From 0e121d713e212db67b24fb3793f6f5869eb2d5d9 Mon Sep 17 00:00:00 2001 From: Vivek Vinushanth Christopher <32198547+VivekVinushanth@users.noreply.github.com> Date: Mon, 15 Aug 2022 15:13:28 +0530 Subject: [PATCH] Update master for 6.0.0 release (#348) * Update for 6.0.0 * Address comments * Remove centos --- CHANGELOG.md | 59 +------ CONTRIBUTING.md | 6 +- README.md | 2 +- docker-compose/is/README.md | 2 +- .../repository/conf/deployment.toml | 6 +- .../is/conf/mysql/scripts/mysql_identity.sql | 116 +++++++++++--- .../is/conf/mysql/scripts/mysql_shared.sql | 133 ++++++++++++++-- docker-compose/is/dockerfiles/is/Dockerfile | 4 +- dockerfiles/alpine/is/Dockerfile | 21 ++- dockerfiles/alpine/is/README.md | 17 +- dockerfiles/alpine/is/docker-entrypoint.sh | 2 +- dockerfiles/centos/is/Dockerfile | 131 ---------------- dockerfiles/centos/is/README.md | 80 ---------- dockerfiles/centos/is/docker-entrypoint.sh | 36 ----- dockerfiles/jdk8/alpine/is/Dockerfile | 148 ------------------ dockerfiles/jdk8/alpine/is/README.md | 80 ---------- .../jdk8/alpine/is/docker-entrypoint.sh | 36 ----- dockerfiles/jdk8/centos/is/Dockerfile | 130 --------------- dockerfiles/jdk8/centos/is/README.md | 80 ---------- .../jdk8/centos/is/docker-entrypoint.sh | 36 ----- dockerfiles/jdk8/ubuntu/is/Dockerfile | 137 ---------------- dockerfiles/jdk8/ubuntu/is/README.md | 80 ---------- .../jdk8/ubuntu/is/docker-entrypoint.sh | 36 ----- dockerfiles/ubuntu/is/Dockerfile | 21 ++- dockerfiles/ubuntu/is/README.md | 24 +-- dockerfiles/ubuntu/is/docker-entrypoint.sh | 2 +- 26 files changed, 274 insertions(+), 1151 deletions(-) delete mode 100755 dockerfiles/centos/is/Dockerfile delete mode 100755 dockerfiles/centos/is/README.md delete mode 100755 dockerfiles/centos/is/docker-entrypoint.sh delete mode 100755 dockerfiles/jdk8/alpine/is/Dockerfile delete mode 100755 dockerfiles/jdk8/alpine/is/README.md delete mode 100755 dockerfiles/jdk8/alpine/is/docker-entrypoint.sh delete mode 100755 dockerfiles/jdk8/centos/is/Dockerfile delete mode 100755 dockerfiles/jdk8/centos/is/README.md delete mode 100755 dockerfiles/jdk8/centos/is/docker-entrypoint.sh delete mode 100755 dockerfiles/jdk8/ubuntu/is/Dockerfile delete mode 100755 dockerfiles/jdk8/ubuntu/is/README.md delete mode 100755 dockerfiles/jdk8/ubuntu/is/docker-entrypoint.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index be6ac867..5f4a5383 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,71 +1,22 @@ # Changelog -All notable changes to Docker and Docker Compose resources for WSO2 Identity and Management version `5.11.x` +All notable changes to Docker and Docker Compose resources for WSO2 Identity and Management version `6.0.x` in each resource release, will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). -## [v5.11.0.15] - 2022-06-20 +## v6.0.0.1 - 2022-08-15 ### Changed -- Update alpine base docker image version to 3.16 - -## [v5.11.0.14] - 2022-06-09 - -### Changed -- Update mysql-connector-java version to 8.0.29 - -## [v5.11.0.11] - 2022-03-08 - -### Changed -- Changed base image of dockerfiles to an OS image and installed relevant JDK on it, instead of using a JDK installed OS image. - -## [v5.11.0.9] - 2022-01-20 - -### Changed -- Remove redundant jdk11 docker image directory. - -## [v5.11.0.8] - 2021-12-13 - -### Changed -- Add alpine, ubuntu and centos dockerfiles to dockerfiles directory for backward comfortability. - -## [v5.11.0.6] - 2021-11-17 - -### Changed -- Change folder structure of dockerfile locations and introduced separate images for jdk8 and jdk11 (refer to [issue](https://github.com/wso2/docker-is/issues/306) - - -## [v5.11.0.5] - 2021-08-16 - -### Changed -- Upgrade base docker image to fix the detected high security vulnerability. (refer to [issue](https://github.com/wso2/docker-is/issues/299) - -## [v5.11.0.3] - 2021.07.16 - -### Changed - -- Update kubernetes common version. - -## [v5.11.0.2] - 2021.06.03 - -### Changed - - Update Docker OS base image. -## [v5.11.0.1] - 2020.12.03 - ### Added -- Docker resources of WSO2 Identity Server version `5.11.0` for Alpine, CentOS and Ubuntu (refer to [issue](https://github.com/wso2/docker-is/issues/238)) +- Docker resources of WSO2 Identity Server version `6.0.0` for Alpine and Ubuntu (refer to [issue](https://github.com/wso2/docker-is/issues/238)) ### Removed -- Avoid packaging MySQL JDBC Driver in Identity Server Docker images (refer to [issue](https://github.com/wso2/docker-is/issues/242)) +- JDK8 support For detailed information on the tasks carried out during this release, please see the GitHub milestone -[v5.11.0.1](https://github.com/wso2/docker-is/milestone/22). - -[v5.11.0.1]: https://github.com/wso2/docker-is/compare/v5.10.0.3...v5.11.0.1 -[v5.11.0.2]: https://github.com/wso2/docker-is/compare/v5.11.0.1...v5.11.0.2 -[v5.11.0.3]: https://github.com/wso2/docker-is/compare/v5.11.0.2...v5.11.0.3 +[v6.0.0.1](https://github.com/wso2/docker-is/milestone/23). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index b9a030af..874b2aa9 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -24,12 +24,12 @@ The issues page on GitHub is for tracking bugs and feature requests. When posing If you like to contribute with a bug fix or a new feature, start by posting an issue and discussing the best way to implement it. Unlike most projects, development for this repository is carried out on the `5.11.x` branch. This is because the `master` branch contains the latest stable release of the project. -The code in `5.11.x` is merged to the `master` branch after a final review and a round of testing. +The code in `6.0.x` is merged to the `master` branch after a final review and a round of testing. Please follow these guidelines when contributing to the code: 1. Fork the current repository. -2. Create a topic branch from the `5.11.x` branch. +2. Create a topic branch from the `6.0.x` branch. 3. Make commits in logical units. 4. Before you send out the pull request, sync your forked repository with a remote repository. This makes your pull request simple and clear. @@ -37,7 +37,7 @@ Please follow these guidelines when contributing to the code: git clone https://github.com//docker-is.git git remote add upstream https://github.com/wso2/docker-is.git git fetch upstream -git checkout -b upstream/5.11.x +git checkout -b upstream/6.0.x # add some work diff --git a/README.md b/README.md index 0aa7ec0c..b8dabdb3 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ Use these artefacts as a reference to build your deployment artefacts. Existing This repository contains following Docker resources: -- Per profile Docker resources of WSO2 Identity Server version `5.11.0` for Alpine, CentOS, Ubuntu +- Per profile Docker resources of WSO2 Identity Server version `6.0.0` for Alpine and Ubuntu - Docker Compose resources to evaluate most common Identity And Access Management (IAM) deployment patterns Per profile Docker resources for WSO2 Identity Server help you build generic Docker images for deploying the diff --git a/docker-compose/is/README.md b/docker-compose/is/README.md index 7fa5e0f4..132e28ba 100644 --- a/docker-compose/is/README.md +++ b/docker-compose/is/README.md @@ -29,7 +29,7 @@ Instead, extract the zip file and directly browse to `docker-is-/docker-compose/is` folder. > If you want to try out an already released tag, after executing 2nd step, checkout the relevant tag, - i.e. for example: git checkout tags/v5.11.0.1 and continue below steps. + i.e. for example: git checkout tags/v6.0.0.1 and continue below steps. 3. Execute following Docker Compose command to start the deployment. diff --git a/docker-compose/is/conf/identity-server/repository/conf/deployment.toml b/docker-compose/is/conf/identity-server/repository/conf/deployment.toml index 4a0938a3..5c90df52 100644 --- a/docker-compose/is/conf/identity-server/repository/conf/deployment.toml +++ b/docker-compose/is/conf/identity-server/repository/conf/deployment.toml @@ -9,11 +9,7 @@ password = "admin" create_admin_account = true [user_store] -type = "read_write_ldap_unique_id" -connection_url = "ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}" -connection_name = "uid=admin,ou=system" -connection_password = "admin" -base_dn = "dc=wso2,dc=org" #refers the base dn on which the user and group search bases will be generated +type = "database_unique_id" [database.identity_db] url = "jdbc:mysql://mysql:3306/WSO2IS_IDENTITY_DB?autoReconnect=true&useSSL=false" diff --git a/docker-compose/is/conf/mysql/scripts/mysql_identity.sql b/docker-compose/is/conf/mysql/scripts/mysql_identity.sql index 76be3d93..08739bb4 100644 --- a/docker-compose/is/conf/mysql/scripts/mysql_identity.sql +++ b/docker-compose/is/conf/mysql/scripts/mysql_identity.sql @@ -87,6 +87,7 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( REFRESH_TOKEN_HASH VARCHAR(512), IDP_ID INTEGER DEFAULT -1 NOT NULL, TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', + CONSENTED_TOKEN VARCHAR(6), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -99,12 +100,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( TOKEN_BINDING_REF VARCHAR (32), TOKEN_BINDING_VALUE VARCHAR (1024), TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), + UNIQUE (TOKEN_ID,TOKEN_BINDING_TYPE,TOKEN_BINDING_VALUE), FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( + ID INTEGER NOT NULL AUTO_INCREMENT, TOKEN_ID VARCHAR (255), ACCESS_TOKEN VARCHAR(2048), REFRESH_TOKEN VARCHAR(2048), @@ -125,7 +127,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( ACCESS_TOKEN_HASH VARCHAR(512), REFRESH_TOKEN_HASH VARCHAR(512), INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL + IDP_ID INTEGER DEFAULT -1 NOT NULL, + PRIMARY KEY(ID) ); CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( @@ -163,6 +166,7 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( CODE_ID VARCHAR(255), DEVICE_CODE VARCHAR(255), USER_CODE VARCHAR(25), + QUANTIFIER INTEGER NOT NULL DEFAULT 0, CONSUMER_KEY_ID INTEGER, LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, @@ -175,7 +179,7 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( IDP_ID INTEGER, PRIMARY KEY (DEVICE_CODE), UNIQUE (CODE_ID), - UNIQUE (USER_CODE), + CONSTRAINT USRCDE_QNTFR_CONSTRAINT UNIQUE (USER_CODE, QUANTIFIER), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; @@ -207,11 +211,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + ID INTEGER NOT NULL AUTO_INCREMENT, SCOPE_ID INTEGER NOT NULL, SCOPE_BINDING VARCHAR(255) NOT NULL, BINDING_TYPE VARCHAR(255) NOT NULL, FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) + UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE), + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( @@ -228,6 +234,7 @@ CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( ROLE_NAME VARCHAR(255) NOT NULL, ATTR_NAME VARCHAR(1024) NOT NULL, ATTR_VALUE VARCHAR(1024), + UNIQUE(TENANT_ID, ROLE_NAME, ATTR_NAME), PRIMARY KEY (ID) )ENGINE INNODB; @@ -333,9 +340,11 @@ CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, USER_ID VARCHAR(255) NOT NULL, SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); + CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID), + PRIMARY KEY (ID)); CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( SESSION_ID VARCHAR (100) NOT NULL, @@ -721,7 +730,7 @@ CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) )ENGINE INNODB; - + CREATE TABLE IF NOT EXISTS WF_REQUEST ( UUID VARCHAR (45), CREATED_BY VARCHAR (255), @@ -738,10 +747,10 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( PROFILE_NAME VARCHAR(45), HOST_URL_MANAGER VARCHAR(255), HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), + USERNAME VARCHAR(100), PASSWORD VARCHAR(1023), CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), + CALLBACK_USERNAME VARCHAR (100), CALLBACK_PASSWORD VARCHAR (255), TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (PROFILE_NAME, TENANT_ID) @@ -996,19 +1005,24 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( + ID INTEGER NOT NULL AUTO_INCREMENT, AUTH_CODE_KEY CHAR (36), SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE + FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE, + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, IDP_SESSION_ID VARCHAR(255) NOT NULL, SESSION_ID VARCHAR(255) NOT NULL, IDP_NAME VARCHAR(255) NOT NULL, AUTHENTICATOR_ID VARCHAR(255), PROTOCOL_TYPE VARCHAR(255), TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) + TENANT_ID INTEGER NOT NULL DEFAULT 0, + PRIMARY KEY (ID), + UNIQUE (IDP_SESSION_ID, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( @@ -1022,7 +1036,10 @@ CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), -('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); +('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'), +('669b99ca-cdb0-44a6-8cae-babed3b585df', 'Publisher', 'A resource type to keep the event publisher configurations'), +('73f6d9ca-62f4-4566-bab9-2a930ae51ba8', 'BRANDING_PREFERENCES', 'A resource type to keep the tenant branding preferences'), +('899c69b2-8bf7-46b5-9666-f7f99f90d6cc', 'fido-config', 'A resource type to store FIDO authenticator related preferences'); CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( ID VARCHAR(255) NOT NULL, @@ -1133,17 +1150,75 @@ CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE ) ENGINE INNODB; +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_USER_CONSENT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_ID VARCHAR(255) NOT NULL, + APP_ID CHAR(36) NOT NULL, + TENANT_ID INTEGER NOT NULL DEFAULT -1, + CONSENT_ID VARCHAR(255) NOT NULL, + + PRIMARY KEY (ID), + FOREIGN KEY (APP_ID) REFERENCES SP_APP(UUID) ON DELETE CASCADE, + UNIQUE (USER_ID, APP_ID, TENANT_ID), + UNIQUE (CONSENT_ID) +) ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_USER_CONSENTED_SCOPES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSENT_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL DEFAULT -1, + SCOPE VARCHAR(255) NOT NULL, + CONSENT BOOLEAN NOT NULL DEFAULT 1, + + PRIMARY KEY (ID), + FOREIGN KEY (CONSENT_ID) REFERENCES IDN_OAUTH2_USER_CONSENT(CONSENT_ID) ON DELETE CASCADE, + UNIQUE (CONSENT_ID, SCOPE) +) ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_SECRET_TYPE ( + ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT SECRET_TYPE_NAME_CONSTRAINT UNIQUE (NAME) +)ENGINE INNODB; + +INSERT INTO IDN_SECRET_TYPE (ID, NAME, DESCRIPTION) VALUES +('1358bdbf-e0cc-4268-a42c-c3e0960e13f0', 'ADAPTIVE_AUTH_CALL_CHOREO', 'Secret type to uniquely identify secrets relevant to callChoreo adaptive auth function'); + +CREATE TABLE IF NOT EXISTS IDN_SECRET ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + SECRET_NAME VARCHAR(255) NOT NULL, + SECRET_VALUE VARCHAR(8000) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + TYPE_ID VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023) NULL, + PRIMARY KEY (ID), + FOREIGN KEY (TYPE_ID) REFERENCES IDN_SECRET_TYPE(ID) ON DELETE CASCADE, + UNIQUE (SECRET_NAME, TENANT_ID, TYPE_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS SP_SHARED_APP ( + ID INTEGER NOT NULL AUTO_INCREMENT, + MAIN_APP_ID CHAR(36) NOT NULL, + OWNER_ORG_ID CHAR(36) NOT NULL, + SHARED_APP_ID CHAR(36) NOT NULL, + SHARED_ORG_ID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (MAIN_APP_ID) REFERENCES SP_APP(UUID) ON DELETE CASCADE, + FOREIGN KEY (SHARED_APP_ID) REFERENCES SP_APP(UUID) ON DELETE CASCADE, + UNIQUE (MAIN_APP_ID, OWNER_ORG_ID, SHARED_ORG_ID), + UNIQUE (SHARED_APP_ID) +)ENGINE INNODB; + -- --------------------------- INDEX CREATION ----------------------------- -- IDN_OAUTH2_ACCESS_TOKEN -- CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); -CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); -CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); -CREATE INDEX IDX_AT_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN); -CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); -CREATE INDEX IDX_AT_RT ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN); CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); -- IDN_OAUTH2_AUTHORIZATION_CODE -- @@ -1151,7 +1226,6 @@ CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHO CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); -CREATE INDEX IDX_AC_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(AUTHORIZATION_CODE, CONSUMER_KEY_ID); -- IDN_SCIM_GROUP -- CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); @@ -1159,6 +1233,8 @@ CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME -- IDN_AUTH_SESSION_STORE -- CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); +CREATE INDEX IDX_IDN_AUTH_SSTR_ST_OP_ID_TM ON IDN_AUTH_SESSION_STORE (OPERATION, SESSION_TYPE, SESSION_ID, TIME_CREATED); +CREATE INDEX IDX_IDN_AUTH_SSTR_ET_ID ON IDN_AUTH_SESSION_STORE (EXPIRY_TIME, SESSION_ID); -- IDN_AUTH_TEMP_SESSION_STORE -- CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); @@ -1189,6 +1265,9 @@ CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); +-- IDN_AUTH_SESSION_APP_INFO -- +CREATE INDEX IDX_AUTH_SAI_UN_AID_SID ON IDN_AUTH_SESSION_APP_INFO (APP_ID, SUBJECT, SESSION_ID); + -- IDN_OAUTH_CONSUMER_APPS -- CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); @@ -1196,7 +1275,7 @@ CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); -- IDN_OIDC_PROPERTY -- -CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); +CREATE INDEX IDX_IOP_CK ON IDN_OIDC_PROPERTY(CONSUMER_KEY); -- IDN_FIDO2_PROPERTY -- CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); @@ -1206,6 +1285,7 @@ CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCI -- IDN_OAUTH2_TOKEN_BINDING -- CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); +CREATE INDEX IDX_TK_VALUE_TYPE ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_VALUE, TOKEN_BINDING_TYPE); -- IDN_FED_AUTH_SESSION_MAPPING -- CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); diff --git a/docker-compose/is/conf/mysql/scripts/mysql_shared.sql b/docker-compose/is/conf/mysql/scripts/mysql_shared.sql index e45e4db2..ba46ef70 100644 --- a/docker-compose/is/conf/mysql/scripts/mysql_shared.sql +++ b/docker-compose/is/conf/mysql/scripts/mysql_shared.sql @@ -15,7 +15,7 @@ CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( CREATE TABLE IF NOT EXISTS REG_LOG ( REG_LOG_ID INTEGER AUTO_INCREMENT, REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, + REG_USER_ID VARCHAR (255) NOT NULL, REG_LOGGED_TIME TIMESTAMP NOT NULL, REG_ACTION INTEGER NOT NULL, REG_ACTION_DATA VARCHAR (500), @@ -59,9 +59,9 @@ CREATE TABLE IF NOT EXISTS REG_RESOURCE ( REG_NAME VARCHAR(256), REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, + REG_CREATOR VARCHAR(255) NOT NULL, REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), + REG_LAST_UPDATOR VARCHAR(255), REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REG_DESCRIPTION VARCHAR(1000), REG_CONTENT_ID INTEGER, @@ -83,9 +83,9 @@ CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( REG_NAME VARCHAR(256), REG_VERSION INTEGER NOT NULL, REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, + REG_CREATOR VARCHAR(255) NOT NULL, REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), + REG_LAST_UPDATOR VARCHAR(255), REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REG_DESCRIPTION VARCHAR(1000), REG_CONTENT_ID INTEGER, @@ -103,18 +103,20 @@ CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE CREATE TABLE IF NOT EXISTS REG_COMMENT ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_COMMENTED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( + ID INTEGER NOT NULL AUTO_INCREMENT, REG_COMMENT_ID INTEGER NOT NULL, REG_VERSION INTEGER, REG_PATH_ID INTEGER, REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID) )ENGINE INNODB; ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -125,18 +127,20 @@ CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMM CREATE TABLE IF NOT EXISTS REG_RATING ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_RATED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( + ID INTEGER NOT NULL AUTO_INCREMENT, REG_RATING_ID INTEGER NOT NULL, REG_VERSION INTEGER, REG_PATH_ID INTEGER, REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID) )ENGINE INNODB; ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -148,18 +152,20 @@ CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATIN CREATE TABLE IF NOT EXISTS REG_TAG ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_TAGGED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( + ID INTEGER NOT NULL AUTO_INCREMENT, REG_TAG_ID INTEGER NOT NULL, REG_VERSION INTEGER, REG_PATH_ID INTEGER, REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID) )ENGINE INNODB; ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -176,11 +182,13 @@ CREATE TABLE IF NOT EXISTS REG_PROPERTY ( )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, REG_PROPERTY_ID INTEGER NOT NULL, REG_VERSION INTEGER, REG_PATH_ID INTEGER, REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID) )ENGINE INNODB; ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -241,6 +249,7 @@ CREATE TABLE UM_TENANT ( UM_ACTIVE BOOLEAN DEFAULT FALSE, UM_CREATED_DATE TIMESTAMP NOT NULL, UM_USER_CONFIG LONGBLOB, + UM_ORG_UUID VARCHAR(36) DEFAULT NULL, PRIMARY KEY (UM_ID), UNIQUE(UM_DOMAIN_NAME), UNIQUE(UM_TENANT_UUID) @@ -267,9 +276,12 @@ CREATE TABLE UM_USER ( UM_CHANGED_TIME TIMESTAMP NOT NULL, UM_TENANT_ID INTEGER DEFAULT 0, PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) + UNIQUE(UM_USER_ID), + UNIQUE(UM_USER_NAME, UM_TENANT_ID) )ENGINE INNODB; +CREATE UNIQUE INDEX INDEX_UM_USERNAME_UM_TENANT_ID ON UM_USER(UM_USER_NAME, UM_TENANT_ID); + CREATE TABLE UM_SYSTEM_USER ( UM_ID INTEGER NOT NULL AUTO_INCREMENT, UM_USER_NAME VARCHAR(255) NOT NULL, @@ -355,13 +367,15 @@ CREATE TABLE UM_USER_ROLE ( )ENGINE INNODB; CREATE TABLE UM_SHARED_USER_ROLE( + ID INTEGER NOT NULL AUTO_INCREMENT, UM_ROLE_ID INTEGER NOT NULL, UM_USER_ID INTEGER NOT NULL, UM_USER_TENANT_ID INTEGER NOT NULL, UM_ROLE_TENANT_ID INTEGER NOT NULL, UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE + FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE UM_ACCOUNT_MAPPING( @@ -389,7 +403,7 @@ CREATE TABLE UM_USER_ATTRIBUTE ( CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); -CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE); +CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); CREATE TABLE UM_DIALECT( UM_ID INTEGER NOT NULL AUTO_INCREMENT, @@ -513,3 +527,92 @@ CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( )ENGINE INNODB; CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); + +CREATE TABLE IF NOT EXISTS UM_GROUP_UUID_DOMAIN_MAPPER ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_GROUP_ID VARCHAR(255) NOT NULL, + UM_DOMAIN_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID), + UNIQUE (UM_GROUP_ID), + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE INDEX GRP_UUID_DM_GRP_ID_TID ON UM_GROUP_UUID_DOMAIN_MAPPER(UM_GROUP_ID, UM_TENANT_ID); + +-- ################################ +-- ORGANIZATION MANAGEMENT TABLES +-- ################################ + +CREATE TABLE IF NOT EXISTS UM_ORG ( + UM_ID VARCHAR(36) NOT NULL, + UM_ORG_NAME VARCHAR(255) NOT NULL, + UM_ORG_DESCRIPTION VARCHAR(1024), + UM_CREATED_TIME TIMESTAMP NOT NULL, + UM_LAST_MODIFIED TIMESTAMP NOT NULL, + UM_STATUS VARCHAR(255) DEFAULT 'ACTIVE' NOT NULL, + UM_PARENT_ID VARCHAR(36), + UM_ORG_TYPE VARCHAR(100) NOT NULL, + PRIMARY KEY (UM_ID), + FOREIGN KEY (UM_PARENT_ID) REFERENCES UM_ORG(UM_ID) ON DELETE CASCADE +)ENGINE INNODB; + +INSERT IGNORE INTO UM_ORG (UM_ID, UM_ORG_NAME, UM_ORG_DESCRIPTION, UM_CREATED_TIME, UM_LAST_MODIFIED, UM_STATUS, UM_ORG_TYPE) +VALUES ('10084a8d-113f-4211-a0d5-efe36b082211', 'Super', 'This is the super organization.', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, 'ACTIVE', 'TENANT'); + +CREATE TABLE IF NOT EXISTS UM_ORG_ATTRIBUTE ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ORG_ID VARCHAR(36) NOT NULL, + UM_ATTRIBUTE_KEY VARCHAR(255) NOT NULL, + UM_ATTRIBUTE_VALUE VARCHAR(512), + PRIMARY KEY (UM_ID), + UNIQUE (UM_ORG_ID, UM_ATTRIBUTE_KEY), + FOREIGN KEY (UM_ORG_ID) REFERENCES UM_ORG(UM_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS UM_ORG_ROLE ( + UM_ROLE_ID VARCHAR(255) NOT NULL, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_ORG_ID VARCHAR(36) NOT NULL, + PRIMARY KEY(UM_ROLE_ID), + CONSTRAINT FK_UM_ORG_ROLE_UM_ORG FOREIGN KEY (UM_ORG_ID) REFERENCES UM_ORG (UM_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS UM_ORG_PERMISSION( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_RESOURCE_ID VARCHAR(255) NOT NULL, + UM_ACTION VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS UM_ORG_ROLE_USER ( + UM_USER_ID VARCHAR(255) NOT NULL, + UM_ROLE_ID VARCHAR(255) NOT NULL, + CONSTRAINT FK_UM_ORG_ROLE_USER_UM_ORG_ROLE FOREIGN KEY (UM_ROLE_ID) REFERENCES UM_ORG_ROLE(UM_ROLE_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS UM_ORG_ROLE_GROUP( + UM_GROUP_ID VARCHAR(255) NOT NULL, + UM_ROLE_ID VARCHAR(255) NOT NULL, + CONSTRAINT FK_UM_ORG_ROLE_GROUP_UM_ORG_ROLE FOREIGN KEY (UM_ROLE_ID) REFERENCES UM_ORG_ROLE(UM_ROLE_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS UM_ORG_ROLE_PERMISSION( + UM_PERMISSION_ID INTEGER NOT NULL, + UM_ROLE_ID VARCHAR(255) NOT NULL, + CONSTRAINT FK_UM_ORG_ROLE_PERMISSION_UM_ORG_ROLE FOREIGN KEY (UM_ROLE_ID) REFERENCES UM_ORG_ROLE(UM_ROLE_ID) ON DELETE CASCADE, + CONSTRAINT FK_UM_ORG_ROLE_PERMISSION_UM_ORG_PERMISSION FOREIGN KEY (UM_PERMISSION_ID) REFERENCES UM_ORG_PERMISSION(UM_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS UM_ORG_HIERARCHY ( + UM_PARENT_ID VARCHAR(36) NOT NULL, + UM_ID VARCHAR(36) NOT NULL, + DEPTH INTEGER, + PRIMARY KEY (UM_PARENT_ID, UM_ID), + FOREIGN KEY (UM_PARENT_ID) REFERENCES UM_ORG(UM_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_ID) REFERENCES UM_ORG(UM_ID) ON DELETE CASCADE +)ENGINE INNODB; + +INSERT IGNORE INTO UM_ORG_HIERARCHY (UM_PARENT_ID, UM_ID, DEPTH) +VALUES ('10084a8d-113f-4211-a0d5-efe36b082211', '10084a8d-113f-4211-a0d5-efe36b082211', 0); diff --git a/docker-compose/is/dockerfiles/is/Dockerfile b/docker-compose/is/dockerfiles/is/Dockerfile index 2c95dce8..c9b70328 100644 --- a/docker-compose/is/dockerfiles/is/Dockerfile +++ b/docker-compose/is/dockerfiles/is/Dockerfile @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # -# Copyright 2020 WSO2, Inc. (http://wso2.com) +# Copyright 2020 WSO2, LLC. (http://wso2.com) # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ # ------------------------------------------------------------------------ # set base Docker image to WSO2 Identity Server Docker image with latest WSO2 Updates -FROM docker.wso2.com/wso2is:5.11.0.0 +FROM docker.wso2.com/wso2is:6.0.0.0 LABEL maintainer="WSO2 Docker Maintainers " # build arguments for external artifacts diff --git a/dockerfiles/alpine/is/Dockerfile b/dockerfiles/alpine/is/Dockerfile index 264ab470..d647b2fe 100755 --- a/dockerfiles/alpine/is/Dockerfile +++ b/dockerfiles/alpine/is/Dockerfile @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # -# Copyright 2021 WSO2, Inc. (http://wso2.com) +# Copyright 2021 WSO2, LLC. (http://wso2.com) # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ # set base Docker image to Alpine Docker image FROM alpine:3.16.0 LABEL maintainer="WSO2 Docker Maintainers " \ - com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.11.0.15" + com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v6.0.0.1" ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' @@ -66,11 +66,10 @@ ARG USER_GROUP_ID=802 ARG USER_HOME=/home/${USER} # build arguments for WSO2 product installation ARG WSO2_SERVER_NAME=wso2is -ARG WSO2_SERVER_VERSION=5.11.0 +ARG WSO2_SERVER_VERSION=6.0.0 ARG WSO2_SERVER_REPOSITORY=product-is ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} -ARG WSO2_SERVER_DIST_URL=https://github.com/wso2/${WSO2_SERVER_REPOSITORY}/releases/download/v${WSO2_SERVER_VERSION}/${WSO2_SERVER}.zip # build arguments for external artifacts ARG DNS_JAVA_VERSION=2.1.8 ARG K8S_MEMBERSHIP_SCHEME_VERSION=1.0.9 @@ -107,10 +106,14 @@ RUN \ && apk add unzip \ && apk add wget -# add the WSO2 product distribution to user's home directory +## set the user and work directory +USER ${USER_ID} +WORKDIR ${USER_HOME} + +COPY --chown=wso2carbon:wso2 ${WSO2_SERVER}.zip ${USER_HOME}/ + RUN \ - wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ - && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ + unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ && rm -f ${WSO2_SERVER}.zip @@ -120,10 +123,6 @@ ADD --chown=wso2carbon:wso2 http://maven.wso2.org/nexus/content/repositories/rel # add MySQL JDBC connector to server home as a third party library ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/mysql/mysql-connector-java/${MYSQL_CONNECTOR_VERSION}/mysql-connector-java-${MYSQL_CONNECTOR_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins/ -# set the user and work directory -USER ${USER_ID} -WORKDIR ${USER_HOME} - # set environment variables ENV WORKING_DIRECTORY=${USER_HOME} \ WSO2_SERVER_HOME=${WSO2_SERVER_HOME} diff --git a/dockerfiles/alpine/is/README.md b/dockerfiles/alpine/is/README.md index ec57490b..feef6560 100755 --- a/dockerfiles/alpine/is/README.md +++ b/dockerfiles/alpine/is/README.md @@ -17,27 +17,28 @@ git clone https://github.com/wso2/docker-is.git >The local copy of the `dockerfiles/alpine/is` directory will be referred to as `IS_DOCKERFILE_HOME` from this point onwards. -##### 2. Build the Docker image. +##### 2. Copy the `wso2is-6.0.0.zip` to the `docker-is/dockerfiles/alpine/is` directory +##### 3. Build the Docker image. - Navigate to `` directory.
Execute `docker build` command as shown below. - + `docker build -t wso2is:5.11.0-alpine .` + + `docker build -t wso2is:6.0.0-alpine .` > By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. > Tip - If you require the container to run with a different UID and GID, pass the preferred values of the UID and GID > as values for build arguments `USER_ID` and `USER_GROUP_ID` when building the image, as shown below. Note > that setting lower values for the UID and GID is not recommended. -+ `docker build -t wso2is:5.11.0-alpine --build-arg USER_ID= --build-arg USER_GROUP_ID= .` ++ `docker build -t wso2is:6.0.0-alpine --build-arg USER_ID= --build-arg USER_GROUP_ID= .` -##### 3. Running the Docker image. +##### 4. Running the Docker image. - `docker run -it -p 9443:9443 wso2is:5.11.0-alpine` >Here, only port 9443 (HTTPS servlet transport) has been mapped to a Docker host port. You may map other container service ports, which have been exposed to Docker host ports, as desired. -##### 4. Accessing management consoles. +##### 5. Accessing management consoles. - To access the user interfaces, use the docker host IP and port 9443. + Management Console: `https://:9443/console` @@ -52,7 +53,7 @@ As an example, steps required to change the port offset using `deployment.toml` ##### 1. Stop the Identity Server container if it's already running. -In WSO2 Identity Server version `5.11.0` product distribution, `deployment.toml` configuration file
+In WSO2 Identity Server version `6.0.0` product distribution, `deployment.toml` configuration file
can be found at `/repository/conf`. Copy the file to some suitable location of the host machine,
referred to as `/deployment.toml` and change the `[server] -> offset` value to 1. @@ -68,10 +69,10 @@ chmod o+r /deployment.toml docker run \ -p 9444:9444 \ --volume /deployment.toml:/deployment.toml \ -wso2is:5.11.0-alpine +wso2is:6.0.0-alpine ``` ->In here, refers to /home/wso2carbon/wso2is-5.11.0/repository/conf folder of the container. +>In here, refers to /home/wso2carbon/wso2is-6.0.0/repository/conf folder of the container. ## Docker command usage references diff --git a/dockerfiles/alpine/is/docker-entrypoint.sh b/dockerfiles/alpine/is/docker-entrypoint.sh index 3d00248e..f8b8705a 100755 --- a/dockerfiles/alpine/is/docker-entrypoint.sh +++ b/dockerfiles/alpine/is/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/sh # ------------------------------------------------------------------------ -# Copyright 2021 WSO2, Inc. (http://wso2.com) +# Copyright 2021 WSO2, LLC. (http://wso2.com) # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/dockerfiles/centos/is/Dockerfile b/dockerfiles/centos/is/Dockerfile deleted file mode 100755 index ceb2bc6c..00000000 --- a/dockerfiles/centos/is/Dockerfile +++ /dev/null @@ -1,131 +0,0 @@ -# ------------------------------------------------------------------------ -# -# Copyright 2021 WSO2, Inc. (http://wso2.com) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License -# -# ------------------------------------------------------------------------ - -# set base Docker image to CentOS Docker image -FROM centos:7 -LABEL maintainer="WSO2 Docker Maintainers " \ - com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.11.0.15" - -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' - -# Install JDK Dependencies -RUN yum install -y tzdata openssl curl ca-certificates fontconfig gzip tar \ - && yum clean all - -ENV JAVA_VERSION jdk-11.0.13+8 - -# Install JDK11 -RUN set -eux; \ - ARCH="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \ - case "${ARCH}" in \ - amd64|i386:x86-64) \ - ESUM='3b1c0c34be4c894e64135a454f2d5aaa4bd10aea04ec2fa0c0efe6bb26528e30'; \ - BINARY_URL='https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.13%2B8/OpenJDK11U-jdk_x64_linux_hotspot_11.0.13_8.tar.gz'; \ - ;; \ - *) \ - echo "Unsupported arch: ${ARCH}"; \ - exit 1; \ - ;; \ - esac; \ - curl -LfsSo /tmp/openjdk.tar.gz ${BINARY_URL}; \ - echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ - mkdir -p /opt/java/openjdk; \ - cd /opt/java/openjdk; \ - tar -xf /tmp/openjdk.tar.gz --strip-components=1; \ - rm -rf /tmp/openjdk.tar.gz; - -ENV JAVA_HOME=/opt/java/openjdk \ - PATH="/opt/java/openjdk/bin:$PATH" - -# set Docker image build arguments -# build arguments for user/group configurations -ARG USER=wso2carbon -ARG USER_ID=802 -ARG USER_GROUP=wso2 -ARG USER_GROUP_ID=802 -ARG USER_HOME=/home/${USER} -# build arguments for WSO2 product installation -ARG WSO2_SERVER_NAME=wso2is -ARG WSO2_SERVER_VERSION=5.11.0 -ARG WSO2_SERVER_REPOSITORY=product-is -ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} -ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} -ARG WSO2_SERVER_DIST_URL=https://github.com/wso2/${WSO2_SERVER_REPOSITORY}/releases/download/v${WSO2_SERVER_VERSION}/${WSO2_SERVER}.zip -# build arguments for external artifacts -ARG DNS_JAVA_VERSION=2.1.8 -ARG K8S_MEMBERSHIP_SCHEME_VERSION=1.0.9 -ARG MYSQL_CONNECTOR_VERSION=8.0.29 -# build argument for MOTD -ARG MOTD='printf "\n\ -Welcome to WSO2 Docker resources.\n\ ------------------------------------- \n\ -This Docker container comprises of a WSO2 product, running with its latest GA release \n\ -which is under the Apache License, Version 2.0. \n\ -Read more about Apache License, Version 2.0 here @ http://www.apache.org/licenses/LICENSE-2.0.\n"' - -# create the non-root user and group and set MOTD login message -RUN \ - groupadd --system -g ${USER_GROUP_ID} ${USER_GROUP} \ - && useradd --system --create-home --home-dir ${USER_HOME} --no-log-init -g ${USER_GROUP_ID} -u ${USER_ID} ${USER} \ - && echo ${MOTD} > /etc/profile.d/motd.sh -# create Java prefs dir -# this is to avoid warning logs printed by FileSystemPreferences class -RUN \ - mkdir -p ${USER_HOME}/.java/.systemPrefs \ - && mkdir -p ${USER_HOME}/.java/.userPrefs \ - && chmod -R 755 ${USER_HOME}/.java \ - && chown -R ${USER}:${USER_GROUP} ${USER_HOME}/.java - -# copy init script to user home -COPY --chown=wso2carbon:wso2 docker-entrypoint.sh ${USER_HOME}/ - -# install required packages -RUN \ - yum -y update \ - && yum install -y \ - nc \ - unzip \ - wget \ - && rm -rf /var/cache/yum/* - -# add the WSO2 product distribution to user's home directory -RUN \ - wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ - && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ - && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ - && rm -f ${WSO2_SERVER}.zip - -# add libraries for Kubernetes membership scheme based clustering -ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/dnsjava/dnsjava/${DNS_JAVA_VERSION}/dnsjava-${DNS_JAVA_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/lib -ADD --chown=wso2carbon:wso2 http://maven.wso2.org/nexus/content/repositories/releases/org/wso2/carbon/kubernetes/artifacts/kubernetes-membership-scheme/${K8S_MEMBERSHIP_SCHEME_VERSION}/kubernetes-membership-scheme-${K8S_MEMBERSHIP_SCHEME_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins -# add MySQL JDBC connector to server home as a third party library -ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/mysql/mysql-connector-java/${MYSQL_CONNECTOR_VERSION}/mysql-connector-java-${MYSQL_CONNECTOR_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins/ - -# set the user and work directory -USER ${USER_ID} -WORKDIR ${USER_HOME} - -# set environment variables -ENV WORKING_DIRECTORY=${USER_HOME} \ - WSO2_SERVER_HOME=${WSO2_SERVER_HOME} - -# expose ports -EXPOSE 4000 9763 9443 - -# initiate container and start WSO2 Carbon server -ENTRYPOINT ["/home/wso2carbon/docker-entrypoint.sh"] diff --git a/dockerfiles/centos/is/README.md b/dockerfiles/centos/is/README.md deleted file mode 100755 index f71078d7..00000000 --- a/dockerfiles/centos/is/README.md +++ /dev/null @@ -1,80 +0,0 @@ -# Dockerfile for WSO2 Identity Server # - -This section defines the step-by-step instructions to build an [CentOS](https://hub.docker.com/_/centos/) Linux based Docker image for WSO2 Identity Server `5.11.0`. - -## Prerequisites - -* [Docker](https://www.docker.com/get-docker) `v17.09.0` or above -* [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) client - -## How to build an image and run - -##### 1. Checkout this repository into your local machine using the following Git client command. - -``` -git clone https://github.com/wso2/docker-is.git -``` - ->The local copy of the `dockerfiles/centos/is` directory will be referred to as `IS_DOCKERFILE_HOME` from this point onwards. - -##### 2. Build the Docker image. - -- Navigate to `` directory.
- Execute `docker build` command as shown below. - + `docker build -t wso2is:5.11.0-centos .` - -> By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. - -> Tip - If you require the container to run with a different UID and GID, pass the preferred values of the UID and GID -> as values for build arguments `USER_ID` and `USER_GROUP_ID` when building the image, as shown below. Note -> that setting lower values for the UID and GID is not recommended. -+ `docker build -t wso2is:5.11.0-centos --build-arg USER_ID= --build-arg USER_GROUP_ID= .` - -##### 3. Running the Docker image. - -- `docker run -it -p 9443:9443 wso2is:5.11.0-centos` - ->Here, only port 9443 (HTTPS servlet transport) has been mapped to a Docker host port. -You may map other container service ports, which have been exposed to Docker host ports, as desired. - -##### 4. Accessing management consoles. - -- To access the user interfaces, use the docker host IP and port 9443. - + Management Console: `https://:9443/console` - + User Portal: `https://:9443/myaccount` - ->In here, refers to hostname or IP of the host machine on top of which containers are spawned. - -## How to update configurations - -Configurations would lie on the Docker host machine and they can be volume mounted to the container.
-As an example, steps required to change the port offset using `deployment.toml` is as follows: - -##### 1. Stop the Identity Server container if it's already running. - -In WSO2 Identity Server version `5.11.0` product distribution, `deployment.toml` configuration file
-can be found at `/repository/conf`. Copy the file to some suitable location of the host machine,
-referred to as `/deployment.toml` and change the `[server] -> offset` value to 1. - -##### 2. Grant read permission to `other` users for `/deployment.toml`. - -``` -chmod o+r /deployment.toml -``` - -##### 3. Run the image by mounting the file to container as follows: - -``` -docker run \ --p 9444:9444 \ ---volume /deployment.toml:/deployment.toml \ -wso2is:5.11.0-centos -``` - ->In here, refers to /home/wso2carbon/wso2is-5.11.0/repository/conf folder of the container. - -## Docker command usage references - -* [Docker build command reference](https://docs.docker.com/engine/reference/commandline/build/) -* [Docker run command reference](https://docs.docker.com/engine/reference/run/) -* [Dockerfile reference](https://docs.docker.com/engine/reference/builder/) diff --git a/dockerfiles/centos/is/docker-entrypoint.sh b/dockerfiles/centos/is/docker-entrypoint.sh deleted file mode 100755 index 3d00248e..00000000 --- a/dockerfiles/centos/is/docker-entrypoint.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# ------------------------------------------------------------------------ -# Copyright 2021 WSO2, Inc. (http://wso2.com) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License -# ------------------------------------------------------------------------ - -set -e - -# volume mounts -config_volume=${WORKING_DIRECTORY}/wso2-config-volume -artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - -# check if the WSO2 non-root user home exists -test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - -# check if the WSO2 product home exists -test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - -# copy any configuration changes mounted to config_volume -test -d ${config_volume} && [ "$(ls -A ${config_volume})" ] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ -# copy any artifact changes mounted to artifact_volume -test -d ${artifact_volume} && [ "$(ls -A ${artifact_volume})" ] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - -# start WSO2 Carbon server -sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" diff --git a/dockerfiles/jdk8/alpine/is/Dockerfile b/dockerfiles/jdk8/alpine/is/Dockerfile deleted file mode 100755 index eeac96dd..00000000 --- a/dockerfiles/jdk8/alpine/is/Dockerfile +++ /dev/null @@ -1,148 +0,0 @@ -# ------------------------------------------------------------------------ -# -# Copyright 2021 WSO2, Inc. (http://wso2.com) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License -# -# ------------------------------------------------------------------------ - -# set base Docker image to Alpine Docker image -FROM alpine:3.16.0 -LABEL maintainer="WSO2 Docker Maintainers " \ - com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.11.0.15" -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' - -# Install JDK Dependencies -RUN apk add --no-cache tzdata musl-locales musl-locales-lang \ - && rm -rf /var/cache/apk/* - -ENV JAVA_VERSION jdk8u322-b06 - -RUN apk --no-progress --purge --no-cache upgrade \ -&& apk --no-progress --purge --no-cache add --upgrade \ - curl \ - wget \ - openssh \ -&& apk --no-progress --purge --no-cache upgrade \ -&& rm -vrf /var/cache/apk/* \ -&& curl --version - -RUN curl -o /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub \ -&& curl -LO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.32-r0/glibc-2.32-r0.apk \ -&& apk add glibc-2.32-r0.apk - -#Install JDK8 -RUN set -eux; \ - apk add --no-cache --virtual .fetch-deps curl; \ - ARCH="$(apk --print-arch)"; \ - case "${ARCH}" in \ - amd64|x86_64) \ - ESUM='3d62362a78c9412766471b05253507a4cfc212daea5cdf122860173ce902400e'; \ - BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u322-b06/OpenJDK8U-jdk_x64_linux_hotspot_8u322b06.tar.gz'; \ - ;; \ - *) \ - echo "Unsupported arch: ${ARCH}"; \ - exit 1; \ - ;; \ - esac; \ - wget -O /tmp/openjdk.tar.gz ${BINARY_URL}; \ - echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ - mkdir -p /opt/java/openjdk; \ - tar --extract \ - --file /tmp/openjdk.tar.gz \ - --directory /opt/java/openjdk \ - --strip-components 1 \ - --no-same-owner \ - ; \ - rm -rf /tmp/openjdk.tar.gz; - -ENV JAVA_HOME=/opt/java/openjdk \ - PATH="/opt/java/openjdk/bin:$PATH" ENV=${USER_HOME}"/.ashrc" - -# set Docker image build arguments -# build arguments for user/group configurations -ARG USER=wso2carbon -ARG USER_ID=802 -ARG USER_GROUP=wso2 -ARG USER_GROUP_ID=802 -ARG USER_HOME=/home/${USER} -# build arguments for WSO2 product installation -ARG WSO2_SERVER_NAME=wso2is -ARG WSO2_SERVER_VERSION=5.11.0 -ARG WSO2_SERVER_REPOSITORY=product-is -ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} -ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} -ARG WSO2_SERVER_DIST_URL=https://github.com/wso2/${WSO2_SERVER_REPOSITORY}/releases/download/v${WSO2_SERVER_VERSION}/${WSO2_SERVER}.zip -# build arguments for external artifacts -ARG DNS_JAVA_VERSION=2.1.8 -ARG K8S_MEMBERSHIP_SCHEME_VERSION=1.0.9 -ARG MYSQL_CONNECTOR_VERSION=8.0.29 -# build argument for MOTD -ARG MOTD='printf "\n\ - Welcome to WSO2 Docker Resources \n\ - --------------------------------- \n\ - This Docker container comprises of a WSO2 product, running with its latest GA release \n\ - which is under the Apache License, Version 2.0. \n\ - Read more about Apache License, Version 2.0 here @ http://www.apache.org/licenses/LICENSE-2.0.\n"' -ENV ENV=${USER_HOME}"/.ashrc" - -# create the non-root user and group and set MOTD login message -RUN \ - addgroup -S -g ${USER_GROUP_ID} ${USER_GROUP} \ - && adduser -S -u ${USER_ID} -h ${USER_HOME} -G ${USER_GROUP} ${USER} \ - && echo ${MOTD} > "${ENV}" - -# create Java prefs dir -# this is to avoid warning logs printed by FileSystemPreferences class -RUN \ - mkdir -p ${USER_HOME}/.java/.systemPrefs \ - && mkdir -p ${USER_HOME}/.java/.userPrefs \ - && chmod -R 755 ${USER_HOME}/.java \ - && chown -R ${USER}:${USER_GROUP} ${USER_HOME}/.java - -# copy init script to user home -COPY --chown=wso2carbon:wso2 docker-entrypoint.sh ${USER_HOME}/ - -# install required packages -RUN \ - apk update \ - && apk add --no-cache netcat-openbsd \ - && apk add unzip \ - && apk add wget - -# add the WSO2 product distribution to user's home directory -RUN \ - wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ - && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ - && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ - && rm -f ${WSO2_SERVER}.zip - -# add libraries for Kubernetes membership scheme based clustering -ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/dnsjava/dnsjava/${DNS_JAVA_VERSION}/dnsjava-${DNS_JAVA_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/lib -ADD --chown=wso2carbon:wso2 http://maven.wso2.org/nexus/content/repositories/releases/org/wso2/carbon/kubernetes/artifacts/kubernetes-membership-scheme/${K8S_MEMBERSHIP_SCHEME_VERSION}/kubernetes-membership-scheme-${K8S_MEMBERSHIP_SCHEME_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins -# add MySQL JDBC connector to server home as a third party library -ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/mysql/mysql-connector-java/${MYSQL_CONNECTOR_VERSION}/mysql-connector-java-${MYSQL_CONNECTOR_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins/ - -# set the user and work directory -USER ${USER_ID} -WORKDIR ${USER_HOME} - -# set environment variables -ENV WORKING_DIRECTORY=${USER_HOME} \ - WSO2_SERVER_HOME=${WSO2_SERVER_HOME} - -# expose ports -EXPOSE 4000 9763 9443 - -# initiate container and start WSO2 Carbon server -ENTRYPOINT ["/home/wso2carbon/docker-entrypoint.sh"] diff --git a/dockerfiles/jdk8/alpine/is/README.md b/dockerfiles/jdk8/alpine/is/README.md deleted file mode 100755 index ec57490b..00000000 --- a/dockerfiles/jdk8/alpine/is/README.md +++ /dev/null @@ -1,80 +0,0 @@ -# Dockerfile for WSO2 Identity Server # - -This section defines the step-by-step instructions to build an [Alpine](https://hub.docker.com/_/alpine/) Linux based Docker image for WSO2 Identity Server `5.11.0`. - -## Prerequisites - -* [Docker](https://www.docker.com/get-docker) `v17.09.0` or above -* [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) client - -## How to build an image and run - -##### 1. Checkout this repository into your local machine using the following Git client command. - -``` -git clone https://github.com/wso2/docker-is.git -``` - ->The local copy of the `dockerfiles/alpine/is` directory will be referred to as `IS_DOCKERFILE_HOME` from this point onwards. - -##### 2. Build the Docker image. - -- Navigate to `` directory.
- Execute `docker build` command as shown below. - + `docker build -t wso2is:5.11.0-alpine .` - -> By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. - -> Tip - If you require the container to run with a different UID and GID, pass the preferred values of the UID and GID -> as values for build arguments `USER_ID` and `USER_GROUP_ID` when building the image, as shown below. Note -> that setting lower values for the UID and GID is not recommended. -+ `docker build -t wso2is:5.11.0-alpine --build-arg USER_ID= --build-arg USER_GROUP_ID= .` - -##### 3. Running the Docker image. - -- `docker run -it -p 9443:9443 wso2is:5.11.0-alpine` - ->Here, only port 9443 (HTTPS servlet transport) has been mapped to a Docker host port. -You may map other container service ports, which have been exposed to Docker host ports, as desired. - -##### 4. Accessing management consoles. - -- To access the user interfaces, use the docker host IP and port 9443. - + Management Console: `https://:9443/console` - + User Portal: `https://:9443/myaccount` - ->In here, refers to hostname or IP of the host machine on top of which containers are spawned. - -## How to update configurations - -Configurations would lie on the Docker host machine and they can be volume mounted to the container.
-As an example, steps required to change the port offset using `deployment.toml` is as follows: - -##### 1. Stop the Identity Server container if it's already running. - -In WSO2 Identity Server version `5.11.0` product distribution, `deployment.toml` configuration file
-can be found at `/repository/conf`. Copy the file to some suitable location of the host machine,
-referred to as `/deployment.toml` and change the `[server] -> offset` value to 1. - -##### 2. Grant read permission to `other` users for `/deployment.toml`. - -``` -chmod o+r /deployment.toml -``` - -##### 3. Run the image by mounting the file to container as follows: - -``` -docker run \ --p 9444:9444 \ ---volume /deployment.toml:/deployment.toml \ -wso2is:5.11.0-alpine -``` - ->In here, refers to /home/wso2carbon/wso2is-5.11.0/repository/conf folder of the container. - -## Docker command usage references - -* [Docker build command reference](https://docs.docker.com/engine/reference/commandline/build/) -* [Docker run command reference](https://docs.docker.com/engine/reference/run/) -* [Dockerfile reference](https://docs.docker.com/engine/reference/builder/) diff --git a/dockerfiles/jdk8/alpine/is/docker-entrypoint.sh b/dockerfiles/jdk8/alpine/is/docker-entrypoint.sh deleted file mode 100755 index 3d00248e..00000000 --- a/dockerfiles/jdk8/alpine/is/docker-entrypoint.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# ------------------------------------------------------------------------ -# Copyright 2021 WSO2, Inc. (http://wso2.com) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License -# ------------------------------------------------------------------------ - -set -e - -# volume mounts -config_volume=${WORKING_DIRECTORY}/wso2-config-volume -artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - -# check if the WSO2 non-root user home exists -test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - -# check if the WSO2 product home exists -test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - -# copy any configuration changes mounted to config_volume -test -d ${config_volume} && [ "$(ls -A ${config_volume})" ] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ -# copy any artifact changes mounted to artifact_volume -test -d ${artifact_volume} && [ "$(ls -A ${artifact_volume})" ] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - -# start WSO2 Carbon server -sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" diff --git a/dockerfiles/jdk8/centos/is/Dockerfile b/dockerfiles/jdk8/centos/is/Dockerfile deleted file mode 100755 index 38c07747..00000000 --- a/dockerfiles/jdk8/centos/is/Dockerfile +++ /dev/null @@ -1,130 +0,0 @@ -# ------------------------------------------------------------------------ -# -# Copyright 2021 WSO2, Inc. (http://wso2.com) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License -# -# ------------------------------------------------------------------------ - -# set base Docker image to CentOS Docker image -FROM centos:7 -LABEL maintainer="WSO2 Docker Maintainers " \ - com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.11.0.15" -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' - -# Instal JDK Dependencies -RUN yum install -y tzdata openssl curl ca-certificates fontconfig gzip tar \ - && yum clean all - -ENV JAVA_VERSION jdk8u322-b06 - -# Install JDK8 -RUN set -eux; \ - ARCH="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \ - case "${ARCH}" in \ - amd64|i386:x86-64) \ - ESUM='3d62362a78c9412766471b05253507a4cfc212daea5cdf122860173ce902400e'; \ - BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u322-b06/OpenJDK8U-jdk_x64_linux_hotspot_8u322b06.tar.gz'; \ - ;; \ - *) \ - echo "Unsupported arch: ${ARCH}"; \ - exit 1; \ - ;; \ - esac; \ - curl -LfsSo /tmp/openjdk.tar.gz ${BINARY_URL}; \ - echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ - mkdir -p /opt/java/openjdk; \ - cd /opt/java/openjdk; \ - tar -xf /tmp/openjdk.tar.gz --strip-components=1; \ - rm -rf /tmp/openjdk.tar.gz; - -ENV JAVA_HOME=/opt/java/openjdk \ - PATH="/opt/java/openjdk/bin:$PATH" - -# set Docker image build arguments -# build arguments for user/group configurations -ARG USER=wso2carbon -ARG USER_ID=802 -ARG USER_GROUP=wso2 -ARG USER_GROUP_ID=802 -ARG USER_HOME=/home/${USER} -# build arguments for WSO2 product installation -ARG WSO2_SERVER_NAME=wso2is -ARG WSO2_SERVER_VERSION=5.11.0 -ARG WSO2_SERVER_REPOSITORY=product-is -ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} -ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} -ARG WSO2_SERVER_DIST_URL=https://github.com/wso2/${WSO2_SERVER_REPOSITORY}/releases/download/v${WSO2_SERVER_VERSION}/${WSO2_SERVER}.zip -# build arguments for external artifacts -ARG DNS_JAVA_VERSION=2.1.8 -ARG K8S_MEMBERSHIP_SCHEME_VERSION=1.0.9 -ARG MYSQL_CONNECTOR_VERSION=8.0.29 -# build argument for MOTD -ARG MOTD='printf "\n\ -Welcome to WSO2 Docker resources.\n\ ------------------------------------- \n\ -This Docker container comprises of a WSO2 product, running with its latest GA release \n\ -which is under the Apache License, Version 2.0. \n\ -Read more about Apache License, Version 2.0 here @ http://www.apache.org/licenses/LICENSE-2.0.\n"' - -# create the non-root user and group and set MOTD login message -RUN \ - groupadd --system -g ${USER_GROUP_ID} ${USER_GROUP} \ - && useradd --system --create-home --home-dir ${USER_HOME} --no-log-init -g ${USER_GROUP_ID} -u ${USER_ID} ${USER} \ - && echo ${MOTD} > /etc/profile.d/motd.sh -# create Java prefs dir -# this is to avoid warning logs printed by FileSystemPreferences class -RUN \ - mkdir -p ${USER_HOME}/.java/.systemPrefs \ - && mkdir -p ${USER_HOME}/.java/.userPrefs \ - && chmod -R 755 ${USER_HOME}/.java \ - && chown -R ${USER}:${USER_GROUP} ${USER_HOME}/.java - -# copy init script to user home -COPY --chown=wso2carbon:wso2 docker-entrypoint.sh ${USER_HOME}/ - -# install required packages -RUN \ - yum -y update \ - && yum install -y \ - nc \ - unzip \ - wget \ - && rm -rf /var/cache/yum/* - -# add the WSO2 product distribution to user's home directory -RUN \ - wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ - && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ - && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ - && rm -f ${WSO2_SERVER}.zip - -# add libraries for Kubernetes membership scheme based clustering -ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/dnsjava/dnsjava/${DNS_JAVA_VERSION}/dnsjava-${DNS_JAVA_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/lib -ADD --chown=wso2carbon:wso2 http://maven.wso2.org/nexus/content/repositories/releases/org/wso2/carbon/kubernetes/artifacts/kubernetes-membership-scheme/${K8S_MEMBERSHIP_SCHEME_VERSION}/kubernetes-membership-scheme-${K8S_MEMBERSHIP_SCHEME_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins -# add MySQL JDBC connector to server home as a third party library -ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/mysql/mysql-connector-java/${MYSQL_CONNECTOR_VERSION}/mysql-connector-java-${MYSQL_CONNECTOR_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins/ - -# set the user and work directory -USER ${USER_ID} -WORKDIR ${USER_HOME} - -# set environment variables -ENV WORKING_DIRECTORY=${USER_HOME} \ - WSO2_SERVER_HOME=${WSO2_SERVER_HOME} - -# expose ports -EXPOSE 4000 9763 9443 - -# initiate container and start WSO2 Carbon server -ENTRYPOINT ["/home/wso2carbon/docker-entrypoint.sh"] diff --git a/dockerfiles/jdk8/centos/is/README.md b/dockerfiles/jdk8/centos/is/README.md deleted file mode 100755 index f71078d7..00000000 --- a/dockerfiles/jdk8/centos/is/README.md +++ /dev/null @@ -1,80 +0,0 @@ -# Dockerfile for WSO2 Identity Server # - -This section defines the step-by-step instructions to build an [CentOS](https://hub.docker.com/_/centos/) Linux based Docker image for WSO2 Identity Server `5.11.0`. - -## Prerequisites - -* [Docker](https://www.docker.com/get-docker) `v17.09.0` or above -* [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) client - -## How to build an image and run - -##### 1. Checkout this repository into your local machine using the following Git client command. - -``` -git clone https://github.com/wso2/docker-is.git -``` - ->The local copy of the `dockerfiles/centos/is` directory will be referred to as `IS_DOCKERFILE_HOME` from this point onwards. - -##### 2. Build the Docker image. - -- Navigate to `` directory.
- Execute `docker build` command as shown below. - + `docker build -t wso2is:5.11.0-centos .` - -> By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. - -> Tip - If you require the container to run with a different UID and GID, pass the preferred values of the UID and GID -> as values for build arguments `USER_ID` and `USER_GROUP_ID` when building the image, as shown below. Note -> that setting lower values for the UID and GID is not recommended. -+ `docker build -t wso2is:5.11.0-centos --build-arg USER_ID= --build-arg USER_GROUP_ID= .` - -##### 3. Running the Docker image. - -- `docker run -it -p 9443:9443 wso2is:5.11.0-centos` - ->Here, only port 9443 (HTTPS servlet transport) has been mapped to a Docker host port. -You may map other container service ports, which have been exposed to Docker host ports, as desired. - -##### 4. Accessing management consoles. - -- To access the user interfaces, use the docker host IP and port 9443. - + Management Console: `https://:9443/console` - + User Portal: `https://:9443/myaccount` - ->In here, refers to hostname or IP of the host machine on top of which containers are spawned. - -## How to update configurations - -Configurations would lie on the Docker host machine and they can be volume mounted to the container.
-As an example, steps required to change the port offset using `deployment.toml` is as follows: - -##### 1. Stop the Identity Server container if it's already running. - -In WSO2 Identity Server version `5.11.0` product distribution, `deployment.toml` configuration file
-can be found at `/repository/conf`. Copy the file to some suitable location of the host machine,
-referred to as `/deployment.toml` and change the `[server] -> offset` value to 1. - -##### 2. Grant read permission to `other` users for `/deployment.toml`. - -``` -chmod o+r /deployment.toml -``` - -##### 3. Run the image by mounting the file to container as follows: - -``` -docker run \ --p 9444:9444 \ ---volume /deployment.toml:/deployment.toml \ -wso2is:5.11.0-centos -``` - ->In here, refers to /home/wso2carbon/wso2is-5.11.0/repository/conf folder of the container. - -## Docker command usage references - -* [Docker build command reference](https://docs.docker.com/engine/reference/commandline/build/) -* [Docker run command reference](https://docs.docker.com/engine/reference/run/) -* [Dockerfile reference](https://docs.docker.com/engine/reference/builder/) diff --git a/dockerfiles/jdk8/centos/is/docker-entrypoint.sh b/dockerfiles/jdk8/centos/is/docker-entrypoint.sh deleted file mode 100755 index 3d00248e..00000000 --- a/dockerfiles/jdk8/centos/is/docker-entrypoint.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# ------------------------------------------------------------------------ -# Copyright 2021 WSO2, Inc. (http://wso2.com) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License -# ------------------------------------------------------------------------ - -set -e - -# volume mounts -config_volume=${WORKING_DIRECTORY}/wso2-config-volume -artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - -# check if the WSO2 non-root user home exists -test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - -# check if the WSO2 product home exists -test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - -# copy any configuration changes mounted to config_volume -test -d ${config_volume} && [ "$(ls -A ${config_volume})" ] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ -# copy any artifact changes mounted to artifact_volume -test -d ${artifact_volume} && [ "$(ls -A ${artifact_volume})" ] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - -# start WSO2 Carbon server -sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" diff --git a/dockerfiles/jdk8/ubuntu/is/Dockerfile b/dockerfiles/jdk8/ubuntu/is/Dockerfile deleted file mode 100755 index ab1ff0ef..00000000 --- a/dockerfiles/jdk8/ubuntu/is/Dockerfile +++ /dev/null @@ -1,137 +0,0 @@ -# ------------------------------------------------------------------------ -# -# Copyright 2021 WSO2, Inc. (http://wso2.com) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License -# -# ------------------------------------------------------------------------ - -# set base Docker image to Ubuntu 20.04 Docker image -FROM ubuntu:20.04 - -LABEL maintainer="WSO2 Docker Maintainers " \ - com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.11.0.15" - -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' - -#Install JDK Dependencies -RUN apt-get update \ - && apt-get install -y --no-install-recommends tzdata curl ca-certificates fontconfig locales \ - && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen \ - && locale-gen en_US.UTF-8 \ - && rm -rf /var/lib/apt/lists/* - -ENV JAVA_VERSION jdk8u322-b06 - -#Install JDK8 -RUN set -eux; \ - ARCH="$(dpkg --print-architecture)"; \ - case "${ARCH}" in \ - amd64|x86_64) \ - ESUM='3d62362a78c9412766471b05253507a4cfc212daea5cdf122860173ce902400e'; \ - BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u322-b06/OpenJDK8U-jdk_x64_linux_hotspot_8u322b06.tar.gz'; \ - ;; \ - *) \ - echo "Unsupported arch: ${ARCH}"; \ - exit 1; \ - ;; \ - esac; \ - curl -LfsSo /tmp/openjdk.tar.gz ${BINARY_URL}; \ - echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ - mkdir -p /opt/java/openjdk; \ - cd /opt/java/openjdk; \ - tar -xf /tmp/openjdk.tar.gz --strip-components=1; \ - rm -rf /tmp/openjdk.tar.gz; - -ENV JAVA_HOME=/opt/java/openjdk \ - PATH="/opt/java/openjdk/bin:$PATH" - -# set Docker image build arguments -# build arguments for user/group configurations -ARG USER=wso2carbon -ARG USER_ID=802 -ARG USER_GROUP=wso2 -ARG USER_GROUP_ID=802 -ARG USER_HOME=/home/${USER} -# build arguments for WSO2 product installation -ARG WSO2_SERVER_NAME=wso2is -ARG WSO2_SERVER_VERSION=5.11.0 -ARG WSO2_SERVER_REPOSITORY=product-is -ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} -ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} -ARG WSO2_SERVER_DIST_URL=https://github.com/wso2/${WSO2_SERVER_REPOSITORY}/releases/download/v${WSO2_SERVER_VERSION}/${WSO2_SERVER}.zip -# build arguments for external artifacts -ARG DNS_JAVA_VERSION=2.1.8 -ARG K8S_MEMBERSHIP_SCHEME_VERSION=1.0.9 -ARG MYSQL_CONNECTOR_VERSION=8.0.29 -# build argument for MOTD -ARG MOTD="\n\ -Welcome to WSO2 Docker resources.\n\ ------------------------------------- \n\ -This Docker container comprises of a WSO2 product, running with its latest GA release \n\ -which is under the Apache License, Version 2.0. \n\ -Read more about Apache License, Version 2.0 here @ http://www.apache.org/licenses/LICENSE-2.0.\n" - -# create the non-root user and group and set MOTD login message -RUN \ - groupadd --system -g ${USER_GROUP_ID} ${USER_GROUP} \ - && useradd --system --create-home --home-dir ${USER_HOME} --no-log-init -g ${USER_GROUP_ID} -u ${USER_ID} ${USER} \ - && echo '[ ! -z "${TERM}" -a -r /etc/motd ] && cat /etc/motd' >> /etc/bash.bashrc; echo "${MOTD}" > /etc/motd - -# create Java prefs dir -# this is to avoid warning logs printed by FileSystemPreferences class -RUN \ - mkdir -p ${USER_HOME}/.java/.systemPrefs \ - && mkdir -p ${USER_HOME}/.java/.userPrefs \ - && chmod -R 755 ${USER_HOME}/.java \ - && chown -R ${USER}:${USER_GROUP} ${USER_HOME}/.java - -# copy init script to user home -COPY --chown=wso2carbon:wso2 docker-entrypoint.sh ${USER_HOME}/ - -# install required packages -RUN \ - apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - netcat \ - unzip \ - wget \ - && rm -rf /var/lib/apt/lists/* - -# add the WSO2 product distribution to user's home directory -RUN \ - wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ - && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ - && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ - && rm -f ${WSO2_SERVER}.zip - -# add libraries for Kubernetes membership scheme based clustering -ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/dnsjava/dnsjava/${DNS_JAVA_VERSION}/dnsjava-${DNS_JAVA_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/lib -ADD --chown=wso2carbon:wso2 http://maven.wso2.org/nexus/content/repositories/releases/org/wso2/carbon/kubernetes/artifacts/kubernetes-membership-scheme/${K8S_MEMBERSHIP_SCHEME_VERSION}/kubernetes-membership-scheme-${K8S_MEMBERSHIP_SCHEME_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins -# add MySQL JDBC connector to server home as a third party library -ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/mysql/mysql-connector-java/${MYSQL_CONNECTOR_VERSION}/mysql-connector-java-${MYSQL_CONNECTOR_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins/ - -# set the user and work directory -USER ${USER_ID} -WORKDIR ${USER_HOME} - -# set environment variables -ENV JAVA_OPTS="-Djava.util.prefs.systemRoot=${USER_HOME}/.java -Djava.util.prefs.userRoot=${USER_HOME}/.java/.userPrefs" \ - WORKING_DIRECTORY=${USER_HOME} \ - WSO2_SERVER_HOME=${WSO2_SERVER_HOME} - -# expose ports -EXPOSE 4000 9763 9443 - -# initiate container and start WSO2 Carbon server -ENTRYPOINT ["/home/wso2carbon/docker-entrypoint.sh"] diff --git a/dockerfiles/jdk8/ubuntu/is/README.md b/dockerfiles/jdk8/ubuntu/is/README.md deleted file mode 100755 index 40ad53ce..00000000 --- a/dockerfiles/jdk8/ubuntu/is/README.md +++ /dev/null @@ -1,80 +0,0 @@ -# Dockerfile for WSO2 Identity Server # - -This section defines the step-by-step instructions to build an [Ubuntu](https://hub.docker.com/_/ubuntu/) Linux based Docker image for WSO2 Identity Server `5.11.0`. - -## Prerequisites - -* [Docker](https://www.docker.com/get-docker) `v17.09.0` or above -* [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) client - -## How to build an image and run - -##### 1. Checkout this repository into your local machine using the following Git client command. - -``` -git clone https://github.com/wso2/docker-is.git -``` - ->The local copy of the `dockerfiles/ubuntu/is` directory will be referred to as `IS_DOCKERFILE_HOME` from this point onwards. - -##### 2. Build the Docker image. - -- Navigate to `` directory.
- Execute `docker build` command as shown below. - + `docker build -t wso2is:5.11.0 .` - -> By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. - -> Tip - If you require the container to run with a different UID and GID, pass the preferred values of the UID and GID -> as values for build arguments `USER_ID` and `USER_GROUP_ID` when building the image, as shown below. Note -> that setting lower values for the UID and GID is not recommended. -+ `docker build -t wso2is:5.11.0 --build-arg USER_ID= --build-arg USER_GROUP_ID= .` - -##### 3. Running the Docker image. - -- `docker run -it -p 9443:9443 wso2is:5.11.0` - ->Here, only port 9443 (HTTPS servlet transport) has been mapped to a Docker host port. -You may map other container service ports, which have been exposed to Docker host ports, as desired. - -##### 4. Accessing management consoles. - -- To access the user interfaces, use the docker host IP and port 9443. - + Management Console: `https://:9443/console` - + User Portal: `https://:9443/myaccount` - ->In here, refers to hostname or IP of the host machine on top of which containers are spawned. - -## How to update configurations - -Configurations would lie on the Docker host machine and they can be volume mounted to the container.
-As an example, steps required to change the port offset using `deployment.toml` is as follows: - -##### 1. Stop the Identity Server container if it's already running. - -In WSO2 Identity Server version `5.11.0` product distribution, `deployment.toml` configuration file
-can be found at `/repository/conf`. Copy the file to some suitable location of the host machine,
-referred to as `/deployment.toml` and change the `[server] -> offset` value to 1. - -##### 2. Grant read permission to `other` users for `/deployment.toml`. - -``` -chmod o+r /deployment.toml -``` - -##### 3. Run the image by mounting the file to container as follows: - -``` -docker run \ --p 9444:9444 \ ---volume /deployment.toml:/deployment.toml \ -wso2is:5.11.0 -``` - ->In here, refers to /home/wso2carbon/wso2is-5.11.0/repository/conf folder of the container. - -## Docker command usage references - -* [Docker build command reference](https://docs.docker.com/engine/reference/commandline/build/) -* [Docker run command reference](https://docs.docker.com/engine/reference/run/) -* [Dockerfile reference](https://docs.docker.com/engine/reference/builder/) diff --git a/dockerfiles/jdk8/ubuntu/is/docker-entrypoint.sh b/dockerfiles/jdk8/ubuntu/is/docker-entrypoint.sh deleted file mode 100755 index 3d00248e..00000000 --- a/dockerfiles/jdk8/ubuntu/is/docker-entrypoint.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# ------------------------------------------------------------------------ -# Copyright 2021 WSO2, Inc. (http://wso2.com) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License -# ------------------------------------------------------------------------ - -set -e - -# volume mounts -config_volume=${WORKING_DIRECTORY}/wso2-config-volume -artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - -# check if the WSO2 non-root user home exists -test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - -# check if the WSO2 product home exists -test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - -# copy any configuration changes mounted to config_volume -test -d ${config_volume} && [ "$(ls -A ${config_volume})" ] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ -# copy any artifact changes mounted to artifact_volume -test -d ${artifact_volume} && [ "$(ls -A ${artifact_volume})" ] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - -# start WSO2 Carbon server -sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" diff --git a/dockerfiles/ubuntu/is/Dockerfile b/dockerfiles/ubuntu/is/Dockerfile index 506682fc..bdc2dbfa 100755 --- a/dockerfiles/ubuntu/is/Dockerfile +++ b/dockerfiles/ubuntu/is/Dockerfile @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # -# Copyright 2021 WSO2, Inc. (http://wso2.com) +# Copyright 2021 WSO2, LLC. (http://wso2.com) # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ FROM ubuntu:20.04 LABEL maintainer="WSO2 Docker Maintainers " \ - com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.11.0.15" + com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v6.0.0.1" #Install JDK Dependencies ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' @@ -65,11 +65,10 @@ ARG USER_GROUP_ID=802 ARG USER_HOME=/home/${USER} # build arguments for WSO2 product installation ARG WSO2_SERVER_NAME=wso2is -ARG WSO2_SERVER_VERSION=5.11.0 +ARG WSO2_SERVER_VERSION=6.0.0 ARG WSO2_SERVER_REPOSITORY=product-is ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} -ARG WSO2_SERVER_DIST_URL=https://github.com/wso2/${WSO2_SERVER_REPOSITORY}/releases/download/v${WSO2_SERVER_VERSION}/${WSO2_SERVER}.zip # build arguments for external artifacts ARG DNS_JAVA_VERSION=2.1.8 ARG K8S_MEMBERSHIP_SCHEME_VERSION=1.0.9 @@ -108,10 +107,14 @@ RUN \ wget \ && rm -rf /var/lib/apt/lists/* -# add the WSO2 product distribution to user's home directory +## set the user and work directory +USER ${USER_ID} +WORKDIR ${USER_HOME} + +COPY --chown=wso2carbon:wso2 ${WSO2_SERVER}.zip ${USER_HOME}/ + RUN \ - wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ - && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ + unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ && rm -f ${WSO2_SERVER}.zip @@ -121,10 +124,6 @@ ADD --chown=wso2carbon:wso2 http://maven.wso2.org/nexus/content/repositories/rel # add MySQL JDBC connector to server home as a third party library ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/mysql/mysql-connector-java/${MYSQL_CONNECTOR_VERSION}/mysql-connector-java-${MYSQL_CONNECTOR_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins/ -# set the user and work directory -USER ${USER_ID} -WORKDIR ${USER_HOME} - # set environment variables ENV JAVA_OPTS="-Djava.util.prefs.systemRoot=${USER_HOME}/.java -Djava.util.prefs.userRoot=${USER_HOME}/.java/.userPrefs" \ WORKING_DIRECTORY=${USER_HOME} \ diff --git a/dockerfiles/ubuntu/is/README.md b/dockerfiles/ubuntu/is/README.md index 40ad53ce..cd162921 100755 --- a/dockerfiles/ubuntu/is/README.md +++ b/dockerfiles/ubuntu/is/README.md @@ -1,11 +1,13 @@ # Dockerfile for WSO2 Identity Server # -This section defines the step-by-step instructions to build an [Ubuntu](https://hub.docker.com/_/ubuntu/) Linux based Docker image for WSO2 Identity Server `5.11.0`. +This section defines the step-by-step instructions to build an [Ubuntu](https://hub.docker.com/_/ubuntu/) Linux +based Docker image for WSO2 Identity Server `6.0.0`. ## Prerequisites * [Docker](https://www.docker.com/get-docker) `v17.09.0` or above * [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) client +* wso2is-6.0.0.zip pack ## How to build an image and run @@ -17,27 +19,29 @@ git clone https://github.com/wso2/docker-is.git >The local copy of the `dockerfiles/ubuntu/is` directory will be referred to as `IS_DOCKERFILE_HOME` from this point onwards. -##### 2. Build the Docker image. +##### 2. Copy the `wso2is-6.0.0.zip` to the `docker-is/dockerfiles/ubuntu/is` directory + +##### 3. Build the Docker image. - Navigate to `` directory.
Execute `docker build` command as shown below. - + `docker build -t wso2is:5.11.0 .` + + `docker build -t wso2is:6.0.0 .` > By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. > Tip - If you require the container to run with a different UID and GID, pass the preferred values of the UID and GID > as values for build arguments `USER_ID` and `USER_GROUP_ID` when building the image, as shown below. Note > that setting lower values for the UID and GID is not recommended. -+ `docker build -t wso2is:5.11.0 --build-arg USER_ID= --build-arg USER_GROUP_ID= .` ++ `docker build -t wso2is:6.0.0 --build-arg USER_ID= --build-arg USER_GROUP_ID= .` -##### 3. Running the Docker image. +##### 4. Running the Docker image. -- `docker run -it -p 9443:9443 wso2is:5.11.0` +- `docker run -it -p 9443:9443 wso2is:6.0.0` >Here, only port 9443 (HTTPS servlet transport) has been mapped to a Docker host port. You may map other container service ports, which have been exposed to Docker host ports, as desired. -##### 4. Accessing management consoles. +##### 5. Accessing management consoles. - To access the user interfaces, use the docker host IP and port 9443. + Management Console: `https://:9443/console` @@ -52,7 +56,7 @@ As an example, steps required to change the port offset using `deployment.toml` ##### 1. Stop the Identity Server container if it's already running. -In WSO2 Identity Server version `5.11.0` product distribution, `deployment.toml` configuration file
+In WSO2 Identity Server version `6.0.0` product distribution, `deployment.toml` configuration file
can be found at `/repository/conf`. Copy the file to some suitable location of the host machine,
referred to as `/deployment.toml` and change the `[server] -> offset` value to 1. @@ -68,10 +72,10 @@ chmod o+r /deployment.toml docker run \ -p 9444:9444 \ --volume /deployment.toml:/deployment.toml \ -wso2is:5.11.0 +wso2is:6.0.0 ``` ->In here, refers to /home/wso2carbon/wso2is-5.11.0/repository/conf folder of the container. +>In here, refers to /home/wso2carbon/wso2is-6.0.0/repository/conf folder of the container. ## Docker command usage references diff --git a/dockerfiles/ubuntu/is/docker-entrypoint.sh b/dockerfiles/ubuntu/is/docker-entrypoint.sh index 3d00248e..f8b8705a 100755 --- a/dockerfiles/ubuntu/is/docker-entrypoint.sh +++ b/dockerfiles/ubuntu/is/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/sh # ------------------------------------------------------------------------ -# Copyright 2021 WSO2, Inc. (http://wso2.com) +# Copyright 2021 WSO2, LLC. (http://wso2.com) # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License.