This is an automated email from the ASF dual-hosted git repository. ilgrosso pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push: new 43cdad3b52 [SYNCOPE-1714] Now projects from archetype feature a docker profile 43cdad3b52 is described below commit 43cdad3b52ff54f146b75a29be0d2421b4caa33f Author: Francesco Chicchiriccò <ilgro...@apache.org> AuthorDate: Tue Nov 22 15:44:02 2022 +0100 [SYNCOPE-1714] Now projects from archetype feature a docker profile --- .../resources/archetype-resources/console/pom.xml | 16 ++ .../resources/archetype-resources/core/pom.xml | 17 +- .../resources/archetype-resources/enduser/pom.xml | 16 ++ .../main/resources/archetype-resources/fit/pom.xml | 251 ++++++++++++++++++++- .../fit/src/test/resources/keystore.p12 | Bin 0 -> 2584 bytes .../main/resources/archetype-resources/sra/pom.xml | 1 + .../main/resources/archetype-resources/wa/pom.xml | 16 ++ .../src/test/resources/wa-docker-https.properties | 6 + docker/sra/src/main/resources/Dockerfile | 2 +- src/main/asciidoc/getting-started/obtain.adoc | 75 +++++- .../reference-guide/usage/customization.adoc | 1 + 11 files changed, 396 insertions(+), 5 deletions(-) diff --git a/archetype/src/main/resources/archetype-resources/console/pom.xml b/archetype/src/main/resources/archetype-resources/console/pom.xml index db5f4f5f42..b1bca65547 100644 --- a/archetype/src/main/resources/archetype-resources/console/pom.xml +++ b/archetype/src/main/resources/archetype-resources/console/pom.xml @@ -150,5 +150,21 @@ under the License. </plugins> </build> </profile> + + <profile> + <id>docker</id> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <configuration> + <attachClasses>true</attachClasses> + </configuration> + </plugin> + </plugins> + </build> + </profile> </profiles> </project> diff --git a/archetype/src/main/resources/archetype-resources/core/pom.xml b/archetype/src/main/resources/archetype-resources/core/pom.xml index c4e82b50a0..602e5280b2 100644 --- a/archetype/src/main/resources/archetype-resources/core/pom.xml +++ b/archetype/src/main/resources/archetype-resources/core/pom.xml @@ -210,6 +210,21 @@ under the License. </plugins> </build> </profile> - </profiles> + <profile> + <id>docker</id> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <configuration> + <attachClasses>true</attachClasses> + </configuration> + </plugin> + </plugins> + </build> + </profile> + </profiles> </project> diff --git a/archetype/src/main/resources/archetype-resources/enduser/pom.xml b/archetype/src/main/resources/archetype-resources/enduser/pom.xml index c6cf90c33c..04dbfa86d3 100644 --- a/archetype/src/main/resources/archetype-resources/enduser/pom.xml +++ b/archetype/src/main/resources/archetype-resources/enduser/pom.xml @@ -177,5 +177,21 @@ under the License. </plugins> </build> </profile> + + <profile> + <id>docker</id> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <configuration> + <attachClasses>true</attachClasses> + </configuration> + </plugin> + </plugins> + </build> + </profile> </profiles> </project> diff --git a/archetype/src/main/resources/archetype-resources/fit/pom.xml b/archetype/src/main/resources/archetype-resources/fit/pom.xml index ce7edc67e3..c86708ab69 100644 --- a/archetype/src/main/resources/archetype-resources/fit/pom.xml +++ b/archetype/src/main/resources/archetype-resources/fit/pom.xml @@ -195,7 +195,7 @@ under the License. <argument>-Djavax.net.ssl.trustStore=${basedir}/src/test/resources/keystore.jks</argument> <argument>-Djavax.net.ssl.trustStorePassword=password</argument> <argument>-jar</argument> - <argument>${basedir}/../sra/target/syncope-sra.jar</argument> + <argument>${basedir}/../sra/target/syncope-sra-exec.jar</argument> <argument>-Dreactor.netty.http.server.accessLogEnabled=true</argument> </arguments> <environmentVariables> @@ -246,6 +246,7 @@ under the License. <properties> <cargo.jvmargs> -Dspring.profiles.active=${spring.profiles.active} + -Dwicket.ioc.useByteBuddy=true -Xmx1024m -Xms512m</cargo.jvmargs> <cargo.servlet.port>9443</cargo.servlet.port> @@ -324,5 +325,253 @@ under the License. <defaultGoal>clean verify cargo:run</defaultGoal> </build> </profile> + + <profile> + <id>docker</id> + + <properties> + <exec.skip>true</exec.skip> + <docker.autoCreateCustomNetworks>true</docker.autoCreateCustomNetworks> + </properties> + + <dependencies> + <dependency> + <groupId>${groupId}</groupId> + <artifactId>syncope-core</artifactId> + <version>${project.version}</version> + <classifier>classes</classifier> + </dependency> + <dependency> + <groupId>${groupId}</groupId> + <artifactId>syncope-console</artifactId> + <version>${project.version}</version> + <classifier>classes</classifier> + </dependency> + <dependency> + <groupId>${groupId}</groupId> + <artifactId>syncope-enduser</artifactId> + <version>${project.version}</version> + <classifier>classes</classifier> + </dependency> + <dependency> + <groupId>${groupId}</groupId> + <artifactId>syncope-wa</artifactId> + <version>${project.version}</version> + <classifier>classes</classifier> + </dependency> + <dependency> + <groupId>${groupId}</groupId> + <artifactId>syncope-sra</artifactId> + <version>${project.version}</version> + </dependency> + </dependencies> + + <build> + <defaultGoal>clean package io.fabric8:docker-maven-plugin:start</defaultGoal> + + <plugins> + <plugin> + <groupId>io.fabric8</groupId> + <artifactId>docker-maven-plugin</artifactId> + <configuration> + <verbose>true</verbose> + <images> + <image> + <alias>postgres</alias> + <name>postgres:${docker.postgresql.version}</name> + <run> + <containerNamePattern>%a</containerNamePattern> + <env> + <POSTGRES_DB>syncope</POSTGRES_DB> + <POSTGRES_USER>syncope</POSTGRES_USER> + <POSTGRES_PASSWORD>syncope</POSTGRES_PASSWORD> + </env> + <wait> + <log>database system is ready to accept connections</log> + <time>30000</time> + </wait> + <tmpfs> + <mount>/var/lib/postgresql/data:rw</mount> + </tmpfs> + <network> + <name>archetype</name> + <mode>custom</mode> + </network> + </run> + </image> + + <image> + <alias>syncope</alias> + <name>apache/syncope:${syncope.version}</name> + <run> + <containerNamePattern>%a</containerNamePattern> + <dependsOn> + <container>postgres</container> + </dependsOn> + <env> + <SPRING_PROFILES_ACTIVE>docker,postgresql,all</SPRING_PROFILES_ACTIVE> + <DB_URL>jdbc:postgresql://postgres:5432/syncope?stringtype=unspecified</DB_URL> + <DB_USER>syncope</DB_USER> + <DB_PASSWORD>syncope</DB_PASSWORD> + <DB_POOL_MAX>10</DB_POOL_MAX> + <DB_POOL_MIN>2</DB_POOL_MIN> + <OPENJPA_REMOTE_COMMIT>sjvm</OPENJPA_REMOTE_COMMIT> + <SERVICE_DISCOVERY_ADDRESS>http://syncope:8080/syncope/rest/</SERVICE_DISCOVERY_ADDRESS> + <KEYMASTER_ADDRESS>http://syncope:8080/syncope/rest/keymaster</KEYMASTER_ADDRESS> + <KEYMASTER_USERNAME>${anonymousUser}</KEYMASTER_USERNAME> + <KEYMASTER_PASSWORD>${anonymousKey}</KEYMASTER_PASSWORD> + <ANONYMOUS_USER>${anonymousUser}</ANONYMOUS_USER> + <ANONYMOUS_KEY>${anonymousKey}</ANONYMOUS_KEY> + </env> + <volumes> + <bind> + <volume>${basedir}/../core/target/classes/domains/MasterContent.xml:/opt/syncope/conf/domains/MasterContent.xml:ro</volume> + <volume>${settings.localRepository}/${groupId}/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/${groupId}-syncope-core-classes.jar:ro</volume> + </bind> + </volumes> + <network> + <name>archetype</name> + <mode>custom</mode> + </network> + </run> + </image> + + <image> + <alias>syncope-console</alias> + <name>apache/syncope-console:${syncope.version}</name> + <run> + <containerNamePattern>%a</containerNamePattern> + <dependsOn> + <container>syncope</container> + </dependsOn> + <env> + <JAVA_OPTS>-Dfile.encoding=UTF-8 -Dwicket.ioc.useByteBuddy=true -server -Xms1536m -Xmx1536m + -XX:NewSize=256m -XX:MaxNewSize=256m -XX:+DisableExplicitGC + -Djava.security.egd=file:/dev/./urandom + -Djavax.net.ssl.trustStore=/opt/syncope/conf/keystore.p12 + -Djavax.net.ssl.trustStorePassword=password</JAVA_OPTS> + <SPRING_PROFILES_ACTIVE>docker,all</SPRING_PROFILES_ACTIVE> + <SERVICE_DISCOVERY_ADDRESS>http://syncope-console:8080/syncope-console/</SERVICE_DISCOVERY_ADDRESS> + <KEYMASTER_ADDRESS>http://syncope:8080/syncope/rest/keymaster</KEYMASTER_ADDRESS> + <KEYMASTER_USERNAME>${anonymousUser}</KEYMASTER_USERNAME> + <KEYMASTER_PASSWORD>${anonymousKey}</KEYMASTER_PASSWORD> + <ANONYMOUS_USER>${anonymousUser}</ANONYMOUS_USER> + <ANONYMOUS_KEY>${anonymousKey}</ANONYMOUS_KEY> + </env> + <volumes> + <bind> + <volume>${basedir}/src/test/resources/keystore.p12:/opt/syncope/conf/keystore.p12:ro</volume> + <volume>${settings.localRepository}/${groupId}/syncope-console/${project.version}/syncope-console-${project.version}-classes.jar:/opt/syncope/lib/${groupId}-syncope-console-classes.jar:ro</volume> + </bind> + </volumes> + <network> + <name>archetype</name> + <mode>custom</mode> + </network> + <cmd>wait-for-it syncope:8080 -t 60 -- /opt/syncope/bin/startup.sh</cmd> + </run> + </image> + + <image> + <alias>syncope-enduser</alias> + <name>apache/syncope-enduser:${syncope.version}</name> + <run> + <containerNamePattern>%a</containerNamePattern> + <dependsOn> + <container>syncope</container> + </dependsOn> + <env> + <SPRING_PROFILES_ACTIVE>docker,all</SPRING_PROFILES_ACTIVE> + <SERVICE_DISCOVERY_ADDRESS>http://syncope-enduser:8080/syncope-console/</SERVICE_DISCOVERY_ADDRESS> + <KEYMASTER_ADDRESS>http://syncope:8080/syncope/rest/keymaster</KEYMASTER_ADDRESS> + <KEYMASTER_USERNAME>${anonymousUser}</KEYMASTER_USERNAME> + <KEYMASTER_PASSWORD>${anonymousKey}</KEYMASTER_PASSWORD> + <ANONYMOUS_USER>${anonymousUser}</ANONYMOUS_USER> + <ANONYMOUS_KEY>${anonymousKey}</ANONYMOUS_KEY> + </env> + <volumes> + <bind> + <volume>${settings.localRepository}/${groupId}/syncope-enduser/${project.version}/syncope-enduser-${project.version}-classes.jar:/opt/syncope/lib/${groupId}-syncope-enduser-classes.jar:ro</volume> + </bind> + </volumes> + <network> + <name>archetype</name> + <mode>custom</mode> + </network> + <cmd>wait-for-it syncope:8080 -t 60 -- /opt/syncope/bin/startup.sh</cmd> + </run> + </image> + + <image> + <alias>syncope-wa</alias> + <name>apache/syncope-wa:${syncope.version}</name> + <run> + <containerNamePattern>%a</containerNamePattern> + <dependsOn> + <container>syncope</container> + </dependsOn> + <env> + <SPRING_PROFILES_ACTIVE>docker,docker-https,all</SPRING_PROFILES_ACTIVE> + <CAS_SERVER_NAME>https://localhost:9443</CAS_SERVER_NAME> + <SERVICE_DISCOVERY_ADDRESS>https://syncope-wa:9443/syncope-wa/</SERVICE_DISCOVERY_ADDRESS> + <KEYMASTER_ADDRESS>http://syncope:8080/syncope/rest/keymaster</KEYMASTER_ADDRESS> + <KEYMASTER_USERNAME>${anonymousUser}</KEYMASTER_USERNAME> + <KEYMASTER_PASSWORD>${anonymousKey}</KEYMASTER_PASSWORD> + <ANONYMOUS_USER>${anonymousUser}</ANONYMOUS_USER> + <ANONYMOUS_KEY>${anonymousKey}</ANONYMOUS_KEY> + </env> + <volumes> + <bind> + <volume>${basedir}/../wa/src/test/resources/wa-docker-https.properties:/opt/syncope/conf/wa-docker-https.properties:ro</volume> + <volume>${basedir}/src/test/resources/keystore.p12:/opt/syncope/conf/keystore.p12:ro</volume> + <volume>${settings.localRepository}/${groupId}/syncope-wa/${project.version}/syncope-wa-${project.version}-classes.jar:/opt/syncope/lib/${groupId}-syncope-wa-classes.jar:ro</volume> + </bind> + </volumes> + <network> + <name>archetype</name> + <mode>custom</mode> + </network> + <ports> + <port>9443:9443</port> + </ports> + <cmd>wait-for-it syncope:8080 -t 60 -- /opt/syncope/bin/startup.sh</cmd> + </run> + </image> + + <image> + <alias>syncope-sra</alias> + <name>apache/syncope-sra:${syncope.version}</name> + <run> + <containerNamePattern>%a</containerNamePattern> + <dependsOn> + <container>syncope</container> + </dependsOn> + <env> + <SPRING_PROFILES_ACTIVE>docker,all</SPRING_PROFILES_ACTIVE> + <SERVICE_DISCOVERY_ADDRESS>http://syncope-sra:8080/</SERVICE_DISCOVERY_ADDRESS> + <KEYMASTER_ADDRESS>http://syncope:8080/syncope/rest/keymaster</KEYMASTER_ADDRESS> + <KEYMASTER_USERNAME>${anonymousUser}</KEYMASTER_USERNAME> + <KEYMASTER_PASSWORD>${anonymousKey}</KEYMASTER_PASSWORD> + <ANONYMOUS_USER>${anonymousUser}</ANONYMOUS_USER> + <ANONYMOUS_KEY>${anonymousKey}</ANONYMOUS_KEY> + </env> + <volumes> + <bind> + <volume>${settings.localRepository}/${groupId}/syncope-sra/${project.version}/syncope-sra-${project.version}.jar:/opt/syncope/lib/${groupId}-syncope-sra.jar:ro</volume> + </bind> + </volumes> + <network> + <name>archetype</name> + <mode>custom</mode> + </network> + <cmd>wait-for-it syncope:8080 -t 60 -- /opt/syncope/bin/startup.sh</cmd> + </run> + </image> + </images> + </configuration> + </plugin> + </plugins> + </build> + </profile> </profiles> </project> diff --git a/archetype/src/main/resources/archetype-resources/fit/src/test/resources/keystore.p12 b/archetype/src/main/resources/archetype-resources/fit/src/test/resources/keystore.p12 new file mode 100644 index 0000000000..e00adc1f14 Binary files /dev/null and b/archetype/src/main/resources/archetype-resources/fit/src/test/resources/keystore.p12 differ diff --git a/archetype/src/main/resources/archetype-resources/sra/pom.xml b/archetype/src/main/resources/archetype-resources/sra/pom.xml index 1547499cb6..eecb56d6cd 100644 --- a/archetype/src/main/resources/archetype-resources/sra/pom.xml +++ b/archetype/src/main/resources/archetype-resources/sra/pom.xml @@ -64,6 +64,7 @@ under the License. <configuration> <mainClass>org.apache.syncope.sra.SyncopeSRAApplication</mainClass> <layout>ZIP</layout> + <classifier>exec</classifier> </configuration> <executions> <execution> diff --git a/archetype/src/main/resources/archetype-resources/wa/pom.xml b/archetype/src/main/resources/archetype-resources/wa/pom.xml index 30bfb10273..cab9c2420c 100644 --- a/archetype/src/main/resources/archetype-resources/wa/pom.xml +++ b/archetype/src/main/resources/archetype-resources/wa/pom.xml @@ -135,5 +135,21 @@ under the License. </plugins> </build> </profile> + + <profile> + <id>docker</id> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <configuration> + <attachClasses>true</attachClasses> + </configuration> + </plugin> + </plugins> + </build> + </profile> </profiles> </project> diff --git a/archetype/src/main/resources/archetype-resources/wa/src/test/resources/wa-docker-https.properties b/archetype/src/main/resources/archetype-resources/wa/src/test/resources/wa-docker-https.properties new file mode 100644 index 0000000000..965bee7606 --- /dev/null +++ b/archetype/src/main/resources/archetype-resources/wa/src/test/resources/wa-docker-https.properties @@ -0,0 +1,6 @@ +server.port=9443 +server.ssl.key-store=/opt/syncope/conf/keystore.p12 +server.ssl.key-store-type=PKCS12 +server.ssl.key-store-password=password +server.ssl.key-alias=tomcat +server.ssl.key-password=password diff --git a/docker/sra/src/main/resources/Dockerfile b/docker/sra/src/main/resources/Dockerfile index 372e0509e5..566a6c9ca2 100644 --- a/docker/sra/src/main/resources/Dockerfile +++ b/docker/sra/src/main/resources/Dockerfile @@ -39,6 +39,6 @@ COPY startup.sh /opt/syncope/bin RUN chmod 755 /opt/syncope/bin/startup.sh CMD ["/opt/syncope/bin/startup.sh"] -RUN curl -o /usr/local/bin/wait-for-it https://github.com/vishnubob/wait-for-it/blob/master/wait-for-it.sh && chmod 755 /usr/local/bin/wait-for-it +RUN curl -o /usr/local/bin/wait-for-it https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh && chmod 755 /usr/local/bin/wait-for-it EXPOSE 8080 diff --git a/src/main/asciidoc/getting-started/obtain.adoc b/src/main/asciidoc/getting-started/obtain.adoc index e4d46801b9..457ffd117a 100644 --- a/src/main/asciidoc/getting-started/obtain.adoc +++ b/src/main/asciidoc/getting-started/obtain.adoc @@ -642,8 +642,8 @@ $ mvn -P embedded,all ===== Paths and Components [WARNING] -While accessing the URLs below, your browser will warn that the presented TLS certificate is invalid: it is safe to -just ignore the message, take the risk and discover how deep does the rabbit hole go. Not for production, of course. +While accessing some of the URLs below, your browser will warn that the presented TLS certificate is invalid: it is safe +to just ignore the message, take the risk and discover how deep does the rabbit hole go. Not for production, of course. [cols="1,2"] |=== @@ -701,3 +701,74 @@ You can configure any LDAP client (such as http://jxplorer.org/[JXplorer^], for Click 'Connect' button |=== + +==== Docker Mode + +It is possible to build and run projects generated from Maven archetype by configuring and extending the published +<<docker-images>>. + +From the top-level directory of your project, execute: + +[source,bash] +$ mvn -P docker,all clean install + +then, from the `fit` subdirectory, execute: + +[source,bash] +$ mvn -P docker + +[TIP] +The settings shown in `fit/pom.xml` under the `docker` profile can be taken as reference to orchestrate actual +deployments. + +===== Paths and Components + +[WARNING] +While accessing some of the URLs below, your browser will warn that the presented TLS certificate is invalid: it is safe +to just ignore the message, take the risk and discover how deep does the rabbit hole go. Not for production, of course. + +[NOTE] +==== +The hostnames below, e.g. + +. `syncope` +. `syncope-console` +. `syncope-enduser` +. `syncope-sra` + +are to be manually resolved to their respective local IP addresses in use by your current deployment. + +For example: + +[source,bash] +---- + $ docker inspect -f \ + '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' \ + syncope +---- + +will return the actual IP address assigned to the `syncope` container. +==== + +The following services will be available: + +[cols="1,2"] +|=== + +| REST API reference +| http://syncope:8080/syncope/ + +| Admin UI +| http://syncope-console:8080/syncope-console/ + +Credentials: `admin` / `password` + +| End-user UI +| http://syncope-enduser:8080/syncope-enduser/ + +| WA +| https://localhost:9443/syncope-wa/ + +| SRA +| http://syncope-sra:8080/ + +|=== diff --git a/src/main/asciidoc/reference-guide/usage/customization.adoc b/src/main/asciidoc/reference-guide/usage/customization.adoc index 2b065e1456..fc7b0f2713 100644 --- a/src/main/asciidoc/reference-guide/usage/customization.adoc +++ b/src/main/asciidoc/reference-guide/usage/customization.adoc @@ -95,6 +95,7 @@ straightforward: just add the `<profile>` below to `fit/pom.xml`: <cargo.jvmargs> -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n + -Dwicket.ioc.useByteBuddy=true -Dspring.profiles.active=embedded -Xmx1024m -Xms512m </cargo.jvmargs>