diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f8faf6f332..cf0f9a3b19 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -101,8 +101,31 @@ jobs: - name: Docker test shell: bash run: | - docker run --rm -it -d --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }} + docker run --rm -it -d --memory="1g" -h openam.example.org --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }} timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done' + docker exec -w '/usr/openam/ssoconfiguratortools' test bash -c \ + 'echo "ACCEPT_LICENSES=true + SERVER_URL=http://openam.example.org:8080 + DEPLOYMENT_URI=/$OPENAM_PATH + BASE_DIR=$OPENAM_DATA_DIR + locale=en_US + PLATFORM_LOCALE=en_US + AM_ENC_KEY= + ADMIN_PWD=passw0rd + AMLDAPUSERPASSWD=p@passw0rd + COOKIE_DOMAIN=example.org + ACCEPT_LICENSES=true + DATA_STORE=embedded + DIRECTORY_SSL=SIMPLE + DIRECTORY_SERVER=openam.example.org + DIRECTORY_PORT=50389 + DIRECTORY_ADMIN_PORT=4444 + DIRECTORY_JMX_PORT=1689 + ROOT_SUFFIX=dc=openam,dc=example,dc=org + DS_DIRMGRDN=cn=Directory Manager + DS_DIRMGRPASSWD=passw0rd" > conf.file && java -jar openam-configurator-tool*.jar --file conf.file' + sleep 35 + docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\" build-docker-alpine: runs-on: 'ubuntu-latest' services: @@ -150,5 +173,28 @@ jobs: - name: Docker test shell: bash run: | - docker run --rm -it -d --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine + docker run --rm -it -d --memory="2g" -h openam.example.org --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done' + docker exec -w '/usr/openam/ssoconfiguratortools' test bash -c \ + 'echo "ACCEPT_LICENSES=true + SERVER_URL=http://openam.example.org:8080 + DEPLOYMENT_URI=/$OPENAM_PATH + BASE_DIR=$OPENAM_DATA_DIR + locale=en_US + PLATFORM_LOCALE=en_US + AM_ENC_KEY= + ADMIN_PWD=passw0rd + AMLDAPUSERPASSWD=p@passw0rd + COOKIE_DOMAIN=example.org + ACCEPT_LICENSES=true + DATA_STORE=embedded + DIRECTORY_SSL=SIMPLE + DIRECTORY_SERVER=openam.example.org + DIRECTORY_PORT=50389 + DIRECTORY_ADMIN_PORT=4444 + DIRECTORY_JMX_PORT=1689 + ROOT_SUFFIX=dc=openam,dc=example,dc=org + DS_DIRMGRDN=cn=Directory Manager + DS_DIRMGRPASSWD=passw0rd" > conf.file && java -jar openam-configurator-tool*.jar --file conf.file' + sleep 35 + docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\" diff --git a/openam-core/src/main/java/com/sun/identity/setup/EmbeddedOpenDS.java b/openam-core/src/main/java/com/sun/identity/setup/EmbeddedOpenDS.java index c875193bf2..9204cdb7e5 100644 --- a/openam-core/src/main/java/com/sun/identity/setup/EmbeddedOpenDS.java +++ b/openam-core/src/main/java/com/sun/identity/setup/EmbeddedOpenDS.java @@ -25,6 +25,7 @@ * $Id: EmbeddedOpenDS.java,v 1.27 2010/01/15 01:22:39 goodearth Exp $ * * Portions Copyrighted 2010-2016 ForgeRock AS. + * Portions Copyrighted 2017-2025 3A Systems, LLC. */ package com.sun.identity.setup; @@ -468,7 +469,7 @@ public static void startServer(String odsRoot) throws Exception { debug.message("...EmbeddedOpenDS.startServer:DS Server started."); int sleepcount = 0; - while (!EmbeddedUtils.isRunning() && (sleepcount < 60)) { + while ((!EmbeddedUtils.isRunning() || !com.sun.identity.setup.AMSetupDSConfig.getInstance().isDServerUp()) && (sleepcount < 60)) { sleepcount++; SetupProgress.reportStart("emb.waitingforstarted", null); Thread.sleep(1000); diff --git a/openam-distribution/openam-distribution-docker/Dockerfile b/openam-distribution/openam-distribution-docker/Dockerfile index ed06430a0f..760a5f3214 100644 --- a/openam-distribution/openam-distribution-docker/Dockerfile +++ b/openam-distribution/openam-distribution-docker/Dockerfile @@ -1,23 +1,21 @@ FROM tomcat:9-jre21 -MAINTAINER Open Identity Platform Community - -ENV CATALINA_HOME=/usr/local/tomcat \ - OPENAM_PATH="openam" \ - OPENAM_USER="openam" \ - OPENAM_DATA_DIR="/usr/openam/config" -ENV PATH=$CATALINA_HOME/bin:$PATH \ - JAVA_OPTS="--add-exports java.base/sun.security.util=ALL-UNNAMED --add-exports java.security.jgss/sun.security.krb5=ALL-UNNAMED --add-exports java.base/sun.security.x509=ALL-UNNAMED --add-exports java.base/sun.security.tools.keytool=ALL-UNNAMED --add-exports java.xml/com.sun.org.apache.xerces.internal.dom=ALL-UNNAMED" \ - MEMORY="-server -XX:+UseG1GC -XX:+UseContainerSupport" \ - CATALINA_OPTS="$MEMORY -Dcom.iplanet.services.configpath=$OPENAM_DATA_DIR -Dcom.sun.identity.configuration.directory=$OPENAM_DATA_DIR" - -WORKDIR $CATALINA_HOME - -ARG VERSION @project_version@ - -RUN apt-get update && apt-get install -y curl unzip - -RUN rm -rf $CATALINA_HOME/webapps/* \ +LABEL org.opencontainers.image.authors="Open Identity Platform Community" + +ENV CATALINA_HOME=/usr/local/tomcat +ENV OPENAM_PATH="openam" +ENV OPENAM_USER="openam" +ENV OPENAM_DATA_DIR="/usr/openam/config" +ENV PATH="$CATALINA_HOME/bin:$PATH" +ENV JAVA_OPTS="--add-exports java.base/sun.security.util=ALL-UNNAMED --add-exports java.security.jgss/sun.security.krb5=ALL-UNNAMED --add-exports java.base/sun.security.x509=ALL-UNNAMED --add-exports java.base/sun.security.tools.keytool=ALL-UNNAMED --add-exports java.xml/com.sun.org.apache.xerces.internal.dom=ALL-UNNAMED" +ENV MEMORY="-server" +ENV CATALINA_OPTS="$MEMORY -Dcom.iplanet.services.configpath=$OPENAM_DATA_DIR -Dcom.sun.identity.configuration.directory=$OPENAM_DATA_DIR" + +ARG VERSION + +RUN apt-get update && apt-get install -y curl unzip \ + && rm -rf $CATALINA_HOME/webapps/* \ + && if [ -z "$VERSION" ] ; then VERSION="$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenAM/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4)"; fi \ && curl -L https://github.com/OpenIdentityPlatform/OpenAM/releases/download/$VERSION/OpenAM-$VERSION.war --output $CATALINA_HOME/webapps/$OPENAM_PATH.war \ && mkdir /usr/openam \ && curl -L https://github.com/OpenIdentityPlatform/OpenAM/releases/download/$VERSION/SSOConfiguratorTools-$VERSION.zip --output /usr/openam/ssoconfiguratortools.zip \ @@ -29,14 +27,13 @@ RUN rm -rf $CATALINA_HOME/webapps/* \ && useradd -m -r -u 1001 -g root $OPENAM_USER \ && install -d -o $OPENAM_USER $OPENAM_DATA_DIR \ && chown -R $OPENAM_USER:root $CATALINA_HOME \ + && apt-get remove -y --purge unzip \ + && rm -rf /var/lib/apt/lists/* \ && sed -i '/<\/Host>/i \ \ \ \ ' $CATALINA_HOME/conf/server.xml -RUN apt-get remove -y --purge unzip \ - && rm -rf /var/lib/apt/lists/* - USER $OPENAM_USER -EXPOSE 8080 +EXPOSE 8080/tcp HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD curl -v -L --fail http://localhost:8080/$OPENAM_PATH/isAlive.jsp || exit 1 diff --git a/openam-distribution/openam-distribution-docker/Dockerfile-alpine b/openam-distribution/openam-distribution-docker/Dockerfile-alpine index deaa72d5cf..66dbd8a2e3 100644 --- a/openam-distribution/openam-distribution-docker/Dockerfile-alpine +++ b/openam-distribution/openam-distribution-docker/Dockerfile-alpine @@ -1,22 +1,20 @@ FROM tomcat:9-jre8-alpine -MAINTAINER Open Identity Platform Community +LABEL org.opencontainers.image.authors="Open Identity Platform Community" -ENV CATALINA_HOME=/usr/local/tomcat \ - OPENAM_PATH="openam" \ - OPENAM_USER="openam" \ - OPENAM_DATA_DIR="/usr/openam/config" -ENV PATH=$CATALINA_HOME/bin:$PATH \ - MEMORY="-server -XX:+UseG1GC -XX:+UseContainerSupport" \ - CATALINA_OPTS="$MEMORY -Dcom.iplanet.services.configpath=$OPENAM_DATA_DIR -Dcom.sun.identity.configuration.directory=$OPENAM_DATA_DIR" +ENV CATALINA_HOME=/usr/local/tomcat +ENV OPENAM_PATH="openam" +ENV OPENAM_USER="openam" +ENV OPENAM_DATA_DIR="/usr/openam/config" +ENV PATH="$CATALINA_HOME/bin:$PATH" +ENV MEMORY="-server -XX:+UseG1GC -XX:+UseContainerSupport" +ENV CATALINA_OPTS="$MEMORY -Dcom.iplanet.services.configpath=$OPENAM_DATA_DIR -Dcom.sun.identity.configuration.directory=$OPENAM_DATA_DIR" -WORKDIR $CATALINA_HOME +ARG VERSION -ARG VERSION @project_version@ - -RUN apk add --update --no-cache --virtual curl builddeps unzip bash && apk upgrade --update --no-cache - -RUN rm -rf $CATALINA_HOME/webapps/* \ +RUN apk add --update --no-cache --virtual curl builddeps unzip bash && apk upgrade --update --no-cache \ + && rm -rf $CATALINA_HOME/webapps/* \ + && if [ -z "$VERSION" ] ; then VERSION="$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenAM/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4)"; fi \ && curl -L https://github.com/OpenIdentityPlatform/OpenAM/releases/download/$VERSION/OpenAM-$VERSION.war --output $CATALINA_HOME/webapps/$OPENAM_PATH.war \ && mkdir /usr/openam \ && curl -L https://github.com/OpenIdentityPlatform/OpenAM/releases/download/$VERSION/SSOConfiguratorTools-$VERSION.zip --output /usr/openam/ssoconfiguratortools.zip \ @@ -27,14 +25,13 @@ RUN rm -rf $CATALINA_HOME/webapps/* \ && chmod -R g=u /usr/openam/ \ && adduser -S -u 1001 -G root $OPENAM_USER \ && install -d -o $OPENAM_USER $OPENAM_DATA_DIR \ - && chown -R $OPENAM_USER:root $CATALINA_HOME/webapps \ + && chown -R $OPENAM_USER:root $CATALINA_HOME \ + && apk del unzip && rm -rf /var/cache/apk/* \ && sed -i '/<\/Host>/i \ \ \ \ ' $CATALINA_HOME/conf/server.xml -RUN apk del unzip && rm -rf /var/cache/apk/* - USER $OPENAM_USER -EXPOSE 8080 +EXPOSE 8080/tcp HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD curl -v -L --fail http://localhost:8080/$OPENAM_PATH/isAlive.jsp || exit 1