Config docker (#6)

Something not work correctly before, but I added something and now it seems good
* config but not ok

* add docker and config to run

* config pipeline

.env.sample

@@ -2,4 +2,17 @@ DB_URL=
 DB_USERNAME=
 DB_PASSWORD=
 ADMIN_DEFAULT_USERNAME=
-ADMIN_DEFAULT_PASSWORD=
+ADMIN_DEFAULT_PASSWORD=
+
+DB_USERNAME=
+DB_PASSWORD=
+ADMIN_DEFAULT_USERNAME=
+ADMIN_DEFAULT_PASSWORD=
+
+POSTGRES_USER=
+POSTGRES_PASSWORD=
+POSTGRES_HOST=
+POSTGRES_PORT=
+
+SUN_SERVICES=
+SERVER_PORT=

.github/workflows/pipeline-sun.yml

@@ -8,10 +8,6 @@ on:
   pull_request:
     branches:
       - main
-      - ci-cd
-    paths:
-      - 'pom.xml'
-      - '.github/workflows/pipeline-sun.yml'
 
 jobs:
   style:

Dockerfile

@@ -0,0 +1,3 @@
+FROM eclipse-temurin:21-jre-alpine
+COPY target/sun-rise*.jar app.jar
+ENTRYPOINT ["java", "-jar", "/app.jar"]

docker-compose.yml

@@ -0,0 +1,52 @@
+services:
+  sunrise:
+    build: .
+    environment:
+      - SPRING_DATASOURCE_URL=jdbc:postgresql://postgres:5432/mock_project
+      - SERVER_SERVLET_CONTEXT_PATH=/sun
+      - SUN_SERVICES_MEDIA
+#      - SERVER_PORT
+    ports:
+      - "8086:8086"
+    volumes:
+      - ./deployment/app-config:/app-config
+    networks:
+      - sun-network
+
+  postgres:
+    image: debezium/postgres:15-alpine
+    build: src/docker/postgres
+    hostname: ${POSTGRES_HOST}
+    ports:
+      - "${POSTGRES_PORT}:${POSTGRES_PORT}"
+    volumes:
+      - ./docker/postgres/postgresql.conf.sample:/usr/share/postgresql/postgresql.conf.sample
+      - ./postgres_init.sql:/docker-entrypoint-initdb.d/postgres_init.sql
+      - postgres:/var/lib/postgresql/data
+    command: postgres -c 'max_connections=500'
+    environment:
+      - POSTGRES_USER
+      - POSTGRES_PASSWORD
+    networks:
+      - sun-network
+
+  pgadmin:
+    image: dpage/pgadmin4:6.20
+    volumes:
+      - pgadmin:/var/lib/pgadmin
+    environment:
+      PGADMIN_DEFAULT_EMAIL: admin@sun.com
+      PGADMIN_DEFAULT_PASSWORD: admin
+    ports:
+      - "8081:80"
+    networks:
+      - sun-network
+
+networks:
+  sun-network:
+    driver: bridge
+    name: sun-network
+
+volumes:
+  postgres:
+  pgadmin:

postgres_init.sql

@@ -0,0 +1,2 @@
+CREATE DATABASE mock_project WITH OWNER = admin ENCODING = 'UTF8' LC_COLLATE = 'en_US.utf8' LC_CTYPE = 'en_US.utf8' TABLESPACE = pg_default CONNECTION
+LIMIT = -1;

src/docker/postgres/Dockerfile

@@ -0,0 +1,7 @@
+FROM debezium/postgres:15-alpine
+ENV  WAL2JSON_TAG=wal2json_2_5
+RUN    apk add --no-cache --virtual .debezium-build-deps gcc clang15 llvm15 git make musl-dev pkgconf \
+         && git clone https://github.com/eulerto/wal2json -b master --single-branch \
+         && (cd /wal2json && git checkout tags/$WAL2JSON_TAG -b $WAL2JSON_TAG && make && make install) \
+         && rm -rf wal2json \
+         && apk del .debezium-build-deps

src/docker/postgres/postgresql.conf.sample

@@ -0,0 +1,16 @@
+# LOGGING
+# log_min_error_statement = fatal
+# log_min_messages = DEBUG1
+
+# CONNECTION
+listen_addresses = '*'
+
+# MODULES
+shared_preload_libraries = 'decoderbufs,wal2json'
+
+# REPLICATION
+wal_level = logical             # minimal, archive, hot_standby, or logical (change requires restart)
+max_wal_senders = 20             # max number of walsender processes (change requires restart)
+#wal_keep_segments = 4          # in logfile segments, 16MB each; 0 disables
+#wal_sender_timeout = 60s       # in milliseconds; 0 disables
+max_replication_slots = 20       # max number of replication slots (change requires restart)

src/main/java/com/fjb/sunrise/config/AuditorAwareStringImpl.java

@@ -0,0 +1,22 @@
+package com.fjb.sunrise.config;
+
+import java.util.Optional;
+import org.springframework.data.domain.AuditorAware;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Service;
+
+@Service
+public class AuditorAwareStringImpl implements AuditorAware<String> {
+    @Override
+    public Optional<String> getCurrentAuditor() {
+
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        if (authentication == null || !authentication.isAuthenticated()) {
+            return Optional.empty();
+        }
+
+        return Optional.of(authentication.getName());
+    }
+}

src/main/java/com/fjb/sunrise/config/security/CustomUserDetailService.java

@@ -0,0 +1,27 @@
+package com.fjb.sunrise.config.security;
+
+import com.fjb.sunrise.models.User;
+import com.fjb.sunrise.repositories.UserRepository;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class CustomUserDetailService implements UserDetailsService {
+
+    private final UserRepository userRepository;
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        User user = userRepository.findByUsername(username);
+        if (user == null) {
+            throw new UsernameNotFoundException(username);
+        }
+        return org.springframework.security.core.userdetails.User.withUsername(user.getUsername())
+                .password(user.getPassword())
+                .build();
+    }
+}

src/main/java/com/fjb/sunrise/config/security/SecurityConfig.java

@@ -0,0 +1,63 @@
+package com.fjb.sunrise.config.security;
+
+import java.util.List;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+import org.thymeleaf.extras.springsecurity6.dialect.SpringSecurityDialect;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+    private final CustomUserDetailService userDetailsService;
+
+    static final String[] PUBLIC_ENDPOINTS = {"/img/**", "/css/**", "/js/**"};
+
+    static final String[] ALLOWED_METHODS = {"GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"};
+
+    static final String[] ALLOWED_ORIGINS = {"*"};
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)
+                .cors(cors -> cors.configurationSource(request -> {
+                    var corsConfiguration = new CorsConfiguration();
+                    corsConfiguration.setAllowedOrigins(List.of(ALLOWED_ORIGINS));
+                    corsConfiguration.setAllowedMethods(List.of(ALLOWED_METHODS));
+                    corsConfiguration.setAllowedHeaders(List.of("Authorization", "Content-Type"));
+                    return corsConfiguration;
+                }))
+                .authorizeHttpRequests(requests -> requests
+                        .requestMatchers(PUBLIC_ENDPOINTS).permitAll()
+                        .anyRequest().authenticated()
+                )
+                .formLogin(form -> form
+                        // .loginPage("/sun/login")
+                        .defaultSuccessUrl("/health", true)
+                        .permitAll()
+                )
+                .logout(logout -> logout
+                        .logoutUrl("/logout")
+                        // .logoutSuccessUrl("/login")
+                        .permitAll())
+                .headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin));
+
+        return http.build();
+    }
+
+    @Bean
+    public SpringSecurityDialect springSecurityDialect() {
+        return new SpringSecurityDialect();
+    }
+
+}
+

src/main/java/com/fjb/sunrise/controllers/HealthController.java

@@ -8,10 +8,11 @@
 @Controller
 @RequestMapping("/health")
 public class HealthController {
+
     @GetMapping
     public ModelAndView health() {
         ModelAndView modelAndView = new ModelAndView();
-        modelAndView.setViewName("health");
+        modelAndView.setViewName("/health");
         return modelAndView;
     }
 }

src/main/java/com/fjb/sunrise/repositories/UserRepository.java

@@ -5,4 +5,6 @@
 
 public interface UserRepository extends JpaRepository<User, Long> {
     boolean existsByUsername(String username);
+
+    User findByUsername(String username);
 }

src/main/resources/application.yml

@@ -3,9 +3,12 @@ spring:
     name: sun-rise
 
   datasource:
-    url: ${DB_URL}
-    username: ${DB_USERNAME}
-    password: ${DB_PASSWORD}
+#    url: ${DB_URL}
+#    username: ${DB_USERNAME}
+#    password: ${DB_PASSWORD}
+    url: jdbc:postgresql://localhost:5432/mock_project
+    username: admin
+    password: admin
     driver-class-name: org.postgresql.Driver
 
   jpa:
@@ -18,6 +21,14 @@ spring:
     database: postgresql
     database-platform: org.hibernate.dialect.PostgreSQLDialect
     open-in-view: false
+
+  logging:
+    level:
+      org:
+        springframework:
+          security: DEBUG
+          aop: DEBUG
+
 server:
   port: 8086
   servlet: