Skip to content
This repository has been archived by the owner on Sep 15, 2023. It is now read-only.

20200615095930-79d0187: Version 1.0.0 (#15)
Compare
Choose a tag to compare
@fabe2913 fabe2913 released this 15 Jun 07:59
20200615095930-79d0187
79d0187
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode. 
* refactoring: configuration of actuator and loggers

* test: “out-of-BIT” development support (#14)

* test(local): docker-compose.yml with PostgreSQL-in-a-box

- PostgreSQL data is stored in a Docker persistent volume
- SQL scripts are executed with superuser privileges at database creation time

* test(local): add Keycloak server

- Persist state into PostgreSQL

- Set up suitable initdb.d script

* test(local): Keycloak "bag-pts" realm definition

- One client in `"clients"` whose `clientId` matches the one the
Covidcode UI uses (`"ha-ui-web-client"`)

- Client allows CORS from (`webOrigins`), and redirects
to (`redirectURIs`) http://localhost:4200/ (the URL of the Covidcode
UI while in development mode)

- `"publicClient"` is set to true, meaning that the Covidcode UI doesn't
need to set up a secret on its side

- Create `bag-pts-allow` role and a `doctor` user (password `doctor`)
as a member of the role

- Ensure (via suitable `"protocolMappers"` entry) that membership in
this role appears under "userroles" at the `userinfo` OIDC
endpoint (as required by Covidcode UI:
https://github.com/admin-ch/CovidCode-UI/blob/master/src/app/auth/oauth.service.ts#L91)

- Ensure (using a second `"protocolMappers"` entry) that a `ctx` claim is set to
`"USER"`, as per README.md. (On the other hand,
the audience setting doesn't appear to be required anymore)

* test(local): rewrite URLs on port 8180 with Træfik

This lets covidcode-ui obtain its endpoints from
http://localhost:8180/.well-known/openid-configuration which is its
out-of-the-box behavior.

* test(local): `mvn exec:java`

- Add suitable stanzas to pom.xml to get the Covidcode-Service to
start up using the `local` Spring profile (i.e. fake configuration and
credentials found in `src/main/resources/application-local.yml`)

- Prepare a database for it in PostgreSQL

- Need a `haauthcodegeneration` superuser and a
`haauthcodegeneration_role_full`, as both are expected by the
Covidcode-Service SQL migration scripts

squash! [feature] `mvn exec:java`

* test: Sonarqube

Persistence is done in-container with no volumes (i.e. not very
persistent at all)

* test(local): comments in YAML on how to increase logging

* test(local): `mvn exec:java` : configure for use w/ local Keycloak

- Add new Spring profile `keycloak-local` to override
`jeap.security.oauth2.resourceserver.authorization-server`
configuration

- Apply it from `mvn exec:java` in pom.xml

* docs: development lifecycle using the new docker-compose environment

* test: avoid using port 8180

While using the docker-compose workflow, port 8180 is likely to be in
use by the local KeyCloak.

Co-authored-by: Dominique Quatravaux <[email protected]>

* Update version number to 1.0.0

Co-authored-by: Fabien Cerf <[email protected]>
Co-authored-by: domq <[email protected]>
Co-authored-by: Dominique Quatravaux <[email protected]>
Assets 3
Loading