diff --git a/compose/application.yaml b/compose/application.yaml index c6d6e20b..60cf0f61 100644 --- a/compose/application.yaml +++ b/compose/application.yaml @@ -1,34 +1,82 @@ +# for local developer convenience read a git-ignored properties file holding credentials +spring.config.import: file:./secret.properties + spring: cloud: gateway: routes: - - id: httpbin - uri: http://httpbin + - id: host-mapping + uri: https://httpbin.org + order: 2 predicates: - Host={tenant}.localtest.me:8080 - -# for convenience read a git-ignored properties file holding credentials -spring.config.import: optional:file:./config/secret.properties + - id: host-mapping-with-stage + uri: https://httpbin.org + order: 1 + predicates: + - Host={tenant}-{stage}.localtest.me:8080 + - id: path-mapping + uri: https://httpbin.org + predicates: + - Path=/tenant/{tenant}/** + - id: host-mapping-static + uri: https://httpbin.org + order: 0 + predicates: + - name: TenantFromHost + args: + patterns: + - static.localtest.me:8080 + - another-static.localtest.me:8080 + tenant: foo + - id: header-mapping + uri: https://httpbin.org + predicates: + - TenantFromHeader=X-Tenant-ID,{tenant} morp: - default-oauth2-client-registration: keycloak + default-oauth2-client-registration: google tenant: - foo: + mybar: registration: - client-secret: secret + client-id: foo + client-secret: bar + myfoo: + claim-constraints: + email_verified: "true" + hd: + - jaconi.io + - example.com + okta: + oauth2-client-registration: okta + foo: + oauth2-client-registration: keycloak bar: + oauth2-client-registration: keycloak + # showcase tenant specific client secret registration: client-secret: another-secret oauth2-client: registration: + google: + client-id: + client-secret: + okta: + client-name: Okta-Dev + scope: openid,profile,email keycloak: + # default client secrets (for all Keycloak tenants) client-id: morp + client-secret: secret scope: - openid - profile - email provider: + okta: + issuer-uri: https://dev-3715202.okta.com keycloak: issuer-uri: http://keycloak.localtest.me:9000/realms/{tenant} + diff --git a/compose/docker-compose.override.yaml b/compose/docker-compose.override.yaml index 66ac9b8d..64742a17 100644 --- a/compose/docker-compose.override.yaml +++ b/compose/docker-compose.override.yaml @@ -14,4 +14,4 @@ services: target: /workspace/config/application.yaml - type: bind source: ../secret.properties - target: /workspace/config/secret.properties + target: /workspace/secret.properties diff --git a/src/main/resources/application-dev.yaml b/src/main/resources/application-dev.yaml index 7a74933d..630bb03f 100644 --- a/src/main/resources/application-dev.yaml +++ b/src/main/resources/application-dev.yaml @@ -1,78 +1,2 @@ -# used for integration test cases - for convenience read a git-ignored properties file holding credentials -spring.config.import: optional:file:./secret.properties - -spring: - cloud: - gateway: - routes: - - id: host-mapping - uri: https://httpbin.org - order: 2 - predicates: - - Host={tenant}.localtest.me:8080 - - id: host-mapping-with-stage - uri: https://httpbin.org - order: 1 - predicates: - - Host={tenant}-{stage}.localtest.me:8080 - - id: path-mapping - uri: https://httpbin.org - predicates: - - Path=/tenant/{tenant}/** - - id: host-mapping-static - uri: https://httpbin.org - order: 0 - predicates: - - name: TenantFromHost - args: - patterns: - - static.localtest.me:8080 - - another-static.localtest.me:8080 - tenant: foo - - id: header-mapping - uri: https://httpbin.org - predicates: - - TenantFromHeader=X-Tenant-ID,{tenant} - -morp: - default-oauth2-client-registration: google - - tenant: - mybar: - registration: - client-id: foo - client-secret: bar - myfoo: - claim-constraints: - email_verified: "true" - hd: - - jaconi.io - - example.com - okta: - oauth2-client-registration: okta - foo: - oauth2-client-registration: keycloak - bar: - oauth2-client-registration: keycloak - registration: - client-secret: another-secret - - oauth2-client: - registration: - google: - okta: - client-name: Okta-Dev - scope: openid,profile,email - keycloak: - client-id: morp - client-secret: secret - scope: - - openid - - profile - - email - provider: - okta: - issuer-uri: https://dev-3715202.okta.com - keycloak: - issuer-uri: http://${keycloak.host:localhost}:9000/realms/{tenant} - +# use the same scenario as our demo +spring.config.import: file:./compose/application.yaml diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index 0f240ba8..d1b13157 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -5,6 +5,8 @@ server: name: MORP_SESSION management: + server: + port: 8081 endpoint: health: probes: @@ -16,6 +18,9 @@ management: exposure: include: - "*" + health: + redis: + enabled: false metrics: distribution: percentiles-histogram: @@ -31,8 +36,7 @@ management: request: autotime: percentiles-histogram: true - server: - port: 8081 + spring: application: @@ -51,6 +55,19 @@ spring: # Non-spring configuration goes here! morp: {} +--- +spring.config.activate.on-profile: + - redis + +management: + health: + redis: + enabled: true + +spring: + session: + store-type: redis + --- spring.config.activate.on-profile: - wiretap