Merge branch 'development' into 'master'

Deploying Februrar 23 Release See merge request sharing/codeability-sharing-platform!166

Merge branch 'development' into 'master'
Deploying Februrar 23 Release See merge request sharing/codeability-sharing-platform!166
d73bf0bb · Michael Breu · 03f32f97 · 02e24d6c · d73bf0bb · d73bf0bb
Commit d73bf0bb authored 2 years ago by Michael Breu
--- a/.browserslistrc
+++ b/.browserslistrc
@@ -13,5 +13,3 @@ last 1 Firefox version
 last 2 Edge major versions
 last 2 iOS major versions
 Firefox ESR
-not IE 9-10 # Angular support for IE 9-10 has been deprecated and will be removed as of Angular v11. To opt-in, remove the 'not' prefix on this line.
-not IE 11 # Angular supports IE 11 only as an opt-in. To opt-in, remove the 'not' prefix on this line.
--- a/.eslintignore
+++ b/.eslintignore
@@ -7,3 +7,4 @@ target/
 build/
 node/
 postcss.config.js
+src/main/resources/keycloak-theme/
\ No newline at end of file
--- a/.eslintrc.json
+++ b/.eslintrc.json
@@ -26,7 +26,8 @@
    "**/jquery*.js",
    "**/popper*.js",
    "**/joypixels.min.js",
-    "**/katex.min.js"
+    "**/katex.min.js",
+    "src/main/resources/keycloak-theme/*"
  ],
  "rules": {
    "@angular-eslint/component-selector": [

--- a/.gitignore
+++ b/.gitignore
@@ -213,3 +213,4 @@ google-chrome-stable_current_amd64.deb
 .settings/org.eclipse.jdt.core.prefs
 .project
+.env
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -22,6 +22,23 @@ before_script:
  - export NG_CLI_ANALYTICS="false"
  - export MAVEN_USER_HOME=`pwd`/.maven
+include:
+  - template: Jobs/Secret-Detection.gitlab-ci.yml
+secret_detection:
+  variables:
+    GIT_DEPTH: 100
+    SECRET_DETECTION_LOG_OPTIONS: ${CI_MERGE_REQUEST_DIFF_BASE_SHA}..${CI_COMMIT_SHA}
+  script:
+    - apk add jq
+    - /analyzer run
+    - NUMBER_OF_VULNERABILITIES=$(cat gl-secret-detection-report.json | jq --raw-output '.vulnerabilities | length')
+    - if [[ $NUMBER_OF_VULNERABILITIES -gt 0 ]]; then exit "1"; fi
+  allow_failure: false
+  artifacts:
+    paths: [gl-secret-detection-report.json]
+    when: always
 pmdCheckstylePrettierLint:
  stage: lint
  cache: []
@@ -46,7 +63,7 @@ pmdCheckstylePrettierLint:
  needs: []
  artifacts:
    when: on_failure
-    expire_in: 30 days
+    expire_in: 2 days
    paths:
      - pmd.log
      - lint.log
@@ -55,11 +72,6 @@ maven-compile:
  stage: build
  script:
    - ./mvnw -ntp compile -P-webapp -Dmaven.repo.local=$MAVEN_USER_HOME
-  artifacts:
-    paths:
-      - target/classes/
-      - target/generated-sources/
-    expire_in: 15 days
  needs: []
  cache: []
@@ -69,6 +81,8 @@ maven-test:
  variables:
    DOCKER_HOST: 'tcp://docker:2375'
    DOCKER_TLS_CERTDIR: ''
+    # APPLICATION_GITLAB_ADMINACCESSTOKEN: $APPLICATION_GITLAB_ADMINACCESSTOKEN
+    # APPLICATION_GITLAB_GENERALACCESSTOKEN: $APPLICATION_GITLAB_GENERALACCESSTOKEN
  stage: test
  cache:
    # inherit all global cache settings
@@ -76,7 +90,7 @@ maven-test:
    # override the policy
    policy: pull
  script:
-    - ./mvnw -ntp verify -P-webapp -Dmaven.repo.local=$MAVEN_USER_HOME -Dspring.profiles.active=testcontainers
+    - ./mvnw -ntp verify -P-webapp -Dmaven.repo.local=$MAVEN_USER_HOME -Dapplication.gitlab.guestAccessToken=$APPLICATION_GITLAB_GENERALACCESSTOKEN -Dapplication.gitlab.adminAccessToken=$APPLICATION_GITLAB_ADMINACCESSTOKEN -Dspring.profiles.active=testcontainers -Dlogging.level.ROOT=ERROR -Dlogging.level.org.zalando=OFF -Dlogging.level.tech.jhipster=OFF -Dlogging.level.at.ac.uibk.gitsearch=WARN -Dlogging.level.org.springframework=WARN -Dlogging.level.org.springframework.web=WARN -Dlogging.level.org.springframework.security=OFF -Dlogging.level.org.hibernate.SQL=WARN
  allow_failure: true
  artifacts:
    reports:
@@ -88,8 +102,11 @@ maven-test:
      - target/failsafe-reports
      - target/site
    when: always
-    expire_in: 15 days
+    expire_in: 2 days
  needs: []
+  before_script:
+    - export APPLICATION_GITLAB_ADMINACCESSTOKEN=$APPLICATION_GITLAB_ADMINACCESSTOKEN
+    - export APPLICATION_GITLAB_GENERALACCESSTOKEN=$APPLICATION_GITLAB_GENERALACCESSTOKEN
 frontend-test:
  stage: test
@@ -103,9 +120,8 @@ frontend-test:
      junit: target/test-results/TESTS-results-jest.xml
    paths:
      - target/test-results
-      - target/jacoco
    when: always
-    expire_in: 15 days
+    expire_in: 2 days
  needs: []
  before_script:
    - export NG_CLI_ANALYTICS="false"
@@ -246,6 +262,9 @@ sonar-analyze:
    <<: *global_cache
    # override the policy
    policy: pull
+  variables:
+    GIT_STRATEGY: clone # clone entire repo instead of reusing workspace
+    GIT_DEPTH: 0 # avoid shallow clone to give sonar all the info it needs
  dependencies:
    - maven-test
    - frontend-test

--- a/.husky/pre-commit
+++ b/.husky/pre-commit
 #!/bin/sh
 . "$(dirname "$0")/_/husky.sh"
+npm run prettier:format
 "$(dirname "$0")/../npmw" exec --no-install lint-staged
\ No newline at end of file
--- a/.prettierignore
+++ b/.prettierignore
@@ -6,3 +6,4 @@ package-lock.json
 .mvn
 gradle
 .gradle
+src/main/resources/keycloak-theme/*
\ No newline at end of file
--- a/.project
+++ b/.project
@@ -49,7 +49,6 @@
 	<natures>
 		<nature>org.eclipse.jdt.core.javanature</nature>
 		<nature>org.eclipse.m2e.core.maven2Nature</nature>
-		<nature>net.sourceforge.pmd.eclipse.plugin.pmdNature</nature>
 		<nature>ch.acanda.eclipse.pmd.builder.PMDNature</nature>
 	</natures>
 	<filteredResources>

--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -57,7 +57,8 @@
      "name": "Launch GitsearchApp",
      "request": "launch",
      "mainClass": "at.ac.uibk.gitsearch.GitsearchApp",
-      "projectName": "gitsearch"
+      "projectName": "gitsearch",
+      "envFile": "${workspaceFolder}/.env"
    }
  ]
 }
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
 {
  "java.configuration.updateBuildConfiguration": "automatic",
  "jestrunner.jestCommand": "npm run test --",
-  "run-protractor.protractorConfiguration": "src/test/javascript/protractor.conf.js"
+  "run-protractor.protractorConfiguration": "src/test/javascript/protractor.conf.js",
+  "org.eclipse.jdt.core.compiler.problem.unhandledWarningToken": "ignore",
+  "java.compile.nullAnalysis.mode": "automatic"
 }
--- a/checkstyle.xml
+++ b/checkstyle.xml
@@ -15,6 +15,10 @@
       // CHECKSTYLE:OFF
       ... ignored content ...
       // CHECKSTYLE:ON
    -->
+    <module name="SuppressionFilter">
+        <property name="file" value="supressions.xml"/>
+    </module>
    <module name="SuppressWithPlainTextCommentFilter"/>
 </module>
--- a/manual_deploy.sh
+++ b/manual_deploy.sh
+#!/bin/bash
+source src/main/docker/.env
+echo "Deploying Gitsearch"
+export GITBRANCH=test
+export SPRING_PROFILES_ACTIVE=staging,swagger
+export MAVEN_USER_HOME=`pwd`/.maven && ./mvnw package -DskipTests jib:build -Djib.to.image=sharing-codeability.uibk.ac.at:5051/sharing/codeability-sharing-platform/gitsearch/test -Djib.to.auth.username=gitlab-ci-token  -Djib.to.auth.password=$CI_BUILD_TOKEN -Dmaven.repo.local=$MAVEN_USER_HOME
+cd $GITSEARCH_PATH/src/main/docker/
+docker pull sharing-codeability.uibk.ac.at:5051/sharing/codeability-sharing-platform/gitsearch/test
+docker-compose -f gitsearch.yml up  -d --build --force-recreate gitsearch-app
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -137,7 +137,7 @@
    "@types/selenium-webdriver": "4.0.11",
    "@typescript-eslint/eslint-plugin": "5.10.0",
    "@typescript-eslint/parser": "5.10.0",
-    "browser-sync": "^2.27.7",
+    "browser-sync": "^2.27.11",
    "browser-sync-webpack-plugin": "2.3.0",
    "chai": "4.2.0",
    "chai-as-promised": "7.1.1",
@@ -148,8 +148,8 @@
    "eslint-config-prettier": "8.3.0",
    "eslint-webpack-plugin": "3.1.1",
    "folder-hash": "4.0.1",
-    "generator-jhipster": "7.6.0",
+    "generator-jhipster": "^7.8.1",
-    "husky": "7.0.4",
+    "husky": "^7.0.4",
    "jest": "27.4.7",
    "jest-date-mock": "1.0.8",
    "jest-junit": "13.0.0",
@@ -157,7 +157,7 @@
    "jest-sonar-reporter": "2.0.0",
    "lint-staged": "12.2.2",
    "merge-jsons-webpack-plugin": "2.0.1",
-    "mocha": "8.2.1",
+    "mocha": "^10.0.0",
    "prettier": "2.5.1",
    "prettier-plugin-java": "1.6.1",
    "prettier-plugin-packagejson": "2.2.15",

--- a/pom.xml
+++ b/pom.xml
@@ -17,6 +17,10 @@
      <id>codabilitySharingAPIRepository</id>
      <name>codability Sharing API Repository via git</name>
      <url>https://sharing-codeability.uibk.ac.at/development/sharing/codeabilitysharingpluginapi/-/raw/master/target/</url>
+      <layout>default</layout>
+      <snapshots>
+        <enabled>false</enabled>
+     </snapshots>
    </repository>
        <!-- jhipster-needle-maven-repository -->
    </repositories>
@@ -52,7 +56,7 @@
        <jhipster-dependencies.version>7.6.0</jhipster-dependencies.version>
        <!-- The spring-boot version should match the one managed by
        https://mvnrepository.com/artifact/tech.jhipster/jhipster-dependencies/${jhipster-dependencies.version} -->
-        <spring-boot.version>2.6.3</spring-boot.version>
+        <spring-boot.version>2.6.14</spring-boot.version>
        <!-- The hibernate version should match the one managed by
        https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-dependencies/${spring-boot.version} -->
        <hibernate.version>5.6.4.Final</hibernate.version>
@@ -169,7 +173,6 @@
 		<dependency>
 		    <groupId>org.springframework.security</groupId>
 		    <artifactId>spring-security-data</artifactId>
-		    <!--   <version>5.6.1</version> -->
 		</dependency>
 		<dependency>
 		    <groupId>org.springframework</groupId>
@@ -341,14 +344,6 @@
 			<groupId>com.google.guava</groupId>
 			<artifactId>guava</artifactId>
 			<version>31.0.1-jre</version> <!--$NO-MVN-MAN-VER$-->
-			<!--
-			<exclusions>
-				<exclusion>
-					<groupId>org.checkerframework</groupId>
-					<artifactId>checker-qual</artifactId>
-				</exclusion>
-			</exclusions>
-			-->
 		</dependency>
        <dependency>
            <groupId>org.zalando</groupId>
@@ -489,7 +484,7 @@
                    <configuration>
                        <configLocation>checkstyle.xml</configLocation>
                        <includes>pom.xml,README.md</includes>
-                        <excludes>.git/**/*,target/**/*,node_modules/**/*,node/**/*</excludes>
+                        <excludes>.git/**/*,target/**/*,node_modules/**/*,node/**/*,src/main/resources/keycloak-theme/themes/gitsearch/login/theme.properties</excludes>
                        <sourceDirectories>./</sourceDirectories>
                    </configuration>
                    <executions>
@@ -1079,7 +1074,7 @@
                                <password></password>
                                <referenceUrl>hibernate:spring:at.ac.uibk.gitsearch.domain?dialect=org.hibernate.dialect.H2Dialect&amp;hibernate.physical_naming_strategy=org.springframework.boot.orm.jpa.hibernate.SpringPhysicalNamingStrategy&amp;hibernate.implicit_naming_strategy=org.springframework.boot.orm.jpa.hibernate.SpringImplicitNamingStrategy</referenceUrl>
                                <verbose>true</verbose>
-                                <logging>debug</logging>
+                                <logging>warn</logging>
                                <contexts>!test</contexts>
                            </configuration>
                            <dependencies>
@@ -1126,12 +1121,6 @@
                    <artifactId>mysql</artifactId>
                    <scope>test</scope>
                </dependency>
-                <!--
-                <dependency>
-                    <groupId>mysql</groupId>
-                    <artifactId>mysql-connector-java</artifactId>
-                </dependency>
-                -->
            </dependencies>
            <build>
                <plugins>

--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -13,7 +13,7 @@ sonar.testExecutionReportPaths=target/test-results/jest/TESTS-results-sonar.xml
 sonar.javascript.lcov.reportPaths=target/test-results/lcov.info
 sonar.sourceEncoding=UTF-8
-sonar.exclusions=src/main/webapp/content/**/*.*,src/main/webapp/i18n/*.js, target/classes/static/**/*.*
+sonar.exclusions=src/main/webapp/content/**/*.*,src/main/webapp/i18n/*.js, target/classes/static/**/*.*,src/main/resources/keycloak-theme/**/*.*
 sonar.issue.ignore.multicriteria=S3437,S4502,S4684,UndocumentedApi
 # Rule https://rules.sonarsource.com/java/RSPEC-3437 is ignored, as a JPA-managed field cannot be transient

--- a/src/main/docker/elasticsearch.yml
+++ b/src/main/docker/elasticsearch.yml
 # This configuration is intended for development purpose, it's **your** responsibility to harden it for production
-version: '3.8'
+version: '3.5'
 services:
-  gitsearch-elasticsearch:
+  sharing_elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.15.2
+    image: 'docker.elastic.co/elasticsearch/elasticsearch:7.17.6'
+    container_name: sharing_elasticsearch
+    restart: always
    # volumes:
    #   - ~/volumes/jhipster/gitsearch/elasticsearch/:/usr/share/elasticsearch/data/
    # If you want to expose these ports outside your dev PC,
    # remove the "127.0.0.1:" prefix
    ports:
-      - 127.0.0.1:9200:9200
+      - '9200:9200' # add this for your local testing setup
-      - 127.0.0.1:9300:9300
+      - '9300:9300' # add this for your local testing setup
    environment:
-      - 'xpack.security.enabled=false'
-      - 'discovery.type=single-node'
-      - 'bootstrap.memory_lock=true'
      - 'ES_JAVA_OPTS=-Xms512m -Xmx512m'
+      - node.name=es01
+      - cluster.name=sharing_elasticsearch
+      - discovery.type=single-node
+      - xpack.security.enabled=false
+    volumes:
+      - '$ES_HOME/data:/usr/share/elasticsearch/data'
    ulimits:
      memlock:
        soft: -1
        hard: -1
-      nofile:
+    networks:
-        soft: 65536
+      backend:
-        hard: 65536
+        ipv4_address: 172.22.2.24
-    cap_add:
+  # kibana:
-      - IPC_LOCK
+  #   depends_on:
+  #     - sharing_elasticsearch
+  #   image: docker.elastic.co/kibana/kibana:7.15.2
+  #   volumes:
+  #     - kibanadata:/usr/share/kibana/data
+  #   ports:
+  #     - 5601:5601
+  #   environment:
+  #     - SERVERNAME=kibana
+  #     - ELASTICSEARCH_HOSTS=http://172.22.2.24:9200
+  #   healthcheck:
+  #     test: ['CMD-SHELL', "curl -s -I http://172.22.2.23:5601 | grep -q 'HTTP/1.1 302 Found'"]
+  #     interval: 10s
+  #     timeout: 10s
+  #     retries: 120
+  #   networks:
+  #     backend:
+  #       ipv4_address: 172.22.2.23
+networks:
+  frontend:
+    name: sharing_frontend
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.22.1.0/24
+  backend:
+    name: sharing_backend
+    driver: bridge
+    internal: true
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.22.2.0/24
+volumes:
+  kibanadata:
+    driver: local
--- a/src/main/docker/gitsearch.yml
+++ b/src/main/docker/gitsearch.yml
 version: '3.5'
+volumes:
+  postgres_data:
+    driver: local
 services:
  gitsearch-app:
    image: sharing-codeability.uibk.ac.at:5051/sharing/codeability-sharing-platform/gitsearch/$GITBRANCH
    container_name: sharing_search
+    restart: always
    hostname: sharing_search
    environment:
      - _JAVA_OPTIONS=-Xmx512m -Xms256m
      - SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE}
      - MANAGEMENT_METRICS_EXPORT_PROMETHEUS_ENABLED=true
      - SPRING_DATASOURCE_URL=jdbc:mysql://sharing_mysql:3306/gitsearch?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC&createDatabaseIfNotExist=true
-      - JHIPSTER_SLEEP=5 # gives a small time for other services to boot before the application
+      - JHIPSTER_SLEEP=15 # gives a small time for other services to boot before the application
      - SPRING_DATA_JEST_URI=http://sharing_elasticsearch:9200
      - SPRING_ELASTICSEARCH_REST_URIS=http://sharing_elasticsearch:9200
      # see https://stackoverflow.com/questions/62676762/how-can-a-variable-set-in-the-docker-env-file-be-used-in-application-yml
@@ -20,17 +24,21 @@ services:
      - APPLICATION_GITLAB_GENERALACCESSTOKEN=${APPLICATION_GITLAB_GENERALACCESSTOKEN}
      - APPLICATION_GITLAB_ADMINACCESSTOKEN=${APPLICATION_GITLAB_ADMINACCESSTOKEN}
      - CONNECTOR_ARTEMIS_TOKEN=${CONNECTOR_ARTEMIS_TOKEN}
-      - gitBranch=${GIT_BRANCH}
+      - gitBranch=${GITBRANCH}
      - gitCommitId=${COMMIT_ID}
      - gitCommitDate=${COMMIT_DATE}
+      - GITSEARCH_PATH=/home/contDeploy/gitsearch2/gitsearch
+      - OIDC_KEYCLOAK_CLIENTID=${OIDC_KEYCLOAK_CLIENTID}
      #KEYCLOAK
      # - SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=http://keycloak:9080/auth/realms/jhipster
      # - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_ID=web_app
      # - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_SECRET=web_app
-    restart: always
    ports:
      - 10084:8080
+    depends_on:
+      - keycloak
+      - sharing_mysql
+      - sharing_elasticsearch
    networks:
      - backend
      - frontend
@@ -48,34 +56,73 @@ services:
    restart: always
    networks:
      - backend
-  # keycloak:
+  postgres:
-  #   image: jboss/keycloak:16.1.0
+    image: postgres
-  #   command:
+    volumes:
-  #     [
+      - postgres_data:/var/lib/postgresql/data1
-  #       '-b',
+    environment:
-  #       '0.0.0.0',
+      - POSTGRES_DB=keycloak
-  #       '-Dkeycloak.migration.action=import',
+      - POSTGRES_USER=${POSTGRES_USER_KEYCLOAK}
-  #       '-Dkeycloak.migration.provider=dir',
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-  #       '-Dkeycloak.migration.dir=/opt/jboss/keycloak/realm-config',
+    restart: always
-  #       '-Dkeycloak.migration.strategy=OVERWRITE_EXISTING',
+    networks:
-  #       '-Djboss.socket.binding.port-offset=1000',
+      - backend
-  #       '-Dkeycloak.profile.feature.upload_scripts=enabled',
+      - frontend
-  #     ]
+    depends_on:
-  #   volumes:
+      - sharing_mysql
-  #     - ./realm-config:/opt/jboss/keycloak/realm-config
+  keycloak:
-  #   environment:
+    image: quay.io/keycloak/keycloak:18.0.2-legacy
-  #     - KEYCLOAK_USER=admin
+    environment:
-  #     - KEYCLOAK_PASSWORD=admin
+      - DB_VENDOR=POSTGRES
-  #     - DB_VENDOR=h2
+      - DB_ADDR=postgres
-  #   # If you want to expose these ports outside your dev PC,
+      - DB_DATABASE=keycloak
-  #   # remove the "127.0.0.1:" prefix
+      - DB_USER=${POSTGRES_USER_KEYCLOAK}
-  #   ports:
+      - DB_SCHEMA=public
-  #     - 127.0.0.1:9080:9080
+      - DB_PASSWORD=${POSTGRES_PASSWORD}
-  #     - 127.0.0.1:9443:9443
+      - KEYCLOAK_USER=${KEYCLOAK_USER}
-  #     - 127.0.0.1:10990:10990
+      - KEYCLOAK_PASSWORD=${KEYCLOAK_PASSWORD}
-  #   networks:
+      - PROXY_ADDRESS_FORWARDING=true
-  #     - backend
+      - GITSEARCH_PATH=$GITSEARCH_PATH
-  #     - frontend
+      # Uncomment the line below if you want to specify JDBC parameters. The parameter below is just an example, and it shouldn't be used in production without knowledge. It is highly recommended that you read the PostgreSQL JDBC driver documentation in order to use it.
+      #JDBC_PARAMS: "ssl=true"
+    ports:
+      - 8082:8080
+    restart: always
+    volumes:
+      - $GITSEARCH_PATH/src/main/resources/keycloak-theme/themes/gitsearch:/opt/jboss/keycloak/themes/gitsearch
+      #- /home/contDeploy/gitsearch2/gitsearch/src/main/resources/keycloak-theme/themes/gitsearch:/opt/jboss/keycloak/themes/gitsearch
+      # - ../resources/keycloak-theme/configuration:/opt/jboss/keycloak/standalone/configuration
+    depends_on:
+      - postgres
+    networks:
+      - backend
+      - frontend
+  sharing_elasticsearch:
+    image: 'docker.elastic.co/elasticsearch/elasticsearch:7.17.6'
+    container_name: sharing_elasticsearch
+    restart: always
+    # volumes:
+    #   - ~/volumes/jhipster/gitsearch/elasticsearch/:/usr/share/elasticsearch/data/
+    # If you want to expose these ports outside your dev PC,
+    # remove the "127.0.0.1:" prefix
+    ports:
+      - '9200:9200' # add this for your local testing setup
+      - '9300:9300' # add this for your local testing setup
+    environment:
+      - 'ES_JAVA_OPTS=-Xms512m -Xmx512m'
+      - node.name=es01
+      - cluster.name=sharing_elasticsearch
+      - discovery.type=single-node
+      - xpack.security.enabled=false
+    volumes:
+      - '/mnt/qt-codeability-austria/sharing/es/data:/usr/share/elasticsearch/data' # change this path for production
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+    networks:
+      backend:
+        ipv4_address: 172.22.2.24
 networks:
  frontend:
    name: sharing_frontend

--- a/src/main/docker/jhipster-control-center.yml
+++ b/src/main/docker/jhipster-control-center.yml
-## How to use JHCC docker compose
-# To allow JHCC to reach JHipster application from a docker container note that we set the host as host.docker.internal
-# To reach the application from a browser, you need to add '127.0.0.1 host.docker.internal' to your hosts file.
-### Discovery mode
-# JHCC support 3 kinds of discovery mode: Consul, Eureka and static
-# In order to use one, please set SPRING_PROFILES_ACTIVE to one (and only one) of this values: consul,eureka,static
-### Discovery properties
-# According to the discovery mode choose as Spring profile, you have to set the right properties
-# please note that current properties are set to run JHCC with default values, personalize them if needed
-# and remove those from other modes. You can only have one mode active.
-#### Eureka
-#       - EUREKA_CLIENT_SERVICE_URL_DEFAULTZONE=http://admin:admin@host.docker.internal:8761/eureka/
-#### Consul
-#       - SPRING_CLOUD_CONSUL_HOST=host.docker.internal
-#       - SPRING_CLOUD_CONSUL_PORT=8500
-#### Static
-# Add instances to "MyApp"
-#       - SPRING_CLOUD_DISCOVERY_CLIENT_SIMPLE_INSTANCES_MYAPP_0_URI=http://host.docker.internal:8081
-#       - SPRING_CLOUD_DISCOVERY_CLIENT_SIMPLE_INSTANCES_MYAPP_1_URI=http://host.docker.internal:8082
-# Or add a new application named MyNewApp
-#       - SPRING_CLOUD_DISCOVERY_CLIENT_SIMPLE_INSTANCES_MYNEWAPP_0_URI=http://host.docker.internal:8080
-# This configuration is intended for development purpose, it's **your** responsibility to harden it for production
-#### IMPORTANT
-# If you choose Consul or Eureka mode:
-# Do not forget to remove the prefix "127.0.0.1" in front of their port in order to expose them.
-# This is required because JHCC need to communicate with Consul or Eureka.
-# - In Consul mode, the ports are in the consul.yml file.
-# - In Eureka mode, the ports are in the jhipster-registry.yml file.
 version: '3.8'
 services:
  jhipster-control-center:
@@ -41,9 +11,9 @@ services:
      - _JAVA_OPTIONS=-Xmx512m -Xms256m
      - SPRING_PROFILES_ACTIVE=prod,api-docs,static
      - JHIPSTER_SLEEP=30 # gives time for other services to boot before the application
-      - SPRING_SECURITY_USER_PASSWORD=admin
+      - SPRING_SECURITY_USER_PASSWORD=${SPRING_SECURITY_USER_PASSWORD}
      # The token should have the same value than the one declared in you Spring configuration under the jhipster.security.authentication.jwt.base64-secret configuration's entry
-      - JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64_SECRET=ZTY3OGIwZWZhMzdhYTQ2NjAwNTdlNDQ2NWM4YjQyMzlhMWVkMTJlYTExYzMwMzBjOWIzM2E1OTRmZWZkZmYzYzZhNWQ5N2EzZjMyNTFkMjM0ZjNmOWRhYTYzNGEzZDE3NThkYTNmZGVmNTQ1MmRlZjg1YWY4NTU4OGVmNDBkZDI=
+      - JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64_SECRET=${JWT_BASE_SECRET}
      - SPRING_CLOUD_DISCOVERY_CLIENT_SIMPLE_INSTANCES_GITSEARCH_0_URI=http://host.docker.internal:8080
      - LOGGING_FILE_NAME=/tmp/jhipster-control-center.log
    # If you want to expose these ports outside your dev PC,

--- a/src/main/docker/keycloak.yml
+++ b/src/main/docker/keycloak.yml
-# This configuration is intended for development purpose, it's **your** responsibility to harden it for production
+version: '3'
-version: '3.3'
+volumes:
+  postgres_data:
+    driver: local
 services:
-  keycloak:
+  postgres:
-    image: jboss/keycloak:16.1.0
+    image: postgres
-    command:
-      [
-        '-b',
-        '0.0.0.0',
-        '-Dkeycloak.migration.action=import',
-        '-Dkeycloak.migration.provider=dir',
-        '-Dkeycloak.migration.dir=/opt/jboss/keycloak/realm-config',
-        '-Dkeycloak.migration.strategy=OVERWRITE_EXISTING',
-        '-Djboss.socket.binding.port-offset=1000',
-        '-Dkeycloak.profile.feature.upload_scripts=enabled',
-      ]
    volumes:
-      - ./realm-config:/opt/jboss/keycloak/realm-config
+      - postgres_data:/var/lib/postgresql/data_new
+    environment:
+      POSTGRES_DB: keycloak
+      POSTGRES_USER: ${POSTGRES_USER_KEYCLOAK}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+  keycloak:
+    image: quay.io/keycloak/keycloak:18.0.2-legacy
    environment:
-      - KEYCLOAK_USER=admin
+      DB_VENDOR: POSTGRES
-      - KEYCLOAK_PASSWORD=admin
+      DB_ADDR: postgres
-      - DB_VENDOR=h2
+      DB_DATABASE: keycloak
-    # If you want to expose these ports outside your dev PC,
+      DB_USER: ${POSTGRES_USER_KEYCLOAK}
-    # remove the "127.0.0.1:" prefix
+      DB_SCHEMA: public
-    network_mode: 'host'
+      DB_PASSWORD: ${POSTGRES_PASSWORD}
-## todo expose ports / ip so that client is reachable
+      KEYCLOAK_USER: ${KEYCLOAK_USER}
+      KEYCLOAK_PASSWORD: ${KEYCLOAK_PASSWORD}
+      PROXY_ADDRESS_FORWARDING: 'true'
+      GITSEARCH_PATH: ${GITSEARCH_PATH}
+      # Uncomment the line below if you want to specify JDBC parameters. The parameter below is just an example, and it shouldn't be used in production without knowledge. It is highly recommended that you read the PostgreSQL JDBC driver documentation in order to use it.
+      #JDBC_PARAMS: "ssl=true"
+    ports:
+      - 8082:8080
+    volumes:
+      - $GITSEARCH_PATH/src/main/resources/keycloak-theme/themes/gitsearch:/opt/jboss/keycloak/themes/gitsearch
+    depends_on:
+      - postgres