From f716c74e2a4b47bcfeaaf60698a1a99eae2a5b97 Mon Sep 17 00:00:00 2001
From: Paul Caskey <pcaskey@internet2.edu>
Date: Wed, 4 Dec 2024 11:13:05 -0600
Subject: [PATCH 1/4] update tomcat to 10.1.33

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9b37892..98375f7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,11 +6,11 @@ FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:8.10
 #
 ##tomcat \
 ENV TOMCAT_MAJOR=10 \
-    TOMCAT_VERSION=10.1.30 \
+    TOMCAT_VERSION=10.1.33 \
 ##shib-idp \
     VERSION=5.1.3 \
 ##TIER \
-    TIERVERSION=20240930_rocky8_multiarch \
+    TIERVERSION=20241204_rocky8_multiarch \
 #################### \
 #### OTHER VARS #### \
 #################### \

From 9da1fb420e63dd7f75daa73436e3f58cd69a8988 Mon Sep 17 00:00:00 2001
From: Paul Caskey <pcaskey@internet2.edu>
Date: Mon, 6 Jan 2025 15:57:53 -0600
Subject: [PATCH 2/4] update tomcat to 10.1.34

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 98375f7..ce928a2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,11 +6,11 @@ FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:8.10
 #
 ##tomcat \
 ENV TOMCAT_MAJOR=10 \
-    TOMCAT_VERSION=10.1.33 \
+    TOMCAT_VERSION=10.1.34 \
 ##shib-idp \
     VERSION=5.1.3 \
 ##TIER \
-    TIERVERSION=20241204_rocky8_multiarch \
+    TIERVERSION=20250106_rocky8_multiarch \
 #################### \
 #### OTHER VARS #### \
 #################### \

From 62ab639de8290c9851e8f3d89a65130910d060a7 Mon Sep 17 00:00:00 2001
From: Paul Caskey <pcaskey@internet2.edu>
Date: Tue, 25 Feb 2025 15:57:24 +0000
Subject: [PATCH 3/4] re-base core OS to Rocky 9

---
 .trivyignore |  2 +-
 Dockerfile   | 14 +++++++-------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/.trivyignore b/.trivyignore
index 5567c04..40c91cd 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,3 +1,3 @@
 # Accept the risk
-CVE-2016-1000027
+# CVE-2016-1000027
 
diff --git a/Dockerfile b/Dockerfile
index ce928a2..a5a2e64 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:8.10
+FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:9.5
 
 ########################
 ### VERSION SETTINGS ###
@@ -6,11 +6,11 @@ FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:8.10
 #
 ##tomcat \
 ENV TOMCAT_MAJOR=10 \
-    TOMCAT_VERSION=10.1.34 \
+    TOMCAT_VERSION=10.1.36 \
 ##shib-idp \
     VERSION=5.1.3 \
 ##TIER \
-    TIERVERSION=20250106_rocky8_multiarch \
+    TIERVERSION=20250225_rocky9_multiarch \
 #################### \
 #### OTHER VARS #### \
 #################### \
@@ -51,9 +51,9 @@ RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime \
     && echo "NETWORKING=yes" > /etc/sysconfig/network
 
 # Install base deps
-RUN rm -fr /var/cache/yum/* && yum clean all && yum -y update && yum -y install --setopt=tsflags=nodocs epel-release && \
-    yum -y install net-tools wget curl tar unzip mlocate logrotate strace telnet man unzip vim rsyslog cronie krb5-workstation openssl-devel supervisor fontconfig findutils && \
-    yum -y clean all && \
+RUN rm -fr /var/cache/dnf/* && dnf -y clean all && dnf -y update && dnf -y install --setopt=tsflags=nodocs epel-release && \
+    dnf -y --allowerasing install net-tools wget curl tar unzip mlocate logrotate strace telnet man unzip vim rsyslog cronie krb5-workstation openssl-devel supervisor fontconfig findutils && \
+    dnf -y clean all && \
     mkdir -p /opt/tier && \
 # Install Trusted Certificates
     update-ca-trust force-enable
@@ -73,7 +73,7 @@ RUN update-ca-trust extract
 # Install Corretto Java JDK (from Amazon repo, more arch independent)
 RUN rpm --import https://yum.corretto.aws/corretto.key \
     && curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo \
-    && yum install -y java-17-amazon-corretto-devel
+    && dnf install -y java-17-amazon-corretto-devel
 ENV JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto
 
 # Copy IdP installer properties file(s)

From d44892d79d221d22e1271217308df3e7c2ae7a21 Mon Sep 17 00:00:00 2001
From: Paul Caskey <pcaskey@internet2.edu>
Date: Mon, 17 Mar 2025 14:31:41 -0500
Subject: [PATCH 4/4] bump tomcat to 10.1.39

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a5a2e64..889bbb1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,11 +6,11 @@ FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:9.5
 #
 ##tomcat \
 ENV TOMCAT_MAJOR=10 \
-    TOMCAT_VERSION=10.1.36 \
+    TOMCAT_VERSION=10.1.39 \
 ##shib-idp \
     VERSION=5.1.3 \
 ##TIER \
-    TIERVERSION=20250225_rocky9_multiarch \
+    TIERVERSION=20250317_rocky9_multiarch \
 #################### \
 #### OTHER VARS #### \
 #################### \