Initial release of OUD on docker for oracle/docker-images (oracle#911)

* initial release of OUD on docker for oracle/docker-images

Signed-off-by: Stefan Oehrli <[email protected]>

OracleUnifiedDirectory/LICENSE

@@ -0,0 +1,27 @@
+Copyright (c) 2018 Oracle and/or its affiliates.  All rights reserved.
+
+The Universal Permissive License (UPL), Version 1.0
+
+Subject to the condition set forth below, permission is hereby granted to any person obtaining a copy of this
+software, associated documentation and/or data (collectively the "Software"), free of charge and under any and
+all copyright rights in the Software, and any and all patent rights owned or freely licensable by each licensor
+hereunder covering either (i) the unmodified Software as contributed to or provided by such licensor, or
+(ii) the Larger Works (as defined below), to deal in both
+
+(a) the Software, and
+(b) any piece of software and/or hardware listed in the lrgrwrks.txt file if one is included with the Software
+(each a “Larger Work” to which the Software is contributed by such licensors),
+
+without restriction, including without limitation the rights to copy, create derivative works of, display,
+perform, and distribute the Software and make, use, sell, offer for sale, import, export, have made, and have
+sold the Software and the Larger Work(s), and to sublicense the foregoing rights on either these or other terms.
+
+This license is subject to the following condition:
+The above copyright notice and either this complete permission notice or at a minimum a reference to the UPL must
+be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
+THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
+CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+IN THE SOFTWARE.

OracleUnifiedDirectory/dockerfiles/12.2.1.3/Dockerfile

@@ -0,0 +1,136 @@
+# ----------------------------------------------------------------------
+# Trivadis AG, Infrastructure Managed Services
+# Saegereistrasse 29, 8152 Glattbrugg, Switzerland
+# ----------------------------------------------------------------------
+# Name.......: Dockerfile
+# Author.....: Stefan Oehrli (oes) [email protected]
+# Editor.....: Stefan Oehrli
+# Date.......: 2018.03.19
+# Revision...: 1.0
+# Purpose....: This Dockerfile is to build Oracle Unifid Directory
+# Notes......: --
+# Reference..: --
+# License....: Licensed under the Universal Permissive License v 1.0 as
+#              shown at http://oss.oracle.com/licenses/upl.
+# ----------------------------------------------------------------------
+# Modified...:
+# see git revision history for more information on changes/updates
+# ----------------------------------------------------------------------
+
+# Pull base image
+# ----------------------------------------------------------------------
+FROM oracle/serverjre:8
+
+# Maintainer
+# ----------------------------------------------------------------------
+LABEL maintainer="[email protected]"
+
+# Arguments for Oracle Installation
+ARG ORACLE_ROOT
+ARG ORACLE_DATA
+ARG ORACLE_BASE
+ARG ORAREPO
+
+# Environment variables required for this build (do NOT change)
+# -------------------------------------------------------------
+ENV ORAREPO=${ORAREPO:-orarepo} \
+    DOWNLOAD="/tmp/download" \
+    DOCKER_SCRIPTS="/opt/docker/bin" \
+    START_SCRIPT="start_oud_instance.sh" \
+    CHECK_SCRIPT="check_oud_instance.sh" \
+    INSTALL_SCRIPT="setup_oud.sh" \
+    USER_MEM_ARGS="-Djava.security.egd=file:/dev/./urandom" \
+    ORACLE_HOME_NAME="fmw12.2.1.3.0" \
+    ORACLE_ROOT=${ORACLE_ROOT:-/u00} \
+    ORACLE_DATA=${ORACLE_DATA:-/u01} \
+    OUD_INSTANCE=${OUD_INSTANCE:-oud_docker} \
+    PORT="${PORT:-1389}" \
+    PORT_SSL="${PORT_SSL:-1636}" \
+    PORT_HTTP="${PORT_HTTP:-8080}" \
+    PORT_HTTPS="${PORT_HTTPS:-10443}" \
+    PORT_REP="${PORT_REP:-8989}" \
+    PORT_ADMIN="${PORT_ADMIN:-4444}" \
+    PORT_ADMIN_HTTP="${PORT_ADMIN_HTTP:-8444}" \
+    FMW_OUD_PKG="p26270957_122130_Generic.zip"
+
+# Use second ENV so that variable get substituted
+ENV ORACLE_BASE=${ORACLE_BASE:-$ORACLE_ROOT/app/oracle} \
+    OUD_INSTANCE_BASE=${OUD_INSTANCE_BASE:-$ORACLE_DATA/instances}
+
+# same same but different...
+# third ENV so that variable get substituted
+ENV PATH=${PATH}:"${OUD_INSTANCE_HOME}/OUD/bin:${ORACLE_BASE}/product/${ORACLE_HOME_NAME}/oud/bin:${DOCKER_SCRIPTS}" \
+    ORACLE_HOME=${ORACLE_BASE}/product/${ORACLE_HOME_NAME}
+
+# RUN as user root
+# ----------------------------------------------------------------------
+# - create group oracle and oinstall
+# - create user oracle
+# - setup subdirectory to install OUDpackage and container-scripts
+# - create softlink for the OUD setup scripts
+# - adjust owner ship of download folder
+# - relax java.security and allow 3DES_EDE_CBC see MOS Note 2397791.1
+# -----------------------------------------------------------------
+RUN groupadd --gid 1000 oracle && \
+    groupadd --gid 1010 oinstall && \
+    useradd --create-home --gid oracle --groups oracle,oinstall \
+        --shell /bin/bash oracle && \
+    install --owner oracle --group oracle --mode=775 --verbose --directory \
+        ${ORACLE_ROOT} \
+        ${ORACLE_BASE} \
+        ${ORACLE_DATA} \
+        ${DOWNLOAD} \
+        ${DOCKER_SCRIPTS} && \
+    ln -s ${ORACLE_DATA}/scripts /docker-entrypoint-initdb.d && \
+    chown oracle:oinstall ${DOWNLOAD} && \
+    sed -i 's/, 3DES_EDE_CBC//' $(find /usr/java -name java.security)
+
+# Fallback if the base image does not provide libaio, tar and gzip
+# This yum command will only be executed, if one of the file is not
+# available. Otherwise it will just create the *.lang file and remove the
+# yum cache which is anyway not there.
+# -----------------------------------------------------------------
+RUN echo "%_install_langs   en" >/etc/rpm/macros.lang && \
+    [ -f /usr/bin/tar -a -f /usr/bin/gzip -a -f /lib64/libaio.so.? ] || \
+    yum install -y libaio gzip tar && \
+    rm -rf /var/cache/yum
+
+# Copy scripts and software
+# ----------------------------------------------------------------------
+# copy all setup scripts to DOCKER_BIN
+COPY scripts/* "${DOCKER_SCRIPTS}/"
+
+# COPY oud/software and response files
+COPY *zip* install.rsp oraInst.loc "${DOWNLOAD}/"
+
+# RUN as oracle
+# Switch to user oracle, oracle software as to be installed with regular user
+# ----------------------------------------------------------------------
+USER oracle
+RUN "${DOCKER_SCRIPTS}/${INSTALL_SCRIPT}" ${FMW_OUD_PKG}
+
+# get the latest OUD base from GitHub and install it
+RUN "${DOCKER_SCRIPTS}/setup_oudbase.sh"
+
+# Finalize image
+# ----------------------------------------------------------------------
+# expose the OUD ports for ldap, ldaps, http, https, replication, 
+# administration and http administration
+EXPOSE  ${PORT} ${PORT_SSL} \
+        ${PORT_HTTP} ${PORT_HTTPS} \
+        ${PORT_REP} \
+        ${PORT_ADMIN} ${PORT_ADMIN_HTTP}
+
+# run container health check
+HEALTHCHECK --interval=1m --start-period=5m \
+   CMD "${DOCKER_SCRIPTS}/${CHECK_SCRIPT}" >/dev/null || exit 1
+
+# Oracle data volume for OUD instance and configuration files
+VOLUME ["${ORACLE_DATA}"]
+
+# set workding directory
+WORKDIR "${ORACLE_BASE}"
+
+# Define default command to start OUD instance
+CMD exec "${DOCKER_SCRIPTS}/${START_SCRIPT}"
+# --- EOF --------------------------------------------------------------

OracleUnifiedDirectory/dockerfiles/12.2.1.3/install.rsp

@@ -0,0 +1,6 @@
+[ENGINE]
+Response File Version=1.0.0.0.0
+[GENERIC]
+DECLINE_SECURITY_UPDATES=true
+SECURITY_UPDATES_VIA_MYORACLESUPPORT=false
+INSTALL_TYPE="Standalone Oracle Unified Directory Server (Managed independently of WebLogic server)"

OracleUnifiedDirectory/dockerfiles/12.2.1.3/oraInst.loc

@@ -0,0 +1,2 @@
+inventory_loc=/u00/app/oracle/oraInventory
+inst_group=oinstall

OracleUnifiedDirectory/dockerfiles/12.2.1.3/p26270957_122130_Generic.zip.download

@@ -0,0 +1,10 @@
+# Download Fusion Middleware 12.2.1.3.0 Oracle Unified Directory
+#
+# The following link is a My Oracle Support (http://support.oracle.com) wget download link. You 
+# require a valid MOS Account to download Oracle Software from MOS.
+# Patch Download URL: https://updates.oracle.com/ARULink/PatchDetails/process_form?patch_num=26270957
+# Direct Download   : https://updates.oracle.com/Orion/Services/download/p26270957_122130_Generic.zip?aru=21504981&patch_file=p26270957_122130_Generic.zip
+#
+# SHA-256                                                        File
+# -------------------------------------------------------------- ---------------------------------
+e6c0b15f06220d9599a976e170f0a4bfc419dd7f64e6ea874618c4c48c89e9c1 p26270957_122130_Generic.zip

OracleUnifiedDirectory/dockerfiles/12.2.1.3/scripts/check_oud_instance.sh

@@ -0,0 +1,93 @@
+#!/bin/bash
+# ---------------------------------------------------------------------------
+# Trivadis AG, Infrastructure Managed Services
+# Saegereistrasse 29, 8152 Glattbrugg, Switzerland
+# ---------------------------------------------------------------------------
+# Name.......: check_oud_Instance.sh 
+# Author.....: Stefan Oehrli (oes) [email protected]
+# Editor.....: Stefan Oehrli
+# Date.......: 2017.12.04
+# Revision...: 
+# Purpose....: check the status of the OUD instance for docker HEALTHCHECK 
+# Notes......: Script is a wrapper for oud_status.sh. It makes sure, that the 
+#              status of the docker OUD instance is checked and the exit code
+#              of oud_status.sh is docker compliant (0 or 1).
+# Reference..: --
+# License....: Licensed under the Universal Permissive License v 1.0 as 
+#              shown at http://oss.oracle.com/licenses/upl.
+# ---------------------------------------------------------------------------
+# Modified...:
+# see git revision history for more information on changes/updates
+# ---------------------------------------------------------------------------
+
+# - Environment Variables ---------------------------------------------------
+# - Set default values for environment variables if not yet defined. 
+# ---------------------------------------------------------------------------
+# Default name for OUD instance
+export OUD_INSTANCE=${OUD_INSTANCE:-oud_docker}
+
+# OUD instance base directory
+export OUD_INSTANCE_BASE=${OUD_INSTANCE_BASE:-"$ORACLE_DATA/instances"}
+
+# Default values for the instance home and admin directory
+export OUD_INSTANCE_HOME=${OUD_INSTANCE_HOME:-"${OUD_INSTANCE_BASE}/${OUD_INSTANCE}"}
+export OUD_INSTANCE_ADMIN=${OUD_INSTANCE_ADMIN:-${ORACLE_DATA}/admin/${OUD_INSTANCE}}
+
+# Default value for the directory
+export ADMIN_USER=${ADMIN_USER:-'cn=Directory Manager'} # Default directory admin user
+export PWD_FILE=${PWD_FILE:-${OUD_INSTANCE_ADMIN}/etc/${OUD_INSTANCE}_pwd.txt}
+export TMP_DIRECTORY="/tmp"
+export TMP_FILE="${TMP_DIRECTORY}/$(basename $0).$$"
+# - EOF Environment Variables -----------------------------------------------
+
+# check if password file is available
+if [ ! -e ${PWD_FILE} ]; then
+    echo "$0: Can not find password file ${PWD_FILE}"
+    exit 1
+fi
+
+# Run status on OUD Instance
+${OUD_INSTANCE_HOME}/OUD/bin/status --script-friendly --no-prompt \
+    --noPropertiesFile --bindDN "${ADMIN_USER}" --bindPasswordFile ${PWD_FILE} \
+    --trustAll >${TMP_FILE} 2>&1
+OUD_ERROR=$?
+
+# handle errors from OUD status
+if [ ${OUD_ERROR} -gt 0 ]; then
+    echo "$0: Error ${OUD_ERROR} running status command ${OUD_INSTANCE_HOME}/OUD/bin/status"
+    exit 1
+fi
+
+ # adjust temp file 
+# and add a - at the end
+sed -i 's/^$/-/' ${TMP_FILE}
+# join Backend ID with multiple lines
+sed -i '/OracleContext for$/{N;s/\n/ /;}' ${TMP_FILE}
+# join Base DN with multiple lines
+sed -i '/^Base DN:$/{N;s/\n/                      /;}' ${TMP_FILE}
+
+# check Server Run Status
+if [ $(grep -ic 'Server Run Status: Started' ${TMP_FILE}) -eq 0 ]; then
+    echo "$0: Error OUD Instance ${OUD_INSTANCE} not running"
+    exit 1
+fi
+
+# check if connection handler are enabled
+for i in LDAP LDAPS; do
+    AWK_OUT=$(awk 'BEGIN{RS="\n-\n";FS="\n";IGNORECASE=1; Error=51} $1 ~ /^Address/ && $2 ~ /\<'${i}'\>/ {if ($3 ~ /\<Enabled\>/) Error=0; } END{exit Error}' ${TMP_FILE} )
+    OUD_ERROR=$?
+    if [ ${OUD_ERROR} -eq 51 ]; then
+        echo "$0: Connection Handler ${i} is not enabled on ${OUD_INSTANCE}"
+        exit 1
+    fi
+done
+
+if [ -e ${TMP_FILE} ]; then
+    rm ${TMP_FILE} 2>/dev/null
+    # remove oud status temp file due to an oracle Bug
+    rm /tmp/oud-status*.log 2>/dev/null
+fi
+
+# if we came that far just exit with 0
+exit 0
+# --- EOF -------------------------------------------------------------------

OracleUnifiedDirectory/dockerfiles/12.2.1.3/scripts/config_oud_instance.sh

@@ -0,0 +1,92 @@
+#!/bin/bash
+# ---------------------------------------------------------------------------
+# Trivadis AG, Infrastructure Managed Services
+# Saegereistrasse 29, 8152 Glattbrugg, Switzerland
+# ---------------------------------------------------------------------------
+# Name.......: config_oud_instance.sh 
+# Author.....: Stefan Oehrli (oes) [email protected]
+# Editor.....: Stefan Oehrli
+# Date.......: 2017.12.04
+# Revision...: 
+# Purpose....: Configure OUD instance using custom scripts 
+# Notes......: Script is a wrapper for custom setup script in SCRIPTS_ROOT 
+#              All files in folder SCRIPTS_ROOT will be executet but not in 
+#              any subfolder. Currently just *.sh, *.ldif and *.conf files 
+#              are supported.
+#              sh   : Shell scripts will be executed
+#              ldif : LDIF files will be loaded via ldapmodify
+#              conf : Config files will be loaded via dsconfig
+#              To ensure proper order it is recommended to prefix your scripts
+#              with a number. For example 01_instance.conf, 
+#              02_schemaextention.ldif, etc.
+# Reference..: --
+# License....: Licensed under the Universal Permissive License v 1.0 as 
+#              shown at http://oss.oracle.com/licenses/upl.
+# ---------------------------------------------------------------------------
+# Modified...:
+# see git revision history for more information on changes/updates
+# ---------------------------------------------------------------------------
+
+# Default name for OUD instance
+export OUD_INSTANCE=${OUD_INSTANCE:-oud_docker}
+
+# Default values for the instance home and admin directory
+export OUD_INSTANCE_ADMIN=${OUD_INSTANCE_ADMIN:-${ORACLE_DATA}/admin/${OUD_INSTANCE}}
+export OUD_INSTANCE_HOME=${OUD_INSTANCE_HOME:-"${OUD_INSTANCE_BASE}/${OUD_INSTANCE}"}
+
+# Default values for host and ports
+export HOST=$(hostname 2>/dev/null ||cat /etc/hostname ||echo $HOSTNAME)   # Hostname
+export PORT=${PORT:-1389}                               # Default LDAP port
+export PORT_ADMIN=${PORT_ADMIN:-4444}                   # Default admin port
+
+# Default value for the directory
+export ADMIN_USER=${ADMIN_USER:-'cn=Directory Manager'} # Default directory admin user
+export PWD_FILE=${PWD_FILE:-${OUD_INSTANCE_ADMIN}/etc/${OUD_INSTANCE}_pwd.txt}
+
+# default folder for OUD instance init scripts
+export OUD_INSTANCE_INIT=${OUD_INSTANCE_INIT:-$ORACLE_DATA/scripts}
+# - EOF Environment Variables -----------------------------------------------
+
+# use parameter 1 as script root
+SCRIPTS_ROOT="$1";
+
+# Check whether parameter has been passed on
+if [ -z "${SCRIPTS_ROOT}" ]; then
+   echo "$0: No SCRIPTS_ROOT passed on, no scripts will be run";
+   exit 1;
+fi
+
+# Execute custom provided files (only if directory exists and has files in it)
+if [ -d "${SCRIPTS_ROOT}" ] && [ -n "$(ls -A ${SCRIPTS_ROOT})" ]; then
+    echo "";
+    echo "--- Executing user defined scripts -------------------------------------"
+
+# Loop over the files in the current directory
+    for f in $(find ${SCRIPTS_ROOT} -maxdepth 1 -type f|sort); do
+        # Skip ldif and conf file if a bash script with same name exists
+        if [ -f "$(dirname $f)/$(basename $f .ldif).sh" ]; then
+            echo "INFO: skip file $f, bash script with same name exists."
+            continue
+        elif [ -f "$(dirname $f)/$(basename $f .conf).sh" ]; then
+            echo "INFO: skip file $f, bash script with same name exists."
+            continue
+        elif [ -f "$(dirname $f)/$(basename $f .sh).sh" ]; then
+            echo "INFO: bash script $f."
+        else
+            echo "INFO: no bash script for file $f."
+        fi
+        echo "--- --------------------------------------------------------------------"
+        case "$f" in
+            *.sh)     echo "INFO: running $f"; "$f" ;;
+            *.ldif)   echo "INFO: running $f"; echo "exit" | ${OUD_INSTANCE_HOME}/OUD/bin/ldapmodify --defaultAdd --hostname ${HOST} --port ${PORT} --bindDN "${ADMIN_USER}" --bindPasswordFile ${PWD_FILE} --filename "$f"; echo ;;
+            *.conf)   echo "INFO: running $f"; echo "exit" | ${OUD_INSTANCE_HOME}/OUD/bin/dsconfig --hostname ${HOST}  --port ${PORT_ADMIN} --bindDN "${ADMIN_USER}" --bindPasswordFile ${PWD_FILE} --trustAll --no-prompt -F "$f"; echo ;;
+            *)        echo "INFO: skip file $f" ;;
+        esac
+        echo "";
+    done
+    echo "--- Successfully executed user defined ---------------------------------"
+  echo ""
+else
+    echo "--- no user defined scripts to execute ---------------------------------"
+fi
+# --- EOF -------------------------------------------------------------------