Splitting monolith app to micro services (#1490)

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
eclipse-hawkbit · Nov 30, 2023 · a6fa756 · a6fa756
1 parent b362698
commit a6fa756
Show file tree

Hide file tree

Showing 68 changed files with 2,222 additions and 225 deletions.
diff --git a/...rc/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java b/...rc/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java
@@ -20,6 +20,7 @@
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
 
 import org.eclipse.hawkbit.cache.DownloadIdCache;
 import org.eclipse.hawkbit.ddi.rest.api.DdiRestConstants;
@@ -81,9 +82,13 @@
 import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;
 import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.security.web.firewall.FirewalledRequest;
+import org.springframework.security.web.firewall.HttpFirewall;
+import org.springframework.security.web.firewall.StrictHttpFirewall;
 import org.springframework.security.web.session.SessionManagementFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.util.Assert;
+import org.springframework.util.CollectionUtils;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 
@@ -583,6 +588,51 @@ private CorsConfiguration corsConfiguration() {
         }
     }
 
+
+    /**
+     * HttpFirewall which enables to define a list of allowed host names.
+     *
+     * @return the http firewall.
+     */
+    @Bean
+    public HttpFirewall httpFirewall(final HawkbitSecurityProperties hawkbitSecurityProperties) {
+        final List<String> allowedHostNames = hawkbitSecurityProperties.getAllowedHostNames();
+        final IgnorePathsStrictHttpFirewall firewall = new IgnorePathsStrictHttpFirewall(
+                hawkbitSecurityProperties.getHttpFirewallIgnoredPaths());
+
+        if (!CollectionUtils.isEmpty(allowedHostNames)) {
+            firewall.setAllowedHostnames(hostName -> {
+                LOG.debug("Firewall check host: {}, allowed: {}", hostName, allowedHostNames.contains(hostName));
+                return allowedHostNames.contains(hostName);
+            });
+        }
+        return firewall;
+    }
+
+
+    private static class IgnorePathsStrictHttpFirewall extends StrictHttpFirewall {
+
+        private final Collection<String> pathsToIgnore;
+
+        public IgnorePathsStrictHttpFirewall(final Collection<String> pathsToIgnore) {
+            super();
+            this.pathsToIgnore = pathsToIgnore;
+        }
+
+        @Override
+        public FirewalledRequest getFirewalledRequest(final HttpServletRequest request) {
+            if (pathsToIgnore != null && pathsToIgnore.contains(request.getRequestURI())) {
+                return new FirewalledRequest(request) {
+                    @Override
+                    public void reset() {
+                        // nothing to do
+                    }
+                };
+            }
+            return super.getFirewalledRequest(request);
+        }
+    }
+
     private static AuthenticationManager setAuthenticationManager(final HttpSecurity http, final DdiSecurityProperties ddiSecurityConfiguration) throws Exception {
         // configure authentication manager
         final AuthenticationManager authenticationManager =

diff --git a/hawkbit-runtime/.gitignore b/hawkbit-runtime/.gitignore
@@ -0,0 +1 @@
+**/artifactrepo/
diff --git a/hawkbit-runtime/docker/README.md b/hawkbit-runtime/docker/README.md
@@ -27,7 +27,7 @@ Start the hawkBit Update Server and Device Simulator together with an MySQL and
 
 ```bash
 $ docker swarm init
-$ docker stack deploy -c docker-compose-stack.yml hawkbit
+$ docker stack deploy -c docker-compose-deps-mysql.yml hawkbit
 ```
 
 # Access

diff --git a/hawkbit-runtime/docker/docker-compose-deps-mysql.yml b/hawkbit-runtime/docker/docker-compose-deps-mysql.yml
@@ -0,0 +1,44 @@
+#
+# Copyright (c) 2018 Bosch Software Innovations GmbH and others
+#
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+version: '3.7'
+
+services:
+  # ---------------------
+  # MySQL service
+  # ---------------------
+  mysql:
+    image: "mysql:8.0"
+    environment:
+      MYSQL_DATABASE: "hawkbit"
+      # MYSQL_USER: "root" is created by default in the container for mysql 8.0+
+      MYSQL_ALLOW_EMPTY_PASSWORD: "true"
+    restart: always
+    ports:
+      - "3306:3306"
+    labels:
+      NAME: "mysql"
+
+  # ---------------------
+  # RabbitMQ service
+  # ---------------------
+  rabbitmq:
+    image: "rabbitmq:3-management-alpine"
+    hostname: "rabbitmq"
+    environment:
+      RABBITMQ_DEFAULT_VHOST: "/"
+      RABBITMQ_DEFAULT_USER: "guest"
+      RABBITMQ_DEFAULT_PASS: "guest"
+    ports:
+      - "15672:15672"
+      - "5672:5672"
+    deploy:
+      restart_policy:
+        condition: on-failure
+
diff --git a/hawkbit-runtime/docker/docker-compose-deps-postgres.yml b/hawkbit-runtime/docker/docker-compose-deps-postgres.yml
@@ -0,0 +1,44 @@
+#
+# Copyright (c) 2018 Bosch Software Innovations GmbH and others
+#
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+version: '3.7'
+
+services:
+  # ---------------------
+  # Postgres service
+  # ---------------------
+  postgres:
+    image: "postgres:16.1"
+    ports:
+      - "5432:5432"
+    deploy:
+      restart_policy:
+        condition: on-failure
+    environment:
+      POSTGRES_USER: "postgres"
+      POSTGRES_PASSWORD: "admin"
+      POSTGRES_DB: "hawkbit"
+
+  # ---------------------
+  # RabbitMQ service
+  # ---------------------
+  rabbitmq:
+    image: "rabbitmq:3-management-alpine"
+    hostname: "rabbitmq"
+    environment:
+      RABBITMQ_DEFAULT_VHOST: "/"
+      RABBITMQ_DEFAULT_USER: "guest"
+      RABBITMQ_DEFAULT_PASS: "guest"
+    ports:
+      - "15672:15672"
+      - "5672:5672"
+    deploy:
+      restart_policy:
+        condition: on-failure
+
diff --git a/hawkbit-runtime/docker/docker-compose-micro-services-mysql.yml b/hawkbit-runtime/docker/docker-compose-micro-services-mysql.yml
@@ -0,0 +1,82 @@
+#
+# Copyright (c) 2018 Bosch Software Innovations GmbH and others
+#
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+version: '3.7'
+
+include:
+  - docker-compose-deps-mysql.yml
+
+services:
+
+  # ---------------------
+  # HawkBit DDI
+  # ---------------------
+  hawkbit-ddi:
+    image: "hawkbit/hawkbit-ddi-server:latest-mysql"
+    environment:
+      - 'SPRING_DATASOURCE_URL=jdbc:mariadb://mysql:3306/hawkbit'
+      - 'SPRING_RABBITMQ_HOST=rabbitmq'
+      - 'SPRING_RABBITMQ_USERNAME=guest'
+      - 'SPRING_RABBITMQ_PASSWORD=guest'
+      - 'SPRING_DATASOURCE_USERNAME=root'
+    restart: always
+    ports:
+      - "8081:8081"
+    labels:
+      NAME: "hawkbit-ddi"
+
+  # ---------------------
+  # HawkBit DMF
+  # ---------------------
+  hawkbit-dmf:
+    image: "hawkbit/hawkbit-dmf-server:latest-mysql"
+    environment:
+      - 'SPRING_DATASOURCE_URL=jdbc:mariadb://mysql:3306/hawkbit'
+      - 'SPRING_RABBITMQ_HOST=rabbitmq'
+      - 'SPRING_RABBITMQ_USERNAME=guest'
+      - 'SPRING_RABBITMQ_PASSWORD=guest'
+      - 'SPRING_DATASOURCE_USERNAME=root'
+    restart: always
+    labels:
+      NAME: "hawkbit-dmf"
+
+  # ---------------------
+  # HawkBit MGMT
+  # ---------------------
+  hawkbit-mgmt:
+    image: "hawkbit/hawkbit-mgmt-server:latest-mysql"
+    environment:
+      - 'SPRING_DATASOURCE_URL=jdbc:mariadb://mysql:3306/hawkbit'
+      - 'SPRING_RABBITMQ_HOST=rabbitmq'
+      - 'SPRING_RABBITMQ_USERNAME=guest'
+      - 'SPRING_RABBITMQ_PASSWORD=guest'
+      - 'SPRING_DATASOURCE_USERNAME=root'
+    restart: always
+    ports:
+      - "8080:8080"
+    labels:
+      NAME: "hawkbit-mgmt"
+
+
+  # ---------------------
+  # HawkBit MGMT
+  # ---------------------
+  hawkbit-vv8ui:
+    image: "hawkbit/hawkbit-vv8-ui:latest-mysql"
+    environment:
+      - 'SPRING_DATASOURCE_URL=jdbc:mariadb://mysql:3306/hawkbit'
+      - 'SPRING_RABBITMQ_HOST=rabbitmq'
+      - 'SPRING_RABBITMQ_USERNAME=guest'
+      - 'SPRING_RABBITMQ_PASSWORD=guest'
+      - 'SPRING_DATASOURCE_USERNAME=root'
+    restart: always
+    ports:
+      - "8082:8082"
+    labels:
+      NAME: "hawkbit-vv8-ui"
diff --git a/hawkbit-runtime/docker/docker-compose.yml → .../docker/docker-compose-monolith-mysql.yml b/hawkbit-runtime/docker/docker-compose.yml → .../docker/docker-compose-monolith-mysql.yml
diff --git a/hawkbit-runtime/docker/docker-compose-stack.yml b/hawkbit-runtime/docker/docker-compose-stack.yml
diff --git a/hawkbit-runtime/docker/docker_build/build_all_dev.sh b/hawkbit-runtime/docker/docker_build/build_all_dev.sh
@@ -0,0 +1,45 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Bosch.IO GmbH and others
+#
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+set -xe
+
+VERSION=0.4.0-SNAPSHOT
+FLAVOUR="standard"
+MVN_REPO=~/.m2/repository
+
+while getopts v:f:r: option
+do
+    case "${option}"
+        in
+        v)VERSION=${OPTARG};;
+        f)FLAVOUR=${OPTARG};;
+        r)MVN_REPO=${OPTARG};;
+    esac
+done
+
+echo "hawkBit version      : ${VERSION}"
+echo "docker image flavour : ${FLAVOUR}"
+echo "maven repository     : ${MVN_REPO}"
+
+if [ ${FLAVOUR} == "mysql" ]
+then
+      DOCKER_FILE="Dockerfile_dev-mysql"
+      TAG_SUFFIX="-mysql"
+else
+      DOCKER_FILE="Dockerfile_dev"
+      TAG_SUFFIX=""
+fi
+
+echo "docker file          : ${DOCKER_FILE}"
+
+docker build -t hawkbit/hawkbit-ddi-server:${VERSION}${TAG_SUFFIX} -t hawkbit/hawkbit-ddi-server:latest${TAG_SUFFIX} --build-arg HAWKBIT_APP=hawkbit-ddi-server --build-arg HAWKBIT_VERSION=${VERSION} -f ${DOCKER_FILE} "${MVN_REPO}"
+docker build -t hawkbit/hawkbit-dmf-server:${VERSION}${TAG_SUFFIX} -t hawkbit/hawkbit-dmf-server:latest${TAG_SUFFIX} --build-arg HAWKBIT_APP=hawkbit-dmf-server --build-arg HAWKBIT_VERSION=${VERSION} -f ${DOCKER_FILE} "${MVN_REPO}"
+docker build -t hawkbit/hawkbit-mgmt-server:${VERSION}${TAG_SUFFIX} -t hawkbit/hawkbit-mgmt-server:latest${TAG_SUFFIX} --build-arg HAWKBIT_APP=hawkbit-mgmt-server --build-arg HAWKBIT_VERSION=${VERSION} -f ${DOCKER_FILE} "${MVN_REPO}"
+docker build -t hawkbit/hawkbit-vv8-ui:${VERSION}${TAG_SUFFIX} -t hawkbit/hawkbit-vv8-ui:latest${TAG_SUFFIX} --build-arg HAWKBIT_APP=hawkbit-vv8-ui --build-arg HAWKBIT_VERSION=${VERSION} -f ${DOCKER_FILE} "${MVN_REPO}"