Merge branch 'dev' into feature/extractingCoreLibrary

app/backend/src/main/resources/application-dev.properties

-spring.config.import=optional:classpath:.env[.properties]
-# Config for the OpencoDE platform
-# Token can be an empty string to access public repositories only
-opencode.host=https://gitlab.dev.o4oe.de/
-opencode.access-token=${OC_GL_APIKEY:}
-opencode.analyze-private-repos=true
-opencode.user-name=${OC_GL_USER:}
-# Tool APIs
-opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
-opencode.api.ort=/cve-result
-opencode.api.auth=https://sl.dev.o4oe.de/api/
-opencode.api.auth-api-key=${AUTH_API_KEY}
-# API key to access this server's API
-#  The api key is needed for all routes.
-#  the admin password is needed for the repo changed route.
-#  It is expected as basic auth with the admin username
-# details can be found in configuration/security/WebSecurityConfiguration.kt
-security.api-key=${API_KEY:}
-security.admin-password=${ADMIN_PASSWORD:}
-security.admin-username=${ADMIN_USERNAME:}
-security.cors-origin=${CORS_ORIGIN:}
-security.hmac-key=${HMAC_KEY:}
-# OCCMD specific settings
-# path to the occmd tool executable
-# this can e.g, be the occmd.sh script in this project
-occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY:}
-occmd.occmd-path=${OCCMD_PATH:}
-server.port=${PORT}
-management.server.port=${MANAGEMENT_PORT:}
-springdoc.use-management-port=${USE_MANAGEMENT_PORT:}
-management.endpoints.web.exposure.include=health,metrics, openapi, swagger-ui, logfile, loggers, prometheus, auditevents
-springdoc.show-actuator=true
-spring.main.web-application-type=REACTIVE
-# Generates db schema if it doesn't exist in db
-spring.jpa.generate-ddl=true
-spring.jpa.show-sql=false
-# This setting should only be used in dev. In prod we want to switch to update
-spring.jpa.hibernate.ddl-auto=update
-spring.jpa.properties.hibernate.format_sql=true
-spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
-spring.jpa.properties.hibernate.bytecode.use_reflection_optimizer=false
-spring.jpa.open-in-view=false
-spring.jpa.properties.hibernate.temp.use_jdbc_metadata_defaults=false
-spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.CockroachDialect
-# DB Login data
-spring.datasource.url=jdbc:postgresql://${DB_HOST:}:${DB_PORT:}/${DB_NAME:}?sslmode=disable&user=root
-spring.datasource.username=${DB_USER:}
-spring.datasource.driver-class-name=org.postgresql.Driver
-projects.project-ids=${PROJECT_IDS:}

app/backend/src/main/resources/application-prod.properties

-spring.config.import=optional:classpath:.env[.properties]
-# Config for the OpencoDE platform
-# Token can be an empty string to access public repositories only
-opencode.host=https://gitlab.opencode.de/
-opencode.access-token=${OC_GL_APIKEY:}
-# Tool APIs
-opencode.api.base-path=https://software.opencode.de/api/v1/project/
-opencode.api.ort=/cve-result
-# API key to access this server's API
-#  The api key is needed for all routes.
-#  the admin password is needed for the repo changed route.
-#  It is expected as basic auth with the admin username
-# details can be found in configuration/security/WebSecurityConfiguration.kt
-security.api-key=${API_KEY:}
-security.admin-password=${ADMIN_PASSWORD:}
-security.admin-username=${ADMIN_USERNAME:}
-security.cors-origin=${CORS_ORIGIN:}
-security.hmac-key=${HMAC_KEY:}
-# OCCMD specific settings
-# path to the occmd tool executable
-# this can e.g, be the occmd.sh script in this project
-occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY:}
-occmd.occmd-path=${OCCMD_PATH:}
-server.port=${PORT}
-management.server.port=${MANAGEMENT_PORT:}
-springdoc.use-management-port=true
-management.endpoints.web.exposure.include=health,metrics, openapi, swagger-ui, logfile, loggers, prometheus, auditevents
-springdoc.show-actuator=true
-spring.main.web-application-type=REACTIVE
-# Generates db schema if it doesn't exist in db
-spring.jpa.generate-ddl=true
-spring.jpa.show-sql=false
-# This setting should only be used in dev. In prod we want to switch to update
-spring.jpa.hibernate.ddl-auto=validate
-spring.jpa.properties.hibernate.format_sql=true
-spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
-spring.jpa.properties.hibernate.bytecode.use_reflection_optimizer=false
-spring.jpa.open-in-view=false
-spring.jpa.properties.hibernate.temp.use_jdbc_metadata_defaults=false
-spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.CockroachDialect
-# DB Login data
-spring.datasource.url=jdbc:postgresql://${host}:26257/${DB_USER}?sslmode=${ssl_mode}&sslrootcert=${ca_crt}&sslcert=${ssl_cert}&sslkey=${ssl_key}
-spring.datasource.username=${DB_USER:}
-projects.project-ids=1108, 888, 438, 1189, 820, 788, 400, 1052

app/backend/src/main/resources/application-local.properties → app/backend/src/main/resources/application.properties

-spring.config.import=optional:classpath:.env[.properties]
 # Config for the OpencoDE platform
 # Token can be an empty string to access public repositories only
-opencode.host=https://gitlab.dev.o4oe.de/
-opencode.access-token=${OC_GL_APIKEY:}
-opencode.analyze-private-repos=true
-opencode.user-name=${OC_GL_USER:}
-# Tool APIs
-opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
-opencode.api.ort=/cve-result
+opencode.host=https://gitlab.opencode.de/
+opencode.access-token=${OC_GL_APIKEY}
+opencode.user-name=${OC_GL_USER}
+projects.project-ids=${PROJECT_IDS}
+
 # API key to access this server's API
-#  The api key is needed for all routes.
-#  the admin password is needed for the repo changed route.
-#  It is expected as basic auth with the admin username
+# The api key is needed for all routes.
+# the admin password is needed for the repo changed route.
+# It is expected as basic auth with the admin username
 # details can be found in configuration/security/WebSecurityConfiguration.kt
-security.api-key=${API_KEY:}
-security.admin-password=${ADMIN_PASSWORD:}
-security.admin-username=${ADMIN_USERNAME:}
-security.cors-origin=${CORS_ORIGIN:}
-security.hmac-key=${HMAC_KEY:}
+security.api-key=${API_KEY}
+security.admin-password=${ADMIN_PASSWORD}
+security.admin-username=${ADMIN_USERNAME}
+security.cors-origin=${CORS_ORIGIN}
+security.hmac-key=${HMAC_KEY}
+
+# Tool APIs
+opencode.api.base-path=https://software.opencode.de/api/v1/project/
+opencode.api.ort=/cve-result
+opencode.api.auth=https://sl.dev.o4oe.de/api/
+opencode.api.auth-api-key=${AUTH_API_KEY}
+
 # OCCMD specific settings
 # path to the occmd tool executable
 # this can e.g, be the occmd.sh script in this project
-occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY:}
-occmd.occmd-path=${OCCMD_PATH:}
-server.port=${PORT}
-management.server.port=${MANAGEMENT_PORT:}
+occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY}
+occmd.occmd-path=${OCCMD_PATH}
+
+# Spring actuator settings
+management.server.port=${MANAGEMENT_PORT}
 springdoc.use-management-port=true
 management.endpoints.web.exposure.include=health,metrics, openapi, swagger-ui, logfile, loggers, prometheus, auditevents
 springdoc.show-actuator=true
 spring.main.web-application-type=REACTIVE
-# Generates db schema if it doesn't exist in db
-spring.jpa.generate-ddl=true
-spring.jpa.show-sql=false
-# This setting should only be used in dev. In prod we want to switch to update
-spring.jpa.hibernate.ddl-auto=create-drop
+server.port=${PORT}
+
+# Database Settings
+spring.jpa.hibernate.ddl-auto=validate
 spring.jpa.properties.hibernate.format_sql=true
 spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
 spring.jpa.properties.hibernate.bytecode.use_reflection_optimizer=false
 spring.jpa.open-in-view=false
 spring.jpa.properties.hibernate.temp.use_jdbc_metadata_defaults=false
 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.CockroachDialect
-opencode.api.auth=https://sl.dev.o4oe.de/api/receive-session/
-opencode.api.auth-api-key=${AUTH_API_KEY}
-# DB Login data
-spring.datasource.url=${DB_URL:}
-spring.datasource.username=${DB_USER:}
-spring.datasource.password=${DB_PW:}
+
+# DB settings
+spring.datasource.url=jdbc:postgresql://${host}:26257/${DB_USER}?sslmode=${ssl_mode}&sslrootcert=${ca_crt}&sslcert=${ssl_cert}&sslkey=${ssl_key}
+spring.datasource.username=${DB_USER}
 spring.datasource.driver-class-name=org.postgresql.Driver
-projects.project-ids=159, 161
-#, 888, 438, 1189, 820, 788, 400, 1052
+# Generates db schema if it doesn't exist in db
+spring.jpa.generate-ddl=true
+spring.jpa.show-sql=false
+#---
+spring.config.activate.on-profile=local
+opencode.host=https://gitlab.opencode.de/
+opencode.analyze-private-repos=true
+
+# Tool APIs
+opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
+opencode.api.auth=https://sl.dev.o4oe.de/api/receive-session/
+
+# Database Settings
+spring.datasource.url=jdbc:postgresql://${host}:${DB_PORT}/${DB_NAME}?sslmode=disable&user=root
+spring.jpa.hibernate.ddl-auto=create-drop
+
+# Import local .env
+spring.config.import=optional:classpath:.env[.properties]
+
+#---
+spring.config.activate.on-profile=dev
+# Config for the OpencoDE platform
+opencode.host=https://gitlab.dev.o4oe.de/
+opencode.analyze-private-repos=true
+
+# Tool APIs
+opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
+opencode.api.auth=https://sl.dev.o4oe.de/api/
+
+# Database Settings
+spring.datasource.url=jdbc:postgresql://${host}:${DB_PORT}/${DB_NAME}?sslmode=disable&user=root
+spring.jpa.hibernate.ddl-auto=update
+
+#---
+spring.config.activate.on-profile=prod

docker-compose.yml

@@ -18,24 +18,21 @@ services:
             - OC_GL_APIKEY=${SECRET_OC_GL_APIKEY}
             - XDG_CONFIG_HOME=/app/.config/
             - GIT_CLONE_TARGET_DIRECTORY=/app/git/
-            - USE_MANAGEMENT_PORT=false
             - MANAGEMENT_PORT=4001
             - PROJECT_IDS=1448,2991,1317,560,2188,2155,2149,2235 # occmd-public, Covid19 fraud detection, Opendesk, Helm chart, e2e tests
             - CORS_ORIGIN=* # Must be without quotes i.e. allow everything: * | originally https://sec-kpi.opencode.de
 
             - PORT=4000
-            - DB_HOST=db
+            - host=db
             - DB_USER=sa
             - DB_NAME=dataprovider
             - DB_PORT=26257
-            - HMAC_KEY=123456789012345678901234567890
 
             - ADMIN_PASSWORD=01234567890123456789
             - ADMIN_USERNAME=012345678901234567890123456789
+            - HMAC_KEY=012345678901234567890123456789
             - API_KEY=012345678901234567890123456789
 
             - SPRING_PROFILES_ACTIVE=local
         ports:
             - 4000:4000
-        volumes:
-            - ./app/backend/src/main/resources/application-local.properties:/app/application-local.properties

kubernetes/configmap-prod.yaml

@@ -9,3 +9,5 @@ data:
     MANAGEMENT_PORT: "5001"
     XDG_CONFIG_HOME: "/app/.config"
     CORS_ORIGIN: "https://sec-kpi.opencode.de"
+    PROJECT_IDS: 1108, 888, 438, 1189, 820, 788, 400, 1052
+    SPRING_PROFILES_ACTIVE: prod

kubernetes/configmap.yaml

@@ -9,3 +9,5 @@ data:
     MANAGEMENT_PORT: "5001"
     XDG_CONFIG_HOME: "/app/.config"
     CORS_ORIGIN: "*"
+    PROJECT_IDS: 159,106, 124
+    SPRING_PROFILES_ACTIVE: dev