Rework spring-security-hybrid-usage samples instructions

SAP · Oct 28, 2024 · ada3501 · ada3501
1 parent 3a0eb2e
commit ada3501
Show file tree

Hide file tree

Showing 7 changed files with 223 additions and 138 deletions.
diff --git a/samples/k8s-deploy-and-test.sh b/samples/k8s-deploy-and-test.sh
@@ -64,13 +64,13 @@ prepare_image() {
 
 #prepare deployment file and deploy the app, first argument is sample name
 deploy_app() {
-  sed "s/.*containers.*/      imagePullSecrets:\n        - name: sap-image-registry\n&/; s/<YOUR IMAGE REPOSITORY>/${REPOSITORY}\/$1:$VERSION/" ./k8s/deployment.yml | kubectl apply -f - -n "$NAMESPACE"
+  sed "s/.*containers.*/      imagePullSecrets:\n        - name: sap-image-registry\n&/; s/<YOUR IMAGE TAG>/${REPOSITORY}\/$1:$VERSION/" ./k8s/deployment.yml | kubectl apply -f - -n "$NAMESPACE"
   sleep 30
 }
 
 #delete the deployed app, first argument is sample name
 delete_deployment() {
-  sed "s/.*containers.*/      imagePullSecrets:\n        - name: sap-image-registry\n&/; s/<YOUR IMAGE REPOSITORY>/${REPOSITORY}\/$1:$VERSION/" ./k8s/deployment.yml | kubectl delete -f - -n "$NAMESPACE"
+  sed "s/.*containers.*/      imagePullSecrets:\n        - name: sap-image-registry\n&/; s/<YOUR IMAGE TAG>/${REPOSITORY}\/$1:$VERSION/" ./k8s/deployment.yml | kubectl delete -f - -n "$NAMESPACE"
   sleep 7
 }
 

diff --git a/samples/spring-security-hybrid-usage/README.md b/samples/spring-security-hybrid-usage/README.md
diff --git a/samples/spring-security-hybrid-usage/k8s/deployment.yml b/samples/spring-security-hybrid-usage/k8s/deployment.yml
@@ -16,15 +16,15 @@ spec:
         - x509
     scopes:
       - name: "$XSAPPNAME.Read"
-        description: Read Permissions.
+        description: Scope for spring-security-hybrid-usage sample application
     role-templates:
       - name: Viewer
-        description: View Data
+        description: Role for spring-security-hybrid-usage sample application
         scope-references:
           - "$XSAPPNAME.Read"
     role-collections:
-      - name: XSUAA-Viewer
-        description: Viewer (read)
+      - name: "Sample Viewer (spring-security-hybrid-usage)"
+        description: Role collection for spring-security-hybrid-usage sample application
         role-template-references:
           - "$XSAPPNAME.Viewer"
 ---
@@ -42,7 +42,7 @@ spec:
 #  name: xsuaa-broker
 #spec:
 #  serviceOfferingName: xsuaa
-#  servicePlanName: application
+#  servicePlanName: broker
 #  parameters:
 #    xsappname: spring-security-hybrid-usage
 #    tenant-mode: dedicated
@@ -51,15 +51,15 @@ spec:
 #        - x509
 #    scopes:
 #      - name: "$XSAPPNAME.Read"
-#        description: Read Permissions.
+#        description: Scope for spring-security-hybrid-usage sample application
 #    role-templates:
 #      - name: Viewer
-#        description: View Data
+#        description: Role for spring-security-hybrid-usage sample application
 #        scope-references:
 #          - "$XSAPPNAME.Read"
 #    role-collections:
-#      - name: XSUAA-Viewer
-#        description: Viewer (read)
+#      - name: "Sample Viewer via broker (spring-security-hybrid-usage)"
+#        description: Role collection for spring-security-hybrid-usage broker access
 #        role-template-references:
 #          - "$XSAPPNAME.Viewer"
 #---
@@ -111,7 +111,7 @@ spec:
         kyma-grafana: enabled
     spec:
       containers:
-        - image: <YOUR IMAGE REPOSITORY>
+        - image: <YOUR IMAGE TAG>
           env:
             - name: SERVICE_BINDING_ROOT
               value: "/bindings"

diff --git a/samples/spring-security-hybrid-usage/manifest.yml b/samples/spring-security-hybrid-usage/manifest.yml
@@ -5,7 +5,6 @@
 # configured for EU10. For other landscapes, please adopt LANDSCAPE_APPS_DOMAIN in ../vars.yml
 # If the route is occupied, you might need to change ID in ../vars.yml
 applications:
-# The sample application.
 - name: spring-security-hybrid-usage
   instances: 1
   memory: 896M
@@ -18,6 +17,7 @@ applications:
     JBP_CONFIG_OPEN_JDK_JRE: '{jre: { version: 17.0.+ }}'
   services:
     - name: xsuaa-authn
+#    - name: xsuaa-broker
     - name: ias-authn
       parameters: { "credential-type": "X509_GENERATED" }
 
diff --git a/samples/spring-security-hybrid-usage/pom.xml b/samples/spring-security-hybrid-usage/pom.xml
@@ -104,6 +104,13 @@
 			<plugin>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-maven-plugin</artifactId>
+				<configuration>
+					<image>
+						<env>
+							<BP_JVM_VERSION>${java.version}</BP_JVM_VERSION>
+						</env>
+					</image>
+				</configuration>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>

diff --git a/samples/spring-security-hybrid-usage/xs-security-broker.json b/samples/spring-security-hybrid-usage/xs-security-broker.json
@@ -0,0 +1,32 @@
+{
+  "xsappname": "spring-security-hybrid-usage",
+  "description": "SAP BTP Spring Security Client Library Hybrid sample application",
+  "tenant-mode": "dedicated",
+  "oauth2-configuration": {
+    "credential-types": ["x509"]
+  },
+  "scopes": [
+    {
+      "name": "$XSAPPNAME.Read",
+      "description": "Scope for spring-security-hybrid-usage sample application"
+    }
+  ],
+  "role-templates": [
+    {
+      "name": "Viewer",
+      "description": "Role for spring-security-hybrid-usage sample application",
+      "scope-references": [
+        "$XSAPPNAME.Read"
+      ]
+    }
+  ],
+  "role-collections": [
+    {
+      "name": "Sample Viewer via broker (spring-security-hybrid-usage)",
+      "description": "Role collection for spring-security-hybrid-usage broker access",
+      "role-template-references": [
+        "$XSAPPNAME.Viewer"
+      ]
+    }
+  ]
+}  
diff --git a/samples/spring-security-hybrid-usage/xs-security.json b/samples/spring-security-hybrid-usage/xs-security.json
@@ -1,28 +1,29 @@
 {
   "xsappname": "spring-security-hybrid-usage",
+  "description": "SAP BTP Spring Security Client Library Hybrid sample application",
   "tenant-mode": "dedicated",
   "oauth2-configuration": {
     "credential-types": ["x509"]
   },
   "scopes": [
     {
       "name": "$XSAPPNAME.Read",
-      "description": "Read Permissions."
+      "description": "Scope for spring-security-hybrid-usage sample application"
     }
   ],
   "role-templates": [
     {
       "name": "Viewer",
-      "description": "View Data",
+      "description": "Role for spring-security-hybrid-usage sample application",
       "scope-references": [
         "$XSAPPNAME.Read"
       ]
     }
   ],
   "role-collections": [
     {
-      "name": "XSUAA-Viewer",
-      "description": "Viewer (read)",
+      "name": "Sample Viewer (spring-security-hybrid-usage)",
+      "description": "Role collection for spring-security-hybrid-usage sample application",
       "role-template-references": [
         "$XSAPPNAME.Viewer"
       ]