Iss. #11 - Update docker-compose for FDN API, update auth defaults

Included extra defaults in secrets files, and added default realm, scopes, and clients to be added in startup for keycloak.

Iss. #11 - Update docker-compose for FDN API, update auth defaults
Included extra defaults in secrets files, and added default realm, scopes, and clients to be added in startup for keycloak.
1c60882f · Martin Lowe · e7b8a885 · 1c60882f · 1c60882f · 1c60882f
Commit 1c60882f authored 2 years ago by Martin Lowe
--- a/Makefile
+++ b/Makefile
 setup:;
 	test -f ".env"  || cp config/.env.sample .env
-	test -f "./config/secret.properties" || cp config/secret.properties.sample config/secret.properties
\ No newline at end of file
+  test -f "./config/secret.properties" || cp config/secret.properties.sample config/secret.properties
+  test -f "./config/foundationdb/secret.properties" || cp config/foundationdb/secret.properties.sample config/foundationdb/secret.properties
\ No newline at end of file
--- a/README.md
+++ b/README.md
@@ -6,6 +6,10 @@ This project uses Quarkus, the Supersonic Subatomic Java Framework. If you want

 Before running the application, the initial setup should be observed. The initial setup of this server can be started by running the command `make setup` which will instantiate the secrets file and environment hidden file. To finish the setup of the environment file, open it and add values to the missing fields before starting docker for this project. The missing fields are primarily passwords for the various services running in docker for the project. Set them to some values and save the file. Once finished you can run the docker-compose command for this project successfully.

+Additionally, some of the values in the .env file will need to be set into the secret.properties files in `./config/secret.properties` and `./config/foundationdb/secret.properties`. The value for `WGAPI_MYSQL_PASSWORD` will need to be set as the value for the  `quarkus.datasource.password` property in both files. This will give the applications access to make changes to the databases.
+
+Once the stack is running, navigate to http://localhost:8080 and log into Keycloak using the credentials set in the `.env` file. Upon logging in in the top left corner, if the text says `Master`, then hover over the text and select `Foundation` in the pop up that appears below the text. This switches your realm to the one configured at boot time by the embedded configuration files. In the left hand menu, select `Clients` and open the `foundation` client by clicking on the name of the client. Once here, navigate to the `Credentials` tab and regenerate the secret. That text will be the value of the `quarkus.oidc.credentials.client-secret.value` property in the `./config/foundationdb/secret.properties` file. Do the same thing for the `working_groups_api` client, instead setting the value of `quarkus.oidc.credentials.secret` property in the `./config/secret.properties` file.
+
 ## Running the application in dev mode

 You can run your application in dev mode that enables live coding using:

--- a/config/foundationdb/secret.properties.sample
+++ b/config/foundationdb/secret.properties.sample
+
+quarkus.datasource.jdbc.url = jdbc:mariadb://mariadb/efclone
+quarkus.datasource.username = root
+quarkus.datasource.password = sample
+
+quarkus.oauth2.introspection-url=http://keycloak/auth/realms/foundation
+quarkus.oauth2.client-id=foundation
+quarkus.oauth2.client-secret=sample
+
+quarkus.http.port=8095
\ No newline at end of file
--- a/config/keycloak/realm-export.json
+++ b/config/keycloak/realm-export.json
--- a/config/mariadb/init.sql
+++ b/config/mariadb/init.sql
--- a/config/secret.properties.sample
+++ b/config/secret.properties.sample
-sample=sample
\ No newline at end of file
+quarkus.oidc.auth-server-url=http://keycloak/auth/realms/foundation
+quarkus.oidc.client-id=working_groups_api
+quarkus.oidc.credentials.secret=sample
\ No newline at end of file
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -20,6 +20,9 @@ services:
        reservations:
          cpus: '0.001'
          memory: 128M
+    depends_on:
+      - mariadb
+      - foundationdb
  mariadb:
    image: mariadb:latest
    command: --max_allowed_packet=100000000
@@ -31,6 +34,28 @@ services:
    volumes:
      - ./config/mariadb/init.sql:/docker-entrypoint-initdb.d/init.sql
      - ./volumes/mariadb:/var/lib/mysql
+  foundationdb:
+    image: eclipsefdn/foundationdb-api:production-b43bc82-7
+    ports:
+      - '8095:8095'
+    environment:
+      - CONFIG_SECRET_PATH=/var/run/secrets/secret.properties
+    volumes:
+      - ./config/foundationdb:/var/run/secrets
+    deploy:
+      restart_policy:
+        condition: on-failure
+        max_attempts: 5
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 384M
+        reservations:
+          cpus: '0.001'
+          memory: 256M
+    depends_on:
+      - mariadb
+      - keycloak
  postgres:
    image: postgres:12.4
    volumes:
@@ -43,6 +68,10 @@ services:
      - 5432
  keycloak:
    image: jboss/keycloak:11.0.1
+    volumes:
+      - ./config/keycloak/:/opt/jboss/keycloak/imports/
+    command:
+      - "-b 0.0.0.0 -Dkeycloak.import=/opt/jboss/keycloak/imports/realm-export.json"
    environment:
      - VIRTUAL_HOST=keycloak
      - VIRTUAL_PORT=8080