8-June-2022

Attending 

• Chris Hyzer, Penn, Chair
• Shilen Patel, Duke
• Chad Redmon, UNC
• Vivek Sachdiva, independent  
• JJ, Unicon
• Emily Eisbruch, Internet2

DISCUSSION

•  Internet2 Intellectual Property Policy
  
• Review AIs  Grouper Project Action Items (Google Doc)

• Agenda bash
  

Grouper 2.69 was released

• Hoping for feedback
• Already a couple of issues
• Vivek, messaging provisioner testing, fields in attributes, compare logic for fields had issues.  
• Now refactored so attributes work the way fields used to work
• With membership change in a group, it marks the group as an update, attributes get sent to the target
• Need to differentiate between membership changes and other
• We have 4 cache buckets
• We don’t cache everything
• Maybe we should add column to sync table that is representation of entire object
• Then for a non recalc we can check the state we think is in target
• Cache for non recalc
• And only send updates for changed fields
• Hopefully Grouper knows change did not involve memberships, and will update each attribute,
• For entities not sure how that works
• We don’t get change lots about subjects that change
• So might not catch that in the incremental
• Need representation from target
• And have Daemon to update subjects when they change
• And on member row tick the last updated item and provisioner can see that and compare w cached target version? 
•   downside of caching the data is need for more storage
• People like to use messaging, this replaces the existing messaging change log consumer
•  
• There is a design for SQL to Midpoint messenger, but it’s not a reality yet
• JJ is hearing interest in SCIM provisioning

Current Work

Vivek

• Working on unit tests
• One more set of tests remaining
• Will fix Start with  scaffolding for LDAP
• Need to get every single provisioning test working
• Tests for start with scaffolding
• Make more youtubes

Shilen

• GRP-4062 Incremental loader full sync check issue
• Shilen and Chris will discuss default for kicking off sync
• Shilen can work on USDU and being able to force updates
• Each daemon type can have other configuration associated with it
  
  
• Suggestion : Grouper would have a task to run every so often to check for an update to Grouper member table
• AI Chris make a wiki with steps for shilen’s work on USDU 
•  

Chris

• OSGI, needed way to allow Grouper without Jar Hell
• Proposed to used OSGI to package plug ins
• There was a proof of concept, but there were some issues
• JJ stripped it down 
• JJ has issue validating CAS,  with PACK4J, used method not available in Java 8
• Jacks B needed for Java 11
• Not packaged with Java as of Java 11
• Tell user to use SAML instead of CAS
• Suggestion: JJ should try Java startup approach
• There is a JIRA for Java 11:  https://todos.internet2.edu/browse/GRP-2046
•  
• Might be issue in Java 17: deprecated Com.sun classes
• With Java 17 you have to remove
  
  
• There was a login ID field
• That is removed from quick mapping for entities
• There is a sync log table.
• In Grouper 2.69 there is a daemon to delete things older than one week
• GRP-4074
• Grouper
• GRP-4075  allow configuration in ldap to truncate part of the group name
• Chris will make additional youtubes
• Plan is to stabilize Grouper 2.69
  
  
• Suggestion : For sprints: Suggestion to tag versions as preview 1 or preview 1
• For people who don’t look at release notes
• Answer: people need to look at release notes

Chad

• Closed TODOs from recent Grouper training
• Subjects table in Grouper, the wiki shows the Old UI
• How to customize the UI in general, including showing the version and the banner on main page
• Wiki doc on this is out of date
• Chad will make wiki updates
  
  
• Issue of green and red and validation
•  
• Next big task for Chad: visualization , being able to input a user
• All groups would cascade up to show groups a user is in
• Can select in a batch, one query
• Chris will write up this job
• Shilens trace work would link to this
  
  
• Chad is giving a base camp talk
• Chris is giving a base camp provisioning introduction

Issue Roundup 

Grouper Emails in past two weeks

• [grouper-users] Provisioning Grouper stem attribute values to LDAP, Robert Bradley, 06/01/2022

• AI Chris will look at the email Provisioning Grouper stem attribute values to LDAP, Robert Bradley, 06/01/2022

Jiras in past two weeks

• GRP-4072
  Add loader configuration to the OSGI services
  
  
  
• 
  GRP-4071
  StemFinder missing addStemName(String) method
  
  
  
• 
  GRP-4070
  osgi updates to initialize and register default classes like configs
  
  
  
• 
  GRP-4069
  remove loginid from entity provisioner drop down
  
  
  
• 
  GRP-4068
  provisioning (non membership) attributes not updated with incremental
  
  
  
• 
  GRP-4067
  add daemon to remove old sync log rows
  
  
  
• 
  GRP-4066
  group update idindex should add a chnagelog entry
  
  
  
• 
  GRP-4065
  log a certain number of DAO errors per provisioning run
  
  
  
• 
  GRP-4064
  auto-translate DN for ldap provisioning
  
  
  
• 
  GRP-4063
  gsh template add a "warning" output status
  
  
  
• 
  GRP-4062
  Incremental loader full sync check issue
  
  
  
• 
  GRP-4061
  add provisioning option to delete groups with no members
  
  
  
• 
  GRP-4060
  grouper smtp is enabled by default
  
  
  
• 
  GRP-4059
  pspng null pointer in log and setup test
  
  
  
• 
  GRP-4058
  LDAP loader form missing option to schedule job
  
  
  
• 
  GRP-4057
  could not find membership on delete
  
  
  
• 
  GRP-4056
  "Export configuration file" only exports DB properties without any indication
  
  
  
• 
  GRP-4055
  dont even try to do * in sql sync, it doe

Grouper wiki updates in past two weeks

• Grouper custom template via GSH

• v2.6 Release Notes

• v2.6 Upgrade Instructions from v2.6

• Grouper LDAP provisioner in v2.5

• Grouper LDAP provisioner startWith scaffolding

• Release steps for new container build

• Grouper logging dynamic configuration