Skip to content

GitLab

Commit dfef7f50 authored by cazenave's avatar cazenave
Browse files

test dockerfile sur security-internal

parent 11f802d8
Pipeline #2222 failed with stages
in 2 minutes and 41 seconds
Hide whitespace changes
Inline Side-by-side
api/api-iam/iam-external/Dockerfile 0 → 100644
View file @ dfef7f50
FROM java:8-jdk-alpine
WORKDIR .
ADD target/iam-external-1.0.0-SNAPSHOT.jar app.jar
ADD src/main/config/iam-external-application-dev.yml application.yml
ADD src/main/config/*.jks ./
ADD src/main/config/ ./src/main/config/
ENTRYPOINT java -jar app.jar --spring.profiles.active=dev --spring.config.location=classpath:./application.yml,file:./application.yml
api/api-iam/iam-internal/Dockerfile 0 → 100644
View file @ dfef7f50
FROM java:8-jdk-alpine
WORKDIR .
ADD target/iam-internal-1.0.0-SNAPSHOT.jar app.jar
ADD src/main/config/iam-internal-application-dev.yml application.yml
ADD src/main/config/*.jks ./
ADD src/main/config/ ./src/main/config/
#ENTRYPOINT java -jar app.jar --spring.profiles.active=dev --spring.config.location=classpath:./application.yml,file:./application.yml -Dspring-boot.run.noverify
ENTRYPOINT java -jar app.jar -Dvitam.config.folder=./src/main/config/dev-vitam -Xms128m -Xmx512m --spring.config.additional-location=file:./application.yml
cas/cas-server/Dockerfile 0 → 100644
View file @ dfef7f50
FROM java:8-jdk-alpine
WORKDIR .
ADD target/cas-server.war app.war
ADD src/main/config/cas-server-application-dev.yml application.yml
ADD src/main/config/*.jks ./
ENTRYPOINT java -Dspring.config.location=application.yml -jar app.jar
tools/start_mongo.sh 0 → 100755
View file @ dfef7f50
#!/usr/bin/env bash
echo =================================
echo
(
flock -e -n 200
echo =========== Starting MONGO ==========
pushd docker/mongo ; ./start_dev.sh ; popd
) 200>/tmp/external.lockfile
echo =================================
tools/start_vitamui_docker.sh 0 → 100755
View file @ dfef7f50
#!/usr/bin/env bash
# Start Iam Security
cd ../api/api-security/security-internal
mvn spring-boot:run -Dspring-boot.run.noverify
cd /tools
# Start Iam Server Internal
cd ../api/api-iam/iam-internal
mvn spring-boot:run -Dspring-boot.run.noverify
cd /tools
# Start Iam Server External
cd ../api/api-iam/iam-external
mvn spring-boot:run -Dspring-boot.run.noverify
cd /tools
# Start Cas Server
cd ../cas/cas-server
java -Dspring.config.location=src/main/config/cas-server-application-dev.yml -jar target/cas-server.war
cd /tools
cd ../ui/ui-identity
mkdir -p $1/target/src/main
rm -rf $1/target/src/main/config
cp -r $1/src/main/config $1/target/src/main/config
mvn spring-boot:run -Dspring-boot.run.noverify
cd /tools
# Start UI Portal back
cd ../ui/ui-portal
mkdir -p $1/target/src/main
rm -rf $1/target/src/main/config
cp -r $1/src/main/config $1/target/src/main/config
mvn spring-boot:run -Dspring-boot.run.noverify
cd /tools
# Start UI Identity front
cd ../ui/ui-frontend
npm install
npm run start:identity
cd /tools
# Start UI Portal front
cd ../ui/ui-frontend
npm install
npm run start:portal
tools/vitamui-docker/docker-compose.yml 0 → 100644
View file @ dfef7f50
version: '3'
services:
mongo-dev:
image: mongo:4
container_name: vitamui-mongo
hostname: 127.0.0.1
ports:
- "27018:27018"
volumes:
- ./scripts:/scripts
command: mongod --replSet "rs0" --port=27018
security-internal:
image: cines/vitamui-security-internal:v0
depends_on:
- mongo-dev
ports:
- 8084:8084
iam-internal:
image: cines/vitamui-iam-internal:v0
depends_on:
- mongo-dev
ports:
- 7083:7083
iam-external:
image: cines/vitamui-iam-external:v0
ports:
- 8083:8083
cas:
image: cines/vitamui-cas:v0
ports:
- 8080:8080
ui-identity:
image: cines/vitamui-ui-identity:v0
ports:
- 9001:9001
ui-portal:
image: cines/vitamui-ui-portal:v0
ports:
- 9000:9000
tools/vitamui-docker/scripts/00--iam--1.0.0--create_users_ref-insert.js 0 → 100644
View file @ dfef7f50
use security;
if (! db.getUser("mongod_dbuser_security")) {
db.createUser(
{
user: "mongod_dbuser_security",
pwd: "mongod_dbpwd_security",
roles: [{"db": "security", "role": "readWrite"}]
}
);
}
use iam;
if (! db.getUser("mongod_dbuser_iam")) {
db.createUser(
{
user: "mongod_dbuser_iam",
pwd: "mongod_dbpwd_iam",
roles: [{"db": "iam", "role": "readWrite"}]
}
);
}
use cas;
if (! db.getUser("mongod_dbuser_cas")) {
db.createUser(
{
user: "mongod_dbuser_cas",
pwd: "mongod_dbpwd_cas",
roles: [{"db": "cas", "role": "readWrite"}]
}
);
}
use admin;
if (! db.getUser("mongod_dbuser_admin")) {
db.createUser(
{
user: "mongod_dbuser_admin",
pwd: "mongod_dbpwd_admin",
roles: [{"db": "admin", "role": "userAdminAnyDatabase"}, {"db": "admin", "role": "backup"}, {"db": "admin", "role": "restore"}, {"db": "admin", "role": "dbAdminAnyDatabase"}, {"db": "admin", "role": "readWriteAnyDatabase"}]
}
);
}
tools/vitamui-docker/scripts/000_replicaset_dev-create.js 0 → 100755
View file @ dfef7f50
rs.initiate({
"_id" : "rs0",
"members" : [
{
"_id" : 0,
"host" : "vitamui-mongo:27018",
"priority": 1,
"slaveDelay" : NumberLong(0),
"votes" : 1
}
]
});
tools/vitamui-docker/scripts/01--iam--1.0.0--01_iam_ref-insert.js 0 → 100644
View file @ dfef7f50
use iam;
print("START 01_iam_ref.js");
db.users.remove({});
db.groups.remove({});
db.profiles.remove({});
db.tenants.remove({});
db.providers.remove({});
db.owners.remove({});
db.customers.remove({});
db.sequences.remove({});
db.tokens.remove({});
db.createCollection('events');
db.createCollection('operations');
// ========================================= CUSTOMERS =========================================
db.customers.insert({
"_id": "system_customer",
"code": "000000",
"identifier" : NumberInt(1),
"name": "system_customer",
"description": "System Customer",
"companyName": "system_company",
"enabled": true,
"readonly": true,
"subrogeable": false,
"language": "FRENCH",
"passwordRevocationDelay": NumberInt(1),
"otp": "OPTIONAL",
"emailDomains": ["change-it.fr"],
"defaultEmailDomain": "change-it.fr",
"address": {
street: "change-it",
zipCode: "change-it",
city: "change-it",
country: "change-it"
}
});
// ========================================= OWNERS =========================================
db.owners.insert({
"_id": "system_owner",
"identifier" : NumberInt(1),
"enabled": true,
"readonly": true,
"code": "000001",
"name": "system_owner",
"companyName": "system_company",
"customerId": "system_customer",
"address": {
street: "change-it",
zipCode: "change-it",
city: "change-it",
country: "change-it"
}
});
db.owners.insert({
"_id": "system_owner_cas",
"identifier" : NumberInt(2),
"enabled": true,
"readonly": true,
"code": "000002",
"name": "system_owner_cas",
"companyName": "system_owner_cas",
"customerId": "system_customer",
"address": {
street: "change-it",
zipCode: "change-it",
city: "change-it",
country: "change-it"
}
});
// ========================================= PROVIDERS =========================================
db.providers.insert({
"_id": "system_idp",
"identifier" : NumberInt(1),
"code": "000002",
"name": "system_idp",
"internal": true,
"enabled": true,
"readonly": true,
"patterns": [
"admin.*@change-it.fr", "support.*@change-it.fr", "superadmin.*@change-it.fr"
],
"keystoreBase64": "",
"keystorePassword": "",
"privateKeyPassword": "",
"idpMetadata": "",
"spMetadata": "",
"customerId": "system_customer"
});
// ========================================= SEQUENCES =========================================
db.sequences.insert({
"_id": "tenant_identifier",
"name": "tenantIdentifier",
"sequence": NumberInt(100)
});
db.sequences.insert({
"_id": "user_identifier",
"name": "userIdentifier",
"sequence": NumberInt(100)
});
db.sequences.insert({
"_id": "profile_identifier",
"name": "profileIdentifier",
"sequence": NumberInt(200)
});
db.sequences.insert({
"_id": "group_identifier",
"name": "groupIdentifier",
"sequence": NumberInt(100)
});
db.sequences.insert({
"_id": "provider_identifier",
"name": "providerIdentifier",
"sequence": NumberInt(50)
});
db.sequences.insert({
"_id": "customer_identifier",
"name": "customerIdentifier",
"sequence": NumberInt(10)
});
db.sequences.insert({
"_id": "owner_identifier",
"name": "ownerIdentifier",
"sequence": NumberInt(50)
});
// ========================================= TENANTS =========================================
db.tenants.insert({
"_id": "system_tenant",
"name": "Tenant système",
"proof": true,
"enabled": true,
"readonly": false,
"identifier": NumberInt(3),
"ownerId": "system_owner",
"customerId": "system_customer",
"ingestContractHoldingIdentifier" : "IC-000001",
"itemIngestContractIdentifier" : "IC-000001",
"accessContractHoldingIdentifier" : "AC-000001",
"accessContractLogbookIdentifier" : "AC-000002"
});
db.tenants.insert({
"_id": "cas_tenant",
"name": "Tenant CAS",
"enabled": true,
"readonly": false,
"identifier": NumberInt(-1),
"ownerId": "system_owner_cas",
"customerId": "system_customer"
});
// ========================================= PROFILES =========================================
// ----------------------------------------- LEVEL "0" -----------------------------------------
db.profiles.insert({
"_id": "system_user_profile",
"identifier" : NumberInt(1),
"name": "User Profile",
"description": "User Profile",
"tenantIdentifier": NumberInt(3),
"applicationName": "USERS_APP",
"enabled": true,
"readonly": true,
"level": "",
"customerId": "system_customer",
"roles": [{
"name": "ROLE_GET_USERS"
},
{
"name": "ROLE_CREATE_USERS"
},
{
"name": "ROLE_UPDATE_USERS"
},
{
"name": "ROLE_UPDATE_STANDARD_USERS"
},
{
"name": "ROLE_MFA_USERS"
},
{
"name": "ROLE_ANONYMIZATION_USERS"
},
{
"name": "ROLE_GENERIC_USERS"
},
{
"name": "ROLE_GET_GROUPS"
}
]
});
db.profiles.insert({
"_id": "system_group_profile",
"identifier" : NumberInt(2),
"name": "Group Profile",
"description": "Group Profile",
"tenantIdentifier": NumberInt(3),
"applicationName": "GROUPS_APP",
"enabled": true,
"level": "",
"readonly": true,
"customerId": "system_customer",
"roles": [{
"name": "ROLE_GET_GROUPS"
},
{
"name": "ROLE_CREATE_GROUPS"
},
{
"name": "ROLE_UPDATE_GROUPS"
},
{
"name": "ROLE_DELETE_GROUPS"
},
{
"name": "ROLE_GET_PROFILES"
},
{
"name": "ROLE_GET_PROFILES_ALL_TENANTS"
}
]
});
db.profiles.insert({
"_id": "system_profile_profile",
"identifier" : NumberInt(3),
"name": "Profile System",
"description": "Profile System Profile",
"tenantIdentifier": NumberInt(3),
"applicationName": "PROFILES_APP",
"level": "",
"enabled": true,
"readonly": true,
"customerId": "system_customer",
"roles": [{
"name": "ROLE_GET_PROFILES"
},
{
"name": "ROLE_CREATE_PROFILES"
},
{
"name": "ROLE_UPDATE_PROFILES"
},
{
"name": "ROLE_DELETE_PROFILES"
},
{
"name": "ROLE_GET_GROUPS"
}
]
});
db.profiles.insert({
"_id": "system_customer_profile",
"identifier" : NumberInt(4),
"name": "Customer Profile",
"description": "Customer Profile",
"tenantIdentifier": NumberInt(3),
"applicationName": "CUSTOMERS_APP",
"level": "",
"enabled": true,
"readonly": true,
"customerId": "system_customer",
"roles": [{
"name": "ROLE_GET_CUSTOMERS"
},
{
"name": "ROLE_CREATE_CUSTOMERS"
},
{
"name": "ROLE_UPDATE_CUSTOMERS"
},
{
"name": "ROLE_GET_OWNERS"
},
{
"name": "ROLE_CREATE_OWNERS"
},
{
"name": "ROLE_UPDATE_OWNERS"
},
{
"name": "ROLE_GET_ALL_TENANTS"
},
{
"name": "ROLE_GET_TENANTS"
},
{
"name": "ROLE_CREATE_TENANTS"
},
{
"name": "ROLE_CREATE_TENANTS_ALL_CUSTOMERS"
},
{
"name": "ROLE_UPDATE_TENANTS"
},
{
"name": "ROLE_UPDATE_TENANTS_ALL_CUSTOMERS"
},
{
"name": "ROLE_GET_PROVIDERS"
},
{
"name": "ROLE_CREATE_PROVIDERS"
},
{
"name": "ROLE_UPDATE_PROVIDERS"
},
{
"name": "ROLE_CREATE_ACCESS_CONTRACTS"
}
]
});
db.profiles.insert({
"_id": "system_surrogate_profile",
"identifier" : NumberInt(5),
"name": "Surrogate Profile",
"description": "Surrogate Profile",
"tenantIdentifier": NumberInt(3),
"applicationName": "SUBROGATIONS_APP",
"level": "",
"enabled": true,
"readonly": true,
"customerId": "system_customer",
"roles": [{
"name": "ROLE_GET_SUBROGATIONS"
},
{
"name": "ROLE_CREATE_SUBROGATIONS"
},
{
"name": "ROLE_DELETE_SUBROGATIONS",
},
{
"name": "ROLE_GET_CUSTOMERS",
},
{
"name": "ROLE_GET_GROUPS_SUBROGATIONS",
},