Mercurial > public > ssdt-docker

changeset 533:2e67cfae1533 production v2.17.0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
flow: Merged <release> '2.17.0' to <master> ('production').
author Marc Davis <marc.davis@mcoecn.org>
date Thu, 02 May 2024 22:46:24 -0400
parents 6ddfd364a52a (current diff) 9f618d578e10 (diff)
children f1955aafe2d6
files
diffstat 34 files changed, 817 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/java-17/Dockerfile	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,17 @@
+FROM openjdk:17-buster
+
+MAINTAINER Marc Davis <davis@ssdt-ohio.org>
+
+RUN ls && echo "deb http://deb.debian.org/debian buster main contrib" > /etc/apt/sources.list \
+    && echo "deb http://security.debian.org/debian-security/ buster/updates main contrib" >> /etc/apt/sources.list \
+    && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections \
+    && apt-get update \
+    && apt-get install -y ttf-mscorefonts-installer \
+    && apt-get clean \
+    && apt-get autoremove -y \
+    && rm -rf /var/lib/apt/lists/*
+
+ENV TZ=America/New_York
+
+RUN echo $TZ > /etc/timezone \
+    && dpkg-reconfigure --frontend noninteractive tzdata
--- a/java/Dockerfile	Tue Jan 30 10:55:04 2024 -0500
+++ b/java/Dockerfile	Thu May 02 22:46:24 2024 -0400
@@ -1,6 +1,6 @@
 FROM openjdk:8u181-jdk
 
-MAINTAINER Dave Smith <smith@nwoca.org>
+MAINTAINER Marc Davis <davis@ssdt-ohio.org>
 
 RUN echo "deb http://httpredir.debian.org/debian jessie main contrib" > /etc/apt/sources.list \
     && echo "deb http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/anon-inventory.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,28 @@
+#
+# Copyright (c) 2023.  Ohio Department of Education. - All Rights Reserved.
+# Unauthorized copying of this file, in any medium, is strictly prohibited.
+# Written by the State Software Development Team (http://ssdt.oecn.k12.oh.us/)
+#
+#
+
+#!/bin/bash
+
+#!/bin/bash
+#
+BASEDIR="$PWD"
+# read required environment variables
+source $BASEDIR/.env/ssdt-inventory-shared.properties
+source $BASEDIR/.env/ssdt-inventory-import.properties
+#
+# docker login
+echo "Attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
+# docker pull
+echo "Attempting to pull inventory-anon:1.0.0"
+docker pull $artifactUrl/inventory-anon:1.0.0
+#
+dockerParams="--rm --name $entityId-inventory-anonapp --network $entityId-inventory-net"
+dockerParams="$dockerParams -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-inventory-db:5432/invdb -e SPRING_DATASOURCE_PASSWORD=postgres"
+dockerParams="$dockerParams -e SPRING_PROFILES_ACTIVE=prod -i inventory-anon:1.0.0"
+echo "Executing docker run command"
+docker run $dockerParams
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/install-ess-app.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,111 @@
+#!/bin/bash
+#
+# read required env variables
+BASEDIR="$PWD"
+source $BASEDIR/.env/ess-shared.properties
+source $BASEDIR/.env/ess-app.properties
+#
+# docker login
+echo "Attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
+#
+# docker pull app image
+echo "Attempting to pull $artifactUrl/ess-app:$appVersion"
+docker pull $artifactUrl/ess-app:$appVersion
+#
+# Builder docker run command based on settings in env files
+echo "Building docker run command"
+dockerRunCommand="docker run --name $entityId-ess-app
+  --restart=unless-stopped
+  --network $entityId-ess-net
+  -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-ess-db:5432/essdb
+  -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver
+  -e SPRING_DATASOURCE_USERNAME=postgres
+  -e SPRING_DATASOURCE_PASSWORD=$dbPassword
+  -e SPRING_PROFILES_ACTIVE=prod
+  -e APPLICATION_ADMIN_PASSWORD=$adminPassword
+  -e APPLICATION_ADMIN_RESET=$resetAdminPassword
+  -e USPS_CONFIGURATION_HOST=$uspsHost
+  -e USPS_CONFIGURATION_PORT=$uspsPort
+  -e USPS_CONFIGURATION_APIKEY=$uspsApiKey
+  -e USPS_CONFIGURATION_REMOTEAPIKEY=$uspsRemoteApiKey
+  -e WORKFLOWS_CONFIGURATION_HOST=$workflowsHost
+  -e WORKFLOWS_CONFIGURATION_PORT=$workflowsPort
+  -e WORKFLOWS_CONFIGURATION_API_KEY=$workflowsApiKey
+  -e WORKFLOWS_CONFIGURATION_REMOTE_API_KEY=$workflowsRemoteApiKey
+  -e JAVA_OPTS=$java_opts"
+#
+if [ ! -z "$virtualHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost"
+fi
+#
+if [ ! -z "$virtualPort" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort"
+fi
+#
+if [ ! -z "$letsencryptHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost"
+fi
+#
+if [ ! -z "$letsencryptEmail" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail"
+fi
+#
+if [ ! -z "$hostPort" ]; then
+    dockerRunCommand="$dockerRunCommand -p $hostPort"
+fi
+#
+#
+if [ ! -z "$duoEnabled" ]; then
+    echo "Adding Duo Configuration"
+    dockerRunCommand="$dockerRunCommand
+        -e DUO_ENABLED=$duoEnabled
+        -e DUO_CLIENT_ID=$duoClientId
+        -e DUO_CLIENT_SECRET=$duoClientSecret
+        -e DUO_API_HOSTNAME=$duoApiHostname
+        -e DUO_FAIL_OPEN=$duoFailOpen
+        -e DUO_ESS_HOST=$duoEssHost
+        -e DUO_ESS_PORT=$duoEssPort
+        -e DUO_ESS_CONTEXT=$duoEssContext
+        -e DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration"
+fi
+#
+#
+if [ ! -z "$ads_config1_enabled" ]; then
+    echo "Add Window Active Director Configuration 1"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled
+    -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain
+    -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url
+    -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn
+    -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config2_enabled" ]; then
+    echo "Add Window Active Director Configuration 2"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled
+    -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain
+    -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url
+    -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn
+    -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config3_enabled" ]; then
+    echo "Add Window Active Director Configuration 3"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled
+    -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain
+    -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url
+    -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn
+    -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter"
+fi
+#
+#
+dockerRunCommand="$dockerRunCommand -d $artifactUrl/ess-app:$appVersion"
+#
+# Execute constructed docker run command to create $entityId-ess-app container connected to db and docker network
+echo "Executing docker run command"
+$dockerRunCommand
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/install-ess-db.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,26 @@
+#!/bin/bash
+#
+# read required env variables
+BASEDIR="$PWD"
+source $BASEDIR/.env/ess-shared.properties
+source $BASEDIR/.env/ess-db.properties
+#
+# docker login
+echo "attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
+# docker pull db image
+echo "attempting to pull $artifactUrl/ess-db:$dbVersion"
+docker pull $artifactUrl/ess-db:$dbVersion
+#
+# create employee self service specific docker network for $entityId
+echo "attempting to create $entityId-ess-net docker network"
+docker network create $entityId-ess-net
+# docker run ess-db (data mounted as volume) connected to $entityId-ess-net docker network
+echo "attempting to execute docker run command"
+docker run --name $entityId-ess-db \
+           --restart=unless-stopped \
+           --mount source=$entityId-ess-db,target=/var/lib/postgresql/data \
+           --network $entityId-ess-net \
+           -e POSTGRES_DB=essdb \
+           -e POSTGRES_PASSWORD=$dbPassword \
+           -d $artifactUrl/ess-db:$dbVersion
--- a/prod/install-workflows-app.sh	Tue Jan 30 10:55:04 2024 -0500
+++ b/prod/install-workflows-app.sh	Thu May 02 22:46:24 2024 -0400
@@ -41,6 +41,21 @@
     dockerRunCommand="$dockerRunCommand -e USPS_CONFIGURATION_CONTEXT=$uspsContext"
 fi
 #
+# If ESS Host is provided, assuming ESS connection needs configured.
+#
+if [ ! -z "$essHost" ]; then
+    echo "configuring employee self-service environment variables"
+    dockerRunCommand="$dockerRunCommand
+  -e ESS_HOST=$essHost
+  -e ESS_PORT=$essPort
+  -e ESS_API_KEY=$essApiKey
+  -e ESS_REMOTE_API_KEY=$essRemoteApiKey"
+fi
+#
+if [ ! -z "$essContext" ]; then
+    dockerRunCommand="$dockerRunCommand -e ESS_CONTEXT=$essContext"
+fi
+#
 if [ ! -z "$virtualHost" ]; then
     dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost"
 fi
@@ -65,4 +80,4 @@
 #
 # Execute constructed docker run command to create $entityId-workflows-app container connected to db and docker network
 echo "Executing docker run command"
-$dockerRunCommand
\ No newline at end of file
+$dockerRunCommand
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/update-ess-app.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,119 @@
+#!/bin/bash
+#
+# read required env variables
+BASEDIR="$PWD"
+source $BASEDIR/.env/ess-shared.properties
+source $BASEDIR/.env/ess-app.properties
+#
+# docker login
+echo "Attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
+#
+# docker pull app image
+echo "Attempting to pull $artifactUrl/ess-app:$appVersion"
+docker pull $artifactUrl/ess-app:$appVersion
+#
+# docker stop ess app container
+echo "Attempting to stop $entityId-ess-app container"
+docker stop $entityId-ess-app
+#
+# docker rm ess app container
+echo "Attempting to remove $entityId-ess-app container"
+docker rm $entityId-ess-app
+#
+# Builder docker run command based on settings in env files
+echo "Building docker run command"
+dockerRunCommand="docker run --name $entityId-ess-app
+  --restart=unless-stopped
+  --network $entityId-ess-net
+  -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-ess-db:5432/essdb
+  -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver
+  -e SPRING_DATASOURCE_USERNAME=postgres
+  -e SPRING_DATASOURCE_PASSWORD=$dbPassword
+  -e SPRING_PROFILES_ACTIVE=prod
+  -e APPLICATION_ADMIN_PASSWORD=$adminPassword
+  -e APPLICATION_ADMIN_RESET=$resetAdminPassword
+  -e USPS_CONFIGURATION_HOST=$uspsHost
+  -e USPS_CONFIGURATION_PORT=$uspsPort
+  -e USPS_CONFIGURATION_APIKEY=$uspsApiKey
+  -e USPS_CONFIGURATION_REMOTEAPIKEY=$uspsRemoteApiKey
+  -e WORKFLOWS_CONFIGURATION_HOST=$workflowsHost
+  -e WORKFLOWS_CONFIGURATION_PORT=$workflowsPort
+  -e WORKFLOWS_CONFIGURATION_API_KEY=$workflowsApiKey
+  -e WORKFLOWS_CONFIGURATION_REMOTE_API_KEY=$workflowsRemoteApiKey
+  -e JAVA_OPTS=$java_opts"
+#
+if [ ! -z "$virtualHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost"
+fi
+#
+if [ ! -z "$virtualPort" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort"
+fi
+#
+if [ ! -z "$letsencryptHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost"
+fi
+#
+if [ ! -z "$letsencryptEmail" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail"
+fi
+#
+if [ ! -z "$hostPort" ]; then
+    dockerRunCommand="$dockerRunCommand -p $hostPort"
+fi
+#
+#
+if [ ! -z "$duoEnabled" ]; then
+    echo "Adding Duo Configuration"
+    dockerRunCommand="$dockerRunCommand
+        -e DUO_ENABLED=$duoEnabled
+        -e DUO_CLIENT_ID=$duoClientId
+        -e DUO_CLIENT_SECRET=$duoClientSecret
+        -e DUO_API_HOSTNAME=$duoApiHostname
+        -e DUO_FAIL_OPEN=$duoFailOpen
+        -e DUO_ESS_HOST=$duoEssHost
+        -e DUO_ESS_PORT=$duoEssPort
+        -e DUO_ESS_CONTEXT=$duoEssContext
+        -e DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration"
+fi
+#
+#
+if [ ! -z "$ads_config1_enabled" ]; then
+    echo "Add Window Active Director Configuration 1"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled
+    -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain
+    -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url
+    -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn
+    -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config2_enabled" ]; then
+    echo "Add Window Active Director Configuration 2"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled
+    -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain
+    -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url
+    -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn
+    -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config3_enabled" ]; then
+    echo "Add Window Active Director Configuration 3"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled
+    -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain
+    -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url
+    -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn
+    -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter"
+fi
+#
+#
+dockerRunCommand="$dockerRunCommand -d $artifactUrl/ess-app:$appVersion"
+#
+# Execute constructed docker run command to create $entityId-ess-app container connected to db and docker network
+echo "Executing docker run command"
+$dockerRunCommand
--- a/prod/update-workflows-app.sh	Tue Jan 30 10:55:04 2024 -0500
+++ b/prod/update-workflows-app.sh	Thu May 02 22:46:24 2024 -0400
@@ -50,6 +50,20 @@
     dockerRunCommand="$dockerRunCommand -e USPS_CONFIGURATION_CONTEXT=$uspsContext"
 fi
 #
+# If ESS Host is provided, assuming ESS connection needs configured.
+#
+if [ ! -z "$essHost" ]; then
+    echo "configuring employee self-service environment variables"
+    dockerRunCommand="$dockerRunCommand
+  -e ESS_HOST=$essHost
+  -e ESS_PORT=$essPort
+  -e ESS_API_KEY=$essApiKey
+  -e ESS_REMOTE_API_KEY=$essRemoteApiKey"
+fi
+#
+if [ ! -z "$essContext" ]; then
+    dockerRunCommand="$dockerRunCommand -e ESS_CONTEXT=$essContext"
+fi
 if [ ! -z "$virtualHost" ]; then
     dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost"
 fi
@@ -74,4 +88,4 @@
 #
 # Execute constructed docker run command to create $entityId-workflows-app container connected to db and docker network
 echo "Executing docker run command"
-$dockerRunCommand
\ No newline at end of file
+$dockerRunCommand
--- a/scripts/backup-container-docker.sh	Tue Jan 30 10:55:04 2024 -0500
+++ b/scripts/backup-container-docker.sh	Thu May 02 22:46:24 2024 -0400
@@ -58,6 +58,17 @@
    echo "container name is $containerName"
 fi
 
+if [[ "$container" = "essdb" && -f ".env/ess-shared.properties" ]]; then
+   function prop {
+       grep "${1}" .env/ess-shared.properties|cut -d'=' -f2
+   }
+   entityId=$(prop 'entityId' | tr -d '"')
+   containerName="$entityId-ess-db"
+   backupFile=./backup/${entityId}-ess-db.$(date +%Y-%m-%d-%H-%M-%S).backup
+   echo "entityId is $entityId"
+   echo "container name is $containerName"
+fi
+
 if [ ! -z "$containerName" ]; then
    echo "Container is $container"
    if [ "$container" = "invdb" ]; then
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/scripts/backup-document-store.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+projectDir=${1:-$PWD}
+
+cd "$projectDir" || echo "Unable to change to project directory: $projectDir"
+
+function prop {
+  grep "${1}" .env/ssdt-document-store-shared.properties|cut -d'=' -f2
+}
+
+entityId=$(prop 'entityId' | tr -d '"')
+repository="${entityId}_fs_backup"
+certificate=${projectDir}/http_ca.crt
+baseUrl="https://$(prop 'DOCUMENTSTORE_ELASTIC_HOST' | tr -d '"'):$(prop 'DOCUMENTSTORE_ELASTIC_PORT' | tr -d '"')"
+elasticPassword=$(prop 'ELASTIC_PASSWORD' | tr -d '"')
+
+verifyRepository=$(curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X POST "${baseUrl}/_snapshot/${repository}/_verify?pretty")
+
+countMissingException=$(echo "${verifyRepository}" | grep -c "repository_missing_exception")
+
+if [ "$countMissingException" -gt 0 ]; then
+  echo "creating Repository ${repository}"
+    curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X PUT "${baseUrl}/_snapshot/${repository}?pretty" -H 'Content-Type: application/json' -d'
+    {
+        "type": "fs",
+        "settings": {
+            "location": "/usr/share/elasticsearch/backup",
+            "compress": true
+        }
+    }
+    '
+fi
+
+snapshotName="%3C${entityId}-snapshot-%7Bnow%2Fs%7Byyyy.MM.dd-HH.mm.ss%7D%7D%3E"
+
+curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X PUT "${baseUrl}/_snapshot/${repository}/${snapshotName}?pretty"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/scripts/backup-ess.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh"
+
+${SSDT_SCRIPTS}/backup-container-docker.sh essdb ${1}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/scripts/list-document-store-snapshots.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+projectDir=${1:-$PWD}
+detailedView=${2:-false}
+
+cd "$projectDir" || echo "Unable to change to project directory: $projectDir"
+
+function prop {
+  grep "${1}" .env/ssdt-document-store-shared.properties|cut -d'=' -f2
+}
+
+entityId=$(prop 'entityId' | tr -d '"')
+repository="${entityId}_fs_backup"
+certificate=${projectDir}/http_ca.crt
+baseUrl="https://$(prop 'DOCUMENTSTORE_ELASTIC_HOST' | tr -d '"'):$(prop 'DOCUMENTSTORE_ELASTIC_PORT' | tr -d '"')"
+elasticPassword=$(prop 'ELASTIC_PASSWORD' | tr -d '"')
+
+options="pretty&verbose=${detailedView}&index_names=${detailedView}&ignore_unavailable=true"
+
+curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X GET "${baseUrl}/_snapshot/${repository}/_all?${options}"
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/scripts/restore-document-store.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+projectDir=${1:-$PWD}
+snapshot=${2?Must provide snapshot name to restore}
+
+cd "$projectDir" || echo "Unable to change to project directory: $projectDir"
+
+function prop {
+  grep "${1}" .env/ssdt-document-store-shared.properties|cut -d'=' -f2
+}
+
+entityId=$(prop 'entityId' | tr -d '"')
+repository="${entityId}_fs_backup"
+certificate=${projectDir}/http_ca.crt
+baseUrl="https://$(prop 'DOCUMENTSTORE_ELASTIC_HOST' | tr -d '"'):$(prop 'DOCUMENTSTORE_ELASTIC_PORT' | tr -d '"')"
+elasticPassword=$(prop 'ELASTIC_PASSWORD' | tr -d '"')
+
+curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X POST "${baseUrl}/_snapshot/${repository}/${snapshot}/_restore?pretty"
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/scripts/restore-ess.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh"
+
+sourceFile=${1?must provide backup file to be restored}
+
+if [ -z "$1" ]
+then
+  echo "Usage: `basename $0` {backup file to restore}"
+  echo " must specify the name of the file to restore.  Assumed to be in format:"
+  echo "     {entityId}-ess-db.{timestamp}.backup.gz  "
+  exit $E_NOARGS
+fi
+
+function prop {
+   grep "${1}" .env/ess-shared.properties|cut -d'=' -f2
+}
+
+entityId=$(prop 'entityId' | tr -d '"')
+dbContainerName="$entityId-ess-db"
+appContainerName="$entityId-ess-app"
+target="essdb"
+
+echo
+echo "Preparing to restore"
+echo "--------------------"
+echo "   file: $sourceFile"
+echo "   to    $dbContainerName database: $target"
+echo " "
+echo "WARNING:  This operation will DELETE and replace any exising database"
+echo " "
+
+read -e -p "Continue? <y/N> " answer
+case $answer in
+     y | Y | yes | YES ) answer="y";;
+     n | N | no | NO ) answer="n";;
+     *) answer="n"
+esac
+
+if [ "$answer" == "y" ]
+then
+  echo "stopping application service $appContainerName"
+  docker stop $appContainerName
+
+  echo "copy backup file to database container"
+  docker cp ${sourceFile} ${dbContainerName}:/tmp/restore.backup.gz
+
+  echo "starting database restore"
+  docker exec -t -u postgres $dbContainerName sh -c "gunzip -f /tmp/restore.backup.gz -c | psql"
+
+fi
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/testbench-grid-17/Dockerfile	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,13 @@
+FROM openjdk:17
+
+MAINTAINER Catherine Aldrich
+
+ENV TESTBENCHJAR=/testbench-standalone.jar
+
+ADD ./vaadin-testbench-standalone-5.2.0.jar $TESTBENCHJAR
+
+EXPOSE 4444
+
+WORKDIR /
+
+CMD ["java", "-jar", "testbench-standalone.jar", "-role", "hub" ]
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/testbench-grid-17/docker-compose.yml	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,18 @@
+grid:
+#   image: testbench-grid:2.0
+#   image: testbench-grid:2.2
+#   image: testbench-grid:latest
+   image: testbench-grid:3.0
+   ports:
+     - 4444:4444
+node:
+#   image: testbench-node:2.0
+#   image: testbench-node:2.1
+#   image: testbench-node:2.3
+#   image: testbench-node:latest
+   image: testbench-node:3.0
+   links:
+     - grid
+   environment:
+     - HUB_HOST=grid_1
+   
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/testbench-grid-17/starting.txt	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,4 @@
+#Use docker-compose scale to start:  docker-compose scale node=20
+#also need to start the grid: docker-compose up -d grid
+##Use "latest" for old testbench, 2.0 for newest
+##Start grid FIRST and give it time to come up
Binary file testbench-grid-17/vaadin-testbench-standalone-5.2.0.jar has changed
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/testbench-node-17/Dockerfile	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,48 @@
+FROM openjdk:17-buster
+
+MAINTAINER Catherine Aldrich
+
+ENV TESTBENCHJAR=/testbench-standalone.jar
+
+# Install PhantomJS
+RUN mkdir /phantom
+WORKDIR /phantom
+ADD http://files.ssdt.io/phantomjs-2.1.1-linux-x86_64.tar /phantom/phantomjs.tar
+RUN 	tar -xf phantomjs.tar \
+		&& 	mv $(find /phantom -name phantomjs) /bin \
+		&& rm -rf /phantom
+WORKDIR /
+
+RUN apt-get update -y
+
+# Install Chrome browser
+ARG CHROME_84="84.0.4147.30"
+ARG CHROME_85="85.0.4183.83-1"
+ARG CHROME_86="86.0.4240.22-1"
+RUN wget --no-verbose -O /tmp/chrome.deb http://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${CHROME_85}_amd64.deb \
+  && apt install -y /tmp/chrome.deb \
+  && rm /tmp/chrome.deb
+
+## Install Chromium driver
+ADD ./chromedriver_linux64_85.zip .
+RUN unzip chromedriver_linux64_85.zip -d /
+RUN mv -f /chromedriver /usr/local/bin/chromedriver
+RUN chmod 0777 /usr/local/bin/chromedriver
+RUN rm -rf ./chromedriver_linux64_85.zip
+
+# Add TestBench jar
+ADD ./vaadin-testbench-standalone-5.2.0.jar $TESTBENCHJAR
+
+COPY ./docker-entrypoint.sh /
+RUN chmod a+x /docker-entrypoint.sh
+
+RUN apt-get update -y
+
+RUN chmod 0777 /usr/bin/google-chrome
+
+RUN /usr/bin/google-chrome --version
+RUN /usr/local/bin/chromedriver --version
+
+ENTRYPOINT [ "./docker-entrypoint.sh" ]
+
+CMD [ "node" ]
Binary file testbench-node-17/chromedriver_linux64.zip has changed
Binary file testbench-node-17/chromedriver_linux64_85.zip has changed
Binary file testbench-node-17/chromedriver_linux64_86.zip has changed
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/testbench-node-17/docker-entrypoint.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+
+case "$1" in
+
+   node)
+     java -jar testbench-standalone.jar -role node -hub http://$HUB_HOST:4444/grid/register -browser "browserName=chrome"
+   ;;
+
+  *)
+  exec "$@"
+  ;;
+
+esac
+
Binary file testbench-node-17/google-chrome-stable_current_amd64.deb has changed
Binary file testbench-node-17/phantomjs-2.1.1-linux-x86_64.tar has changed
Binary file testbench-node-17/vaadin-testbench-standalone-5.1.2.jar has changed
Binary file testbench-node-17/vaadin-testbench-standalone-5.2.0.jar has changed
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tomcat-17/Dockerfile	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,38 @@
+FROM tomcat:8.5.93-jre17-temurin-jammy
+
+MAINTAINER Marc Davis <davis@ssdt-ohio.org>
+
+RUN apt-get update && apt-get install -y gnupg && apt-get install -y apt-transport-https \
+    && gpg --no-default-keyring --keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg  --export > /etc/apt/trusted.gpg.d/ubuntu-keyring.fixed.gpg \
+    && gpg --no-default-keyring --keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg  --export > /etc/apt/trusted.gpg.d/ubuntu-keyring.fixed.gpg \
+    && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 871920D1991BC93C && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 112695A0E562B32A  \
+    && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys AA8E81B4331F7F50 && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 04EE7237B7D453EC 648ACFD622F3D138 0E98404D386FA1D9 EF0F382A1A7B6500
+
+RUN apt-get update && apt-get install -y x11-common
+
+RUN echo "deb http://deb.debian.org/debian buster main contrib non-free" > /etc/apt/sources.list \
+    && echo "deb http://security.debian.org/debian-security/ buster/updates main contrib" >> /etc/apt/sources.list \
+    && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections
+
+
+RUN apt-get update \
+    && apt-get install -y ttf-mscorefonts-installer \
+    && apt-get clean \
+    && apt-get autoremove -y \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN apt-get update \
+    && apt-get install -y postgresql-client \
+    && apt-get clean \
+    && apt-get autoremove -y \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /usr/local/tomcat
+
+COPY setenv.sh bin/
+COPY tomcat-users.xml server.xml context.xml logging.properties conf/
+
+RUN rm -rf webapps/docs webapps/ROOT webapps/examples webapps/docs webapps/host-manager \
+	&& chmod +x bin/setenv.sh
+	
+ENV TZ=America/New_York
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tomcat-17/context.xml	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,30 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<Context>
+
+    <Resources cachingAllowed="false"/>
+
+    <!-- Uncomment this to disable session persistence across Tomcat restarts -->
+    <Manager pathname="" />
+
+    <!-- Uncomment this to enable Comet connection tacking (provides events
+         on session expiration as well as webapp lifecycle) -->
+    <!--
+    <Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
+    -->
+</Context>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tomcat-17/logging.properties	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,70 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = 1catalina.org.apache.juli.AsyncFileHandler, 2localhost.org.apache.juli.AsyncFileHandler, 3manager.org.apache.juli.AsyncFileHandler, 4host-manager.org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler
+
+.handlers = 1catalina.org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+1catalina.org.apache.juli.AsyncFileHandler.level = FINE
+1catalina.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs
+1catalina.org.apache.juli.AsyncFileHandler.prefix = catalina.
+
+2localhost.org.apache.juli.AsyncFileHandler.level = FINE
+2localhost.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs
+2localhost.org.apache.juli.AsyncFileHandler.prefix = localhost.
+
+3manager.org.apache.juli.AsyncFileHandler.level = FINE
+3manager.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs
+3manager.org.apache.juli.AsyncFileHandler.prefix = manager.
+
+#4host-manager.org.apache.juli.AsyncFileHandler.level = FINE
+#4host-manager.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs
+#4host-manager.org.apache.juli.AsyncFileHandler.prefix = host-manager.
+
+java.util.logging.ConsoleHandler.level = FINE
+java.util.logging.ConsoleHandler.formatter = org.apache.juli.OneLineFormatter
+
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.AsyncFileHandler
+
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = INFO
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.AsyncFileHandler
+
+#org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO
+#org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.AsyncFileHandler
+
+# For example, set the org.apache.catalina.util.LifecycleBase logger to log
+# each component that extends LifecycleBase changing state:
+#org.apache.catalina.util.LifecycleBase.level = FINE
+
+# To see debug messages in TldLocationsCache, uncomment the following line:
+#org.apache.jasper.compiler.TldLocationsCache.level = FINE
+
+# To see debug messages for HTTP/2 handling, uncomment the following line:
+#org.apache.coyote.http2.level = FINE
+
+# To see debug messages for WebSocket handling, uncomment the following line:
+#org.apache.tomcat.websocket.level = FINE
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tomcat-17/server.xml	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,76 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<Server port="8005" shutdown="SHUTDOWN">
+  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
+  <!-- Security listener. Documentation at /docs/config/listeners.html
+  <Listener className="org.apache.catalina.security.SecurityListener" />
+  -->
+  <!--APR library loader. Documentation at /docs/apr.html -->
+  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+
+  <GlobalNamingResources>
+    <Resource name="UserDatabase" auth="Container"
+              type="org.apache.catalina.UserDatabase"
+              description="User database for tomcat manager app"
+              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+              pathname="conf/tomcat-users.xml" />
+  </GlobalNamingResources>
+
+  <Service name="Catalina">
+
+    <Executor name="tomcatThreads" 
+		namePrefix="tomcat-exec-"
+        maxThreads="200" 
+		minSpareThreads="1"
+		maxIdleTime="300000"
+		/>
+		
+    <Connector port="8080" protocol="HTTP/1.1"
+               connectionTimeout="20000"
+               redirectPort="8443" 
+			   executor="tomcatThreads"/>
+
+    <Engine name="Catalina" defaultHost="localhost">
+
+      <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+           via a brute-force attack -->
+      <Realm className="org.apache.catalina.realm.LockOutRealm">
+        <!-- This Realm uses the UserDatabase configured in the global JNDI
+             resources under the key "UserDatabase".  Any edits
+             that are performed against this UserDatabase are immediately
+             available for use by the Realm.  -->
+        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+               resourceName="UserDatabase"/>
+      </Realm>
+
+      <Host name="localhost"  appBase="webapps" unpackWARs="false" autoDeploy="false">
+        <Valve className="org.apache.catalina.valves.AccessLogValve" 
+				directory="logs"
+                prefix="localhost_access_log" suffix=".txt"
+                pattern="%h %l %u %t &quot;%r&quot; %s %b" 
+                maxDays="5"/>
+
+      </Host>
+    </Engine>
+  </Service>
+</Server>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tomcat-17/setenv.sh	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,14 @@
+#! /bin/sh
+#
+echo "__________________________________________"
+
+export CATALINA_OPTS="$CATALINA_OPTS -XX:+UseG1GC"
+export CATALINA_OPTS="$CATALINA_OPTS -XX:+UseStringDeduplication "
+export CATALINA_OPTS="$CATALINA_OPTS -Djava.security.egd=file:/dev/./urandom"
+export CATALINA_OPTS="$CATALINA_OPTS -Duser.language=en"
+export CATALINA_OPTS="$CATALINA_OPTS -Duser.region=US"
+
+echo "Using CATALINA_OPTS $CATALINA_OPTS"
+echo "Using     JAVA_OPTS $JAVA_OPTS"
+echo "_________________________________________"
+echo ""
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tomcat-17/tomcat-users.xml	Thu May 02 22:46:24 2024 -0400
@@ -0,0 +1,11 @@
+<?xml version='1.0' encoding='utf-8'?>
+<tomcat-users xmlns="http://tomcat.apache.org/xml"
+              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
+              version="1.0">
+  <role rolename="manager-gui"/>
+  <role rolename="manager-jmx"/>
+  <role rolename="manager-script"/>
+  <user username="admin" password="99admin00" roles="manager-gui,manager-jmx"/>
+  <user username="script" password="99admin00" roles="manager-script"/>
+</tomcat-users>
\ No newline at end of file
--- a/tomcat/Dockerfile	Tue Jan 30 10:55:04 2024 -0500
+++ b/tomcat/Dockerfile	Thu May 02 22:46:24 2024 -0400
@@ -1,11 +1,12 @@
-FROM tomcat:8.5.37-jre8
+FROM tomcat:8.5.51-jdk8
 
 MAINTAINER Dave Smith <smith@nwoca.org>
 
-RUN echo "deb http://httpredir.debian.org/debian jessie main contrib" > /etc/apt/sources.list \
-    && echo "deb http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list \
-    && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections \
-    && apt-get update \
+RUN echo "deb http://deb.debian.org/debian buster main contrib non-free" > /etc/apt/sources.list \
+    && echo "deb http://security.debian.org/debian-security/ buster/updates main contrib" >> /etc/apt/sources.list \
+    && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections
+
+RUN apt-get update \
     && apt-get install -y ttf-mscorefonts-installer \
     && apt-get clean \
     && apt-get autoremove -y \