docker profiles, docker compose, mysql entrypoint, security
Co-authored-by: Christoph <tobi@urpost.de>
This commit is contained in:
Christoph
@ -1,10 +1,12 @@
|
||||
FROM gradle:jdk11 AS build
|
||||
COPY --chown=gradle:gradle . /home/gradle/src
|
||||
WORKDIR /home/gradle/src
|
||||
RUN chmod +x ./pull-wait-for-it.sh
|
||||
RUN gradle bootJar --no-daemon
|
||||
|
||||
FROM openjdk:11-jre-slim
|
||||
RUN mkdir /app
|
||||
COPY --from=build /home/gradle/src/build/libs/*.jar /app/gruppen2.jar
|
||||
ENTRYPOINT ["java"]
|
||||
CMD ["-Dspring.profiles.active=docker", "-jar", "/app/gruppen2.jar"]
|
||||
COPY --from=build /home/gradle/src/wait-for-it.sh /app/wait-for-it.sh
|
||||
#ENTRYPOINT ["java"]
|
||||
#CMD ["-Dspring.profiles.active=docker", "-jar", "/app/gruppen2.jar"]
|
||||
|
||||
10
build.gradle
10
build.gradle
@ -59,8 +59,8 @@ dependencies {
|
||||
implementation 'org.springframework.boot:spring-boot-starter-security'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-web'
|
||||
|
||||
compile group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-client', version: '2.2.5.RELEASE'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
|
||||
implementation 'org.springframework.security.oauth:spring-security-oauth2:2.4.0.RELEASE'
|
||||
|
||||
implementation 'org.keycloak:keycloak-spring-boot-starter:9.0.0'
|
||||
implementation 'org.keycloak.bom:keycloak-adapter-bom:9.0.0'
|
||||
@ -68,7 +68,7 @@ dependencies {
|
||||
implementation 'io.springfox:springfox-swagger2:2.9.2'
|
||||
implementation 'io.springfox:springfox-swagger-ui:2.9.2'
|
||||
implementation 'com.github.javafaker:javafaker:1.0.2'
|
||||
implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-csv:2.10.2'
|
||||
implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-csv:2.10.3'
|
||||
|
||||
compileOnly 'org.projectlombok:lombok'
|
||||
annotationProcessor 'org.projectlombok:lombok'
|
||||
@ -76,10 +76,6 @@ dependencies {
|
||||
runtimeOnly 'com.h2database:h2'
|
||||
runtimeOnly 'mysql:mysql-connector-java'
|
||||
|
||||
compile group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.4.0.RELEASE'
|
||||
|
||||
compile 'com.fasterxml.jackson.dataformat:jackson-dataformat-csv:2.10.3'
|
||||
|
||||
testImplementation 'org.assertj:assertj-core:3.15.0'
|
||||
testImplementation('org.springframework.boot:spring-boot-starter-test') {
|
||||
exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
|
||||
|
||||
@ -10,12 +10,14 @@ services:
|
||||
restart: always
|
||||
volumes:
|
||||
- './mysql/db/storage:/var/lib/mysql'
|
||||
- './mysql/db/entrypoint:/docker-entrypoint-initdb.d/'
|
||||
ports:
|
||||
- '3306:3306'
|
||||
gruppen2app:
|
||||
gruppenapp:
|
||||
build: .
|
||||
container_name: 'gruppen2app'
|
||||
container_name: 'gruppenapp'
|
||||
depends_on:
|
||||
- dbmysql
|
||||
command: ["/app/wait-for-it.sh", "dbmysql:3306", "--", "java", "-Dspring.profiles.active=docker", "-jar", "/app/gruppen2.jar"]
|
||||
ports:
|
||||
- '8081:8080'
|
||||
|
||||
@ -48,7 +48,7 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
|
||||
|
||||
@Bean
|
||||
@Scope(scopeName = WebApplicationContext.SCOPE_REQUEST,
|
||||
proxyMode = ScopedProxyMode.TARGET_CLASS)
|
||||
proxyMode = ScopedProxyMode.TARGET_CLASS)
|
||||
public AccessToken getAccessToken() {
|
||||
HttpServletRequest request =
|
||||
((ServletRequestAttributes) RequestContextHolder
|
||||
@ -61,17 +61,14 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
super.configure(http);
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/actuator/**")
|
||||
.hasRole("monitoring")
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/h2-console/**")
|
||||
.permitAll()
|
||||
.anyRequest()
|
||||
.permitAll();
|
||||
|
||||
http.csrf().disable();
|
||||
http.headers().frameOptions().disable();
|
||||
.antMatchers("/actuator/**")
|
||||
.hasRole("monitoring")
|
||||
.anyRequest()
|
||||
.permitAll()
|
||||
.and()
|
||||
.csrf()
|
||||
.ignoringAntMatchers("/gruppen2/createOrga")
|
||||
.ignoringAntMatchers("/gruppen2/details/members/addUsersFromCsv");
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -1,12 +1,13 @@
|
||||
application.name=gruppen2
|
||||
logging.pattern.console=[${application.name}],%magenta(%-5level), %d{dd-MM-yyyy HH:mm:ss.SSS}, %highlight(%msg),%thread,%logger.%M%n
|
||||
spring.datasource.platform=h2
|
||||
spring.datasource.url=jdbc:h2:mem:blogdb
|
||||
spring.datasource.driverClassName=org.h2.Driver
|
||||
spring.datasource.driver-class-name=org.h2.Driver
|
||||
spring.datasource.username=sa
|
||||
spring.datasource.password=
|
||||
spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
|
||||
spring.h2.console.enabled=true
|
||||
logging.level.org.springframework.jdbc.core=DEBUG
|
||||
spring.h2.console.enabled=false
|
||||
logging.level.org.springframework.jdbc.core=INFO
|
||||
keycloak.principal-attribute=preferred_username
|
||||
keycloak.auth-server-url=https://keycloak.cs.hhu.de/auth
|
||||
keycloak.realm=MOPS
|
||||
@ -18,4 +19,3 @@ keycloak.use-resource-role-mappings=true
|
||||
keycloak.autodetect-bearer-only=true
|
||||
keycloak.confidential-port=443
|
||||
server.error.include-stacktrace=always
|
||||
server.port=8080
|
||||
|
||||
@ -1,17 +1,17 @@
|
||||
application.name=gruppen2
|
||||
logging.pattern.console=[${application.name}],%magenta(%-5level), %d{dd-MM-yyyy HH:mm:ss.SSS}, %highlight(%msg),%thread,%logger.%M%n
|
||||
|
||||
spring.datasource.initialization-mode=always
|
||||
spring.datasource.platform=mysql
|
||||
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
|
||||
spring.datasource.initialization-mode=NEVER
|
||||
spring.datasource.url=jdbc:mysql://dbmysql:3306/gruppen2
|
||||
spring.datasource.username=root
|
||||
spring.datasource.password=geheim
|
||||
|
||||
keycloak.principal-attribute=preferred_username
|
||||
keycloak.auth-server-url=https://keycloak.cs.hhu.de/auth
|
||||
keycloak.realm=MOPS
|
||||
hhu_keycloak.token-uri=https://keycloak.cs.hhu.de/auth/realms/MOPS/protocol/openid-connect/token
|
||||
keycloak.resource=gruppenfindung
|
||||
keycloak.credentials.secret= fc6ebf10-8c63-4e71-a667-4eae4e8209a1
|
||||
keycloak.credentials.secret=fc6ebf10-8c63-4e71-a667-4eae4e8209a1
|
||||
keycloak.verify-token-audience=true
|
||||
keycloak.use-resource-role-mappings=true
|
||||
keycloak.autodetect-bearer-only=true
|
||||
|
||||
10
src/main/resources/schema-h2.sql
Normal file
10
src/main/resources/schema-h2.sql
Normal file
@ -0,0 +1,10 @@
|
||||
DROP TABLE IF EXISTS event;
|
||||
|
||||
CREATE TABLE event
|
||||
(
|
||||
event_id INT PRIMARY KEY AUTO_INCREMENT,
|
||||
group_id VARCHAR(36) NOT NULL,
|
||||
user_id VARCHAR(50),
|
||||
event_type VARCHAR(32),
|
||||
event_payload VARCHAR(2500)
|
||||
);
|
||||
@ -1,14 +0,0 @@
|
||||
-- noinspection SqlDialectInspectionForFile
|
||||
|
||||
-- noinspection SqlNoDataSourceInspectionForFile
|
||||
|
||||
DROP TABLE IF EXISTS event;
|
||||
|
||||
CREATE TABLE event
|
||||
(
|
||||
event_id INT PRIMARY KEY AUTO_INCREMENT,
|
||||
group_id VARCHAR(36) NOT NULL,
|
||||
user_id VARCHAR(50),
|
||||
event_type VARCHAR(32),
|
||||
event_payload VARCHAR(2500)
|
||||
);
|
||||
Reference in New Issue
Block a user