diff --git a/conf/container/Dockerfile b/conf/container/Dockerfile new file mode 100644 index 00000000000..e3d7bb4fb9a --- /dev/null +++ b/conf/container/Dockerfile @@ -0,0 +1,210 @@ +# Copyright 2019 Forschungszentrum Jülich GmbH +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +################################################################################################################ +# +# THIS FILE IS TO BE USED WITH MAVEN DOCKER BUILD: +# mvn -Pct clean package docker:build +# +################################################################################################################ +# +# Some commands used are inspired by https://github.com/payara/Payara/tree/master/appserver/extras/docker-images. +# Most parts origin from older versions of https://github.com/gdcc/dataverse-kubernetes. +# +# We are not using upstream Payara images because: +# - Using same base image as Solr (https://hub.docker.com/_/solr) is reducing pulls +# - Their image is less optimised for production usage by design choices +# +FROM openjdk:11-jre +LABEL maintainer="FDM FZJ " +# Default payara ports to expose +# 4848: admin console +# 9009: debug port (JPDA) +# 8080: http +# 8181: https +EXPOSE 4848 9009 8080 8181 + +ENV HOME_DIR="/opt/payara" +ENV PAYARA_DIR="${HOME_DIR}/appserver" \ + SCRIPT_DIR="${HOME_DIR}/scripts" \ + CONFIG_DIR="${HOME_DIR}/config" \ + DEPLOY_DIR="${HOME_DIR}/deployments" \ + DATA_DIR="/data" \ + DOCROOT_DIR="/docroot" \ + METADATA_DIR="/metadata" \ + SECRETS_DIR="/secrets" \ + DUMPS_DIR="/dumps" \ + PASSWORD_FILE="${HOME_DIR}/passwordFile" \ + ADMIN_USER="admin" \ + ADMIN_PASSWORD="admin" \ + DOMAIN_NAME="domain1" \ + PAYARA_ARGS="" +ENV PATH="${PATH}:${PAYARA_DIR}/bin" \ + DOMAIN_DIR="${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}" \ + JVM_ARGS="" \ + MEM_MAX_RAM_PERCENTAGE="70.0" \ + MEM_XSS="512k" \ + PREBOOT_COMMANDS="${CONFIG_DIR}/pre-boot-commands.asadmin" \ + POSTBOOT_COMMANDS="${CONFIG_DIR}/post-boot-commands.asadmin" \ + DEPLOY_PROPS="" \ + # Make heap dumps on OOM appear in DUMPS_DIR + ENABLE_DUMPS=0 \ + JVM_DUMPS_ARGS="-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=\${ENV=DUMPS_DIR}" \ + # Documenting development options (see init_3_enabledev.sh) + ENABLE_JMX=0 \ + ENABLE_JDWP=0 \ + ENABLE_JREBEL=0 \ + JREBEL_LIB="${HOME_DIR}/jrebel/lib/libjrebel64.so" \ + DATAVERSE_VERSION="@project.version@" + +ARG PAYARA_VERSION="@payara.version@" +ARG ESH_VERSION=0.3.1 +ARG ESH_CHECKSUM="1e0bd783f930cba13d6708b11c1ac844bbb1eddd02ac1666fc10d47eb9517bd7" +ARG JATTACH_VERSION="v1.5" +ARG JATTACH_CHECKSUM="adab16e1081aa4fafc91f3f2e44262338a498d8f853d3c6801050889e6389548" +ARG PKGS="jq imagemagick curl unzip wget acl dirmngr gpg lsof procps netcat tini" +ARG ASADMIN="${PAYARA_DIR}/bin/asadmin --user=${ADMIN_USER} --passwordfile=${PASSWORD_FILE}" + +### PART 1: SYSTEM ### +USER root +WORKDIR / +RUN true && \ + # Create pathes + mkdir -p ${HOME_DIR} ${PAYARA_DIR} ${DEPLOY_DIR} ${CONFIG_DIR} ${SCRIPT_DIR} && \ + mkdir -p ${DATA_DIR} ${METADATA_DIR} ${DOCROOT_DIR} ${SECRETS_DIR} ${DUMPS_DIR} && \ + # Create user + addgroup --gid 1000 payara && \ + adduser --system --uid 1000 --no-create-home --shell /bin/bash --home "${HOME_DIR}" --gecos "" --ingroup payara payara && \ + echo payara:payara | chpasswd && \ + # Set permissions + chown -R payara: ${HOME_DIR} && \ + chown -R payara: ${DATA_DIR} ${METADATA_DIR} ${DOCROOT_DIR} ${SECRETS_DIR} ${DUMPS_DIR} + +RUN true && \ + # Install packages + apt-get update -q && \ + apt-get install -qqy ${PKGS} && \ + + # Download & check esh template script + curl -sSfL -o /usr/bin/esh https://raw.githubusercontent.com/jirutka/esh/v${ESH_VERSION}/esh && \ + echo "${ESH_CHECKSUM} /usr/bin/esh" | sha256sum -c - && \ + chmod +x /usr/bin/esh && \ + + # Install jattach + curl -sSfL -o /usr/bin/jattach https://github.com/apangin/jattach/releases/download/${JATTACH_VERSION}/jattach && \ + echo "${JATTACH_CHECKSUM} /usr/bin/jattach" | sha256sum -c - && \ + chmod +x /usr/bin/jattach && \ + + # Download & unzip JRebel to $JREBEL_LIB = ${HOME_DIR}/jrebel/lib/libjrebel64.so (for development use) + curl -sS -f -o ${HOME_DIR}/jrebel.zip http://dl.zeroturnaround.com/jrebel-stable-nosetup.zip && \ + unzip -q "${HOME_DIR}/jrebel.zip" -d "${HOME_DIR}" && \ + + # Cleanup + rm -rf /var/lib/apt/lists/* "${HOME_DIR}/jrebel.zip" + +### PART 2: PAYARA ### +# After setting up system, now configure Payara +USER payara +WORKDIR ${HOME_DIR} + +# Download, check and install Payara +RUN curl -sSfL -o payara.zip "https://repo1.maven.org/maven2/fish/payara/distributions/payara/${PAYARA_VERSION}/payara-${PAYARA_VERSION}.zip" && \ + curl -sSfL -o payara.zip.sha256 "https://repo1.maven.org/maven2/fish/payara/distributions/payara/${PAYARA_VERSION}/payara-${PAYARA_VERSION}.zip.sha256" && \ + echo "$(cat payara.zip.sha256) payara.zip" | sha256sum -c - && \ + unzip -q payara.zip -d ${HOME_DIR} && \ + mv ${HOME_DIR}/payara5/* ${PAYARA_DIR}/ && \ + rm -rf ${HOME_DIR}/payara5 payara.zip* + +# Copy the system (appserver level) scripts like entrypoint, etc +COPY --chown=payara:payara maven/scripts/system ${SCRIPT_DIR}/ + +# TODO: refactor and make production ready +# Configure the domain to be container and production ready +RUN true && \ + # Set admin password + echo "AS_ADMIN_PASSWORD=\nAS_ADMIN_NEWPASSWORD=${ADMIN_PASSWORD}" > /tmp/password-change-file.txt && \ + echo "AS_ADMIN_PASSWORD=${ADMIN_PASSWORD}" >> ${PASSWORD_FILE} && \ + asadmin --user=${ADMIN_USER} --passwordfile=/tmp/password-change-file.txt change-admin-password --domain_name=${DOMAIN_NAME} && \ + # Start domain for configuration + ${ASADMIN} start-domain ${DOMAIN_NAME} && \ + # Allow access to admin with password only + ${ASADMIN} enable-secure-admin && \ + + ### CONTAINER USAGE ENABLEMENT + # List & delete memory settings from domain + for MEMORY_JVM_OPTION in $(${ASADMIN} list-jvm-options | grep "Xm[sx]\|Xss\|NewRatio"); \ + do \ + ${ASADMIN} delete-jvm-options $(echo $MEMORY_JVM_OPTION | sed -e 's/:/\\:/g'); \ + done && \ + ${ASADMIN} create-jvm-options '-XX\:+UseContainerSupport:-XX\:MaxRAMPercentage=${ENV=MEM_MAX_RAM_PERCENTAGE}:-Xss${ENV=MEM_XSS}' && \ + # Set logging to console only + ${ASADMIN} set-log-attributes com.sun.enterprise.server.logging.GFFileHandler.logtoFile=false && \ + + ### PRODUCTION READINESS + ${ASADMIN} create-jvm-options '-XX\:+UseG1GC:-XX\:+UseStringDeduplication:-XX\:MaxGCPauseMillis=500' && \ + ${ASADMIN} create-jvm-options '-XX\:MetaspaceSize=256m:-XX\:MaxMetaspaceSize=2g:-XX\:+IgnoreUnrecognizedVMOptions' && \ + # Enlarge thread pools + ${ASADMIN} set server-config.thread-pools.thread-pool.http-thread-pool.max-thread-pool-size="50" && \ + ${ASADMIN} set server-config.thread-pools.thread-pool.http-thread-pool.max-queue-size="" && \ + ${ASADMIN} set default-config.thread-pools.thread-pool.thread-pool-1.max-thread-pool-size="250" && \ + # Enable file caching + ${ASADMIN} set server-config.network-config.protocols.protocol.http-listener-1.http.file-cache.enabled="true" && \ + ${ASADMIN} set server-config.network-config.protocols.protocol.http-listener-2.http.file-cache.enabled="true" && \ + ${ASADMIN} set default-config.network-config.protocols.protocol.http-listener-1.http.file-cache.enabled="true" && \ + ${ASADMIN} set default-config.network-config.protocols.protocol.http-listener-2.http.file-cache.enabled="true" && \ + # Enlarge EJB pools (cannot do this for server-config as set does not create new entries) + ${ASADMIN} set default-config.ejb-container.max-pool-size="128" && \ + # Misc settings + ${ASADMIN} create-system-properties fish.payara.classloading.delegate="false" && \ + ${ASADMIN} create-system-properties jersey.config.client.readTimeout="300000" && \ + ${ASADMIN} create-system-properties jersey.config.client.connectTimeout="300000" && \ + + ### DATAVERSE APPLICATION SPECIFICS + ${ASADMIN} set-config-dir --directory=${SECRETS_DIR} && \ + # TODO: what of the below 3 items can be deleted for container usage? + ${ASADMIN} create-network-listener --protocol=http-listener-1 --listenerport=8009 --jkenabled=true jk-connector && \ + ${ASADMIN} set server-config.network-config.protocols.protocol.http-listener-1.http.comet-support-enabled=true && \ + ${ASADMIN} create-system-properties javax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl && \ + # Always disable phoning home... + ${ASADMIN} disable-phone-home && \ + + ### CLEANUP + # Stop domain + ${ASADMIN} stop-domain ${DOMAIN_NAME} && \ + # Delete generated files + rm -rf \ + /tmp/password-change-file.txt \ + ${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}/osgi-cache \ + ${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}/logs + +# Make docroot of Payara reside in higher level directory for easier targeting +# Due to gdcc/dataverse-kubernetes#177: create the generated pathes so they are +# writeable by us. TBR with gdcc/dataverse-kubernetes#178. +RUN rm -rf ${DOMAIN_DIR}/docroot && \ + ln -s ${DOCROOT_DIR} ${DOMAIN_DIR}/docroot && \ + mkdir -p ${DOMAIN_DIR}/generated/jsp/dataverse + +### PART 3: DATAVERSE INSTALLATION ### +# Copy app and deps from assembly in proper layers +COPY --chown=payara:payara maven/deps ${DEPLOY_DIR}/dataverse/WEB-INF/lib/ +COPY --chown=payara:payara maven/app ${DEPLOY_DIR}/dataverse/ +COPY --chown=payara:payara maven/supplements ${DEPLOY_DIR}/dataverse/supplements/ +# TEMPORARY WORKAROUND FOR DATAVERSE VERSION SUPPORT +# http://github.com/IQSS/dataverse/blob/5dc5db197ab1c0c50cc7f932b45875f5699518e8/src/main/java/edu/harvard/iq/dataverse/util/SystemConfig.java#L176-L176 +COPY --chown=payara:payara maven/maven-archiver ${DEPLOY_DIR}/maven-archiver/ + +# Create symlinks for jHove +RUN ln -s ${DEPLOY_DIR}/dataverse/supplements/jhove.conf ${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}/config/jhove.conf && \ + ln -s ${DEPLOY_DIR}/dataverse/supplements/jhoveConfig.xsd ${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}/config/jhoveConfig.xsd && \ + sed -i ${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}/config/jhove.conf -e "s:/usr/local/payara5/glassfish/domains/domain1:${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}:g" + +# Copy init and application scripts +COPY --chown=payara:payara maven/scripts/app ${SCRIPT_DIR}/ +RUN chmod +x ${SCRIPT_DIR}/* + +# Set the entrypoint +ENTRYPOINT ["/usr/bin/tini", "--"] +CMD "${SCRIPT_DIR}/entrypoint.sh" \ No newline at end of file diff --git a/conf/container/assembly.xml b/conf/container/assembly.xml new file mode 100644 index 00000000000..c0ea9b1bcd1 --- /dev/null +++ b/conf/container/assembly.xml @@ -0,0 +1,53 @@ + + + + + target/${project.artifactId}-${project.version} + app + + WEB-INF/lib/**/* + + + + + target/${project.artifactId}-${project.version}/WEB-INF/lib + deps + + + + scripts/api + supplements + + data/**/* + *.sh + + + data/metadatablocks/custom*.tsv + + + + scripts/database + supplements + + reference_data.sql + + + + conf/jhove + supplements + + + + conf/container/scripts + scripts + + + + + + target/maven-archiver + maven-archiver + + + \ No newline at end of file diff --git a/conf/container/scripts/app/bootstrap-job.sh b/conf/container/scripts/app/bootstrap-job.sh new file mode 100644 index 00000000000..d7936525503 --- /dev/null +++ b/conf/container/scripts/app/bootstrap-job.sh @@ -0,0 +1,60 @@ +#!/bin/bash +################################################################################ +# This script is used to bootstrap a Dataverse installation. +# +# It runs all necessary database foo that cannot be done from EclipseLink. +# It initializes the most basic settings and +# creates root dataverse and admin account. +################################################################################ + +# Fail on any error +set -euo pipefail +# Include some sane defaults +. ${SCRIPT_DIR}/default.config +DATAVERSE_SERVICE_HOST=${DATAVERSE_SERVICE_HOST:-"dataverse"} +DATAVERSE_SERVICE_PORT_HTTP=${DATAVERSE_SERVICE_PORT_HTTP:-"8080"} +DATAVERSE_URL=${DATAVERSE_URL:-"http://${DATAVERSE_SERVICE_HOST}:${DATAVERSE_SERVICE_PORT_HTTP}"} +# The Solr Service IP is always available under its name within the same namespace. +# If people want to use a different Solr than we normally deploy, they have the +# option to override. +SOLR_K8S_HOST=${SOLR_K8S_HOST:-"solr"} + +# Check API key secret is available +if [ ! -s "${SECRETS_DIR}/api/key" ]; then + echo "No API key present. Failing." + exit 126 +fi + +# Load dataverseAdmin password if present +if [ -s "${SECRETS_DIR}/admin/password" ]; then + echo "Loading admin password from secret file." + ADMIN_PASSWORD=`cat ${SECRETS_DIR}/admin/password` +fi + +# 2) Initialize common data structures to make Dataverse usable +cd ${DEPLOY_DIR}/dataverse/supplements +# 2a) Patch load scripts with k8s based URL +sed -i -e "s#localhost:8080#${DATAVERSE_SERVICE_HOST}:${DATAVERSE_SERVICE_PORT_HTTP}#" setup-*.sh +# 2b) Patch user and root dataverse JSON with contact email +sed -i -e "s#root@mailinator.com#${CONTACT_MAIL}#" data/dv-root.json +sed -i -e "s#dataverse@mailinator.com#${CONTACT_MAIL}#" data/user-admin.json +# 2c) Use script(s) to bootstrap the instance. +./setup-all.sh --insecure -p="${ADMIN_PASSWORD:-admin}" + +# 4.) Configure Solr location +curl -sS -X PUT -d "${SOLR_K8S_HOST}:8983" "${DATAVERSE_URL}/api/admin/settings/:SolrHostColonPort" + +# 5.) Provision builtin users key to enable creation of more builtin users +if [ -s "${SECRETS_DIR}/api/userskey" ]; then + curl -sS -X PUT -d "`cat ${SECRETS_DIR}/api/userskey`" "${DATAVERSE_URL}/api/admin/settings/BuiltinUsers.KEY" +else + curl -sS -X DELETE "${DATAVERSE_URL}/api/admin/settings/BuiltinUsers.KEY" +fi + +# 6.) Block access to the API endpoints, but allow for request with key from secret +curl -sS -X PUT -d "`cat ${SECRETS_DIR}/api/key`" "${DATAVERSE_URL}/api/admin/settings/:BlockedApiKey" +curl -sS -X PUT -d unblock-key "${DATAVERSE_URL}/api/admin/settings/:BlockedApiPolicy" +curl -sS -X PUT -d admin,test "${DATAVERSE_URL}/api/admin/settings/:BlockedApiEndpoints" + +# Initial configuration of Dataverse +exec ${SCRIPT_DIR}/config-job.sh diff --git a/conf/container/scripts/app/config-job.sh b/conf/container/scripts/app/config-job.sh new file mode 100644 index 00000000000..86535b83adb --- /dev/null +++ b/conf/container/scripts/app/config-job.sh @@ -0,0 +1,66 @@ +#!/bin/bash +################################################################################ +# This script is used to configure a Dataverse installation from a ConfigMap. +# It is used solely for changing Database settings! +################################################################################ + +# Fail on any error +set -euo pipefail +DATAVERSE_SERVICE_HOST=${DATAVERSE_SERVICE_HOST:-"dataverse"} +DATAVERSE_SERVICE_PORT_HTTP=${DATAVERSE_SERVICE_PORT_HTTP:-"8080"} +DATAVERSE_URL=${DATAVERSE_URL:-"http://${DATAVERSE_SERVICE_HOST}:${DATAVERSE_SERVICE_PORT_HTTP}"} + +echo -e "\nRunning configuration job for Dataverse at ${DATAVERSE_URL}." + +# Check API key secret is available +if [ ! -s "${SECRETS_DIR}/api/key" ]; then + echo "No API key present. Failing." + exit 126 +fi +API_KEY=`cat ${SECRETS_DIR}/api/key` + +# Set Database options based on environment variables db_XXX from ConfigMap +echo "Setting Database options:" +if `env | grep -Ee '^db_' 2>&1 > /dev/null`; then + env -0 | grep -z -Ee "^db_" | while IFS='=' read -r -d '' k v; do + KEY=`echo "${k}" | sed -e 's/^db_/:/'` + echo -n "Handling ${KEY}=${v}." + if [[ -z "${v}" ]]; then + # empty var => delete the setting + echo -n " Deleting... " + OUTPUT=`curl -sSf -X DELETE "${DATAVERSE_URL}/api/admin/settings/${KEY}?unblock-key=${API_KEY}" 2>&1 || echo -n ""` + echo "$OUTPUT" | jq -rM '.status' 2>/dev/null || echo -e 'FAILED\n' "$OUTPUT" + else + # set the setting + echo -n " Setting... " + OUTPUT=`curl -sSf -X PUT -d "${v}" "${DATAVERSE_URL}/api/admin/settings/${KEY}?unblock-key=${API_KEY}" 2>&1 || echo -n ""` + echo "$OUTPUT" | jq -rM '.status' 2>/dev/null || echo -e 'FAILED\n' "$OUTPUT" + fi + done +else + echo "--- none found ---" +fi + +# Parse and configure authentication providers +echo "Deploying authentication providers:" +if [ -n "${AUTH_PROVIDERS+x}" ]; then + # iterate all providers in array + for k in $(echo "${AUTH_PROVIDERS}" | jq '. | keys | .[]'); do + # get provider element, do nice logging and create tempfile + PROVIDER=`echo "$AUTH_PROVIDERS" | jq -r ".[$k]"` + echo -n "Loading `echo "${PROVIDER}" | jq -r ".id"`: " + TMPFILE=`mktemp` + + # templating magic with esh + echo "${PROVIDER}" | esh - > "${TMPFILE}" + + # upload with nice logging + OUTPUT=`curl -sSf -H "Content-type: application/json" -X POST --upload-file "${TMPFILE}" "${DATAVERSE_URL}/api/admin/authenticationProviders?unblock-key=${API_KEY}" 2>&1 || echo -n ""` + echo "$OUTPUT" | jq -rM '.status' 2>/dev/null || echo -e 'FAILED\n' "$OUTPUT" + + # cleanup behind us, delete tempfile + rm "${TMPFILE}" + done +else + echo "--- none found ---" +fi diff --git a/conf/container/scripts/app/default.config b/conf/container/scripts/app/default.config new file mode 100644 index 00000000000..7011534bc69 --- /dev/null +++ b/conf/container/scripts/app/default.config @@ -0,0 +1,42 @@ +# Variables used in resource creation + +export DATAVERSE_DB_HOST=${DATAVERSE_DB_HOST:-"postgresql"} + +MAIL_SERVER=${MAIL_SERVER:-"postfix"} +MAIL_FROMADDRESS=${MAIL_FROMADDRESS:-"do-not-reply@mailinator.com"} +CONTACT_MAIL=${CONTACT_MAIL:-"dataverse-k8s-contact@mailinator.com"} +ENABLE_JMX_EXPORT=${ENABLE_JMX_EXPORT:-0} +JMX_EXPORTER_PORT=${JMX_EXPORTER_PORT:-8081} +JMX_EXPORTER_CONFIG=${JMX_EXPORTER_CONFIG:-"${HOME}/jmx_exporter_config.yaml"} + +##### ##### ##### ##### ##### ##### ##### ##### ##### ##### +# System properties based Dataverse configuration options +# (Exporting needed as they cannot be seen by `env` otherwise) + +export dataverse_files_directory=${dataverse_files_directory:-/data} +export dataverse_files_storage__driver__id=${dataverse_files_storage__driver__id:-local} + +if [ "${dataverse_files_storage__driver__id}" = "local" ]; then + export dataverse_files_local_type=${dataverse_files_local_type:-file} + export dataverse_files_local_label=${dataverse_files_local_label:-Local} + export dataverse_files_local_directory=${dataverse_files_local_directory:-/data} +fi + +export dataverse_rserve_host=${dataverse_rserve_host:-rserve} +export dataverse_rserve_port=${dataverse_rserve_port:-6311} +export dataverse_rserve_user=${dataverse_rserve_user:-rserve} +export dataverse_rserve_password='${ALIAS=rserve_password_alias}' +export dataverse_fqdn=${dataverse_fqdn:-"localhost"} +export dataverse_siteUrl=${dataverse_siteUrl:-"http://\${dataverse.fqdn}:8080"} +export dataverse_auth_password__reset__timeout__in__minutes=${dataverse_auth_password__reset__timeout__in__minutes:-60} +export dataverse_timerServer=${dataverse_timerServer:-true} + +export doi_username=${doi_username:-test} +export doi_password='${ALIAS=doi_password_alias}' +export doi_baseurlstring=${doi_baseurlstring:-http://mds.test.datacite.org} + +##### ##### ##### ##### ##### ##### ##### ##### ##### ##### +# Database based Dataverse configuration options +# (Exporting needed as they cannot be seen by `env` otherwise) + +export db_SystemEmail=${db_SystemEmail:-"Dataverse on K8S "} diff --git a/conf/container/scripts/app/init_2_conf_payara.sh b/conf/container/scripts/app/init_2_conf_payara.sh new file mode 100644 index 00000000000..8f90e2f0b08 --- /dev/null +++ b/conf/container/scripts/app/init_2_conf_payara.sh @@ -0,0 +1,93 @@ +#!/bin/bash +################################################################################ +# Configure Glassfish +# +# BEWARE: As this is done for Kubernetes, we will ALWAYS start with a fresh container! +# When moving to Glassfish/Payara 5+ the option commands are idempotent. +# The resources are to be created by the application on deployment, +# once Dataverse has proper refactoring, etc. +# See upstream issue IQSS/dataverse#5292 +################################################################################ + +# Fail on any error +set -e +# Include some sane defaults +. ${SCRIPT_DIR}/default.config + +# 0. Define postboot commands file to be read by Payara and clear it +DV_POSTBOOT=${PAYARA_DIR}/dataverse_postboot +echo "# Dataverse postboot configuration for Payara" > ${DV_POSTBOOT} + +# 1. Password aliases from secrets +# TODO: This is ugly and dirty. It leaves leftovers on the filesystem. +# It should be replaced by using proper config mechanisms sooner than later, +# like MicroProfile Config API. +for alias in rserve doi +do + if [ -f ${SECRETS_DIR}/$alias/password ]; then + echo "INFO: Defining password alias for $alias" + cat ${SECRETS_DIR}/$alias/password | sed -e "s#^#AS_ADMIN_ALIASPASSWORD=#" > ${SECRETS_DIR}/${alias}_asadmin + echo "create-password-alias ${alias}_password_alias --passwordfile ${SECRETS_DIR}/${alias}_asadmin" >> ${DV_POSTBOOT} + else + echo "WARNING: Could not find 'password' secret for ${alias} in ${SECRETS_DIR}. Check your Kubernetes Secrets and their mounting!" + fi +done + +# 1b. Create AWS access credentials when storage driver is set to s3 +# Find all access keys +if [ -d "${SECRETS_DIR}/s3" ]; then + S3_KEYS=`find "${SECRETS_DIR}/s3" -readable -type f -iname '*access-key'` + S3_CRED_FILE=${HOME_DIR}/.aws/credentials + mkdir -p `dirname "${S3_CRED_FILE}"` + rm -f ${S3_CRED_FILE} + # Iterate keys + while IFS= read -r S3_ACCESS_KEY; do + echo "Loading S3 key ${S3_ACCESS_KEY}" + # Try to find the secret key, parse for profile and add to the credentials file. + S3_PROFILE=`echo "${S3_ACCESS_KEY}" | sed -ne "s#.*/\(.*\)-access-key#\1#p"` + S3_SECRET_KEY=`echo "${S3_ACCESS_KEY}" | sed -ne "s#\(.*/\|.*/.*-\)access-key#\1secret-key#p"` + + if [ -r ${S3_SECRET_KEY} ]; then + [ -z "${S3_PROFILE}" ] && echo "[default]" >> "${S3_CRED_FILE}" || echo "[${S3_PROFILE}]" >> "${S3_CRED_FILE}" + cat "${S3_ACCESS_KEY}" | sed -e "s#^#aws_access_key_id = #" -e "s#\$#\n#" >> "${S3_CRED_FILE}" + cat "${S3_SECRET_KEY}" | sed -e "s#^#aws_secret_access_key = #" -e "s#\$#\n#" >> "${S3_CRED_FILE}" + echo "" >> "${S3_CRED_FILE}" + else + echo "ERROR: Could not find or read matching \"$S3_SECRET_KEY\"." + exit 1 + fi + done <<< "${S3_KEYS}" +fi + +# 2. Domain-spaced resources (JDBC, JMS, ...) +# TODO: This is ugly and dirty. It should be replaced with resources from +# EE 8 code annotations or at least glassfish-resources.xml +# NOTE: postboot commands is not multi-line capable, thus spaghetti needed. + +# JavaMail +echo "INFO: Defining JavaMail." +echo "create-javamail-resource --mailhost=${MAIL_SERVER} --mailuser=dataversenotify --fromaddress=${MAIL_FROMADDRESS} mail/notifyMailSession" >> ${DV_POSTBOOT} + +# 3. Domain based configuration options +# Set Dataverse environment variables +echo "INFO: Defining system properties for Dataverse configuration options." +#env | grep -Ee "^(dataverse|doi)_" | sort -fd +env -0 | grep -z -Ee "^(dataverse|doi)_" | while IFS='=' read -r -d '' k v; do + # transform __ to - + KEY=`echo "${k}" | sed -e "s#__#-#g"` + # transform remaining single _ to . + KEY=`echo "${KEY}" | tr '_' '.'` + + # escape colons in values + v=`echo "${v}" | sed -e 's/:/\\\:/g'` + + echo "DEBUG: Handling ${KEY}=${v}." + echo "create-system-properties ${KEY}=${v}" >> ${DV_POSTBOOT} +done + +# 4. Add the commands to the existing postboot file, but insert BEFORE deployment +echo "$(cat ${DV_POSTBOOT} | cat - ${POSTBOOT_COMMANDS} )" > ${POSTBOOT_COMMANDS} +echo "DEBUG: postboot contains the following commands:" +echo "--------------------------------------------------" +cat ${POSTBOOT_COMMANDS} +echo "--------------------------------------------------" diff --git a/conf/container/scripts/app/init_3_enabledev.sh b/conf/container/scripts/app/init_3_enabledev.sh new file mode 100644 index 00000000000..42b12498018 --- /dev/null +++ b/conf/container/scripts/app/init_3_enabledev.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +set -e + +###### ###### ###### ###### ###### ###### ###### ###### ###### ###### ###### +# This script enables different development options, like a JMX connector +# usable with VisualVM, JRebel hot-reload support and JDWP debugger service. +# Enable it by adding env vars on startup (e.g. via ConfigMap) +###### ###### ###### ###### ###### ###### ###### ###### ###### ###### ###### + +# 0. Init variables +ENABLE_JMX=${ENABLE_JMX:-0} +ENABLE_JDWP=${ENABLE_JDWP:-0} +ENABLE_JREBEL=${ENABLE_JREBEL:-0} +JDWP_PORT=${JDWP_PORT:-9009} + +DV_PREBOOT=${PAYARA_DIR}/dataverse_preboot +echo "# Dataverse preboot configuration for Payara" > ${DV_PREBOOT} + +# 1. Configure JMX (enabled by default on port 8686, but requires SSL) +# See also https://blog.payara.fish/monitoring-payara-server-with-jconsole +# To still use it, you can use a sidecar container proxying or using JMX via localhost without SSL. +if [ "x${ENABLE_JMX}" = "x1" ]; then + echo "Enabling JMX on 127.0.0.1:8686. You'll need a sidecar for this." + echo "set configs.config.server-config.admin-service.jmx-connector.system.address=127.0.0.1" >> ${DV_PREBOOT} +fi + +# 2. Enable JDWP (debugger) +if [ "x${ENABLE_JDWP}" = "x1" ]; then + echo "Enabling JDWP debugger, listening on port ${JDWP_PORT} of this container/pod." + echo "create-jvm-options --target=server-config \"-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=${JDWP_PORT}\"" >> ${DV_PREBOOT} +fi + +# 3. Enable JRebel (hot-redeploy) +if [ "x${ENABLE_JREBEL}" = "x1" ] && [ -s "${JREBEL_LIB}" ]; then + echo "Enabling JRebel support with enabled remoting_plugin option." + echo "create-jvm-options --target=server-config \"-agentpath:${JREBEL_LIB}\"" >> ${DV_PREBOOT} + echo "create-system-properties rebel.remoting_plugin=true" >> ${DV_PREBOOT} +fi + +# 4. Add the commands to the existing postboot file, but insert BEFORE deployment +echo "$(cat ${DV_PREBOOT} | cat - ${PREBOOT_COMMANDS} )" > ${PREBOOT_COMMANDS} +echo "DEBUG: preboot contains the following commands:" +echo "--------------------------------------------------" +cat ${PREBOOT_COMMANDS} +echo "--------------------------------------------------" diff --git a/conf/container/scripts/app/metadata-update.sh b/conf/container/scripts/app/metadata-update.sh new file mode 100644 index 00000000000..b7afa69d46e --- /dev/null +++ b/conf/container/scripts/app/metadata-update.sh @@ -0,0 +1,59 @@ +#!/bin/bash +################################################################################ +# This script is used to update metadata blocks from release and custom files. +################################################################################ + +# Fail on any error +set -euo pipefail +DATAVERSE_SERVICE_HOST=${DATAVERSE_SERVICE_HOST:-"dataverse"} +DATAVERSE_SERVICE_PORT_HTTP=${DATAVERSE_SERVICE_PORT_HTTP:-"8080"} +DATAVERSE_URL=${DATAVERSE_URL:-"http://${DATAVERSE_SERVICE_HOST}:${DATAVERSE_SERVICE_PORT_HTTP}"} + +SOLR_SERVICE_HOST=${SOLR_SERVICE_HOST:-"solr"} +SOLR_SERVICE_PORT_WEBHOOK=${SOLR_SERVICE_PORT_WEBHOOK:-"9000"} +SOLR_URL=${SOLR_URL:-"http://${SOLR_SERVICE_HOST}:${SOLR_SERVICE_PORT_WEBHOOK}/hooks/update-schema"} + +# Check API key secret is available +if [ ! -s "${SECRETS_DIR}/api/key" ]; then + echo "No API key present. Failing." + exit 126 +fi +API_KEY=`cat ${SECRETS_DIR}/api/key` + +# Find all TSV files +TSVS=`find "${METADATA_DIR}" "${HOME_DIR}" -maxdepth 5 -iname '*.tsv'` + +# Check for builtin blocks to be present +BUILTIN=("astrophysics.tsv" "biomedical.tsv" "citation.tsv" "geospatial.tsv" "journals.tsv" "social_science.tsv") +miss=1 +fail=1 +for mdb in "${BUILTIN[@]}"; do + grep "${mdb}" <<< "${TSVS}" > /dev/null 2>&1 || miss=0 + if [ $miss -eq 0 ]; then + echo "ERROR: could not find builtin (release) metadata block file ${mdb} within ${METADATA_DIR} or ${HOME_DIR}" + fail=0 + miss=1 + fi +done + +# Abort if any builtin metadata file has not been find- or readable +if [ $fail -eq 0 ]; then + echo "Aborting." + exit 125 +fi + +# Load metadata blocks +while IFS= read -r TSV; do + echo -n "Loading ${TSV}: " + OUTPUT=`curl -sS -f -H "Content-type: text/tab-separated-values" -X POST --data-binary "@${TSV}" "${DATAVERSE_URL}/api/admin/datasetfield/load?unblock-key=${API_KEY}" 2>&1 || echo -n ""` + echo "$OUTPUT" | jq -rM '.status' 2>/dev/null || echo -e 'FAILED\n' "$OUTPUT" +done <<< "${TSVS}" + +# Trigger Solr Index configuration update +echo "--------------" +echo "Firing webhook for Solr update. Response following:" +echo "--------------" +curl --header "Content-Type: application/json" \ + --request POST -sS -f \ + --data "`jq -Mn --arg key "${API_KEY}" --arg url "${DATAVERSE_URL}" '{ "api_key": $key, "dataverse_url": $url }'`" \ + "${SOLR_URL}" diff --git a/conf/container/scripts/system/entrypoint.sh b/conf/container/scripts/system/entrypoint.sh new file mode 100644 index 00000000000..ed656e41093 --- /dev/null +++ b/conf/container/scripts/system/entrypoint.sh @@ -0,0 +1,17 @@ +#!/bin/bash +########################################################################################################## +# +# This script is a fork of https://github.com/payara/Payara/blob/master/appserver/extras/docker-images/ +# server-full/src/main/docker/bin/entrypoint.sh and licensed under CDDL 1.1 by the Payara Foundation. +# +########################################################################################################## + +for f in ${SCRIPT_DIR}/init_* ${SCRIPT_DIR}/init.d/*; do + case "$f" in + *.sh) echo "[Entrypoint] running $f"; . "$f" ;; + *) echo "[Entrypoint] ignoring $f" ;; + esac + echo +done + +exec ${SCRIPT_DIR}/startInForeground.sh $PAYARA_ARGS diff --git a/conf/container/scripts/system/init_1_generate_deploy_commands.sh b/conf/container/scripts/system/init_1_generate_deploy_commands.sh new file mode 100644 index 00000000000..e2f0730d40f --- /dev/null +++ b/conf/container/scripts/system/init_1_generate_deploy_commands.sh @@ -0,0 +1,69 @@ +#!/bin/bash +########################################################################################################## +# +# A script to append deploy commands to the post boot command file at +# $PAYARA_HOME/scripts/post-boot-commands.asadmin file. All applications in the +# $DEPLOY_DIR (either files or folders) will be deployed. +# The $POSTBOOT_COMMANDS file can then be used with the start-domain using the +# --postbootcommandfile parameter to deploy applications on startup. +# +# Usage: +# ./generate_deploy_commands.sh +# +# Optionally, any number of parameters of the asadmin deploy command can be +# specified as parameters to this script. +# E.g., to deploy applications with implicit CDI scanning disabled: +# +# ./generate_deploy_commands.sh --properties=implicitCdiEnabled=false +# +# Environment variables used: +# - $PREBOOT_COMMANDS - the pre boot command file. +# - $POSTBOOT_COMMANDS - the post boot command file. +# +# Note that many parameters to the deploy command can be safely used only when +# a single application exists in the $DEPLOY_DIR directory. +# +########################################################################################################## +# +# This script is a fork of https://github.com/payara/Payara/blob/master/appserver/extras/docker-images/ +# server-full/src/main/docker/bin/init_1_generate_deploy_commands.sh and licensed under CDDL 1.1 +# by the Payara Foundation. +# +########################################################################################################## + +# Check required variables are set +if [ -z $DEPLOY_DIR ]; then echo "Variable DEPLOY_DIR is not set."; exit 1; fi +if [ -z $PREBOOT_COMMANDS ]; then echo "Variable PREBOOT_COMMANDS is not set."; exit 1; fi +if [ -z $POSTBOOT_COMMANDS ]; then echo "Variable POSTBOOT_COMMANDS is not set."; exit 1; fi + +# Create pre and post boot command files if they don't exist +touch $POSTBOOT_COMMANDS +touch $PREBOOT_COMMANDS + +deploy() { + + if [ -z $1 ]; then + echo "No deployment specified"; + exit 1; + fi + + DEPLOY_STATEMENT="deploy $DEPLOY_PROPS $1" + if grep -q $1 $POSTBOOT_COMMANDS; then + echo "post boot commands already deploys $1"; + else + echo "Adding deployment target $1 to post boot commands"; + echo $DEPLOY_STATEMENT >> $POSTBOOT_COMMANDS; + fi +} + +# RAR files first +for deployment in $(find $DEPLOY_DIR -mindepth 1 -maxdepth 1 -name "*.rar"); +do + deploy $deployment; +done + +# Then every other WAR, EAR, JAR or directory +for deployment in $(find $DEPLOY_DIR -mindepth 1 -maxdepth 1 ! -name "*.rar" -a -name "*.war" -o -name "*.ear" -o -name "*.jar" -o -type d); +do + deploy $deployment; +done diff --git a/conf/container/scripts/system/startInForeground.sh b/conf/container/scripts/system/startInForeground.sh new file mode 100644 index 00000000000..4f22825202c --- /dev/null +++ b/conf/container/scripts/system/startInForeground.sh @@ -0,0 +1,79 @@ +#!/bin/bash +########################################################################################################## +# +# This script is to execute Payara Server in foreground, mainly in a docker environment. +# It allows to avoid running 2 instances of JVM, which happens with the start-domain --verbose command. +# +# Usage: +# Running +# startInForeground.sh +# is equivalent to running +# asadmin start-domain +# +# It's possible to use any arguments of the start-domain command as arguments to startInForeground.sh +# +# Environment variables used: +# - $ADMIN_USER - the username to use for the asadmin utility. +# - $PASSWORD_FILE - the password file to use for the asadmin utility. +# - $PREBOOT_COMMANDS - the pre boot command file. +# - $POSTBOOT_COMMANDS - the post boot command file. +# - $DOMAIN_NAME - the name of the domain to start. +# - $JVM_ARGS - extra JVM options to pass to the Payara Server instance. +# - $AS_ADMIN_MASTERPASSWORD - the master password for the Payara Server instance. +# +# This script executes the asadmin tool which is expected at ~/appserver/bin/asadmin. +# +########################################################################################################## +# +# This script is a fork of https://github.com/payara/Payara/blob/master/appserver/ +# extras/docker-images/server-full/src/main/docker/bin/startInForeground.sh and licensed under CDDL 1.1 +# by the Payara Foundation. +# +########################################################################################################## + +# Check required variables are set +if [ -z $ADMIN_USER ]; then echo "Variable ADMIN_USER is not set."; exit 1; fi +if [ -z $PASSWORD_FILE ]; then echo "Variable PASSWORD_FILE is not set."; exit 1; fi +if [ -z $PREBOOT_COMMANDS ]; then echo "Variable PREBOOT_COMMANDS is not set."; exit 1; fi +if [ -z $POSTBOOT_COMMANDS ]; then echo "Variable POSTBOOT_COMMANDS is not set."; exit 1; fi +if [ -z $DOMAIN_NAME ]; then echo "Variable DOMAIN_NAME is not set."; exit 1; fi + +# The following command gets the command line to be executed by start-domain +# - print the command line to the server with --dry-run, each argument on a separate line +# - remove -read-string argument +# - surround each line except with parenthesis to allow spaces in paths +# - remove lines before and after the command line and squash commands on a single line + +# Create pre and post boot command files if they don't exist +touch $POSTBOOT_COMMANDS +touch $PREBOOT_COMMANDS + +OUTPUT=`${PAYARA_DIR}/bin/asadmin --user=${ADMIN_USER} --passwordfile=${PASSWORD_FILE} start-domain --dry-run --prebootcommandfile=${PREBOOT_COMMANDS} --postbootcommandfile=${POSTBOOT_COMMANDS} $@ $DOMAIN_NAME` +STATUS=$? +if [ "$STATUS" -ne 0 ] + then + echo ERROR: $OUTPUT >&2 + exit 1 +fi + +COMMAND=`echo "$OUTPUT"\ + | sed -n -e '2,/^$/p'\ + | sed "s|glassfish.jar|glassfish.jar $JVM_ARGS |g"` + +echo Executing Payara Server with the following command line: +echo $COMMAND | tr ' ' '\n' +echo + +# Run the server in foreground - read master password from variable or file or use the default "changeit" password + +set +x +if test "$AS_ADMIN_MASTERPASSWORD"x = x -a -f "$PASSWORD_FILE" + then + source "$PASSWORD_FILE" +fi +if test "$AS_ADMIN_MASTERPASSWORD"x = x + then + AS_ADMIN_MASTERPASSWORD=changeit +fi +echo "AS_ADMIN_MASTERPASSWORD=$AS_ADMIN_MASTERPASSWORD" > /tmp/masterpwdfile +exec ${COMMAND} < /tmp/masterpwdfile diff --git a/conf/docker-aio/0prep_deps.sh b/conf/docker-aio/0prep_deps.sh index 5bf44bfbe82..c26492b2d25 100755 --- a/conf/docker-aio/0prep_deps.sh +++ b/conf/docker-aio/0prep_deps.sh @@ -4,10 +4,10 @@ if [ ! -d dv/deps ]; then fi wdir=`pwd` -if [ ! -e dv/deps/payara-5.2020.6.zip ]; then +if [ ! -e dv/deps/payara-5.2021.4.zip ]; then echo "payara dependency prep" # no more fiddly patching :) - wget https://s3-eu-west-1.amazonaws.com/payara.fish/Payara+Downloads/5.2020.6/payara-5.2020.6.zip -O dv/deps/payara-5.2020.6.zip + wget https://s3-eu-west-1.amazonaws.com/payara.fish/Payara+Downloads/5.2021.4/payara-5.2021.4.zip -O dv/deps/payara-5.2021.4.zip fi if [ ! -e dv/deps/solr-8.8.1dv.tgz ]; then diff --git a/conf/docker-aio/c8.dockerfile b/conf/docker-aio/c8.dockerfile index 72643d0e566..4fe12201fc3 100644 --- a/conf/docker-aio/c8.dockerfile +++ b/conf/docker-aio/c8.dockerfile @@ -23,7 +23,7 @@ COPY disableipv6.conf /etc/sysctl.d/ RUN rm /etc/httpd/conf/* COPY httpd.conf /etc/httpd/conf RUN cd /opt ; tar zxf /tmp/dv/deps/solr-8.8.1dv.tgz -RUN cd /opt ; unzip /tmp/dv/deps/payara-5.2020.6.zip ; ln -s /opt/payara5 /opt/glassfish4 +RUN cd /opt ; unzip /tmp/dv/deps/payara-5.2021.4.zip ; ln -s /opt/payara5 /opt/glassfish4 # this copy of domain.xml is the result of running `asadmin set server.monitoring-service.module-monitoring-levels.jvm=LOW` on a default glassfish installation (aka - enable the glassfish REST monitir endpoint for the jvm` # this dies under Java 11, do we keep it? diff --git a/conf/solr/Dockerfile b/conf/solr/Dockerfile new file mode 100644 index 00000000000..8e67f038601 --- /dev/null +++ b/conf/solr/Dockerfile @@ -0,0 +1,27 @@ +# Copyright 2019 Forschungszentrum Jülich GmbH +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 + +FROM solr:@solr.version@ + +LABEL maintainer="FDM FZJ " + +ENV SOLR_OPTS="-Dsolr.jetty.request.header.size=102400" \ + COLLECTION="collection1" \ + CONFIGSET="dataverse" \ + CONFIGSETS_DIR=/opt/solr-@solr.version@/server/solr/configsets + +USER root +# Create the Dataverse configset for Solr +# 1) Copy the default configset +# 2) Modify with config files from build context +RUN true && \ + cp -a ${CONFIGSETS_DIR}/_default ${CONFIGSETS_DIR}/${CONFIGSET} && \ + rm ${CONFIGSETS_DIR}/${CONFIGSET}/conf/managed-schema +COPY --chown=root:root maven/config/*.xml ${CONFIGSETS_DIR}/${CONFIGSET}/conf/ + +USER ${SOLR_USER} +# Make the precreate script build our collection on startup (can change the env vars to use different) +CMD ["sh", "-c", "solr-precreate ${COLLECTION} ${CONFIGSETS_DIR}/${CONFIGSET}"] \ No newline at end of file diff --git a/conf/solr/assembly.xml b/conf/solr/assembly.xml new file mode 100644 index 00000000000..1c832f1f5f0 --- /dev/null +++ b/conf/solr/assembly.xml @@ -0,0 +1,24 @@ + + + + + conf/solr/${solr.version} + config + + *.xml + + + + + + conf/solr/${solr.version} + scripts + + *.sh + + + + \ No newline at end of file diff --git a/doc/release-notes/7700-upgrade-payara.md b/doc/release-notes/7700-upgrade-payara.md new file mode 100644 index 00000000000..de7c58bf963 --- /dev/null +++ b/doc/release-notes/7700-upgrade-payara.md @@ -0,0 +1,19 @@ +### Payara 5.2021.4 (or Higher) Required + +Some changes in this release require an upgrade to Payara 5.2021.4 or higher. + +Instructions on how to update can be found in the +[Payara documentation](https://docs.payara.fish/community/docs/5.2021.4/documentation/user-guides/upgrade-payara.html) + +It would likely be safer to upgrade Payara first, while still running Dataverse 5.6, and then proceed with the steps +below. Upgrading from an earlier version of Payara should be a straightforward process: + +1. Undeploy Dataverse +2. Stop Payara +3. Move the current Payara directory out of the way +4. Unzip the new Payara version in its place +5. Replace the brand new payara/glassfish/domains/domain1 with your old, preserved `domain1` +6. Start Payara, deploy Dataverse 5.6. + +We still recommend that you read the detailed upgrade instructions above and if you run into any issues with this +upgrade, it will help to be able to separate them from any problems with the upgrade of Dataverse proper. diff --git a/doc/sphinx-guides/source/developers/dev-environment.rst b/doc/sphinx-guides/source/developers/dev-environment.rst index 85ea91b26e8..264324fb604 100755 --- a/doc/sphinx-guides/source/developers/dev-environment.rst +++ b/doc/sphinx-guides/source/developers/dev-environment.rst @@ -85,9 +85,9 @@ To install Payara, run the following commands: ``cd /usr/local`` -``sudo curl -O -L https://s3-eu-west-1.amazonaws.com/payara.fish/Payara+Downloads/5.2020.6/payara-5.2020.6.zip`` +``sudo curl -O -L https://s3-eu-west-1.amazonaws.com/payara.fish/Payara+Downloads/5.2021.4/payara-5.2021.4.zip`` -``sudo unzip payara-5.2020.6.zip`` +``sudo unzip payara-5.2021.4.zip`` ``sudo chown -R $USER /usr/local/payara5`` diff --git a/doc/sphinx-guides/source/installation/prerequisites.rst b/doc/sphinx-guides/source/installation/prerequisites.rst index f0f7fab3511..4f04024607f 100644 --- a/doc/sphinx-guides/source/installation/prerequisites.rst +++ b/doc/sphinx-guides/source/installation/prerequisites.rst @@ -44,7 +44,7 @@ On RHEL/derivative you can make Java 11 the default with the ``alternatives`` co Payara ------ -Payara 5.2020.6 is recommended. Newer versions might work fine, regular updates are recommended. +Payara 5.2021.4 is recommended. Newer versions might work fine, regular updates are recommended. Installing Payara ================= @@ -55,8 +55,8 @@ Installing Payara - Download and install Payara (installed in ``/usr/local/payara5`` in the example commands below):: - # wget https://s3-eu-west-1.amazonaws.com/payara.fish/Payara+Downloads/5.2020.6/payara-5.2020.6.zip - # unzip payara-5.2020.6.zip + # wget https://s3-eu-west-1.amazonaws.com/payara.fish/Payara+Downloads/5.2021.4/payara-5.2021.4.zip + # unzip payara-5.2021.4.zip # mv payara5 /usr/local If you intend to install and run Payara under a service account (and we hope you do), chown -R the Payara hierarchy to root to protect it but give the service account access to the below directories: diff --git a/downloads/download.sh b/downloads/download.sh index 8c2b51dd4c7..c9cd2942295 100755 --- a/downloads/download.sh +++ b/downloads/download.sh @@ -1,5 +1,5 @@ #!/bin/sh -curl -L -O https://s3-eu-west-1.amazonaws.com/payara.fish/Payara+Downloads/5.2020.6/payara-5.2020.6.zip +curl -L -O https://s3-eu-west-1.amazonaws.com/payara.fish/Payara+Downloads/5.2021.4/payara-5.2021.4.zip curl -L -O https://archive.apache.org/dist/lucene/solr/8.8.1/solr-8.8.1.tgz curl -L -O https://search.maven.org/remotecontent?filepath=org/jboss/weld/weld-osgi-bundle/2.2.10.Final/weld-osgi-bundle-2.2.10.Final-glassfish4.jar curl -s -L http://sourceforge.net/projects/schemaspy/files/schemaspy/SchemaSpy%205.0.0/schemaSpy_5.0.0.jar/download > schemaSpy_5.0.0.jar diff --git a/pom.xml b/pom.xml index ca2d3570956..3078f46ad4c 100644 --- a/pom.xml +++ b/pom.xml @@ -26,8 +26,10 @@ false 8.0.0 - 5.2020.6 + 5.2021.4 42.2.19 + 13 + 8.8.1 1.11.762 1.2 3.12.0 @@ -59,6 +61,18 @@ + + payara-nexus-artifacts + Payara Nexus Artifacts + https://nexus.payara.fish/repository/payara-artifacts + + true + + + false + + + payara-patched-externals Payara Patched Externals @@ -336,7 +350,7 @@ org.apache.solr solr-solrj - 8.8.1 + ${solr.version} org.apache.commons @@ -714,10 +728,20 @@ + + org.apache.maven.plugins + maven-compiler-plugin + 3.8.1 + + 11 + + ${compilerArgument} + + org.apache.maven.plugins maven-jar-plugin - 2.3 + 3.2.0 @@ -730,7 +754,7 @@ org.apache.maven.plugins maven-war-plugin - 2.3 + 3.3.1 true false @@ -745,12 +769,12 @@ org.apache.maven.plugins maven-dependency-plugin - 3.1.1 + 3.1.2 de.qaware.maven go-offline-maven-plugin - 1.2.1 + 1.2.8 @@ -837,31 +861,10 @@ all-unit-tests - - Java9Plus - - [1.9 - - - - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.0 - - 11 - - ${compilerArgument} - - - - - tc true - 9.6 @@ -887,5 +890,100 @@ + + ct + + true + false + false + gdcc/dataverse-k8s:${project.version} + gdcc/solr-k8s:${project.version} + + + + + io.fabric8 + docker-maven-plugin + 0.36.0 + + + + + dataverse + ${app.image.name} + + ${app.build.skip} + ${project.basedir}/conf/container/Dockerfile + @ + + tar + gnu + ${project.basedir}/conf/container/assembly.xml + + + + + dataverse + changeme + + dataverse + + 8080:8080 + + + custom + dataverse + + + solr + postgresql + + + + + + solr + ${solr.image.name} + + ${solr.build.skip} + ${project.basedir}/conf/solr/Dockerfile + @ + + tar + gnu + ${project.basedir}/conf/solr/assembly.xml + + + + solr + + custom + dataverse + + + + + + postgresql + postgres:${postgresql.server.version} + + postgresql + + custom + dataverse + + + dataverse + changeme + + + + + true + + + + + diff --git a/scripts/vagrant/setup.sh b/scripts/vagrant/setup.sh index 14f12cea692..fdce9210ef4 100644 --- a/scripts/vagrant/setup.sh +++ b/scripts/vagrant/setup.sh @@ -53,7 +53,7 @@ SOLR_USER=solr echo "Ensuring Unix user '$SOLR_USER' exists" useradd $SOLR_USER || : DOWNLOAD_DIR='/dataverse/downloads' -PAYARA_ZIP="$DOWNLOAD_DIR/payara-5.2020.6.zip" +PAYARA_ZIP="$DOWNLOAD_DIR/payara-5.2021.4.zip" SOLR_TGZ="$DOWNLOAD_DIR/solr-8.8.1.tgz" if [ ! -f $PAYARA_ZIP ] || [ ! -f $SOLR_TGZ ]; then echo "Couldn't find $PAYARA_ZIP or $SOLR_TGZ! Running download script...." diff --git a/src/main/java/edu/harvard/iq/dataverse/util/DataSourceProducer.java b/src/main/java/edu/harvard/iq/dataverse/util/DataSourceProducer.java index 02ba331cdd5..b393ca4a605 100644 --- a/src/main/java/edu/harvard/iq/dataverse/util/DataSourceProducer.java +++ b/src/main/java/edu/harvard/iq/dataverse/util/DataSourceProducer.java @@ -38,7 +38,7 @@ //}) // // ... but at this time we don't think we need any. The full list -// of properties can be found at https://docs.payara.fish/community/docs/5.2020.6/documentation/payara-server/jdbc/advanced-connection-pool-properties.html#full-list-of-properties +// of properties can be found at https://docs.payara.fish/community/docs/5.2021.4/documentation/payara-server/jdbc/advanced-connection-pool-properties.html#full-list-of-properties // // All these properties cannot be configured via MPCONFIG as Payara doesn't support this (yet). To be enhanced. // See also https://github.com/payara/Payara/issues/5024