Mercurial > public > ssdt-docker
changeset 533:2e67cfae1533 production v2.17.0
flow: Merged <release> '2.17.0' to <master> ('production').
author | Marc Davis <marc.davis@mcoecn.org> |
---|---|
date | Thu, 02 May 2024 22:46:24 -0400 |
parents | 6ddfd364a52a (current diff) 9f618d578e10 (diff) |
children | f1955aafe2d6 |
files | |
diffstat | 34 files changed, 817 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/java-17/Dockerfile Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,17 @@ +FROM openjdk:17-buster + +MAINTAINER Marc Davis <davis@ssdt-ohio.org> + +RUN ls && echo "deb http://deb.debian.org/debian buster main contrib" > /etc/apt/sources.list \ + && echo "deb http://security.debian.org/debian-security/ buster/updates main contrib" >> /etc/apt/sources.list \ + && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections \ + && apt-get update \ + && apt-get install -y ttf-mscorefonts-installer \ + && apt-get clean \ + && apt-get autoremove -y \ + && rm -rf /var/lib/apt/lists/* + +ENV TZ=America/New_York + +RUN echo $TZ > /etc/timezone \ + && dpkg-reconfigure --frontend noninteractive tzdata
--- a/java/Dockerfile Tue Jan 30 10:55:04 2024 -0500 +++ b/java/Dockerfile Thu May 02 22:46:24 2024 -0400 @@ -1,6 +1,6 @@ FROM openjdk:8u181-jdk -MAINTAINER Dave Smith <smith@nwoca.org> +MAINTAINER Marc Davis <davis@ssdt-ohio.org> RUN echo "deb http://httpredir.debian.org/debian jessie main contrib" > /etc/apt/sources.list \ && echo "deb http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list \
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/anon-inventory.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,28 @@ +# +# Copyright (c) 2023. Ohio Department of Education. - All Rights Reserved. +# Unauthorized copying of this file, in any medium, is strictly prohibited. +# Written by the State Software Development Team (http://ssdt.oecn.k12.oh.us/) +# +# + +#!/bin/bash + +#!/bin/bash +# +BASEDIR="$PWD" +# read required environment variables +source $BASEDIR/.env/ssdt-inventory-shared.properties +source $BASEDIR/.env/ssdt-inventory-import.properties +# +# docker login +echo "Attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# docker pull +echo "Attempting to pull inventory-anon:1.0.0" +docker pull $artifactUrl/inventory-anon:1.0.0 +# +dockerParams="--rm --name $entityId-inventory-anonapp --network $entityId-inventory-net" +dockerParams="$dockerParams -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-inventory-db:5432/invdb -e SPRING_DATASOURCE_PASSWORD=postgres" +dockerParams="$dockerParams -e SPRING_PROFILES_ACTIVE=prod -i inventory-anon:1.0.0" +echo "Executing docker run command" +docker run $dockerParams \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/install-ess-app.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,111 @@ +#!/bin/bash +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/ess-shared.properties +source $BASEDIR/.env/ess-app.properties +# +# docker login +echo "Attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# +# docker pull app image +echo "Attempting to pull $artifactUrl/ess-app:$appVersion" +docker pull $artifactUrl/ess-app:$appVersion +# +# Builder docker run command based on settings in env files +echo "Building docker run command" +dockerRunCommand="docker run --name $entityId-ess-app + --restart=unless-stopped + --network $entityId-ess-net + -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-ess-db:5432/essdb + -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver + -e SPRING_DATASOURCE_USERNAME=postgres + -e SPRING_DATASOURCE_PASSWORD=$dbPassword + -e SPRING_PROFILES_ACTIVE=prod + -e APPLICATION_ADMIN_PASSWORD=$adminPassword + -e APPLICATION_ADMIN_RESET=$resetAdminPassword + -e USPS_CONFIGURATION_HOST=$uspsHost + -e USPS_CONFIGURATION_PORT=$uspsPort + -e USPS_CONFIGURATION_APIKEY=$uspsApiKey + -e USPS_CONFIGURATION_REMOTEAPIKEY=$uspsRemoteApiKey + -e WORKFLOWS_CONFIGURATION_HOST=$workflowsHost + -e WORKFLOWS_CONFIGURATION_PORT=$workflowsPort + -e WORKFLOWS_CONFIGURATION_API_KEY=$workflowsApiKey + -e WORKFLOWS_CONFIGURATION_REMOTE_API_KEY=$workflowsRemoteApiKey + -e JAVA_OPTS=$java_opts" +# +if [ ! -z "$virtualHost" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" +fi +# +if [ ! -z "$virtualPort" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort" +fi +# +if [ ! -z "$letsencryptHost" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost" +fi +# +if [ ! -z "$letsencryptEmail" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail" +fi +# +if [ ! -z "$hostPort" ]; then + dockerRunCommand="$dockerRunCommand -p $hostPort" +fi +# +# +if [ ! -z "$duoEnabled" ]; then + echo "Adding Duo Configuration" + dockerRunCommand="$dockerRunCommand + -e DUO_ENABLED=$duoEnabled + -e DUO_CLIENT_ID=$duoClientId + -e DUO_CLIENT_SECRET=$duoClientSecret + -e DUO_API_HOSTNAME=$duoApiHostname + -e DUO_FAIL_OPEN=$duoFailOpen + -e DUO_ESS_HOST=$duoEssHost + -e DUO_ESS_PORT=$duoEssPort + -e DUO_ESS_CONTEXT=$duoEssContext + -e DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration" +fi +# +# +if [ ! -z "$ads_config1_enabled" ]; then + echo "Add Window Active Director Configuration 1" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled + -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain + -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url + -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn + -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter" +fi +# +# +if [ ! -z "$ads_config2_enabled" ]; then + echo "Add Window Active Director Configuration 2" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled + -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain + -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url + -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn + -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter" +fi +# +# +if [ ! -z "$ads_config3_enabled" ]; then + echo "Add Window Active Director Configuration 3" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled + -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain + -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url + -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn + -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter" +fi +# +# +dockerRunCommand="$dockerRunCommand -d $artifactUrl/ess-app:$appVersion" +# +# Execute constructed docker run command to create $entityId-ess-app container connected to db and docker network +echo "Executing docker run command" +$dockerRunCommand
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/install-ess-db.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,26 @@ +#!/bin/bash +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/ess-shared.properties +source $BASEDIR/.env/ess-db.properties +# +# docker login +echo "attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# docker pull db image +echo "attempting to pull $artifactUrl/ess-db:$dbVersion" +docker pull $artifactUrl/ess-db:$dbVersion +# +# create employee self service specific docker network for $entityId +echo "attempting to create $entityId-ess-net docker network" +docker network create $entityId-ess-net +# docker run ess-db (data mounted as volume) connected to $entityId-ess-net docker network +echo "attempting to execute docker run command" +docker run --name $entityId-ess-db \ + --restart=unless-stopped \ + --mount source=$entityId-ess-db,target=/var/lib/postgresql/data \ + --network $entityId-ess-net \ + -e POSTGRES_DB=essdb \ + -e POSTGRES_PASSWORD=$dbPassword \ + -d $artifactUrl/ess-db:$dbVersion
--- a/prod/install-workflows-app.sh Tue Jan 30 10:55:04 2024 -0500 +++ b/prod/install-workflows-app.sh Thu May 02 22:46:24 2024 -0400 @@ -41,6 +41,21 @@ dockerRunCommand="$dockerRunCommand -e USPS_CONFIGURATION_CONTEXT=$uspsContext" fi # +# If ESS Host is provided, assuming ESS connection needs configured. +# +if [ ! -z "$essHost" ]; then + echo "configuring employee self-service environment variables" + dockerRunCommand="$dockerRunCommand + -e ESS_HOST=$essHost + -e ESS_PORT=$essPort + -e ESS_API_KEY=$essApiKey + -e ESS_REMOTE_API_KEY=$essRemoteApiKey" +fi +# +if [ ! -z "$essContext" ]; then + dockerRunCommand="$dockerRunCommand -e ESS_CONTEXT=$essContext" +fi +# if [ ! -z "$virtualHost" ]; then dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" fi @@ -65,4 +80,4 @@ # # Execute constructed docker run command to create $entityId-workflows-app container connected to db and docker network echo "Executing docker run command" -$dockerRunCommand \ No newline at end of file +$dockerRunCommand
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/update-ess-app.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,119 @@ +#!/bin/bash +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/ess-shared.properties +source $BASEDIR/.env/ess-app.properties +# +# docker login +echo "Attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# +# docker pull app image +echo "Attempting to pull $artifactUrl/ess-app:$appVersion" +docker pull $artifactUrl/ess-app:$appVersion +# +# docker stop ess app container +echo "Attempting to stop $entityId-ess-app container" +docker stop $entityId-ess-app +# +# docker rm ess app container +echo "Attempting to remove $entityId-ess-app container" +docker rm $entityId-ess-app +# +# Builder docker run command based on settings in env files +echo "Building docker run command" +dockerRunCommand="docker run --name $entityId-ess-app + --restart=unless-stopped + --network $entityId-ess-net + -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-ess-db:5432/essdb + -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver + -e SPRING_DATASOURCE_USERNAME=postgres + -e SPRING_DATASOURCE_PASSWORD=$dbPassword + -e SPRING_PROFILES_ACTIVE=prod + -e APPLICATION_ADMIN_PASSWORD=$adminPassword + -e APPLICATION_ADMIN_RESET=$resetAdminPassword + -e USPS_CONFIGURATION_HOST=$uspsHost + -e USPS_CONFIGURATION_PORT=$uspsPort + -e USPS_CONFIGURATION_APIKEY=$uspsApiKey + -e USPS_CONFIGURATION_REMOTEAPIKEY=$uspsRemoteApiKey + -e WORKFLOWS_CONFIGURATION_HOST=$workflowsHost + -e WORKFLOWS_CONFIGURATION_PORT=$workflowsPort + -e WORKFLOWS_CONFIGURATION_API_KEY=$workflowsApiKey + -e WORKFLOWS_CONFIGURATION_REMOTE_API_KEY=$workflowsRemoteApiKey + -e JAVA_OPTS=$java_opts" +# +if [ ! -z "$virtualHost" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" +fi +# +if [ ! -z "$virtualPort" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort" +fi +# +if [ ! -z "$letsencryptHost" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost" +fi +# +if [ ! -z "$letsencryptEmail" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail" +fi +# +if [ ! -z "$hostPort" ]; then + dockerRunCommand="$dockerRunCommand -p $hostPort" +fi +# +# +if [ ! -z "$duoEnabled" ]; then + echo "Adding Duo Configuration" + dockerRunCommand="$dockerRunCommand + -e DUO_ENABLED=$duoEnabled + -e DUO_CLIENT_ID=$duoClientId + -e DUO_CLIENT_SECRET=$duoClientSecret + -e DUO_API_HOSTNAME=$duoApiHostname + -e DUO_FAIL_OPEN=$duoFailOpen + -e DUO_ESS_HOST=$duoEssHost + -e DUO_ESS_PORT=$duoEssPort + -e DUO_ESS_CONTEXT=$duoEssContext + -e DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration" +fi +# +# +if [ ! -z "$ads_config1_enabled" ]; then + echo "Add Window Active Director Configuration 1" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled + -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain + -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url + -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn + -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter" +fi +# +# +if [ ! -z "$ads_config2_enabled" ]; then + echo "Add Window Active Director Configuration 2" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled + -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain + -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url + -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn + -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter" +fi +# +# +if [ ! -z "$ads_config3_enabled" ]; then + echo "Add Window Active Director Configuration 3" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled + -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain + -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url + -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn + -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter" +fi +# +# +dockerRunCommand="$dockerRunCommand -d $artifactUrl/ess-app:$appVersion" +# +# Execute constructed docker run command to create $entityId-ess-app container connected to db and docker network +echo "Executing docker run command" +$dockerRunCommand
--- a/prod/update-workflows-app.sh Tue Jan 30 10:55:04 2024 -0500 +++ b/prod/update-workflows-app.sh Thu May 02 22:46:24 2024 -0400 @@ -50,6 +50,20 @@ dockerRunCommand="$dockerRunCommand -e USPS_CONFIGURATION_CONTEXT=$uspsContext" fi # +# If ESS Host is provided, assuming ESS connection needs configured. +# +if [ ! -z "$essHost" ]; then + echo "configuring employee self-service environment variables" + dockerRunCommand="$dockerRunCommand + -e ESS_HOST=$essHost + -e ESS_PORT=$essPort + -e ESS_API_KEY=$essApiKey + -e ESS_REMOTE_API_KEY=$essRemoteApiKey" +fi +# +if [ ! -z "$essContext" ]; then + dockerRunCommand="$dockerRunCommand -e ESS_CONTEXT=$essContext" +fi if [ ! -z "$virtualHost" ]; then dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" fi @@ -74,4 +88,4 @@ # # Execute constructed docker run command to create $entityId-workflows-app container connected to db and docker network echo "Executing docker run command" -$dockerRunCommand \ No newline at end of file +$dockerRunCommand
--- a/scripts/backup-container-docker.sh Tue Jan 30 10:55:04 2024 -0500 +++ b/scripts/backup-container-docker.sh Thu May 02 22:46:24 2024 -0400 @@ -58,6 +58,17 @@ echo "container name is $containerName" fi +if [[ "$container" = "essdb" && -f ".env/ess-shared.properties" ]]; then + function prop { + grep "${1}" .env/ess-shared.properties|cut -d'=' -f2 + } + entityId=$(prop 'entityId' | tr -d '"') + containerName="$entityId-ess-db" + backupFile=./backup/${entityId}-ess-db.$(date +%Y-%m-%d-%H-%M-%S).backup + echo "entityId is $entityId" + echo "container name is $containerName" +fi + if [ ! -z "$containerName" ]; then echo "Container is $container" if [ "$container" = "invdb" ]; then
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/backup-document-store.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,36 @@ +#!/bin/bash + +projectDir=${1:-$PWD} + +cd "$projectDir" || echo "Unable to change to project directory: $projectDir" + +function prop { + grep "${1}" .env/ssdt-document-store-shared.properties|cut -d'=' -f2 +} + +entityId=$(prop 'entityId' | tr -d '"') +repository="${entityId}_fs_backup" +certificate=${projectDir}/http_ca.crt +baseUrl="https://$(prop 'DOCUMENTSTORE_ELASTIC_HOST' | tr -d '"'):$(prop 'DOCUMENTSTORE_ELASTIC_PORT' | tr -d '"')" +elasticPassword=$(prop 'ELASTIC_PASSWORD' | tr -d '"') + +verifyRepository=$(curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X POST "${baseUrl}/_snapshot/${repository}/_verify?pretty") + +countMissingException=$(echo "${verifyRepository}" | grep -c "repository_missing_exception") + +if [ "$countMissingException" -gt 0 ]; then + echo "creating Repository ${repository}" + curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X PUT "${baseUrl}/_snapshot/${repository}?pretty" -H 'Content-Type: application/json' -d' + { + "type": "fs", + "settings": { + "location": "/usr/share/elasticsearch/backup", + "compress": true + } + } + ' +fi + +snapshotName="%3C${entityId}-snapshot-%7Bnow%2Fs%7Byyyy.MM.dd-HH.mm.ss%7D%7D%3E" + +curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X PUT "${baseUrl}/_snapshot/${repository}/${snapshotName}?pretty"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/backup-ess.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,5 @@ +#!/bin/bash + +source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh" + +${SSDT_SCRIPTS}/backup-container-docker.sh essdb ${1}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/list-document-store-snapshots.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,20 @@ +#!/bin/bash + +projectDir=${1:-$PWD} +detailedView=${2:-false} + +cd "$projectDir" || echo "Unable to change to project directory: $projectDir" + +function prop { + grep "${1}" .env/ssdt-document-store-shared.properties|cut -d'=' -f2 +} + +entityId=$(prop 'entityId' | tr -d '"') +repository="${entityId}_fs_backup" +certificate=${projectDir}/http_ca.crt +baseUrl="https://$(prop 'DOCUMENTSTORE_ELASTIC_HOST' | tr -d '"'):$(prop 'DOCUMENTSTORE_ELASTIC_PORT' | tr -d '"')" +elasticPassword=$(prop 'ELASTIC_PASSWORD' | tr -d '"') + +options="pretty&verbose=${detailedView}&index_names=${detailedView}&ignore_unavailable=true" + +curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X GET "${baseUrl}/_snapshot/${repository}/_all?${options}" \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/restore-document-store.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,18 @@ +#!/bin/bash + +projectDir=${1:-$PWD} +snapshot=${2?Must provide snapshot name to restore} + +cd "$projectDir" || echo "Unable to change to project directory: $projectDir" + +function prop { + grep "${1}" .env/ssdt-document-store-shared.properties|cut -d'=' -f2 +} + +entityId=$(prop 'entityId' | tr -d '"') +repository="${entityId}_fs_backup" +certificate=${projectDir}/http_ca.crt +baseUrl="https://$(prop 'DOCUMENTSTORE_ELASTIC_HOST' | tr -d '"'):$(prop 'DOCUMENTSTORE_ELASTIC_PORT' | tr -d '"')" +elasticPassword=$(prop 'ELASTIC_PASSWORD' | tr -d '"') + +curl --cacert "${certificate}" -s -u elastic:"${elasticPassword}" -X POST "${baseUrl}/_snapshot/${repository}/${snapshot}/_restore?pretty" \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/restore-ess.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,51 @@ +#!/bin/bash + +source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh" + +sourceFile=${1?must provide backup file to be restored} + +if [ -z "$1" ] +then + echo "Usage: `basename $0` {backup file to restore}" + echo " must specify the name of the file to restore. Assumed to be in format:" + echo " {entityId}-ess-db.{timestamp}.backup.gz " + exit $E_NOARGS +fi + +function prop { + grep "${1}" .env/ess-shared.properties|cut -d'=' -f2 +} + +entityId=$(prop 'entityId' | tr -d '"') +dbContainerName="$entityId-ess-db" +appContainerName="$entityId-ess-app" +target="essdb" + +echo +echo "Preparing to restore" +echo "--------------------" +echo " file: $sourceFile" +echo " to $dbContainerName database: $target" +echo " " +echo "WARNING: This operation will DELETE and replace any exising database" +echo " " + +read -e -p "Continue? <y/N> " answer +case $answer in + y | Y | yes | YES ) answer="y";; + n | N | no | NO ) answer="n";; + *) answer="n" +esac + +if [ "$answer" == "y" ] +then + echo "stopping application service $appContainerName" + docker stop $appContainerName + + echo "copy backup file to database container" + docker cp ${sourceFile} ${dbContainerName}:/tmp/restore.backup.gz + + echo "starting database restore" + docker exec -t -u postgres $dbContainerName sh -c "gunzip -f /tmp/restore.backup.gz -c | psql" + +fi
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/testbench-grid-17/Dockerfile Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,13 @@ +FROM openjdk:17 + +MAINTAINER Catherine Aldrich + +ENV TESTBENCHJAR=/testbench-standalone.jar + +ADD ./vaadin-testbench-standalone-5.2.0.jar $TESTBENCHJAR + +EXPOSE 4444 + +WORKDIR / + +CMD ["java", "-jar", "testbench-standalone.jar", "-role", "hub" ]
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/testbench-grid-17/docker-compose.yml Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,18 @@ +grid: +# image: testbench-grid:2.0 +# image: testbench-grid:2.2 +# image: testbench-grid:latest + image: testbench-grid:3.0 + ports: + - 4444:4444 +node: +# image: testbench-node:2.0 +# image: testbench-node:2.1 +# image: testbench-node:2.3 +# image: testbench-node:latest + image: testbench-node:3.0 + links: + - grid + environment: + - HUB_HOST=grid_1 +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/testbench-grid-17/starting.txt Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,4 @@ +#Use docker-compose scale to start: docker-compose scale node=20 +#also need to start the grid: docker-compose up -d grid +##Use "latest" for old testbench, 2.0 for newest +##Start grid FIRST and give it time to come up
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/testbench-node-17/Dockerfile Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,48 @@ +FROM openjdk:17-buster + +MAINTAINER Catherine Aldrich + +ENV TESTBENCHJAR=/testbench-standalone.jar + +# Install PhantomJS +RUN mkdir /phantom +WORKDIR /phantom +ADD http://files.ssdt.io/phantomjs-2.1.1-linux-x86_64.tar /phantom/phantomjs.tar +RUN tar -xf phantomjs.tar \ + && mv $(find /phantom -name phantomjs) /bin \ + && rm -rf /phantom +WORKDIR / + +RUN apt-get update -y + +# Install Chrome browser +ARG CHROME_84="84.0.4147.30" +ARG CHROME_85="85.0.4183.83-1" +ARG CHROME_86="86.0.4240.22-1" +RUN wget --no-verbose -O /tmp/chrome.deb http://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${CHROME_85}_amd64.deb \ + && apt install -y /tmp/chrome.deb \ + && rm /tmp/chrome.deb + +## Install Chromium driver +ADD ./chromedriver_linux64_85.zip . +RUN unzip chromedriver_linux64_85.zip -d / +RUN mv -f /chromedriver /usr/local/bin/chromedriver +RUN chmod 0777 /usr/local/bin/chromedriver +RUN rm -rf ./chromedriver_linux64_85.zip + +# Add TestBench jar +ADD ./vaadin-testbench-standalone-5.2.0.jar $TESTBENCHJAR + +COPY ./docker-entrypoint.sh / +RUN chmod a+x /docker-entrypoint.sh + +RUN apt-get update -y + +RUN chmod 0777 /usr/bin/google-chrome + +RUN /usr/bin/google-chrome --version +RUN /usr/local/bin/chromedriver --version + +ENTRYPOINT [ "./docker-entrypoint.sh" ] + +CMD [ "node" ]
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/testbench-node-17/docker-entrypoint.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +case "$1" in + + node) + java -jar testbench-standalone.jar -role node -hub http://$HUB_HOST:4444/grid/register -browser "browserName=chrome" + ;; + + *) + exec "$@" + ;; + +esac +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tomcat-17/Dockerfile Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,38 @@ +FROM tomcat:8.5.93-jre17-temurin-jammy + +MAINTAINER Marc Davis <davis@ssdt-ohio.org> + +RUN apt-get update && apt-get install -y gnupg && apt-get install -y apt-transport-https \ + && gpg --no-default-keyring --keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg --export > /etc/apt/trusted.gpg.d/ubuntu-keyring.fixed.gpg \ + && gpg --no-default-keyring --keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg --export > /etc/apt/trusted.gpg.d/ubuntu-keyring.fixed.gpg \ + && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 871920D1991BC93C && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 112695A0E562B32A \ + && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys AA8E81B4331F7F50 && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 04EE7237B7D453EC 648ACFD622F3D138 0E98404D386FA1D9 EF0F382A1A7B6500 + +RUN apt-get update && apt-get install -y x11-common + +RUN echo "deb http://deb.debian.org/debian buster main contrib non-free" > /etc/apt/sources.list \ + && echo "deb http://security.debian.org/debian-security/ buster/updates main contrib" >> /etc/apt/sources.list \ + && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections + + +RUN apt-get update \ + && apt-get install -y ttf-mscorefonts-installer \ + && apt-get clean \ + && apt-get autoremove -y \ + && rm -rf /var/lib/apt/lists/* + +RUN apt-get update \ + && apt-get install -y postgresql-client \ + && apt-get clean \ + && apt-get autoremove -y \ + && rm -rf /var/lib/apt/lists/* + +WORKDIR /usr/local/tomcat + +COPY setenv.sh bin/ +COPY tomcat-users.xml server.xml context.xml logging.properties conf/ + +RUN rm -rf webapps/docs webapps/ROOT webapps/examples webapps/docs webapps/host-manager \ + && chmod +x bin/setenv.sh + +ENV TZ=America/New_York
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tomcat-17/context.xml Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,30 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<Context> + + <Resources cachingAllowed="false"/> + + <!-- Uncomment this to disable session persistence across Tomcat restarts --> + <Manager pathname="" /> + + <!-- Uncomment this to enable Comet connection tacking (provides events + on session expiration as well as webapp lifecycle) --> + <!-- + <Valve className="org.apache.catalina.valves.CometConnectionManagerValve" /> + --> +</Context>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tomcat-17/logging.properties Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,70 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +handlers = 1catalina.org.apache.juli.AsyncFileHandler, 2localhost.org.apache.juli.AsyncFileHandler, 3manager.org.apache.juli.AsyncFileHandler, 4host-manager.org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler + +.handlers = 1catalina.org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler + +############################################################ +# Handler specific properties. +# Describes specific configuration info for Handlers. +############################################################ + +1catalina.org.apache.juli.AsyncFileHandler.level = FINE +1catalina.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs +1catalina.org.apache.juli.AsyncFileHandler.prefix = catalina. + +2localhost.org.apache.juli.AsyncFileHandler.level = FINE +2localhost.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs +2localhost.org.apache.juli.AsyncFileHandler.prefix = localhost. + +3manager.org.apache.juli.AsyncFileHandler.level = FINE +3manager.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs +3manager.org.apache.juli.AsyncFileHandler.prefix = manager. + +#4host-manager.org.apache.juli.AsyncFileHandler.level = FINE +#4host-manager.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs +#4host-manager.org.apache.juli.AsyncFileHandler.prefix = host-manager. + +java.util.logging.ConsoleHandler.level = FINE +java.util.logging.ConsoleHandler.formatter = org.apache.juli.OneLineFormatter + + +############################################################ +# Facility specific properties. +# Provides extra control for each logger. +############################################################ + +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.AsyncFileHandler + +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = INFO +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.AsyncFileHandler + +#org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO +#org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.AsyncFileHandler + +# For example, set the org.apache.catalina.util.LifecycleBase logger to log +# each component that extends LifecycleBase changing state: +#org.apache.catalina.util.LifecycleBase.level = FINE + +# To see debug messages in TldLocationsCache, uncomment the following line: +#org.apache.jasper.compiler.TldLocationsCache.level = FINE + +# To see debug messages for HTTP/2 handling, uncomment the following line: +#org.apache.coyote.http2.level = FINE + +# To see debug messages for WebSocket handling, uncomment the following line: +#org.apache.tomcat.websocket.level = FINE
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tomcat-17/server.xml Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,76 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<Server port="8005" shutdown="SHUTDOWN"> + <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> + <!-- Security listener. Documentation at /docs/config/listeners.html + <Listener className="org.apache.catalina.security.SecurityListener" /> + --> + <!--APR library loader. Documentation at /docs/apr.html --> + <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> + <!-- Prevent memory leaks due to use of particular java/javax APIs--> + <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> + <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> + <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> + + + <GlobalNamingResources> + <Resource name="UserDatabase" auth="Container" + type="org.apache.catalina.UserDatabase" + description="User database for tomcat manager app" + factory="org.apache.catalina.users.MemoryUserDatabaseFactory" + pathname="conf/tomcat-users.xml" /> + </GlobalNamingResources> + + <Service name="Catalina"> + + <Executor name="tomcatThreads" + namePrefix="tomcat-exec-" + maxThreads="200" + minSpareThreads="1" + maxIdleTime="300000" + /> + + <Connector port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + redirectPort="8443" + executor="tomcatThreads"/> + + <Engine name="Catalina" defaultHost="localhost"> + + <!-- Use the LockOutRealm to prevent attempts to guess user passwords + via a brute-force attack --> + <Realm className="org.apache.catalina.realm.LockOutRealm"> + <!-- This Realm uses the UserDatabase configured in the global JNDI + resources under the key "UserDatabase". Any edits + that are performed against this UserDatabase are immediately + available for use by the Realm. --> + <Realm className="org.apache.catalina.realm.UserDatabaseRealm" + resourceName="UserDatabase"/> + </Realm> + + <Host name="localhost" appBase="webapps" unpackWARs="false" autoDeploy="false"> + <Valve className="org.apache.catalina.valves.AccessLogValve" + directory="logs" + prefix="localhost_access_log" suffix=".txt" + pattern="%h %l %u %t "%r" %s %b" + maxDays="5"/> + + </Host> + </Engine> + </Service> +</Server>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tomcat-17/setenv.sh Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,14 @@ +#! /bin/sh +# +echo "__________________________________________" + +export CATALINA_OPTS="$CATALINA_OPTS -XX:+UseG1GC" +export CATALINA_OPTS="$CATALINA_OPTS -XX:+UseStringDeduplication " +export CATALINA_OPTS="$CATALINA_OPTS -Djava.security.egd=file:/dev/./urandom" +export CATALINA_OPTS="$CATALINA_OPTS -Duser.language=en" +export CATALINA_OPTS="$CATALINA_OPTS -Duser.region=US" + +echo "Using CATALINA_OPTS $CATALINA_OPTS" +echo "Using JAVA_OPTS $JAVA_OPTS" +echo "_________________________________________" +echo ""
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tomcat-17/tomcat-users.xml Thu May 02 22:46:24 2024 -0400 @@ -0,0 +1,11 @@ +<?xml version='1.0' encoding='utf-8'?> +<tomcat-users xmlns="http://tomcat.apache.org/xml" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd" + version="1.0"> + <role rolename="manager-gui"/> + <role rolename="manager-jmx"/> + <role rolename="manager-script"/> + <user username="admin" password="99admin00" roles="manager-gui,manager-jmx"/> + <user username="script" password="99admin00" roles="manager-script"/> +</tomcat-users> \ No newline at end of file
--- a/tomcat/Dockerfile Tue Jan 30 10:55:04 2024 -0500 +++ b/tomcat/Dockerfile Thu May 02 22:46:24 2024 -0400 @@ -1,11 +1,12 @@ -FROM tomcat:8.5.37-jre8 +FROM tomcat:8.5.51-jdk8 MAINTAINER Dave Smith <smith@nwoca.org> -RUN echo "deb http://httpredir.debian.org/debian jessie main contrib" > /etc/apt/sources.list \ - && echo "deb http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list \ - && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections \ - && apt-get update \ +RUN echo "deb http://deb.debian.org/debian buster main contrib non-free" > /etc/apt/sources.list \ + && echo "deb http://security.debian.org/debian-security/ buster/updates main contrib" >> /etc/apt/sources.list \ + && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections + +RUN apt-get update \ && apt-get install -y ttf-mscorefonts-installer \ && apt-get clean \ && apt-get autoremove -y \