diff --git a/Dockerfile b/Dockerfile index 8c8fbccd..572d5562 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,7 @@ RUN ./gradlew --no-daemon dependencies COPY ./app/src /cas-overlay/src/ RUN ./gradlew clean build --parallel --no-daemon -FROM registry.cloudogu.com/official/base:3.23.3-4 AS tomcat +FROM registry.cloudogu.com/official/base:3.23.4-1 AS tomcat ARG TOMCAT_MAJOR_VERSION ARG TOMCAT_VERSION @@ -38,9 +38,9 @@ RUN apk update && apk add wget && wget -O "apache-tomcat-${TOMCAT_VERSION}.tar. && rm "apache-tomcat-${TOMCAT_VERSION}.tar" # registry.cloudogu.com/official/cas -FROM registry.cloudogu.com/official/java:21.0.10-4 AS cas +FROM registry.cloudogu.com/official/java:21.0.10-7 AS cas LABEL NAME="official/cas" \ - VERSION="7.2.7-16" \ + VERSION="7.3.6-0" \ maintainer="hello@cloudogu.com" ARG TOMCAT_VERSION diff --git a/Makefile b/Makefile index 9a87822b..9e2bbddf 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -MAKEFILES_VERSION=10.7.0 +MAKEFILES_VERSION=10.9.0 .DEFAULT_GOAL:=dogu-release diff --git a/app/README.md b/app/README.md index 8362b184..a30370d6 100644 --- a/app/README.md +++ b/app/README.md @@ -5,7 +5,7 @@ Generic CAS WAR overlay to exercise the latest versions of CAS. This overlay cou # Versions -- CAS `7.2.7` +- CAS `7.3.6` - JDK `21` # Overview diff --git a/app/build.gradle b/app/build.gradle index 922cfce5..4e28f3eb 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -221,4 +221,3 @@ configurations.all { exclude group: "com.sun.xml.ws", module: "jaxws-rt" exclude group: "org.apache.tomcat.embed" } - diff --git a/app/gradle.properties b/app/gradle.properties index e5b183f2..bb0dafdf 100644 --- a/app/gradle.properties +++ b/app/gradle.properties @@ -1,5 +1,5 @@ # CAS server version -cas.version=7.2.7 +cas.version=7.3.6 ############################### # Spring versions @@ -11,6 +11,8 @@ springBootVersion=3.4.6 ############################### tomcatVersion=10.1.43 +commons-lang3.version=3.19.0 + # Use -jetty, -undertow to other containers # Or blank if you want to deploy to an external container appServer=-tomcat @@ -21,7 +23,7 @@ gradleFreeFairPluginVersion=8.6 gradleDependencyManagementPluginVersion=1.1.5 # The version of this overlay project -version=7.2.7 +version=7.3.6 group=org.apereo.cas artifactId=cas-overlay sourceCompatibility=21 diff --git a/app/src/main/java/de/triology/cas/ldap/CesGroupAwareLdapAuthenticationHandler.java b/app/src/main/java/de/triology/cas/ldap/CesGroupAwareLdapAuthenticationHandler.java index 4909d624..1304d0a5 100644 --- a/app/src/main/java/de/triology/cas/ldap/CesGroupAwareLdapAuthenticationHandler.java +++ b/app/src/main/java/de/triology/cas/ldap/CesGroupAwareLdapAuthenticationHandler.java @@ -7,7 +7,6 @@ import org.apereo.cas.authentication.LdapAuthenticationHandler; import org.apereo.cas.authentication.principal.Principal; import org.apereo.cas.authentication.principal.PrincipalFactory; -import org.apereo.cas.services.ServicesManager; import org.ldaptive.LdapEntry; import org.ldaptive.auth.Authenticator; @@ -28,18 +27,17 @@ public class CesGroupAwareLdapAuthenticationHandler extends LdapAuthenticationHa * Creates a new authentication handler that delegates to the given authenticator. * * @param name the name - * @param servicesManager the services manager * @param principalFactory the principal factory * @param authenticator Ldaptive authenticator component. * @param strategy the strategy * @param groupResolver the resolver for resolving groups */ - public CesGroupAwareLdapAuthenticationHandler(String name, ServicesManager servicesManager, + public CesGroupAwareLdapAuthenticationHandler(String name, PrincipalFactory principalFactory, Authenticator authenticator, AuthenticationPasswordPolicyHandlingStrategy strategy, GroupResolver groupResolver) { - super(name, servicesManager, principalFactory, 0, authenticator, strategy); + super(name, principalFactory, 0, authenticator, strategy); this.groupResolver = groupResolver; LOGGER.trace("{} created with group attribute {} and group resolver {}", diff --git a/app/src/main/java/de/triology/cas/ldap/LdapConfiguration.java b/app/src/main/java/de/triology/cas/ldap/LdapConfiguration.java index 68bab9cf..242357ba 100644 --- a/app/src/main/java/de/triology/cas/ldap/LdapConfiguration.java +++ b/app/src/main/java/de/triology/cas/ldap/LdapConfiguration.java @@ -19,7 +19,6 @@ import org.apereo.cas.configuration.CasConfigurationProperties; import org.apereo.cas.configuration.model.support.ldap.LdapAuthenticationProperties; import org.apereo.cas.configuration.model.support.ldap.LdapPasswordPolicyProperties; -import org.apereo.cas.services.ServicesManager; import org.apereo.cas.util.CollectionUtils; import org.apereo.cas.util.LdapUtils; import org.ldaptive.ConnectionFactory; @@ -74,15 +73,13 @@ ConnectionFactory searchPooledLdapConnectionFactory(CasConfigurationProperties p @Bean public AuthenticationHandler cesGroupAwareLdapAuthenticationHandler(CasConfigurationProperties casProperties, ConfigurableApplicationContext applicationContext, - @SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection") - ServicesManager servicesManager, CombinedGroupResolver combinedGroupResolver) { LdapAuthenticationProperties ldapProperties = casProperties.getAuthn().getLdap().getFirst(); Multimap multiMapAttributes = createPrincipalAttributes(ldapProperties); Authenticator authenticator = createAuthenticator(ldapProperties, multiMapAttributes); - LdapAuthenticationHandler handler = createCesLDAPAuthenticationHandler(ldapProperties, authenticator, applicationContext, servicesManager, combinedGroupResolver); + LdapAuthenticationHandler handler = createCesLDAPAuthenticationHandler(ldapProperties, authenticator, applicationContext, combinedGroupResolver); configureLDAPAuthenticationHandler(handler, ldapProperties, multiMapAttributes, authenticator, applicationContext); handler.initialize(); @@ -109,11 +106,10 @@ private Authenticator createAuthenticator(LdapAuthenticationProperties ldapPrope private LdapAuthenticationHandler createCesLDAPAuthenticationHandler(LdapAuthenticationProperties ldapProperties, Authenticator authenticator, ConfigurableApplicationContext applicationContext, - ServicesManager servicesManager, CombinedGroupResolver combinedGroupResolver) { AuthenticationPasswordPolicyHandlingStrategy strategy = LdapUtils.createLdapPasswordPolicyHandlingStrategy(ldapProperties, applicationContext); - return new CesGroupAwareLdapAuthenticationHandler(ldapProperties.getName(), servicesManager, PrincipalFactoryUtils.newPrincipalFactory(), + return new CesGroupAwareLdapAuthenticationHandler(ldapProperties.getName(), PrincipalFactoryUtils.newPrincipalFactory(), authenticator, strategy, combinedGroupResolver); } diff --git a/app/src/main/java/de/triology/cas/oidc/config/CesOidcConfiguration.java b/app/src/main/java/de/triology/cas/oidc/config/CesOidcConfiguration.java index 4956f7e4..777c438e 100644 --- a/app/src/main/java/de/triology/cas/oidc/config/CesOidcConfiguration.java +++ b/app/src/main/java/de/triology/cas/oidc/config/CesOidcConfiguration.java @@ -50,7 +50,6 @@ import java.util.Arrays; import java.util.Collection; import java.util.List; -import java.util.Optional; import com.github.benmanes.caffeine.cache.Cache; @@ -178,7 +177,7 @@ public DelegatedIdentityProviderFactory customDelegatedClientFactory( private volatile List cached; - public List buildOnce() { + public List buildOnce(CasConfigurationProperties properties) { LOGGER.debug("Creating delegated clients from ces.delegation.oidc.clients..."); List clients = new ArrayList<>(); @@ -206,7 +205,7 @@ public List buildOnce() { var client = new OidcClient(config); client.setName(clientProps.getClientName()); - String callbackUrl = casProperties.getServer().getPrefix() + "/login"; + String callbackUrl = properties.getServer().getPrefix() + "/login"; client.setCallbackUrl(callbackUrl); LOGGER.debug("Registered delegated OIDC client [{}] with discovery [{}]", client.getName(), clientProps.getDiscoveryUri()); @@ -218,21 +217,44 @@ public List buildOnce() { @Override public List build() { - if (cached == null) { - synchronized (this) { - if (cached == null) cached = buildOnce(); + if (cached == null) { + synchronized (this) { + if (cached == null) { + cached = buildOnce(casProperties); + } + } } - } - return cached; + return cached; } @Override - public Collection rebuild() { + public List rebuild() { synchronized (this) { - cached = buildOnce(); + cached = buildOnce(casProperties); return cached; } } + + @Override + public List buildFrom(CasConfigurationProperties properties) { + return buildOnce(properties); + } + + @Override + public void store(String key, List currentClients) { + pac4jDelegatedClientFactoryCache.put(key, currentClients); + } + + @Override + public List retrieve(String key) { + Collection clients = pac4jDelegatedClientFactoryCache.getIfPresent(key); + return clients == null ? List.of() : new ArrayList<>(clients); + } + + @Override + public void destroy() { + cached = null; + } }; } @@ -255,17 +277,10 @@ public DelegatedIdentityProviders delegatedIdentityProviders( CasConfigurationProperties casProperties, DelegatedIdentityProviderFactory customFactory ) { - LOGGER.debug("Setting up custom delegated identity providers..."); - // build once (initialized clients) - final List initialized = new ArrayList<>(customFactory.build()); - - return new DelegatedIdentityProviders() { - @Override public List findAllClients() { return new ArrayList<>(initialized); } - @Override public List findAllClients(Service s, WebContext c) { return findAllClients(); } - @Override public Optional findClient(String name) { - return initialized.stream().filter(c -> c.getName().equalsIgnoreCase(name)).map(Client.class::cast).findFirst(); - } - }; + LOGGER.debug("Setting up custom delegated identity providers..."); + final List initialized = new ArrayList<>(customFactory.build()); + + return (Service service, WebContext webContext) -> new ArrayList<>(initialized); } @@ -273,7 +288,10 @@ public DelegatedIdentityProviders delegatedIdentityProviders( @Bean @RefreshScope public Clients builtClients(DelegatedIdentityProviders delegatedIdentityProviders) { - var allClients = delegatedIdentityProviders.findAllClients(); + List allClients = delegatedIdentityProviders.findAllClients((WebContext) null) + .stream() + .map(Client.class::cast) + .toList(); return new Clients(allClients); } diff --git a/app/src/test/java/de/triology/cas/oidc/config/CesOidcConfigurationTests.java b/app/src/test/java/de/triology/cas/oidc/config/CesOidcConfigurationTests.java index eb925002..0ca35aa7 100644 --- a/app/src/test/java/de/triology/cas/oidc/config/CesOidcConfigurationTests.java +++ b/app/src/test/java/de/triology/cas/oidc/config/CesOidcConfigurationTests.java @@ -1,35 +1,27 @@ package de.triology.cas.oidc.config; -import org.apereo.cas.configuration.model.support.ldap.LdapAuthenticationProperties; import de.triology.cas.oidc.beans.delegation.CesDelegatedOidcClientProperties; import de.triology.cas.oidc.beans.delegation.CesDelegatedOidcClientsProperties; +import org.apereo.cas.authentication.principal.Service; import org.apereo.cas.configuration.CasConfigurationProperties; +import org.apereo.cas.configuration.model.core.CasServerProperties; import org.apereo.cas.pac4j.client.DelegatedIdentityProviderFactory; import org.apereo.cas.pac4j.client.DelegatedIdentityProviders; +import org.apereo.cas.util.LdapUtils; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.pac4j.core.client.BaseClient; import org.pac4j.core.client.Clients; +import org.pac4j.core.context.WebContext; import org.springframework.beans.factory.ObjectProvider; import org.springframework.context.ConfigurableApplicationContext; -import java.lang.reflect.Field; -import java.util.Collection; +import java.lang.reflect.Field; import java.util.Collections; -import java.util.List; -import java.util.Optional; import static org.junit.jupiter.api.Assertions.*; import static org.mockito.Mockito.*; import static org.mockito.Mockito.mockStatic; -import org.apereo.cas.util.LdapUtils; - - - -import org.apereo.cas.configuration.model.core.CasServerProperties; - -import java.util.Collection; -import java.util.List; class CesOidcConfigurationTests { @@ -66,30 +58,32 @@ void shouldBuildCustomDelegatedClientsFactory() { var factory = configuration.customDelegatedClientFactory(casProperties, cache, applicationContext, clientsProps); assertNotNull(factory); - assertTrue(factory.build() instanceof Collection); + assertNotNull(factory.build()); } @Test void shouldReturnDelegatedIdentityProviders() { - var casProperties = mock(CasConfigurationProperties.class); - DelegatedIdentityProviderFactory factory = mock(DelegatedIdentityProviderFactory.class); - when(factory.build()).thenReturn(Collections.emptyList()); + var client = delegatedClient("oidc-client"); + var providers = delegatedIdentityProvidersFor(client); + var service = mock(Service.class); + var webContext = mock(WebContext.class); - var providers = configuration.delegatedIdentityProviders(casProperties, factory); assertNotNull(providers); - assertTrue(providers.findAllClients().isEmpty()); - assertTrue(providers.findClient("unknown").isEmpty()); + assertEquals(java.util.List.of(client), providers.findAllClients(service, webContext)); + assertEquals(java.util.List.of(client), providers.findAllClients(webContext)); + assertSame(client, providers.findClient("OIDC-CLIENT", webContext).orElseThrow()); + assertTrue(providers.findClient("unknown", webContext).isEmpty()); } @Test void shouldBuildClients() { - var providers = mock(DelegatedIdentityProviders.class); - when(providers.findAllClients()).thenReturn(Collections.emptyList()); + var client = delegatedClient("oidc-client"); + var providers = delegatedIdentityProvidersFor(client); var clients = configuration.builtClients(providers); assertNotNull(clients); - assertTrue(clients.getClients().isEmpty()); + assertEquals(java.util.List.of(client), clients.getClients()); } @Test @@ -117,7 +111,7 @@ void shouldCreateClientUserProfileProvisioner() { var ldapProps = mock(org.apereo.cas.configuration.model.support.ldap.LdapAuthenticationProperties.class); when(casProperties.getAuthn()).thenReturn(authnProps); - when(authnProps.getLdap()).thenReturn(List.of(ldapProps)); + when(authnProps.getLdap()).thenReturn(java.util.List.of(ldapProps)); when(ldapProps.getBaseDn()).thenReturn("dc=example,dc=org"); when(ldapProps.getLdapUrl()).thenReturn("ldap://localhost"); @@ -173,7 +167,7 @@ void shouldLogWhenNoDelegatedClientsAvailable() { when(factory.build()).thenReturn(Collections.emptyList()); var providers = configuration.delegatedIdentityProviders(casProperties, factory); - var clients = providers.findAllClients(); + var clients = providers.findAllClients(mock(WebContext.class)); assertTrue(clients.isEmpty(), "Clients should be empty, triggering log output"); } @@ -203,7 +197,7 @@ void shouldSkipInvalidOidcClientProperties() { invalidClientProps.setClientName("invalid-client"); // nur Name, Rest fehlt var clientsProps = new CesDelegatedOidcClientsProperties(); - clientsProps.setClients(List.of(invalidClientProps)); + clientsProps.setClients(java.util.List.of(invalidClientProps)); var factory = configuration.customDelegatedClientFactory(casProperties, cache, applicationContext, clientsProps); var clients = factory.build(); @@ -223,6 +217,20 @@ private void setField(Object target, String fieldName, Object value) throws Exce field.set(target, value); } + private BaseClient delegatedClient(String name) { + var client = mock(BaseClient.class); + when(client.getName()).thenReturn(name); + return client; + } + + private DelegatedIdentityProviders delegatedIdentityProvidersFor(BaseClient... clients) { + var casProperties = mock(CasConfigurationProperties.class); + DelegatedIdentityProviderFactory factory = mock(DelegatedIdentityProviderFactory.class); + when(factory.build()).thenReturn(java.util.List.of(clients)); + + return configuration.delegatedIdentityProviders(casProperties, factory); + } + @Test void shouldBuildValidOidcClientFromProperties() { //var configuration = new CesOidcConfiguration(); // wird schon von @BeforeEach bereitgestellt @@ -239,14 +247,14 @@ void shouldBuildValidOidcClientFromProperties() { clientProps.setPreferredJwsAlgorithm("RS256"); var clientsProps = new CesDelegatedOidcClientsProperties(); - clientsProps.setClients(List.of(clientProps)); + clientsProps.setClients(java.util.List.of(clientProps)); var serverProps = mock(CasServerProperties.class); when(serverProps.getPrefix()).thenReturn("https://cas.example.org"); when(casProperties.getServer()).thenReturn(serverProps); var factory = configuration.customDelegatedClientFactory(casProperties, cache, applicationContext, clientsProps); - Collection clients = factory.build(); + var clients = factory.build(); assertEquals(1, clients.size()); var client = (org.pac4j.oidc.client.OidcClient) clients.iterator().next(); diff --git a/build/make/coder-lib.sh b/build/make/coder-lib.sh index 2b5d1986..2bcc740c 100755 --- a/build/make/coder-lib.sh +++ b/build/make/coder-lib.sh @@ -88,7 +88,7 @@ function doTrivyConvert() { "$containerExec" run --rm --pull=always \ -v trivy-cache:/root/.cache \ -v "$jsonScanToConvert:$containerJsonScanFile" \ - aquasec/trivy -q \ + "${TRIVY_IMAGE}" -q \ convert $trivyFlags "$containerJsonScanFile" > "$outputFile" } diff --git a/build/make/coder.mk b/build/make/coder.mk index 07f4d43e..5a82d6a9 100644 --- a/build/make/coder.mk +++ b/build/make/coder.mk @@ -35,6 +35,10 @@ GOPASS_BIN?=$(shell command -v gopass 2> /dev/null) EXCLUDED_TEMPLATE_FILES?=rich-parameters.yaml variables.yaml +TRIVY_VERSION ?= latest +TRIVY_IMAGE = aquasec/trivy:$(TRIVY_VERSION) + +export TRIVY_IMAGE ##@ Coder template development @@ -107,7 +111,7 @@ ${CONTAINER_IMAGE_TRIVY_SCAN_JSON}: ${CONTAINER_IMAGE_TAR} ${CONTAINER_BIN} run --rm --pull=always \ -v "trivy-cache:/root/.cache" \ -v "${CONTAINER_IMAGE_TAR}:/tmp/image.tar" \ - aquasec/trivy -q \ + $(TRIVY_IMAGE) -q \ image --scanners vuln --input /tmp/image.tar -f json --timeout 15m \ > ${CONTAINER_IMAGE_TRIVY_SCAN_JSON} diff --git a/build/make/k8s-component.mk b/build/make/k8s-component.mk index 6ad3604e..7eaa4399 100644 --- a/build/make/k8s-component.mk +++ b/build/make/k8s-component.mk @@ -2,7 +2,9 @@ COMPONENT_ARTIFACT_ID?=$(ARTIFACT_ID) COMPONENT_BUILD_VERSION := $(shell date +%s) COMPONENT_DEV_VERSION?=${VERSION}-dev.${COMPONENT_BUILD_VERSION} -include ${BUILD_DIR}/make/k8s.mk +ifeq (${K8S_MK_INCLUDE_MARKER}, ) + include ${BUILD_DIR}/make/k8s.mk +endif ifeq (${RUNTIME_ENV}, local) BINARY_HELM_ADDITIONAL_PUSH_ARGS?=--plain-http diff --git a/build/make/k8s-dogu.mk b/build/make/k8s-dogu.mk index e656b173..30e7a039 100644 --- a/build/make/k8s-dogu.mk +++ b/build/make/k8s-dogu.mk @@ -11,12 +11,16 @@ VERSION=$(shell $(BINARY_YQ) -oy -e ".Version" $(DOGU_JSON_FILE)) # Image of the dogu is extracted from the dogu.json IMAGE=$(shell $(BINARY_YQ) -oy -e ".Image" $(DOGU_JSON_FILE)):$(VERSION) -include $(BUILD_DIR)/make/k8s.mk +PRE_BUILD_TARGETS ?= + +ifeq (${K8S_MK_INCLUDE_MARKER}, ) + include ${BUILD_DIR}/make/k8s.mk +endif ##@ K8s - EcoSystem .PHONY: build -build: image-import install-dogu-descriptor create-dogu-resource apply-dogu-resource ## Builds a new version of the dogu and deploys it into the K8s-EcoSystem. +build: ${PRE_BUILD_TARGETS} image-import install-dogu-descriptor create-dogu-resource apply-dogu-resource ## Builds a new version of the dogu and deploys it into the K8s-EcoSystem. ##@ K8s - Dogu - Resource diff --git a/build/make/k8s.mk b/build/make/k8s.mk index a282948d..d8e44a53 100644 --- a/build/make/k8s.mk +++ b/build/make/k8s.mk @@ -6,13 +6,28 @@ endif ## Variables +K8S_MK_INCLUDE_MARKER="k8s.mk" + BINARY_YQ = $(UTILITY_BIN_PATH)/yq BINARY_YQ_4_VERSION?=v4.40.3 + BINARY_HELM = $(UTILITY_BIN_PATH)/helm -BINARY_HELM_VERSION?=v3.13.0 +BINARY_HELM_VERSION?=v3.20.2 +BINARY_HELM_URL?=https://get.helm.sh/helm-${BINARY_HELM_VERSION}-linux-amd64.tar.gz +BINARY_HELM_SUM?=258e830a9e613c8a7a302d6059b4bb3b9758f2f3e1bb8ea0d707ce10a9a72fea +BINARY_HELM_ARCHIVE_PATH?=linux-amd64/helm +BINARY_HELM_ARCHIVE_STRIP?=1 + CONTROLLER_GEN = $(UTILITY_BIN_PATH)/controller-gen CONTROLLER_GEN_VERSION?=v0.19.0 +BINARY_CRANE_VERSION=v0.21.4 +BINARY_CRANE=$(UTILITY_BIN_PATH)/crane +BINARY_CRANE_URL?=https://github.com/google/go-containerregistry/releases/download/${BINARY_CRANE_VERSION}/go-containerregistry_Linux_x86_64.tar.gz +BINARY_CRANE_SUM?=3b6032bcf412e14cf3baf964a4065f2966af906ec947ab22478df5f74705c892 +BINARY_CRANE_ARCHIVE_PATH?=crane +BINARY_CRANE_ARCHIVE_STRIP?=0 + # Setting SHELL to bash allows bash commands to be executed by recipes. # Options are set to exit when a recipe line exits non-zero or a piped command fails. SHELL = /usr/bin/env bash -o pipefail @@ -193,7 +208,13 @@ ${BINARY_YQ}: $(UTILITY_BIN_PATH) install-helm: ${BINARY_HELM} ${BINARY_HELM}: $(UTILITY_BIN_PATH) - $(call go-get-tool,$(BINARY_HELM),helm.sh/helm/v3/cmd/helm@${BINARY_HELM_VERSION}) + $(call curl-get-tool-from-tar,$(BINARY_HELM),$(BINARY_HELM_URL),$(BINARY_HELM_SUM),$(BINARY_HELM_ARCHIVE_PATH),$(BINARY_HELM_ARCHIVE_STRIP)) + +.PHONY: install-crane ## Installs crane. +install-crane: ${BINARY_CRANE} + +${BINARY_CRANE}: $(UTILITY_BIN_PATH) + $(call curl-get-tool-from-tar,$(BINARY_CRANE),$(BINARY_CRANE_URL),$(BINARY_CRANE_SUM),$(BINARY_CRANE_ARCHIVE_PATH),$(BINARY_CRANE_ARCHIVE_STRIP)) .PHONY: controller-gen controller-gen: ${CONTROLLER_GEN} ## Download controller-gen locally if necessary. diff --git a/build/make/test-common.mk b/build/make/test-common.mk index efc0bc79..1946f83e 100644 --- a/build/make/test-common.mk +++ b/build/make/test-common.mk @@ -1,3 +1,5 @@ +TEST_COMMON_MK_INCLUDE_MARKER="test-common.mk" + GO_JUNIT_REPORT=$(UTILITY_BIN_PATH)/go-junit-report GO_JUNIT_REPORT_VERSION=v2.1.0 diff --git a/build/make/test-integration.mk b/build/make/test-integration.mk index 9a3103c6..cefad991 100644 --- a/build/make/test-integration.mk +++ b/build/make/test-integration.mk @@ -1,3 +1,8 @@ +# this also works with older main Makefiles which include all test*.mk files on top-level. +ifeq (${TEST_COMMON_MK_INCLUDE_MARKER}, ) + include ${BUILD_DIR}/make/test-common.mk +endif + ##@ Integration testing INTEGRATION_TEST_DIR=$(TARGET_DIR)/integration-tests diff --git a/build/make/test-unit.mk b/build/make/test-unit.mk index c6994a45..03cce8ab 100644 --- a/build/make/test-unit.mk +++ b/build/make/test-unit.mk @@ -1,3 +1,7 @@ +ifeq (${TEST_COMMON_MK_INCLUDE_MARKER}, ) + include ${BUILD_DIR}/make/test-common.mk +endif + ##@ Unit testing UNIT_TEST_DIR=$(TARGET_DIR)/unit-tests diff --git a/build/make/variables.mk b/build/make/variables.mk index 639a8b13..5558626a 100644 --- a/build/make/variables.mk +++ b/build/make/variables.mk @@ -95,3 +95,18 @@ define go-get-tool rm -rf $$TMP_DIR ;\ } endef + +# curl-get-tool-from-tar 'curl get' any source tar $2, sha256 checks with $3 and installs the file path $4 to $1. The intermediate folders from the archive can be stripped with $5 (Use 0 if the binary is in root). +define curl-get-tool-from-tar + @[ -f $(1) ] || { \ + set -e ;\ + echo "Downloading $(2) to $(1)" ;\ + TMP_FILE_PATH="$(TMP_DIR)/$$(basename "$(1)")" ;\ + mkdir -p "$(TMP_DIR)" ;\ + curl -L -s -o "$$TMP_FILE_PATH" "$(2)" ;\ + echo "Checking with sum: $3" ;\ + echo "$(3) $$TMP_FILE_PATH" | sha256sum -c ;\ + echo "Extracting $(4) to $$(dirname $(1))" ;\ + tar -xf $$TMP_FILE_PATH -C $$(dirname $(1)) --strip-components=$(5) $(4) ;\ + } +endef diff --git a/dogu.json b/dogu.json index 38820330..7126f3bb 100644 --- a/dogu.json +++ b/dogu.json @@ -1,6 +1,6 @@ { "Name": "official/cas", - "Version": "7.2.7-16", + "Version": "7.3.6-0", "DisplayName": "Central Authentication Service", "Description": "The Central Authentication Service (CAS) is a single sign-on protocol for the web.", "Url": "https://apereo.github.io/cas", diff --git a/k8s/helm/component-patch-tpl.yaml b/k8s/helm/component-patch-tpl.yaml index 8f4f7481..2231d596 100644 --- a/k8s/helm/component-patch-tpl.yaml +++ b/k8s/helm/component-patch-tpl.yaml @@ -1,7 +1,7 @@ apiVersion: v1 values: images: - cas: registry.cloudogu.com/official/cas:7.2.7-16 + cas: registry.cloudogu.com/official/cas:7.3.6-0 volumeChownInit: docker.io/busybox:1.36 additionalMountsInit: docker.io/cloudogu/dogu-additional-mounts-init:0.1.2 patches: diff --git a/k8s/helm/values.yaml b/k8s/helm/values.yaml index 2ec2fb1e..caffaa12 100644 --- a/k8s/helm/values.yaml +++ b/k8s/helm/values.yaml @@ -80,7 +80,7 @@ containers: image: registry: registry.cloudogu.com repository: official/cas - tag: 7.2.7-16 + tag: 7.3.6-0 imagePullPolicy: IfNotPresent securityContext: capabilities: diff --git a/package.json b/package.json index dbd39957..4eb83996 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "ces-style-generator", - "version": "7.2.7-16", + "version": "7.3.6-0", "description": "Npm project to use ces-theme to generate styling", "main": "index.js", "directories": {