FROM alpine:3.7 as bootstrap

ARG version=1.12.0

COPY bootstrapfiles/shibui-${version}.war.sha256sum .

RUN wget https://github.internet2.edu/TIER/shib-idp-ui/releases/download/v${version}/shibui-${version}.war \
    && sha256sum -c shibui-${version}.war.sha256sum && mv shibui-${version}.war shibui.war

FROM centos:7

# beacon env
ENV VERSION=${version} \
    TIERVERSION=20200210 \
    IMAGE=shibboleth_idp_ui \
    MAINTAINER=InCommon

# Install Corretto Java JDK
#Corretto download page: https://docs.aws.amazon.com/corretto/latest/corretto-11-ug/downloads-list.html
ARG CORRETTO_URL_PERM=https://corretto.aws/downloads/latest/amazon-corretto-11-x64-linux-jdk.rpm
ARG CORRETTO_RPM=amazon-corretto-11-x64-linux-jdk.rpm
COPY containerfiles/corretto-signing-key.pub .
RUN curl -O -L $CORRETTO_URL_PERM \
    && rpm --import corretto-signing-key.pub \
    && rpm -K $CORRETTO_RPM \
    && rpm -i $CORRETTO_RPM \
    && rm -r corretto-signing-key.pub $CORRETTO_RPM
ENV JAVA_HOME=/usr/lib/jvm/java-1.11.0-amazon-corretto

RUN yum -q -qy update \
    && yum -qy install --setopt=tsflags=nodocs epel-release \
    && yum -qy install curl cronie supervisor \
    && yum clean all \
    && rm -rf /var/cache/yum

RUN mkdir -p /opt/shibui
COPY --from=bootstrap shibui.war /opt/shibui/

COPY containerfiles/supervisord.conf /etc/supervisor/supervisord.conf
COPY containerfiles/users.txt /opt/shibui

# TIER Beacon Opt-out
# Completely uncomment the following ENV line to prevent the containers from sending analytics information to Internet2.
# With the default/release configuration, it will only send product (Shibb/Grouper/COmanage) and version (3.3.1-17040, etc) 
#   once daily between midnight and 4am.  There is no configuration or private information collected or sent.  
# This data helps with the scalaing and funding of TIER.  Please do not disable it if you find the TIER tools useful.
# To keep it commented, keep multiple comments on the following line (to prevent other scripts from processing it).
#####     ENV TIER_BEACON_OPT_OUT True

WORKDIR /opt/shibui

CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]