diff --git a/README.md b/README.md index 1793eec..6016f1f 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,9 @@ This repository contains orchestration files and documentation for deploying Black Duck Docker containers. -## Location of Black Duck 2019.10.0 archive: +## Location of Black Duck 2019.10.1 archive: -https://github.com/blackducksoftware/hub/archive/v2019.10.0.tar.gz +https://github.com/blackducksoftware/hub/archive/v2019.10.1.tar.gz ## Important Upgrade Announcement diff --git a/docker-compose/bin/system_check.sh b/docker-compose/bin/system_check.sh index fbb7ab4..c00e1d6 100755 --- a/docker-compose/bin/system_check.sh +++ b/docker-compose/bin/system_check.sh @@ -34,7 +34,7 @@ set -o noglob readonly NOW="$(date +"%Y%m%dT%H%M%S%z")" readonly NOW_ZULU="$(date -u +"%Y%m%dT%H%M%SZ")" -readonly HUB_VERSION="${HUB_VERSION:-2019.10.0}" +readonly HUB_VERSION="${HUB_VERSION:-2019.10.1}" readonly OUTPUT_FILE="${SYSTEM_CHECK_OUTPUT_FILE:-system_check_${NOW}.txt}" readonly PROPERTIES_FILE="${SYSTEM_CHECK_PROPERTIES_FILE:-${OUTPUT_FILE%.txt}.properties}" readonly SUMMARY_FILE="${SYSTEM_CHECK_SUMMARY_FILE:-${OUTPUT_FILE%.txt}_summary.properties}" diff --git a/docker-compose/blackduck-config.env b/docker-compose/blackduck-config.env index 2739f1c..35e8b08 100644 --- a/docker-compose/blackduck-config.env +++ b/docker-compose/blackduck-config.env @@ -21,7 +21,7 @@ BLACKDUCK_CORS_ALLOWED_HEADERS_PROP_NAME= BLACKDUCK_CORS_EXPOSED_HEADERS_PROP_NAME= # Do not change -HUB_VERSION=2019.10.0 +HUB_VERSION=2019.10.1 # Specify any property-specific overrides here # diff --git a/docker-compose/docker-compose.externaldb.yml b/docker-compose/docker-compose.externaldb.yml index 57be619..52dd6b2 100644 --- a/docker-compose/docker-compose.externaldb.yml +++ b/docker-compose/docker-compose.externaldb.yml @@ -11,7 +11,7 @@ services: authentication: links: [ cfssl, logstash, registration, zookeeper, webapp] user: authentication:root - image: blackducksoftware/blackduck-authentication:2019.10.0 + image: blackducksoftware/blackduck-authentication:2019.10.1 volumes: ['authentication-volume:/opt/blackduck/hub/hub-authentication/ldap' ,'secrets-volume:/run/secrets'] env_file: [blackduck-config.env , hub-postgres.env] healthcheck: @@ -29,7 +29,7 @@ services: webapp: links: [ cfssl, logstash, registration, zookeeper] user: webapp:root - image: blackducksoftware/blackduck-webapp:2019.10.0 + image: blackducksoftware/blackduck-webapp:2019.10.1 volumes: ['log-volume:/opt/blackduck/hub/logs', 'webapp-volume:/opt/blackduck/hub/hub-webapp/ldap' ,'secrets-volume:/run/secrets'] env_file: [blackduck-config.env , hub-postgres.env] healthcheck: @@ -47,7 +47,7 @@ services: scan: links: [ cfssl, logstash, registration, zookeeper] user: scan:root - image: blackducksoftware/blackduck-scan:2019.10.0 + image: blackducksoftware/blackduck-scan:2019.10.1 volumes: [ 'secrets-volume:/run/secrets' ] env_file: [blackduck-config.env , hub-postgres.env] healthcheck: @@ -65,7 +65,7 @@ services: jobrunner: links: [ cfssl, logstash, registration, zookeeper] user: jobrunner:root - image: blackducksoftware/blackduck-jobrunner:2019.10.0 + image: blackducksoftware/blackduck-jobrunner:2019.10.1 volumes: [ 'secrets-volume:/run/secrets' ] env_file: [blackduck-config.env , hub-postgres.env] healthcheck: @@ -104,7 +104,7 @@ services: restart: always mem_limit: 1024m registration: - image: blackducksoftware/blackduck-registration:2019.10.0 + image: blackducksoftware/blackduck-registration:2019.10.1 links: [logstash, cfssl] volumes: ['config-volume:/opt/blackduck/hub/hub-registration/config'] env_file: [blackduck-config.env] @@ -148,7 +148,7 @@ services: mem_limit: 640M tmpfs: [/opt/blackduck/hub/webserver/security] documentation: - image: blackducksoftware/blackduck-documentation:2019.10.0 + image: blackducksoftware/blackduck-documentation:2019.10.1 links: [logstash] env_file: [blackduck-config.env] user: documentation:root diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml index b7809f5..eb4971c 100644 --- a/docker-compose/docker-compose.yml +++ b/docker-compose/docker-compose.yml @@ -26,7 +26,7 @@ services: authentication: links: [postgres, cfssl, logstash, registration, zookeeper, webapp] user: authentication:root - image: blackducksoftware/blackduck-authentication:2019.10.0 + image: blackducksoftware/blackduck-authentication:2019.10.1 volumes: ['authentication-volume:/opt/blackduck/hub/hub-authentication/ldap' ] env_file: [blackduck-config.env ] healthcheck: @@ -44,7 +44,7 @@ services: webapp: links: [postgres, cfssl, logstash, registration, zookeeper] user: webapp:root - image: blackducksoftware/blackduck-webapp:2019.10.0 + image: blackducksoftware/blackduck-webapp:2019.10.1 volumes: ['log-volume:/opt/blackduck/hub/logs', 'webapp-volume:/opt/blackduck/hub/hub-webapp/ldap' ] env_file: [blackduck-config.env ] healthcheck: @@ -62,7 +62,7 @@ services: scan: links: [postgres, cfssl, logstash, registration, zookeeper] user: scan:root - image: blackducksoftware/blackduck-scan:2019.10.0 + image: blackducksoftware/blackduck-scan:2019.10.1 volumes: [ ] env_file: [blackduck-config.env ] healthcheck: @@ -80,7 +80,7 @@ services: jobrunner: links: [postgres, cfssl, logstash, registration, zookeeper] user: jobrunner:root - image: blackducksoftware/blackduck-jobrunner:2019.10.0 + image: blackducksoftware/blackduck-jobrunner:2019.10.1 volumes: [ ] env_file: [blackduck-config.env ] healthcheck: @@ -119,7 +119,7 @@ services: restart: always mem_limit: 1024m registration: - image: blackducksoftware/blackduck-registration:2019.10.0 + image: blackducksoftware/blackduck-registration:2019.10.1 links: [logstash, cfssl] volumes: ['config-volume:/opt/blackduck/hub/hub-registration/config'] env_file: [blackduck-config.env] @@ -163,7 +163,7 @@ services: mem_limit: 640M tmpfs: [/opt/blackduck/hub/webserver/security] documentation: - image: blackducksoftware/blackduck-documentation:2019.10.0 + image: blackducksoftware/blackduck-documentation:2019.10.1 links: [logstash] env_file: [blackduck-config.env] user: documentation:root diff --git a/docker-compose/external-postgres-init.pgsql b/docker-compose/external-postgres-init.pgsql index 0c99d60..ab7e419 100644 --- a/docker-compose/external-postgres-init.pgsql +++ b/docker-compose/external-postgres-init.pgsql @@ -8,15 +8,12 @@ CREATE USER blackduck_reporter; \c bds_hub CREATE EXTENSION pgcrypto; -CREATE SCHEMA ${blackduck_mt_schema} AUTHORIZATION blackduck; -GRANT USAGE ON SCHEMA ${blackduck_mt_schema} TO blackduck_user ; -GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON ALL TABLES IN SCHEMA ${blackduck_mt_schema} TO blackduck_user; -GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA ${blackduck_mt_schema} to blackduck_user; -ALTER DEFAULT PRIVILEGES IN SCHEMA ${blackduck_mt_schema} GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON TABLES TO blackduck_user; -ALTER DEFAULT PRIVILEGES IN SCHEMA ${blackduck_mt_schema} GRANT ALL PRIVILEGES ON SEQUENCES TO blackduck_user; -GRANT USAGE ON SCHEMA reporting TO blackduck_reporter; -GRANT SELECT ON ALL TABLES IN SCHEMA reporting TO blackduck_reporter; -REVOKE INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON ALL TABLES IN SCHEMA reporting FROM blackduck_reporter; +CREATE SCHEMA st AUTHORIZATION blackduck; +GRANT USAGE ON SCHEMA st TO blackduck_user ; +GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON ALL TABLES IN SCHEMA st TO blackduck_user; +GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA st to blackduck_user; +ALTER DEFAULT PRIVILEGES IN SCHEMA st GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON TABLES TO blackduck_user; +ALTER DEFAULT PRIVILEGES IN SCHEMA st GRANT ALL PRIVILEGES ON SEQUENCES TO blackduck_user; REVOKE ALL ON SCHEMA st FROM blackduck_reporter; \c bds_hub_report @@ -30,7 +27,7 @@ ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO b GRANT ALL PRIVILEGES ON DATABASE bdio TO blackduck_user; ALTER DATABASE bdio SET standard_conforming_strings TO ON; --- Stop here since Amazon RDS does not allow us to run ALTER SYSTEM +-- Stop here since cloud providers do not allow us to run ALTER SYSTEM \q ALTER SYSTEM SET autovacuum TO 'on'; diff --git a/docker-swarm/bin/system_check.sh b/docker-swarm/bin/system_check.sh index fbb7ab4..c00e1d6 100755 --- a/docker-swarm/bin/system_check.sh +++ b/docker-swarm/bin/system_check.sh @@ -34,7 +34,7 @@ set -o noglob readonly NOW="$(date +"%Y%m%dT%H%M%S%z")" readonly NOW_ZULU="$(date -u +"%Y%m%dT%H%M%SZ")" -readonly HUB_VERSION="${HUB_VERSION:-2019.10.0}" +readonly HUB_VERSION="${HUB_VERSION:-2019.10.1}" readonly OUTPUT_FILE="${SYSTEM_CHECK_OUTPUT_FILE:-system_check_${NOW}.txt}" readonly PROPERTIES_FILE="${SYSTEM_CHECK_PROPERTIES_FILE:-${OUTPUT_FILE%.txt}.properties}" readonly SUMMARY_FILE="${SYSTEM_CHECK_SUMMARY_FILE:-${OUTPUT_FILE%.txt}_summary.properties}" diff --git a/docker-swarm/blackduck-config.env b/docker-swarm/blackduck-config.env index 2739f1c..35e8b08 100644 --- a/docker-swarm/blackduck-config.env +++ b/docker-swarm/blackduck-config.env @@ -21,7 +21,7 @@ BLACKDUCK_CORS_ALLOWED_HEADERS_PROP_NAME= BLACKDUCK_CORS_EXPOSED_HEADERS_PROP_NAME= # Do not change -HUB_VERSION=2019.10.0 +HUB_VERSION=2019.10.1 # Specify any property-specific overrides here # diff --git a/docker-swarm/docker-compose.externaldb.yml b/docker-swarm/docker-compose.externaldb.yml index b0659f0..f6b09e3 100644 --- a/docker-swarm/docker-compose.externaldb.yml +++ b/docker-swarm/docker-compose.externaldb.yml @@ -6,7 +6,7 @@ version: '3.6' services: authentication: user: authentication:root - image: blackducksoftware/blackduck-authentication:2019.10.0 + image: blackducksoftware/blackduck-authentication:2019.10.1 volumes: - authentication-volume:/opt/blackduck/hub/hub-authentication/ldap - {type: tmpfs, target: /opt/blackduck/hub/hub-authentication/security} @@ -28,7 +28,7 @@ services: reservations: {memory: 1024M} webapp: user: webapp:root - image: blackducksoftware/blackduck-webapp:2019.10.0 + image: blackducksoftware/blackduck-webapp:2019.10.1 volumes: - log-volume:/opt/blackduck/hub/logs - webapp-volume:/opt/blackduck/hub/hub-webapp/ldap @@ -51,7 +51,7 @@ services: reservations: {cpus: '1', memory: 2560M} scan: user: scan:root - image: blackducksoftware/blackduck-scan:2019.10.0 + image: blackducksoftware/blackduck-scan:2019.10.1 env_file: [blackduck-config.env , hub-postgres.env] healthcheck: test: [CMD, /usr/local/bin/docker-healthcheck.sh, 'https://localhost:8443/api/health-checks/liveness', @@ -72,7 +72,7 @@ services: reservations: {cpus: '1', memory: 2560M} jobrunner: user: jobrunner:root - image: blackducksoftware/blackduck-jobrunner:2019.10.0 + image: blackducksoftware/blackduck-jobrunner:2019.10.1 env_file: [blackduck-config.env , hub-postgres.env] healthcheck: test: [CMD, /usr/local/bin/docker-healthcheck.sh] @@ -123,7 +123,7 @@ services: limits: {memory: 1024M} reservations: {memory: 1024M} registration: - image: blackducksoftware/blackduck-registration:2019.10.0 + image: blackducksoftware/blackduck-registration:2019.10.1 volumes: - config-volume:/opt/blackduck/hub/hub-registration/config - {type: tmpfs, target: /opt/blackduck/hub/hub-registration/security} @@ -178,7 +178,7 @@ services: limits: {memory: 512M} reservations: {memory: 512M} documentation: - image: blackducksoftware/blackduck-documentation:2019.10.0 + image: blackducksoftware/blackduck-documentation:2019.10.1 env_file: [blackduck-config.env] user: documentation:root healthcheck: diff --git a/docker-swarm/docker-compose.readonly.yml b/docker-swarm/docker-compose.readonly.yml index 351939d..47079f4 100644 --- a/docker-swarm/docker-compose.readonly.yml +++ b/docker-swarm/docker-compose.readonly.yml @@ -19,6 +19,7 @@ services: - /opt/blackduck/hub/tomcat - /opt/blackduck/hub/hub-webapp/logs - /opt/blackduck/hub/filebeat + - /tmp scan: read_only: true volumes: @@ -62,6 +63,7 @@ services: - /opt/blackduck/hub/hub-documentation/logs - /opt/blackduck/hub/filebeat - /opt/blackduck/hub/tomcat + - /tmp uploadcache: read_only: true volumes: diff --git a/docker-swarm/docker-compose.yml b/docker-swarm/docker-compose.yml index c287251..da76c90 100644 --- a/docker-swarm/docker-compose.yml +++ b/docker-swarm/docker-compose.yml @@ -24,7 +24,7 @@ services: stop_grace_period: 60s authentication: user: authentication:root - image: blackducksoftware/blackduck-authentication:2019.10.0 + image: blackducksoftware/blackduck-authentication:2019.10.1 volumes: - authentication-volume:/opt/blackduck/hub/hub-authentication/ldap - {type: tmpfs, target: /opt/blackduck/hub/hub-authentication/security} @@ -46,7 +46,7 @@ services: reservations: {memory: 1024M} webapp: user: webapp:root - image: blackducksoftware/blackduck-webapp:2019.10.0 + image: blackducksoftware/blackduck-webapp:2019.10.1 volumes: - log-volume:/opt/blackduck/hub/logs - webapp-volume:/opt/blackduck/hub/hub-webapp/ldap @@ -69,7 +69,7 @@ services: reservations: {cpus: '1', memory: 2560M} scan: user: scan:root - image: blackducksoftware/blackduck-scan:2019.10.0 + image: blackducksoftware/blackduck-scan:2019.10.1 env_file: [blackduck-config.env ] healthcheck: test: [CMD, /usr/local/bin/docker-healthcheck.sh, 'https://localhost:8443/api/health-checks/liveness', @@ -90,7 +90,7 @@ services: reservations: {cpus: '1', memory: 2560M} jobrunner: user: jobrunner:root - image: blackducksoftware/blackduck-jobrunner:2019.10.0 + image: blackducksoftware/blackduck-jobrunner:2019.10.1 env_file: [blackduck-config.env ] healthcheck: test: [CMD, /usr/local/bin/docker-healthcheck.sh] @@ -141,7 +141,7 @@ services: limits: {memory: 1024M} reservations: {memory: 1024M} registration: - image: blackducksoftware/blackduck-registration:2019.10.0 + image: blackducksoftware/blackduck-registration:2019.10.1 volumes: - config-volume:/opt/blackduck/hub/hub-registration/config - {type: tmpfs, target: /opt/blackduck/hub/hub-registration/security} @@ -196,7 +196,7 @@ services: limits: {memory: 512M} reservations: {memory: 512M} documentation: - image: blackducksoftware/blackduck-documentation:2019.10.0 + image: blackducksoftware/blackduck-documentation:2019.10.1 env_file: [blackduck-config.env] user: documentation:root healthcheck: diff --git a/docker-swarm/external-postgres-init.pgsql b/docker-swarm/external-postgres-init.pgsql index 0c99d60..ab7e419 100644 --- a/docker-swarm/external-postgres-init.pgsql +++ b/docker-swarm/external-postgres-init.pgsql @@ -8,15 +8,12 @@ CREATE USER blackduck_reporter; \c bds_hub CREATE EXTENSION pgcrypto; -CREATE SCHEMA ${blackduck_mt_schema} AUTHORIZATION blackduck; -GRANT USAGE ON SCHEMA ${blackduck_mt_schema} TO blackduck_user ; -GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON ALL TABLES IN SCHEMA ${blackduck_mt_schema} TO blackduck_user; -GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA ${blackduck_mt_schema} to blackduck_user; -ALTER DEFAULT PRIVILEGES IN SCHEMA ${blackduck_mt_schema} GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON TABLES TO blackduck_user; -ALTER DEFAULT PRIVILEGES IN SCHEMA ${blackduck_mt_schema} GRANT ALL PRIVILEGES ON SEQUENCES TO blackduck_user; -GRANT USAGE ON SCHEMA reporting TO blackduck_reporter; -GRANT SELECT ON ALL TABLES IN SCHEMA reporting TO blackduck_reporter; -REVOKE INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON ALL TABLES IN SCHEMA reporting FROM blackduck_reporter; +CREATE SCHEMA st AUTHORIZATION blackduck; +GRANT USAGE ON SCHEMA st TO blackduck_user ; +GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON ALL TABLES IN SCHEMA st TO blackduck_user; +GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA st to blackduck_user; +ALTER DEFAULT PRIVILEGES IN SCHEMA st GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON TABLES TO blackduck_user; +ALTER DEFAULT PRIVILEGES IN SCHEMA st GRANT ALL PRIVILEGES ON SEQUENCES TO blackduck_user; REVOKE ALL ON SCHEMA st FROM blackduck_reporter; \c bds_hub_report @@ -30,7 +27,7 @@ ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO b GRANT ALL PRIVILEGES ON DATABASE bdio TO blackduck_user; ALTER DATABASE bdio SET standard_conforming_strings TO ON; --- Stop here since Amazon RDS does not allow us to run ALTER SYSTEM +-- Stop here since cloud providers do not allow us to run ALTER SYSTEM \q ALTER SYSTEM SET autovacuum TO 'on'; diff --git a/docs/en_US/getting_started.pdf b/docs/en_US/getting_started.pdf index c16f01b..4f26c3a 100644 Binary files a/docs/en_US/getting_started.pdf and b/docs/en_US/getting_started.pdf differ diff --git a/docs/en_US/install_compose.pdf b/docs/en_US/install_compose.pdf index 82d167e..54b8347 100644 Binary files a/docs/en_US/install_compose.pdf and b/docs/en_US/install_compose.pdf differ diff --git a/docs/en_US/install_kubernetes.pdf b/docs/en_US/install_kubernetes.pdf index ab07527..7c4a142 100644 Binary files a/docs/en_US/install_kubernetes.pdf and b/docs/en_US/install_kubernetes.pdf differ diff --git a/docs/en_US/install_openshift.pdf b/docs/en_US/install_openshift.pdf index 53390cb..42c10cc 100644 Binary files a/docs/en_US/install_openshift.pdf and b/docs/en_US/install_openshift.pdf differ diff --git a/docs/en_US/install_swarm.pdf b/docs/en_US/install_swarm.pdf index 2ab86c8..694c595 100644 Binary files a/docs/en_US/install_swarm.pdf and b/docs/en_US/install_swarm.pdf differ diff --git a/docs/en_US/release_notes.pdf b/docs/en_US/release_notes.pdf index ab574dc..3af4796 100644 Binary files a/docs/en_US/release_notes.pdf and b/docs/en_US/release_notes.pdf differ