refactoring Single Source of Truth

config/.env.dev

@@ -161,7 +161,28 @@ RATELIMIT_GLOBAL_PERIOD_MINUTES=1
 RATELIMIT_INCLUDE_HEADERS=true
 
 # =============================================================================
-# 12. SPRING PROFILES AND GATEWAY
+# 12. DOCKER BUILD ARGUMENTS
+# =============================================================================
+# Centralized Docker build arguments for compose files
+# These mirror the values from docker/build-args/ for standalone compose usage
+DOCKER_GRADLE_VERSION=9.0.0
+DOCKER_JAVA_VERSION=21
+DOCKER_NODE_VERSION=20.11.0
+DOCKER_NGINX_VERSION=1.25-alpine
+DOCKER_APP_VERSION=1.0.0
+BUILD_DATE=2025-09-13T23:32:00Z
+
+# Monitoring & Infrastructure versions
+DOCKER_PROMETHEUS_VERSION=v2.54.1
+DOCKER_GRAFANA_VERSION=11.3.0
+DOCKER_KEYCLOAK_VERSION=26.0.7
+
+# Spring profiles for Docker builds
+DOCKER_SPRING_PROFILES_DEFAULT=default
+DOCKER_SPRING_PROFILES_DOCKER=docker
+
+# =============================================================================
+# 13. SPRING PROFILES AND GATEWAY
 # =============================================================================
 SPRING_PROFILES_ACTIVE=dev
 GATEWAY_ADMIN_USER=admin

docker-compose.clients.yml

@@ -104,69 +104,85 @@ services:
   # ===================================================================
   # Auth Server (Custom Keycloak Extension)
   # ===================================================================
-#  auth-server:
+  auth-server:
-#    build:
+    build:
-#      context: .
+      context: .
-#      dockerfile: dockerfiles/infrastructure/auth-server/Dockerfile
+      dockerfile: dockerfiles/infrastructure/auth-server/Dockerfile
-#    container_name: meldestelle-auth-server
+      args:
-#    environment:
+        # Global build arguments (from docker/build-args/global.env)
-#      SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-dev}
+        GRADLE_VERSION: ${DOCKER_GRADLE_VERSION:-9.0.0}
-#      SERVER_PORT: ${AUTH_SERVICE_PORT:-8087}
+        JAVA_VERSION: ${DOCKER_JAVA_VERSION:-21}
-#      KEYCLOAK_SERVER_URL: http://keycloak:8080
+        BUILD_DATE: ${BUILD_DATE}
-#      KEYCLOAK_REALM: meldestelle
+        VERSION: ${DOCKER_APP_VERSION:-1.0.0}
-#      KEYCLOAK_CLIENT_ID: meldestelle-auth-service
+        # Infrastructure-specific arguments (from docker/build-args/infrastructure.env)
-#      KEYCLOAK_CLIENT_SECRET: ${KEYCLOAK_CLIENT_SECRET:-auth-service-secret}
+        SPRING_PROFILES_ACTIVE: ${DOCKER_SPRING_PROFILES_DEFAULT:-default}
-#      DB_HOST: postgres
+    container_name: meldestelle-auth-server
-#      DB_PORT: 5432
+    environment:
-#      DB_NAME: ${POSTGRES_DB:-meldestelle}
+      SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-dev}
-#      DB_USER: ${POSTGRES_USER:-meldestelle}
+      SERVER_PORT: ${AUTH_SERVICE_PORT:-8087}
-#      DB_PASSWORD: ${POSTGRES_PASSWORD:-meldestelle}
+      KEYCLOAK_SERVER_URL: http://keycloak:8080
-#      JWT_SECRET: ${JWT_SECRET:-meldestelle-jwt-secret-key-for-development-change-in-production}
+      KEYCLOAK_REALM: meldestelle
-#      JWT_ISSUER: ${JWT_ISSUER:-meldestelle-api}
+      KEYCLOAK_CLIENT_ID: meldestelle-auth-service
-#      JWT_AUDIENCE: ${JWT_AUDIENCE:-meldestelle-clients}
+      KEYCLOAK_CLIENT_SECRET: ${KEYCLOAK_CLIENT_SECRET:-auth-service-secret}
-#    ports:
+      DB_HOST: postgres
-#      - "${AUTH_SERVICE_PORT:-8087}:${AUTH_SERVICE_PORT:-8087}"
+      DB_PORT: 5432
-#    networks:
+      DB_NAME: ${POSTGRES_DB:-meldestelle}
-#      - meldestelle-network
+      DB_USER: ${POSTGRES_USER:-meldestelle}
-#    healthcheck:
+      DB_PASSWORD: ${POSTGRES_PASSWORD:-meldestelle}
-#      test: ["CMD", "curl", "--fail", "http://localhost:${AUTH_SERVICE_PORT:-8087}/actuator/health"]
+      JWT_SECRET: ${JWT_SECRET:-meldestelle-jwt-secret-key-for-development-change-in-production}
-#      interval: 30s
+      JWT_ISSUER: ${JWT_ISSUER:-meldestelle-api}
-#      timeout: 10s
+      JWT_AUDIENCE: ${JWT_AUDIENCE:-meldestelle-clients}
-#      retries: 3
+    ports:
-#      start_period: 60s
+      - "${AUTH_SERVICE_PORT:-8087}:${AUTH_SERVICE_PORT:-8087}"
-#    restart: unless-stopped
+    networks:
+      - meldestelle-network
+    healthcheck:
+      test: ["CMD", "curl", "--fail", "http://localhost:${AUTH_SERVICE_PORT:-8087}/actuator/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
+    restart: unless-stopped
 
   # ===================================================================
   # Monitoring Server (Custom Grafana Extensions)
   # ===================================================================
-#  monitoring-server:
+  monitoring-server:
-#    build:
+    build:
-#      context: .
+      context: .
-#      dockerfile: dockerfiles/infrastructure/monitoring-server/Dockerfile
+      dockerfile: dockerfiles/infrastructure/monitoring-server/Dockerfile
-#    container_name: meldestelle-monitoring-server
+      args:
-#    environment:
+        # Global build arguments (from docker/build-args/global.env)
-#      SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-dev}
+        GRADLE_VERSION: ${DOCKER_GRADLE_VERSION:-9.0.0}
-#      SERVER_PORT: 8088
+        JAVA_VERSION: ${DOCKER_JAVA_VERSION:-21}
-#      GRAFANA_URL: http://grafana:3000
+        BUILD_DATE: ${BUILD_DATE}
-#      PROMETHEUS_URL: http://prometheus:9090
+        VERSION: ${DOCKER_APP_VERSION:-1.0.0}
-#      GRAFANA_ADMIN_USER: ${GF_SECURITY_ADMIN_USER:-admin}
+        # Infrastructure-specific arguments (from docker/build-args/infrastructure.env)
-#      GRAFANA_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD:-admin}
+        SPRING_PROFILES_ACTIVE: ${DOCKER_SPRING_PROFILES_DEFAULT:-default}
-#      METRICS_AUTH_USERNAME: ${METRICS_AUTH_USERNAME:-admin}
+    container_name: meldestelle-monitoring-server
-#      METRICS_AUTH_PASSWORD: ${METRICS_AUTH_PASSWORD:-metrics}
+    environment:
-#    ports:
+      SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-dev}
-#      - "8088:8088"
+      SERVER_PORT: 8088
-#    networks:
+      GRAFANA_URL: http://grafana:3000
-#      - meldestelle-network
+      PROMETHEUS_URL: http://prometheus:9090
-#    healthcheck:
+      GRAFANA_ADMIN_USER: ${GF_SECURITY_ADMIN_USER:-admin}
-#      test: ["CMD", "curl", "--fail", "http://localhost:8088/actuator/health"]
+      GRAFANA_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD:-admin}
-#      interval: 30s
+      METRICS_AUTH_USERNAME: ${METRICS_AUTH_USERNAME:-admin}
-#      timeout: 10s
+      METRICS_AUTH_PASSWORD: ${METRICS_AUTH_PASSWORD:-metrics}
-#      retries: 3
+    ports:
-#      start_period: 60s
+      - "8088:8088"
-#    restart: unless-stopped
+    networks:
-#    volumes:
+      - meldestelle-network
-#      - monitoring-data:/app/data
+    healthcheck:
-#      - ./docker/monitoring:/app/config:ro
+      test: ["CMD", "curl", "--fail", "http://localhost:8088/actuator/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
+    restart: unless-stopped
+    volumes:
+      - monitoring-data:/app/data
+      - ./docker/monitoring:/app/config:ro
 
 # ===================================================================
 # Volumes für Client-spezifische Daten

docker/build-args/clients.env

@@ -29,7 +29,7 @@ DESKTOP_APP_BUILD_TARGET=composeDesktop
 NODE_ENV=production
 APP_TITLE=Meldestelle
 APP_VERSION=1.0.0
-DOCKER_APP_VERSION
+DOCKER_APP_VERSION=1.0.0
 
 # --- Development Configuration ---
 WEBPACK_DEV_SERVER_HOST=0.0.0.0

docker/build-args/global.env

@@ -11,7 +11,7 @@ JAVA_VERSION=21
 # --- Build Metadata ---
 BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
 VERSION=1.0.0
-DOCKER_APP_VERSION
+DOCKER_APP_VERSION=1.0.0
 
 # --- Common Base Images ---
 ALPINE_VERSION=3.19

dockerfiles/infrastructure/auth-server/Dockerfile

@@ -57,6 +57,7 @@ COPY build.gradle.kts ./
 
 # Copy infrastructure dependencies
 COPY infrastructure/auth/auth-client/ infrastructure/auth/auth-client/
+COPY infrastructure/cache/ infrastructure/cache/
 
 # Copy auth-server specific files
 COPY infrastructure/auth/auth-server/build.gradle.kts infrastructure/auth/auth-server/

dockerfiles/infrastructure/monitoring-server/Dockerfile

@@ -43,6 +43,7 @@ COPY build.gradle.kts ./
 
 # Copy monitoring dependencies
 COPY infrastructure/monitoring/monitoring-client/ infrastructure/monitoring/monitoring-client/
+COPY infrastructure/cache/ infrastructure/cache/
 
 # Copy monitoring-server specific files
 COPY infrastructure/monitoring/monitoring-server/build.gradle.kts infrastructure/monitoring/monitoring-server/