From 5dca4d79e1836d455e7e02f0770d426671532b6c Mon Sep 17 00:00:00 2001
From: Paul Caskey <pcaskey@internet2.edu>
Date: Tue, 26 Aug 2025 12:37:39 +0000
Subject: [PATCH 1/2] update IdP to 5.1.6

---
 Dockerfile                                   | 4 ++--
 container_files/idp/idp.installer.properties | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 2a42c52..0c19e48 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,9 +8,9 @@ FROM --platform=$TARGETPLATFORM rockylinux/rockylinux:9.6
 ENV TOMCAT_MAJOR=10 \
     TOMCAT_VERSION=10.1.44 \
 ##shib-idp \
-    VERSION=5.1.5 \
+    VERSION=5.1.6 \
 ##TIER \
-    TIERVERSION=20250813_rocky9_multiarch \
+    TIERVERSION=20250826_rocky9_multiarch \
 #################### \
 #### OTHER VARS #### \
 #################### \
diff --git a/container_files/idp/idp.installer.properties b/container_files/idp/idp.installer.properties
index 9fceef1..ba7cb46 100644
--- a/container_files/idp/idp.installer.properties
+++ b/container_files/idp/idp.installer.properties
@@ -1,4 +1,4 @@
-idp.src.dir=/tmp/shibboleth/shibboleth-identity-provider-5.1.5
+idp.src.dir=/tmp/shibboleth/shibboleth-identity-provider-5.1.6
 idp.target.dir=/opt/shibboleth-idp
 idp.host.name=idp.example.org
 idp.sealer.password=changeit

From d38277e09077cc0885a49980563c06e22958338f Mon Sep 17 00:00:00 2001
From: Paul Caskey <pcaskey@internet2.edu>
Date: Tue, 26 Aug 2025 14:29:40 +0000
Subject: [PATCH 2/2] increase scan timeout

---
 Jenkinsfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index afb1619..ca3a29d 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -98,9 +98,9 @@ pipeline {
                          echo "Scanning for all vulnerabilities..."
                          sh 'mkdir -p reports'
                          // 2 commented scans below are OS-only, in case timeout issues occur
-                         sh "trivy image --timeout 10m --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan.html ${imagename}_${tag}"
+                         sh "trivy image --timeout 15m --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan.html ${imagename}_${tag}"
                          // sh "trivy image --ignore-unfixed --vuln-type os --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan.html ${imagename}_${tag}"
-                         sh "trivy image --timeout 10m --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan-arm.html ${imagename}_${tag}:arm64"
+                         sh "trivy image --timeout 15m --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan-arm.html ${imagename}_${tag}:arm64"
                          // sh "trivy image --ignore-unfixed --vuln-type os --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan-arm.html ${imagename}_${tag}:arm64"
                          publishHTML target : [
                              allowMissing: true,