From caaa4114eea9861390233fb0805fc97386425faf Mon Sep 17 00:00:00 2001 From: stefan Date: Sat, 13 Sep 2025 15:38:57 +0200 Subject: [PATCH] fixing docker-compose and cleanup --- .junie/guidelines/docker-guideline.md | 369 ++++++++++++++- DOCKER_ANALYSIS_COMPLETE.md | 242 ---------- DOCKER_COMPOSE_FIX_SUMMARY.md | 42 -- Docker-Container-Bericht.md | 88 ---- FILE_CONSOLIDATION_RECOMMENDATIONS.md | 133 ------ GATEWAY-STARTUP-GUIDE.md | 200 --------- PROJEKT_OPTIMIERUNG_BERICHT.md | 217 --------- PROJEKT_SERVICES_ANALYSIS.md | 314 ------------- README-DOCKER-CLIENT-CONTAINERIZATION.md | 168 ------- README-DOCKER.md | 299 ------------- config/prometheus-test.yml | 37 -- docker-compose-ping-test.yml | 220 --------- docker-compose.clients.yml | 17 + docker-compose.services.yml | 8 + docker-compose.yml | 10 +- docker/build-args/clients.env | 36 ++ docker/build-args/global.env | 19 + docker/build-args/infrastructure.env | 39 ++ docker/build-args/services.env | 27 ++ docker/versions.toml | 94 ++++ dockerfiles/clients/desktop-app/Dockerfile | 17 +- dockerfiles/clients/web-app/Dockerfile | 81 +++- .../infrastructure/auth-server/Dockerfile | 101 +++-- dockerfiles/infrastructure/gateway/Dockerfile | 264 ++++++----- .../monitoring-server/Dockerfile | 14 +- .../services/events-service/Dockerfile | 17 +- .../services/horses-service/Dockerfile | 17 +- .../services/masterdata-service/Dockerfile | 17 +- .../services/members-service/Dockerfile | 17 +- dockerfiles/services/ping-service/Dockerfile | 14 +- .../kotlin-multiplatform-web.Dockerfile | 21 +- .../templates/spring-boot-service.Dockerfile | 20 +- infrastructure/gateway/Dockerfile | 96 ---- sanity-check.sh | 309 ------------- scripts/docker-build.sh | 184 ++++++++ scripts/docker-versions-update.sh | 299 +++++++++++++ scripts/test/integration-test.sh | 420 ++++++++++++++++++ test-docker-compose.sh | 94 ---- 38 files changed, 1900 insertions(+), 2681 deletions(-) delete mode 100644 DOCKER_ANALYSIS_COMPLETE.md delete mode 100644 DOCKER_COMPOSE_FIX_SUMMARY.md delete mode 100644 Docker-Container-Bericht.md delete mode 100644 FILE_CONSOLIDATION_RECOMMENDATIONS.md delete mode 100644 GATEWAY-STARTUP-GUIDE.md delete mode 100644 PROJEKT_OPTIMIERUNG_BERICHT.md delete mode 100644 PROJEKT_SERVICES_ANALYSIS.md delete mode 100644 README-DOCKER-CLIENT-CONTAINERIZATION.md delete mode 100644 README-DOCKER.md delete mode 100644 config/prometheus-test.yml delete mode 100644 docker-compose-ping-test.yml create mode 100644 docker/build-args/clients.env create mode 100644 docker/build-args/global.env create mode 100644 docker/build-args/infrastructure.env create mode 100644 docker/build-args/services.env create mode 100644 docker/versions.toml delete mode 100644 infrastructure/gateway/Dockerfile delete mode 100755 sanity-check.sh create mode 100755 scripts/docker-build.sh create mode 100755 scripts/docker-versions-update.sh create mode 100755 scripts/test/integration-test.sh delete mode 100755 test-docker-compose.sh diff --git a/.junie/guidelines/docker-guideline.md b/.junie/guidelines/docker-guideline.md index d3710b2a..6fe2345c 100644 --- a/.junie/guidelines/docker-guideline.md +++ b/.junie/guidelines/docker-guideline.md @@ -1,9 +1,9 @@ # Docker-Guidelines für das Meldestelle-Projekt -> **Version:** 1.1 -> **Datum:** 16. August 2025 +> **Version:** 3.0.0 +> **Datum:** 13. September 2025 > **Autor:** Meldestelle Development Team -> **Letzte Aktualisierung:** Erweitert und optimiert basierend auf aktueller Implementierung +> **Letzte Aktualisierung:** 🎯 ZENTRALE DOCKER-VERSIONSVERWALTUNG implementiert - Single Source of Truth für alle Build-Argumente, eliminiert Redundanz in 12+ Dockerfiles, automatisierte Build-Scripts und Version-Update-Utilities --- @@ -22,13 +22,14 @@ Das Meldestelle-Projekt implementiert eine **moderne, sicherheitsorientierte Con ## 📋 Inhaltsverzeichnis 1. [Architektur-Überblick](#architektur-überblick) -2. [Dockerfile-Standards](#dockerfile-standards) -3. [Docker-Compose Organisation](#docker-compose-organisation) -4. [Development-Workflow](#development-workflow) -5. [Production-Deployment](#production-deployment) -6. [Monitoring und Observability](#monitoring-und-observability) -7. [Troubleshooting](#troubleshooting) -8. [Best Practices](#best-practices) +2. [Zentrale Docker-Versionsverwaltung](#zentrale-docker-versionsverwaltung) 🆕 +3. [Dockerfile-Standards](#dockerfile-standards) +4. [Docker-Compose Organisation](#docker-compose-organisation) +5. [Development-Workflow](#development-workflow) +6. [Production-Deployment](#production-deployment) +7. [Monitoring und Observability](#monitoring-und-observability) +8. [Troubleshooting](#troubleshooting) +9. [Best Practices](#best-practices) --- @@ -91,6 +92,257 @@ graph TB --- +## 🎯 Zentrale Docker-Versionsverwaltung + +### Überblick und Motivation + +**Version 3.0.0** führt eine revolutionäre Änderung in der Docker-Versionsverwaltung ein: die **zentrale Verwaltung aller Build-Argumente** analog zum bewährten `gradle/libs.versions.toml` System. + +#### Das Problem vor Version 3.0.0 + +```dockerfile +# BEFORE: Redundante Hardcodierung in 12+ Dockerfiles +ARG GRADLE_VERSION=9.0.0 +ARG GRADLE_VERSION=9.0.0 +ARG GRADLE_VERSION=9.0.0 +# ... 9 weitere Male identisch wiederholt! +``` + +#### Die Lösung: Single Source of Truth + +```toml +# docker/versions.toml - SINGLE SOURCE OF TRUTH +[versions] +gradle = "9.0.0" +java = "21" +node = "20.11.0" +nginx = "1.25-alpine" +``` + +### 🏗️ Architektur der zentralen Versionsverwaltung + +``` +docker/ +├── versions.toml # 🎯 Single Source of Truth +├── build-args/ # Auto-generierte Environment Files +│ ├── global.env # Globale Build-Argumente +│ ├── services.env # dockerfiles/services/* +│ ├── clients.env # dockerfiles/clients/* +│ └── infrastructure.env # dockerfiles/infrastructure/* +└── README.md # Dokumentation +``` + +### 📊 Hierarchische Versionsverwaltung + +#### 1. **Globale Versionen** (`docker/build-args/global.env`) +Verwendet von **allen** Dockerfiles: +```bash +GRADLE_VERSION=9.0.0 +JAVA_VERSION=21 +BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') +VERSION=1.0.0 +``` + +#### 2. **Kategorie-spezifische Versionen** + +**Services** (`docker/build-args/services.env`): +```bash +SPRING_PROFILES_ACTIVE=docker +SERVICE_PORT=8080 +PING_SERVICE_PORT=8082 +MEMBERS_SERVICE_PORT=8083 +``` + +**Clients** (`docker/build-args/clients.env`): +```bash +NODE_VERSION=20.11.0 +NGINX_VERSION=1.25-alpine +WEB_APP_PORT=4000 +DESKTOP_APP_VNC_PORT=5901 +``` + +**Infrastructure** (`docker/build-args/infrastructure.env`): +```bash +SPRING_PROFILES_ACTIVE=default +GATEWAY_PORT=8081 +AUTH_SERVER_PORT=8087 +``` + +### 🛠️ Verwendung der zentralen Versionsverwaltung + +#### Automatisierte Builds mit `scripts/docker-build.sh` + +```bash +# Alle Services mit zentralen Versionen bauen +./scripts/docker-build.sh services + +# Client-Anwendungen bauen +./scripts/docker-build.sh clients + +# Komplettes System bauen +./scripts/docker-build.sh all + +# Aktuelle Versionen anzeigen +./scripts/docker-build.sh --versions +``` + +#### Versionen aktualisieren mit `scripts/docker-versions-update.sh` + +```bash +# Aktuelle Versionen anzeigen +./scripts/docker-versions-update.sh show + +# Java auf Version 22 upgraden +./scripts/docker-versions-update.sh update java 22 + +# Gradle auf 9.1.0 upgraden +./scripts/docker-versions-update.sh update gradle 9.1.0 + +# Alle Environment-Dateien synchronisieren +./scripts/docker-versions-update.sh sync +``` + +### 📋 Dockerfile Template-System Version 3.0.0 + +#### Neue Template-Struktur + +```dockerfile +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Category-specific arguments (docker/build-args/services.env) +ARG SPRING_PROFILES_ACTIVE +ARG SERVICE_PATH=. +ARG SERVICE_NAME=spring-boot-service +ARG SERVICE_PORT=8080 +``` + +#### Docker-Compose Integration + +```yaml +api-gateway: + build: + context: . + dockerfile: dockerfiles/infrastructure/gateway/Dockerfile + args: + # Zentrale Versionen via Environment-Variablen + GRADLE_VERSION: ${DOCKER_GRADLE_VERSION:-9.0.0} + JAVA_VERSION: ${DOCKER_JAVA_VERSION:-21} + BUILD_DATE: ${BUILD_DATE} + VERSION: ${DOCKER_APP_VERSION:-1.0.0} + SPRING_PROFILES_ACTIVE: ${DOCKER_SPRING_PROFILES_DEFAULT:-default} +``` + +### 🎉 Vorteile der zentralen Versionsverwaltung + +#### **DRY-Prinzip Durchsetzung** ✅ +- **Vor Version 3.0.0**: `GRADLE_VERSION=9.0.0` in 12 Dockerfiles +- **Ab Version 3.0.0**: `gradle = "9.0.0"` **einmalig** in `docker/versions.toml` + +#### **Wartungsaufwand drastisch reduziert** ✅ +```bash +# BEFORE: 12 Dateien manuell editieren für Gradle-Update +# AFTER: Ein Befehl für alle Services +./scripts/docker-versions-update.sh update gradle 9.1.0 +``` + +#### **Konsistenz garantiert** ✅ +- Keine Version-Inkonsistenzen zwischen Services möglich +- Automatische Synchronisation aller Environment-Dateien +- Einheitliche Spring-Profile-Behandlung + +#### **Skalierbarkeit für neue Services** ✅ +```dockerfile +# Neue Services verwenden automatisch zentrale Versionen +ARG GRADLE_VERSION +ARG JAVA_VERSION +``` + +### 🔄 Migration bestehender Services + +#### Schritt 1: Template-basierte Migration +```bash +# Neue Services basieren auf aktualisierten Templates +cp dockerfiles/templates/spring-boot-service.Dockerfile dockerfiles/services/new-service/ +``` + +#### Schritt 2: Automatisierte Version-Synchronisation +```bash +# Bestehende Services automatisch aktualisieren +./scripts/docker-versions-update.sh sync +``` + +#### Schritt 3: Build-Integration +```bash +# Neue Builds verwenden zentrale Versionen +./scripts/docker-build.sh services +``` + +### 📚 Best Practices für Version 3.0.0 + +#### **DO: Zentrale Versionskommandos verwenden** +```bash +# ✅ RICHTIG - Zentrale Version-Updates +./scripts/docker-versions-update.sh update java 22 + +# ✅ RICHTIG - Automatisierte Builds +./scripts/docker-build.sh all +``` + +#### **DON'T: Manuelle Dockerfile-Bearbeitung** +```dockerfile +# ❌ FALSCH - Nie mehr hardcodierte Versionen +ARG GRADLE_VERSION=9.1.0 + +# ✅ RICHTIG - Zentrale Referenz +ARG GRADLE_VERSION +``` + +#### **Konsistenz-Regeln** +1. **Niemals** Versionen direkt in Dockerfiles hardcodieren +2. **Immer** `docker/versions.toml` als Single Source of Truth verwenden +3. **Automated** Environment-File-Synchronisation via Scripts +4. **Kategorien-spezifische** Build-Argumente korrekt zuordnen + +### 🚀 Entwickler-Workflow mit Version 3.0.0 + +#### **Neuen Service entwickeln** +```bash +# 1. Template kopieren (bereits Version 3.0.0 kompatibel) +cp dockerfiles/templates/spring-boot-service.Dockerfile dockerfiles/services/my-service/ + +# 2. Service-spezifische Parameter anpassen (Port, Name, etc.) +# 3. Bauen mit zentralen Versionen +./scripts/docker-build.sh services +``` + +#### **Versionen projekt-weit upgraden** +```bash +# 1. Java-Version upgraden (betrifft ALLE Services) +./scripts/docker-versions-update.sh update java 22 + +# 2. Automatisch alle Services neu bauen +./scripts/docker-build.sh all + +# 3. Testen und committen +``` + +#### **Version-Status prüfen** +```bash +# Aktuelle zentrale Versionen anzeigen +./scripts/docker-versions-update.sh show + +# Build-Environment-Status prüfen +./scripts/docker-build.sh --versions +``` + +--- + ## 🐳 Dockerfile-Standards ### Template-Struktur @@ -100,20 +352,105 @@ Alle Dockerfiles folgen einem standardisierten Template-System: ``` dockerfiles/ ├── templates/ -│ ├── spring-boot-service.Dockerfile # Backend-Services +│ ├── spring-boot-service.Dockerfile # Backend-Services │ ├── kotlin-multiplatform-web.Dockerfile # Web-Client │ └── monitoring-service.Dockerfile # Monitoring-Services +├── clients/ +│ ├── web-app/Dockerfile # Web-App (nginx) +│ └── desktop-app/Dockerfile # Desktop-App (VNC/X11) ├── infrastructure/ -│ ├── gateway/Dockerfile # ✅ API Gateway -│ ├── auth-server/Dockerfile # Auth Server -│ └── monitoring-server/Dockerfile # Monitoring Server +│ ├── gateway/Dockerfile # API Gateway +│ ├── auth-server/Dockerfile # Auth Server +│ └── monitoring-server/Dockerfile # Monitoring Server └── services/ - ├── members-service/Dockerfile # Domain Services (wenn reaktiviert) + ├── members-service/Dockerfile # Domain Services (wenn reaktiviert) ├── horses-service/Dockerfile ├── events-service/Dockerfile └── masterdata-service/Dockerfile ``` +### Dockerfile-Architektur & Konsistenz-Richtlinien ✅ RESOLVED + +**AKTUELLER STATUS (Version 2.1):** +- ✅ Alle Dockerfiles folgen der konsistenten `dockerfiles/` Struktur +- ✅ API Gateway Dockerfile: `dockerfiles/infrastructure/gateway/Dockerfile` +- ✅ Keine Architektur-Ausnahmen mehr - alle Services folgen dem gleichen Muster +- ✅ Docker-Compose Referenzen nutzen konsistent die `dockerfiles/` Pfade + +**RICHTLINIEN ZUR VERMEIDUNG VON INKONSISTENZEN:** + +1. **Konsistenz-Prinzip:** ALLE Dockerfiles müssen unter `dockerfiles/` organisiert sein +2. **Keine Ausnahmen:** Kein Service darf außerhalb dieser Struktur platziert werden +3. **Vorhersagbarkeit:** Entwickler finden Dockerfiles immer am gleichen Ort +4. **Einheitliche Referenzierung:** Alle docker-compose.yml Dateien referenzieren `dockerfiles/` + +**Struktur-Kategorien:** +- `dockerfiles/templates/` - Wiederverwendbare Templates +- `dockerfiles/clients/` - Frontend-Anwendungen +- `dockerfiles/infrastructure/` - Infrastructure Services (inkl. Gateway) +- `dockerfiles/services/` - Domain Services + +**WICHTIG:** Bei neuen Services oder Refactoring IMMER die konsistente Struktur befolgen! + +### ✨ Neue Optimierungen (Version 2.0) + +#### BuildKit Cache Mounts ✅ IMPLEMENTIERT + +Alle Dockerfiles verwenden jetzt **BuildKit cache mounts** für optimale Build-Performance: + +```dockerfile +# Download dependencies with cache mount +RUN --mount=type=cache,target=/home/gradle/.gradle/caches \ + --mount=type=cache,target=/home/gradle/.gradle/wrapper \ + ./gradlew dependencies --no-daemon --info + +# Build application with cache mount +RUN --mount=type=cache,target=/home/gradle/.gradle/caches \ + --mount=type=cache,target=/home/gradle/.gradle/wrapper \ + ./gradlew bootJar --no-daemon --info +``` + +**Vorteile:** +- Gradle Dependencies werden zwischen Builds gecacht +- Signifikant reduzierte Build-Zeiten +- Bessere Resource-Effizienz in CI/CD-Pipelines + +#### Tini Init System ✅ IMPLEMENTIERT + +Alle Runtime-Container verwenden jetzt **tini** als Init-System: + +```dockerfile +# Installation in Alpine +RUN apk add --no-cache tini + +# Verwendung im Entrypoint +ENTRYPOINT ["tini", "--", "sh", "-c", "exec java $JAVA_OPTS -jar app.jar"] +``` + +**Vorteile:** +- Proper signal handling für Container +- Zombie-Process cleanup +- Graceful shutdown support + +#### Enhanced Security Hardening ✅ IMPLEMENTIERT + +Alle Container implementieren erweiterte Sicherheitspraktiken: + +```dockerfile +# Alpine security updates +RUN apk update && apk upgrade && \ + apk add --no-cache curl tzdata tini && \ + rm -rf /var/cache/apk/* + +# Non-root user with proper permissions +RUN addgroup -g ${APP_GID} -S ${APP_GROUP} && \ + adduser -u ${APP_UID} -S ${APP_USER} -G ${APP_GROUP} && \ + chown -R ${APP_USER}:${APP_GROUP} /app && \ + chmod -R 750 /app +``` + +--- + ### Spring Boot Service Template **Datei:** `dockerfiles/templates/spring-boot-service.Dockerfile` @@ -127,7 +464,7 @@ dockerfiles/ # =================================================================== # Build arguments for flexibility -ARG GRADLE_VERSION=8.14 +ARG GRADLE_VERSION=9.0.0 ARG JAVA_VERSION=21 ARG SPRING_PROFILES_ACTIVE=default ARG SERVICE_PATH=. diff --git a/DOCKER_ANALYSIS_COMPLETE.md b/DOCKER_ANALYSIS_COMPLETE.md deleted file mode 100644 index 1ca1ac95..00000000 --- a/DOCKER_ANALYSIS_COMPLETE.md +++ /dev/null @@ -1,242 +0,0 @@ -# Docker-Analyse Komplett - Meldestelle Projekt - -**Datum:** 10. September 2025, 23:13 Uhr -**Status:** Vollständige Docker-Port-Optimierung - Alle Konflikte behoben -**Konsolidiert aus:** 4 separaten Analyseberichten - -## Executive Summary ✅ - -**ALLE DOCKER-PORT-KONFLIKTE ERFOLGREICH BEHOBEN**: Vollständige Analyse und Lösung aller Docker-Konfigurationsprobleme im Meldestelle-Projekt. Von der Problemidentifikation über detaillierte Konfliktanalyse bis zur finalen Implementierung und Verifikation. - ---- - -## Phase 1: Problemidentifikation (9. September 2025) - -### 🔍 Identifizierte Inkonsistenzen - -#### 1. Docker Compose Network Configuration Issues -- **Main File** (`docker-compose.yml`): Creates `meldestelle-network` as bridge driver -- **Services File** (`docker-compose.services.yml`): References network as `external: true` -- **Clients File** (`docker-compose.clients.yml`): References network as `external: true` -- **Impact**: Services and clients compose files cannot work standalone - network dependency issue - -#### 2. API Gateway Port Configuration Issues -- **Dockerfile**: Exposes port 8080 and healthcheck uses port 8080 -- **Docker-compose**: Maps to port 8081 via `${GATEWAY_PORT:-8081}` -- **Healthcheck in compose**: Still checks port 8080 instead of configured port -- **Impact**: Healthchecks will fail, service appears unhealthy - -#### 3. Dockerfile Inconsistencies -- **Base Image Versions**: Mixed versions between services -- **User Creation Patterns**: Inconsistent security patterns -- **JVM Configuration Differences**: Suboptimal performance configurations -- **Health Check Configuration**: Inconsistent failure detection timing - -#### 4. Environment Variable Inconsistencies -- **Default Profile Handling**: Mixed dev/prod defaults -- **Port Environment Variables**: Missing fallbacks in some services - -#### 5. Service Dependencies Issues -- **Circular Dependencies**: Potential startup race conditions between services - ---- - -## Phase 2: Spezifische Port-Konflikte (10. September 2025) - -### 🚨 Kritische Konflikte Identifiziert - -#### Complete Port Inventory - -**Infrastructure Services (docker-compose.yml)** -| Service | External Port | Internal Port | Environment Variable | -|---------|---------------|---------------|---------------------| -| postgres | 5432 | 5432 | - | -| redis | 6379 | 6379 | REDIS_PORT | -| keycloak | 8180 | 8081 | - | -| consul | 8500 | 8500 | CONSUL_PORT | -| zookeeper | 2181 | 2181 | ZOOKEEPER_CLIENT_PORT | -| kafka | 9092 | 9092 | KAFKA_PORT | -| prometheus | 9090 | 9090 | PROMETHEUS_PORT | -| **grafana** | **3000** | **3000** | **GRAFANA_PORT** | -| api-gateway | 8081 | 8081 | GATEWAY_PORT | - -**Client Services (docker-compose.clients.yml)** -| Service | External Port | Internal Port | Environment Variable | Issue | -|---------|---------------|---------------|---------------------|--------| -| **web-app** | **4000** | **4000** | **WEB_APP_PORT** | ❌ **Health check uses port 3000!** | -| **desktop-app** | **6901, 5901** | **6080, 5901** | **DESKTOP_WEB_VNC_PORT, DESKTOP_VNC_PORT** | ❌ **Port mapping mismatch!** | -| auth-server | 8087 | 8087 | AUTH_SERVICE_PORT | ✅ OK | -| monitoring-server | 8088 | 8088 | - | ✅ OK | - -#### PORT COLLISION MATRIX -| Port | Service 1 | Service 2 | Conflict Type | -|------|-----------|-----------|---------------| -| 3000 | grafana (infrastructure) | web-app health check | ❌ CRITICAL | -| 6080 | desktop-app (expected) | desktop-app (actual: 6901) | ❌ MISMATCH | -| 8081 | api-gateway | keycloak (internal) | ⚠️ Different interfaces, OK | - ---- - -## Phase 3: Lösungsimplementierung (10. September 2025) - -### ✅ ALLE PORT-KONFLIKTE BEHOBEN - -#### 1. Web Application Health Check Korrektur ✅ -- **Problem behoben**: Health Check verwendete falschen Port -- **Datei**: `docker-compose.clients.yml` Zeile 39 -- **Vorher**: `http://localhost:3000/health` ❌ -- **Nachher**: `http://localhost:4000/health` ✅ -- **Auswirkung**: Health Checks funktionieren jetzt korrekt - -#### 2. Desktop Application VNC Port Mapping Korrektur ✅ -- **Problem behoben**: Port Mapping inkonsistent -- **Datei**: `docker-compose.clients.yml` Zeilen 72-73 -- **Vorher**: `"6901:6901"` ❌ -- **Nachher**: `"6080:6080"` ✅ -- **Auswirkung**: VNC Web-Interface ist über korrekten Port erreichbar - -#### 3. Environment Variables Konsistenz ✅ -- **Problem behoben**: Inkonsistente Umgebungsvariablen -- **Datei**: `.env` Zeile 38 -- **Vorher**: `DESKTOP_WEB_VNC_PORT=6901` ❌ -- **Nachher**: `DESKTOP_WEB_VNC_PORT=6080` ✅ -- **Auswirkung**: Alle Konfigurationen verwenden konsistente Werte - -#### 4. Dockerfile VNC Konfiguration Korrektur ✅ -- **Problem behoben**: Mehrere inkonsistente Port-Referenzen im Dockerfile -- **Datei**: `dockerfiles/clients/desktop-app/Dockerfile` -- **Korrektur 1 (Zeile 108)**: `NOVNC_PORT=6901` → `NOVNC_PORT=6080` ✅ -- **Korrektur 2 (Zeile 148)**: Health Check Port `6901` → `6080` ✅ -- **Auswirkung**: Container startet mit korrekten Port-Konfigurationen - ---- - -## Phase 4: Finale Verifikation (10. September 2025) - -### 🎯 Optimierte Port-Übersicht (Nach Implementierung) - -#### Infrastructure Services -| Service | Port | Status | Zweck | -|---------|------|--------|-------| -| PostgreSQL | 5432 | ✅ OK | Database | -| Redis | 6379 | ✅ OK | Cache | -| Keycloak | 8180→8081 | ✅ OK | Authentication | -| Consul | 8500 | ✅ OK | Service Discovery | -| Zookeeper | 2181 | ✅ OK | Kafka Coordination | -| Kafka | 9092 | ✅ OK | Message Broker | -| Prometheus | 9090 | ✅ OK | Metrics | -| Grafana | 3000 | ✅ OK | Monitoring Dashboard | -| API Gateway | 8081 | ✅ OK | API Gateway | - -#### Business Services -| Service | Port | Status | Zweck | -|---------|------|--------|-------| -| Ping Service | 8082 | ✅ OK | Health & Test Service | -| Members Service | 8083 | ✅ OK | Member Management | -| Horses Service | 8084 | ✅ OK | Horse Management | -| Events Service | 8085 | ✅ OK | Event Management | -| Masterdata Service | 8086 | ✅ OK | Master Data | - -#### Client Applications -| Service | Port | Status | Zweck | -|---------|------|--------|-------| -| Web App | 4000 | ✅ FIXED | WASM Web Frontend | -| Desktop VNC Direct | 5901 | ✅ OK | VNC Direct Access | -| Desktop VNC Web | 6080 | ✅ FIXED | noVNC Web Interface | -| Auth Server | 8087 | ✅ OK | Custom Auth Extensions | -| Monitoring Server | 8088 | ✅ OK | Custom Monitoring | - -### 🏗️ Infrastructure Module Vollständig Containerisiert ✅ - -**Analysierte Komponenten:** -``` -infrastructure/ -├── auth/ # Authentifizierung ✅ -├── cache/ # Caching-Infrastruktur ✅ -├── event-store/ # Event Sourcing ✅ -├── gateway/ # API Gateway (mit Dockerfile) ✅ -├── messaging/ # Messaging-System ✅ -└── monitoring/ # Monitoring & Observability ✅ -``` - -**Gateway Dockerfile Optimierungen:** -- Multi-Stage Build: Optimierte Containerisierung ✅ -- Security: Non-root User, System Updates ✅ -- Performance: Spring Boot Layer Caching, JVM Container Optimierungen ✅ -- Health Checks: Konfigurierbare Port-basierte Gesundheitsprüfungen ✅ -- Configuration: Vollständig über Environment Variables konfigurierbar ✅ - -### 🔍 Logische Port-Gruppierung -- **2000-2999**: Coordination Services (Zookeeper: 2181) -- **3000-3999**: Monitoring & UI (Grafana: 3000) -- **4000-4999**: Client Applications (Web App: 4000) -- **5000-5999**: Remote Access (VNC: 5901) -- **6000-6999**: Cache & Web Interfaces (Redis: 6379, noVNC: 6080) -- **8000-8099**: Infrastructure Services (Gateway: 8081, Auth: 8087-8088, Keycloak: 8180) -- **8100-8199**: Business Services (8082-8086) -- **9000-9999**: Messaging & Metrics (Kafka: 9092, Prometheus: 9090) - ---- - -## Testbarkeit & Verifikation - -### Docker Compose Kommandos -```bash -# Vollständiges System -docker-compose -f docker-compose.yml -f docker-compose.services.yml -f docker-compose.clients.yml up -d - -# Nur Infrastructure -docker-compose up -d - -# Nur Backend Services -docker-compose -f docker-compose.yml -f docker-compose.services.yml up -d - -# Nur Clients -docker-compose -f docker-compose.yml -f docker-compose.clients.yml up -d -``` - -### Health Check Validierung -```bash -# Web App Health Check -curl http://localhost:4000/health - -# Desktop VNC Web Interface -curl http://localhost:6080/vnc.html - -# All Service Health Checks -curl http://localhost:8081/actuator/health # API Gateway -curl http://localhost:8082/actuator/health # Ping Service -curl http://localhost:8083/actuator/health # Members Service -# ... etc. -``` - ---- - -## Fazit & Ergebnisse - -### ✅ VOLLSTÄNDIGE COMPLIANCE ERREICHT - -1. **Alle Port-Konflikte behoben** - Keine Kollisionen mehr zwischen Services -2. **Infrastructure Module vollständig containerisiert** - Komplette Docker-Integration -3. **Optimierungen implementiert** - Performance und Security Best Practices -4. **Konsistente Konfiguration** - Einheitliche Patterns über alle Dateien -5. **Skalierbare und wartbare Architektur** - Logische Port-Gruppierung -6. **Funktionierende Health Checks** - Korrekte Port-Verwendung in allen Prüfungen - -### 📊 Quantifizierte Verbesserungen -- **Port-Konflikte**: 3 kritische Konflikte → 0 Konflikte ✅ -- **Health Check Erfolgsrate**: ~60% → 100% ✅ -- **Konfigurationskonsistenz**: Fragmentiert → Vollständig einheitlich ✅ -- **Wartbarkeit**: Verbessert durch logische Port-Gruppierung ✅ - -### 🚀 Empfehlungen für die Zukunft -1. **Monitoring**: Überwachung der Port-Nutzung bei Service-Erweiterungen -2. **Documentation**: Port-Zuordnungen in README-Dateien aktuell halten -3. **Testing**: Regelmäßige Tests der Health Check Endpoints -4. **Security**: Regelmäßige Updates der Base Images in Dockerfiles - ---- - -**Analyse-Zeitraum**: 9.-10. September 2025 -**Status**: ✅ ALLE DOCKER-ANFORDERUNGEN VOLLSTÄNDIG ERFÜLLT -**Ursprüngliche Dateien konsolidiert**: DOCKER_INCONSISTENCIES_ANALYSIS.md, PORT_CONFLICTS_ANALYSIS.md, PORT_OPTIMIZATION_SUMMARY.md, INFRASTRUCTURE_DOCKER_ANALYSIS_FINAL.md diff --git a/DOCKER_COMPOSE_FIX_SUMMARY.md b/DOCKER_COMPOSE_FIX_SUMMARY.md deleted file mode 100644 index bb17509c..00000000 --- a/DOCKER_COMPOSE_FIX_SUMMARY.md +++ /dev/null @@ -1,42 +0,0 @@ -# Docker Compose Fix Summary - Meldestelle Project - -## What was failing -Starting docker-compose.services.yml or docker-compose.clients.yml alone (while docker-compose.yml was already running) failed with errors like: -- service "ping-service" depends on undefined service "consul" -- service "web-app" depends on undefined service "api-gateway" - -## Root cause -Docker Compose validates depends_on only against services defined in the same compose project (the files provided in the same command). Our services/clients files referenced infrastructure services (consul, postgres, redis, keycloak, api-gateway) that live in docker-compose.yml, so starting them standalone produced “depends on undefined service”. - -## Fixes applied (minimal, safe) -1. Removed cross-file depends_on from these files: - - docker-compose.services.yml → ping-service (removed depends_on on consul, postgres, redis) - - docker-compose.clients.yml → web-app, desktop-app, auth-server, monitoring-server (removed depends_on on api-gateway, keycloak, postgres) -2. Kept existing healthchecks. The apps already handle startup ordering by retrying connections, and you are starting infra first, so this is safe. -3. Left networking as-is to continue sharing the same project-scoped bridge network when using the same project name. - -## How to run now -Option A — Recommended project name (ensures all stacks share the same resources): -- Start infra: - docker compose -p meldestelle -f docker-compose.yml up -d -- Start services (optional): - docker compose -p meldestelle -f docker-compose.services.yml up -d -- Start clients (optional): - docker compose -p meldestelle -f docker-compose.clients.yml up -d - -Option B — Combined (unchanged and still works): -- Infra + Services: - docker compose -f docker-compose.yml -f docker-compose.services.yml up -d -- Infra + Clients: - docker compose -f docker-compose.yml -f docker-compose.clients.yml up -d -- Full stack: - docker compose -f docker-compose.yml -f docker-compose.services.yml -f docker-compose.clients.yml up -d - -Notes: -- Always start docker-compose.yml before the others when running separately. -- Using -p meldestelle ensures the same project-scoped network (meldestelle_meldestelle-network) is reused so containers can resolve each other (postgres, consul, api-gateway, etc.). -- If you prefer not to pass -p each time, you can export COMPOSE_PROJECT_NAME=meldestelle in your shell or define it in .env. - -## Status -- Services and clients files can now be started standalone (with -p meldestelle) while the infra stack is already running. -- Combined modes continue to work. diff --git a/Docker-Container-Bericht.md b/Docker-Container-Bericht.md deleted file mode 100644 index 18fe2be4..00000000 --- a/Docker-Container-Bericht.md +++ /dev/null @@ -1,88 +0,0 @@ -# Docker Container Analyse-Bericht -**Datum:** 09. September 2025, 10:57 Uhr -**System:** Meldestelle Projekt - Docker Container Status - -## Executive Summary -Die Docker-Container-Analyse zeigt ein gemischtes Bild: Die meisten Basis-Services laufen stabil, aber es gibt **zwei kritische Ausfälle** die sofortige Aufmerksamkeit erfordern. - -## Container Status Übersicht - -### ✅ **GESUNDE CONTAINER** (Laufen einwandfrei) -| Container | Status | Port | Uptime | -|-----------|---------|------|--------| -| meldestelle-postgres | Healthy | 5432 | 3 Stunden | -| meldestelle-redis | Healthy | 6379 | 3 Stunden | -| meldestelle-consul | Healthy | 8500 | 3 Stunden | -| meldestelle-kafka | Healthy | 9092 | 3 Stunden | -| meldestelle-zookeeper | Healthy | 2181 | 3 Stunden | -| meldestelle-api-gateway | Healthy | 8081 | 3 Stunden | -| meldestelle-grafana | Healthy | 3000 | 3 Stunden | - -### ❌ **KRITISCHE PROBLEME** - -#### 1. **meldestelle-prometheus** - KONTINUIERLICHER NEUSTART -- **Status:** Restarting (Exit Code 2) -- **Problem:** Konfigurationsdatei fehlt -- **Fehler:** `open /etc/prometheus/prometheus.yml: no such file or directory` -- **Ursache:** Das Verzeichnis `./docker/monitoring/prometheus/` ist leer -- **Auswirkung:** Kein Monitoring der Services möglich - -#### 2. **meldestelle-keycloak** - GESTOPPT -- **Status:** Exited (137) - vor 19 Minuten beendet -- **Problem:** Port-Konfigurationsfehler -- **Details:** - - Container läuft intern auf Port 8080 - - Docker-Compose Mapping wurde auf 8081 geändert - - Health-Check versucht Port 8081, aber Service läuft auf 8080 -- **Auswirkung:** Keine Authentifizierung verfügbar - -## Identifizierte Konflikte und Probleme - -### 🔧 **Konfigurationskonflikte** -1. **Keycloak Port-Mismatch:** - - Kürzliche Änderung: Port-Mapping von `8180:8080` auf `8180:8081` - - Health-Check zeigt auf `localhost:8081`, aber Keycloak läuft auf Port 8080 - - Dies führt zu fehlschlagenden Health-Checks und Container-Neustart - -### 📁 **Fehlende Dateien** -1. **Prometheus Konfiguration:** - - Verzeichnis `./docker/monitoring/prometheus/` existiert, ist aber leer - - Benötigt: `prometheus.yml` Konfigurationsdatei - - Ohne diese Datei kann Prometheus nicht starten - -### ⚠️ **Weitere Beobachtungen** -1. **Umgebungsvariablen-Änderung:** - - In `.env.ping-test`: JAVA_OPTS wurde in Anführungszeichen gesetzt - - Dies deutet auf kürzliche Debugging-Aktivitäten hin - -## Empfohlene Lösungsschritte - -### **Sofort erforderlich:** - -1. **Prometheus reparieren:** - ```bash - # Erstelle prometheus.yml Konfigurationsdatei - touch ./docker/monitoring/prometheus/prometheus.yml - # Füge Basis-Konfiguration hinzu - ``` - -2. **Keycloak Port-Problem lösen:** - ```bash - # Option A: Health-Check auf Port 8080 ändern - # Option B: Keycloak auf Port 8081 konfigurieren - # Empfehlung: Health-Check anpassen - ``` - -### **Mittelfristig:** -1. Vollständige Prometheus-Konfiguration mit Service-Discovery einrichten -2. Keycloak-Konfiguration standardisieren -3. Monitoring-Dashboards in Grafana konfigurieren - -## Fazit -**Status: 🟡 GELB - Teilweise funktionsfähig** - -- ✅ Kern-Infrastruktur (DB, Cache, Messaging) läuft stabil -- ❌ Monitoring und Authentifizierung sind ausgefallen -- 🔧 Zwei kritische Konfigurationsprobleme müssen behoben werden - -Die Container-Infrastruktur ist grundsätzlich gut aufgesetzt mit ordnungsgemäßen Health-Checks und Abhängigkeiten. Die aktuellen Probleme sind konfigurationsbedingt und können schnell behoben werden. diff --git a/FILE_CONSOLIDATION_RECOMMENDATIONS.md b/FILE_CONSOLIDATION_RECOMMENDATIONS.md deleted file mode 100644 index eaa07ddf..00000000 --- a/FILE_CONSOLIDATION_RECOMMENDATIONS.md +++ /dev/null @@ -1,133 +0,0 @@ -# Datei-Konsolidierung Empfehlungen - Meldestelle Projekt - -**Datum:** 10. September 2025, 23:07 Uhr -**Analyse:** Vollständige Bewertung der 21 angeforderten Dateien - -## Executive Summary - -Von den 21 analysierten Dateien sind **alle noch benötigt**, jedoch gibt es erhebliche Konsolidierungs- und Aktualisierungsmöglichkeiten: - -- **7 Dateien** können zusammengeführt werden (3 Gruppen) -- **2 Dateien** sollten gelöscht werden (Redundanz) -- **8 Dateien** benötigen Aktualisierungen (veraltete Port-Informationen) -- **4 Dateien** können unverändert bleiben - -## Detaillierte Empfehlungen - -### 🔄 ZUSAMMENFÜHREN (3 Gruppen) - -#### Gruppe 1: Docker-Analyse Berichte → **DOCKER_ANALYSIS_COMPLETE.md** -**Zusammenführen:** -- `DOCKER_INCONSISTENCIES_ANALYSIS.md` (Sep 9) - Problemidentifikation -- `PORT_CONFLICTS_ANALYSIS.md` (Sep 10) - Spezifische Port-Konflikte -- `PORT_OPTIMIZATION_SUMMARY.md` (Sep 10) - Lösungsübersicht -- `INFRASTRUCTURE_DOCKER_ANALYSIS_FINAL.md` (Sep 10) - Finale Analyse - -**Begründung:** Diese 4 Dateien dokumentieren den kompletten Workflow der Docker-Port-Optimierung von Problemerkennung bis zur Lösung. Sie enthalten überlappende Informationen und können zu einem umfassenden Analysebericht konsolidiert werden. - -#### Gruppe 2: Projekt-Berichte → **PROJEKT_SERVICES_ANALYSIS.md** -**Zusammenführen:** -- `Ping-Service-Analyse-Bericht.md` - Service-spezifische Analyse -- `Ping-Service-Problem-Lösung.md` - Lösungsansätze -- `SERVICES_TEST_REPORT.md` - Test-Ergebnisse - -**Begründung:** Diese 3 Dateien behandeln Service-Analysen und können zu einem konsolidierten Service-Analysebericht zusammengefasst werden. - -### ❌ LÖSCHEN (Redundanz) - -#### `FOLDER_STRUCTURE_ANALYSIS.md` -**Begründung:** Die Projektstruktur ist bereits umfassend in `README.md` dokumentiert und die Struktur ist stabil. Eine separate Strukturanalyse ist redundant. - -#### `Trace-Bullet-Bericht.md` -**Begründung:** Falls sich auf veraltete Trace-Bullet-Tests bezieht, die durch umfassendere Tests ersetzt wurden. - -### 🔧 AKTUALISIEREN (Veraltete Port-Informationen) - -#### `README-DOCKER.md` (Sep 9) -**Problem:** Zeigt Web App auf Port 3000 (Zeile 31), aber wurde auf Port 4000 geändert -**Update benötigt:** Port-Konfigurationen aktualisieren - -#### `README-DOCKER-CLIENT-CONTAINERIZATION.md` (Sep 10) -**Problem:** Zeigt Web App auf Port 3000 (Zeilen 13, 66, 98, 114), Health Check Port 3000 -**Update benötigt:** Alle Port-Referenzen auf 4000 aktualisieren - -#### `Makefile` (Sep 9) -**Problem:** Zeile 98 zeigt Web App auf Port 3000 -**Update benötigt:** Port-Informationen in Ausgaben korrigieren - -#### `README-PING-TEST.md` (Sep 9) -**Vermutung:** Könnte veraltete Port-Informationen enthalten -**Update benötigt:** Überprüfung und Aktualisierung der Port-Konfigurationen - -#### `GATEWAY-STARTUP-GUIDE.md` (Sep 9) -**Update benötigt:** Überprüfung auf veraltete Port-/Konfigurationsinformationen - -#### `README-ENV.md` (Sep 9) -**Update benötigt:** Überprüfung der Environment-Variable-Dokumentation - -#### `README-PRODUCTION.md` (Sep 9) -**Update benötigt:** Überprüfung der Produktions-Port-Konfigurationen - -#### `Docker-Container-Bericht.md` (Sep 9) -**Update benötigt:** Überprüfung und Aktualisierung der Container-Konfigurationsinformationen - -### ✅ UNVERÄNDERT LASSEN - -#### `README.md` (Sep 9) -**Status:** Umfassende, aktuelle Projektdokumentation -**Begründung:** Hauptdokumentation ist gut strukturiert und aktuell - -#### `PROJEKT_OPTIMIERUNG_BERICHT.md` (Sep 10) -**Status:** Aktueller Optimierungsbericht -**Begründung:** Neuester zusammenfassender Bericht über alle Optimierungen - -#### `docker-compose-ping-test.yml` (Sep 9) -**Status:** Funktionale Test-Konfiguration -**Begründung:** Spezifische Test-Setup mit isolierten Ports, erfüllt klaren Zweck - -#### `test-services-startup.sh` (Sep 9) -**Status:** Funktionales Test-Skript -**Begründung:** Automatisiertes Testing-Tool, aktiv verwendet - -## Implementierungsplan - -### Phase 1: Zusammenführungen (Priorität: Hoch) -1. **Docker-Analyse-Konsolidierung** - - Erstelle `DOCKER_ANALYSIS_COMPLETE.md` - - Integriere chronologischen Workflow: Problem → Analyse → Lösung → Verifikation - - Lösche 4 ursprüngliche Dateien - -2. **Service-Analyse-Konsolidierung** - - Erstelle `PROJEKT_SERVICES_ANALYSIS.md` - - Kombiniere Service-spezifische Analysen und Tests - - Lösche 3 ursprüngliche Dateien - -### Phase 2: Aktualisierungen (Priorität: Hoch) -1. **Port-Korrekturen (KRITISCH)** - - README-DOCKER.md: Port 3000 → 4000 - - README-DOCKER-CLIENT-CONTAINERIZATION.md: Alle Port-Referenzen aktualisieren - - Makefile: Ausgabe-Ports korrigieren - -2. **Dokumentations-Updates** - - Weitere README-Dateien überprüfen und aktualisieren - - Gateway- und Environment-Dokumentation überprüfen - -### Phase 3: Bereinigung (Priorität: Mittel) -1. **Redundante Dateien löschen** - - FOLDER_STRUCTURE_ANALYSIS.md - - Trace-Bullet-Bericht.md (nach Verifikation) - -## Ergebnis nach Implementierung - -- **Von 21 auf 13 Dateien** (38% Reduktion) -- **Eliminierte Redundanzen** und Inkonsistenzen -- **Aktualisierte Dokumentation** mit korrekten Port-Konfigurationen -- **Verbesserte Wartbarkeit** durch konsolidierte Berichte - -## Sofortige Maßnahmen empfohlen - -1. **KRITISCH:** Port-Updates in README und Makefile (Produktionsrelevant) -2. **HOCH:** Docker-Analyse-Konsolidierung (Reduziert Verwirrung) -3. **MITTEL:** Service-Analyse-Konsolidierung und Bereinigung - -Diese Empfehlungen adressieren alle Anforderungen aus der ursprünglichen Anfrage und optimieren die Projektdokumentation erheblich. diff --git a/GATEWAY-STARTUP-GUIDE.md b/GATEWAY-STARTUP-GUIDE.md deleted file mode 100644 index d7218b8d..00000000 --- a/GATEWAY-STARTUP-GUIDE.md +++ /dev/null @@ -1,200 +0,0 @@ -# Gateway Startup Guide - Korrigierte Befehle - -Dieses Dokument erklärt die korrekten Befehle zum Starten des API Gateways sowohl mit Gradle als auch mit Docker. - -## Wichtiger Hinweis: Arbeitsverzeichnis - -**ALLE BEFEHLE MÜSSEN AUS DEM PROJEKT-ROOT-VERZEICHNIS AUSGEFÜHRT WERDEN:** - -```bash -# Sicherstellen, dass Sie im richtigen Verzeichnis sind -cd /home/stefan/WsMeldestelle/Meldestelle - -# Überprüfen des aktuellen Verzeichnisses -pwd -# Sollte ausgeben: /home/stefan/WsMeldestelle/Meldestelle - -# Überprüfen, dass gradlew vorhanden ist -ls -la gradlew -``` - -## 1. Gateway mit Gradle starten - -### Entwicklungsumgebung (Development) -```bash -# Aus dem Projekt-Root-Verzeichnis: -./gradlew :infrastructure:gateway:bootRun - -# Mit spezifischem Profil: -./gradlew :infrastructure:gateway:bootRun --args='--spring.profiles.active=dev' -``` - -### Produktionsumgebung -```bash -# Gateway JAR bauen: -./gradlew :infrastructure:gateway:bootJar - -# Gateway ausführen: -java -jar infrastructure/gateway/build/libs/gateway-*.jar -``` - -## 2. Gateway mit Docker starten - -### Docker Image bauen -```bash -# Aus dem Projekt-Root-Verzeichnis: -docker build -t meldestelle/gateway:latest -f infrastructure/gateway/Dockerfile . - -# Mit Build-Argumenten (optional): -docker build \ - --build-arg SPRING_PROFILES_ACTIVE=prod \ - -t meldestelle/gateway:latest \ - -f infrastructure/gateway/Dockerfile . -``` - -### Docker Container starten -```bash -# Einfacher Start: -docker run -p 8080:8080 meldestelle/gateway:latest - -# Mit Umgebungsvariablen: -docker run \ - -p 8080:8080 \ - -e SPRING_PROFILES_ACTIVE=prod \ - -e CONSUL_HOST=localhost \ - -e CONSUL_PORT=8500 \ - --name gateway \ - meldestelle/gateway:latest - -# Im Hintergrund starten: -docker run -d \ - -p 8080:8080 \ - -e SPRING_PROFILES_ACTIVE=prod \ - --name gateway \ - meldestelle/gateway:latest -``` - -### Docker Container verwalten -```bash -# Container Status prüfen: -docker ps - -# Logs anzeigen: -docker logs gateway - -# Container stoppen: -docker stop gateway - -# Container entfernen: -docker rm gateway - -# Image entfernen: -docker rmi meldestelle/gateway:latest -``` - -## 3. Gateway mit Docker Compose - -### docker-compose.yml verwenden -```bash -# Services starten (inkl. Gateway): -docker-compose up -d gateway - -# Oder alle Services: -docker-compose up -d - -# Logs verfolgen: -docker-compose logs -f gateway - -# Services stoppen: -docker-compose down -``` - -## 4. Fehlerbehebung - -### Häufige Fehler und Lösungen - -#### "./gradlew: Datei oder Verzeichnis nicht gefunden" -**Problem:** Sie befinden sich nicht im Projekt-Root-Verzeichnis. -**Lösung:** -```bash -cd /home/stefan/WsMeldestelle/Meldestelle -ls -la gradlew # Sollte die gradlew-Datei anzeigen -``` - -#### "lstat infrastructure: no such file or directory" -**Problem:** Docker build wird mit falschem Kontext ausgeführt. -**Lösung:** -```bash -# Sicherstellen, dass Sie im Projekt-Root sind: -cd /home/stefan/WsMeldestelle/Meldestelle - -# Dockerfile-Pfad korrekt angeben: -docker build -t meldestelle/gateway:latest -f infrastructure/gateway/Dockerfile . -``` - -#### "Image nicht gefunden" beim docker run -**Problem:** Das Image wurde noch nicht gebaut. -**Lösung:** -```bash -# Zuerst das Image bauen: -docker build -t meldestelle/gateway:latest -f infrastructure/gateway/Dockerfile . - -# Dann den Container starten: -docker run -p 8080:8080 meldestelle/gateway:latest -``` - -## 5. Gateway Health Check - -Nach dem Start können Sie die Gateway-Gesundheit überprüfen: - -```bash -# Health Endpoint: -curl http://localhost:8080/actuator/health - -# Metriken: -curl http://localhost:8080/actuator/metrics - -# Gateway-Routen: -curl http://localhost:8080/actuator/gateway/routes -``` - -## 6. Umgebungsvariablen - -Wichtige Umgebungsvariablen für die Gateway-Konfiguration: - -```bash -# Spring Profil -export SPRING_PROFILES_ACTIVE=dev|test|prod - -# Consul Konfiguration -export CONSUL_HOST=localhost -export CONSUL_PORT=8500 - -# Gateway Admin Credentials -export GATEWAY_ADMIN_USER=admin -export GATEWAY_ADMIN_PASSWORD=secure-password - -# Logging Level -export LOGGING_LEVEL_ROOT=INFO -export LOGGING_LEVEL_GATEWAY=DEBUG -``` - -## 7. Zusammenfassung der korrekten Befehle - -```bash -# IMMER aus dem Projekt-Root-Verzeichnis: -cd /home/stefan/WsMeldestelle/Meldestelle - -# Gateway mit Gradle starten: -./gradlew :infrastructure:gateway:bootRun - -# Gateway Docker Image bauen: -docker build -t meldestelle/gateway:latest -f infrastructure/gateway/Dockerfile . - -# Gateway Container starten: -docker run -p 8080:8080 meldestelle/gateway:latest -``` - ---- - -**Wichtiger Hinweis:** Alle Pfade sind relativ zum Projekt-Root-Verzeichnis (`/home/stefan/WsMeldestelle/Meldestelle`). Stellen Sie sicher, dass Sie sich immer in diesem Verzeichnis befinden, bevor Sie die Befehle ausführen. diff --git a/PROJEKT_OPTIMIERUNG_BERICHT.md b/PROJEKT_OPTIMIERUNG_BERICHT.md deleted file mode 100644 index 684e7cfc..00000000 --- a/PROJEKT_OPTIMIERUNG_BERICHT.md +++ /dev/null @@ -1,217 +0,0 @@ -# Projekt Optimierung Bericht - Meldestelle -**Datum:** 10. September 2025, 22:51 Uhr -**Analyst:** Junie AI Assistant -**Projekt:** Meldestelle (Kotlin Multiplatform mit Compose) -**Update:** Vollständige Infrastruktur-Optimierung und Port-Konflikt-Behebung - -## Zusammenfassung - -Das Meldestelle-Projekt wurde umfassend analysiert und optimiert. Es handelt sich um eine moderne, gut strukturierte Kotlin Multiplatform-Anwendung mit Compose Multiplatform für Desktop- und Web-Clients. Die Analyse ergab, dass das Projekt bereits auf einem hohen technischen Niveau steht, aber mehrere wichtige Optimierungen implementiert werden konnten. - -## Haupterkenntnisse - -### ✅ Positive Aspekte (bereits vorhanden) -- **Moderne Technologien:** Kotlin 2.2.10, Spring Boot 3.5.5, Compose Multiplatform 1.8.2 -- **Aktuelle Dependencies:** Sehr gut gepflegte Abhängigkeiten (letzte Aktualisierung: 2025-07-31) -- **Saubere Architektur:** Klare Trennung in Core, Platform, Infrastructure und Client Module -- **Docker-Integration:** Umfassende Container-Unterstützung -- **Multiplatform-Setup:** Korrekte Implementierung für JVM (Desktop) und WASM-JS (Web) -- **Gradle 9.0.0:** Neueste Gradle-Version mit modernen Features - -### ⚠️ Identifizierte Probleme und Lösungen - -## Implementierte Optimierungen - -### 🆕 NEUE KRITISCHE OPTIMIERUNGEN (Abend 10.09.2025) - -#### ✅ Port-Konflikt-Resolution (KRITISCH) -**Problem:** Schwerwiegende Port-Konflikte identifiziert und behoben -- ❌ Web-App Health Check verwendete falschen Port (3000 statt 4000) -- ❌ Desktop VNC Port-Mapping inkonsistent (6901 vs 6080) -- ❌ Environment Variables inkonsistent -- ❌ Dockerfile-Konfigurationen widersprüchlich - -**✅ ALLE KONFLIKTE BEHOBEN:** -```bash -# Web App Health Check Korrektur -healthcheck: - test: ["CMD", "curl", "--fail", "http://localhost:4000/health"] # ✅ War 3000 - -# Desktop VNC Port Mapping Korrektur -ports: - - "6080:6080" # ✅ War 6901:6901 - - "5901:5901" - -# Environment Variables Konsistenz -DESKTOP_WEB_VNC_PORT=6080 # ✅ War 6901 -``` - -#### ✅ Vollständige Infrastruktur-Docker-Analyse -**Umfassende Containerisierung abgeschlossen:** -- **Gateway Dockerfile optimiert:** Multi-Stage Build, Security Hardening -- **Port-Gruppierung:** Logische 8000er-Bereiche für Services -- **Health Check Konsistenz:** Alle Services verwenden korrekte Ports -- **Security Best Practices:** Non-root Users, Network Isolation - -### 1. Docker-Konfiguration Fixes (Ursprüngliche Optimierungen) -**Problem:** Veraltete und inkorrekte Docker-Konfigurationen -- ❌ Falsche Client-Pfade (`client/web-app` statt `client`) -- ❌ Veraltete Gradle-Version (8.10 statt 9.0) -- ❌ Falsche Build-Tasks (`jsBrowserDistribution` statt `wasmJsBrowserDistribution`) -- ❌ Unnötige Node.js Installation für WASM-Builds -- ❌ Keycloak Port-Mismatch (8080 vs 8081) - -**✅ Lösungen implementiert:** -- Client-Pfade korrigiert: `client/web-app` → `client` -- Gradle-Version aktualisiert: `8.10` → `9.0` -- Build-Tasks korrigiert: `jsBrowserDistribution` → `wasmJsBrowserDistribution` -- Node.js Installation entfernt (nicht benötigt für WASM) -- Keycloak Ports vereinheitlicht - -### 2. Dependency Updates -**✅ Aktualisierungen:** -- Keycloak: 23.0 → 25.0.6 (entspricht Version Catalog) -- Gradle Wrapper: bestätigt auf 9.0.0 -- Docker Build-Konfiguration korrigiert - -### 3. Security Enhancements -**✅ Nginx Sicherheits-Header hinzugefügt:** -```nginx -# Neue Security Headers -add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self';" always; -add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; -``` -- **CSP:** Content Security Policy mit WASM-Unterstützung -- **HSTS:** Strict Transport Security für HTTPS-Erzwingung - -### 4. Build Performance Optimierungen -**✅ Implementierte Verbesserungen:** -- Entfernung unnötiger Node.js Installation (reduziert Docker Image-Größe) -- Korrekte WASM-Build-Tasks verwenden -- Curl-Installation für Health Checks optimiert -- Docker Layer-Caching durch bessere Reihenfolge - -### 5. Code Structure Improvements -**✅ Verbesserungen:** -- Business Module Status dokumentiert (temporär deaktiviert für Multiplatform-Migration) -- Klare Kommentierung warum Module deaktiviert sind -- Korrekte Pfad-Referenzen in allen Docker-Files - -## Build-Verifikation - -**✅ Build erfolgreich:** -``` -BUILD SUCCESSFUL in 1m 22s -202 actionable tasks: 143 executed, 34 from cache, 25 up-to-date -``` - -**✅ WASM-Output generiert:** -- `skiko.wasm`: 8.01 MiB -- `Meldestelle-client.wasm`: 1.44 MiB -- `composeApp.js`: 542 KiB - -## Aktuelle Projekt-Struktur - -### Aktive Module -``` -├── core (core-domain, core-utils) -├── platform (platform-bom, platform-dependencies, platform-testing) -├── infrastructure (gateway, auth, messaging, cache, event-store, monitoring) -├── client (Compose Multiplatform - JVM + WASM-JS) -├── temp (ping-service) -└── docs -``` - -### Deaktivierte Business Module -``` -├── members (domain, application, infrastructure, api, service) -├── horses (domain, application, infrastructure, api, service) -├── events (domain, application, infrastructure, api, service) -└── masterdata (domain, application, infrastructure, api, service) -``` - -**Grund:** Diese Module benötigen Multiplatform-Konfiguration Updates für KMP/WASM-Kompatibilität. - -## Empfehlungen für weitere Optimierungen - -### ✅ ABGESCHLOSSENE KRITISCHE OPTIMIERUNGEN -**Seit der ursprünglichen Analyse zusätzlich implementiert:** -1. **Port-Konflikt-Behebung** ✅ VOLLSTÄNDIG BEHOBEN - - Alle 3 kritischen Port-Konflikte identifiziert und behoben - - Web-App Health Checks funktionieren (Port 4000) - - Desktop VNC korrekt erreichbar (Port 6080) - - Environment Variables vollständig konsistent -2. **Infrastruktur-Docker-Analyse** ✅ ABGESCHLOSSEN - - Vollständige Containerisierung aller Infrastructure Services - - Gateway Dockerfile optimiert mit Security Hardening - - Port-Gruppierung nach logischen Bereichen implementiert - -### 🔄 Nächste Schritte (Priorität: Hoch) -1. **Business Module Migration** - - Platform-Testing Modul für JS/WASM erweitern - - Business Module Build-Scripts für Multiplatform anpassen - - Graduelle Reaktivierung der Module - -### 🔄 Mittelfristige Verbesserungen -1. **Performance** - - Configuration Cache aktivieren (`--configuration-cache`) - - Build Cache Optimierung - - Parallel Builds verbessern - -2. **Security** - - Secrets Management für Docker Compose - - Certificate Management für HTTPS - - Vulnerability Scanning Integration - -3. **Monitoring** - - Health Check Endpoints für alle Services - - Metrics Dashboard Setup - - Log Aggregation - -### 🔄 Langfristige Optimierungen -1. **CI/CD Pipeline** - - Automated Testing Pipeline - - Container Registry Integration - - Deployment Automation - -2. **Development Experience** - - Hot-Reload für alle Module - - Development Docker Compose Setup - - IDE Integration Verbesserungen - -## Risikobewertung - -### ✅ Niedrig -- Docker-Konfiguration Fixes: Vollständig getestet -- Dependency Updates: Kompatibel -- Security Headers: Standard-konform - -### ⚠️ Mittel -- Business Module Reaktivierung: Erfordert weitere Arbeit -- Chrome Testing Issues: Environment-spezifisch - -### 🔴 Keine kritischen Risiken identifiziert - -## Fazit - -Das Meldestelle-Projekt ist technisch sehr gut aufgestellt und folgt modernen Best Practices. Die implementierten Optimierungen verbessern: - -- **Sicherheit:** Enhanced Security Headers + Docker Security Hardening -- **Performance:** Optimierte Docker Builds + Port-Konflikt-freie Architektur -- **Wartbarkeit:** Korrekte Konfigurationen + Vollständige Infrastruktur-Containerisierung -- **Stabilität:** Funktionierende WASM-Builds + Konsistente Health Checks -- **🆕 Zuverlässigkeit:** Alle kritischen Port-Konflikte behoben -- **🆕 Betriebsbereitschaft:** Vollständige Docker-Container-Infrastruktur - -### Zusätzliche Analyse-Dokumentation -**Erweiterte Dokumentation erstellt:** -- `INFRASTRUCTURE_DOCKER_ANALYSIS_FINAL.md` - Vollständige Container-Analyse -- `PORT_CONFLICTS_ANALYSIS.md` - Detaillierte Port-Konflikt-Analyse -- `PORT_OPTIMIZATION_SUMMARY.md` - Zusammenfassung aller Optimierungen - -Die wichtigste verbleibende Aufgabe ist die Migration der Business Module für vollständige Multiplatform-Kompatibilität, was das Projekt zu seinem vollen Potenzial bringen würde. - ---- -**Status:** ✅ Umfassende Optimierung erfolgreich abgeschlossen -**Zusätzliche Achievements:** ✅ Kritische Port-Konflikte behoben, ✅ Infrastruktur vollständig containerisiert -**Nächster Review:** Bei Business Module Migration diff --git a/PROJEKT_SERVICES_ANALYSIS.md b/PROJEKT_SERVICES_ANALYSIS.md deleted file mode 100644 index 5fbf4bc8..00000000 --- a/PROJEKT_SERVICES_ANALYSIS.md +++ /dev/null @@ -1,314 +0,0 @@ -# Projekt Services Analyse - Vollständiger Bericht - -**Datum:** 10. September 2025, 23:13 Uhr -**Status:** Umfassende Service-Analyse und Problemlösung abgeschlossen -**Konsolidiert aus:** 3 separaten Service-Berichten - -## Executive Summary ✅ - -**VOLLSTÄNDIGE SERVICE-OPTIMIERUNG ERFOLGREICH**: Komplette Analyse, Problemlösung und Verifikation aller Meldestelle-Services. Von der initialen Problemidentifikation über die Lösungsimplementierung bis zur finalen Validierung durch umfassende Tests. - ---- - -## Phase 1: Problemidentifikation & Analyse (9. September 2025) - -### 🔍 **Ping-Service Startup-Probleme identifiziert** - -#### Status Übersicht - -**✅ KORREKTE KONFIGURATIONEN** -| Komponente | Status | Details | -|------------|--------|---------| -| docker-compose.services.yml | ✅ Korrekt | Syntaktisch einwandfrei, alle Services definiert | -| Dockerfile | ✅ Vorhanden | Existiert unter `dockerfiles/services/ping-service/Dockerfile` | -| Dependencies | ✅ Verfügbar | Consul, Postgres, Redis laufen und sind healthy | -| Environment Variables | ✅ Definiert | Alle Variablen in .env.dev korrekt konfiguriert | -| Port-Mapping | ✅ Korrekt | 8082:8082 Port-Mapping funktional | - -**❌ IDENTIFIZIERTE PROBLEME** - -#### 1. Ping-Service Startup-Verzögerung -- **Status:** Container läuft, aber Health-Check schlägt fehl -- **Symptom:** Bleibt dauerhaft im Status "health: starting" -- **Fehler:** Connection Reset beim Zugriff auf `/actuator/health` -- **Ursache:** Anwendung startet nicht vollständig oder hängt bei der Initialisierung - -#### 2. Environment Variable Resolution -- **Problem:** Einige Variablen werden nicht korrekt aufgelöst -- **Beobachtung:** In Logs erscheint `${JAVA_VERSION}` statt aufgelöster Wert -- **Auswirkung:** Deutet auf Build- oder Runtime-Konfigurationsprobleme hin - -#### 3. Application Startup Issues -- **Symptom:** Spring Boot startet, aber Health-Endpoint wird nicht verfügbar -- **Details:** - - Service läuft auf Java 21.0.8 - - Spring Boot 3.5.5 initialisiert korrekt - - Dev-Profil wird aktiviert - - Aber `/actuator/health` antwortet nicht - -### Root Cause Analyse - -**Wahrscheinliche Ursachen:** -1. **Application Configuration Issue** - Fehlende oder fehlerhafte Spring Boot Service Konfiguration -2. **Resource Constraints** - Insufficient Memory/CPU für Java 21 + Spring Boot -3. **Network/Port Issues** - Interne Port-Bindung funktioniert nicht korrekt -4. **Build Issues** - Unvollständiges Build-Artefakt - ---- - -## Phase 2: Lösungsimplementierung (9. September 2025) - -### ✅ **PROBLEM IDENTIFIZIERT UND GELÖST** - -#### 1. Hauptproblem: Hardcodierte Consul-Konfiguration -```yaml -# FEHLERHAFT in temp/ping-service/src/main/resources/application.yml -spring: - cloud: - consul: - host: localhost # ❌ Hardcodiert für lokale Entwicklung - port: 8500 -``` -**Problem:** In Docker-Container-Umgebung muss der Consul-Host `consul` sein, nicht `localhost`. - -#### 2. Sekundärproblem: Umgebungsvariablen im Dockerfile -**Problem:** Build-Args wurden nicht als ENV-Variablen exponiert. - -### Implementierte Lösungen - -#### ✅ **Lösung 1: Consul-Konfiguration korrigiert** -```yaml -# KORRIGIERT in temp/ping-service/src/main/resources/application.yml -spring: - application: - name: ping-service - cloud: - consul: - host: ${CONSUL_HOST:localhost} # ✅ Umgebungsvariable mit Fallback - port: ${CONSUL_PORT:8500} # ✅ Konfigurierbar - discovery: - enabled: ${CONSUL_ENABLED:true} # ✅ Kann deaktiviert werden - register: true - health-check-path: /actuator/health - health-check-interval: 10s -``` - -#### ✅ **Lösung 2: Dockerfile Environment-Variablen korrigiert** -```dockerfile -# KORRIGIERT im Dockerfile -# Convert build arguments to environment variables -ENV JAVA_VERSION=${JAVA_VERSION} \ - VERSION=${VERSION} \ - BUILD_DATE=${BUILD_DATE} -``` - -#### ✅ **Lösung 3: Docker-Compose Konfiguration angepasst** -```yaml -# KORRIGIERT in docker-compose.services.yml -ping-service: - environment: - SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-dev} - SERVER_PORT: ${PING_SERVICE_PORT:-8082} - CONSUL_HOST: consul # ✅ Korrekte Container-Referenz - CONSUL_PORT: ${CONSUL_PORT:-8500} - CONSUL_ENABLED: false # ✅ Temporär deaktiviert für Tests -``` - -### Technische Details der Lösung - -**Warum die Umgebungsvariablen nicht funktionierten:** -1. **Build-Time vs Runtime:** Die ursprüngliche Konfiguration war zur Build-Zeit hardcodiert -2. **JAR-Kompilierung:** Spring Boot kompiliert die `application.yml` in das JAR-File -3. **Override-Reihenfolge:** Umgebungsvariablen können nur konfigurierbare Werte überschreiben - ---- - -## Phase 3: Umfassende Systemverifikation (8.-9. September 2025) - -### 🎯 **Infrastructure Services Testing - ERFOLGREICH** - -#### ✅ **VOLLSTÄNDIG GETESTETE SERVICES** - -**1. PostgreSQL Database** ✅ -- Status: **HEALTHY** -- Health Check: `pg_isready -U meldestelle -d meldestelle` -- Port: 5432 -- Notes: Startet korrekt und antwortet auf Health Checks - -**2. Redis Cache** ✅ -- Status: **HEALTHY** -- Health Check: `redis-cli ping` -- Port: 6379 -- Notes: Initialisiert schnell und antwortet auf Ping-Kommandos - -**3. Consul Service Discovery** ✅ -- Status: **HEALTHY** -- Health Check: `http://localhost:8500/v1/status/leader` -- Port: 8500 -- Response: Gibt valide Leader-Informationen zurück -- Notes: URL-Parsing-Problem gelöst, Health Endpoint funktioniert korrekt - -**4. Prometheus Monitoring** ✅ -- Status: **HEALTHY** -- Health Check: `http://localhost:9090/-/healthy` -- Port: 9090 -- Notes: Monitoring-Service startet und antwortet korrekt - -**5. Grafana Dashboard** ✅ -- Status: **HEALTHY** -- Health Check: `http://localhost:3000/api/health` -- Port: 3000 -- Notes: Dashboard-Service initialisiert und Health Endpoint antwortet - -#### ⚠️ **Keycloak Authentication** -- Status: **PARTIALLY WORKING** -- Health Check: `http://localhost:8180/health/ready` (Endpoint benötigt Verifikation) -- Port: 8180 -- Notes: Container startet aber Health Endpoint benötigt Verifikation - -### 🔧 **Konfigurationsfixes verifiziert** - -#### 1. Network Configuration ✅ -- **Issue:** Services und Clients Compose Files hatten `external: true` -- **Fix:** Geändert zu `external: false` in beiden Files -- **Verifikation:** Services können innerhalb des meldestelle-network kommunizieren - -#### 2. API Gateway Port Configuration ✅ -- **Issue:** Port-Mismatch zwischen Dockerfile (8080) und Compose (8081) -- **Fix:** Dockerfile aktualisiert um `${GATEWAY_PORT:-8081}` konsistent zu verwenden -- **Verifikation:** Konfiguration standardisiert über alle Files - -#### 3. Health Check Intervals ✅ -- **Issue:** Inkonsistente Health Check Timings -- **Fix:** Standardisierte Intervalle: - - Infrastructure: 10s interval/5s timeout/3 retries/20s start_period - - Application: 15s interval/5s timeout/3 retries/30s start_period - - Clients: 30s interval/10s timeout/3 retries/60s start_period -- **Verifikation:** Alle Services verwenden konsistente Health Check Patterns - -#### 4. Dockerfile Standardization ✅ -- **Issue:** Inkonsistente JVM-Konfigurationen, User Creation Patterns -- **Fix:** Alle Dockerfiles mit modernen Java 21 Optimierungen ausgerichtet -- **Verifikation:** Konsistente Base Images, JVM Settings und Security Patterns - -### 📊 **Test-Ergebnisse Analyse** - -#### **SUCCESS METRICS** -- ✅ **5/6 Infrastructure Services**: Erfolgreich gestartet und healthy -- ✅ **Network Connectivity**: Services können intern kommunizieren -- ✅ **Health Checks**: Standardisierte Health Check Intervalle funktionieren -- ✅ **Port Configuration**: API Gateway Port-Konsistenz aufgelöst -- ✅ **Docker Configuration**: Alle Major Inkonsistenzen behoben - -#### **TECHNISCHE ERRUNGENSCHAFTEN** -1. **Docker Compose Issues aufgelöst:** Alternative Testing-Ansatz mit direkten Docker-Kommandos erstellt -2. **URL-Parsing behoben:** Service-Konfiguration Parsing-Logik korrigiert -3. **Health Checks standardisiert:** Alle Services verwenden konsistente Health Check Patterns -4. **Network Configuration:** Services können innerhalb des gemeinsamen Networks kommunizieren -5. **Container Management:** Korrekte Cleanup- und Startup-Prozeduren implementiert - ---- - -## Komplette Service-Übersicht (Nach Optimierung) - -### 🏗️ **Infrastructure Services** -| Service | Port | Status | Health Check | Zweck | -|---------|------|--------|--------------|-------| -| PostgreSQL | 5432 | ✅ HEALTHY | `pg_isready` | Hauptdatenbank | -| Redis | 6379 | ✅ HEALTHY | `redis-cli ping` | Cache & Event Store | -| Consul | 8500 | ✅ HEALTHY | `/v1/status/leader` | Service Discovery | -| Prometheus | 9090 | ✅ HEALTHY | `/-/healthy` | Metrics Collection | -| Grafana | 3000 | ✅ HEALTHY | `/api/health` | Monitoring Dashboard | -| Keycloak | 8180 | ⚠️ PARTIAL | `/health/ready` | Authentication | - -### ⚙️ **Application Services** -| Service | Port | Status | Health Check | Zweck | -|---------|------|--------|--------------|-------| -| Ping Service | 8082 | ✅ FIXED | `/actuator/health` | Health & Test Service | -| Members Service | 8083 | ✅ READY | `/actuator/health` | Member Management | -| Horses Service | 8084 | ✅ READY | `/actuator/health` | Horse Management | -| Events Service | 8085 | ✅ READY | `/actuator/health` | Event Management | -| Masterdata Service | 8086 | ✅ READY | `/actuator/health` | Master Data | - -### 💻 **Client Services** -| Service | Port | Status | Health Check | Zweck | -|---------|------|--------|--------------|-------| -| Web App | 4000 | ✅ READY | `/health` | WASM Web Frontend | -| Desktop App | 6080/5901 | ✅ READY | `/vnc.html` | VNC Desktop Interface | -| Auth Server | 8087 | ✅ READY | `/actuator/health` | Auth Extensions | -| Monitoring Server | 8088 | ✅ READY | `/actuator/health` | Monitoring Extensions | - ---- - -## Empfohlene Deployment-Sequenz - -### 1. Infrastructure Layer (Basis) -```bash -docker-compose up -d postgres redis consul prometheus grafana -# Warten bis alle healthy sind -``` - -### 2. Application Services -```bash -docker-compose -f docker-compose.yml -f docker-compose.services.yml up -d -# Ping-Service wird jetzt korrekt starten -``` - -### 3. Client Applications -```bash -docker-compose -f docker-compose.yml -f docker-compose.clients.yml up -d -# Alle Client-Anwendungen verfügbar -``` - -### 4. Vollständige Validierung -```bash -# Infrastructure Health Checks -curl http://localhost:9090/-/healthy # Prometheus -curl http://localhost:3000/api/health # Grafana -curl http://localhost:8500/v1/status/leader # Consul - -# Application Health Checks -curl http://localhost:8082/actuator/health # Ping Service -curl http://localhost:8083/actuator/health # Members Service -curl http://localhost:8084/actuator/health # Horses Service -curl http://localhost:8085/actuator/health # Events Service -curl http://localhost:8086/actuator/health # Masterdata Service - -# Client Health Checks -curl http://localhost:4000/health # Web App -curl http://localhost:6080/vnc.html # Desktop App -curl http://localhost:8087/actuator/health # Auth Server -curl http://localhost:8088/actuator/health # Monitoring Server -``` - ---- - -## Fazit & Ergebnisse - -### ✅ **VOLLSTÄNDIGE SYSTEM-BEREITSCHAFT ERREICHT** - -1. **Alle Service-Probleme gelöst** - Ping-Service und alle anderen Services funktional -2. **Infrastructure Services verifiziert** - 5/6 Services vollständig getestet und healthy -3. **Konfigurationskonsistenz** - Alle Docker-Konfigurationen standardisiert -4. **Health Check Optimierung** - Einheitliche Monitoring-Patterns implementiert -5. **Network-Probleme behoben** - Service-zu-Service Kommunikation funktioniert -6. **Build-Pipeline optimiert** - Environment Variables und Dockerfile-Patterns korrigiert - -### 📊 **Quantifizierte Verbesserungen** -- **Service Startup Erfolgsrate**: ~40% → 95% ✅ -- **Health Check Konsistenz**: Fragmentiert → Vollständig standardisiert ✅ -- **Configuration Management**: Hardcodiert → Environment-Variable-basiert ✅ -- **Infrastructure Zuverlässigkeit**: Instabil → Produktionsreif ✅ - -### 🚀 **System-Status: PRODUKTIONSBEREIT** -- Core Infrastructure Services vollständig operational -- Network-Konfigurationsprobleme gelöst -- Health Check Standardisierung komplett -- Service-Kommunikation verifiziert -- Container Management optimiert - ---- - -**Analyse-Zeitraum**: 8.-9. September 2025 -**Status**: ✅ **ALLE SERVICE-ANFORDERUNGEN VOLLSTÄNDIG ERFÜLLT** -**Ursprüngliche Dateien konsolidiert**: Ping-Service-Analyse-Bericht.md, Ping-Service-Problem-Lösung.md, SERVICES_TEST_REPORT.md diff --git a/README-DOCKER-CLIENT-CONTAINERIZATION.md b/README-DOCKER-CLIENT-CONTAINERIZATION.md deleted file mode 100644 index a11b819b..00000000 --- a/README-DOCKER-CLIENT-CONTAINERIZATION.md +++ /dev/null @@ -1,168 +0,0 @@ -# Meldestelle Client Containerization - -## Übersicht - -Dieses Dokument beschreibt die Docker-Containerisierung der Kotlin Compose Multiplatform Frontend-Anwendungen für das Meldestelle-Projekt. - -## Implementierte Lösungen - -### 🌐 Web Application (WASM) - Bereits funktionsfähig -- **Status**: ✅ Vollständig implementiert und funktionsfähig -- **Technologie**: Kotlin Compose Multiplatform mit WASM-Target -- **Container**: Nginx-basiertes Setup mit statischen Assets -- **Port**: 4000 -- **Zugriff**: `http://localhost:4000` -- **Docker-Compose Service**: `web-app` - -### 🖥️ Desktop Application (JVM) - Neu implementiert -- **Status**: ✅ Implementiert mit VNC-basierten GUI-Zugriff -- **Technologie**: Kotlin Compose Desktop mit VNC + noVNC -- **Container**: Ubuntu-basiert mit Xvfb, x11vnc, fluxbox, noVNC -- **Ports**: - - 6080 (noVNC Web-Interface) - - 5901 (Direkter VNC-Zugriff) -- **Zugriff**: `http://localhost:6080` (Web-basiertes VNC) -- **Docker-Compose Service**: `desktop-app` - -## Verwendung - -### Alle Client-Anwendungen starten -```bash -# Mit Backend-Services -docker-compose -f docker-compose.yml -f docker-compose.services.yml -f docker-compose.clients.yml up -d - -# Nur Frontend-Anwendungen -docker-compose -f docker-compose.yml -f docker-compose.clients.yml up -d -``` - -### Einzelne Anwendungen starten -```bash -# Nur Web-Anwendung -docker-compose -f docker-compose.yml -f docker-compose.clients.yml up -d web-app - -# Nur Desktop-Anwendung -docker-compose -f docker-compose.yml -f docker-compose.clients.yml up -d desktop-app -``` - -## Desktop Application - VNC-Zugriff - -### Web-basierter Zugriff (empfohlen) -1. Container starten: `docker-compose up -d desktop-app` -2. Browser öffnen: `http://localhost:6080` -3. VNC-Viewer startet automatisch -4. Meldestelle Desktop-Anwendung wird angezeigt - -### Direkter VNC-Zugriff -1. VNC-Client installieren (z.B. TigerVNC, RealVNC) -2. Verbindung zu `localhost:5901` herstellen -3. Passwort: `meldestelle` (falls erforderlich) - -## Architektur Details - -### Web Application (WASM) -``` -┌─────────────────┐ ┌──────────────┐ ┌─────────────────┐ -│ Browser │────│ Nginx │────│ Static WASM │ -│ localhost:4000│ │ Container │ │ Assets │ -└─────────────────┘ └──────────────┘ └─────────────────┘ -``` - -### Desktop Application (JVM + VNC) -``` -┌─────────────────┐ ┌──────────────┐ ┌─────────────────┐ -│ Browser │────│ noVNC │────│ VNC Server │ -│ localhost:6080│ │ Web Interface│ │ (x11vnc) │ -└─────────────────┘ └──────────────┘ └─────────────────┘ - │ - ┌──────▼──────┐ - │ Xvfb + Compose │ - │ Desktop App │ - └────────────────┘ -``` - -## Build-Prozess - -### Web Application -1. Gradle Build: `wasmJsBrowserDistribution` -2. Output: `/build/dist/wasmJs/productionExecutable/` -3. Nginx serving static assets - -### Desktop Application -1. Gradle Build: `createDistributable` -2. Output: `/build/compose/binaries/main/app/` -3. VNC Environment Setup: - - Xvfb (Virtual X Server) - - fluxbox (Window Manager) - - x11vnc (VNC Server) - - noVNC (Web-based VNC Client) - -## Umgebungsvariablen - -### Web Application -- `API_BASE_URL`: Backend API URL (default: `http://api-gateway:8081`) -- `APP_TITLE`: Anwendungstitel (default: `Meldestelle`) - -### Desktop Application -- `API_BASE_URL`: Backend API URL (default: `http://api-gateway:8081`) -- `DISPLAY`: X11 Display (default: `:99`) -- `VNC_PORT`: VNC Server Port (default: `5901`) -- `NOVNC_PORT`: noVNC Web Interface Port (default: `6080`) - -## Health Checks - -### Web Application -- Endpoint: `http://localhost:4000/health` -- Methode: HTTP GET -- Erwartete Antwort: `{"status":"ok","service":"web-app"}` - -### Desktop Application -- Endpoint: `http://localhost:6080/vnc.html` -- Methode: HTTP GET (via noVNC) -- Überprüfung: noVNC Web-Interface verfügbar - -## Logs und Debugging - -### Container-Logs anzeigen -```bash -# Web Application -docker-compose logs -f web-app - -# Desktop Application -docker-compose logs -f desktop-app -``` - -### Desktop Application Logs -- Application Logs: `/var/log/meldestelle.log` -- Error Logs: `/var/log/meldestelle_error.log` -- VNC Logs: Über supervisor zugänglich - -## Troubleshooting - -### Web Application -- **Container startet nicht**: Überprüfe API Gateway Verfügbarkeit -- **Leere Seite**: Überprüfe Browser-Kompatibilität mit WASM -- **API-Fehler**: Überprüfe Netzwerk-Konfiguration - -### Desktop Application -- **VNC nicht erreichbar**: Überprüfe Port 6080 Verfügbarkeit -- **Schwarzer Bildschirm**: Warte 30-60s für Application Startup -- **Keine GUI**: Überprüfe Xvfb und Window Manager Status -- **Performance-Probleme**: VNC-Bildschirmauflösung reduzieren - -## Erweiterungen - -### VNC-Konfiguration anpassen -Die VNC-Konfiguration kann über Umgebungsvariablen oder durch Anpassung des `start-vnc.sh` Skripts im Dockerfile geändert werden. - -### Alternative GUI-Lösungen -- **X11 Forwarding**: Für Linux-Host-Systeme -- **RDP**: Alternative Remote Desktop Lösung -- **Web-based Terminals**: Für minimale GUI-Anforderungen - -## Fazit - -✅ **Beide Containerisierungsansätze erfolgreich implementiert:** -- Web (WASM): Optimiert für moderne Browser -- Desktop (JVM): Universell über VNC-Web-Interface zugänglich - -Die Lösung erfüllt alle Anforderungen aus der ursprünglichen Issue-Beschreibung und ermöglicht sowohl Web- als auch Desktop-Zugriff auf die Meldestelle-Anwendung über Docker-Container. diff --git a/README-DOCKER.md b/README-DOCKER.md deleted file mode 100644 index de3b60a3..00000000 --- a/README-DOCKER.md +++ /dev/null @@ -1,299 +0,0 @@ -# Meldestelle - Docker Konfiguration - -## Übersicht - -Das Meldestelle-Projekt nutzt eine modulare Docker-Compose-Struktur für verschiedene Deployment-Szenarien: - -- **`docker-compose.yml`** - Basis-Infrastruktur (PostgreSQL, Redis, Keycloak, Consul, Kafka, Monitoring, Gateway) -- **`docker-compose.services.yml`** - Microservices (Ping, Members, Horses, Events, Masterdata) -- **`docker-compose.clients.yml`** - Client-Anwendungen (Web-App, Auth-Server, Monitoring-Server) - -## Architektur - -### Infrastruktur-Services (docker-compose.yml) -- **PostgreSQL** (Port 5432) - Hauptdatenbank -- **Redis** (Port 6379) - Cache und Event Store -- **Keycloak** (Port 8180) - Authentifizierung und Autorisierung -- **Consul** (Port 8500) - Service Discovery -- **Kafka + Zookeeper** (Ports 9092, 2181) - Event Streaming -- **Prometheus** (Port 9090) - Metriken-Sammlung -- **Grafana** (Port 3000) - Monitoring-Dashboard -- **API Gateway** (Port 8081) - Zentraler Eingang - -### Microservices (docker-compose.services.yml) -- **Ping Service** (Port 8082) - Health Check und Test Service -- **Members Service** (Port 8083) - Mitgliederverwaltung -- **Horses Service** (Port 8084) - Pferdedaten -- **Events Service** (Port 8085) - Veranstaltungen -- **Masterdata Service** (Port 8086) - Stammdaten - -### Client-Anwendungen (docker-compose.clients.yml) -- **Web Application** (Port 4000) - Kotlin Multiplatform Frontend -- **Auth Server** (Port 8087) - Erweiterte Authentifizierung -- **Monitoring Server** (Port 8088) - Monitoring-Erweiterungen - -## Verwendung - -### Nur Infrastruktur starten -```bash -# Für Backend-Entwicklung -docker-compose up -d -``` - -### Vollständiges System -```bash -# Alle Services und Clients -docker-compose -f docker-compose.yml \ - -f docker-compose.services.yml \ - -f docker-compose.clients.yml up -d -``` - -### Nur Services ohne Clients -```bash -# Infrastruktur + Microservices -docker-compose -f docker-compose.yml \ - -f docker-compose.services.yml up -d -``` - -### Spezifische Services -```bash -# Nur bestimmte Services -docker-compose up -d postgres redis keycloak -``` - -## Umgebungsvariablen - -Die Docker-Konfiguration nutzt das zentrale `.env`-System aus dem `config/` Verzeichnis: - -```bash -# Für Entwicklung -ln -sf config/.env.dev .env - -# Für Produktion -ln -sf config/.env.prod .env - -# Für Tests -ln -sf config/.env.test .env -``` - -### Wichtige Variablen - -| Variable | Standard | Beschreibung | -|----------|----------|--------------| -| `POSTGRES_USER` | meldestelle | PostgreSQL Benutzer | -| `POSTGRES_PASSWORD` | meldestelle | PostgreSQL Passwort | -| `POSTGRES_DB` | meldestelle | PostgreSQL Datenbankname | -| `REDIS_PASSWORD` | (leer) | Redis Passwort | -| `GATEWAY_PORT` | 8081 | API Gateway Port | -| `CONSUL_PORT` | 8500 | Consul Port | -| `KAFKA_PORT` | 9092 | Kafka Port | -| `PROMETHEUS_PORT` | 9090 | Prometheus Port | -| `GRAFANA_PORT` | 3000 | Grafana Port | - -## Health Checks - -Alle Services verfügen über Health Checks: - -```bash -# Status aller Services prüfen -docker-compose ps - -# Service-spezifische Logs -docker-compose logs -f [service-name] - -# Health Check einzelner Services -docker-compose exec postgres pg_isready -U meldestelle -docker-compose exec redis redis-cli ping -curl http://localhost:8500/v1/status/leader # Consul -curl http://localhost:8081/actuator/health # API Gateway -``` - -## Entwicklung - -### Hot Reload für Web-App -```bash -# Web-App im Development-Modus -docker-compose -f docker-compose.yml \ - -f docker-compose.clients.yml up -d web-app -``` - -### Debug-Modus für Services -```bash -# Service mit Debug-Port (5005) -docker-compose -f docker-compose.yml \ - -f docker-compose.services.yml up -d -# Debug-Port ist automatisch verfügbar -``` - -### Logs verfolgen -```bash -# Alle Logs -docker-compose logs -f - -# Spezifischer Service -docker-compose logs -f api-gateway - -# Letzten 100 Zeilen -docker-compose logs --tail=100 -f -``` - -## Datenmanagement - -### Volumes -- `postgres-data` - PostgreSQL Daten -- `redis-data` - Redis Persistierung -- `prometheus-data` - Prometheus Metriken -- `grafana-data` - Grafana Dashboards -- `monitoring-data` - Custom Monitoring Daten - -### Backup -```bash -# PostgreSQL Backup -docker-compose exec -T postgres pg_dump -U meldestelle meldestelle > backup.sql - -# Redis Backup -docker-compose exec redis redis-cli SAVE -docker cp $(docker-compose ps -q redis):/data/dump.rdb ./redis-backup.rdb -``` - -### Reset -```bash -# Alle Container und Volumes löschen -docker-compose down -v -docker-compose -f docker-compose.yml \ - -f docker-compose.services.yml \ - -f docker-compose.clients.yml down -v - -# Images neu bauen -docker-compose build --no-cache -``` - -## Monitoring - -### Prometheus Metriken -- URL: http://localhost:9090 -- Sammelt Metriken von allen Services -- Konfiguration: `docker/monitoring/prometheus/prometheus.yml` - -### Grafana Dashboards -- URL: http://localhost:3000 -- Benutzer: admin / admin (Standard) -- Vorkonfigurierte Dashboards für alle Services - -### Service Discovery -- Consul UI: http://localhost:8500 -- Zeigt alle registrierten Services -- Health Status und Service-Informationen - -## Troubleshooting - -### Häufige Probleme - -1. **Port-Konflikte** - ```bash - # Ports prüfen - netstat -tulpn | grep :8081 - - # Alternative Ports in .env setzen - GATEWAY_PORT=8082 - ``` - -2. **Service startet nicht** - ```bash - # Dependencies prüfen - docker-compose ps - - # Logs analysieren - docker-compose logs [service-name] - - # Service neu starten - docker-compose restart [service-name] - ``` - -3. **Speicher-Probleme** - ```bash - # Speicher freigeben - docker system prune -a - - # Volumes prüfen - docker volume ls - ``` - -4. **Netzwerk-Probleme** - ```bash - # Netzwerk neu erstellen - docker-compose down - docker network prune - docker-compose up -d - ``` - -### Konfiguration validieren -```bash -# Docker-Compose Syntax prüfen -docker-compose config - -# Mit allen Files -docker-compose -f docker-compose.yml \ - -f docker-compose.services.yml \ - -f docker-compose.clients.yml config -``` - -## Produktion - -### Sicherheitsaspekte -1. **Secrets**: Verwenden Sie starke Passwörter in `.env.prod` -2. **Netzwerk**: Externe Zugriffe über Load Balancer -3. **Volumes**: Backup-Strategie implementieren -4. **Updates**: Regelmäßige Image-Updates - -### Performance-Optimierungen -1. **Resource Limits**: In Produktion definieren -2. **Monitoring**: Vollständige Observability -3. **Load Balancing**: Mehrere Instanzen für kritische Services -4. **Caching**: Redis optimal konfigurieren - -## Build-Automatisierung - -### Makefile-Integration -```bash -# Verfügbare Targets -make help - -# System starten -make start - -# System stoppen -make stop - -# Logs anzeigen -make logs - -# Services bauen -make build -``` - -### CI/CD Integration -```yaml -# GitHub Actions Beispiel -- name: Start Services - run: | - docker-compose -f docker-compose.yml \ - -f docker-compose.services.yml up -d - -- name: Run Tests - run: | - docker-compose exec -T api-gateway ./gradlew test -``` - -## Support - -Bei Problemen: - -1. Überprüfen Sie die Logs: `docker-compose logs -f` -2. Validieren Sie die Konfiguration: `docker-compose config` -3. Prüfen Sie die Umgebungsvariablen: `docker-compose config | grep environment` -4. Konsultieren Sie die Service-spezifischen READMEs im jeweiligen Verzeichnis - ---- - -*Letzte Aktualisierung: 2025-01-06* diff --git a/config/prometheus-test.yml b/config/prometheus-test.yml deleted file mode 100644 index 25c2e002..00000000 --- a/config/prometheus-test.yml +++ /dev/null @@ -1,37 +0,0 @@ -# =================================================================== -# Prometheus Configuration - Ping Service Testing -# =================================================================== - -global: - scrape_interval: 15s - evaluation_interval: 15s - -# Scrape configuration for ping-service testing -scrape_configs: - - job_name: 'prometheus' - static_configs: - - targets: ['localhost:9090'] - - - job_name: 'ping-service' - metrics_path: '/actuator/prometheus' - static_configs: - - targets: ['ping-service:8082'] - scrape_interval: 10s - scrape_timeout: 5s - - - job_name: 'consul' - static_configs: - - targets: ['consul-test:8500'] - scrape_interval: 30s - - - job_name: 'postgres' - static_configs: - - targets: ['postgres-test:5432'] - scrape_interval: 30s - scrape_timeout: 10s - - - job_name: 'redis' - static_configs: - - targets: ['redis-test:6379'] - scrape_interval: 30s - scrape_timeout: 10s diff --git a/docker-compose-ping-test.yml b/docker-compose-ping-test.yml deleted file mode 100644 index ad02ffe0..00000000 --- a/docker-compose-ping-test.yml +++ /dev/null @@ -1,220 +0,0 @@ -# =================================================================== -# Docker Compose - Ping Service Testing -# Trace-Bullet Testing Setup für Ping Service Backend -# =================================================================== -# Usage: -# Start testing environment: docker-compose -f docker-compose-ping-test.yml up -d -# Stop and cleanup: docker-compose -f docker-compose-ping-test.yml down -v -# =================================================================== - -services: - # =================================================================== - # Datenbank (PostgreSQL) - Minimale Konfiguration für Tests - # =================================================================== - postgres-test: - image: postgres:16-alpine - container_name: ping-test-postgres - environment: - POSTGRES_USER: ${POSTGRES_USER:-testuser} - POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-testpass} - POSTGRES_DB: ${POSTGRES_DB:-pingtest} - ports: - - "5433:5432" # Anderer Port um Konflikte zu vermeiden - volumes: - - postgres-test-data:/var/lib/postgresql/data - networks: - - ping-test-network - healthcheck: - test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-testuser} -d ${POSTGRES_DB:-pingtest}"] - interval: 5s - timeout: 3s - retries: 3 - start_period: 10s - restart: unless-stopped - - # =================================================================== - # Redis Cache - Für Event Store und Caching - # =================================================================== - redis-test: - image: redis:7-alpine - container_name: ping-test-redis - ports: - - "6380:6379" # Anderer Port um Konflikte zu vermeiden - volumes: - - redis-test-data:/data - command: redis-server --appendonly yes - networks: - - ping-test-network - healthcheck: - test: ["CMD", "redis-cli", "ping"] - interval: 5s - timeout: 3s - retries: 3 - start_period: 10s - restart: unless-stopped - - # =================================================================== - # Service Discovery (Consul) - Für Service Registration - # =================================================================== - consul-test: - image: hashicorp/consul:1.15 - container_name: ping-test-consul - ports: - - "8501:8500" # Anderer Port um Konflikte zu vermeiden - command: agent -server -ui -node=test-server -bootstrap-expect=1 -client=0.0.0.0 - networks: - - ping-test-network - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8500/v1/status/leader"] - interval: 5s - timeout: 3s - retries: 3 - start_period: 10s - restart: unless-stopped - - # =================================================================== - # Monitoring (Prometheus) - Für Metriken - # =================================================================== - prometheus-test: - image: prom/prometheus:v2.47.0 - container_name: ping-test-prometheus - ports: - - "9091:9090" # Anderer Port um Konflikte zu vermeiden - volumes: - - prometheus-test-data:/prometheus - - ./config/prometheus-test.yml:/etc/prometheus/prometheus.yml:ro - command: - - '--config.file=/etc/prometheus/prometheus.yml' - - '--storage.tsdb.path=/prometheus' - - '--web.console.libraries=/etc/prometheus/console_libraries' - - '--web.console.templates=/etc/prometheus/consoles' - - '--storage.tsdb.retention.time=24h' - - '--web.enable-lifecycle' - networks: - - ping-test-network - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:9090/-/healthy"] - interval: 10s - timeout: 3s - retries: 3 - start_period: 15s - restart: unless-stopped - - # =================================================================== - # Ping Service - Der zu testende Service - # =================================================================== - ping-service: - build: - context: . - dockerfile: dockerfiles/services/ping-service/Dockerfile - args: - SPRING_PROFILES_ACTIVE: test - container_name: ping-test-service - environment: - # Spring Konfiguration - SPRING_PROFILES_ACTIVE: test - SERVER_PORT: 8082 - - # Consul Konfiguration - CONSUL_HOST: consul-test - CONSUL_PORT: 8500 - CONSUL_ENABLED: true - - # Datenbank Konfiguration - DB_HOST: postgres-test - DB_PORT: 5432 - DB_NAME: ${POSTGRES_DB:-pingtest} - DB_USER: ${POSTGRES_USER:-testuser} - DB_PASSWORD: ${POSTGRES_PASSWORD:-testpass} - - # Redis Konfiguration - REDIS_EVENT_STORE_HOST: redis-test - REDIS_EVENT_STORE_PORT: 6379 - REDIS_EVENT_STORE_PASSWORD: "" - - # JVM Optimierungen für Testing - JAVA_OPTS: "-Xmx512m -XX:+UseG1GC -Dspring.profiles.active=test" - - # Debug Modus aktivieren - DEBUG: ${DEBUG:-false} - ports: - - "8082:8082" - - "5005:5005" # Debug Port - depends_on: - consul-test: - condition: service_healthy - postgres-test: - condition: service_healthy - redis-test: - condition: service_healthy - networks: - - ping-test-network - healthcheck: - test: ["CMD", "curl", "--fail", "http://localhost:8082/actuator/health"] - interval: 10s - timeout: 5s - retries: 5 - start_period: 30s - restart: unless-stopped - -# =================================================================== -# Test Utilities - Hilfscontainer für Tests -# =================================================================== - test-runner: - image: curlimages/curl:latest - container_name: ping-test-runner - depends_on: - ping-service: - condition: service_healthy - networks: - - ping-test-network - command: | - sh -c ' - echo "=== Ping Service Test Suite ===" - echo "Warte auf Service-Start..." - sleep 10 - - echo "=== Health Check Test ===" - curl -v http://ping-service:8082/actuator/health - echo "" - - echo "=== Info Endpoint Test ===" - curl -v http://ping-service:8082/actuator/info - echo "" - - echo "=== Circuit Breaker Status Test ===" - curl -v http://ping-service:8082/actuator/circuitbreakers - echo "" - - echo "=== Prometheus Metrics Test ===" - curl -v http://ping-service:8082/actuator/prometheus - echo "" - - echo "=== Service Discovery Test (Consul) ===" - curl -v http://consul-test:8500/v1/agent/services - echo "" - - echo "=== Alle Tests abgeschlossen ===" - ' - profiles: ["test"] - -# =================================================================== -# Volumes für persistente Daten -# =================================================================== -volumes: - postgres-test-data: - driver: local - redis-test-data: - driver: local - prometheus-test-data: - driver: local - -# =================================================================== -# Isoliertes Test-Netzwerk -# =================================================================== -networks: - ping-test-network: - driver: bridge - ipam: - config: - - subnet: 172.20.0.0/16 diff --git a/docker-compose.clients.yml b/docker-compose.clients.yml index d7f62920..7732c315 100644 --- a/docker-compose.clients.yml +++ b/docker-compose.clients.yml @@ -16,6 +16,15 @@ services: context: . dockerfile: dockerfiles/clients/web-app/Dockerfile args: + # Global build arguments (from docker/build-args/global.env) + GRADLE_VERSION: ${DOCKER_GRADLE_VERSION:-9.0.0} + JAVA_VERSION: ${DOCKER_JAVA_VERSION:-21} + BUILD_DATE: ${BUILD_DATE} + VERSION: ${DOCKER_APP_VERSION:-1.0.0} + # Client-specific arguments (from docker/build-args/clients.env) + NODE_VERSION: ${DOCKER_NODE_VERSION:-20.11.0} + NGINX_VERSION: ${DOCKER_NGINX_VERSION:-1.25-alpine} + # Application-specific arguments CLIENT_PATH: client CLIENT_MODULE: client CLIENT_NAME: meldestelle-web-app @@ -53,6 +62,14 @@ services: context: . dockerfile: dockerfiles/clients/desktop-app/Dockerfile args: + # Global build arguments (from docker/build-args/global.env) + GRADLE_VERSION: ${DOCKER_GRADLE_VERSION:-9.0.0} + JAVA_VERSION: ${DOCKER_JAVA_VERSION:-21} + BUILD_DATE: ${BUILD_DATE} + VERSION: ${DOCKER_APP_VERSION:-1.0.0} + # Client-specific arguments (from docker/build-args/clients.env) + NODE_VERSION: ${DOCKER_NODE_VERSION:-20.11.0} + # Application-specific arguments CLIENT_PATH: client CLIENT_MODULE: client CLIENT_NAME: meldestelle-desktop-app diff --git a/docker-compose.services.yml b/docker-compose.services.yml index cae9fe95..f2554ae1 100644 --- a/docker-compose.services.yml +++ b/docker-compose.services.yml @@ -14,6 +14,14 @@ services: build: context: . dockerfile: dockerfiles/services/ping-service/Dockerfile + args: + # Global build arguments (from docker/build-args/global.env) + GRADLE_VERSION: ${DOCKER_GRADLE_VERSION:-9.0.0} + JAVA_VERSION: ${DOCKER_JAVA_VERSION:-21} + BUILD_DATE: ${BUILD_DATE} + VERSION: ${DOCKER_APP_VERSION:-1.0.0} + # Service-specific arguments (from docker/build-args/services.env) + SPRING_PROFILES_ACTIVE: ${DOCKER_SPRING_PROFILES_DOCKER:-docker} container_name: meldestelle-ping-service environment: SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-dev} diff --git a/docker-compose.yml b/docker-compose.yml index 0643d11b..da13fc59 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -208,7 +208,15 @@ services: api-gateway: build: context: . - dockerfile: infrastructure/gateway/Dockerfile + dockerfile: dockerfiles/infrastructure/gateway/Dockerfile + args: + # Global build arguments (from docker/build-args/global.env) + GRADLE_VERSION: ${DOCKER_GRADLE_VERSION:-9.0.0} + JAVA_VERSION: ${DOCKER_JAVA_VERSION:-21} + BUILD_DATE: ${BUILD_DATE} + VERSION: ${DOCKER_APP_VERSION:-1.0.0} + # Infrastructure-specific arguments (from docker/build-args/infrastructure.env) + SPRING_PROFILES_ACTIVE: ${DOCKER_SPRING_PROFILES_DEFAULT:-default} container_name: meldestelle-api-gateway environment: SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-dev} diff --git a/docker/build-args/clients.env b/docker/build-args/clients.env new file mode 100644 index 00000000..58f4430d --- /dev/null +++ b/docker/build-args/clients.env @@ -0,0 +1,36 @@ +# =================================================================== +# Clients Docker Build Arguments - dockerfiles/clients/* +# Source: docker/versions.toml [categories.clients] +# Last updated: 2025-09-13 12:51:22 UTC +# =================================================================== + +# --- Include Global Arguments --- +# Source global.env for GRADLE_VERSION, JAVA_VERSION, BUILD_DATE, VERSION + +# --- Client-Specific Build Tools --- +NODE_VERSION=20.12.0 +NGINX_VERSION=1.25-alpine + +# --- Client Build Configuration --- +CLIENT_PATH=client +CLIENT_MODULE=client +CLIENT_NAME=meldestelle-client + +# --- Web Application Specific --- +WEB_APP_PORT=4000 +WEB_APP_BUILD_TARGET=wasmJsBrowserDistribution + +# --- Desktop Application Specific --- +DESKTOP_APP_VNC_PORT=5901 +DESKTOP_APP_NOVNC_PORT=6080 +DESKTOP_APP_BUILD_TARGET=composeDesktop + +# --- Client Environment --- +NODE_ENV=production +APP_TITLE=Meldestelle +APP_VERSION=1.0.0 +DOCKER_APP_VERSION + +# --- Development Configuration --- +WEBPACK_DEV_SERVER_HOST=0.0.0.0 +WEBPACK_DEV_SERVER_PORT=4000 diff --git a/docker/build-args/global.env b/docker/build-args/global.env new file mode 100644 index 00000000..af5dd096 --- /dev/null +++ b/docker/build-args/global.env @@ -0,0 +1,19 @@ +# =================================================================== +# Global Docker Build Arguments - Used by all categories +# Source: docker/versions.toml +# Last updated: 2025-09-13 12:51:22 UTC +# =================================================================== + +# --- Build Tools --- +GRADLE_VERSION=9.0.0 +JAVA_VERSION=21 + +# --- Build Metadata --- +BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') +VERSION=1.0.0 +DOCKER_APP_VERSION + +# --- Common Base Images --- +ALPINE_VERSION=3.19 +ECLIPSE_TEMURIN_JDK_VERSION=21-jdk-alpine +ECLIPSE_TEMURIN_JRE_VERSION=21-jre-alpine diff --git a/docker/build-args/infrastructure.env b/docker/build-args/infrastructure.env new file mode 100644 index 00000000..4436f3ab --- /dev/null +++ b/docker/build-args/infrastructure.env @@ -0,0 +1,39 @@ +# =================================================================== +# Infrastructure Docker Build Arguments - dockerfiles/infrastructure/* +# Source: docker/versions.toml [categories.infrastructure] +# Last updated: 2025-09-13 12:51:22 UTC +# =================================================================== + +# --- Include Global Arguments --- +# Source global.env for GRADLE_VERSION, JAVA_VERSION, BUILD_DATE, VERSION + +# --- Infrastructure Services Configuration --- +SPRING_PROFILES_ACTIVE=default +DOCKER_SPRING_PROFILES_DEFAULT + +# --- Infrastructure Service Ports (matches gradle.properties) --- +GATEWAY_PORT=8081 +AUTH_SERVER_PORT=8087 +MONITORING_SERVER_PORT=8088 + +# --- API Gateway Specific --- +GATEWAY_SERVICE_PATH=infrastructure/gateway +GATEWAY_SERVICE_NAME=api-gateway + +# --- Auth Server Specific --- +AUTH_SERVER_PATH=infrastructure/auth/auth-server +AUTH_SERVER_SERVICE_NAME=auth-server + +# --- Monitoring Server Specific --- +MONITORING_SERVER_PATH=infrastructure/monitoring/monitoring-server +MONITORING_SERVER_SERVICE_NAME=monitoring-server + +# --- Infrastructure Dependencies --- +CONSUL_ENABLED=true +CONSUL_HOST=consul +CONSUL_PORT=8500 + +# --- Database Configuration for Infrastructure Services --- +DB_HOST=postgres +DB_PORT=5432 +DB_NAME=meldestelle diff --git a/docker/build-args/services.env b/docker/build-args/services.env new file mode 100644 index 00000000..4bfee021 --- /dev/null +++ b/docker/build-args/services.env @@ -0,0 +1,27 @@ +# =================================================================== +# Services Docker Build Arguments - dockerfiles/services/* +# Source: docker/versions.toml [categories.services] +# Last updated: 2025-09-13 12:51:22 UTC +# =================================================================== + +# --- Include Global Arguments --- +# Source global.env for GRADLE_VERSION, JAVA_VERSION, BUILD_DATE, VERSION + +# --- Spring Boot Services Configuration --- +SPRING_PROFILES_ACTIVE=docker +DOCKER_SPRING_PROFILES_DOCKER + +# --- Service-Specific Arguments --- +SERVICE_PATH=. +SERVICE_NAME=spring-boot-service +SERVICE_PORT=8080 + +# --- Service Port Mapping (matches gradle.properties) --- +PING_SERVICE_PORT=8082 +MEMBERS_SERVICE_PORT=8083 +HORSES_SERVICE_PORT=8084 +EVENTS_SERVICE_PORT=8085 +MASTERDATA_SERVICE_PORT=8086 + +# --- Services List (for automation scripts) --- +# ping-service, members-service, horses-service, events-service, masterdata-service diff --git a/docker/versions.toml b/docker/versions.toml new file mode 100644 index 00000000..dba9a143 --- /dev/null +++ b/docker/versions.toml @@ -0,0 +1,94 @@ +# =================================================================== +# Docker Versions Catalog - Single Source of Truth +# Analogous to gradle/libs.versions.toml for centralized version management +# =================================================================== +# Last updated: 2025-09-13 +# Eliminates version redundancy across 12+ Dockerfiles + +[versions] +# --- Build Tools --- +gradle = "9.0.0" +java = "21" +node = "20.12.0" + +# --- Base Images --- +nginx = "1.25-alpine" +alpine = "3.19" +eclipse-temurin-jdk = "21-jdk-alpine" +eclipse-temurin-jre = "21-jre-alpine" + +# --- Spring Configuration --- +spring-profiles-default = "default" +spring-profiles-docker = "docker" +spring-profiles-prod = "prod" + +# --- Application Versions --- +app-version = "1.0.0" + +[build-args] +# --- Global Build Arguments (used across all categories) --- +global = [ + "GRADLE_VERSION", + "JAVA_VERSION", + "BUILD_DATE", + "VERSION" +] + +# --- Spring Boot Services (dockerfiles/services/* and infrastructure/*) --- +spring-services = [ + "SPRING_PROFILES_ACTIVE", + "SERVICE_PATH", + "SERVICE_NAME", + "SERVICE_PORT" +] + +# --- Kotlin/JS Web Clients (dockerfiles/clients/*) --- +web-clients = [ + "NODE_VERSION", + "NGINX_VERSION", + "CLIENT_PATH", + "CLIENT_MODULE", + "CLIENT_NAME" +] + +[categories] +# --- Services Configuration --- +[categories.services] +default-spring-profile = "docker" +default-port-start = 8082 +services = [ + "ping-service", + "members-service", + "horses-service", + "events-service", + "masterdata-service" +] + +# --- Infrastructure Configuration --- +[categories.infrastructure] +default-spring-profile = "default" +services = [ + "gateway", + "auth-server", + "monitoring-server" +] + +# --- Client Applications Configuration --- +[categories.clients] +default-node-version = "20.11.0" +default-nginx-version = "1.25-alpine" +clients = [ + "web-app", + "desktop-app" +] + +[environment-mapping] +# --- Environment Variable Names for Docker Compose --- +# Maps internal version names to environment variable names +gradle-version = "DOCKER_GRADLE_VERSION" +java-version = "DOCKER_JAVA_VERSION" +node-version = "DOCKER_NODE_VERSION" +nginx-version = "DOCKER_NGINX_VERSION" +spring-profiles-default = "DOCKER_SPRING_PROFILES_DEFAULT" +spring-profiles-docker = "DOCKER_SPRING_PROFILES_DOCKER" +app-version = "DOCKER_APP_VERSION" diff --git a/dockerfiles/clients/desktop-app/Dockerfile b/dockerfiles/clients/desktop-app/Dockerfile index 86e19fdd..39e31ec7 100644 --- a/dockerfiles/clients/desktop-app/Dockerfile +++ b/dockerfiles/clients/desktop-app/Dockerfile @@ -2,10 +2,19 @@ # Builds Kotlin/JVM (Compose Desktop) client and serves via VNC with noVNC web interface # =================================================================== -# Arguments (can be overridden during build) +# CENTRALIZED BUILD ARGUMENTS +# Values sourced from docker/versions.toml and docker/build-args/ # =================================================================== -ARG JVM_VERSION=21 -ARG GRADLE_VERSION=9.0 +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Client-specific arguments (docker/build-args/clients.env) +ARG NODE_VERSION + +# Desktop-specific arguments ARG UBUNTU_VERSION=22.04 # =================================================================== @@ -17,7 +26,7 @@ ARG CLIENT_MODULE=client # =================================================================== # Build Stage - Kotlin/JVM (Compose Desktop) Compilation # =================================================================== -FROM gradle:${GRADLE_VERSION}-jdk${JVM_VERSION} AS builder +FROM gradle:${GRADLE_VERSION}-jdk${JAVA_VERSION} AS builder ARG CLIENT_PATH=client ARG CLIENT_MODULE=client diff --git a/dockerfiles/clients/web-app/Dockerfile b/dockerfiles/clients/web-app/Dockerfile index e000fced..79ec1560 100644 --- a/dockerfiles/clients/web-app/Dockerfile +++ b/dockerfiles/clients/web-app/Dockerfile @@ -1,12 +1,22 @@ -# Multi-stage build for Meldestelle Compose for Web Application -# Builds Kotlin/JS (Compose for Web) client and serves via Nginx +# syntax=docker/dockerfile:1.8 # =================================================================== -# Arguments (can be overridden during build) +# Multi-stage Dockerfile for Meldestelle Compose for Web Application +# Features: BuildKit cache mounts, security hardening, optimal layer caching +# Version: 2.0.0 - Enhanced optimization and security # =================================================================== -ARG JVM_VERSION=21 -ARG GRADLE_VERSION=9.0 -ARG NGINX_VERSION=1.25-alpine + +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Client-specific arguments (docker/build-args/clients.env) +ARG NGINX_VERSION +ARG NODE_VERSION # =================================================================== # Build Arguments for Client Configuration @@ -17,17 +27,35 @@ ARG CLIENT_MODULE=client # =================================================================== # Build Stage - Kotlin/JS (Compose for Web) Compilation # =================================================================== -FROM gradle:${GRADLE_VERSION}-jdk${JVM_VERSION} AS builder +FROM gradle:${GRADLE_VERSION}-jdk${JAVA_VERSION}-alpine AS builder ARG CLIENT_PATH=client ARG CLIENT_MODULE=client +ARG BUILD_DATE +ARG VERSION=1.0.0 + +# Enhanced metadata +LABEL stage=builder \ + service="web-app" \ + maintainer="Meldestelle Development Team" \ + version="${VERSION}" \ + build.date="${BUILD_DATE}" # Set working directory WORKDIR /build -# Set build labels -LABEL service=web-app -LABEL stage=build +# Gradle optimizations for containerized builds +ENV GRADLE_OPTS="-Dorg.gradle.caching=true \ + -Dorg.gradle.daemon=false \ + -Dorg.gradle.parallel=true \ + -Dorg.gradle.configureondemand=true \ + -Dorg.gradle.workers.max=2 \ + -Dorg.gradle.jvmargs=-Xmx2g \ + -XX:+UseParallelGC \ + -XX:MaxMetaspaceSize=512m" + +# Set Gradle user home for better caching +ENV GRADLE_USER_HOME=/home/gradle/.gradle # Copy Gradle files first for better layer caching COPY gradle/ gradle/ @@ -55,9 +83,16 @@ COPY docs/ docs/ # Make Gradle wrapper executable RUN chmod +x gradlew -# Build client application +# Download and cache dependencies with BuildKit cache mount +RUN --mount=type=cache,target=/home/gradle/.gradle/caches \ + --mount=type=cache,target=/home/gradle/.gradle/wrapper \ + ./gradlew ${CLIENT_MODULE}:dependencies --no-daemon --info + +# Build client application with BuildKit cache mount # For Compose Multiplatform Web (WASM), wasmJsBrowserDistribution produces static assets -RUN echo "Building ${CLIENT_MODULE} module..." && \ +RUN --mount=type=cache,target=/home/gradle/.gradle/caches \ + --mount=type=cache,target=/home/gradle/.gradle/wrapper \ + echo "Building ${CLIENT_MODULE} module..." && \ ./gradlew ${CLIENT_MODULE}:wasmJsBrowserDistribution --no-daemon --stacktrace --info # =================================================================== @@ -66,14 +101,28 @@ RUN echo "Building ${CLIENT_MODULE} module..." && \ FROM nginx:${NGINX_VERSION} AS production ARG CLIENT_PATH=client +ARG BUILD_DATE +ARG VERSION=1.0.0 -# Set production labels +# Enhanced metadata LABEL service="web-app" \ + version="${VERSION}" \ environment="production" \ - description="Meldestelle Compose for Web Application" + description="Meldestelle Compose for Web Application served via Nginx" \ + maintainer="Meldestelle Development Team" \ + build.date="${BUILD_DATE}" \ + org.opencontainers.image.title="Meldestelle Web App" \ + org.opencontainers.image.description="Kotlin Multiplatform Web application with WASM" \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.created="${BUILD_DATE}" -# Install curl for health checks and create nginx user -RUN apk add --no-cache curl && \ +# Enhanced Alpine setup with security hardening +RUN apk update && \ + apk upgrade && \ + apk add --no-cache \ + curl \ + tzdata && \ + rm -rf /var/cache/apk/* && \ addgroup -g 1001 -S nginx-group && \ adduser -S -D -H -u 1001 -h /var/cache/nginx -s /sbin/nologin -G nginx-group -g nginx nginx-user diff --git a/dockerfiles/infrastructure/auth-server/Dockerfile b/dockerfiles/infrastructure/auth-server/Dockerfile index 1e2bac23..f8e1e046 100644 --- a/dockerfiles/infrastructure/auth-server/Dockerfile +++ b/dockerfiles/infrastructure/auth-server/Dockerfile @@ -1,32 +1,52 @@ -# syntax=docker/dockerfile:1.7 +# syntax=docker/dockerfile:1.8 # =================================================================== # Dockerfile for Meldestelle Auth Server -# Based on spring-boot-service template with auth-server specifics +# Features: Security hardening, monitoring support, optimal caching, BuildKit cache mounts +# Version: 2.0.0 - Enhanced optimization and security # =================================================================== -# Build arguments -ARG GRADLE_VERSION=8.14 -ARG JAVA_VERSION=21 -ARG SPRING_PROFILES_ACTIVE=docker +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Infrastructure-specific arguments (docker/build-args/infrastructure.env) +ARG SPRING_PROFILES_ACTIVE # =================================================================== # Build Stage # =================================================================== FROM gradle:${GRADLE_VERSION}-jdk${JAVA_VERSION}-alpine AS builder -LABEL stage=builder -LABEL service=auth-server -LABEL maintainer="Meldestelle Development Team" +# Re-declare build arguments for this stage +ARG SPRING_PROFILES_ACTIVE=docker +ARG BUILD_DATE +ARG VERSION=1.0.0 + +LABEL stage=builder \ + service="auth-server" \ + maintainer="Meldestelle Development Team" \ + version="${VERSION}" \ + build.date="${BUILD_DATE}" WORKDIR /workspace -# Gradle optimizations +# Gradle optimizations for containerized builds ENV GRADLE_OPTS="-Dorg.gradle.caching=true \ -Dorg.gradle.daemon=false \ -Dorg.gradle.parallel=true \ -Dorg.gradle.configureondemand=true \ - -Xmx2g" + -Dorg.gradle.workers.max=2 \ + -Dorg.gradle.jvmargs=-Xmx2g \ + -XX:+UseParallelGC \ + -XX:MaxMetaspaceSize=512m" + +# Set Gradle user home for better caching +ENV GRADLE_USER_HOME=/home/gradle/.gradle # Copy build files in optimal order for caching COPY gradlew gradlew.bat gradle.properties settings.gradle.kts ./ @@ -42,9 +62,15 @@ COPY infrastructure/auth/auth-client/ infrastructure/auth/auth-client/ COPY infrastructure/auth/auth-server/build.gradle.kts infrastructure/auth/auth-server/ COPY infrastructure/auth/auth-server/src/ infrastructure/auth/auth-server/src/ -# Build application -RUN ./gradlew :infrastructure:auth:auth-server:dependencies --no-daemon --info -RUN ./gradlew :infrastructure:auth:auth-server:bootJar --no-daemon --info \ +# Download and cache dependencies with BuildKit cache mount +RUN --mount=type=cache,target=/home/gradle/.gradle/caches \ + --mount=type=cache,target=/home/gradle/.gradle/wrapper \ + ./gradlew :infrastructure:auth:auth-server:dependencies --no-daemon --info + +# Build application with BuildKit cache mount +RUN --mount=type=cache,target=/home/gradle/.gradle/caches \ + --mount=type=cache,target=/home/gradle/.gradle/wrapper \ + ./gradlew :infrastructure:auth:auth-server:bootJar --no-daemon --info \ -Pspring.profiles.active=${SPRING_PROFILES_ACTIVE} # =================================================================== @@ -52,13 +78,29 @@ RUN ./gradlew :infrastructure:auth:auth-server:bootJar --no-daemon --info \ # =================================================================== FROM eclipse-temurin:${JAVA_VERSION}-jre-alpine AS runtime -# Comprehensive metadata +# Build arguments for runtime stage +ARG BUILD_DATE +ARG VERSION=1.0.0 +ARG JAVA_VERSION=21 +ARG SPRING_PROFILES_ACTIVE=docker + +# Convert build arguments to environment variables +ENV JAVA_VERSION=${JAVA_VERSION} \ + VERSION=${VERSION} \ + BUILD_DATE=${BUILD_DATE} + +# Enhanced metadata LABEL service="auth-server" \ - version="1.0.0" \ + version="${VERSION}" \ description="Authentication and Authorization Server for Meldestelle" \ maintainer="Meldestelle Development Team" \ java.version="${JAVA_VERSION}" \ - spring.profiles.active="${SPRING_PROFILES_ACTIVE}" + spring.profiles.active="${SPRING_PROFILES_ACTIVE}" \ + build.date="${BUILD_DATE}" \ + org.opencontainers.image.title="Meldestelle Auth Server" \ + org.opencontainers.image.description="Spring Boot authentication service with Keycloak integration" \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.created="${BUILD_DATE}" # Build arguments for user configuration ARG APP_USER=authuser @@ -68,10 +110,15 @@ ARG APP_GID=1002 WORKDIR /app -# System setup with security updates +# Enhanced Alpine setup with security hardening RUN apk update && \ apk upgrade && \ - apk add --no-cache curl jq tzdata ca-certificates && \ + apk add --no-cache \ + curl \ + jq \ + tzdata \ + ca-certificates \ + tini && \ rm -rf /var/cache/apk/* # Create non-root user for auth-server @@ -118,14 +165,18 @@ ENV SPRING_OUTPUT_ANSI_ENABLED=ALWAYS \ LOGGING_LEVEL_ROOT=INFO \ LOGGING_LEVEL_AT_MOCODE=DEBUG -# Security-focused startup command with debug support -ENTRYPOINT ["sh", "-c", "\ - echo 'Starting Meldestelle Auth Server on port 8081...'; \ +# Enhanced entrypoint with tini init system and conditional debug support +ENTRYPOINT ["tini", "--", "sh", "-c", "\ + echo 'Starting Meldestelle Auth Server with Java ${JAVA_VERSION}...'; \ + echo 'Active Spring profiles: ${SPRING_PROFILES_ACTIVE}'; \ + echo 'Auth server port: 8081'; \ + echo 'Container memory: '$(cat /sys/fs/cgroup/memory/memory.limit_in_bytes 2>/dev/null || echo 'unlimited'); \ if [ \"${DEBUG:-false}\" = \"true\" ]; then \ - echo 'Debug mode enabled on port 5005'; \ - exec java $JAVA_OPTS -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 -jar app.jar; \ + echo 'DEBUG mode enabled - remote debugging available on port 5005'; \ + exec java ${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 -jar app.jar; \ else \ - exec java $JAVA_OPTS -jar app.jar; \ + echo 'Starting auth server in production mode'; \ + exec java ${JAVA_OPTS} -jar app.jar; \ fi"] # =================================================================== diff --git a/dockerfiles/infrastructure/gateway/Dockerfile b/dockerfiles/infrastructure/gateway/Dockerfile index 6b3f6967..fd2eaa62 100644 --- a/dockerfiles/infrastructure/gateway/Dockerfile +++ b/dockerfiles/infrastructure/gateway/Dockerfile @@ -1,163 +1,197 @@ -# ============================================================================= -# Multi-stage Dockerfile for Meldestelle API Gateway -# Optimized for security, performance, and maintainability -# ============================================================================= +# syntax=docker/dockerfile:1.8 -# ============================================================================= -# Build stage - Full Gradle build for better dependency management -# ============================================================================= -FROM gradle:8.14-jdk21-alpine AS builder +# =================================================================== +# Multi-stage Dockerfile for Meldestelle API Gateway +# Features: Security hardening, monitoring support, optimal caching, BuildKit cache mounts +# Version: 2.0.0 - Canonical location with full optimization +# =================================================================== + +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Infrastructure-specific arguments (docker/build-args/infrastructure.env) +ARG SPRING_PROFILES_ACTIVE + +# =================================================================== +# Build Stage +# =================================================================== +FROM gradle:${GRADLE_VERSION}-jdk${JAVA_VERSION}-alpine AS builder + +# Re-declare build arguments for this stage +ARG SPRING_PROFILES_ACTIVE=default +ARG BUILD_DATE +ARG VERSION=1.0.0 LABEL stage=builder -LABEL service=api-gateway +LABEL service="api-gateway" LABEL maintainer="Meldestelle Development Team" +LABEL version="${VERSION}" +LABEL build.date="${BUILD_DATE}" WORKDIR /workspace -# Gradle optimizations +# Gradle optimizations for containerized builds ENV GRADLE_OPTS="-Dorg.gradle.caching=true \ -Dorg.gradle.daemon=false \ -Dorg.gradle.parallel=true \ -Dorg.gradle.configureondemand=true \ - -Xmx2g" + -Dorg.gradle.workers.max=2 \ + -Dorg.gradle.jvmargs=-Xmx2g \ + -XX:+UseParallelGC \ + -XX:MaxMetaspaceSize=512m" -# Copy build files in optimal order for caching +# Set Gradle user home for better caching +ENV GRADLE_USER_HOME=/home/gradle/.gradle + +# Copy gradle wrapper and configuration files first for optimal caching COPY gradlew gradlew.bat gradle.properties settings.gradle.kts ./ COPY gradle/ gradle/ + +# Copy platform dependencies (changes less frequently) COPY platform/ platform/ COPY core/ core/ + +# Copy infrastructure directories (required by settings.gradle.kts) +COPY infrastructure/ infrastructure/ + +# Copy client directories (required by settings.gradle.kts) +COPY client/ client/ + +# Copy docs directory (required by settings.gradle.kts) +COPY docs/ docs/ + +# Copy temporary directory (required by settings.gradle.kts) +COPY temp/ temp/ + +# Copy root build configuration COPY build.gradle.kts ./ -# Copy gateway specific files -COPY infrastructure/gateway/build.gradle.kts infrastructure/gateway/ -COPY infrastructure/gateway/src/ infrastructure/gateway/src/ +# Download and cache dependencies with BuildKit cache mount +RUN --mount=type=cache,target=/home/gradle/.gradle/caches \ + --mount=type=cache,target=/home/gradle/.gradle/wrapper \ + ./gradlew :infrastructure:gateway:dependencies --no-daemon --info -# Build application -RUN ./gradlew :infrastructure:gateway:dependencies --no-daemon --info -RUN ./gradlew :infrastructure:gateway:bootJar --no-daemon --info +# Build the application with optimizations and build cache +RUN --mount=type=cache,target=/home/gradle/.gradle/caches \ + --mount=type=cache,target=/home/gradle/.gradle/wrapper \ + ./gradlew :infrastructure:gateway:bootJar --no-daemon --info \ + -Pspring.profiles.active=${SPRING_PROFILES_ACTIVE} -# Extract JAR layers for optimized Docker layer caching -WORKDIR /builder -RUN cp /workspace/infrastructure/gateway/build/libs/*.jar app.jar && \ - java -Djarmode=layertools -jar app.jar extract +# Extract JAR layers for better caching in runtime stage +RUN mkdir -p build/dependency && \ + (cd build/dependency; java -Djarmode=layertools -jar /workspace/infrastructure/gateway/build/libs/*.jar extract) -# ============================================================================= -# Runtime stage - Optimized production image -# ============================================================================= -FROM eclipse-temurin:21-jre-alpine AS runtime +# =================================================================== +# Runtime Stage +# =================================================================== +FROM eclipse-temurin:${JAVA_VERSION}-jre-alpine AS runtime -# ============================================================================= -# Metadata and Build Information -# ============================================================================= -LABEL maintainer="Meldestelle Team " -LABEL description="Self-Contained Systems API Gateway for Austrian Equestrian Federation" -LABEL version="1.0.0" -LABEL org.opencontainers.image.title="Meldestelle Gateway" -LABEL org.opencontainers.image.description="Spring Cloud Gateway with Circuit Breaker, Health Monitoring, and Service Discovery" -LABEL org.opencontainers.image.vendor="Meldestelle" -LABEL org.opencontainers.image.version="1.0.0" -LABEL org.opencontainers.image.created="2025-08-14" -LABEL org.opencontainers.image.source="https://github.com/meldestelle/api-gateway" -LABEL org.opencontainers.image.documentation="https://api.meldestelle.at/docs" +# Build arguments for runtime stage +ARG BUILD_DATE +ARG VERSION=1.0.0 +ARG JAVA_VERSION=21 +ARG SPRING_PROFILES_ACTIVE=default -# ============================================================================= -# Security and System Setup -# ============================================================================= -# Install curl for health checks and security updates -RUN apk update && \ - apk add --no-cache curl ca-certificates tzdata && \ - apk upgrade && \ - rm -rf /var/cache/apk/* +# Convert build arguments to environment variables +ENV JAVA_VERSION=${JAVA_VERSION} \ + VERSION=${VERSION} \ + BUILD_DATE=${BUILD_DATE} -# Create dedicated non-root user with specific UID/GID for security -RUN addgroup -g 1001 -S gateway && \ - adduser -u 1001 -S gateway -G gateway -s /bin/sh +# Enhanced metadata +LABEL service="api-gateway" \ + version="${VERSION}" \ + description="Spring Cloud Gateway for Meldestelle microservices architecture" \ + maintainer="Meldestelle Development Team" \ + java.version="${JAVA_VERSION}" \ + spring.profiles.active="${SPRING_PROFILES_ACTIVE}" \ + build.date="${BUILD_DATE}" \ + org.opencontainers.image.title="Meldestelle API Gateway" \ + org.opencontainers.image.description="Spring Cloud Gateway with service discovery and monitoring" \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.vendor="Österreichischer Pferdesportverband" \ + org.opencontainers.image.created="${BUILD_DATE}" -# Set timezone for consistent logging and operations -ENV TZ=Europe/Vienna +# Build arguments for user configuration +ARG APP_USER=gateway +ARG APP_GROUP=gateway +ARG APP_UID=1001 +ARG APP_GID=1001 -# ============================================================================= -# Application Setup -# ============================================================================= -# Set working directory WORKDIR /app -# Create required directories with proper permissions -RUN mkdir -p /app/logs /app/tmp && \ - chown -R gateway:gateway /app +# Enhanced Alpine setup with security hardening +RUN apk update && \ + apk upgrade && \ + apk add --no-cache \ + curl \ + tzdata \ + tini && \ + rm -rf /var/cache/apk/* && \ + addgroup -g ${APP_GID} -S ${APP_GROUP} && \ + adduser -u ${APP_UID} -S ${APP_USER} -G ${APP_GROUP} -h /app -s /bin/sh && \ + mkdir -p /app/logs /app/tmp /app/config && \ + chown -R ${APP_USER}:${APP_GROUP} /app && \ + chmod -R 750 /app -# Copy Spring Boot layers in optimal order for Docker layer caching -# Dependencies change less frequently than application code -COPY --from=builder --chown=gateway:gateway /builder/dependencies/ ./ -COPY --from=builder --chown=gateway:gateway /builder/spring-boot-loader/ ./ -COPY --from=builder --chown=gateway:gateway /builder/snapshot-dependencies/ ./ -COPY --from=builder --chown=gateway:gateway /builder/application/ ./ +# Copy Spring Boot layers from builder stage for optimal caching +COPY --from=builder --chown=${APP_USER}:${APP_GROUP} /workspace/build/dependency/dependencies/ ./ +COPY --from=builder --chown=${APP_USER}:${APP_GROUP} /workspace/build/dependency/spring-boot-loader/ ./ +COPY --from=builder --chown=${APP_USER}:${APP_GROUP} /workspace/build/dependency/snapshot-dependencies/ ./ +COPY --from=builder --chown=${APP_USER}:${APP_GROUP} /workspace/build/dependency/application/ ./ -# ============================================================================= -# Runtime Configuration -# ============================================================================= -# Switch to non-root user for security -USER gateway +# Switch to non-root user +USER ${APP_USER} # Expose application port and debug port -EXPOSE 8080 5005 +EXPOSE 8081 5005 -# ============================================================================= -# JVM and Application Configuration -# ============================================================================= -# Optimized JVM settings for containerized Spring Boot reactive applications +# Enhanced health check with better configuration +HEALTHCHECK --interval=15s --timeout=3s --start-period=40s --retries=3 \ + CMD curl -fsS --max-time 2 http://localhost:8081/actuator/health/readiness || exit 1 + +# Optimized JVM settings for Spring Cloud Gateway with Java 21 ENV JAVA_OPTS="-XX:MaxRAMPercentage=80.0 \ -XX:+UseG1GC \ -XX:+UseStringDeduplication \ -XX:+UseContainerSupport \ -XX:G1HeapRegionSize=16m \ - -XX:+OptimizeStringConcat \ - -XX:+UseCompressedOops \ + -XX:G1ReservePercent=25 \ + -XX:InitiatingHeapOccupancyPercent=30 \ + -XX:+UnlockExperimentalVMOptions \ + -XX:+UseTransparentHugePages \ + -XX:+AlwaysPreTouch \ + -XX:+DisableExplicitGC \ -Djava.security.egd=file:/dev/./urandom \ -Djava.awt.headless=true \ -Dfile.encoding=UTF-8 \ -Duser.timezone=Europe/Vienna \ - -Dmanagement.endpoints.web.exposure.include=health,info,metrics,prometheus,gateway" + -Dspring.backgroundpreinitializer.ignore=true \ + -Dmanagement.endpoints.web.exposure.include=health,info,metrics,prometheus,gateway \ + -Dmanagement.endpoint.health.show-details=always \ + -Dmanagement.metrics.export.prometheus.enabled=true" -# Spring Boot specific optimizations +# Spring Boot configuration ENV SPRING_OUTPUT_ANSI_ENABLED=ALWAYS \ - SPRING_PROFILES_ACTIVE=docker \ - SERVER_PORT=8080 \ - MANAGEMENT_SERVER_PORT=8080 \ - LOGGING_LEVEL_ROOT=INFO + SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE} \ + SERVER_PORT=8081 \ + LOGGING_LEVEL_ROOT=INFO \ + LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_CLOUD_GATEWAY=DEBUG -# ============================================================================= -# Health Check Configuration -# ============================================================================= -# Enhanced health check with proper timing for Spring Boot startup -HEALTHCHECK --interval=15s --timeout=5s --start-period=60s --retries=3 \ - CMD curl -fsS --max-time 3 http://localhost:8080/actuator/health/readiness || exit 1 - -# ============================================================================= -# Application Startup -# ============================================================================= -# Gateway-focused startup command with debug support -ENTRYPOINT ["sh", "-c", "\ - echo 'Starting Meldestelle API Gateway on port 8080...'; \ +# Enhanced entrypoint with tini init system and conditional debug support +ENTRYPOINT ["tini", "--", "sh", "-c", "\ + echo 'Starting API Gateway with Java ${JAVA_VERSION}...'; \ + echo 'Active Spring profiles: ${SPRING_PROFILES_ACTIVE}'; \ + echo 'Gateway port: ${GATEWAY_PORT:-8081}'; \ + echo 'Container memory: '$(cat /sys/fs/cgroup/memory/memory.limit_in_bytes 2>/dev/null || echo 'unlimited'); \ if [ \"${DEBUG:-false}\" = \"true\" ]; then \ - echo 'Debug mode enabled on port 5005'; \ - exec java $JAVA_OPTS -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 org.springframework.boot.loader.launch.JarLauncher; \ + echo 'DEBUG mode enabled - remote debugging available on port 5005'; \ + exec java ${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 org.springframework.boot.loader.launch.JarLauncher; \ else \ - exec java $JAVA_OPTS org.springframework.boot.loader.launch.JarLauncher; \ + echo 'Starting API Gateway in production mode'; \ + exec java ${JAVA_OPTS} org.springframework.boot.loader.launch.JarLauncher; \ fi"] - -# ============================================================================= -# Documentation -# ============================================================================= -# Build commands: -# docker build -t meldestelle/gateway:latest -f infrastructure/gateway/Dockerfile . -# docker run -p 8080:8080 --name gateway meldestelle/gateway:latest -# -# Key optimizations: -# - Multi-stage build with JAR layer extraction for better caching -# - Non-root user execution for security -# - Optimized JVM settings for containers -# - Comprehensive health checks -# - Proper timezone and encoding configuration -# - Security updates and minimal attack surface -# ============================================================================= diff --git a/dockerfiles/infrastructure/monitoring-server/Dockerfile b/dockerfiles/infrastructure/monitoring-server/Dockerfile index df565dd2..f14ec24f 100644 --- a/dockerfiles/infrastructure/monitoring-server/Dockerfile +++ b/dockerfiles/infrastructure/monitoring-server/Dockerfile @@ -5,10 +5,16 @@ # Based on spring-boot-service template with monitoring specifics # =================================================================== -# Build arguments -ARG GRADLE_VERSION=8.14 -ARG JAVA_VERSION=21 -ARG SPRING_PROFILES_ACTIVE=docker +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Infrastructure-specific arguments (docker/build-args/infrastructure.env) +ARG SPRING_PROFILES_ACTIVE # =================================================================== # Build Stage diff --git a/dockerfiles/services/events-service/Dockerfile b/dockerfiles/services/events-service/Dockerfile index ad5681f4..32acee4c 100644 --- a/dockerfiles/services/events-service/Dockerfile +++ b/dockerfiles/services/events-service/Dockerfile @@ -5,14 +5,19 @@ # Based on Spring Boot Service Template with Events-specific configuration # =================================================================== -# Build arguments -ARG GRADLE_VERSION=8.14 -ARG JAVA_VERSION=21 -ARG ALPINE_VERSION=3.19 -ARG SPRING_PROFILES_ACTIVE=docker +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Service-specific arguments (docker/build-args/services.env) +ARG SPRING_PROFILES_ACTIVE ARG SERVICE_PATH=events/events-service ARG SERVICE_NAME=events-service -ARG SERVICE_PORT=8086 +ARG SERVICE_PORT=8085 # =================================================================== # Build Stage diff --git a/dockerfiles/services/horses-service/Dockerfile b/dockerfiles/services/horses-service/Dockerfile index a06c7d44..d2667555 100644 --- a/dockerfiles/services/horses-service/Dockerfile +++ b/dockerfiles/services/horses-service/Dockerfile @@ -5,14 +5,19 @@ # Based on Spring Boot Service Template with Horses-specific configuration # =================================================================== -# Build arguments -ARG GRADLE_VERSION=8.14 -ARG JAVA_VERSION=21 -ARG ALPINE_VERSION=3.19 -ARG SPRING_PROFILES_ACTIVE=docker +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Service-specific arguments (docker/build-args/services.env) +ARG SPRING_PROFILES_ACTIVE ARG SERVICE_PATH=horses/horses-service ARG SERVICE_NAME=horses-service -ARG SERVICE_PORT=8085 +ARG SERVICE_PORT=8084 # =================================================================== # Build Stage diff --git a/dockerfiles/services/masterdata-service/Dockerfile b/dockerfiles/services/masterdata-service/Dockerfile index 224dccd0..2f0dad3b 100644 --- a/dockerfiles/services/masterdata-service/Dockerfile +++ b/dockerfiles/services/masterdata-service/Dockerfile @@ -5,14 +5,19 @@ # Based on Spring Boot Service Template with Masterdata-specific configuration # =================================================================== -# Build arguments -ARG GRADLE_VERSION=8.14 -ARG JAVA_VERSION=21 -ARG ALPINE_VERSION=3.19 -ARG SPRING_PROFILES_ACTIVE=docker +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Service-specific arguments (docker/build-args/services.env) +ARG SPRING_PROFILES_ACTIVE ARG SERVICE_PATH=masterdata/masterdata-service ARG SERVICE_NAME=masterdata-service -ARG SERVICE_PORT=8087 +ARG SERVICE_PORT=8086 # =================================================================== # Build Stage diff --git a/dockerfiles/services/members-service/Dockerfile b/dockerfiles/services/members-service/Dockerfile index ee4da29b..3f4a5ad0 100644 --- a/dockerfiles/services/members-service/Dockerfile +++ b/dockerfiles/services/members-service/Dockerfile @@ -5,14 +5,19 @@ # Based on Spring Boot Service Template with Members-specific configuration # =================================================================== -# Build arguments -ARG GRADLE_VERSION=8.14 -ARG JAVA_VERSION=21 -ARG ALPINE_VERSION=3.19 -ARG SPRING_PROFILES_ACTIVE=docker +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Service-specific arguments (docker/build-args/services.env) +ARG SPRING_PROFILES_ACTIVE ARG SERVICE_PATH=members/members-service ARG SERVICE_NAME=members-service -ARG SERVICE_PORT=8084 +ARG SERVICE_PORT=8083 # =================================================================== # Build Stage diff --git a/dockerfiles/services/ping-service/Dockerfile b/dockerfiles/services/ping-service/Dockerfile index 674d55d6..0579b240 100644 --- a/dockerfiles/services/ping-service/Dockerfile +++ b/dockerfiles/services/ping-service/Dockerfile @@ -6,12 +6,16 @@ # Version: 2.0.0 - Enhanced optimization and security # =================================================================== -# Build arguments for flexibility -ARG GRADLE_VERSION=9.0.0 -ARG JAVA_VERSION=21 -ARG SPRING_PROFILES_ACTIVE=default +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION ARG BUILD_DATE -ARG VERSION=1.0.0 +ARG VERSION + +# Service-specific arguments (docker/build-args/services.env) +ARG SPRING_PROFILES_ACTIVE # Build stage: compile the ping-service JAR inside Docker FROM gradle:${GRADLE_VERSION}-jdk${JAVA_VERSION}-alpine AS builder diff --git a/dockerfiles/templates/kotlin-multiplatform-web.Dockerfile b/dockerfiles/templates/kotlin-multiplatform-web.Dockerfile index 835652ad..d88511ef 100644 --- a/dockerfiles/templates/kotlin-multiplatform-web.Dockerfile +++ b/dockerfiles/templates/kotlin-multiplatform-web.Dockerfile @@ -1,13 +1,22 @@ # =================================================================== # Multi-stage Dockerfile Template for Kotlin Multiplatform Web Client -# Features: Kotlin/JS compilation, Nginx serving, development support +# Features: Kotlin/JS compilation, Nginx serving, development support, centralized version management +# Version: 3.0.0 - Central Version Management Implementation # =================================================================== +# IMPORTANT: Build arguments are now managed centrally via docker/versions.toml +# Use: docker-compose build or scripts/docker-build.sh for automated version injection -# Build arguments -ARG GRADLE_VERSION=8.14 -ARG JAVA_VERSION=21 -ARG NGINX_VERSION=alpine -ARG NODE_VERSION=20.11.0 +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Client-specific arguments (docker/build-args/clients.env) +ARG NODE_VERSION +ARG NGINX_VERSION # Client-specific build arguments (can be overridden at build time) ARG CLIENT_PATH=client/web-app diff --git a/dockerfiles/templates/spring-boot-service.Dockerfile b/dockerfiles/templates/spring-boot-service.Dockerfile index a143c23c..91b7b6f7 100644 --- a/dockerfiles/templates/spring-boot-service.Dockerfile +++ b/dockerfiles/templates/spring-boot-service.Dockerfile @@ -2,14 +2,22 @@ # =================================================================== # Multi-stage Dockerfile Template for Spring Boot Services -# Features: Security hardening, monitoring support, optimal caching +# Features: Security hardening, monitoring support, optimal caching, centralized version management +# Version: 3.0.0 - Central Version Management Implementation # =================================================================== +# IMPORTANT: Build arguments are now managed centrally via docker/versions.toml +# Use: docker-compose build or scripts/docker-build.sh for automated version injection -# Build arguments -ARG GRADLE_VERSION=8.14 -ARG JAVA_VERSION=21 -ARG ALPINE_VERSION=3.19 -ARG SPRING_PROFILES_ACTIVE=default +# === CENTRALIZED BUILD ARGUMENTS === +# Values sourced from docker/versions.toml and docker/build-args/ +# Global arguments (docker/build-args/global.env) +ARG GRADLE_VERSION +ARG JAVA_VERSION +ARG BUILD_DATE +ARG VERSION + +# Service-specific arguments (docker/build-args/services.env or infrastructure.env) +ARG SPRING_PROFILES_ACTIVE ARG SERVICE_PATH=. ARG SERVICE_NAME=spring-boot-service ARG SERVICE_PORT=8080 diff --git a/infrastructure/gateway/Dockerfile b/infrastructure/gateway/Dockerfile deleted file mode 100644 index 99da1664..00000000 --- a/infrastructure/gateway/Dockerfile +++ /dev/null @@ -1,96 +0,0 @@ -# Dockerfile für das Meldestelle API Gateway -# Multi-Stage Build für optimierte Containerisierung - -FROM eclipse-temurin:21-jdk-alpine AS build - -# Arbeitsverzeichnis setzen -WORKDIR /workspace - -# Gradle Wrapper und Build-Dateien kopieren -COPY gradle gradle/ -COPY gradlew gradlew.bat gradle.properties settings.gradle.kts ./ -COPY build.gradle.kts ./ - -# Platform und Core Module kopieren (Dependencies) -COPY platform platform/ -COPY core core/ - -# Infrastructure Module kopieren (für Dependencies) -COPY infrastructure infrastructure/ - -# Client Module kopieren (für Dependencies) -COPY client client/ - -# Documentation Module kopieren (für Dependencies) -COPY docs docs/ - -# Temporary Module kopieren (für Dependencies) -COPY temp temp/ - -# Gateway Module bauen -RUN ./gradlew :infrastructure:gateway:bootJar -x test --no-daemon - -# JAR-Datei für Layer-Extraktion extrahieren -RUN mkdir -p build/dependency && \ - (cd build/dependency; java -Djarmode=layertools -jar /workspace/infrastructure/gateway/build/libs/*.jar extract) - -# Runtime Stage - optimiert für Produktion -FROM eclipse-temurin:21-jre-alpine - -# Metadaten für Container -LABEL maintainer="Meldestelle Development Team" \ - org.opencontainers.image.title="Meldestelle API Gateway" \ - org.opencontainers.image.description="Spring Cloud Gateway für die Meldestelle Microservices" \ - org.opencontainers.image.version="1.0.0" \ - org.opencontainers.image.vendor="Österreichischer Pferdesportverband" - -# Non-root User für Security -RUN addgroup -g 1001 gateway && \ - adduser -D -u 1001 -G gateway gateway - -# Arbeitsverzeichnis und Berechtigungen -WORKDIR /app -RUN chown gateway:gateway /app - -# System-Updates für Security -RUN apk update && \ - apk add --no-cache tzdata curl && \ - rm -rf /var/cache/apk/* - -# Zeitzone setzen -ENV TZ=Europe/Vienna - -USER gateway - -# Spring Boot Layer für besseres Caching -COPY --from=build --chown=gateway:gateway /workspace/build/dependency/dependencies/ ./ -COPY --from=build --chown=gateway:gateway /workspace/build/dependency/spring-boot-loader/ ./ -COPY --from=build --chown=gateway:gateway /workspace/build/dependency/snapshot-dependencies/ ./ -COPY --from=build --chown=gateway:gateway /workspace/build/dependency/application/ ./ - -# Logs-Verzeichnis erstellen -RUN mkdir -p logs && chown gateway:gateway logs - -# JVM-Parameter für Container-Umgebung (optimized for Java 21) -ENV JAVA_OPTS="-XX:MaxRAMPercentage=80.0 \ - -XX:+UseG1GC \ - -XX:+UseStringDeduplication \ - -XX:+UseContainerSupport \ - -Djava.security.egd=file:/dev/./urandom \ - -Djava.awt.headless=true \ - -Dfile.encoding=UTF-8 \ - -Duser.timezone=Europe/Vienna" - -# Spring Profile und Port (configurable) -ENV SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE:-dev} -ENV SERVER_PORT=${GATEWAY_PORT:-8081} - -# Health Check -HEALTHCHECK --interval=15s --timeout=5s --start-period=30s --retries=3 \ - CMD curl -f http://localhost:${GATEWAY_PORT:-8081}/actuator/health || exit 1 - -# Gateway Port exposieren -EXPOSE ${GATEWAY_PORT:-8081} - -# Anwendung starten -ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS org.springframework.boot.loader.launch.JarLauncher"] diff --git a/sanity-check.sh b/sanity-check.sh deleted file mode 100755 index f10377c2..00000000 --- a/sanity-check.sh +++ /dev/null @@ -1,309 +0,0 @@ -#!/bin/bash -# =================================================================== -# Service Startup and Health Check Test Script -# Meldestelle Project - Docker Services Testing -# =================================================================== - -set -e - -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' # No Color - -# Configuration -TIMEOUT_SECONDS=300 -HEALTH_CHECK_INTERVAL=10 -MAX_RETRIES=30 - -# NEU: Alle Compose-Dateien zentral definieren -COMPOSE_FILES="-f docker-compose.yml -f docker-compose.services.yml -f docker-compose.clients.yml" - - -# Logging functions -log_info() { - echo -e "${BLUE}[INFO]${NC} $1" -} - -log_success() { - echo -e "${GREEN}[SUCCESS]${NC} $1" -} - -log_warning() { - echo -e "${YELLOW}[WARNING]${NC} $1" -} - -log_error() { - echo -e "${RED}[ERROR]${NC} $1" -} - -# Function to wait for service health check -wait_for_health_check() { - local service_name=$1 - local health_url=$2 - local max_attempts=$3 - local attempt=1 - - log_info "Waiting for $service_name health check at $health_url" - - while [ $attempt -le $max_attempts ]; do - # ALT: if curl -f -s --max-time 5 "$health_url" > /dev/null 2>&1; then - # NEU: Die Option -L wurde hinzugefügt, um HTTP-Redirects zu folgen. - if curl -f -s -L --max-time 5 "$health_url" > /dev/null 2>&1; then - log_success "$service_name is healthy (attempt $attempt/$max_attempts)" - return 0 - fi - - log_info "$service_name health check failed (attempt $attempt/$max_attempts), retrying in $HEALTH_CHECK_INTERVAL seconds..." - sleep $HEALTH_CHECK_INTERVAL - ((attempt++)) - done - - log_error "$service_name failed to become healthy after $max_attempts attempts" - return 1 -} - -# Function to check service logs for errors -check_service_logs() { - local service_name=$1 - local container_name=$2 - - log_info "Checking $service_name logs for errors..." - - # Get last 50 lines of logs - local logs=$(docker logs --tail 50 "$container_name" 2>&1 || echo "") - - # Check for common error patterns - if echo "$logs" | grep -qi "error\|exception\|failed\|fatal"; then - log_warning "$service_name has error messages in logs:" - echo "$logs" | grep -i "error\|exception\|failed\|fatal" | tail -5 - else - log_success "$service_name logs look clean" - fi -} - -# Function to test infrastructure services -test_all_services() { - log_info "=========================================" - log_info "Starting All Meldestelle Services" - log_info "=========================================" - - # Start ALL services using all compose files - log_info "Starting full environment with docker-compose..." - # ALT: docker compose up -d - docker compose $COMPOSE_FILES up -d - - # Give services time to initialize - log_info "Waiting 45 seconds for services to initialize..." - sleep 45 - - # ========================================= - # CHECK INFRASTRUCTURE - # ========================================= - log_info "--- Checking Infrastructure Services ---" - local infra_services=( - "postgres:http://localhost:5432:PostgreSQL" - "redis:redis://localhost:6379:Redis" - "consul:http://localhost:8500/v1/status/leader:Consul" - "prometheus:http://localhost:9090/-/healthy:Prometheus" - "grafana:http://localhost:3000/api/health:Grafana" - "keycloak:http://localhost:8180/:Keycloak" - ) - - for service_info in "${infra_services[@]}"; do - # Parse service info: service_name:health_url:description - # Extract service name (everything before first colon) - service_name=$(echo "$service_info" | cut -d':' -f1) - - # Extract health_url (everything after first colon, before last colon) - # For "postgres:http://localhost:5432:PostgreSQL" -> "http://localhost:5432" - temp_url=$(echo "$service_info" | cut -d':' -f2-) - health_url=$(echo "$temp_url" | sed 's/:[^:]*$//') - - # Extract description (everything after last colon) - description=$(echo "$service_info" | sed 's/.*://') - - # Special handling for PostgreSQL and Redis (no HTTP health checks) - if [ "$service_name" = "postgres" ]; then - log_info "Testing PostgreSQL connection..." - if docker exec meldestelle-postgres pg_isready -U meldestelle -d meldestelle > /dev/null 2>&1; then - log_success "PostgreSQL is ready" - else - log_error "PostgreSQL is not ready" - return 1 - fi - elif [ "$service_name" = "redis" ]; then - log_info "Testing Redis connection..." - if docker exec meldestelle-redis redis-cli ping > /dev/null 2>&1; then - log_success "Redis is ready" - else - log_error "Redis is not ready" - return 1 - fi - else - wait_for_health_check "$description" "$health_url" $MAX_RETRIES || return 1 - fi - check_service_logs "$description" "meldestelle-$service_name" - done - log_success "All infrastructure services are healthy!" - - # ========================================= - # CHECK API GATEWAY - # ========================================= - log_info "--- Checking API Gateway ---" - wait_for_health_check "API Gateway" "http://localhost:8081/actuator/health" $MAX_RETRIES || return 1 - check_service_logs "API Gateway" "meldestelle-api-gateway" - log_success "API Gateway is healthy!" - - # ========================================= - # CHECK APPLICATION SERVICES - # ========================================= - log_info "--- Checking Application Services ---" - local app_services=( - "ping-service:http://localhost:8082/actuator/health:Ping Service" - ) - # Note: Add other services like members-service here when they are enabled - - for service_info in "${app_services[@]}"; do - IFS=':' read -r service_name health_url description <<< "$service_info" - wait_for_health_check "$description" "$health_url" $MAX_RETRIES || return 1 - check_service_logs "$description" "meldestelle-$service_name" - done - log_success "All application services are healthy!" - - # ========================================= - # CHECK CLIENT SERVICES - # ========================================= - log_info "--- Checking Client Services ---" - local client_services=( - "web-app:http://localhost:4000/health:Web Application" - "auth-server:http://localhost:8087/actuator/health:Auth Server" - ) - # Note: Add other client services here when enabled - - for service_info in "${client_services[@]}"; do - # ... (parsing logic remains the same) - service_name=$(echo "$service_info" | cut -d':' -f1) - health_url=$(echo "$service_info" | cut -d':' -f2) - description=$(echo "$service_info" | cut -d':' -f3) - wait_for_health_check "$description" "$health_url" $MAX_RETRIES || return 1 - # Use the container name from docker-compose.clients.yml (e.g., meldestelle-web-app) - check_service_logs "$description" "meldestelle-$service_name" - done - log_success "All client services are healthy!" -} - -# ENTFERNT: test_api_gateway, test_application_services, test_client_services wurden in test_all_services integriert. - -# Function to test network connectivity -test_network_connectivity() { - log_info "=========================================" - log_info "Testing Network Connectivity" - log_info "=========================================" - - # Test internal network connectivity between services - log_info "Testing service-to-service connectivity..." - - # Test API Gateway can reach backend services - if docker exec meldestelle-api-gateway curl -f -s --max-time 5 http://ping-service:8082/actuator/health > /dev/null 2>&1; then - log_success "API Gateway can reach Ping Service" - else - log_error "API Gateway cannot reach Ping Service" - return 1 - fi - - # Test application service can reach infrastructure - if docker exec meldestelle-ping-service curl -f -s --max-time 5 http://consul:8500/v1/status/leader > /dev/null 2>&1; then - log_success "Application services can reach Consul" - else - log_error "Application services cannot reach Consul" - return 1 - fi - - log_success "Network connectivity tests passed!" -} - -# Function to generate test report -generate_test_report() { - log_info "=========================================" - log_info "Test Report Summary" - log_info "=========================================" - - # Get running containers - local running_containers=$(docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}" | grep meldestelle) - - echo "Running Meldestelle Services:" - echo "$running_containers" - - # Check resource usage - log_info "Resource usage summary:" - docker stats --no-stream --format "table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}" $(docker ps -q --filter "name=meldestelle") -} - -# Function to cleanup -cleanup() { - log_info "=========================================" - log_info "Cleaning up test environment" - log_info "=========================================" - - log_info "Stopping and removing all test containers..." - - # Use the same files to tear down the environment - docker compose $COMPOSE_FILES down --remove-orphans -v - -# # Stop and remove containers if they exist -# local containers=("meldestelle-postgres" "meldestelle-redis" "meldestelle-consul" "meldestelle-prometheus" "meldestelle-grafana" "meldestelle-keycloak" "meldestelle-api-gateway") -# -# for container in "${containers[@]}"; do -# if docker ps -a --format '{{.Names}}' | grep -q "^${container}$"; then -# log_info "Stopping and removing $container" -# docker stop "$container" >/dev/null 2>&1 || true -# docker rm "$container" >/dev/null 2>&1 || true -# fi -# done - - # Remove network if it exists - docker network rm meldestelle-network >/dev/null 2>&1 || true - - log_info "Cleanup completed" -} - -# Main test execution -main() { - log_info "=========================================" - log_info "Starting Meldestelle Services Test Suite" - log_info "=========================================" - - # Set trap to cleanup on exit - trap cleanup EXIT - - # Run tests in sequence - test_all_services || exit 1 - test_network_connectivity || exit 1 - - # Generate report - generate_test_report - - log_success "=========================================" - log_success "All tests passed successfully!" - log_success "All services are running and healthy!" - log_success "=========================================" -} - -# Parse command line arguments -case "${1:-}" in - "all") - test_all_services - ;; - "network") - test_network_connectivity - ;; - "cleanup") - cleanup - ;; - *) - main - ;; -esac diff --git a/scripts/docker-build.sh b/scripts/docker-build.sh new file mode 100755 index 00000000..98df7025 --- /dev/null +++ b/scripts/docker-build.sh @@ -0,0 +1,184 @@ +#!/bin/bash +# =================================================================== +# Docker Build Script with Centralized Version Management +# Automatically sources versions from docker/versions.toml via environment files +# =================================================================== + +set -e + +# Script directory and project root +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" +DOCKER_DIR="$PROJECT_ROOT/docker" +BUILD_ARGS_DIR="$DOCKER_DIR/build-args" + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +# Function to print colored output +print_info() { + echo -e "${BLUE}[INFO]${NC} $1" +} + +print_success() { + echo -e "${GREEN}[SUCCESS]${NC} $1" +} + +print_warning() { + echo -e "${YELLOW}[WARNING]${NC} $1" +} + +print_error() { + echo -e "${RED}[ERROR]${NC} $1" +} + +# Function to load environment files +load_env_files() { + print_info "Loading centralized Docker version environment files..." + + # Load global environment variables + if [[ -f "$BUILD_ARGS_DIR/global.env" ]]; then + export $(grep -v '^#' "$BUILD_ARGS_DIR/global.env" | xargs) + print_info "✓ Loaded global.env" + else + print_error "Global environment file not found: $BUILD_ARGS_DIR/global.env" + exit 1 + fi + + # Load category-specific environment variables + for env_file in services.env clients.env infrastructure.env; do + if [[ -f "$BUILD_ARGS_DIR/$env_file" ]]; then + export $(grep -v '^#' "$BUILD_ARGS_DIR/$env_file" | xargs) + print_info "✓ Loaded $env_file" + else + print_warning "Optional environment file not found: $BUILD_ARGS_DIR/$env_file" + fi + done + + # Set BUILD_DATE if not already set + export BUILD_DATE=${BUILD_DATE:-$(date -u +'%Y-%m-%dT%H:%M:%SZ')} + + # Map to Docker Compose environment variables + export DOCKER_GRADLE_VERSION="${GRADLE_VERSION}" + export DOCKER_JAVA_VERSION="${JAVA_VERSION}" + export DOCKER_NODE_VERSION="${NODE_VERSION}" + export DOCKER_NGINX_VERSION="${NGINX_VERSION}" + export DOCKER_APP_VERSION="${VERSION}" + export DOCKER_SPRING_PROFILES_DEFAULT="${SPRING_PROFILES_ACTIVE:-default}" + export DOCKER_SPRING_PROFILES_DOCKER="docker" + + print_success "All environment files loaded successfully!" +} + +# Function to show current versions +show_versions() { + print_info "Current centralized Docker versions:" + echo " Gradle Version: ${DOCKER_GRADLE_VERSION:-not set}" + echo " Java Version: ${DOCKER_JAVA_VERSION:-not set}" + echo " Node Version: ${DOCKER_NODE_VERSION:-not set}" + echo " Nginx Version: ${DOCKER_NGINX_VERSION:-not set}" + echo " App Version: ${DOCKER_APP_VERSION:-not set}" + echo " Build Date: ${BUILD_DATE:-not set}" + echo " Spring Profile (Default): ${DOCKER_SPRING_PROFILES_DEFAULT:-not set}" + echo " Spring Profile (Docker): ${DOCKER_SPRING_PROFILES_DOCKER:-not set}" +} + +# Function to build specific category +build_category() { + local category=$1 + local compose_file="" + + case $category in + "infrastructure") + compose_file="docker-compose.yml" + ;; + "services") + compose_file="docker-compose.yml -f docker-compose.services.yml" + ;; + "clients") + compose_file="docker-compose.yml -f docker-compose.clients.yml" + ;; + "all") + compose_file="docker-compose.yml -f docker-compose.services.yml -f docker-compose.clients.yml" + ;; + *) + print_error "Invalid category: $category" + print_info "Valid categories: infrastructure, services, clients, all" + exit 1 + ;; + esac + + print_info "Building $category with centralized versions..." + cd "$PROJECT_ROOT" + + if docker-compose -f $compose_file build; then + print_success "$category built successfully!" + else + print_error "Failed to build $category" + exit 1 + fi +} + +# Help function +show_help() { + echo "Docker Build Script with Centralized Version Management" + echo "" + echo "Usage: $0 [OPTIONS] [CATEGORY]" + echo "" + echo "Categories:" + echo " infrastructure Build infrastructure services (API Gateway)" + echo " services Build application services (ping-service, etc.)" + echo " clients Build client applications (web-app, desktop-app)" + echo " all Build everything" + echo "" + echo "Options:" + echo " -v, --versions Show current versions" + echo " -h, --help Show this help message" + echo "" + echo "Examples:" + echo " $0 services # Build all services" + echo " $0 clients # Build client applications" + echo " $0 all # Build everything" + echo " $0 --versions # Show current versions" + echo "" + echo "The script automatically loads versions from:" + echo " - docker/build-args/global.env" + echo " - docker/build-args/services.env" + echo " - docker/build-args/clients.env" + echo " - docker/build-args/infrastructure.env" +} + +# Main execution +main() { + # Parse command line arguments + case $1 in + -h|--help) + show_help + exit 0 + ;; + -v|--versions) + load_env_files + show_versions + exit 0 + ;; + "") + print_error "No category specified" + show_help + exit 1 + ;; + *) + # Load environment and build + load_env_files + show_versions + echo "" + build_category "$1" + ;; + esac +} + +# Run main function with all arguments +main "$@" diff --git a/scripts/docker-versions-update.sh b/scripts/docker-versions-update.sh new file mode 100755 index 00000000..c70da758 --- /dev/null +++ b/scripts/docker-versions-update.sh @@ -0,0 +1,299 @@ +#!/bin/bash +# =================================================================== +# Docker Versions Update Utility +# Updates central docker/versions.toml and syncs to environment files +# =================================================================== + +set -e + +# Script directory and project root +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" +DOCKER_DIR="$PROJECT_ROOT/docker" +VERSIONS_TOML="$DOCKER_DIR/versions.toml" +BUILD_ARGS_DIR="$DOCKER_DIR/build-args" + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +# Function to print colored output +print_info() { + echo -e "${BLUE}[INFO]${NC} $1" +} + +print_success() { + echo -e "${GREEN}[SUCCESS]${NC} $1" +} + +print_warning() { + echo -e "${YELLOW}[WARNING]${NC} $1" +} + +print_error() { + echo -e "${RED}[ERROR]${NC} $1" +} + +# Function to extract version from TOML file +get_version() { + local key=$1 + grep "^$key = " "$VERSIONS_TOML" | sed 's/.*= "\(.*\)"/\1/' || echo "" +} + +# Function to update version in TOML file +update_version() { + local key=$1 + local new_value=$2 + + if grep -q "^$key = " "$VERSIONS_TOML"; then + # Update existing key + sed -i.bak "s/^$key = .*/$key = \"$new_value\"/" "$VERSIONS_TOML" + print_success "Updated $key to $new_value" + else + print_error "Key $key not found in $VERSIONS_TOML" + return 1 + fi +} + +# Function to sync TOML to environment files +sync_to_env_files() { + print_info "Syncing versions.toml to environment files..." + + # Get current versions from TOML + local gradle_version=$(get_version "gradle") + local java_version=$(get_version "java") + local node_version=$(get_version "node") + local nginx_version=$(get_version "nginx") + local app_version=$(get_version "app-version") + local spring_default=$(get_version "spring-profiles-default") + local spring_docker=$(get_version "spring-profiles-docker") + local alpine_version=$(get_version "alpine") + + # Update global.env + cat > "$BUILD_ARGS_DIR/global.env" << EOF +# =================================================================== +# Global Docker Build Arguments - Used by all categories +# Source: docker/versions.toml +# Last updated: $(date -u +'%Y-%m-%d %H:%M:%S UTC') +# =================================================================== + +# --- Build Tools --- +GRADLE_VERSION=$gradle_version +JAVA_VERSION=$java_version + +# --- Build Metadata --- +BUILD_DATE=\$(date -u +'%Y-%m-%dT%H:%M:%SZ') +VERSION=$app_version + +# --- Common Base Images --- +ALPINE_VERSION=$alpine_version +ECLIPSE_TEMURIN_JDK_VERSION=$java_version-jdk-alpine +ECLIPSE_TEMURIN_JRE_VERSION=$java_version-jre-alpine +EOF + print_success "Updated global.env" + + # Update clients.env + cat > "$BUILD_ARGS_DIR/clients.env" << EOF +# =================================================================== +# Clients Docker Build Arguments - dockerfiles/clients/* +# Source: docker/versions.toml [categories.clients] +# Last updated: $(date -u +'%Y-%m-%d %H:%M:%S UTC') +# =================================================================== + +# --- Include Global Arguments --- +# Source global.env for GRADLE_VERSION, JAVA_VERSION, BUILD_DATE, VERSION + +# --- Client-Specific Build Tools --- +NODE_VERSION=$node_version +NGINX_VERSION=$nginx_version + +# --- Client Build Configuration --- +CLIENT_PATH=client +CLIENT_MODULE=client +CLIENT_NAME=meldestelle-client + +# --- Web Application Specific --- +WEB_APP_PORT=4000 +WEB_APP_BUILD_TARGET=wasmJsBrowserDistribution + +# --- Desktop Application Specific --- +DESKTOP_APP_VNC_PORT=5901 +DESKTOP_APP_NOVNC_PORT=6080 +DESKTOP_APP_BUILD_TARGET=composeDesktop + +# --- Client Environment --- +NODE_ENV=production +APP_TITLE=Meldestelle +APP_VERSION=$app_version + +# --- Development Configuration --- +WEBPACK_DEV_SERVER_HOST=0.0.0.0 +WEBPACK_DEV_SERVER_PORT=4000 +EOF + print_success "Updated clients.env" + + # Update services.env + cat > "$BUILD_ARGS_DIR/services.env" << EOF +# =================================================================== +# Services Docker Build Arguments - dockerfiles/services/* +# Source: docker/versions.toml [categories.services] +# Last updated: $(date -u +'%Y-%m-%d %H:%M:%S UTC') +# =================================================================== + +# --- Include Global Arguments --- +# Source global.env for GRADLE_VERSION, JAVA_VERSION, BUILD_DATE, VERSION + +# --- Spring Boot Services Configuration --- +SPRING_PROFILES_ACTIVE=$spring_docker + +# --- Service-Specific Arguments --- +SERVICE_PATH=. +SERVICE_NAME=spring-boot-service +SERVICE_PORT=8080 + +# --- Service Port Mapping (matches gradle.properties) --- +PING_SERVICE_PORT=8082 +MEMBERS_SERVICE_PORT=8083 +HORSES_SERVICE_PORT=8084 +EVENTS_SERVICE_PORT=8085 +MASTERDATA_SERVICE_PORT=8086 + +# --- Services List (for automation scripts) --- +# ping-service, members-service, horses-service, events-service, masterdata-service +EOF + print_success "Updated services.env" + + # Update infrastructure.env + cat > "$BUILD_ARGS_DIR/infrastructure.env" << EOF +# =================================================================== +# Infrastructure Docker Build Arguments - dockerfiles/infrastructure/* +# Source: docker/versions.toml [categories.infrastructure] +# Last updated: $(date -u +'%Y-%m-%d %H:%M:%S UTC') +# =================================================================== + +# --- Include Global Arguments --- +# Source global.env for GRADLE_VERSION, JAVA_VERSION, BUILD_DATE, VERSION + +# --- Infrastructure Services Configuration --- +SPRING_PROFILES_ACTIVE=$spring_default + +# --- Infrastructure Service Ports (matches gradle.properties) --- +GATEWAY_PORT=8081 +AUTH_SERVER_PORT=8087 +MONITORING_SERVER_PORT=8088 + +# --- API Gateway Specific --- +GATEWAY_SERVICE_PATH=infrastructure/gateway +GATEWAY_SERVICE_NAME=api-gateway + +# --- Auth Server Specific --- +AUTH_SERVER_PATH=infrastructure/auth/auth-server +AUTH_SERVER_SERVICE_NAME=auth-server + +# --- Monitoring Server Specific --- +MONITORING_SERVER_PATH=infrastructure/monitoring/monitoring-server +MONITORING_SERVER_SERVICE_NAME=monitoring-server + +# --- Infrastructure Dependencies --- +CONSUL_ENABLED=true +CONSUL_HOST=consul +CONSUL_PORT=8500 + +# --- Database Configuration for Infrastructure Services --- +DB_HOST=postgres +DB_PORT=5432 +DB_NAME=meldestelle +EOF + print_success "Updated infrastructure.env" + + print_success "All environment files synced successfully!" +} + +# Function to show current versions +show_current_versions() { + print_info "Current Docker versions:" + echo " Gradle: $(get_version "gradle")" + echo " Java: $(get_version "java")" + echo " Node.js: $(get_version "node")" + echo " Nginx: $(get_version "nginx")" + echo " Alpine: $(get_version "alpine")" + echo " App Version: $(get_version "app-version")" + echo " Spring Profile (Default): $(get_version "spring-profiles-default")" + echo " Spring Profile (Docker): $(get_version "spring-profiles-docker")" +} + +# Function to show help +show_help() { + echo "Docker Versions Update Utility" + echo "" + echo "Usage: $0 [COMMAND] [OPTIONS]" + echo "" + echo "Commands:" + echo " show Show current versions" + echo " sync Sync versions.toml to environment files" + echo " update Update specific version" + echo "" + echo "Available keys for update:" + echo " gradle Gradle version" + echo " java Java version" + echo " node Node.js version" + echo " nginx Nginx version" + echo " alpine Alpine Linux version" + echo " app-version Application version" + echo " spring-profiles-default Default Spring profile" + echo " spring-profiles-docker Docker Spring profile" + echo "" + echo "Examples:" + echo " $0 show # Show current versions" + echo " $0 update gradle 9.1.0 # Update Gradle to 9.1.0" + echo " $0 update java 22 # Update Java to version 22" + echo " $0 sync # Sync versions to environment files" + echo "" + echo "After updating versions, run 'sync' to update environment files" + echo "or use scripts/docker-build.sh to build with new versions." +} + +# Main execution +main() { + # Check if versions.toml exists + if [[ ! -f "$VERSIONS_TOML" ]]; then + print_error "Versions file not found: $VERSIONS_TOML" + exit 1 + fi + + case $1 in + "show") + show_current_versions + ;; + "sync") + sync_to_env_files + ;; + "update") + if [[ $# -lt 3 ]]; then + print_error "Usage: $0 update " + exit 1 + fi + update_version "$2" "$3" + sync_to_env_files + ;; + "-h"|"--help"|"help") + show_help + ;; + "") + print_error "No command specified" + show_help + exit 1 + ;; + *) + print_error "Unknown command: $1" + show_help + exit 1 + ;; + esac +} + +# Run main function with all arguments +main "$@" diff --git a/scripts/test/integration-test.sh b/scripts/test/integration-test.sh new file mode 100755 index 00000000..3560151d --- /dev/null +++ b/scripts/test/integration-test.sh @@ -0,0 +1,420 @@ +#!/bin/bash + +# ============================================================================= +# Full System Integration Test Script +# ============================================================================= +# Comprehensive testing of all Meldestelle services including infrastructure, +# application services, client applications, and inter-service connectivity. +# ============================================================================= + +# Load common utilities +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +# shellcheck source=../utils/common.sh +source "$SCRIPT_DIR/../utils/common.sh" || { + echo "Error: Could not load common utilities" + exit 1 +} + +# ============================================================================= +# Configuration +# ============================================================================= + +readonly COMPOSE_FILES="-f docker-compose.yml -f docker-compose.services.yml -f docker-compose.clients.yml" +readonly TIMEOUT_SECONDS=300 +readonly HEALTH_CHECK_INTERVAL=10 +readonly MAX_RETRIES=30 + +# Project root and Docker configuration +readonly PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" +readonly DOCKER_DIR="$PROJECT_ROOT/docker" +readonly BUILD_ARGS_DIR="$DOCKER_DIR/build-args" + +# Service endpoints (from common configuration) +readonly SERVICES_CONFIG=( + "postgres:5432:PostgreSQL:pg_isready -U meldestelle" + "redis:6379:Redis:redis-cli ping" + "consul:8500:Consul:http://localhost:8500/v1/status/leader" + "api-gateway:8081:API Gateway:http://localhost:8081/actuator/health" + "ping-service:8082:Ping Service:http://localhost:8082/actuator/health" +) + +# Integration with central Docker version management +load_docker_versions() { + if [[ -f "$BUILD_ARGS_DIR/global.env" ]]; then + source "$BUILD_ARGS_DIR/global.env" + log_info "Loaded centralized Docker versions" + else + log_warning "Centralized Docker versions not found, using defaults" + fi +} + +# Function to wait for service health check using common utilities +wait_for_service_with_retry() { + local service_name=$1 + local health_check=$2 + local max_attempts=${3:-$MAX_RETRIES} + + log_info "Waiting for $service_name to become healthy..." + + if retry_with_backoff "$max_attempts" "$health_check" "Waiting for $service_name"; then + log_success "$service_name is healthy" + return 0 + else + log_error "$service_name failed to become healthy after $max_attempts attempts" + return 1 + fi +} + +# HTTP health check function +http_health_check() { + local url=$1 + curl -f -s -L --max-time 5 "$url" > /dev/null 2>&1 +} + +# PostgreSQL health check function +postgres_health_check() { + docker exec meldestelle-postgres pg_isready -U meldestelle -d meldestelle > /dev/null 2>&1 +} + +# Redis health check function +redis_health_check() { + docker exec meldestelle-redis redis-cli ping > /dev/null 2>&1 +} + +# Function to check service logs for errors +check_service_logs() { + local service_name=$1 + local container_name=$2 + + log_info "Checking $service_name logs for errors..." + + # Get last 50 lines of logs + local logs=$(docker logs --tail 50 "$container_name" 2>&1 || echo "") + + # Check for common error patterns + if echo "$logs" | grep -qi "error\|exception\|failed\|fatal"; then + log_warning "$service_name has error messages in logs:" + echo "$logs" | grep -i "error\|exception\|failed\|fatal" | tail -5 + else + log_success "$service_name logs look clean" + fi +} + +# ============================================================================= +# Enhanced Test Categories and Selective Execution +# ============================================================================= + +# Function to test infrastructure services only +test_infrastructure_services() { + log_section "Testing Infrastructure Services" + + # Load Docker versions + load_docker_versions + + # Start infrastructure services only + log_info "Starting infrastructure services..." + cd "$PROJECT_ROOT" + docker compose -f docker-compose.yml up -d + + # Wait for initialization + log_info "Waiting 30 seconds for infrastructure services to initialize..." + sleep 30 + + # Test PostgreSQL + log_info "Testing PostgreSQL connection..." + wait_for_service_with_retry "PostgreSQL" postgres_health_check || return 1 + + # Test Redis + log_info "Testing Redis connection..." + wait_for_service_with_retry "Redis" redis_health_check || return 1 + + # Test Consul + log_info "Testing Consul..." + wait_for_service_with_retry "Consul" "http_health_check http://localhost:8500/v1/status/leader" || return 1 + + # Test Prometheus + log_info "Testing Prometheus..." + wait_for_service_with_retry "Prometheus" "http_health_check http://localhost:9090/-/healthy" || return 1 + + # Test Grafana + log_info "Testing Grafana..." + wait_for_service_with_retry "Grafana" "http_health_check http://localhost:3000/api/health" || return 1 + + # Test Keycloak + log_info "Testing Keycloak..." + wait_for_service_with_retry "Keycloak" "http_health_check http://localhost:8180/" || return 1 + + log_success "All infrastructure services are healthy!" +} + +# Function to test application services +test_application_services() { + log_section "Testing Application Services" + + # Start application services + log_info "Starting application services..." + cd "$PROJECT_ROOT" + docker compose $COMPOSE_FILES up -d + + # Wait for initialization + log_info "Waiting 45 seconds for application services to initialize..." + sleep 45 + + # Test API Gateway + log_info "Testing API Gateway..." + wait_for_service_with_retry "API Gateway" "http_health_check http://localhost:8081/actuator/health" || return 1 + + # Test Ping Service + log_info "Testing Ping Service..." + wait_for_service_with_retry "Ping Service" "http_health_check http://localhost:8082/actuator/health" || return 1 + + log_success "All application services are healthy!" +} + +# Function to test client applications +test_client_applications() { + log_section "Testing Client Applications" + + # Start client applications + log_info "Starting client applications..." + cd "$PROJECT_ROOT" + docker compose -f docker-compose.yml -f docker-compose.clients.yml up -d + + # Wait for initialization + log_info "Waiting 60 seconds for client applications to initialize..." + sleep 60 + + # Test Web Application + log_info "Testing Web Application..." + wait_for_service_with_retry "Web App" "http_health_check http://localhost:4000/health" || return 1 + + # Test Desktop Application (VNC interface) + log_info "Testing Desktop Application VNC interface..." + wait_for_service_with_retry "Desktop App" "http_health_check http://localhost:6080/" || return 1 + + log_success "All client applications are healthy!" +} + +# Function to test network connectivity +test_network_connectivity() { + log_section "Testing Network Connectivity" + + # Test service-to-service connectivity + log_info "Testing service-to-service connectivity..." + + # Test API Gateway can reach backend services + if docker exec meldestelle-api-gateway curl -f -s --max-time 5 http://ping-service:8082/actuator/health > /dev/null 2>&1; then + log_success "API Gateway can reach Ping Service" + else + log_error "API Gateway cannot reach Ping Service" + return 1 + fi + + # Test application service can reach infrastructure + if docker exec meldestelle-ping-service curl -f -s --max-time 5 http://consul:8500/v1/status/leader > /dev/null 2>&1; then + log_success "Application services can reach Consul" + else + log_error "Application services cannot reach Consul" + return 1 + fi + + log_success "Network connectivity tests passed!" +} + +# ============================================================================= +# Enhanced Reporting and Monitoring +# ============================================================================= + +# Function to generate integration report +generate_integration_report() { + log_section "Integration Test Report" + + # Service status matrix + log_info "Service Status Matrix:" + docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}" --filter "name=meldestelle" + + # Performance metrics + log_info "Performance Metrics:" + docker stats --no-stream --format "table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}" $(docker ps -q --filter "name=meldestelle") 2>/dev/null || true + + # Resource usage summary + local containers=$(docker ps --filter "name=meldestelle" --format "{{.Names}}" | wc -l) + log_info "Total running containers: $containers" + + # Test summary + print_test_summary +} + +# Enhanced cleanup function using common utilities +cleanup() { + log_section "Cleaning up test environment" + + log_info "Stopping and removing all test containers..." + cd "$PROJECT_ROOT" + + # Use the same files to tear down the environment + docker compose $COMPOSE_FILES down --remove-orphans -v 2>/dev/null || true + + # Remove network if it exists + docker network rm meldestelle-network >/dev/null 2>&1 || true + + log_success "Cleanup completed" +} + +# Function to run full system integration test +run_full_integration_test() { + log_section "Full System Integration Test" + + # Load Docker versions + load_docker_versions + + # Start ALL services using all compose files + log_info "Starting full environment with all services..." + cd "$PROJECT_ROOT" + docker compose $COMPOSE_FILES up -d + + # Give services time to initialize + log_info "Waiting 60 seconds for all services to initialize..." + sleep 60 + + # Run comprehensive tests + test_infrastructure_services || return 1 + test_application_services || return 1 + test_client_applications || return 1 + test_network_connectivity || return 1 + + # Generate comprehensive report + generate_integration_report + + log_success "Full system integration test completed successfully!" +} + +# ============================================================================= +# Command Line Interface and Help System +# ============================================================================= + +# Function to show help +show_help() { + cat << EOF +Full System Integration Test Script + +USAGE: + $0 [OPTIONS] [CATEGORY] + +CATEGORIES: + infrastructure Test infrastructure services only (PostgreSQL, Redis, Consul, etc.) + services Test application services (API Gateway, Ping Service, etc.) + clients Test client applications (Web App, Desktop App) + network Test inter-service network connectivity + all Run full system integration test (default) + cleanup Clean up test environment only + +OPTIONS: + -h, --help Show this help message + -v, --verbose Enable verbose logging + --no-cleanup Skip cleanup on exit + --cleanup-only Only run cleanup and exit + +EXAMPLES: + $0 # Run full integration test + $0 infrastructure # Test infrastructure services only + $0 services # Test application services only + $0 clients # Test client applications only + $0 network # Test network connectivity only + $0 cleanup # Clean up test environment + $0 --help # Show this help + +ENVIRONMENT VARIABLES: + CLEANUP_SERVICES=false Skip cleanup on exit + REMOVE_CONTAINERS=true Remove containers during cleanup + MAX_RETRIES=30 Maximum retry attempts for health checks + HEALTH_CHECK_INTERVAL=10 Seconds between health check attempts + +The script automatically loads versions from the centralized Docker version +management system and integrates with the common utilities for consistent +logging, error handling, and cleanup procedures. +EOF +} + +# ============================================================================= +# Main Execution Function +# ============================================================================= + +# Main execution function with enhanced argument parsing +main() { + local category="${1:-all}" + local cleanup_on_exit=true + + # Parse options + while [[ $# -gt 0 ]]; do + case $1 in + -h|--help) + show_help + exit 0 + ;; + -v|--verbose) + set -x + shift + ;; + --no-cleanup) + cleanup_on_exit=false + shift + ;; + --cleanup-only) + cleanup + exit 0 + ;; + -*) + log_error "Unknown option: $1" + show_help + exit 1 + ;; + *) + category="$1" + shift + ;; + esac + done + + # Set cleanup trap if requested + if [[ "$cleanup_on_exit" == "true" ]]; then + trap cleanup EXIT + fi + + # Execute based on category + log_section "Meldestelle Integration Test Suite" + log_info "Category: $category" + log_info "Cleanup on exit: $cleanup_on_exit" + + case "$category" in + "infrastructure") + test_infrastructure_services || exit 1 + ;; + "services") + test_application_services || exit 1 + ;; + "clients") + test_client_applications || exit 1 + ;; + "network") + test_network_connectivity || exit 1 + ;; + "all") + run_full_integration_test || exit 1 + ;; + "cleanup") + cleanup + exit 0 + ;; + *) + log_error "Unknown category: $category" + show_help + exit 1 + ;; + esac + + log_success "Integration test completed successfully!" +} + +# Execute main function with all arguments +main "$@" diff --git a/test-docker-compose.sh b/test-docker-compose.sh deleted file mode 100755 index 805d4ab0..00000000 --- a/test-docker-compose.sh +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/bash - -# =================================================================== -# Docker Compose Test Script -# Tests all three docker-compose files separately -# =================================================================== - -set -e - -echo "=== Docker Compose Test Script ===" -echo "Testing all three compose files for the Meldestelle project" -echo "" - -# Function to cleanup containers -cleanup() { - echo "Cleaning up containers..." - docker-compose down -v --remove-orphans 2>/dev/null || true - docker-compose -f docker-compose.services.yml down -v --remove-orphans 2>/dev/null || true - docker-compose -f docker-compose.clients.yml down -v --remove-orphans 2>/dev/null || true - docker system prune -f 2>/dev/null || true -} - -# Function to test a compose file -test_compose_file() { - local compose_file=$1 - local description=$2 - - echo "=== Testing $description ===" - echo "File: $compose_file" - echo "" - - # Test compose file syntax - echo "1. Testing syntax..." - if docker-compose -f "$compose_file" config >/dev/null 2>&1; then - echo "✓ Syntax OK" - else - echo "✗ Syntax ERROR" - docker-compose -f "$compose_file" config - return 1 - fi - - # Test if we can start the services (dry-run) - echo "2. Testing service definitions..." - if docker-compose -f "$compose_file" up --dry-run >/dev/null 2>&1; then - echo "✓ Service definitions OK" - else - echo "✗ Service definitions ERROR" - docker-compose -f "$compose_file" up --dry-run - return 1 - fi - - echo "" -} - -# Trap to ensure cleanup on exit -trap cleanup EXIT - -echo "Starting Docker Compose tests..." -echo "" - -# Test 1: Main infrastructure file -test_compose_file "docker-compose.yml" "Infrastructure Services (docker-compose.yml)" - -# Test 2: Services file -test_compose_file "docker-compose.services.yml" "Application Services (docker-compose.services.yml)" - -# Test 3: Clients file -test_compose_file "docker-compose.clients.yml" "Client Applications (docker-compose.clients.yml)" - -echo "=== Test Summary ===" -echo "All tests completed. Check output above for any errors." -echo "" - -# Additional check: Test combined files -echo "=== Testing Combined Files ===" -echo "Testing services with infrastructure..." -if docker-compose -f docker-compose.yml -f docker-compose.services.yml config >/dev/null 2>&1; then - echo "✓ Infrastructure + Services combination OK" -else - echo "✗ Infrastructure + Services combination ERROR" - docker-compose -f docker-compose.yml -f docker-compose.services.yml config -fi - -echo "" -echo "Testing full stack..." -if docker-compose -f docker-compose.yml -f docker-compose.services.yml -f docker-compose.clients.yml config >/dev/null 2>&1; then - echo "✓ Full stack combination OK" -else - echo "✗ Full stack combination ERROR" - docker-compose -f docker-compose.yml -f docker-compose.services.yml -f docker-compose.clients.yml config -fi - -echo "" -echo "=== Test completed ==="