diff --git a/Dockerfile b/Dockerfile index 3f8233f..9ab8640 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,7 @@ ENV TOMCAT_MAJOR=10 \ # \ #global \ IMAGENAME=shibboleth_idp \ - MAINTAINER=tier \ + MAINTAINER=i2incommon \ #java \ JAVA_OPTS='-Xmx3000m' \ #tomcat \ @@ -69,6 +69,7 @@ RUN update-ca-trust extract # To keep it commented, keep multiple comments on the following line (to prevent other scripts from processing it). ##### ENV TIER_BEACON_OPT_OUT True + # Install Corretto Java JDK (from Amazon repo, more arch independent) RUN rpm --import https://yum.corretto.aws/corretto.key \ && curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo \ @@ -93,7 +94,8 @@ RUN mkdir -p /tmp/shibboleth && cd /tmp/shibboleth && \ cd /tmp/shibboleth/$SHIB_PREFIX && \ ./bin/install.sh \ --noPrompt true \ - --propertyFile /tmp/idp.installer.properties && \ + --propertyFile /tmp/idp.installer.properties && \ + # Cleanup cd ~ && \ rm -rf /tmp/shibboleth @@ -127,6 +129,7 @@ ADD container_files/tomcat/jakarta.servlet.jsp.jstl-api-2.0.0.jar /usr/local/tom ADD container_files/tomcat/log4j-core-2.18.0.jar /usr/local/tomcat/bin/ ADD container_files/tomcat/log4j-api-2.18.0.jar /usr/local/tomcat/bin/ ADD container_files/tomcat/log4j-jul-2.18.0.jar /usr/local/tomcat/bin/ + RUN cd /usr/local/tomcat/; \ chmod +r bin/log4j-*.jar; ADD container_files/tomcat/log4j2.xml /usr/local/tomcat/conf/ diff --git a/container_files/system/startup.sh b/container_files/system/startup.sh index 7554946..82cc28b 100644 --- a/container_files/system/startup.sh +++ b/container_files/system/startup.sh @@ -60,4 +60,4 @@ sed -i -e '//d' ${IDP_LOG_CFG_FILE} #launch supervisord -/usr/bin/supervisord -c /etc/supervisor/supervisord.conf +exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf diff --git a/container_files/tomcat/jstl-1.2.jar b/container_files/tomcat/jstl-1.2.jar new file mode 100755 index 0000000..0fd275e Binary files /dev/null and b/container_files/tomcat/jstl-1.2.jar differ diff --git a/container_files/tomcat/log4j-api-2.17.2.jar b/container_files/tomcat/log4j-api-2.17.2.jar new file mode 100644 index 0000000..16d9061 Binary files /dev/null and b/container_files/tomcat/log4j-api-2.17.2.jar differ diff --git a/container_files/tomcat/log4j-core-2.17.2.jar b/container_files/tomcat/log4j-core-2.17.2.jar new file mode 100644 index 0000000..0fd0051 Binary files /dev/null and b/container_files/tomcat/log4j-core-2.17.2.jar differ diff --git a/container_files/tomcat/log4j-jul-2.17.2.jar b/container_files/tomcat/log4j-jul-2.17.2.jar new file mode 100644 index 0000000..59b6539 Binary files /dev/null and b/container_files/tomcat/log4j-jul-2.17.2.jar differ diff --git a/test-compose/idp/container_files/config/tomcat/server.xml b/test-compose/idp/container_files/config/tomcat/server.xml index a5b21a9..9b26840 100644 --- a/test-compose/idp/container_files/config/tomcat/server.xml +++ b/test-compose/idp/container_files/config/tomcat/server.xml @@ -29,11 +29,12 @@ - + + diff --git a/test-compose/idp/container_files/credentials/tomcat/idp-default.crt b/test-compose/idp/container_files/credentials/tomcat/idp-default.crt new file mode 100644 index 0000000..c086e61 --- /dev/null +++ b/test-compose/idp/container_files/credentials/tomcat/idp-default.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDczCCAlugAwIBAgIEc3Xh/jANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJV +UzELMAkGA1UECBMCVVMxETAPBgNVBAcTCEFueXdoZXJlMRQwEgYDVQQKEwtFeGFt +cGxlIE9yZzELMAkGA1UECxMCSVQxGDAWBgNVBAMTD2lkcC5leGFtcGxlLm9yZzAe +Fw0xODA2MTMxODE2NTZaFw0yODA2MTAxODE2NTZaMGoxCzAJBgNVBAYTAlVTMQsw +CQYDVQQIEwJVUzERMA8GA1UEBxMIQW55d2hlcmUxFDASBgNVBAoTC0V4YW1wbGUg +T3JnMQswCQYDVQQLEwJJVDEYMBYGA1UEAxMPaWRwLmV4YW1wbGUub3JnMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn29yHNKZZVM2dyA/MP8ItBnJiIHK +Bj4HJA+x/+7d9Uw0VKNYWLBGd6eo48wZNUx/fSkamgsJnJJEcQ9ZB6Kh7Sr5Cv+j +Kn+ttQ/xRBW/TOUInCi/+TE5tpHdqsc5jhvpDvJzyd4AjhWD98BRjnqO7Vdllh0h +XY0eWwnURTC5RTjnTy8x0k8NGl+4/gICWcab10uOS6WziT/BiwWZiAFK+30aOzqv +Qo9MLdP2iRNqhnXh21KCAEw/dm0iMOYa3c460cI5Wpz16BN0hBKJa2eLIsUz1Ei8 +e6d2bfgRsXSVuiwMG7/6kLcbqJSHMnLT2V17IzxpMMg4g2TV69MHAI0WfwIDAQAB +oyEwHzAdBgNVHQ4EFgQUnUHUCeihIylq0vGUhtaZ3radUncwDQYJKoZIhvcNAQEL +BQADggEBAJ47J4Q6Mgqt3TMyiwH0YTcL7KpFOTIX/BdaeG5c/QAuO+ASxxPeUSHd +gy1GymRxrQp/9XXCjGRIVwSsgrZ0IZHhogIZCOTA+j+kri0TtZrhkKy6TCFimd1J +JMmLmrT5uaEPAnL42jvet0rToPqx3gt9AdGbmWf+OyXT8pLMPRKvf6xTQSh1XJZH +CXbNcMzEp7wq3Z3vDQZ498CM7mEb7y+2cF0iCKydHSL0VvqmjDicj2+4J6qKHBFW +4cWkzmVmQTT8MEHYyq/Fif8ElE7PiRow3vhO7WEy7pfhcmrz3DPqRVDLk2AgmYBn +rPigRnfDmz0Cc/zvxbd3UxfRATCNYcU= +-----END CERTIFICATE----- + diff --git a/test-compose/idp/container_files/credentials/tomcat/idp-default.key b/test-compose/idp/container_files/credentials/tomcat/idp-default.key new file mode 100644 index 0000000..cea75aa --- /dev/null +++ b/test-compose/idp/container_files/credentials/tomcat/idp-default.key @@ -0,0 +1,29 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCfb3Ic0pllUzZ3 +ID8w/wi0GcmIgcoGPgckD7H/7t31TDRUo1hYsEZ3p6jjzBk1TH99KRqaCwmckkRx +D1kHoqHtKvkK/6Mqf621D/FEFb9M5QicKL/5MTm2kd2qxzmOG+kO8nPJ3gCOFYP3 +wFGOeo7tV2WWHSFdjR5bCdRFMLlFOOdPLzHSTw0aX7j+AgJZxpvXS45LpbOJP8GL +BZmIAUr7fRo7Oq9Cj0wt0/aJE2qGdeHbUoIATD92bSIw5hrdzjrRwjlanPXoE3SE +EolrZ4sixTPUSLx7p3Zt+BGxdJW6LAwbv/qQtxuolIcyctPZXXsjPGkwyDiDZNXr +0wcAjRZ/AgMBAAECggEAI43/3audZ7o54DEBxpRpRXimt9lxyxiUEReq8086klRv +KxzOO+D7pf1urXY7fOZVW/0JoKarew4nUytACHLdN32o0ioWIgkdHM60WCGdarF8 +zQ5NWW3/19YJn+cTz7wrqhipd7AZYZYsuthZl7N/IjCmR+axJSKuTVEQ1Gk8N9JR +rY8CujwI8RRtVd1NQwFc+mEgjesCvqctoBBRUI5oP5uhwkbF9TLbs0nLZ9Q6EXpi +LTViJA/q+/Qjl2Fi9V9291lMJfXEN5saNiFpYXGQtajEnzO30W7lTMi7IXHrSJpY +BiLiPpGL6Rsk/aV/Cmk9kg7hTKGfW0c4m4U92LRsAQKBgQDMtWUA38K2izrkBKZU +DjoV3QY0smA7V6RZtMuK9p4ntk23fE7SdcdJn6ILCUVl1V/TnFYRYIGbU4z/mBdb +YHwfqtcp69GzQNXc4aJFghB0HGKmbomMZKddDVKZ6YyTZLiLDoMKLyyauuL0unGe +b89CfqVK3KpqKQBkO0TMXibcfwKBgQDHYhf1VdobcJbNisRSGgl8DOgGSmc/KrCC +AHobcc9xtS+kXP8Fa6ymwA4aw8G5RZ21IWiqrsjRk1zb23CXm/d9EjWZygUmAfgb +ymHXJ9bQ1Vk/DDua/SbDHZf24C7VApac+1IOkjRwGflIL555ms5rLA2XlaniPFwA +1kVNbiTGAQKBgQCfhryvcbDLkLTT/MuhtXSOlS/A4UEc/a+WOM5l/MpDKE5oLvc+ +C4rCVSRydUcflKiYv7xSzmIyKWo3xM5u50HTa89BXASPLHd9KljK0hEAax51lK6c +OdQzL66vQtHKCzPFKgn0Zc7cxccX8DOaxIc/ynIFZPFoyYsEkSuMF9MxAQKBgAOW +PS4ZtEnIFb5u36dGdqM3rDjov8DAKNq93XR+8KdwBgJj9eaIEFwTmm1a1jJaEUM/ +7Z0cddpnV0VRRk5D7Qjf+fzhSIRthqQhWO9A9TlejTN4Kd5Y7YiXELPNRqpoWINM +diZy9OSLYxOsX6J6aXo+GaR/ecXrJhCRyj9hWuIBAoGAaOGaWVRmKISH8lf57SEV +fZCuPA1cplMpToHYK/uXdLBZuMkeG89jSLBN8fXx86KfRuUXrBDXgGs5zHF0BS7u +dvOtw+lGj3WhYcWg2D/9mUoiOQ9i9dSxDM/pg6BH65ZrhNlnBnjVrSyN2A4AjfRw +NfRiVLTvQIYmTSq8H+NxFAc= +-----END PRIVATE KEY----- + diff --git a/tests/checkidpver.sh b/tests/checkidpver.sh index d9fea87..ea09da2 100755 --- a/tests/checkidpver.sh +++ b/tests/checkidpver.sh @@ -23,8 +23,8 @@ if [ $? == '0' ]; then if [ $? -ne '0' ]; then docker run -d $1 &>/dev/null launchflag="yes" - echo 'launching container (will take about a minute)...' - sleep 60 + echo 'launching container (will take about 2 minutes)...' + sleep 120 fi #get container ID @@ -34,6 +34,8 @@ if [ $? == '0' ]; then echo "Specified container does not appear to be running... Terminating." echo "" exit 1 + else + echo "Container is running at id: $contid" fi #get version from running status page inside container @@ -47,10 +49,12 @@ if [ -z "$(echo $shibver | xargs)" ]; then echo "Unable to determine version from a running instance... Terminating." echo "" exit 1 +else + echo "Running shibb version is: $shibver" fi #check if that version is available in the 'latest' download area (return is 0 if current, non-zero if not current) -wget -q --spider https://shibboleth.net/downloads/identity-provider/latest/shibboleth-identity-provider-${shibver}.tar.gz +wget --no-check-certificate --spider https://shibboleth.net/downloads/identity-provider/latest/shibboleth-identity-provider-${shibver}.tar.gz if [ $? == '0' ]; then echo "Running IdP version (${shibver}) is current!"