You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by ex...@apache.org on 2023/03/22 14:45:50 UTC
[nifi] branch main updated: NIFI-11312 Rationalised Registry Docker scripts in one location
This is an automated email from the ASF dual-hosted git repository.
exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new c7df46eefd NIFI-11312 Rationalised Registry Docker scripts in one location
c7df46eefd is described below
commit c7df46eefde41931235f2f6af62ff381eed7ae25
Author: Chris Sampson <ch...@gmail.com>
AuthorDate: Mon Mar 20 21:57:57 2023 +0000
NIFI-11312 Rationalised Registry Docker scripts in one location
This closes #7064
Signed-off-by: David Handermann <ex...@apache.org>
---
.../nifi-registry-docker/dockerhub/sh/start.sh | 1 +
.../dockerhub/sh/update_flow_provider.sh | 3 ++
.../dockerhub/sh/update_login_providers.sh | 1 +
.../dockerhub/sh/update_oidc_properties.sh | 18 +++----
.../nifi-registry-docker-maven/dockermaven/pom.xml | 16 ++++++
.../dockermaven/sh/common.sh | 28 ----------
.../dockermaven/sh/secure.sh | 57 --------------------
.../dockermaven/sh/start.sh | 63 ----------------------
.../dockermaven/sh/update_bundle_provider.sh | 48 -----------------
.../dockermaven/sh/update_database.sh | 24 ---------
.../dockermaven/sh/update_flow_provider.sh | 47 ----------------
.../dockermaven/sh/update_login_providers.sh | 48 -----------------
.../dockermaven/sh/update_oidc_properties.sh | 27 ----------
13 files changed, 29 insertions(+), 352 deletions(-)
diff --git a/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/start.sh b/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/start.sh
index eba4ef217e..2703395516 100755
--- a/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/start.sh
+++ b/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/start.sh
@@ -42,6 +42,7 @@ case ${AUTH} in
;;
oidc)
echo 'Enabling OIDC user authentication'
+ prop_replace 'nifi.registry.security.needClientAuth' 'false'
. "${scripts_dir}/secure.sh"
. "${scripts_dir}/update_oidc_properties.sh"
diff --git a/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_flow_provider.sh b/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_flow_provider.sh
index 92a921422d..87fa5bdf72 100644
--- a/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_flow_provider.sh
+++ b/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_flow_provider.sh
@@ -35,6 +35,9 @@ case ${NIFI_REGISTRY_FLOW_PROVIDER} in
file)
xmlstarlet ed --inplace -u "${property_xpath}/class" -v "org.apache.nifi.registry.provider.flow.FileSystemFlowPersistenceProvider" "${providers_file}"
;;
+ database)
+ xmlstarlet ed --inplace -u "${property_xpath}/class" -v "org.apache.nifi.registry.provider.flow.DatabaseFlowPersistenceProvider" "${providers_file}"
+ ;;
git)
xmlstarlet ed --inplace -u "${property_xpath}/class" -v "org.apache.nifi.registry.provider.flow.git.GitFlowPersistenceProvider" "${providers_file}"
add_property "Remote To Push" "${NIFI_REGISTRY_GIT_REMOTE:-}"
diff --git a/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_login_providers.sh b/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_login_providers.sh
index e3280b56aa..b6e4650a42 100755
--- a/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_login_providers.sh
+++ b/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_login_providers.sh
@@ -45,3 +45,4 @@ edit_property 'Url' "${LDAP_URL}"
edit_property 'User Search Base' "${LDAP_USER_SEARCH_BASE}"
edit_property 'User Search Filter' "${LDAP_USER_SEARCH_FILTER}"
edit_property 'Identity Strategy' "${LDAP_IDENTITY_STRATEGY}"
+edit_property 'Referral Strategy' "${LDAP_REFERRAL_STRATEGY}"
diff --git a/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_oidc_properties.sh b/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_oidc_properties.sh
index 827a40edba..d1ddff7f94 100644
--- a/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_oidc_properties.sh
+++ b/nifi-registry/nifi-registry-core/nifi-registry-docker/dockerhub/sh/update_oidc_properties.sh
@@ -15,13 +15,11 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-prop_replace 'nifi.security.user.oidc.discovery.url' "${NIFI_SECURITY_USER_OIDC_DISCOVERY_URL}"
-prop_replace 'nifi.security.user.oidc.connect.timeout' "${NIFI_SECURITY_USER_OIDC_CONNECT_TIMEOUT}"
-prop_replace 'nifi.security.user.oidc.read.timeout' "${NIFI_SECURITY_USER_OIDC_READ_TIMEOUT}"
-prop_replace 'nifi.security.user.oidc.client.id' "${NIFI_SECURITY_USER_OIDC_CLIENT_ID}"
-prop_replace 'nifi.security.user.oidc.client.secret' "${NIFI_SECURITY_USER_OIDC_CLIENT_SECRET}"
-prop_replace 'nifi.security.user.oidc.preferred.jwsalgorithm' "${NIFI_SECURITY_USER_OIDC_PREFERRED_JWSALGORITHM}"
-prop_replace 'nifi.security.user.oidc.additional.scopes' "${NIFI_SECURITY_USER_OIDC_ADDITIONAL_SCOPES}"
-prop_replace 'nifi.security.user.oidc.claim.identifying.user' "${NIFI_SECURITY_USER_OIDC_CLAIM_IDENTIFYING_USER}"
-prop_replace 'nifi.security.user.oidc.fallback.claims.identifying.user' "${NIFI_SECURITY_USER_OIDC_FALLBACK_CLAIMS_IDENTIFYING_USER}"
-prop_replace 'nifi.security.user.oidc.truststore.strategy' "${NIFI_SECURITY_USER_OIDC_TRUSTSTORE_STRATEGY}"
+prop_replace 'nifi.registry.security.user.oidc.discovery.url' "${NIFI_REGISTRY_SECURITY_USER_OIDC_DISCOVERY_URL}"
+prop_replace 'nifi.registry.security.user.oidc.connect.timeout' "${NIFI_REGISTRY_SECURITY_USER_OIDC_CONNECT_TIMEOUT}"
+prop_replace 'nifi.registry.security.user.oidc.read.timeout' "${NIFI_REGISTRY_SECURITY_USER_OIDC_READ_TIMEOUT}"
+prop_replace 'nifi.registry.security.user.oidc.client.id' "${NIFI_REGISTRY_SECURITY_USER_OIDC_CLIENT_ID}"
+prop_replace 'nifi.registry.security.user.oidc.client.secret' "${NIFI_REGISTRY_SECURITY_USER_OIDC_CLIENT_SECRET}"
+prop_replace 'nifi.registry.security.user.oidc.preferred.jwsalgorithm' "${NIFI_REGISTRY_SECURITY_USER_OIDC_PREFERRED_JWSALGORITHM}"
+prop_replace 'nifi.registry.security.user.oidc.additional.scopes' "${NIFI_REGISTRY_SECURITY_USER_OIDC_ADDITIONAL_SCOPES}"
+prop_replace 'nifi.registry.security.user.oidc.claim.identifying.user' "${NIFI_REGISTRY_SECURITY_USER_OIDC_CLAIM_IDENTIFYING_USER}"
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/pom.xml b/nifi-registry/nifi-registry-docker-maven/dockermaven/pom.xml
index af2fbbecc4..174ba0e78c 100644
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/pom.xml
+++ b/nifi-registry/nifi-registry-docker-maven/dockermaven/pom.xml
@@ -47,6 +47,22 @@
<plugin>
<artifactId>maven-antrun-plugin</artifactId>
<executions>
+ <execution>
+ <id>copy-scripts-for-docker</id>
+ <phase>process-sources</phase>
+ <configuration>
+ <target name="copy docker scripts to nifi-registry-docker for image build">
+ <copy todir="${project.basedir}/target/sh" overwrite="true" flatten="true">
+ <fileset dir="${project.basedir}/../../nifi-registry-core/nifi-registry-docker/dockerhub/sh" includes="*.sh">
+ <include name="*.sh" />
+ </fileset>
+ </copy>
+ </target>
+ </configuration>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ </execution>
<execution>
<id>copy-for-docker</id>
<phase>process-sources</phase>
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/common.sh b/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/common.sh
deleted file mode 100755
index 0f594d9aed..0000000000
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/common.sh
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/sh -e
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# 1 - value to search for
-# 2 - value to replace
-# 3 - file to perform replacement inline
-prop_replace () {
- target_file=${3:-${nifi_registry_props_file}}
- echo 'replacing target file ' ${target_file}
- sed -i -e "s|^$1=.*$|$1=$2|" ${target_file}
-}
-
-# NIFI_REGISTRY_HOME is defined by an ENV command in the backing Dockerfile
-export nifi_registry_props_file=${NIFI_REGISTRY_HOME}/conf/nifi-registry.properties
-export hostname=$(hostname)
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/secure.sh b/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/secure.sh
deleted file mode 100644
index 8a7a5bbed5..0000000000
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/secure.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/bin/sh -e
-
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-scripts_dir='/opt/nifi-registry/scripts'
-
-[ -f "${scripts_dir}/common.sh" ] && . "${scripts_dir}/common.sh"
-
-# Perform idempotent changes of configuration to support secure environments
-echo 'Configuring environment with SSL settings'
-
-: ${KEYSTORE_PATH:?"Must specify an absolute path to the keystore being used."}
-if [ ! -f "${KEYSTORE_PATH}" ]; then
- echo "Keystore file specified (${KEYSTORE_PATH}) does not exist."
- exit 1
-fi
-: ${KEYSTORE_TYPE:?"Must specify the type of keystore (JKS, PKCS12, PEM) of the keystore being used."}
-: ${KEYSTORE_PASSWORD:?"Must specify the password of the keystore being used."}
-
-: ${TRUSTSTORE_PATH:?"Must specify an absolute path to the truststore being used."}
-if [ ! -f "${TRUSTSTORE_PATH}" ]; then
- echo "Keystore file specified (${TRUSTSTORE_PATH}) does not exist."
- exit 1
-fi
-: ${TRUSTSTORE_TYPE:?"Must specify the type of truststore (JKS, PKCS12, PEM) of the truststore being used."}
-: ${TRUSTSTORE_PASSWORD:?"Must specify the password of the truststore being used."}
-
-prop_replace 'nifi.registry.security.keystore' "${KEYSTORE_PATH}"
-prop_replace 'nifi.registry.security.keystoreType' "${KEYSTORE_TYPE}"
-prop_replace 'nifi.registry.security.keystorePasswd' "${KEYSTORE_PASSWORD}"
-prop_replace 'nifi.registry.security.keyPasswd' "${KEY_PASSWORD:-$KEYSTORE_PASSWORD}"
-prop_replace 'nifi.registry.security.truststore' "${TRUSTSTORE_PATH}"
-prop_replace 'nifi.registry.security.truststoreType' "${TRUSTSTORE_TYPE}"
-prop_replace 'nifi.registry.security.truststorePasswd' "${TRUSTSTORE_PASSWORD}"
-
-# Disable HTTP and enable HTTPS
-prop_replace 'nifi.registry.web.http.port' ''
-prop_replace 'nifi.registry.web.http.host' ''
-prop_replace 'nifi.registry.web.https.port' "${NIFI_REGISTRY_WEB_HTTPS_PORT:-18443}"
-prop_replace 'nifi.registry.web.https.host' "${NIFI_REGISTRY_WEB_HTTPS_HOST:-$HOSTNAME}"
-
-# Establish initial user and an associated admin identity
-sed -i -e 's|<property name="Initial User Identity 1">.*</property>|<property name="Initial User Identity 1">'"${INITIAL_ADMIN_IDENTITY}"'</property>|' ${NIFI_REGISTRY_HOME}/conf/authorizers.xml
-sed -i -e 's|<property name="Initial Admin Identity">.*</property>|<property name="Initial Admin Identity">'"${INITIAL_ADMIN_IDENTITY}"'</property>|' ${NIFI_REGISTRY_HOME}/conf/authorizers.xml
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/start.sh b/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/start.sh
deleted file mode 100755
index 2703395516..0000000000
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/start.sh
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/sh -e
-
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-scripts_dir='/opt/nifi-registry/scripts'
-
-[ -f "${scripts_dir}/common.sh" ] && . "${scripts_dir}/common.sh"
-
-# Establish baseline properties
-prop_replace 'nifi.registry.web.http.port' "${NIFI_REGISTRY_WEB_HTTP_PORT:-18080}"
-prop_replace 'nifi.registry.web.http.host' "${NIFI_REGISTRY_WEB_HTTP_HOST:-$HOSTNAME}"
-
-. ${scripts_dir}/update_database.sh
-
-# Check if we are secured or unsecured
-case ${AUTH} in
- tls)
- echo 'Enabling Two-Way SSL user authentication'
- . "${scripts_dir}/secure.sh"
- ;;
- ldap)
- echo 'Enabling LDAP user authentication'
- # Reference ldap-provider in properties
- prop_replace 'nifi.registry.security.identity.provider' 'ldap-identity-provider'
- prop_replace 'nifi.registry.security.needClientAuth' 'false'
-
- . "${scripts_dir}/secure.sh"
- . "${scripts_dir}/update_login_providers.sh"
- ;;
- oidc)
- echo 'Enabling OIDC user authentication'
- prop_replace 'nifi.registry.security.needClientAuth' 'false'
-
- . "${scripts_dir}/secure.sh"
- . "${scripts_dir}/update_oidc_properties.sh"
- ;;
-esac
-
-. "${scripts_dir}/update_flow_provider.sh"
-. "${scripts_dir}/update_bundle_provider.sh"
-
-# Continuously provide logs so that 'docker logs' can produce them
-tail -F "${NIFI_REGISTRY_HOME}/logs/nifi-registry-app.log" &
-"${NIFI_REGISTRY_HOME}/bin/nifi-registry.sh" run &
-nifi_registry_pid="$!"
-
-trap "echo Received trapped signal, beginning shutdown...;" KILL TERM HUP INT EXIT;
-
-echo NiFi-Registry running with PID ${nifi_registry_pid}.
-wait ${nifi_registry_pid}
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_bundle_provider.sh b/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_bundle_provider.sh
deleted file mode 100644
index 27d5c940ac..0000000000
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_bundle_provider.sh
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh -e
-
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-providers_file=${NIFI_REGISTRY_HOME}/conf/providers.xml
-property_xpath='/providers/extensionBundlePersistenceProvider'
-
-add_property() {
- property_name=$1
- property_value=$2
-
- if [ -n "${property_value}" ]; then
- xmlstarlet ed --inplace --subnode "${property_xpath}" --type elem -n property -v "${property_value}" \
- -i \$prev --type attr -n name -v "${property_name}" \
- "${providers_file}"
- fi
-}
-
-xmlstarlet ed --inplace -u "${property_xpath}/property[@name='Extension Bundle Storage Directory']" -v "${NIFI_REGISTRY_BUNDLE_STORAGE_DIR:-./extension_bundles}" "${providers_file}"
-
-case ${NIFI_REGISTRY_BUNDLE_PROVIDER} in
- file)
- xmlstarlet ed --inplace -u "${property_xpath}/class" -v "org.apache.nifi.registry.provider.extension.FileSystemBundlePersistenceProvider" "${providers_file}"
- ;;
- s3)
- xmlstarlet ed --inplace -u "${property_xpath}/class" -v "org.apache.nifi.registry.aws.S3BundlePersistenceProvider" "${providers_file}"
- add_property "Region" "${NIFI_REGISTRY_S3_REGION:-}"
- add_property "Bucket Name" "${NIFI_REGISTRY_S3_BUCKET_NAME:-}"
- add_property "Key Prefix" "${NIFI_REGISTRY_S3_KEY_PREFIX:-}"
- add_property "Credentials Provider" "${NIFI_REGISTRY_S3_CREDENTIALS_PROVIDER:-DEFAULT_CHAIN}"
- add_property "Access Key" "${NIFI_REGISTRY_S3_ACCESS_KEY:-}"
- add_property "Secret Access Key" "${NIFI_REGISTRY_S3_SECRET_ACCESS_KEY:-}"
- add_property "Endpoint URL" "${NIFI_REGISTRY_S3_ENDPOINT_URL:-}"
- ;;
-esac
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_database.sh b/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_database.sh
deleted file mode 100644
index 59d94d7b39..0000000000
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_database.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh -e
-
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-prop_replace 'nifi.registry.db.url' "${NIFI_REGISTRY_DB_URL:-jdbc:h2:./database/nifi-registry-primary;AUTOCOMMIT=OFF;DB_CLOSE_ON_EXIT=FALSE;LOCK_MODE=3;LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE}"
-prop_replace 'nifi.registry.db.driver.class' "${NIFI_REGISTRY_DB_CLASS:-org.h2.Driver}"
-prop_replace 'nifi.registry.db.driver.directory' "${NIFI_REGISTRY_DB_DIR:-}"
-prop_replace 'nifi.registry.db.username' "${NIFI_REGISTRY_DB_USER:-nifireg}"
-prop_replace 'nifi.registry.db.password' "${NIFI_REGISTRY_DB_PASS:-nifireg}"
-prop_replace 'nifi.registry.db.maxConnections' "${NIFI_REGISTRY_DB_MAX_CONNS:-5}"
-prop_replace 'nifi.registry.db.sql.debug' "${NIFI_REGISTRY_DB_DEBUG_SQL:-false}"
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_flow_provider.sh b/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_flow_provider.sh
deleted file mode 100644
index 95c9099337..0000000000
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_flow_provider.sh
+++ /dev/null
@@ -1,47 +0,0 @@
-#!/bin/sh -e
-
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-providers_file=${NIFI_REGISTRY_HOME}/conf/providers.xml
-property_xpath='/providers/flowPersistenceProvider'
-
-add_property() {
- property_name=$1
- property_value=$2
-
- if [ -n "${property_value}" ]; then
- xmlstarlet ed --inplace --subnode "${property_xpath}" --type elem -n property -v "${property_value}" \
- -i \$prev --type attr -n name -v "${property_name}" \
- "${providers_file}"
- fi
-}
-
-xmlstarlet ed --inplace -u "${property_xpath}/property[@name='Flow Storage Directory']" -v "${NIFI_REGISTRY_FLOW_STORAGE_DIR:-./flow_storage}" "${providers_file}"
-
-case ${NIFI_REGISTRY_FLOW_PROVIDER} in
- file)
- xmlstarlet ed --inplace -u "${property_xpath}/class" -v "org.apache.nifi.registry.provider.flow.FileSystemFlowPersistenceProvider" "${providers_file}"
- ;;
- database)
- xmlstarlet ed --inplace -u "${property_xpath}/class" -v "org.apache.nifi.registry.provider.flow.DatabaseFlowPersistenceProvider" "${providers_file}"
- ;;
- git)
- xmlstarlet ed --inplace -u "${property_xpath}/class" -v "org.apache.nifi.registry.provider.flow.git.GitFlowPersistenceProvider" "${providers_file}"
- add_property "Remote To Push" "${NIFI_REGISTRY_GIT_REMOTE:-}"
- add_property "Remote Access User" "${NIFI_REGISTRY_GIT_USER:-}"
- add_property "Remote Access Password" "${NIFI_REGISTRY_GIT_PASSWORD:-}"
- ;;
-esac
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_login_providers.sh b/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_login_providers.sh
deleted file mode 100755
index b6e4650a42..0000000000
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_login_providers.sh
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh -e
-
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-login_providers_file=${NIFI_REGISTRY_HOME}/conf/identity-providers.xml
-property_xpath='//identityProviders/provider/property'
-
-# Update a given property in the login-identity-providers file if a value is specified
-edit_property() {
- property_name=$1
- property_value=$2
-
- if [ -n "${property_value}" ]; then
- xmlstarlet ed --inplace -u "${property_xpath}[@name='${property_name}']" -v "${property_value}" "${login_providers_file}"
- fi
-}
-
-# Remove comments to enable the ldap-provider
-sed -i '/To enable the ldap-identity-provider remove/d' "${login_providers_file}"
-
-edit_property 'Authentication Strategy' "${LDAP_AUTHENTICATION_STRATEGY}"
-edit_property 'Manager DN' "${LDAP_MANAGER_DN}"
-edit_property 'Manager Password' "${LDAP_MANAGER_PASSWORD}"
-edit_property 'TLS - Keystore' "${LDAP_TLS_KEYSTORE}"
-edit_property 'TLS - Keystore Password' "${LDAP_TLS_KEYSTORE_PASSWORD}"
-edit_property 'TLS - Keystore Type' "${LDAP_TLS_KEYSTORE_TYPE}"
-edit_property 'TLS - Truststore' "${LDAP_TLS_TRUSTSTORE}"
-edit_property 'TLS - Truststore Password' "${LDAP_TLS_TRUSTSTORE_PASSWORD}"
-edit_property 'TLS - Truststore Type' "${LDAP_TLS_TRUSTSTORE_TYPE}"
-edit_property 'TLS - Protocol' "${LDAP_TLS_PROTOCOL}"
-edit_property 'Url' "${LDAP_URL}"
-edit_property 'User Search Base' "${LDAP_USER_SEARCH_BASE}"
-edit_property 'User Search Filter' "${LDAP_USER_SEARCH_FILTER}"
-edit_property 'Identity Strategy' "${LDAP_IDENTITY_STRATEGY}"
-edit_property 'Referral Strategy' "${LDAP_REFERRAL_STRATEGY}"
diff --git a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_oidc_properties.sh b/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_oidc_properties.sh
deleted file mode 100644
index 77819f69c5..0000000000
--- a/nifi-registry/nifi-registry-docker-maven/dockermaven/sh/update_oidc_properties.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/sh -e
-
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-prop_replace 'nifi.registry.security.user.oidc.discovery.url' "${NIFI_REGISTRY_SECURITY_USER_OIDC_DISCOVERY_URL}"
-prop_replace 'nifi.registry.security.user.oidc.connect.timeout' "${NIFI_REGISTRY_SECURITY_USER_OIDC_CONNECT_TIMEOUT}"
-prop_replace 'nifi.registry.security.user.oidc.read.timeout' "${NIFI_REGISTRY_SECURITY_USER_OIDC_READ_TIMEOUT}"
-prop_replace 'nifi.registry.security.user.oidc.client.id' "${NIFI_REGISTRY_SECURITY_USER_OIDC_CLIENT_ID}"
-prop_replace 'nifi.registry.security.user.oidc.client.secret' "${NIFI_REGISTRY_SECURITY_USER_OIDC_CLIENT_SECRET}"
-prop_replace 'nifi.registry.security.user.oidc.preferred.jwsalgorithm' "${NIFI_REGISTRY_SECURITY_USER_OIDC_PREFERRED_JWSALGORITHM}"
-prop_replace 'nifi.registry.security.user.oidc.additional.scopes' "${NIFI_REGISTRY_SECURITY_USER_OIDC_ADDITIONAL_SCOPES}"
-prop_replace 'nifi.registry.security.user.oidc.claim.identifying.user' "${NIFI_REGISTRY_SECURITY_USER_OIDC_CLAIM_IDENTIFYING_USER}"
-prop_replace 'nifi.registry.security.user.oidc.fallback.claims.identifying.user' "${NIFI_REGISTRY_SECURITY_USER_OIDC_FALLBACK_CLAIMS_IDENTIFYING_USER}"
-prop_replace 'nifi.registry.security.user.oidc.truststore.strategy' "${NIFI_REGISTRY_SECURITY_USER_OIDC_TRUSTSTORE_STRATEGY}"