Merge pull request #553 from SORMAS-Foundation/HSP-5503-sormas-1-87-0…

…-freigabe-und-bitte-um-roll-out

Hsp 5503 sormas 1 87 0 freigabe und bitte um roll out

.env

@@ -1,9 +1,10 @@
 SORMAS_POSTGRES_PASSWORD=password
 SORMAS_POSTGRES_USER=sormas_user
 
-SORMAS_DOCKER_VERSION=2.47.0
-SORMAS_VERSION=1.86.0
-SORMAS_DEMIS_VERSION=1.31.0
+SORMAS_DOCKER_VERSION=2.48.0
+SORMAS_VERSION=1.87.0
+# only needed for CI build systems
+SORMAS_DEMIS_VERSION=1.33.0
 
 SORMAS_SERVER_URL=sormas-docker-test.com
 SORMAS_URL=https://github.com/hzi-braunschweig/SORMAS-Project/releases/download/
@@ -23,7 +24,6 @@ KEYCLOAK_SORMAS_BACKEND_SECRET=changeit
 DB_HOST=postgres
 DOMAIN_NAME=sormas
 DB_NAME=sormas
-DB_NAME_AUDIT=sormas_audit
 DB_JDBC_MAXPOOLSIZE=512
 DB_JDBC_IDLE_TIMEOUT=300
 LOCALE=de-DE
@@ -136,8 +136,6 @@ LINKMOBILITY_PASSWORD=changeit
 
 AS_ADMIN_NEWPASSWORD=N3wAsAdm!nPW
 
-DEMIS_ENABLED=false
-
 BACKUP_FILES="documents custom"
 
 SORMAS_ANGULAR_KEYCLOAK_REALM=SORMAS

.gitattributes

@@ -53,7 +53,7 @@ gradlew text eol=lf
 
 ## DOCKER
 *.dockerignore text
-Dockerfile text
+Dockerfile text eol=lf
 
 ## DOCUMENTATION
 *.markdown text

.github/workflows/pre-release.yml

@@ -17,7 +17,6 @@ jobs:
  run: | 
  echo "SORMAS_DOCKER_VERSION=$(cat .env | grep SORMAS_DOCKER_VERSION | cut -d '=' -f2)" >> $GITHUB_ENV
  echo "SORMAS_VERSION=$(cat .env | grep SORMAS_VERSION | cut -d '=' -f2)" >> $GITHUB_ENV
- echo "DEMIS_VERSION=$(cat .env | grep DEMIS_VERSION | cut -d '=' -f2)" >> $GITHUB_ENV
  - name: Release
  uses: softprops/action-gh-release@v0.1.14 
  #if: startsWith(github.ref, 'refs/tags/')
@@ -28,7 +27,6 @@ jobs:
  body: |
  ## Versions
  SORMAS VERSION: ${{ env.SORMAS_VERSION }}
- DEMIS: ${{ env.DEMIS_VERSION }}
 
  ## Application release notes
  https://github.com/sormas-foundation/SORMAS-Project/releases/tag/v${{ env.SORMAS_VERSION }}

.github/workflows/release.yml

@@ -17,7 +17,6 @@ jobs:
  run: | 
  echo "SORMAS_DOCKER_VERSION=$(cat .env | grep SORMAS_DOCKER_VERSION | cut -d '=' -f2)" >> $GITHUB_ENV
  echo "SORMAS_VERSION=$(cat .env | grep SORMAS_VERSION | cut -d '=' -f2)" >> $GITHUB_ENV
- echo "DEMIS_VERSION=$(cat .env | grep DEMIS_VERSION | cut -d '=' -f2)" >> $GITHUB_ENV
  - name: Release
  uses: softprops/action-gh-release@v0.1.14 
  #if: startsWith(github.ref, 'refs/tags/')
@@ -28,7 +27,6 @@ jobs:
  body: |
  ## Versions
  SORMAS VERSION: ${{ env.SORMAS_VERSION }}
- DEMIS: ${{ env.DEMIS_VERSION }}
 
  ## Application release notes
  https://github.com/sormas-foundation/SORMAS-Project/releases/tag/v${{ env.SORMAS_VERSION }}

Documents/Database.md

@@ -20,7 +20,6 @@ Database related values set in `.env`file:
 
 * Database server: `DB_HOST`: postgres
 * Sormas Database: `DB_NAME`: sormas
-* Sormas Audit Database: `DB_NAME_AUDIT`: sormas_audit
 * Sormas Database User: `SORMAS_POSTGRES_USER`: sormas_user
 * Sormas Database Password: `SORMAS_POSTGRES_PASSWORD`: password
 
@@ -30,19 +29,18 @@ Several parameters are configured in `docker-compose.yml`:
 
 #### Database
 
-The `postgres` container is set up with the `SORMAS_POSTGRES_PASSWORD` from the `.env` file. The `sormas` DB and `sormas_audit` DB are created and initialized. The `sormas` user gets created.
+The `postgres` container is set up with the `SORMAS_POSTGRES_PASSWORD` from the `.env` file. The `sormas` DB is created and initialized. The `sormas` user gets created.
 
-Additionally the `postgres`container listens on localhost port 5432. This can be used to access the `sormas` database e.g. for creating local DB dumps.
+Additionally, the `postgres`container listens on localhost port 5432. This can be used to access the `sormas` database e.g. for creating local DB dumps.
 
-Database files for `sormas` and `sormas_audit` are held on the host in a local folder.
+Database files for `sormas` are held on the host in a local folder.
 
 ```yaml
 services:
  postgres:
  environment:
  - POSTGRES_PASSWORD=${SORMAS_POSTGRES_PASSWORD}
  - DB_NAME=sormas
- - DB_NAME_AUDIT=sormas_audit
  - SORMAS_POSTGRES_PASSWORD=${SORMAS_POSTGRES_PASSWORD}
  - SORMAS_POSTGRES_USER=${SORMAS_POSTGRES_USER}
  ports:
@@ -53,20 +51,17 @@ services:
 
 #### pg_dump container
 
-In the default installation a pg_dump container is started. This container dumps the `sormas` and `sormas_audit` database on a regularly basis (to a folder on the host (`/backup`). 
+In the default installation a pg_dump container is started. This container dumps all database on the host (except postgres and template) on a regular basis to a folder on the host (`/backup`). 
 
 ```yaml
 services:
  pg_dump:
  environment:
  - DB_HOST=${DB_HOST}
- - DB_NAME=sormas
- - DB_NAME_AUDIT=sormas_audit
  - PGPASSWORD=${SORMAS_POSTGRES_PASSWORD}
- - SORMAS_POSTGRES_USER=${SORMAS_POSTGRES_USER}
+ - POSTGRES_USER=${SORMAS_POSTGRES_USER}
  - MIN=15,45 # Twice the hour on 15 and 45 (use crontab notation)
  - HOUR= # Keep empty for every hour. Use crontab notation otherwise
- - KEEP=1 # keep one day
  volumes:
  - /backup:/var/opt/db_dumps
 ```
@@ -83,7 +78,6 @@ services:
  - SORMAS_POSTGRES_PASSWORD=${SORMAS_POSTGRES_PASSWORD}
  - DB_HOST=${DB_HOST}
  - DB_NAME=${DB_NAME}
- - DB_NAME_AUDIT=${DB_NAME_AUDIT}
 
 ```
 ### partner

README.md

@@ -78,8 +78,6 @@ These Options are available to customize the installation:
 
 **DB_NAME** Name of the database for the SORMAS data
 
-**DB_NAME_AUDIT** Name of the database for SORMAS audit data
-
 **DB_HOST** Hostname or IP of the database host
 
 **DB_JDBC_MAXPOOLSIZE** Sets the maximum number of database connections

apache2/Dockerfile

@@ -1,16 +1,12 @@
 FROM httpd:2.4-alpine as build
 ARG SORMAS_SERVER_URL
 
-ARG SORMAS_VERSION=1.86.0
+ARG SORMAS_VERSION=1.87.0
 ARG MOD_AUTH_OPENIDC_VERSION=2.4.11.3
 
 ENV SORMAS_VERSION=$SORMAS_VERSION
 ARG SORMAS_URL=https://github.com/sormas-foundation/SORMAS-Project/releases/download/
 
-
-
-
-
 RUN apk update --no-cache && \
  apk upgrade --no-cache
 
@@ -36,7 +32,7 @@ RUN cd /usr/src/apache2/mod_auth_openidc-${MOD_AUTH_OPENIDC_VERSION}/ && ls -la
 
 FROM httpd:2.4-alpine
 ARG SORMAS_SERVER_URL
-ARG SORMAS_VERSION=1.86.0
+ARG SORMAS_VERSION=1.87.0
 
 ENV SORMAS_VERSION=$SORMAS_VERSION
 ARG SORMAS_URL=https://github.com/sormas-foundation/SORMAS-Project/releases/download/

docker-compose-angular.yml

@@ -31,13 +31,11 @@ services:
  - SORMAS_HOST_NAME=${SORMAS_SERVER_URL}
  - SORMAS_HTTPS_PORT=443
  - NAMESIMILARITYTHRESHOLD=${NAMESIMILARITYTHRESHOLD}
- - DEMIS_ENABLED=${DEMIS_ENABLED}
  volumes:
  - ${SORMAS_PATH}/documents:/opt/sormas/documents
  - ${SORMAS_PATH}/custom:/opt/sormas/custom
  - ${SORMAS_PATH}/sormas-logs:/opt/domains/sormas/logs
  - ./apache2/certs:/tmp/certs
- - ${SORMAS_PATH}/demis:/tmp/${DOMAIN_NAME}/config/demis
  healthcheck:
  test: ["CMD", "curl", "-f", "-I", "http://localhost:6048"]
  interval: 30s

docker-compose-build.yml

@@ -24,7 +24,6 @@ services:
  - DB_HOST=${DB_HOST}
  - DOMAIN_NAME=${DOMAIN_NAME}
  - DB_NAME=${DB_NAME}
- - DB_NAME_AUDIT=${DB_NAME_AUDIT}
  - MAIL_FROM=${MAIL_FROM}
  - SORMAS_VERSION=${SORMAS_VERSION}
  image: hzibraunschweig/sormas-application:${SORMAS_DOCKER_VERSION}

docker-compose-external-db.yml

@@ -12,7 +12,6 @@ services:
  - DB_HOST=${DB_HOST}
  - DOMAIN_NAME=${DOMAIN_NAME}
  - DB_NAME=${DB_NAME}
- - DB_NAME_AUDIT=${DB_NAME_AUDIT}
  - MAIL_HOST=${MAIL_HOST}
  - SMTP_PORT=${SMTP_PORT}
  - SMTP_USER=${SMTP_USER}

docker-compose-keycloak.yml

@@ -31,13 +31,11 @@ services:
  - SORMAS_HOST_NAME=${SORMAS_SERVER_URL}
  - SORMAS_HTTPS_PORT=443
  - NAMESIMILARITYTHRESHOLD=${NAMESIMILARITYTHRESHOLD}
- - DEMIS_ENABLED=${DEMIS_ENABLED}
  volumes:
  - ${SORMAS_PATH}/documents:/opt/sormas/documents
  - ${SORMAS_PATH}/custom:/opt/sormas/custom
  - ${SORMAS_PATH}/sormas-logs:/opt/domains/sormas/logs
  - ./apache2/certs:/tmp/certs
- - ${SORMAS_PATH}/demis:/tmp/${DOMAIN_NAME}/config/demis
  healthcheck:
  test: ["CMD", "curl", "-f", "-I", "http://localhost:6048"]
  interval: 30s
@@ -131,6 +129,7 @@ services:
  - keycloak
  environment:
  - PROMETHEUS_SERVERS=${PROMETHEUS_SERVERS}
+ - HTTP_TIMEOUT=${HTTP_TIMEOUT}
  volumes:
  - ./apache2/certs:/usr/local/apache2/certs
  - ${SORMAS_PATH}/apache2_log:/var/log/apache2

docker-compose_nginx.yml

@@ -13,7 +13,6 @@ services:
  - DOMAIN_NAME=${DOMAIN_NAME}
  - DB_JDBC_MAXPOOLSIZE=${DB_JDBC_MAXPOOLSIZE}
  - DB_NAME=${DB_NAME}
- - DB_NAME_AUDIT=${DB_NAME_AUDIT}
  - MAIL_HOST=${MAIL_HOST}
  - SMTP_PORT=${SMTP_PORT}
  - SMTP_USER=${SMTP_USER}
@@ -64,7 +63,6 @@ services:
  environment:
  - POSTGRES_PASSWORD=${SORMAS_POSTGRES_PASSWORD}
  - DB_NAME=sormas
- - DB_NAME_AUDIT=sormas_audit
  - SORMAS_POSTGRES_PASSWORD=${SORMAS_POSTGRES_PASSWORD}
  - SORMAS_POSTGRES_USER=${SORMAS_POSTGRES_USER}
  - TZ=${TZ}

keycloak/Dockerfile

@@ -1,17 +1,22 @@
+ARG KEYCLOAK_VERSION=21.1.2
+
 # 1. Get config data from SORMAS release archive
 FROM redhat/ubi8-minimal:latest as config-source
 USER root
 RUN microdnf update && microdnf install -y wget unzip
 
 ARG SORMAS_URL=https://github.com/sormas-foundation/SORMAS-Project/releases/download/
-ARG SORMAS_VERSION=1.86.0
+ARG SORMAS_VERSION=1.87.0
 
 RUN cd /tmp && \
  wget ${SORMAS_URL}v${SORMAS_VERSION}/sormas_${SORMAS_VERSION}.zip -O sormas.zip && \
  unzip sormas.zip
 
 # 2. Configure keycloak
-FROM quay.io/keycloak/keycloak:21.0.1 as kc-builder
+# when updating keycloak version check https://www.keycloak.org/docs/latest/upgrading/index.html#migration-changes
+# also make sure to update the keycloak dependency in SORMAS-Project
+ARG KEYCLOAK_VERSION
+FROM quay.io/keycloak/keycloak:${KEYCLOAK_VERSION} as kc-builder
 WORKDIR /opt/keycloak
 
 USER root
@@ -33,7 +38,8 @@ RUN bin/kc.sh build --db postgres --spi-password-hashing-sormas-sha256-enabled=t
  --http-relative-path=/keycloak --health-enabled=true --metrics-enabled=true
 
 # 3. Runtime container
-FROM quay.io/keycloak/keycloak:21.0.1
+ARG KEYCLOAK_VERSION
+FROM quay.io/keycloak/keycloak:${KEYCLOAK_VERSION}
 
 USER root
 COPY start-keycloak.sh /start-keycloak.sh

letsencrypt/Dockerfile

@@ -4,8 +4,7 @@ FROM lsiobase/nginx:3.11
 
 ARG CERTBOT_VERSION=1.3.0
 ARG SORMAS_URL=https://github.com/sormas-foundation/SORMAS-Project/releases/download/
-
-ARG SORMAS_VERSION=1.86.0
+ARG SORMAS_VERSION=1.87.0
 
 ENV SORMAS_VERSION=$SORMAS_VERSION
 LABEL maintainer="aptalca"
@@ -93,7 +92,7 @@ RUN \
  else \
  CERTBOT="certbot==${CERTBOT_VERSION}"; \
  fi && \
- python -m pip install -U pip && \
+ python3 -m pip install -U pip && \
  pip3 install -U \
  pip && \
  pip3 install -U \

postgres/README.md

@@ -23,18 +23,12 @@ During initial setup `/docker-entrypoint-initdb.d/setup_sormas.sh` is executed.
 ```sql
 CREATE USER ${SORMAS_POSTGRES_USER} WITH PASSWORD '${SORMAS_POSTGRES_PASSWORD}' CREATEDB;
 CREATE DATABASE ${DB_NAME} WITH OWNER = '${SORMAS_POSTGRES_USER}' ENCODING = 'UTF8';
-CREATE DATABASE ${DB_NAME_AUDIT} WITH OWNER = '${SORMAS_POSTGRES_USER}' ENCODING = 'UTF8';
 \c ${DB_NAME}
 CREATE OR REPLACE PROCEDURAL LANGUAGE plpgsql;
 ALTER PROCEDURAL LANGUAGE plpgsql OWNER TO ${SORMAS_POSTGRES_USER};
 CREATE EXTENSION pg_trgm;
 CREATE EXTENSION pgcrypto;
 GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO ${SORMAS_POSTGRES_USER};
-\c ${DB_NAME_AUDIT}
-CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;
-COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language';
-GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO ${SORMAS_POSTGRES_USER};
-ALTER TABLE IF EXISTS schema_version OWNER TO ${SORMAS_POSTGRES_USER};
 ```
 
 <p align="center">

postgres/setup_sormas.sh

@@ -7,7 +7,6 @@ echo "Starting database setup..."
 psql -v ON_ERROR_STOP=1 --username "postgres" <<EOSQL
  CREATE USER ${SORMAS_POSTGRES_USER} WITH PASSWORD '${SORMAS_POSTGRES_PASSWORD}' CREATEDB;
  CREATE DATABASE ${DB_NAME} WITH OWNER = '${SORMAS_POSTGRES_USER}' ENCODING = 'UTF8';
- CREATE DATABASE ${DB_NAME_AUDIT} WITH OWNER = '${SORMAS_POSTGRES_USER}' ENCODING = 'UTF8';
  \c ${DB_NAME}
  CREATE OR REPLACE PROCEDURAL LANGUAGE plpgsql;
  ALTER PROCEDURAL LANGUAGE plpgsql OWNER TO ${SORMAS_POSTGRES_USER};
@@ -16,9 +15,4 @@ psql -v ON_ERROR_STOP=1 --username "postgres" <<EOSQL
  CREATE EXTENSION pg_stat_statements;
  CREATE EXTENSION IF NOT EXISTS unaccent;
  GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO ${SORMAS_POSTGRES_USER};
- \c ${DB_NAME_AUDIT}
- CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;
- COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language';
- GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO ${SORMAS_POSTGRES_USER};
- ALTER TABLE IF EXISTS schema_version OWNER TO ${SORMAS_POSTGRES_USER};
 EOSQL

services-base.yml

@@ -12,7 +12,6 @@ services:
  - DB_HOST=${DB_HOST}
  - DOMAIN_NAME=${DOMAIN_NAME}
  - DB_NAME=${DB_NAME}
- - DB_NAME_AUDIT=${DB_NAME_AUDIT}
  - MAIL_HOST=${MAIL_HOST}
  - SMTP_PORT=${SMTP_PORT}
  - SMTP_USER=${SMTP_USER}
@@ -68,7 +67,6 @@ services:
  environment:
  - POSTGRES_PASSWORD=${SORMAS_POSTGRES_PASSWORD}
  - DB_NAME=${DB_NAME}
- - DB_NAME_AUDIT=${DB_NAME_AUDIT}
  - SORMAS_POSTGRES_PASSWORD=${SORMAS_POSTGRES_PASSWORD}
  - SORMAS_POSTGRES_USER=${SORMAS_POSTGRES_USER}
  - TZ=${TZ}
@@ -190,7 +188,7 @@ services:
  mem_limit: ${KEYCLOAK_MEM}
  mem_reservation: ${KEYCLOAK_MEM_RESERVED}
  healthcheck:
- test: ["CMD", "/opt/keycloak/bin/kcadm.sh", "config", "credentials", "--server", "http://localhost:8080/keycloak", "--realm", "master", "--user", "${KEYCLOAK_ADMIN}", "--password", "${KEYCLOAK_ADMIN_PASSWORD}"]
+ test: ["CMD", "/opt/keycloak/bin/kcadm.sh", "config", "credentials", "--server", "http://localhost:8080/keycloak", "--realm", "master", "--user", "${KEYCLOAK_ADMIN_USER}", "--password", "${KEYCLOAK_ADMIN_PASSWORD}"]
  interval: 30s
  timeout: 3s
  retries: 3

sormas/Dockerfile

@@ -7,14 +7,13 @@ ARG DB_JDBC_MAXPOOLSIZE=128
 ARG DB_HOST=postgres
 ARG DOMAIN_NAME=sormas
 ARG DB_NAME=sormas
-ARG DB_NAME_AUDIT=sormas_audit
 ARG MAIL_HOST=localhost
 ARG MAIL_FROM=sormas@localhost
 ARG JVM_MAX=4096m
 ARG SORMAS_URL=https://github.com/sormas-foundation/SORMAS-Project/releases/download/
 EXPOSE 6080
 
-ARG SORMAS_VERSION=1.86.0
+ARG SORMAS_VERSION=1.87.0
 
 ENV SORMAS_VERSION=$SORMAS_VERSION
 
@@ -31,8 +30,6 @@ COPY setup-server.sh /setup-server.sh
 
 RUN chmod +x /setup-server.sh
 RUN /setup-server.sh
-COPY start-server.sh /start-server.sh
-RUN chmod +x /start-server.sh
 
 COPY glowroot-0.13.6-dist.zip /opt
 COPY admin.json /opt
@@ -42,5 +39,10 @@ RUN cd /opt \
  && unzip glowroot-0.13.6-dist.zip \
  && mv /opt/admin.json /opt/glowroot/admin.json
 
+COPY additional_wars/* /opt/domains/sormas/deployments/
 
-CMD ["/start-server.sh"]
+COPY ./docker-entrypoint.sh /
+RUN chmod +x /docker-entrypoint.sh
+COPY entrypoint/* /entrypoint/
+RUN chmod +x /entrypoint/*.sh
+ENTRYPOINT ["/docker-entrypoint.sh"]