Feature/postgres

CHANGELOG.md

@@ -2,6 +2,8 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [2.2.2-1](https://github.com/chtew/hackathon-digiweek-wob/compare/v2.2.2-0...v2.2.2-1) (2023-01-18)
+
 ### [2.2.2-0](https://github.com/chtew/hackathon-digiweek-wob/compare/v2.2.1...v2.2.2-0) (2022-08-13)
 
 ### [2.2.1](https://github.com/chtew/hackathon-digiweek-wob/compare/v2.2.0...v2.2.1) (2022-08-06)

application/src/main/resources/application.properties

@@ -15,14 +15,15 @@ management.endpoints.web.exposure.include=*
 # show full git properties
 management.info.git.mode=full
 
-# MySQL
+# Postgres
 spring.datasource.hikari.connection-timeout=10000
-spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
-spring.datasource.url=jdbc:mariadb://localhost:3306/hackathon?useLegacyDatetimeCode=false&serverTimezone=CET
-spring.jpa.hibernate.naming.physical-strategy=de.digiweek.persistence.config.DatabasePhysicalNamingStrategy
+#spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.url=jdbc:postgresql://localhost:5433/hackathon?useLegacyDatetimeCode=false&serverTimezone=CET
 #spring.jpa.hibernate.ddl-auto=create
 spring.datasource.username=hackathon
 spring.datasource.password=hackathon
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
+#spring.jpa.hibernate.ddl-auto=create
 
 # Flyway
 spring.flyway.user=${spring.datasource.username}
@@ -48,4 +49,4 @@ keycloak.public-client=true
 keycloak.enabled=true
 
 spring.servlet.multipart.max-file-size=128MB
-spring.servlet.multipart.max-request-size=128MB
+spring.servlet.multipart.max-request-size=128MB

deployment/helm/hackathon/Chart.yaml

@@ -23,8 +23,8 @@ version: 2.2.1
 appVersion: v2.2.1
 
 dependencies:
-  - name: mariadb
-    version: 11.0.13
+  - name: postgresql
+    version: 12.1.9
     repository: https://charts.bitnami.com/bitnami
   - name: grafana
     version: 6.32.11

deployment/helm/hackathon/README.md

@@ -1,28 +1,21 @@
-# Helm chart for City.OS
-This is the Helm chart to deploy City.OS app. 
+# Helm chart for TrafficAnalysis
 
-## TL;DR;
+This is the Helm chart to deploy traffic analysis app. 
 
-The following command deploys City.OS + MariaDB and authentication with Keycloak + PostrgeSQL. 
+The following command deploys the app + MariaDB as well as a preconfigured Grafana. Copy values.yaml and adapt to your target environment needs. This expects a running cert manager - you are able to run it without, but do not delete tls values. Please change hostname in your custom values - localhost does not work. (No also not on your dev machine :)). 
 
 ```console
 $ helm install release-name . -f your-customvalues.yaml
 ```
-Please change hostname in your custom values - localhost does not work. (No also not your dev machine :)) For more details how to use Helm please refer to Helm [docs](https://helm.sh/docs/).
+A running keycloak is expected. In fact it is supposed, that for every deployment you choose a proper context path, such that multiple versions of this software can be deployed to the same Kubernetes clsuter and the same domain.
 
-## Intro
-Copy values.yaml and adapt to your target environment needs. This chart expects a running cert manager, so make sure your Kubernetes (K3s,...) has a running instance. 
+This Helm chart also requires a pull secret to pull latest image from Github. Secret name is exptected as `github-pull-secret`. Create secret like below:
 
-Also note that Keycloak is not deployed under its default context path. In fact it is supposed, that for every deployment you choose a proper context path, such that multiple versions of this software can be deployed to the same Kubernetes clsuter and the same domain.
-
-This Helm chart also requires a pull secret to pull latest image from Github. Secret name is exptected as `github-pull-secret`, see below for an example.
-
-## Examples
-
-### Pull Secret
-If you don't know, how to create secrets in Kubernetes, please google how to do so.
+```
+kubectl create secret docker-registry github-pull-secret --docker-server=ghcr.io --docker-username=<<your github user>> --docker-password=<<your github PAT>> --docker-email=<<your github email>> --namespace=city
+```
+That should the following secret:
 
-Sample:
 ```YAML
 kind: Secret
 type: kubernetes.io/dockerconfigjson

deployment/helm/hackathon/templates/deployment.yaml

@@ -28,16 +28,16 @@ spec:
       securityContext:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       initContainers:
-        - name: wait4mariadb
-          image: "{{ .Values.initContainers.wait4mariadb.image }}:{{ .Values.initContainers.wait4mariadb.tag }}"
+        - name: wait4postgres
+          image: "{{ .Values.initContainers.wait4postgres.image }}:{{ .Values.initContainers.wait4postgres.tag }}"
           resources:
             {{- toYaml .Values.initContainers.resources | nindent 12 }}
           securityContext:
             {{- toYaml .Values.initContainers.securityContext | nindent 12 }}
           command: 
             - 'sh'
             - '-c'
-            - 'until nslookup {{ .Release.Name }}-mariadb.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for mydb; sleep 2; done'
+            - 'until nslookup {{ .Release.Name }}-postgresql.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for mydb; sleep 2; done'
         - name: checkkeycloak
           image: "{{ .Values.initContainers.curl.image }}:{{ .Values.initContainers.curl.tag }}"
           command: ['sh', '-c', 'while [ `curl -Lk --write-out "%{http_code}\n" --silent --output /dev/null "{{ .Values.global.keycloak.authServerUrl }}"` -ne 200 ]; do sleep 2; done']
@@ -50,11 +50,11 @@ spec:
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           env:          
             - name: SPRING_DATASOURCE_URL
-              value: jdbc:mariadb://{{ .Release.Name }}-mariadb:{{ .Values.mariadb.primary.service.ports.mysql }}/{{ .Values.mariadb.auth.database }}?useSSL=false&serverTimezone=UTC&useLegacyDatetimeCode=false
+              value: jdbc:postgresql://{{ .Release.Name }}-postgresql:{{ .Values.postgresql.primary.service.ports.postgresql }}/{{ .Values.postgresql.auth.database }}?useLegacyDatetimeCode=false&serverTimezone=CET
             - name: SPRING_DATASOURCE_USERNAME
-              value: {{ .Values.mariadb.auth.username }}
+              value: {{ .Values.postgresql.auth.username }}
             - name: SPRING_DATASOURCE_PASSWORD
-              value: {{ .Values.mariadb.auth.password }}
+              value: {{ .Values.postgresql.auth.password }}
             - name: SERVER_SERVLET_CONTEXT_PATH
               value: /{{ include "app.fullname" . }}
             - name: KEYCLOAK_AUTH-SERVER-URL

deployment/helm/hackathon/templates/pv.yaml

@@ -1,4 +1,4 @@
-{{- if .Values.mariadb.localstorage -}}
+{{- if .Values.postgresql.localstorage -}}
 {{- $fullName := include "app.fullname" . -}}
 apiVersion: v1
 kind: PersistentVolume
@@ -11,5 +11,5 @@ spec:
   accessModes:
     - ReadWriteOnce
   hostPath:
-    path: "/opt/local-pv/{{ $fullName }}-mariadb"
+    path: "/opt/local-pv/{{ $fullName }}-postgres"
 {{- end }}

deployment/helm/hackathon/values.yaml

@@ -8,7 +8,7 @@ replicaCount: 1
 
 image:
   repository: ghcr.io/chtew/hackathon-digiweek-wob
-  tag: "v2.2.1"
+  tag: "v2.2.2-1"
   pullPolicy: Always
 
 imagePullSecrets:
@@ -26,7 +26,7 @@ autoscaling:
   enabled: false
 
 initContainers:
-  wait4mariadb:
+  wait4postgres:
     image: busybox
     tag: latest
   curl:
@@ -67,16 +67,16 @@ ingress:
       run-batch
       stop-embedded-server
 
-mariadb:
+postgresql:
   auth:
-    rootPassword: root
+    postgresPassword: root
     database: hackathon
     username: hackathon
     password: hackathon
   primary:
     service:
       ports:
-        mysql: 3308
+        postgresql: 5432
 
 grafana:
   ingress:
@@ -91,9 +91,9 @@ grafana:
       apiVersion: 1
       datasources:
       - name: hackathon-db
-        type: mysql
+        type: postgresql
         uid: "DUcTla6nk"
-        url: "{{ tpl .Release.Name . }}-mariadb:3308"
+        url: "{{ tpl .Release.Name . }}-postgres:5432"
         user: hackathon
         database: hackathon
         secureJsonData:
@@ -127,15 +127,12 @@ grafana:
       GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP: 'true'
       GF_AUTH_GENERIC_OAUTH_NAME: 'OAuth'
       GF_AUTH_GENERIC_OAUTH_CLIENT_ID: 'citydashboard'
-      GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: 'Viewer'
+      GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: 'Admin'
       GF_AUTH_GENERIC_OAUTH_SCOPES: 'openid profile email'
       GF_AUTH_GENERIC_OAUTH_TOKEN_URL: 'http://anett-xmg-fusion-15-xfu15l19/cityos-auth/realms/citydashboard/protocol/openid-connect/token'
       GF_AUTH_GENERIC_OAUTH_AUTH_URL: 'http://anett-xmg-fusion-15-xfu15l19/cityos-auth/realms/citydashboard/protocol/openid-connect/auth'
       GF_AUTH_GENERIC_OAUTH_API_URL: 'http://anett-xmg-fusion-15-xfu15l19/cityos-auth/realms/citydashboard/protocol/openid-connect/userinfo'
-      GF_AUTH_BASIC_ENABLED: 'false'
+      GF_AUTH_BASIC_ENABLED: 'true'
       GF_SECURITY_ALLOW_EMBEDDING: 'true'
       GF_AUTH_ANONYMOUS_ORG_ROLE: 'Admin'
-      GF_AUTH_ANONYMOUS_ENABLED: 'false'
-
-
-
+      GF_AUTH_ANONYMOUS_ENABLED: 'true'

deployment/localenv-docker-compose.yml

@@ -1,96 +1,73 @@
 version: "3.9"
 services:
-
-  phpmyadmin:
-    image: phpmyadmin/phpmyadmin:latest
-    ports:
-      - 8082:80
-    environment:
-      MYSQL_USER: root
-      MYSQL_PASSWORD: root
-      MYSQL_DATABASE: hackathon
-    networks:
-      - backend
-
-  grafana:
-    image: grafana/grafana-oss:9.0.2
-    ports:
-      - 3001:3001
-    networks:
-      - backend
-    volumes:
-      - grafana-data:/var/lib/grafana
-    environment:
-      GF_RENDERING_SERVER_URL: http://renderer:8081/render
-      GF_RENDERING_CALLBACK_URL: http://grafana:3001/
-      GF_LOG_FILTERS: rendering:debug
-      GF_SERVER_HTTP_PORT: 3001
-
-  renderer:
-    image: grafana/grafana-image-renderer:latest
-    networks:
-      - backend
-    ports:
-      - 3002:8081
-  db:
-    image: mariadb:latest
-    restart: on-failure
+  postgres:
+    container_name: hackathon-db
+    image: postgres:latest
     environment:
-      MYSQL_DATABASE: 'hackathon'
-      # So you don't have to use root, but you can if you like
-      MYSQL_USER: 'hackathon'
-      # You can use whatever password you like
-      MYSQL_PASSWORD: 'hackathon'
-      # Root password for local debugging
-      MYSQL_ROOT_PASSWORD: 'root'
-      # Password for root access
-      MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
-    ports:
-      # <Port exposed> : < MySQL Port running inside container>
-      - '3306:3306'
+      POSTGRES_DB: hackathon
+      POSTGRES_USER: hackathon
+      POSTGRES_PASSWORD: hackathon
+      PGDATA: /var/lib/postgresql/data
     healthcheck:
-      test: ["CMD", "mysql" ,"-h", "localhost", "-P", "3306", "-u", "root", "-e", "select 1", "hackathon"]
+      test: ['CMD-SHELL', 'pg_isready -U hackathon'] # <<<---
       interval: 5s
       timeout: 60s
       retries: 30
     volumes:
-      - hackathonv2-db-data:/var/lib/mysql
-    networks: # Networks to join (Services on the same network can communicate with each other using their name)
+      - hackathon-db:/var/lib/postgresql/data
+    ports:
+      - "5433:5432"
+    networks:
       - backend
+    restart: unless-stopped
+
+  pgadmin:
+    container_name: pgadmin_container
+    image: dpage/pgadmin4
+    environment:
+      PGADMIN_DEFAULT_EMAIL: pgadmin4@pgadmin.org
+      PGADMIN_DEFAULT_PASSWORD: admin
+      PGADMIN_CONFIG_SERVER_MODE: 'False'
+    volumes:
+       - hackathon-pgadmin:/var/lib/pgadmin
+    ports:
+      - "5050:80"
+    networks:
+      - backend
+    restart: unless-stopped
 
-  db-keycloak:
-    image: mariadb:latest
+  hackathon-db-keycloak:
+    image: postgres:latest
     restart: on-failure
     environment:
-      MYSQL_DATABASE: 'keycloak'
-      MYSQL_USER: 'keycloak'
-      MYSQL_PASSWORD: 'keycloak'
-      MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
-      MYSQL_TCP_PORT: 3307
+      POSTGRES_DB: 'keycloak'
+      POSTGRES_USER: 'keycloak'
+      POSTGRES_PASSWORD: 'keycloak'
+      PGDATA: /var/lib/postgresql/data
     healthcheck:
-      test: ["CMD", "mysql" ,"-h", "localhost", "-P", "3307", "-u", "root", "-e", "select 1", "keycloak"]
+      test: ['CMD-SHELL', 'pg_isready -U keycloak'] 
       interval: 5s
       timeout: 60s
       retries: 30
     volumes:
-      - keycloak-db-data:/var/lib/mysql
+      - hackathon-keycloak-db:/var/lib/postgresql/data
     networks:
       - backend
 
-  keycloak:
+  hackathon-keycloak:
     image: jboss/keycloak
     volumes:
       - ./keycloak/imports:/opt/jboss/keycloak/imports
       - ./keycloak/local-test-users.json:/opt/jboss/keycloak/standalone/configuration/keycloak-add-user.json
     depends_on:
-      db-keycloak:
+      hackathon-db-keycloak:
         condition: service_healthy
     restart: on-failure
     environment:
       KEYCLOAK_IMPORT: /opt/jboss/keycloak/imports/realm.json
-      DB_VENDOR: mariadb
-      DB_ADDR: db-keycloak
-      DB_PORT: 3307
+      DB_VENDOR: postgres
+      DB_ADDR: hackathon-db-keycloak
+      DB_PORT: 5432
       DB_USER: 'keycloak'
       DB_PASSWORD: 'keycloak'
       PROXY_ADDRESS_FORWARDING: 'true'
@@ -101,12 +78,11 @@ services:
     networks:
       - backend
 
-# Names our volume
-volumes:
-  hackathonv2-db-data:
-  keycloak-db-data:
-  grafana-data:
-
- # Networks to be created to facilitate communication between containers
 networks:
   backend:
+
+volumes:
+  hackathon-db:
+  hackathon-pgadmin:
+  hackathon-keycloak-db:
+