Merge branch 'develop'

* develop: (63 commits) Bumped version to 3.8.1 Bump struts version to 2.5.26 More HR properties parsing tests Fix hr.properties parsing Bumped version to 3.8.1-SNAPSHOT Fix typo in method name Fixed license header Bump junit from 4.11 to 4.13.1 Bumped version to 3.8.0 Better handling of some RDNs Bumped version to 3.8.0.rc0 Add support for mysql db url parameters Fix inconsistent remove certificate behaviour Fixed SOAP delete attribute class Upgraded to struts 2.5.22 Fix mysql driver name Bump versions for guava, commons-collections and mysql-connector Align with EPEL location of voms mysql plugin More work towards 3.8.0 Fixed inconsistency in pom.xml ...
italiangrid · Apr 10, 2021 · 26fdc5f · 26fdc5f
2 parents 7c87557 + 388a9ef
commit 26fdc5f
Show file tree

Hide file tree

Showing 229 changed files with 10,169 additions and 3,636 deletions.
diff --git a/.env b/.env
@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=voms
diff --git a/.travis.yml b/.travis.yml
@@ -0,0 +1,12 @@
+language: java
+dist: trusty
+sudo: required
+services:
+  - docker
+jdk:
+  - openjdk8
+script:
+  - mvn clean package
+cache:
+  directories:
+  - "$HOME/.m2/repository"
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -1,9 +1,24 @@
+@Library('sd')_
+def kubeLabel = getKubeLabel()
+
 pipeline {
-  agent { label 'maven' }
+
+  agent {
+    kubernetes {
+      label "${kubeLabel}"
+      cloud 'Kube mwdevel'
+      defaultContainer 'runner'
+      inheritFrom 'ci-template'
+    }
+  }
+
   parameters {
     booleanParam(name: 'BUILD_DOCKER_IMAGES', defaultValue: false, 
       description: 'Triggers the building of docker images required for development')
   }
+
+  triggers { cron('@daily') }
+
   options {
     timeout(time: 1, unit: 'HOURS')
     buildDiscarder(logRotator(numToKeepStr: '5')) 
@@ -19,7 +34,6 @@ pipeline {
     }
 
     stage('build-docker-images') {
-      agent { label 'docker' }
       when {
         expression { return params.BUILD_DOCKER_IMAGES }
       }

diff --git a/README.md b/README.md
@@ -1,5 +1,7 @@
 # VOMS Admin server
 
+[![Build Status](https://travis-ci.org/italiangrid/voms-admin-server.svg?branch=develop)](https://travis-ci.org/italiangrid/voms-admin-server)
+
 The Virtual Organization Membership Service is a Grid attribute authority which
 serves as central repository for VO user authorization information, providing
 support for sorting users into group hierarchies, keeping track of their roles

diff --git a/compose/.env b/compose/.env
@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=voms-admin-server
diff --git a/compose/assets/hostcert/star_local_io.cert.pem b/compose/assets/hostcert/star_local_io.cert.pem
@@ -0,0 +1,85 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 784 (0x310)
+        Signature Algorithm: sha512WithRSAEncryption
+        Issuer: C=IT, O=IGI, CN=Test CA
+        Validity
+            Not Before: Apr 20 09:55:23 2017 GMT
+            Not After : Apr 18 09:55:23 2027 GMT
+        Subject: C=IT, O=IGI, CN=*.local.io
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:c6:1c:fa:92:9e:ed:0d:5f:bc:3e:49:5e:90:14:
+                    02:a7:78:de:b6:cf:57:23:81:4d:7f:81:8e:ae:43:
+                    67:8b:ff:83:4c:c1:1e:f8:ab:c1:40:d5:72:e4:65:
+                    c8:ff:7b:f7:6c:ac:b4:b7:43:f2:e7:98:b7:c9:76:
+                    25:8c:e3:81:9a:c4:77:ba:12:f6:47:0e:01:ea:80:
+                    e8:d3:bb:28:7d:b8:1b:f6:dd:51:8c:9e:3f:26:25:
+                    23:ab:f0:a6:ae:5e:4f:cf:ad:18:3d:cc:b1:2f:91:
+                    01:84:17:d5:17:44:be:d2:fa:20:0d:ff:87:07:63:
+                    52:0f:9c:c3:32:62:23:68:9c:e7:40:06:98:65:69:
+                    11:4b:38:88:0e:8b:7b:fe:23:c4:15:db:ee:f8:a6:
+                    48:ee:91:89:14:35:5b:6f:f2:85:53:21:62:7b:a5:
+                    7a:38:53:63:6d:f3:21:bb:9b:18:1e:e4:a0:c0:95:
+                    c0:68:61:75:da:77:00:3a:15:75:42:1d:30:47:58:
+                    2f:0e:9b:14:06:38:97:03:a3:20:d5:06:e2:70:81:
+                    e3:b5:2a:ac:69:97:dc:87:df:5c:9a:80:c4:2c:36:
+                    62:75:f3:01:59:5a:2f:56:70:a0:2a:c7:2a:a8:6b:
+                    da:1c:b4:f8:92:d5:11:39:c9:21:30:e9:f1:53:7f:
+                    34:f5
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:FALSE
+            X509v3 Subject Key Identifier: 
+                E4:A0:F6:A4:A4:4C:AC:A9:C1:2E:42:B3:24:15:B6:4D:EF:7E:F9:52
+            X509v3 Key Usage: critical
+                Digital Signature, Non Repudiation, Key Encipherment
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication, TLS Web Client Authentication, Microsoft Server Gated Crypto, Netscape Server Gated Crypto, E-mail Protection
+            X509v3 Authority Key Identifier: 
+                keyid:91:77:36:7B:2E:B4:69:F3:27:EA:B7:F6:08:8B:4A:23:A2:11:49:C6
+
+            X509v3 Subject Alternative Name: 
+                DNS:*.local.io
+    Signature Algorithm: sha512WithRSAEncryption
+        f6:3e:b2:2c:23:6c:34:54:2b:68:cb:de:d3:da:68:50:29:92:
+        92:39:5e:90:19:9e:c6:08:06:c3:c1:21:24:10:bd:93:a2:28:
+        4f:d6:7a:2b:8f:14:0b:86:b6:17:d9:8c:4a:c6:a6:af:10:39:
+        66:d6:2c:be:b2:d4:76:19:ab:5a:4c:02:fc:a2:a3:8c:a4:8d:
+        85:38:9b:9f:2b:84:4b:ed:c4:ca:a7:f6:bc:53:bb:ef:a2:12:
+        75:e5:dd:b1:83:66:ce:91:ff:8d:76:de:3e:e6:9d:26:bd:aa:
+        f5:a2:23:40:0b:d7:3e:9f:9a:5f:79:df:96:d6:a4:55:86:f5:
+        f7:9f:86:6b:8d:1b:5b:0d:c0:29:40:84:0a:d7:0b:61:ea:6a:
+        40:14:c8:4a:5e:48:7f:5f:4e:ff:32:3e:28:90:b3:11:a1:2b:
+        8e:11:5b:ad:86:f4:57:d0:93:6e:91:3b:b0:99:16:46:07:e7:
+        7a:df:4c:4e:50:22:03:6f:48:7d:c7:f8:20:9f:2f:dc:58:ed:
+        d8:84:52:a7:36:e3:84:fa:16:b4:d5:ff:d6:b1:30:66:14:49:
+        d4:0c:06:ee:74:2f:04:16:a4:ac:08:e3:8f:ed:bc:f4:61:e3:
+        73:aa:23:bd:45:82:d6:cc:d3:59:2e:4f:0a:b1:38:d9:b5:ac:
+        92:e9:e6:04
+-----BEGIN CERTIFICATE-----
+MIIDkjCCAnqgAwIBAgICAxAwDQYJKoZIhvcNAQENBQAwLTELMAkGA1UEBhMCSVQx
+DDAKBgNVBAoMA0lHSTEQMA4GA1UEAwwHVGVzdCBDQTAeFw0xNzA0MjAwOTU1MjNa
+Fw0yNzA0MTgwOTU1MjNaMDAxCzAJBgNVBAYTAklUMQwwCgYDVQQKDANJR0kxEzAR
+BgNVBAMMCioubG9jYWwuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDGHPqSnu0NX7w+SV6QFAKneN62z1cjgU1/gY6uQ2eL/4NMwR74q8FA1XLkZcj/
+e/dsrLS3Q/LnmLfJdiWM44GaxHe6EvZHDgHqgOjTuyh9uBv23VGMnj8mJSOr8Kau
+Xk/PrRg9zLEvkQGEF9UXRL7S+iAN/4cHY1IPnMMyYiNonOdABphlaRFLOIgOi3v+
+I8QV2+74pkjukYkUNVtv8oVTIWJ7pXo4U2Nt8yG7mxge5KDAlcBoYXXadwA6FXVC
+HTBHWC8OmxQGOJcDoyDVBuJwgeO1Kqxpl9yH31yagMQsNmJ18wFZWi9WcKAqxyqo
+a9octPiS1RE5ySEw6fFTfzT1AgMBAAGjgbgwgbUwDAYDVR0TAQH/BAIwADAdBgNV
+HQ4EFgQU5KD2pKRMrKnBLkKzJBW2Te9++VIwDgYDVR0PAQH/BAQDAgXgMD4GA1Ud
+JQQ3MDUGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQB
+BggrBgEFBQcDBDAfBgNVHSMEGDAWgBSRdzZ7LrRp8yfqt/YIi0ojohFJxjAVBgNV
+HREEDjAMggoqLmxvY2FsLmlvMA0GCSqGSIb3DQEBDQUAA4IBAQD2PrIsI2w0VCto
+y97T2mhQKZKSOV6QGZ7GCAbDwSEkEL2ToihP1norjxQLhrYX2YxKxqavEDlm1iy+
+stR2GataTAL8oqOMpI2FOJufK4RL7cTKp/a8U7vvohJ15d2xg2bOkf+Ndt4+5p0m
+var1oiNAC9c+n5pfed+W1qRVhvX3n4ZrjRtbDcApQIQK1wth6mpAFMhKXkh/X07/
+Mj4okLMRoSuOEVuthvRX0JNukTuwmRZGB+d630xOUCIDb0h9x/ggny/cWO3YhFKn
+NuOE+ha01f/WsTBmFEnUDAbudC8EFqSsCOOP7bz0YeNzqiO9RYLWzNNZLk8KsTjZ
+tayS6eYE
+-----END CERTIFICATE-----
diff --git a/compose/assets/hostcert/star_local_io.key.pem b/compose/assets/hostcert/star_local_io.key.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAxhz6kp7tDV+8PklekBQCp3jets9XI4FNf4GOrkNni/+DTMEe
++KvBQNVy5GXI/3v3bKy0t0Py55i3yXYljOOBmsR3uhL2Rw4B6oDo07sofbgb9t1R
+jJ4/JiUjq/Cmrl5Pz60YPcyxL5EBhBfVF0S+0vogDf+HB2NSD5zDMmIjaJznQAaY
+ZWkRSziIDot7/iPEFdvu+KZI7pGJFDVbb/KFUyFie6V6OFNjbfMhu5sYHuSgwJXA
+aGF12ncAOhV1Qh0wR1gvDpsUBjiXA6Mg1QbicIHjtSqsaZfch99cmoDELDZidfMB
+WVovVnCgKscqqGvaHLT4ktUROckhMOnxU3809QIDAQABAoIBAENc3yazu07s2okj
+UXAUHcLsKm5mme6MrNlKKEXAzZigzPhwQiOz4wY0jdhzc6DLehoNr3UROareFr/9
+2E7LnOoPG9a9U9hdPvGJ26EC5oW48GlEX9I8jKRfxH1WWpa3otOuu6tnymeuGqHb
+qK08xtXeDsAzvqoYb3K3jve2vut2tRXniXoTg/Cgns4WF8/LuZBU6L1ocePIX4R0
+2tNX3z7qoQP9Grf1VVhBD08ZODPz7ckaZr6F5vBauHqwn3zR1Ui0xl2hVjxZFcRV
+FCTI3ny77kNYk49xWpPBh5vCWTpzC0sbQ7/pcp6swGq7RZBaMerJXi8LjQ5vD95j
+54hrrAECgYEA7kP7jLBiPkDgHwNWdGiUy4dbaN3JwKcCKKWuixkI+vrDxQmwuxEn
+3yvcsq+7PtSmGnYsV+xn9EXQpqLOitzHsmxta5Yc3v7YRwpjmoJUcRSdAehvC6d4
+QGdSm7v8IraO+9//wqGDnVfHaWAlterRBevkh+kRchC+FYQH5wZfvLUCgYEA1Nvq
+Vbe5+BOHhJWDWz3XSL4gSZrqsZaGp19brEPD4DKpzfyR04spV4dDnB+se3EqDkwn
+4cmgY1Fy0/IQ5Y3lBbTv1DcywU07QCZXL0Sfv6Snl97xfx77g58xaFmxj4dvLlyG
+w84oPotIOCFM2sJLcXlVyEoSVjYXnC2wktJY/0ECgYEAlTy9naSJFIccGjDEAQvU
+TxsMFUX97Y5t2rnT9soKhvF0l8D3EmSvfaiChuVtOfCFzcNBCR1JC4aDJyyIhA+/
+gTFK4/1VPhOPsgd+1bNWYrHPmfdVPo550pUk9+iqB7AjJP5ruyPhRTdK7uTLGgPn
+Qnc7YCmKxNBZzy4wqPKkGpUCgYAa4TqSYIUngq/WWlsgJosNMJU7Nkj07CFM+YnG
+EzilE0DGNmLj5+rslrQ+/vD1FbFN5OgUZzXN1Pc/NI5VrrmBIvw2PFI4ftxAmZbg
+7TWPKefQEeNFPlBcqrm+h7UYfu3XWO/bwijq3QPdsrbV2TtVtRDUHiZ6pJIOsuZd
+ZBrBAQKBgQDQYb1pe9Fj4ChtWbCGpzb3F5xyErAXiO0stn69PN8wr4JMRNFr71KX
+ebzJzW6Q1IE10qhDvCQnX0DD0yqAUtBsCMpN7Pve2xFBHtZLs83Th7kbqJhbeZ1P
+DTkDvx0q4GEDtwssm4qIdT01ZY2F+DuDqMuuGDyORDjjUh35vAjw/Q==
+-----END RSA PRIVATE KEY-----
diff --git a/compose/assets/hr/application.yml b/compose/assets/hr/application.yml
@@ -0,0 +1,15 @@
+server:
+  port: 9999
+
+spring:
+  profiles:
+    include:
+      - fixture
+
+service:
+  api-user:
+    username: api-user
+    password: pwd
+  metrics-user:
+    username: metrics
+    password: pwd
diff --git a/compose/assets/hr/fixture/institutes.csv b/compose/assets/hr/fixture/institutes.csv
@@ -0,0 +1,4 @@
+id|longname|town|country
+000000|Institute 0|Some place 0|IT|
+000001|Apple Records|3 Abbey Road |GB|
+000002|Sitcky Fingers|1 Ruby Tuesday Rd.|GB|
diff --git a/compose/assets/hr/fixture/participations.csv b/compose/assets/hr/fixture/participations.csv
@@ -0,0 +1,5 @@
+experiment|institute|person_id|start_date|end_date
+TEST|000000|1|01-FEB-08|
+TEST|000002|2|01-FEB-08|
+TEST|000001|3|01-FEB-08|01-FEB-09|
+TEST|000001|3|01-FEB-10|
diff --git a/compose/assets/hr/fixture/vo_persons.csv b/compose/assets/hr/fixture/vo_persons.csv
@@ -0,0 +1,4 @@
+person_id|first_name|name|email|physical_email|institute
+1|ANDREA|CECCANTI|[email protected]|[email protected]|000000
+2|KEITH|RICHARDS|[email protected]|[email protected]|000002
+3|PAUL|MC CARTNEY|[email protected]|[email protected]|000001
diff --git a/compose/assets/voms-admin/hr/hr.properties b/compose/assets/voms-admin/hr/hr.properties
@@ -0,0 +1,4 @@
+experiment=test
+api.endpoint=http://hr:9999
+api.username=api-user
+api.password=pwd
diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml
@@ -0,0 +1,94 @@
+version: '3.5'
+
+volumes:
+  trustanchors:
+  cabundle:
+  db_data:
+
+services:
+  trust:
+    image: indigoiam/trustanchors:latest
+    environment:
+      - FORCE_TRUST_ANCHORS_UPDATE=1
+    volumes:
+      - trustanchors:/etc/grid-security/certificates
+      - cabundle:/etc/pki
+
+  db:
+    image: mariadb:latest
+    container_name: db
+    ports:
+      - "3306:3306"
+    volumes:
+      - db_data:/var/lib/mysql
+
+    environment:
+      MYSQL_ROOT_PASSWORD: pwd
+      MYSQL_USER: voms
+      MYSQL_PASSWORD: pwd
+      MYSQL_DATABASE: voms_test
+
+  hr:
+    image: indigoiam/cern-hr-db-api:latest
+    volumes:
+      - ./assets/hr/application.yml:/hr/application.yml:ro
+      - ./assets/hr/fixture/:/hr/src/test/resources/db/csv:ro
+    ports:
+      - "9999:9999"
+    environment:
+      TZ: UTC
+
+  adminserver:
+    image: italiangrid/voms-admin-server-dev-centos7:latest
+    domainname: local.io
+    depends_on:
+      - db
+
+    volumes:
+        - trustanchors:/etc/grid-security/certificates/
+        - ./assets/hostcert/star_local_io.cert.pem:/etc/grid-security/hostcert.pem
+        - ./assets/hostcert/star_local_io.key.pem:/etc/grid-security/hostkey.pem
+        - ..:/code:ro
+        - ~/git/orgdb-fake-users/:/orgdb-fake-users:ro
+        - ~/git/voms-migrate:/migrate:ro
+        - ~/oracle:/oracle-rpm:ro
+        - ./assets/voms-admin/hr:/hr:ro
+        # - ~/orgdb:/orgdb:ro
+
+    ports:
+       - "1044:1044"
+       - "8443:8443"
+
+    environment:
+      # This is the VOMS Admin configuration
+      #
+      VOMS_VO_COUNT: 1 # 0 creates 1 VO, 1 two VOs, ...
+      VOMS_HOSTNAME: dev.local.io
+      MAILHOST: mail
+      MYSQL_ROOT_PASSWORD: pwd
+
+      # VOMS_LOG_LEVEL: debug
+      VOMS_DEBUG: y
+
+      # Comment the following line to skip tarball installation
+      VOMS_DEPLOY_TARBALL: y
+
+      # VOMS_ADMIN_SERVER_PACKAGE_URL: http://ci-01.cnaf.infn.it/download/voms/versions/jenkins-release_voms_packages-13/sl6/x86_64/voms-admin-server-3.5.1-1.el6.centos.noarch.rpm
+      # VOMS_ADMIN_SERVER_VERSION: 3.3.3
+      # VOMS_DEBUG_SUSPEND: y
+      # VOMS_PRE_CONFIGURE: y
+      # VOMS_SKIP_CONFIGURE: y
+      VOMS_SKIP_JAVA_SETUP: y
+      # VOMS_UPGRADE_DB: y
+
+      # VOMS_LOAD_DB_DUMP: y
+      VOMS_DEV_MODE: y
+
+      VOMS_CONFIGURE_OPTIONS: --skip-ca-check --admin-skip-ca-check 
+      VOMS_ARGS: --war /code/voms-admin-server/target/voms-admin.war
+
+      # ENABLE_YOURKIT: y
+      # ENABLE_JREBEL: y
+      # ENABLE_JMX: y
+      # HIBERNATE_LOG_LEVEL: DEBUG
+      # STRUTS_LOG_LEVEL: DEBUG