Feature/update dependencies

.gitignore

@@ -3,7 +3,7 @@
 target/
 
 # custom project files
-backups/**
+bin/**
 
 # intellij idea specific
 *.iml

README.md

@@ -1,40 +1,89 @@
 # Remal Gombi
 
 ## 1) Overview
-This is an integrated development framework running in Docker containers.
-The environment provides the following services:
-- **Private Certificate Authority infrastructure**: PKI
-- **Directory Service**: LDAP
-- **Access Management infrastructure**: authentication, authorization, OAUTH2, etc.
-- **Vault Service**: identity-based secret and encryption management system to store key/values
-- **Distributed event streaming platform**: high-performance data pipelines, streaming analytics and data integration
-- A software **platform to search, analyze and visualize the machine-generated data** and events gathered from the websites, applications, sensors, devices etc.
-
-The framework provides the following base Docker images:
-- OpenJDK 11 and 17 base Docker images
-- Apache Tomcat 9 base image
+This is an integrated development framework running in Docker containers. The containers can be used in `production` environments as well.
+
+Gombi provides the following services:
+- _Private Certificate Authority infrastructure (PKI)_
+- _LDAP Directory Service_
+- _Access Management infrastructure_: authentication, authorization, OAUTH2, etc.
+- _Distributed key/value store_: identity-based secret and encryption management system to store key/values with Hashicorp Vault
+- _Distributed event streaming platform_: high-performance data pipelines, streaming analytics and data integration with Kafka
+- _A powerful open-source distributed and scalable in-memory data cache_
+- _Data Analytics & Visualization platforms_: to search, analyze and visualize the machine-generated data and events gathered from the applications, sensors, devices etc.
+- _Java 11, 17 and 21 containers as a service (CaaS)_: run Spring Boot applications/microservices
 
 ![docker image hierarchy](docs/diagrams/images/docker-image-hierarchy.png)
 
-## 2) Components of the environment
-* Base Docker Images:
-  * [Remal Base](docker/base/base)
+## 2) Docker Images provided
+* Base Image:
+  * [Remal Base](docker/base/base): based on Alpine
+
+
+* Java JDK Images:
   * [OpenJDK-11](docker/core/openjdk-11)
   * [OpenJDK-17](docker/core/openjdk-17)
+  * [OpenJDK-21](docker/core/openjdk-21)
+
+
+* Private Certificate Authority Server (PKI):
+  * [OpenVPN/Easy-RSA](docker/infrastructure/easy-rsa-pki): complete Private Certificate Authority Server to manage the server certificates
+
+
+* Access Management platform: 
+  * [ForgeRock Access Management platform](docker/infrastructure/forgerock-am): Authentication, Authorization, OAUTH, SSO, Federation, etc.
+  * [ForgeRock Directory Service](docker/infrastructure/forgerock-ds): LDAP server
+
+
+* Distributed Service Registry and key/value store:
+  * [Hashicorp Consul](docker/infrastructure/hcp-consul): Service Registry and Discovery + distributed key/value store
+  * [Hashicorp Vault](docker/infrastructure/hcp-vault): key/value store
+
+
+* Jave Web Container Images
   * [Apache Tomcat 9](docker/infrastructure/tomcat-9)
-* Service Docker Images:
-  * Private Certificate Authority (CA) Infrastructure: [OpenVPN easy-rsa (simple shell based CA utility)](docker/infrastructure/easy-rsa-pki)
-  * Vault Service: [HashiCorp Vault](docker/infrastructure/hcp-vault)
-  * Directory Service (LDAP): [ForgeRock Directory Server](docker/infrastructure/forgerock-ds)
-  * Access Management (authentication, authorization): [ForgeRock Access Management](docker/infrastructure/forgerock-am)
 
-## 3) Deployment 
-For more details, check [this](docker/README.md).
 
-## 4) Demo Web application
+* Monitoring, analytics and interactive visualization:
+  * [Prometheus](docker/monitoring/prometheus): event monitoring, collecting and alerting, it records metrics in a time series database
+  * [Grafana](docker/monitoring/grafana): analytics and interactive visualization web application with charts, graphs, and alerts
+
+
+* Java runners
+  * [OpenJDK-21 Runner](docker/application/java-21-runner)
+  * [OpenJDK-21 Runner with Postgres Database Server](docker/application/java-21-postgres-runner)
+
+
+## 3) Build the images
+
+## 4) How to start
+1. Build the sample projects
+    ~~~
+    $ cd gombi/projects
+    $ mvn clean package 
+    ~~~
+
+2. Copy the artifacts (*.war) into the directory that will be mapped into the `Java Runners` container.
+
+   The default directories:
+   * `$HOME/Java/gombi/bin/echo-service`
+   * `$HOME/Java/gombi/bin/user-service`
+
+   The path cen be changed in the compose file: `projects/docker-compose.yml`
+
+3. Start the Remal-Gombi Docker stack
+    ~~~
+    $ cd gombi/projects
+    $ mvn clean package 
+    ~~~
+
 
 ## 5) License and Copyright
-Copyright (c) 2020-2023 Remal Software, Arnold Somogyi. All rights reserved.
+Copyright (c) 2020-2025 Remal Software, Arnold Somogyi. All rights reserved.
+
+## Appendix 1) Reference Dockerfile
+* Reference Dockerfile: [docker/docker-compose-reference.yml](docker/docker-compose-reference.yml) file.
+* For more details, check [this](docker/README.md).
 
 <a href="https://trackgit.com">
   <img src="https://us-central1-trackgit-analytics.cloudfunctions.net/token/ping/lcfhkdub7k2lpj33n2cl" alt="trackgit-views" />

RELEASE.md

@@ -12,6 +12,25 @@ Images and its versions in this release:
 * ds-7.3:0.0.1-remal
 * am-7.3:0.0.1-remal
 
+## [0.1.0] - 15/Jan/2025
+### Docker Images
+* Update EasyRSA to version 3.2.1
+* Update Hashicorp Consul to version 1.20
+* Update Grafana to  version 11.4.0
+* Update Prometheus to version 3.0.1
+* Improved releasing process: the same image tag is used everywhere
+* Improved the way the key and value pairs are imported into the KV store in the `java-21-runner' image
+* Fix for parallel EsyRSA execution issue, [#1279](https://github.com/OpenVPN/easy-rsa/issues/1279)
+* Fixed missing SAN issue in generated certificate: `failed to verify certificate: x509: certificate relies on legacy Common Name field, use SANs instead`
+* Fixed a problem where Grafana did not install the first time the container was launched.
+* Fixed a problem where ForgeRock Directory Services did not install the first time the container was launched.
+
+### Java projects
+* Maven dependency improvements: use dependency-management
+* SSL configuration improvement: use of SSL bundles and better `RestTemplate` configuration
+* Update to Spring Boot 3.4.1
+* Improved the meters naming in Micrometer
+
 <a href="https://trackgit.com">
   <img src="https://us-central1-trackgit-analytics.cloudfunctions.net/token/ping/lcfhkdub7k2lpj33n2cl" alt="trackgit-views" />
 </a>

docker/.env

@@ -0,0 +1 @@
+DOMAIN_NAME=hello.com

docker/README.md

@@ -167,6 +167,14 @@ Images and its types:
 **PKI**
 * Lists entries in a keystore: `keytool -list -v -keystore <keystore-file> -storepass <changeit>`
 * Test HTTPS connection: `curl https://user-service.hello.com:8443/actuator/health`
+* How to check Subject Alternative Names for an SSL/TLS certificate?
+  ~~~
+  $ apk add openssl
+  $ openssl s_client -connect website.example:443 </dev/null | openssl x509 -noout -text
+
+  # or
+  $ openssl s_client -connect website.example:443 </dev/null | openssl x509 -noout -ext subjectAltName
+  ~~~
 
 **BusyBox**
 

docker/application/java-21-postgres-runner/Dockerfile

@@ -7,7 +7,7 @@
 #
 # Copyright (c) 2020-2024 Remal Software and Arnold Somogyi All rights reserved
 # ******************************************************************************
-ARG IMAGE_FROM=${IMAGE_FROM}
+ARG IMAGE_FROM="not-set"
 ARG BUILD_TYPE="fat"
 FROM ${IMAGE_FROM} AS base
 

docker/application/java-21-postgres-runner/setenv.sh

@@ -8,10 +8,9 @@
 # Copyright (c) 2020-2024 Remal Software and Arnold Somogyi All rights reserved
 # ******************************************************************************
 export IMAGE_NAME="remal-java-21-postgres-runner"
-export IMAGE_TAG="0.0.2"
 export IMAGE_DESCRIPTION="Remal Java 21 Runner with Postgres database server"
 export IMAGE_AUTHOR="Arnold Somogyi <[email protected]>"
-export IMAGE_FROM="remal-java-21-runner:0.5.0"
+export IMAGE_FROM="remal-java-21-runner:$4"
 export BUILD_TYPE=${1:-fat}
 export PUSH_IMAGE=${2:-false}
 export DOMAIN_NAME=${3:-hello.com}

docker/application/java-21-runner/Dockerfile

@@ -7,7 +7,7 @@
 #
 # Copyright (c) 2020-2024 Remal Software and Arnold Somogyi All rights reserved
 # ******************************************************************************
-ARG IMAGE_FROM=${IMAGE_FROM}
+ARG IMAGE_FROM="not-set"
 ARG BUILD_TYPE="fat"
 FROM ${IMAGE_FROM} AS base
 

docker/application/java-21-runner/container-scripts/startup/70151_kv-importer.sh

@@ -26,6 +26,8 @@ file_exists() {
     printf "%s | [WARN]  file \"%s\" not found\n" "$(date +"%Y-%m-%d %H:%M:%S")" "$file_to_check"
     log_end "$0"
     exit 0
+  else
+    printf "%s | [DEBUG] file \"%s\" has been successfully extracted\n" "$(date +"%Y-%m-%d %H:%M:%S")" "$file_to_check"
   fi
 }
 
@@ -44,6 +46,34 @@ cleanup_workspace() {
   rm -R "$workspace_home"
 }
 
+# ------------------------------------------------------------------------------
+# Unpack the given file from the ZIP.
+#
+# Arguments:
+#    arg 1:  source zip file
+#    arg 2:  target directory to extract the file
+#    arg 3:  the file to extract from the ZIP
+# ------------------------------------------------------------------------------
+extract_file() {
+  local archive_file target_dir fie_to_extract
+  archive_file="$1"
+  target_dir="$2"
+  fie_to_extract="$3"
+
+  if [ -z "$archive_file" ]; then
+    printf "%s | [WARN]  there is nothing to unpack\n" "$(date +"%Y-%m-%d %H:%M:%S")"
+  else
+    printf "%s | [DEBUG] unpacking the \"%s\" file from \"%s\" to \"%s\"...\n" "$(date +"%Y-%m-%d %H:%M:%S")" "$fie_to_extract" "$archive_file" "$target_dir"
+
+    # Ignore a specific exit code that appears if there file to extract not found in the ZIP.
+    #
+    # Exit codes (see the full list here: https://linux.die.net/man/1/unzip):
+    #     9: the specified zipfiles were not found
+    #    11: no matching files were found
+    unzip -j "$archive_file" "$fie_to_extract" -d "$target_dir" || (exit "$(($? == 11 ? 0 : $?))")
+  fi
+}
+
 # ------------------------------------------------------------------------------
 # Get the key context for the Hashicorp Consul KV store.
 # The property key in the Consul KV store should always start with “config” name
@@ -52,8 +82,8 @@ cleanup_workspace() {
 #
 # For example, if
 #       - java code: @Value("${app.hello}")
-#       - application.properties: spring.application.name=echo-service
-#    then the full path of the key is config/echo-service/app.hello
+#       - application.properties: spring.application.name=welcome-service
+#    then the full path of the key is config/welcome-service/app.hello
 #
 # Arguments
 #    arg 1: property file
@@ -88,7 +118,7 @@ get_first_jar() {
   local jars_home
   jars_home="$1"
 
-  printf "%s | [INFO]  getting the first JAR file from the \"%s\" directory...\n" "$(date +"%Y-%m-%d %H:%M:%S")" "$jars_home"
+  printf "%s | [INFO]  getting the first JAR file from \"%s\" directory...\n" "$(date +"%Y-%m-%d %H:%M:%S")" "$jars_home"
 
   local files number_of_files
   files=($(find "$jars_home" -type f -name "*.jar"))
@@ -143,41 +173,27 @@ insert_kv() {
   done < "$properties_file"
 }
 
-# ------------------------------------------------------------------------------
-# Unpack the given ZIP archive file.
-#
-# Arguments:
-#    arg 1:  zip file to extract
-#    arg 2:  target directory to extract the file
-# ------------------------------------------------------------------------------
-unpack_jar() {
-  local archive_file target
-  archive_file="$1"
-  target="$2"
-
-  if [ -z "$archive_file" ]; then
-    printf "%s | [WARN]  there is nothing to unpack\n" "$(date +"%Y-%m-%d %H:%M:%S")"
-  else
-    printf "%s | [DEBUG] unpacking the \"%s\" file to \"%s\"...\n" "$(date +"%Y-%m-%d %H:%M:%S")" "$archive_file" "$target"
-    unzip -q "$archive_file" -d "$target"
-  fi
-}
-
 # ------------------------------------------------------------------------------
 # Main program starts here.
 # ------------------------------------------------------------------------------
 log_start "$0"
+printf "%s | [INFO]  inserting key/values into Hashicorp Consul...\n" "$(date +"%Y-%m-%d %H:%M:%S")"
 
 UNPACK_DIR="/tmp/extracted-jar"
-KV_PROP_FILE="$UNPACK_DIR/BOOT-INF/classes/config.properties"
-APP_PROP_FILE="$UNPACK_DIR/BOOT-INF/classes/application.properties"
-printf "%s | [INFO]  inserting key/values into Hashicorp Consul...\n" "$(date +"%Y-%m-%d %H:%M:%S")"
+PATH_TO_PROP_FILE="BOOT-INF/classes"
+APP_PROP_FILE="application.properties"
+KV_PROP_FILE="config.properties"
+
 get_first_jar "$JAR_HOME" JAR_FILE
-unpack_jar "$JAR_FILE" "$UNPACK_DIR"
-file_exists "$KV_PROP_FILE"
-file_exists "$APP_PROP_FILE"
-get_kv_context "$APP_PROP_FILE" CONTEXT
-insert_kv "$KV_PROP_FILE" "$CONTEXT"
+
+extract_file "$JAR_FILE" "$UNPACK_DIR" "$PATH_TO_PROP_FILE/$APP_PROP_FILE"
+file_exists "$UNPACK_DIR/$APP_PROP_FILE"
+
+extract_file "$JAR_FILE" "$UNPACK_DIR" "$PATH_TO_PROP_FILE/$KV_PROP_FILE"
+file_exists "$UNPACK_DIR/$KV_PROP_FILE"
+
+get_kv_context "$UNPACK_DIR/$APP_PROP_FILE" CONTEXT
+insert_kv "$UNPACK_DIR/$KV_PROP_FILE" "$CONTEXT"
 cleanup_workspace "$UNPACK_DIR"
 
 log_end "$0"

docker/application/java-21-runner/setenv.sh

@@ -8,10 +8,9 @@
 # Copyright (c) 2020-2024 Remal Software and Arnold Somogyi All rights reserved
 # ******************************************************************************
 export IMAGE_NAME="remal-java-21-runner"
-export IMAGE_TAG="0.5.0"
 export IMAGE_DESCRIPTION="Remal Java 21 Runner"
 export IMAGE_AUTHOR="Arnold Somogyi <[email protected]>"
-export IMAGE_FROM="remal-consul:1.2.0"
+export IMAGE_FROM="remal-consul:$4"
 export BUILD_TYPE=${1:-fat}
 export PUSH_IMAGE=${2:-false}
 export DOMAIN_NAME=${3:-hello.com}

docker/base/base/Dockerfile

@@ -6,7 +6,7 @@
 #
 # Copyright (c) 2020-2023 Remal Software and Arnold Somogyi All rights reserved
 # ******************************************************************************
-ARG IMAGE_FROM=${IMAGE_FROM}
+ARG IMAGE_FROM="not-set"
 FROM ${IMAGE_FROM}
 
 EXPOSE 22/tcp