{"type":"doc","content":[{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"toc","parameters":{"macroParams":{},"macroMetadata":{"macroId":{"value":"7e7d9fc4-4b14-4c34-b17d-5aaf7c27116f"},"schemaVersion":{"value":"1"},"title":"Table of Contents"}},"localId":"c990add5-4d07-4357-a145-b9e5afd85825"}},{"type":"paragraph","content":[{"text":"The embedded Jetty that is installed by with Windows IdP installer requires a forked version of the standard 9.4 jetty-base. This differs from the standard by the addition of four files and the modification of one. Since the branch is not used in regular testing, part of the preparation for building the Windows installer is due diligence on this branch.","type":"text"}]},{"type":"paragraph","content":[{"text":"It is easiest to do this if you have the ","type":"text"},{"text":"git repository","type":"text","marks":[{"type":"link","attrs":{"href":"https://github.com/eclipse/jetty.project"}}]},{"text":" cloned and updated","type":"text"}]},{"type":"panel","attrs":{"panelType":"note"},"content":[{"type":"paragraph","content":[{"text":"This project has no J2EE/jakarta dependencies and so works with both the 10.x.y and 11.x.y versions of jetty - subject to the version of logback deployed being pinned (see below)","type":"text"}]}]},{"type":"heading","attrs":{"level":1},"content":[{"text":"Check Changes","type":"text","marks":[{"type":"textColor","attrs":{"color":"#000000"}}]}]},{"type":"paragraph","content":[{"text":"First, we need to track any changes in the ","type":"text"},{"text":"origin\\11","type":"text","marks":[{"type":"code"}]},{"text":" branch. Cherry pick in any appropriate changes.","type":"text"}]},{"type":"paragraph","content":[{"text":"We need to track breaking changes in jetty. ","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"A potential quick cut is to difference the jetty sources between the two tags","type":"text"}]},{"type":"paragraph","content":[{"text":"git diff jetty-10.0.9 jetty-10.0.10 jetty-deploy/src/main/config/etc/jetty-deploy.xml","type":"text"}]},{"type":"paragraph","content":[{"text":"and so forth.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Logback Version","type":"text"}]},{"type":"paragraph","content":[{"text":"Check the logback version in the top level pom for the jetty project and amend as appropriate","type":"text"}]},{"type":"codeBlock","content":[{"text":"1.3.5","type":"text"}]},{"type":"paragraph","content":[{"text":"You ","type":"text"},{"text":"must","type":"text","marks":[{"type":"strong"}]},{"text":" also override the version in ","type":"text"},{"text":"start.d\\idp-system.ini","type":"text","marks":[{"type":"code"}]},{"text":" ","type":"text"},{"text":"and ","type":"text","marks":[{"type":"strong"}]},{"text":"in the jetty base pom","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"The Jetty 11 and Jetty 10 versions ","type":"text"},{"text":"no longer interoperate","type":"text","marks":[{"type":"em"}]},{"text":" so you need to make changes in the jetty11 and the jetty 10 branches. In practise this does not need to be revised unless there is a logback issue.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"SLF4J Version","type":"text"}]},{"type":"paragraph","content":[{"text":"Check the slf4j version in the top level pom for the jetty project and amend as appropriate","type":"text"}]},{"type":"codeBlock","content":[{"text":"2.0.5","type":"text"}]},{"type":"paragraph","content":[{"text":"You ","type":"text"},{"text":"should ","type":"text","marks":[{"type":"strong"}]},{"text":"also override the version in ","type":"text"},{"text":"start.d\\idp-system.ini","type":"text","marks":[{"type":"code"}]},{"text":" This is defensive against Jetty 10 and Jetty 11 versions drifting apart","type":"text"}]},{"type":"paragraph","content":[{"text":"The change must be made in the pom as well as the ","type":"text"},{"text":"start.d\\idp-system.ini","type":"text","marks":[{"type":"code"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"start.d/idp.ini","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"Any changes to this file may need to be reflected in changes to the file ","type":"text"},{"text":"idp.ini.rewrite.property.names ","type":"text","marks":[{"type":"code"}]},{"text":"and/or","type":"text"},{"text":" idp.ini.windows","type":"text","marks":[{"type":"code"}]},{"text":" and/or","type":"text"},{"text":" idp-system.windows","type":"text","marks":[{"type":"code"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Properties new to ","type":"text"},{"text":"idp.ini","type":"text","marks":[{"type":"code"}]},{"text":" that occur in ","type":"text"},{"text":"idp.ini.rewrite.property.names","type":"text","marks":[{"type":"code"}]},{"text":" should be added to ","type":"text"},{"text":"idp-system.ini","type":"text","marks":[{"type":"code"}]},{"text":" if they are required","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Properties name changes must be added to","type":"text"},{"text":" idp.ini.rewrite.property.names","type":"text","marks":[{"type":"code"}]},{"text":". Note that the name changes are cumulative","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Properties new to ","type":"text"},{"text":"idp.ini","type":"text","marks":[{"type":"code"}]},{"text":" that do not occur in ","type":"text"},{"text":"idp.ini.rewrite.property.names","type":"text","marks":[{"type":"code"}]},{"text":" should be added to ","type":"text"},{"text":"idp.ini.windows","type":"text","marks":[{"type":"code"}]},{"text":" if they are required. Add them below the \"don't change these values\" lines.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"start.d/idp.ini.rewrite.property.names","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"The target property names (values) starting with ","type":"text"},{"text":"jetty.","type":"text","marks":[{"type":"code"}]},{"text":" should be checked against the distribution xml files to ensure that they are still valid. ","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"start.d/idp-system.ini","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This is reserved to you to change as requirements change,","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"etc/jetty-ssl-context.xml ","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"The is the most complex change and potentially the most fragile. In general if this file has not changed since the last release (folder ","type":"text"},{"text":"jetty-server\\src\\main\\config\\etc","type":"text","marks":[{"type":"code"}]},{"text":" and the file ","type":"text"},{"text":"jetty-util\\src\\main\\java\\org\\eclipse\\jetty\\util\\ssl\\SslContextFactory.java ","type":"text","marks":[{"type":"code"}]},{"text":" has not changed either then no changes are needed. ","type":"text"}]},{"type":"paragraph","content":[{"text":"The explicit changes are:","type":"text"}]},{"type":"codeBlock","content":[{"text":"--- a/jetty-server/src/main/config/etc/jetty-ssl-context.xml\n+++ b/jetty-server/src/main/config/etc/jetty-ssl-context.xml\n@@ -5,25 +5,10 @@\n \n \n \n- \n- \n- \n- \n- \n- \n+ \n \n \n \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n \n \n ","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"},{"text":"Deconstructed this change is","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Remove the prefixing of ","type":"text"},{"text":"KeyStorePath","type":"text","marks":[{"type":"code"}]},{"text":" with ","type":"text"},{"text":"${Jetty.base}","type":"text","marks":[{"type":"code"}]},{"text":",this allows absolute paths to be used. Procrun is setup to allow relative paths to use this shortcut.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Remove the explicit setting of 5 bean properties, allowing the Java defaults to take over.. These can be checked in ","type":"text"},{"text":"jetty-util\\src\\main\\java\\org\\eclipse\\jetty\\util\\ssl\\SslContextFactory.java","type":"text","marks":[{"type":"code"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"KeyManagerPassword","type":"text","marks":[{"type":"code"}]},{"text":" This is used in ","type":"text"},{"text":"getKeyManagers().","type":"text","marks":[{"type":"code"}]},{"text":" Having it not set means it defaults to the KeyStorePassword","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"TrustStore reading the ","type":"text"},{"text":"loadTrustStore","type":"text","marks":[{"type":"code"}]},{"text":" will show that if these three properties are not set then the keystore is used.","type":"text"}]}]}]}]}]},{"type":"paragraph","content":[{"text":"etc\\jetty-requestlog.xml","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This should track the version checked into the ","type":"text"},{"text":"10","type":"text","marks":[{"type":"code"}]},{"text":" branch","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Java files to look are","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"jetty-server\\src\\main\\java\\org\\eclipse\\jetty\\server\\Slf4jRequestLogWriter.java","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"jetty-server\\src\\main\\java\\org\\eclipse\\jetty\\server\\CustomRequestLog.java","type":"text","marks":[{"type":"code"}]}]}]}]}]}]},{"type":"heading","attrs":{"level":1},"content":[{"text":"Build & Release","type":"text","marks":[{"type":"textColor","attrs":{"color":"#000000"}}]}]},{"type":"panel","attrs":{"panelType":"note"},"content":[{"type":"paragraph","content":[{"text":"This should be done within a ","type":"text"},{"text":"docker build container","type":"text","marks":[{"type":"link","attrs":{"href":"https://github.com/iay/shibboleth-build-docker/blob/main/README.md"}}]}]}]},{"type":"codeBlock","content":[{"text":"# for interactive passphrase entry (maybe not required for others)\nexport GPG_TTY=$(tty) \n# somewhere to store a tmp maven repo\nexport REPO=/tmp/rodsrepo\ncd /tmp\ngit clone git@git.shibboleth.net:java-idp-jetty-base\ncd java-idp-jetty-base\ngit checkout -b 10-windows --track origin/10-windows\n\nmvn -Dmaven.repo.local=$REPO -Prelease clean verify\n\nmvn -Dmaven.repo.local=$REPO -DgenerateBackupPoms=false -DnewVersion=10.0.0.8-WINDOWS versions:set\n\n# Edit pom.xml, bump dependency versions to release\n# vi pom.xml\n\n# Be sure there are not SNAPSHOT deps in any pom (from base dir).\nfind . -name 'pom.xml' -exec grep SNAPSHOT {} \\;\n# If the output contains SNAPSHOTs change to release\n\nmvn -Dmaven.repo.local=$REPO -Prelease clean verify\n\ngit add -A\ngit commit -m 'Update files to be tagged for release'\ngit tag -s -m 'Tag 10.0.0.8-WINDOWS release' 10.0.0.8-WINDOWS\n\nmvn -Dmaven.repo.local=$REPO -DgenerateBackupPoms=false -DnewVersion=10.0.0.9-WINDOWS-SNAPSHOT versions:set\n\n# Be sure there are SNAPSHOTs in the right places.\nfind . -name 'pom.xml' -exec grep SNAPSHOT {} \\;\n\ngit add -A\ngit commit -m 'Bump version after release'\n\ncd /tmp/java-idp-jetty-base\n\ngit checkout 10.0.0.8-WINDOWS\nmvn -Dmaven.repo.local=$REPO -Prelease,sign clean verify\n\n## commit the work\nssh -L 1581:127.0.0.1:1581 -N build.shibboleth.net -f\nmvn -Dmaven.repo.local=$REPO -DskipTests -DdeployAtEnd=true -Prelease,sign deploy\n\ngit checkout 10-windows\ngit push origin 10-windows\ngit push origin 10.0.0.8-WINDOWS","type":"text"}]}],"version":1}