A test project to put together some knowledge I have about creating web apps with Spring (and also eventually Javascript and some DevOps practiques).
Promoted demo admin account (with the access to the Dashboard):
login: [email protected]
password: example15
Please, log in with Github or Google or register yourself with registration form.
Services are located in the K8S cluster and exposed over Traefik ingresses.
This whole project is supposed to visualize the idea of a great web application. The API is covered with tests thoroughly, both in unit and integration style. The domain area of the app is rather simple, so it takes no Ubiquitous Language to describe. Also, DDD techniques were intentionally not used to speed up the development and also out of lack of reason to use ones: the project is small, as I already said.
- API Swagger UI
- Public Sonarcloud report (the coverage included)
- Grafana dashboards (examples)
The project is hosted at Hetzner (ARM), using Kubernetes setup. The Continuous Integration is done using GitHub actions.
DDOS mitigation is achieved by hiding the real IP address of the cluster entrypoints, by reverse proxying all the requests through CloudFlare system. It's known for being able to withstand attacks of a solid density.
Github Actions is used as CI/CD platform. An extensive set prefabricated actions helps a lot.
Please see more in root folders of every particular application.
- Spring Boot (main API & Telegram notifier)
- Next.js (SSR website)
- Keycloak (SSO service)
- Rabbit MQ (AMQP bus)
- Kubernetes (orchestration)
- Prometheus (metrics scraping)
- Grafana (metrics visualization)
- CloudFlare (reverse proxying and DDOS mitigation)
- SonarCloud (code quality gate)
Prometheus is responsible for scraping metrics from services. The observed services:
- Spring Boot API
- Next.js website
- Rabbit MQ
- Kubernetes cluster itself
Typically metrics endpoints are protected with OAuth2 security. Only users of "Cars Reservation" realm with role "metrics-scraper" are allowed to the metrics data. Prometheus is capable of obtaining the JWT agains the SSO service on its own.
This project is supposed to be launched locally with Minikube or any other sort of local K8S cluster. You will need Minikube or similar technology to achieve this.
See more at "Launching locally".
The author: Nikita Pavlovskiy, [email protected].
Contact me in Telegram: @nikitades.