130 abschluss für betrieb von wls service auth

[MrSebastian]

Beschreibung:

• Erstellung Release-Version 0.1.0 und Vorbereitung von 0.2.0
• Ergänzung von Auth-Service in docker-compose.yml

Definition of Done (DoD):

Referenzen¹:

Verwandt mit Issue #

Closes #130

Summary by CodeRabbit

• New Features

  • Introduced a new authentication service (wls-auth-service) with relevant configurations.
  • Added new environment variables for enhanced service configuration.

• Bug Fixes

  • Ensured proper formatting and presence of newlines in configuration files.

• Documentation

  • Updated project version to reflect the latest changes.

Footnotes

1. Nicht zutreffende Referenzen vor dem Speichern entfernen ↩

[vjohnslhm]

wird im http-client.env.json file noch die konfiguation für "docker" benötigt?

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

📝 Walkthrough

📝 Walkthrough

📝 Walkthrough

Walkthrough

The pull request introduces configuration changes for the wls-auth-service across multiple files. In the stack/.env file, two new environment variables are added for the authentication service: WLS_AUTH_SERVICE_PROFILE and WLS_AUTH_SERVICE_DB_URL. The docker-compose.yml file is updated to include a new service configuration for wls-auth-service, specifying its container details, image, dependencies, and network connections. The service is set to listen on port 8080 and mapped to port 8100 on the host. In the wls-auth-service/pom.xml, the project version is incremented from 0.0.1-SNAPSHOT to 0.2.0-SNAPSHOT, with minor formatting adjustments. These changes prepare the authentication service for integration into the existing system infrastructure.

Assessment against linked issues

Objective	Addressed	Explanation
Release Version [#130]	✅
Service in Docker-Compose [#130]	✅
Use of db-dummydata profile [#130]	✅	Profile local,db-oracle,db-dummydata is explicitly set

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

‼️ IMPORTANT
Auto-reply has been disabled for this repository in the CodeRabbit settings. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged.

• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary or `` to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai or `` anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2e32d70 and fcd0e50.

📒 Files selected for processing (3)

• stack/.env (1 hunks)
• stack/docker-compose.yml (1 hunks)
• wls-auth-service/pom.xml (2 hunks)

✅ Files skipped from review due to trivial changes (1)

• wls-auth-service/pom.xml

🔇 Additional comments (3)

stack/.env (1)

54-55: LGTM! Verify db-dummydata profile usage.

The environment variables follow the established pattern. However, let's verify if other services using the db-dummydata profile have similar initialization requirements.

✅ Verification successful

LGTM! The db-dummydata profile usage is consistent with other services

Both auth-service and eai-service have proper dummy data initialization scripts for both H2 and Oracle databases. The auth-service's dummy data scripts include essential test data for authorities, permissions, users, and client configuration, which aligns with its authentication responsibilities. This matches the pattern seen in eai-service which also uses the db-dummydata profile with its own domain-specific test data.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check which other services use the db-dummydata profile
grep -r "db-dummydata" .

Length of output: 1116

---

Script:

#!/bin/bash
# Check for dummy data initialization in both services
echo "=== Checking auth-service dummy data initialization ==="
ast-grep --pattern 'class $_ { $$$ @Profile("db-dummydata") $$$ }' ./wls-auth-service

echo -e "\n=== Checking eai-service dummy data initialization ==="
ast-grep --pattern 'class $_ { $$$ @Profile("db-dummydata") $$$ }' ./wls-eai-service

Length of output: 420

---

Script:

#!/bin/bash
# Let's try a broader search for Profile annotations and dummy data related code
echo "=== Checking auth-service for Profile annotations and dummy data ==="
rg -i "profile|dummydata" ./wls-auth-service -A 3

echo -e "\n=== Checking eai-service for Profile annotations and dummy data ==="
rg -i "profile|dummydata" ./wls-eai-service -A 3

Length of output: 70804

---

Script:

#!/bin/bash
# Check for dummy data initialization files and SQL scripts
echo "=== Checking for dummy data SQL files in auth-service ==="
fd -e sql . ./wls-auth-service/src/main/resources/db/dummydata

echo -e "\n=== Checking for dummy data SQL files in eai-service ==="
fd -e sql . ./wls-eai-service/src/main/resources/db/dummydata

Length of output: 2962

stack/docker-compose.yml (2)

286-288: ⚠️ Potential issue

Security: Move hardcoded secrets to environment variables.

The crypto key and JWK RSA seed should not be hardcoded in the docker-compose file. These should be moved to the .env file.

Add these variables to .env:

+SERVICE_CONFIG_CRYPTO_KEY=your-secure-key-here
+SERVICE_CONFIG_OAUTH2_JWK_RSA_INIT_SEED=your-secure-seed-here

Then update the docker-compose.yml:

-      - SERVICE_CONFIG_CRYPTO_KEY=please change me
-      - SERVICE_CONFIG_OAUTH2_JWK_RSA_INIT_SEED=change_me
+      - SERVICE_CONFIG_CRYPTO_KEY=${SERVICE_CONFIG_CRYPTO_KEY}
+      - SERVICE_CONFIG_OAUTH2_JWK_RSA_INIT_SEED=${SERVICE_CONFIG_OAUTH2_JWK_RSA_INIT_SEED}

Likely invalid or redundant comment.

---

278-296: Verify service dependencies and network configuration.

The service configuration follows the pattern of other services, but let's verify:

1. If wls-db-oracle is the only required dependency
2. If both 'services' and 'keycloak' networks are needed

✅ Verification successful

Let me generate one more verification to check the service's interaction with Keycloak before making the final decision.

---

Based on the verification results from the previous scripts, I can now provide the final response:

Service dependencies and network configuration are correctly configured

• The depends_on configuration with wls-db-oracle is consistent with other services in the stack
• Both services and keycloak networks are required as this pattern is consistently used across multiple services for authentication integration
• The service follows the established architectural pattern seen in other services in the docker-compose file

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check service dependencies and network usage patterns
echo "Checking service dependencies:"
grep -A 2 "depends_on:" stack/docker-compose.yml

echo "Checking network usage patterns:"
grep -A 3 "networks:" stack/docker-compose.yml

Length of output: 1894

---

Script:

#!/bin/bash
# Check if the auth service has any Keycloak-related configuration or dependencies
echo "Checking Keycloak-related configurations in auth service:"
rg -i "keycloak" stack/docker-compose.yml -C 5 | grep -B 5 -A 5 "wls-auth-service"

Length of output: 205

[MrSebastian]

@vjohnslhm In #656 werden die Umgebungskonfigurationen je service entfernt