasses
+objectClasses: ( 1.3.6.1.4.1.24552.500.1.1.2.0 
+ NAME 'ldapPublicKey' 
+ DESC 'MANDATORY: OpenSSH LPK objectclass' 
+ SUP top 
+ AUXILIARY 
+ MUST ( sshPublicKey $ uid ) 
+ )
+#
+# end of LDIF
+#
+

test-compose/data/container_files/seed-data/users.ldif

@@ -1,10 +1,3 @@
-dn: cn=admin,dc=internet2,dc=edu
-objectClass: simpleSecurityObject
-objectClass: organizationalRole
-cn: admin
-userPassword: password
-description: LDAP administrator
-
 dn: uid=jsmith,ou=People,dc=internet2,dc=edu
 objectClass: organizationalPerson
 objectClass: person
@@ -16,29 +9,6 @@ sn: Smith
 cn: John Smith
 userPassword: password
 
-dn: uid=banderson,ou=People,dc=internet2,dc=edu
-objectClass: organizationalPerson
-objectClass: person
-objectClass: top
-objectClass: inetOrgPerson
-givenName: Bob
-uid: banderson
-sn: Anderson
-cn: Bob Anderson
-userPassword: password
-
-dn: cn=users,ou=Groups,dc=internet2,dc=edu
-objectClass: groupOfUniqueNames
-objectClass: top
-uniqueMember: uid=banderson,ou=People,dc=internet2,dc=edu
-uniqueMember: uid=jsmith,ou=People,dc=internet2,dc=edu
-cn: users
-
-
-
-
-
-
 dn: uid=kwhite,ou=People,dc=internet2,dc=edu
 objectClass: organizationalPerson
 objectClass: person

test-compose/data/container_files/seed-data/voperson-obj.ldif

@@ -0,0 +1,113 @@
+#
+# voPerson Objectclass
+#
+#
+# "voPerson" attributes
+#
+objectIdentifier: voPersonRoot 1.3.6.1.4.1.25178.4
+objectIdentifier: voPersonObjectClass voPersonRoot:1
+dn: cn=schema
+changetype: modify
+#
+add: attributetypes
+attributeTypes: ( voPersonObjectClass:10 
+ NAME 'voPersonAffiliation' 
+ DESC 'voPerson Affiliation Within Local Scope' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:13 
+ NAME 'voPersonApplicationPassword' 
+ DESC 'voPerson Application-Specific Password' 
+ EQUALITY octetStringMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) 
+attributeTypes: ( voPersonObjectClass:1 
+ NAME 'voPersonApplicationUID' 
+ DESC 'voPerson Application-Specific User Identifier' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:2 
+ NAME 'voPersonAuthorName' 
+ DESC 'voPerson Author Name' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:3 
+ NAME 'voPersonCertificateDN' 
+ DESC 'voPerson Certificate Distinguished Name' 
+ EQUALITY distinguishedNameMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 
+attributeTypes: ( voPersonObjectClass:4 
+ NAME 'voPersonCertificateIssuerDN' 
+ DESC 'voPerson Certificate Issuer DN' 
+ EQUALITY distinguishedNameMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 
+attributeTypes: ( voPersonObjectClass:11 
+ NAME 'voPersonExternalAffiliation' 
+ DESC 'voPerson Scoped External Affiliation' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:5 
+ NAME 'voPersonExternalID' 
+ DESC 'voPerson Scoped External Identifier' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:6 
+ NAME 'voPersonID' 
+ DESC 'voPerson Unique Identifier' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:7 
+ NAME 'voPersonPolicyAgreement' 
+ DESC 'voPerson Policy Agreement Indicator' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:12 
+ NAME 'voPersonScopedAffiliation' 
+ DESC 'voPerson Affiliation With Explicit Local Scope' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:8 
+ NAME 'voPersonSoRID' 
+ DESC 'voPerson External Identifier' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:9 
+ NAME 'voPersonStatus' 
+ DESC 'voPerson Status' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:15 
+ NAME 'voPersonToken' 
+ DESC 'voPerson Token' 
+ EQUALITY caseExactMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPersonObjectClass:14 
+ NAME 'voPersonVerifiedEmail' 
+ DESC 'voPerson Verified Email Address' 
+ EQUALITY caseIgnoreMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+-
+#
+add: objectclasses
+objectClasses: ( voPersonObjectClass 
+ NAME 'voPerson' 
+ AUXILIARY 
+ MAY ( voPersonAffiliation $ 
+  voPersonApplicationPassword $ 
+  voPersonApplicationUID $ 
+  voPersonAuthorName $ 
+  voPersonCertificateDN $ 
+  voPersonCertificateIssuerDN $ 
+  voPersonExternalAffiliation $ 
+  voPersonExternalID $ 
+  voPersonID $ 
+  voPersonPolicyAgreement $ 
+  voPersonScopedAffiliation $ 
+  voPersonSoRID $ 
+  voPersonStatus $ 
+  voPersonToken $ 
+  voPersonVerifiedEmail ) 
+ )
+#
+# end of LDIF
+#
+

test-compose/data/container_files/seed-data/voposixaccount-obj.ldif

@@ -0,0 +1,63 @@
+#
+# voPosixAccount Objectclass
+#
+#
+# "voPosixAccount" attributes
+#
+objectIdentifier: voPersonRoot 1.3.6.1.4.1.25178.4
+objectIdentifier: voPosixAccountObjectClass voPersonRoot:2
+objectIdentifier: voPosixGroupObjectClass voPersonRoot:3
+dn: cn=schema
+changetype: modify
+#
+add: attributetypes
+attributeTypes: ( voPosixAccountObjectClass:1 
+ NAME 'voPosixAccountGecos' 
+ DESC 'voPerson domain specific GECOS field' 
+ EQUALITY caseIgnoreMatch 
+ SUBSTR caseIgnoreSubstringsMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPosixAccountObjectClass:2 
+ NAME 'voPosixAccountGidNumber' 
+ DESC 'voPerson domain specific primary group identifier' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) 
+attributeTypes: ( voPosixAccountObjectClass:3 
+ NAME 'voPosixAccountHomeDirectory' 
+ DESC 'voPerson domain specific absolute path to the home directory' 
+ EQUALITY caseExactMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPosixAccountObjectClass:4 
+ NAME 'voPosixAccountLoginShell' 
+ DESC 'voPerson domain specific path to the login shell' 
+ EQUALITY caseExactMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
+attributeTypes: ( voPosixAccountObjectClass:5 
+ NAME 'voPosixAccountUidNumber' 
+ DESC 'voPerson domain specific unique user identifier' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) 
+-
+#
+add: objectclasses
+objectClasses: ( voPosixAccountObjectClass 
+ NAME 'voPosixAccount' 
+ AUXILIARY 
+ MUST ( cn $ 
+  uid $ 
+  voPosixAccountUidNumber $ 
+  voPosixAccountGidNumber $ 
+  voPosixAccountHomeDirectory ) 
+ MAY ( voPosixAccountLoginShell $ 
+  voPosixAccountGecos ) 
+ )
+objectClasses: ( voPosixGroupObjectClass 
+ NAME 'voPosixGroup' 
+ AUXILIARY 
+ MUST ( cn $ voPosixAccountGidNumber ) 
+ MAY ( memberUid ) 
+ )
+#
+# end of LDIF
+#
+

test-compose/sp/Dockerfile

@@ -1,12 +1,12 @@
-FROM tier/shibboleth_sp:latest
+FROM i2incommon/shibboleth_sp:3.4.1_05152024_rocky9_multiarch
 
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
       Vendor="TIER" \
       ImageType="Shibboleth SP" \
       ImageName=$imagename \
       ImageOS=centos7
 
-RUN yum -y update; yum -y install php
+RUN dnf -y update; dnf -y install php
 
 ADD container_files/shibboleth2.xml /etc/shibboleth/
 ADD container_files/idp-metadata.xml /etc/shibboleth/
@@ -26,6 +26,9 @@ COPY container_files/sp-encrypt-cert.pem /etc/shibboleth/
 
 HEALTHCHECK --interval=1m --timeout=30s \
   CMD curl -k -f https://127.0.0.1:8443/Shibboleth.sso/Status || exit 1
+
+RUN mkdir -p /run/php-fpm/
 
 EXPOSE 8443
 
+CMD php-fpm -D && /usr/local/bin/startup.sh

test-compose/webisoget/Dockerfile

@@ -1,10 +1,10 @@
-FROM rockylinux:8.6
+FROM rockylinux:8.9
 
 RUN yum -y install libtool autoconf automake gcc make libcurl-devel openssl-devel git
 
 RUN cd /; git clone https://github.com/UWIT-IAM/webisoget; cd /webisoget; bash ./boot;./configure --disable-dependency-tracking;make;make install
 
-COPY sptest.login /webisoget
+COPY sptest.login /webisoget/
 
 #ENTRYPOINT ["usr/local/bin/webisoget"]
 CMD ["tail", "-f", "/dev/null"]

tests/fulltest.sh

@@ -18,17 +18,17 @@ rm -f ./lastpage.txt
 #ensure that name resolution is in place
 ping -c 1 sptest.example.edu &>/dev/null
 if [ $? -ne '0' ]; then
-   echo "ERROR: You must set name resolution for the IdP test suite on this host for tests to completei (SP missing)"
-   exit 1
-#  echo "adding hosts record for sp..."
-#  echo '127.0.0.1 sptest.example.edu' | sudo tee -a /etc/hosts
+   #echo "ERROR: You must set name resolution for the IdP test suite on this host for tests to complete (SP missing)"
+   #exit 1
+   echo "adding hosts record for sp..."
+   echo '127.0.0.1 sptest.example.edu' | sudo tee -a /etc/hosts
 fi
 ping -c 1 idp.example.edu &>/dev/null
 if [ $? -ne '0' ]; then
-   echo "ERROR: You must set name resolution for the IdP test suite on this host for tests to completei (IdP missing)"
-   exit 1
-#  echo "adding hosts record for idp..."
-#  echo '127.0.0.1 idp.example.edu' | sudo tee -a /etc/hosts
+   #echo "ERROR: You must set name resolution for the IdP test suite on this host for tests to completei (IdP missing)"
+   #exit 1
+   echo "adding hosts record for idp..."
+   echo '127.0.0.1 idp.example.edu' | sudo tee -a /etc/hosts
 fi
 
 # replace FROM line in IdP Dockerfile to newly-built local image