FROM jetty:9-alpine
LABEL authors="Markus Krogh <markus@nordu.net>,Jesper B. Rosenkilde <jbr@nordu.net>"

USER root
ENV IDP_VERSION 3.4.0
COPY install.properties /opt/
COPY nordu-ldap.properties /opt/
COPY shibboleth-identity-provider-${IDP_VERSION}.tar.gz.sha256 /opt/
COPY templates /opt/templates
WORKDIR /opt
RUN echo $(id) && apk --no-cache add bash apache-ant curl && \
    curl -o shibboleth-identity-provider-$IDP_VERSION.tar.gz https://shibboleth.net/downloads/identity-provider/$IDP_VERSION/shibboleth-identity-provider-$IDP_VERSION.tar.gz && \
    sha256sum -c shibboleth-identity-provider-$IDP_VERSION.tar.gz.sha256 && \
    tar xf shibboleth-identity-provider-$IDP_VERSION.tar.gz && \
    mv shibboleth-identity-provider-$IDP_VERSION shibboleth-identity-provider && \
    ./shibboleth-identity-provider/bin/install.sh -propertyfile install.properties && \
    cp -a /opt/templates/edit-webapp/* /opt/shibboleth-idp/edit-webapp/ && \
    ./shibboleth-idp/bin/build.sh && \
    apk --no-cache del apache-ant && \
    cp -a /opt/shibboleth-idp/conf /opt/org-conf && \
    cp /opt/templates/config/*.xml /opt/shibboleth-idp/conf && \
    cp -a /opt/templates/views/* /opt/shibboleth-idp/views/ && \
    sed -i '/p:postAuthenticationFlows=/ s/p:postAuthenticationFlows="attribute-release" //' /opt/shibboleth-idp/conf/relying-party.xml && \
    rm -rf shibboleth-identity-provider* install.properties nordu-ldap.properties
ADD https://mds.swamid.se/md/md-signer2.crt /opt/shibboleth-idp/credentials/
RUN chown -R jetty:jetty /opt

COPY jetty_base $JETTY_BASE
COPY shib-entrypoint.sh /shib-entrypoint.sh
USER jetty
ENTRYPOINT ["/shib-entrypoint.sh"]
WORKDIR $JETTY_BASE