From 7bdfcde00de4bd629a23853d83169b9e594961f0 Mon Sep 17 00:00:00 2001 From: Pavol Mederly Date: Thu, 4 Oct 2018 10:28:21 +0200 Subject: [PATCH 1/8] Fix tests numbering --- demo/postgresql/tests/main.bats | 2 +- demo/shibboleth/tests/main.bats | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/demo/postgresql/tests/main.bats b/demo/postgresql/tests/main.bats index 5d82e6e..a217a63 100755 --- a/demo/postgresql/tests/main.bats +++ b/demo/postgresql/tests/main.bats @@ -12,7 +12,7 @@ load ../../../library wait_for_midpoint_start postgresql_midpoint_server_1 } -@test "010 Check health" { +@test "020 Check health" { check_health } diff --git a/demo/shibboleth/tests/main.bats b/demo/shibboleth/tests/main.bats index 8244ad0..a14db90 100755 --- a/demo/shibboleth/tests/main.bats +++ b/demo/shibboleth/tests/main.bats @@ -63,15 +63,15 @@ load ../../../library env AUTHENTICATION=internal docker-compose up -d } -@test "210 Wait for midPoint to start up" { +@test "220 Wait for midPoint to start up" { wait_for_midpoint_start shibboleth_midpoint_server_1 } -@test "220 Check health" { +@test "230 Check health" { check_health } -@test "230 Check internal login redirection" { +@test "240 Check internal login redirection" { curl -k --write-out %{redirect_url} --silent --output /dev/null https://localhost:8443/midpoint/self/dashboard | grep 'https:\/\/localhost:8443\/midpoint\/login' } From 3644967db33042a6a4a8ba0ee2558aab9f240b5d Mon Sep 17 00:00:00 2001 From: Pavol Mederly Date: Thu, 4 Oct 2018 14:19:47 +0200 Subject: [PATCH 2/8] Update env vars and add volume (demo/complex) --- demo/complex/.env | 4 ---- demo/complex/docker-compose.yml | 6 +++--- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/demo/complex/.env b/demo/complex/.env index d58a3c3..eccc9c9 100644 --- a/demo/complex/.env +++ b/demo/complex/.env @@ -1,6 +1,5 @@ AUTHENTICATION=internal ENV=demo -USERTOKEN= REPO_DATABASE_TYPE=mariadb REPO_JDBC_URL=default REPO_HOST=midpoint_data @@ -9,9 +8,6 @@ REPO_DATABASE=registry REPO_USER=registry_user REPO_MISSING_SCHEMA_ACTION=create REPO_UPGRADEABLE_SCHEMA_ACTION=stop -REPO_PASSWORD_FILE=/run/secrets/mp_database_password.txt -MP_KEYSTORE_PASSWORD_FILE=/run/secrets/mp_keystore_password.txt MP_MEM_MAX=2048m MP_MEM_INIT=1024m -LOGOUT_URL=https://localhost:8443/Shibboleth.sso/Logout SSO_HEADER=uid diff --git a/demo/complex/docker-compose.yml b/demo/complex/docker-compose.yml index aa9b0f9..7080c66 100644 --- a/demo/complex/docker-compose.yml +++ b/demo/complex/docker-compose.yml @@ -148,17 +148,14 @@ services: - REPO_PORT - REPO_DATABASE - REPO_USER - - REPO_PASSWORD_FILE - REPO_MISSING_SCHEMA_ACTION - REPO_UPGRADEABLE_SCHEMA_ACTION - REPO_SCHEMA_VERSION_IF_MISSING - REPO_SCHEMA_VARIANT - - MP_KEYSTORE_PASSWORD_FILE - MP_MEM_MAX - MP_MEM_INIT - MP_JAVA_OPTS - SSO_HEADER - - LOGOUT_URL - TIER_BEACON_OPT_OUT networks: - net @@ -207,6 +204,8 @@ services: - net ports: - 15672:15672 + volumes: + - mq:/var/lib/rabbitmq networks: net: @@ -246,3 +245,4 @@ volumes: midpoint_data: midpoint_mysql: midpoint_home: + mq: From 1863748534a8ad80266d585a56e3cb21834624f2 Mon Sep 17 00:00:00 2001 From: Pavol Mederly Date: Thu, 4 Oct 2018 14:20:00 +0200 Subject: [PATCH 3/8] Update README.md files --- README.md | 8 ++++---- demo/complex/README.md | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index a1813e9..4964c2b 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[![Build Status](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/master/badge/icon)](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/master/) +[![Build Status](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/3.9-SNAPSHOT-stable/badge/icon)](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/3.9-SNAPSHOT-stable/) This repository contains sources for TIER-supported [midPoint](http://midpoint.evolveum.com) image. @@ -13,7 +13,8 @@ The image contains the midPoint application along with some TIER-specific compon - `demo` directory contains a couple of demonstration scenarios: - `simple` to show simple composition of midPoint with the repository, - `shibboleth` to show integration with Shibboleth IdP, - - `postgresql` to show how to change the repository implementation, + - `postgresql` to show how to use alternative dockerized repository, + - `extrepo` to show how to use external repository, - `complex` to demonstrate more complex deployment of midPoint in a sample university environment, featuring midPoint along with Grouper, LDAP directory, RabbitMQ, Shibboleth IdP, source and target systems. # Build instructions @@ -23,7 +24,6 @@ $ ./build.sh You can then continue with one of demo composition, e.g. simple or complex one. # Documentation -- For the `midpoint` image and container themselves please see [Dockerized midPoint](https://spaces.at.internet2.edu/display/MID/Dockerized+midPoint) wiki page. -- For the complex demo please see [midPoint - Grouper integration demo](https://spaces.at.internet2.edu/display/MID/midPoint+-+Grouper+integration+demo) wiki page. +Please see [Dockerized midPoint](https://spaces.at.internet2.edu/display/MID/Dockerized+midPoint) wiki page. This is a work in progress. For its current status please see [Status of the work](https://spaces.at.internet2.edu/display/MID/Status+of+the+work). diff --git a/demo/complex/README.md b/demo/complex/README.md index 7e24d42..9b7f0f6 100644 --- a/demo/complex/README.md +++ b/demo/complex/README.md @@ -6,4 +6,4 @@ $ ../../build.sh $ docker-compose up --build ``` -Please see a detailed description [here](https://spaces.at.internet2.edu/display/MID/midPoint+-+Grouper+integration+demo). +Please see a detailed description [here](https://spaces.at.internet2.edu/display/MID/Complex+midPoint+integration+demo). From 1e5bead2e62f6c9c4466453659854f2e04373c38 Mon Sep 17 00:00:00 2001 From: Pavol Mederly Date: Thu, 4 Oct 2018 14:22:30 +0200 Subject: [PATCH 4/8] Adapt README.md to master branch --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4964c2b..94dddbd 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[![Build Status](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/3.9-SNAPSHOT-stable/badge/icon)](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/3.9-SNAPSHOT-stable/) +[![Build Status](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/master/badge/icon)](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/master/) This repository contains sources for TIER-supported [midPoint](http://midpoint.evolveum.com) image. From a0586bcfcb1b8f116009ad6756e6c85b0a0b4306 Mon Sep 17 00:00:00 2001 From: skublik Date: Thu, 4 Oct 2018 16:38:45 +0000 Subject: [PATCH 5/8] adding test for import courses --- demo/complex/tests/main.bats | 71 ++++++++++++++++--- ...ign-role-grouper-sysadmin-to-test-user.xml | 2 +- library.bash | 37 ++++++++-- 3 files changed, 95 insertions(+), 15 deletions(-) diff --git a/demo/complex/tests/main.bats b/demo/complex/tests/main.bats index 5cd95bb..92b3980 100755 --- a/demo/complex/tests/main.bats +++ b/demo/complex/tests/main.bats @@ -128,21 +128,76 @@ load ../../../library # TODO check assignments etc } -@test "230 Check 'TestUser230' in Midpoint and LDAP" { +@test "230 Import SIS_COURSES" { + if [ -e $BATS_TMPDIR/not-started ]; then skip 'not started'; fi + + add_object tasks midpoint-objects-manual/tasks/task-import-sis-courses.xml + search_and_check_object tasks "Import from SIS courses" + wait_for_task_completion b73a2e66-8233-4c20-928f-acb30027b33e 8 10 + assert_task_success b73a2e66-8233-4c20-928f-acb30027b33e + + search_and_check_object orgs course_ACCT101 + search_and_check_object orgs course_ACCT201 + search_and_check_object orgs course_CS251 + search_and_check_object orgs course_CS252 + search_and_check_object orgs course_MATH100 + search_and_check_object orgs course_MATH101 + search_and_check_object orgs course_SCI123 + search_and_check_object orgs course_SCI404 + + check_ldap_courses_by_name course_ACCT101 complex_directory_1 + check_ldap_courses_by_name course_ACCT201 complex_directory_1 + check_ldap_courses_by_name course_CS251 complex_directory_1 + check_ldap_courses_by_name course_CS252 complex_directory_1 + check_ldap_courses_by_name course_MATH100 complex_directory_1 + check_ldap_courses_by_name course_MATH101 complex_directory_1 + check_ldap_courses_by_name course_SCI123 complex_directory_1 + check_ldap_courses_by_name course_SCI404 complex_directory_1 + + check_of_ldap_membership amorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "ACCT101" complex_directory_1 + check_of_ldap_membership cmorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "ACCT101" complex_directory_1 + check_of_ldap_membership mroberts "ou=courses,ou=groups,dc=internet2,dc=edu" "ACCT101" complex_directory_1 + check_of_ldap_membership whenderson "ou=courses,ou=groups,dc=internet2,dc=edu" "ACCT101" complex_directory_1 + + check_of_ldap_membership amorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "CS251" complex_directory_1 + check_of_ldap_membership cmorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "CS251" complex_directory_1 + check_of_ldap_membership ddavis "ou=courses,ou=groups,dc=internet2,dc=edu" "CS251" complex_directory_1 + check_of_ldap_membership mroberts "ou=courses,ou=groups,dc=internet2,dc=edu" "CS251" complex_directory_1 + + check_of_ldap_membership kwhite "ou=courses,ou=groups,dc=internet2,dc=edu" "CS252" complex_directory_1 + + check_of_ldap_membership danderson "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH100" complex_directory_1 + check_of_ldap_membership ddavis "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH100" complex_directory_1 + check_of_ldap_membership kwhite "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH100" complex_directory_1 + check_of_ldap_membership wprice "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH100" complex_directory_1 + + check_of_ldap_membership amorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH101" complex_directory_1 + check_of_ldap_membership cmorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH101" complex_directory_1 + check_of_ldap_membership mroberts "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH101" complex_directory_1 + + check_of_ldap_membership danderson "ou=courses,ou=groups,dc=internet2,dc=edu" "SCI123" complex_directory_1 + check_of_ldap_membership mroberts "ou=courses,ou=groups,dc=internet2,dc=edu" "SCI123" complex_directory_1 + + check_of_ldap_membership kwhite "ou=courses,ou=groups,dc=internet2,dc=edu" "SCI404" complex_directory_1 + check_of_ldap_membership wprice "ou=courses,ou=groups,dc=internet2,dc=edu" "SCI404" complex_directory_1 +} + + +@test "240 Check 'TestUser240' in Midpoint and LDAP" { if [ -e $BATS_TMPDIR/not-started ]; then skip 'not started'; fi check_health - echo "TestUser230Test User230TestUser230password" >/tmp/testuser230.xml - add_object users /tmp/testuser230.xml - rm /tmp/testuser230.xml - search_and_check_object users TestUser230 + echo "TestUser240Test User240TestUser240password" >/tmp/testuser240.xml + add_object users /tmp/testuser240.xml + rm /tmp/testuser240.xml + search_and_check_object users TestUser240 execute_bulk_action tests/resources/bulk-action/recompute-role-grouper-sysadmin.xml complex_midpoint_server_1 execute_bulk_action tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml complex_midpoint_server_1 - check_ldap_account_by_user_name TestUser230 complex_directory_1 - check_of_ldap_membership TestUser230 sysadmingroup complex_directory_1 + check_ldap_account_by_user_name TestUser240 complex_directory_1 + check_of_ldap_membership TestUser240 "ou=groups,dc=internet2,dc=edu" "sysadmingroup" complex_directory_1 - delete_object_by_name users TestUser230 + delete_object_by_name users TestUser240 } diff --git a/demo/complex/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml b/demo/complex/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml index c2736da..0cb1a6b 100644 --- a/demo/complex/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml +++ b/demo/complex/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml @@ -8,7 +8,7 @@ c:name - TestUser230 + TestUser240 diff --git a/library.bash b/library.bash index eae9fb2..450bb7b 100644 --- a/library.bash +++ b/library.bash @@ -12,7 +12,7 @@ function generic_wait_for_log () { FAILURE="$4" ADDITIONAL_CONTAINER_NAME=$5 ATTEMPT=0 - MAX_ATTEMPTS=40 + MAX_ATTEMPTS=20 DELAY=10 until [[ $ATTEMPT = $MAX_ATTEMPTS ]]; do @@ -340,7 +340,7 @@ function search_ldap_object_by_filter () { local LDAP_CONTAINER=$3 TMPFILE=$(mktemp /tmp/ldapsearch.XXXXXX) - docker exec $LDAP_CONTAINER ldapsearch -h localhost -p 389 -D "cn=Directory Manager" -w password -b "$BASE_CONTEXT_FOR_SEARCH" "($FILTER)" >$TMPFILE || (rm $TMPFILE ; return 1) + docker exec $LDAP_CONTAINER ldapsearch -h localhost -p 389 -D "cn=Directory Manager" -w password -b "$BASE_CONTEXT_FOR_SEARCH" "($FILTER)" >$TMPFILE || (echo "Couldn't search $FILTER:" ;m $TMPFILE ; return 1) LDAPSEARCH_RESULT_FILE=$TMPFILE return 0 } @@ -370,15 +370,40 @@ function check_ldap_account_by_user_name () { return 1 } +function check_ldap_courses_by_name () { + local NAME="$1" + local LDAP_CONTAINER=$2 + search_objects_by_name orgs $NAME + + local MP_ORG_IDENTIFIER=$(xmllint --xpath "/*/*/*[local-name()='identifier']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user identifier from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; return 1) + + search_ldap_object_by_filter "ou=courses,ou=groups,dc=internet2,dc=edu" "cn=$MP_ORG_IDENTIFIER" $LDAP_CONTAINER + + local LDAP_CN=$(grep -oP "cn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user cn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1) + + rm $SEARCH_RESULT_FILE + rm $LDAPSEARCH_RESULT_FILE + + if [[ $MP_ORG_IDENTIFIER = $LDAP_CN ]]; then + return 0 + fi + + echo "Orgs $NAME in Midpoint and LDAP Group(Course) with cn $MP_ORG_IDENTIFIER are not same" + return 1 +} + + function check_of_ldap_membership () { local NAME_OF_USER="$1" - local NAME_OF_GROUP="$2" - local LDAP_CONTAINER=$3 + local BASE_CONTEXT_FOR_GROUP="$2" + #path to curent group from ou=group + local NAME_OF_GROUP="$3" + local LDAP_CONTAINER=$4 search_ldap_object_by_filter "ou=people,dc=internet2,dc=edu" "uid=$NAME_OF_USER" $LDAP_CONTAINER local LDAP_ACCOUNT_DN=$(grep -oP "dn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user dn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1) - search_ldap_object_by_filter "ou=groups,dc=internet2,dc=edu" "cn=$NAME_OF_GROUP" $LDAP_CONTAINER + search_ldap_object_by_filter "$BASE_CONTEXT_FOR_GROUP" "cn=$NAME_OF_GROUP" $LDAP_CONTAINER local LDAP_MEMBERS_DNS=$(grep -oP "uniqueMember: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user uniqueMember from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1) @@ -388,6 +413,6 @@ function check_of_ldap_membership () { return 0 fi - echo "LDAP Account with uid $NAME_OF_USER is not member of LDAP Group $NAME_OF_GROUP" + echo "LDAP Account with uid $NAME_OF_USER is not member of LDAP Group $NAME_OF_GROUP in base context $BASE_CONTEXT_FOR_GROUP" return 1 } From 200febcc28753ac68c077d74dbd0fe2526cdd637 Mon Sep 17 00:00:00 2001 From: skublik Date: Fri, 5 Oct 2018 08:43:46 +0000 Subject: [PATCH 6/8] removing mistake with rm --- library.bash | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library.bash b/library.bash index 450bb7b..258f2c6 100644 --- a/library.bash +++ b/library.bash @@ -340,7 +340,7 @@ function search_ldap_object_by_filter () { local LDAP_CONTAINER=$3 TMPFILE=$(mktemp /tmp/ldapsearch.XXXXXX) - docker exec $LDAP_CONTAINER ldapsearch -h localhost -p 389 -D "cn=Directory Manager" -w password -b "$BASE_CONTEXT_FOR_SEARCH" "($FILTER)" >$TMPFILE || (echo "Couldn't search $FILTER:" ;m $TMPFILE ; return 1) + docker exec $LDAP_CONTAINER ldapsearch -h localhost -p 389 -D "cn=Directory Manager" -w password -b "$BASE_CONTEXT_FOR_SEARCH" "($FILTER)" >$TMPFILE || (echo "Couldn't search $FILTER:" ;rm $TMPFILE ; return 1) LDAPSEARCH_RESULT_FILE=$TMPFILE return 0 } @@ -396,7 +396,6 @@ function check_ldap_courses_by_name () { function check_of_ldap_membership () { local NAME_OF_USER="$1" local BASE_CONTEXT_FOR_GROUP="$2" - #path to curent group from ou=group local NAME_OF_GROUP="$3" local LDAP_CONTAINER=$4 search_ldap_object_by_filter "ou=people,dc=internet2,dc=edu" "uid=$NAME_OF_USER" $LDAP_CONTAINER From f622edc242b35ec450c71caf6b7c32a7799dca64 Mon Sep 17 00:00:00 2001 From: Pavol Mederly Date: Fri, 5 Oct 2018 12:04:48 +0200 Subject: [PATCH 7/8] Re-enable demo/complex tests --- Jenkinsfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index dac92f0..c9c7ec1 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -58,10 +58,7 @@ pipeline { sh '(cd demo/simple ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' sh '(cd demo/postgresql ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' - - // temporarily disabled - //sh '(cd demo/complex ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' - // sh 'echo Test output ; cat debug' + sh '(cd demo/complex ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' } catch (error) { def error_details = readFile('./debug') def message = "BUILD ERROR: There was a problem testing ${imagename}:${tag}. \n\n ${error_details}" From e7679b6dde7d85daf758f3fc6b4675f9f862b14b Mon Sep 17 00:00:00 2001 From: Pavol Mederly Date: Fri, 5 Oct 2018 12:57:58 +0200 Subject: [PATCH 8/8] Add TIMEZONE parameter --- Dockerfile | 2 ++ container_files/usr-local-bin/setup-timezone.sh | 13 +++++++++++++ container_files/usr-local-bin/start-midpoint.sh | 1 - container_files/usr-local-bin/startup.sh | 2 ++ demo/complex/.env | 1 + demo/complex/docker-compose.yml | 1 + demo/extrepo/.env | 1 + demo/extrepo/docker-compose.yml | 1 + demo/postgresql/.env | 1 + demo/postgresql/docker-compose.yml | 1 + demo/shibboleth/.env | 2 ++ demo/shibboleth/docker-compose.yml | 1 + demo/simple/.env | 1 + demo/simple/docker-compose.yml | 1 + 14 files changed, 28 insertions(+), 1 deletion(-) create mode 100755 container_files/usr-local-bin/setup-timezone.sh diff --git a/Dockerfile b/Dockerfile index aceaac1..f1476a5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,6 +29,7 @@ COPY container_files/opt-tier/* /opt/tier/ RUN chmod 755 /opt/tier/setenv.sh \ && chmod 755 /usr/local/bin/sendtierbeacon.sh \ && chmod 755 /usr/local/bin/setup-cron.sh \ + && chmod 755 /usr/local/bin/setup-timezone.sh \ && chmod 755 /usr/local/bin/start-midpoint.sh \ && chmod 755 /usr/local/bin/start-httpd.sh \ && chmod 755 /usr/local/bin/startup.sh \ @@ -93,6 +94,7 @@ ENV LOGOUT_URL https://localhost:8443/Shibboleth.sso/Logout ENV MP_KEYSTORE_PASSWORD_FILE /run/secrets/mp_keystore_password.txt ENV MP_MEM_MAX 2048m ENV MP_MEM_INIT 1024m +ENV TIMEZONE UTC ENV TIER_RELEASE not-released-yet ENV TIER_MAINTAINER tier diff --git a/container_files/usr-local-bin/setup-timezone.sh b/container_files/usr-local-bin/setup-timezone.sh new file mode 100755 index 0000000..b01eb8e --- /dev/null +++ b/container_files/usr-local-bin/setup-timezone.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +if [[ -n $TIMEZONE ]]; then + echo "*** Setting timezone to '$TIMEZONE'" + if [[ -e /usr/share/zoneinfo/$TIMEZONE ]]; then + unlink /etc/localtime + ln -s /usr/share/zoneinfo/$TIMEZONE /etc/localtime + echo "date (UTC) is: $(date -u)" + echo "date (current timezone) is $(date)" + else + echo "Error: time zone '$TIMEZONE' is unknown; not setting it." + fi +fi diff --git a/container_files/usr-local-bin/start-midpoint.sh b/container_files/usr-local-bin/start-midpoint.sh index ddc377b..043f97c 100755 --- a/container_files/usr-local-bin/start-midpoint.sh +++ b/container_files/usr-local-bin/start-midpoint.sh @@ -39,7 +39,6 @@ java -Xmx$MP_MEM_MAX -Xms$MP_MEM_INIT -Dfile.encoding=UTF8 \ -Dmidpoint.keystore.keyStorePassword_FILE=$MP_KEYSTORE_PASSWORD_FILE \ -Dmidpoint.logging.alt.enabled=true \ -Dmidpoint.logging.alt.filename=/tmp/logmidpoint \ - -Dmidpoint.logging.alt.timezone=UTC \ -Dspring.profiles.active="`$MP_DIR/active-spring-profiles`" \ $(if [ "$AUTHENTICATION" = "shibboleth" ]; then echo "-Dauth.logout.url=$LOGOUT_URL -Dauth.sso.header=$SSO_HEADER"; fi) \ -Dserver.tomcat.ajp.enabled=$AJP_ENABLED \ diff --git a/container_files/usr-local-bin/startup.sh b/container_files/usr-local-bin/startup.sh index fe880d0..9f11831 100755 --- a/container_files/usr-local-bin/startup.sh +++ b/container_files/usr-local-bin/startup.sh @@ -4,6 +4,8 @@ export ENV=${ENV//[; ]/_} export USERTOKEN=${USERTOKEN//[; ]/_} +/usr/local/bin/setup-timezone.sh + # this is to be executed at run time, not at build time -- to ensure sufficient variability of execution times /usr/local/bin/setup-cron.sh diff --git a/demo/complex/.env b/demo/complex/.env index eccc9c9..75949b1 100644 --- a/demo/complex/.env +++ b/demo/complex/.env @@ -11,3 +11,4 @@ REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m MP_MEM_INIT=1024m SSO_HEADER=uid +TIMEZONE=UTC diff --git a/demo/complex/docker-compose.yml b/demo/complex/docker-compose.yml index 7080c66..9a1408f 100644 --- a/demo/complex/docker-compose.yml +++ b/demo/complex/docker-compose.yml @@ -157,6 +157,7 @@ services: - MP_JAVA_OPTS - SSO_HEADER - TIER_BEACON_OPT_OUT + - TIMEZONE networks: - net secrets: diff --git a/demo/extrepo/.env b/demo/extrepo/.env index a29d2b2..589cfcf 100644 --- a/demo/extrepo/.env +++ b/demo/extrepo/.env @@ -7,3 +7,4 @@ REPO_MISSING_SCHEMA_ACTION=create REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m MP_MEM_INIT=1024m +TIMEZONE=UTC diff --git a/demo/extrepo/docker-compose.yml b/demo/extrepo/docker-compose.yml index 43c1d5d..ae4ad6a 100644 --- a/demo/extrepo/docker-compose.yml +++ b/demo/extrepo/docker-compose.yml @@ -22,6 +22,7 @@ services: - MP_MEM_INIT - MP_JAVA_OPTS - TIER_BEACON_OPT_OUT + - TIMEZONE networks: - net secrets: diff --git a/demo/postgresql/.env b/demo/postgresql/.env index a92b22a..06d99ad 100644 --- a/demo/postgresql/.env +++ b/demo/postgresql/.env @@ -5,3 +5,4 @@ REPO_MISSING_SCHEMA_ACTION=create REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m MP_MEM_INIT=1024m +TIMEZONE=UTC diff --git a/demo/postgresql/docker-compose.yml b/demo/postgresql/docker-compose.yml index 60879d7..cfb4970 100644 --- a/demo/postgresql/docker-compose.yml +++ b/demo/postgresql/docker-compose.yml @@ -35,6 +35,7 @@ services: - MP_MEM_INIT - MP_JAVA_OPTS - TIER_BEACON_OPT_OUT + - TIMEZONE networks: - net secrets: diff --git a/demo/shibboleth/.env b/demo/shibboleth/.env index 21ec0af..f41f626 100644 --- a/demo/shibboleth/.env +++ b/demo/shibboleth/.env @@ -12,3 +12,5 @@ REPO_MISSING_SCHEMA_ACTION=create REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m MP_MEM_INIT=1024m +TIMEZONE=UTC + diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml index c656fe4..f1acebd 100644 --- a/demo/shibboleth/docker-compose.yml +++ b/demo/shibboleth/docker-compose.yml @@ -36,6 +36,7 @@ services: - MP_MEM_INIT - MP_JAVA_OPTS - TIER_BEACON_OPT_OUT + - TIMEZONE networks: - net secrets: diff --git a/demo/simple/.env b/demo/simple/.env index 2ae3222..c4cb989 100644 --- a/demo/simple/.env +++ b/demo/simple/.env @@ -11,3 +11,4 @@ REPO_MISSING_SCHEMA_ACTION=create REPO_UPGRADEABLE_SCHEMA_ACTION=stop MP_MEM_MAX=2048m MP_MEM_INIT=1024m +TIMEZONE=UTC diff --git a/demo/simple/docker-compose.yml b/demo/simple/docker-compose.yml index 2d1788c..c098dae 100644 --- a/demo/simple/docker-compose.yml +++ b/demo/simple/docker-compose.yml @@ -34,6 +34,7 @@ services: - MP_MEM_INIT - MP_JAVA_OPTS - TIER_BEACON_OPT_OUT + - TIMEZONE networks: - net secrets: