rodrigorodrigues
diff --git a/‎.github/workflows/docker-build-push-image-authentication-service.yml‎
Lines changed: 17 additions & 17 deletions b/‎.github/workflows/docker-build-push-image-authentication-service.yml‎
Lines changed: 17 additions & 17 deletions
diff --git a/‎.github/workflows/docker-build-push-image-edge-service.yml‎
Lines changed: 62 additions & 0 deletions b/‎.github/workflows/docker-build-push-image-edge-service.yml‎
Lines changed: 62 additions & 0 deletions
diff --git a/‎.github/workflows/kubernetes/deployment-authentication-service.yml‎
Lines changed: 9 additions & 5 deletions b/‎.github/workflows/kubernetes/deployment-authentication-service.yml‎
Lines changed: 9 additions & 5 deletions
diff --git a/‎.github/workflows/kubernetes/deployment-edge-server.yml‎
Lines changed: 16 additions & 9 deletions b/‎.github/workflows/kubernetes/deployment-edge-server.yml‎
Lines changed: 16 additions & 9 deletions
diff --git a/‎.github/workflows/kubernetes/deployment-kotlin-service.yml‎
Lines changed: 4 additions & 0 deletions b/‎.github/workflows/kubernetes/deployment-kotlin-service.yml‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎.github/workflows/kubernetes/deployment-oauth2-proxy.yml‎
Lines changed: 59 additions & 0 deletions b/‎.github/workflows/kubernetes/deployment-oauth2-proxy.yml‎
Lines changed: 59 additions & 0 deletions
diff --git a/‎.github/workflows/kubernetes/deployment-person-service.yml‎
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/kubernetes/deployment-person-service.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/kubernetes/secrets.yml‎
Lines changed: 3 additions & 1 deletion b/‎.github/workflows/kubernetes/secrets.yml‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎.gitignore‎
Lines changed: 5 additions & 1 deletion b/‎.gitignore‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎admin-server/src/main/java/com/springboot/adminserver/AdminServerApplication.java‎
Lines changed: 10 additions & 0 deletions b/‎admin-server/src/main/java/com/springboot/adminserver/AdminServerApplication.java‎
Lines changed: 10 additions & 0 deletions
@@ -78,23 +78,23 @@ jobs:
         run: echo ${{ steps.docker_build.outputs.digest }}
 
       # Build Docker image using spring-boot:build-image
-      - name: Build Service using spring-boot:build-image
-        run: |
-          mvn clean package -DskipTests -q -pl authentication-service -am -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -Pspring-native
-
-      # Tag image
-      - name: Tag & publish to GitHub Container Registry
-        run: |
-          docker tag authentication-service:0.0.1-SNAPSHOT fielcapao/microservices-design-patterns-authentication-service:0.0.1-SNAPSHOT
-#          docker push fielcapao/microservices-design-patterns-authentication-service:0.0.1-SNAPSHOT
-
-      - name: Create and push manifest images
-        uses: Noelware/docker-manifest-action@master # or use whatever version.
-        with:
-          base-image: fielcapao/microservices-design-patterns-authentication-service:0.0.1-SNAPSHOT
-          extra-images: fielcapao/microservices-design-patterns-authentication-service:0.0.1-SNAPSHOT-arm64
-
-          push: true
+#      - name: Build Service using spring-boot:build-image
+#        run: |
+#          mvn clean package -DskipTests -q -pl authentication-service -am -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -Pspring-native
+#
+#      # Tag image
+#      - name: Tag & publish to GitHub Container Registry
+#        run: |
+#          docker tag authentication-service:0.0.1-SNAPSHOT fielcapao/microservices-design-patterns-authentication-service:0.0.1-SNAPSHOT
+##          docker push fielcapao/microservices-design-patterns-authentication-service:0.0.1-SNAPSHOT
+#
+#      - name: Create and push manifest images
+#        uses: Noelware/docker-manifest-action@master # or use whatever version.
+#        with:
+#          base-image: fielcapao/microservices-design-patterns-authentication-service:0.0.1-SNAPSHOT
+#          extra-images: fielcapao/microservices-design-patterns-authentication-service:0.0.1-SNAPSHOT-arm64
+#
+#          push: true
 # Setup gcloud CLI
 #      - name: Setup Google Cloud
 #        uses: google-github-actions/setup-gcloud@master
 
@@ -0,0 +1,62 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CI - Build and push Docker images - Edge Service
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the master branch
+on:
+  push:
+    branches: [ master ]
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    if: contains(toJson(github), 'build edge-server')
+    name: Build Jar/Docker Image and Publish to DockerHub
+
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      # Set up JDK
+      - name: JDK
+        uses: actions/setup-java@v1
+        with:
+          java-version: 17
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      # Login to Dockerhub
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      # Build Docker image using docker:build
+      - name: Build Service using docker:build
+        run: |
+          mvn clean package -DskipTests -Pkubernetes -q -pl edge-server -am -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -Dspring.profiles.active=travis docker:build
+
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: ./edge-server/target/docker/edge-server/build
+          file: ./edge-server/target/docker/edge-server/build/Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: fielcapao/microservices-design-patterns-edge-server:latest
+
+      - name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}
@@ -49,13 +49,13 @@ spec:
             - name: SERVER_PORT
               value: "9999"
             - name: SPRING_PROFILES_ACTIVE
-              value: prod
+              value: auth,prod
             - name: SPRING_DATA_MONGODB_URI
-              value: mongodb://mongodb:27017
+              value: mongodb://192.168.1.5:27017
             - name: SPRING_DATA_MONGODB_DATABASE
               value: docker
             - name: SPRING_REDIS_HOST
-              value: redis
+              value: 192.168.1.5
             - name: SPRING_CLOUD_CONSUL_ENABLED
               value: "false"
             - name: OPENTRACING_JAEGER_ENABLED
@@ -78,8 +78,12 @@ spec:
               value: file:/etc/ssl_certs/www.spendingbetter.com.jks
             - name: KEYSTORE_ALIAS
               value: spendingbetter
-            - name: LOGGING_LEVEL_ORG_SPRINGFRAMEWORK
-              value: "trace"
+#            - name: LOGGING_LEVEL_ORG_SPRINGFRAMEWORK
+#              value: "trace"
+            - name: COM_MICROSERVICE_AUTHENTICATION_REDIS_ENABLED
+              value: "false"
+            - name: SPRING_SESSION_STORE_TYPE
+              value: "none"
           ports:
             - containerPort: 9999
           livenessProbe:
 
@@ -32,7 +32,7 @@ spec:
     spec:
       containers:
         - name: edge-server
-          image: edge-server:0.0.1-SNAPSHOT
+          image: edge-server:0.0.1-SNAPSHOT #edge-server:0.0.1-SNAPSHOT
           resources:
             requests:
               memory: "256Mi"
@@ -42,19 +42,22 @@ spec:
             - name: spendingbetter-pub-key
               mountPath: "/etc/ssl_certs_pub"
               readOnly: true
+            - name: spendingbetter-jks
+              mountPath: "/etc/ssl_certs"
+              readOnly: true
           env:
             - name: JAVA_OPTS
-              value: -Xss256K -Xms1M -XX:+UseSerialGC -Djava.compiler=none -XX:ReservedCodeCacheSize=2496k -XX:MaxDirectMemorySize=1M
+              value: -Xss256K -Xms1M -XX:+UseSerialGC -Djava.compiler=none -XX:ReservedCodeCacheSize=2496k -XX:MaxDirectMemorySize=1M #-Xms256m -Xmx512m
             - name: SERVER_PORT
               value: "8080"
             - name: SPRING_PROFILES_ACTIVE
-              value: prod
+              value: auth,prod
             - name: SPRING_DATA_MONGODB_URI
-              value: mongodb://mongodb:27017
+              value: mongodb://192.168.1.5:27017
             - name: SPRING_DATA_MONGODB_DATABASE
               value: docker
             - name: SPRING_REDIS_HOST
-              value: redis
+              value: 192.168.1.5
             - name: SPRING_CLOUD_CONSUL_ENABLED
               value: "false"
             - name: OPENTRACING_JAEGER_ENABLED
@@ -70,11 +73,13 @@ spec:
             - name: KEYSTORE_PASSWORD
               value: Cert202!
             - name: KEYSTORE
-              value: file:/etc/ssl_certs_pub/www.spendingbetter.com.pub
+              value: file:/etc/ssl_certs/www.spendingbetter.com.jks
+#            - name: KEYSTORE
+#              value: file:/etc/ssl_certs_pub/www.spendingbetter.com.pub
             - name: KEYSTORE_ALIAS
               value: spendingbetter
-            - name: COM_MICROSERVICE_AUTHENTICATION_JWT_ENABLED_PUBLIC_KEY
-              value: "true"
+#            - name: COM_MICROSERVICE_AUTHENTICATION_JWT_ENABLED_PUBLIC_KEY
+#              value: "true"
 #            - name: SPRING_CLOUD_GATEWAY_DISCOVERY_LOCATOR_ENABLED
 #              value: "true"
             - name: LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_CLOUD_GATEWAY
@@ -98,4 +103,6 @@ spec:
         - name: spendingbetter-pub-key
           secret:
             secretName: spendingbetter-pub-key
-
+        - name: spendingbetter-jks
+          secret:
+            secretName: spendingbetter-jks
@@ -72,6 +72,10 @@ spec:
               value: spendingbetter
             - name: COM_MICROSERVICE_AUTHENTICATION_JWT_ENABLED_PUBLIC_KEY
               value: "true"
+            - name: LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_WEB
+              value: trace
+            - name: LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_SECURITY
+              value: trace
           ports:
             - containerPort: 9092
           livenessProbe:
 
@@ -0,0 +1,59 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: oauth2-proxy
+  labels:
+    app: oauth2-proxy
+spec:
+  ports:
+    - name: http-port
+      port: 4180
+  selector:
+    app: oauth2-proxy
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: oauth2-proxy
+spec:
+  selector:
+    matchLabels:
+      app: oauth2-proxy
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: oauth2-proxy
+        version: v1
+    spec:
+      containers:
+        - name: oauth2-proxy
+          image: quay.io/pusher/oauth2_proxy:latest-arm64
+          args:
+            - -provider=google
+            - -upstream=file:///dev/null
+            - -http-address=0.0.0.0:4180
+            - -client-id=CLIENT_ID
+            - -client-secret=CLIENT_SECRET
+            - -cookie-domain=spendingbetter.com
+            - -email-domain=admin@spendingbetter.com
+            - -whitelist-domain=spendingbetter.com
+            - -cookie-refresh=1h
+            - -cookie-secret=BASE64_ENCODED_STRING(like “echo strongSecret | base64”)
+          resources:
+            requests:
+              memory: "256Mi"
+            limits:
+              memory: "512Mi"
+          env:
+            - name: JAVA_OPTS
+              value: -Xss256K -Xms1M -XX:+UseSerialGC -Djava.compiler=none -XX:ReservedCodeCacheSize=2496k -XX:MaxDirectMemorySize=1M
+          ports:
+            - containerPort: 4180
+          livenessProbe:
+            httpGet:
+              scheme: HTTP
+              path: /ping
+              port: 4180
+            initialDelaySeconds: 1000
+            periodSeconds: 5
@@ -50,7 +50,7 @@ spec:
             - name: SPRING_PROFILES_ACTIVE
               value: prod
             - name: SPRING_DATA_MONGODB_URI
-              value: mongodb://mongodb:27017
+              value: mongodb://192.168.1.5:27017
             - name: SPRING_DATA_MONGODB_DATABASE
               value: docker
             - name: SPRING_CLOUD_CONSUL_ENABLED
@@ -69,8 +69,8 @@ spec:
               value: file:/etc/ssl_certs_pub/www.spendingbetter.com.pub
             - name: KEYSTORE_ALIAS
               value: spendingbetter
-            - name: COM_MICROSERVICE_AUTHENTICATION_JWT_ENABLED_PUBLIC_KEY
-              value: "true"
+#            - name: COM_MICROSERVICE_AUTHENTICATION_JWT_PUBLIC_KEYSTORE
+#              value: file:/etc/ssl_certs_pub/www.spendingbetter.com.pub
           ports:
             - containerPort: 8082
           livenessProbe:
 
@@ -4,4 +4,6 @@ metadata:
   name: secrets
 type: Opaque
 data:
-  KEYSTORE_PASSWORD: Q2VydDIwITk=
+  KEYSTORE_PASSWORD: Q2VydDIwITk=
+  CLIENT_ID: NjQ2MzcwMzcwODExLWxoMmRya2QxNG91dHVqbzIzcTAxamRnajVrN3UzOGdwLmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tCg==
+  CLIENT_SECRET: emxsYnFmd2N0T0htVnc1WEdJblRucnZYCg==
@@ -54,4 +54,8 @@ docker/*.pem
 docker/jmeter.log
 docker/test_result_springboot
 docker/quarkus.jwks
-docker/openshift.local.clusterup
+docker/openshift.local.clusterup
+
+redis_auth_gateway
+redis_auth_service
+docker/jwks.json
@@ -7,7 +7,10 @@
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Primary;
 import org.springframework.core.annotation.Order;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.session.data.redis.RedisIndexedSessionRepository;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 import org.springframework.session.web.http.CookieSerializer;
 import org.springframework.session.web.http.DefaultCookieSerializer;
@@ -24,6 +27,12 @@ public static void main(String[] args) {
         SpringApplication.run(AdminServerApplication.class, args);
     }
 
+    @Primary
+    @Bean
+    RedisIndexedSessionRepository redisIndexedSessionRepository(RedisTemplate redisTemplate) {
+        return new RedisIndexedSessionRepository(redisTemplate);
+    }
+
     @Bean
     static BeanFactoryPostProcessor removeErrorSecurityFilter() {
         return (beanFactory) -> {
@@ -38,6 +47,7 @@ public CookieSerializer cookieSerializer() {
         DefaultCookieSerializer serializer = new DefaultCookieSerializer();
         serializer.setCookieName("SESSIONID");
         serializer.setCookiePath("/");
+        serializer.setUseBase64Encoding(false);
         return serializer;
     }