Merge branch 'malowe/main/11' into 'main'

Iss. #11 - Update docker-compose for FDN API, update auth defaults See merge request !5

Merge branch 'malowe/main/11' into 'main'
Iss. #11 - Update docker-compose for FDN API, update auth defaults See merge request !5
df7a0dd9 · Martin Lowe · 59bea6d1 · 4fdf1553 · df7a0dd9 · df7a0dd9
Commit df7a0dd9 authored 2 years ago by Martin Lowe
--- a/Makefile
+++ b/Makefile
 setup:;
-	test -f ".env"	|| cp config/.env.sample .env
-	test -f "./config/secret.properties" || cp config/secret.properties.sample config/secret.properties
+	rm .env && envsubst < config/.env.sample > .env
+	rm ./config/secret.properties && envsubst < config/secret.properties.sample > config/secret.properties
+	rm ./config/foundationdb/secret.properties && envsubst < config/foundationdb/secret.properties.sample > config/foundationdb/secret.properties
 clean:;
 	mvn clean
 install-yarn:;
@@ -13,4 +14,4 @@ compile-java: generate-spec;
 compile-java-quick: generate-spec;
 	mvn compile package -Dmaven.test.skip=true
 compile: clean compile-java;
-compile-quick: clean compile-java-quick;
\ No newline at end of file
+compile-quick: clean compile-java-quick;
--- a/README.md
+++ b/README.md
@@ -4,7 +4,11 @@ This project uses Quarkus, the Supersonic Subatomic Java Framework. If you want

 ## Setting up environment

-Before running the application, the initial setup should be observed. The initial setup of this server can be started by running the command `make setup` which will instantiate the secrets file and environment hidden file. To finish the setup of the environment file, open it and add values to the missing fields before starting docker for this project. The missing fields are primarily passwords for the various services running in docker for the project. Set them to some values and save the file. Once finished you can run the docker-compose command for this project successfully.
+Before running the application, the initial setup should be observed. The initial setup of this server can be started by running the command `make setup` which will instantiate the secrets file and environment hidden file. To finish the setup of the environment file, open it and add values to the missing fields before starting docker for this project. The missing fields are primarily passwords for the various services running in docker for the project. Set them to some values and save the file. Once finished you can run the docker-compose command for this project successfully. If you need to start MariaDB (not using a shared volume) you can use `docker-compose --profile full up` to start MariaDB along with other services.
+
+Additionally, some of the values in the .env file will need to be set into the secret.properties files in `./config/secret.properties` and `./config/foundationdb/secret.properties`. The value for `WGAPI_MYSQL_PASSWORD` will need to be set as the value for the `quarkus.datasource.password` property in both files. This will give the applications access to make changes to the databases.
+
+Once the stack is running, navigate to http://localhost:8080 and log into Keycloak using the credentials set in the `.env` file. Upon logging in in the top left corner, if the text says `Master`, then hover over the text and select `Foundation` in the pop up that appears below the text. This switches your realm to the one configured at boot time by the embedded configuration files. In the left hand menu, select `Clients` and open the `foundation` client by clicking on the name of the client. Once here, navigate to the `Credentials` tab and regenerate the secret. That text will be the value of the `quarkus.oidc.credentials.client-secret.value` property in the `./config/foundationdb/secret.properties` file. Do the same thing for the `working_groups_api` client, instead setting the value of `quarkus.oidc.credentials.secret` property in the `./config/secret.properties` file.

 ## Running the application in dev mode


--- a/config/.env.sample
+++ b/config/.env.sample
-WGAPI_MYSQL_PASSWORD=
-WGAPI_POSTGRES_DB=ef_wgapi
-WGAPI_POSTGRES_USER=root
-WGAPI_POSTGRES_PASSWORD=
-WGAPI_KEYCLOAK_USER=admin
-WGAPI_KEYCLOAK_PASSWORD=
-CONFIG_SECRET_PATH=/localdev/eclipsefdn-working-groups-api/config/secret.properties
\ No newline at end of file
+WGAPI_MYSQL_PASSWORD=$MYSQL_PASSWORD
+WGAPI_MYSQL_PORT=3306
+CONFIG_SECRET_PATH=$PWD/config/secret.properties
\ No newline at end of file
--- a/config/foundationdb/secret.properties.sample
+++ b/config/foundationdb/secret.properties.sample
+quarkus.datasource.jdbc.url=jdbc:mariadb://localhost:$FOUNDATIONDB_DB_PORT/$FOUNDATIONDB_DB_NAME
+quarkus.datasource.username=$MYSQL_USER
+quarkus.datasource.password=$MYSQL_PASSWORD
+
+quarkus.oauth2.introspection-url=http://localhost:8080/auth/realms/foundation
+quarkus.oauth2.client-id=foundation
+quarkus.oauth2.client-secret=sample
+
+quarkus.http.port=8095
\ No newline at end of file
--- a/config/mariadb/init.sql
+++ b/config/mariadb/init.sql
--- a/config/secret.properties.sample
+++ b/config/secret.properties.sample
-sample=sample
\ No newline at end of file
+quarkus.oidc.auth-server-url=http://keycloak/auth/realms/foundation
+quarkus.oidc.client-id=working_groups_api
+quarkus.oidc.credentials.secret=sample
+
+#
+#
+#
\ No newline at end of file
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -20,42 +20,37 @@ services:
        reservations:
          cpus: '0.001'
          memory: 128M
+    depends_on:
+      - foundationdb
+  foundationdb:
+    image: eclipsefdn/foundationdb-api:production-b43bc82-7
+    ports:
+      - '8095:8095'
+    environment:
+      - CONFIG_SECRET_PATH=/var/run/secrets/secret.properties
+    volumes:
+      - ./config/foundationdb:/var/run/secrets
+    deploy:
+      restart_policy:
+        condition: on-failure
+        max_attempts: 5
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 384M
+        reservations:
+          cpus: '0.001'
+          memory: 256M
  mariadb:
    image: mariadb:latest
    command: --max_allowed_packet=100000000
+    profiles:
+      - full
    ports:
-      - '3306:3306'
+      - "${WGAPI_MYSQL_PORT:-3306}:3306"
    environment:
      MYSQL_ROOT_PASSWORD: ${WGAPI_MYSQL_PASSWORD}
      MYSQL_DATABASE: working_groups_api
    volumes:
      - ./config/mariadb/init.sql:/docker-entrypoint-initdb.d/init.sql
-      - ./volumes/mariadb:/var/lib/mysql
-  postgres:
-    image: postgres:12.4
-    volumes:
-      - ./volumes/postgres:/var/lib/postgresql/data
-    environment:
-      - POSTGRES_DB=${WGAPI_POSTGRES_DB}
-      - POSTGRES_USER=${WGAPI_POSTGRES_USER}
-      - POSTGRES_PASSWORD=${WGAPI_POSTGRES_PASSWORD}
-    ports:
-      - 5432
-  keycloak:
-    image: jboss/keycloak:11.0.1
-    environment:
-      - VIRTUAL_HOST=keycloak
-      - VIRTUAL_PORT=8080
-      - DB_VENDOR=POSTGRES
-      - DB_DATABASE=${WGAPI_POSTGRES_DB}
-      - DB_SCHEMA=public
-      - DB_ADDR=postgres
-      - DB_PORT=5432
-      - DB_USER=${WGAPI_POSTGRES_USER}
-      - DB_PASSWORD=${WGAPI_POSTGRES_PASSWORD}
-      - KEYCLOAK_USER=${WGAPI_KEYCLOAK_USER}
-      - KEYCLOAK_PASSWORD=${WGAPI_KEYCLOAK_PASSWORD}
-    ports:
-      - '8080:8080'
-    depends_on:
-      - postgres
\ No newline at end of file
+      - ./volumes/mariadb:/var/lib/mysql
\ No newline at end of file