Java 21, Spring, code refactor and deploy as standalone container.

docker-compose.dev.yml

@@ -0,0 +1,52 @@
+version: '3.8'
+services:
+  pic-sure-auth-service:
+    build:
+        context: .
+        dockerfile: ./pic-sure-auth-services/dev.Dockerfile
+    environment:
+      JAVA_OPTS: "-Xmx1024m -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005"
+      # Note: To use this you will need to set ENVIRONMENT variables for the application.properties
+    ports:
+      - "8090:8090" # Application port
+      - "5005:5005" # Debug port
+    depends_on:
+      auth-flyway:
+        condition: service_started
+
+  picsure-db:
+    build:
+      context: ./pic-sure-auth-db/
+      dockerfile: Dockerfile
+    environment:
+        MYSQL_DATABASE: auth
+        MYSQL_ROOT_PASSWORD: password
+    ports:
+        - "3306:3306" # MySQL port
+    command:
+      - --default-authentication-plugin=mysql_native_password # Required for MySQL 8.0
+    healthcheck:
+      test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
+  auth-flyway:
+    image: flyway/flyway:latest
+    volumes:
+      - ./pic-sure-auth-db/db/sql:/flyway/sql
+    # linux/amd64
+    platform: linux/amd64
+    environment:
+        - FLYWAY_URL=jdbc:mysql://picsure-db:3306/auth?useSSL=false
+        - FLYWAY_USER=root
+        - FLYWAY_PASSWORD=password
+        - FLYWAY_SCHEMAS=auth
+        - FLYWAY_LOCATIONS=filesystem:/flyway/sql
+        - FLYWAY_IGNORE_MISSING_MIGRATIONS=true
+        - FLYWAY_BASELINE_ON_MIGRATE=true
+    command:
+      - migrate
+    depends_on:
+      picsure-db:
+        condition: service_healthy

jenkinsfile

@@ -0,0 +1,45 @@
+pipeline {
+    agent any
+
+    parameters {
+        string(name: 'DOCKER_REGISTRY', description: 'Docker registry URL (e.g., ECR URL)', defaultValue: 'hms-dbmi')
+        string(name: 'REPOSITORY_NAME', description: 'Docker repository name', defaultValue: 'psama')
+    }
+
+    environment {
+        DOCKER_BUILD_ARGS = "-f ./pic-sure-auth-services/Dockerfile --build-arg http_proxy=$http_proxy --build-arg https_proxy=$http_proxy --build-arg no_proxy=\"$no_proxy\" --build-arg HTTP_PROXY=$http_proxy --build-arg HTTPS_PROXY=$http_proxy --build-arg NO_PROXY=\"$no_proxy\""
+        GIT_BRANCH_SHORT = sh(script: 'echo ${GIT_BRANCH} | cut -d "/" -f 2', returnStdout: true).trim()
+        GIT_COMMIT_SHORT = sh(script: 'echo ${GIT_COMMIT} | cut -c1-7', returnStdout: true).trim()
+        IMAGE_TAG = "${GIT_BRANCH_SHORT}_${GIT_COMMIT_SHORT}"
+        LATEST_TAG = "latest"
+        EMAIL_TEMPLATE_VOLUME="-v $DOCKER_CONFIG_DIR/wildfly/emailTemplates:/opt/jboss/wildfly/standalone/configuration/emailTemplates "
+        TRUSTSTORE_VOLUME="-v $DOCKER_CONFIG_DIR/wildfly/application.truststore:/opt/jboss/wildfly/standalone/configuration/application.truststore"
+        PSAMA_OPTS="-Xms1g -Xmx2g -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true"
+        TRUSTSTORE_JAVA_OPTS="-Djavax.net.ssl.trustStore=/opt/jboss/wildfly/standalone/configuration/application.truststore -Djavax.net.ssl.trustStorePassword=password"
+    }
+
+    stages {
+        stage('build') {
+            steps {
+                sh "docker build ${DOCKER_BUILD_ARGS} -t ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${IMAGE_TAG} ."
+                sh "docker tag ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${IMAGE_TAG} ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${LATEST_TAG}"
+            }
+        }
+        stage('deploy') {
+            steps {
+                script {
+                    env.PROXY_OPTS = env.PROXY_OPTS == null ?: ''
+                }
+                sh "docker stop psama || true"
+                sh "docker rm psama || true"
+                sh """docker run --name=psama --restart always \
+                      --network=picsure \
+                      --env-file /usr/local/docker-config/psama/.env \
+                      $EMAIL_TEMPLATE_VOLUME \
+                      $TRUSTSTORE_VOLUME \
+                      -e JAVA_OPTS="$PSAMA_OPTS $TRUSTSTORE_JAVA_OPTS" \
+                      -d ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${IMAGE_TAG}"""
+            }
+        }
+    }
+}

pic-sure-auth-db/Dockerfile

@@ -1,4 +1,4 @@
-FROM mysql:5.7.24
+FROM mysql:8.2.0
 
 RUN mkdir /tempsql/
 COPY db/picsure-auth-dump-initial.sql /tempsql/picsure-auth-dump-initial.sql

pic-sure-auth-services/Dockerfile

@@ -1,40 +1,27 @@
-FROM jboss/wildfly:17.0.0.Final AS production
+FROM maven:3.9.6-amazoncorretto-21 as build
 
-# TODO: It'd be nice if wildfly used alpine -Andre
+COPY ./pom.xml /app/pom.xml
 
-LABEL maintainer="avillach_lab_developers@googlegroups.com"
+RUN mvn -f /app/pom.xml dependency:go-offline
 
-# mysql database
-ENV AUTH_DB_CONNECTION_USER root
-ENV AUTH_MYSQLADDRESS localhost
-ENV AUTH_DB_PORT 3306
-ENV AUTH_MYSQLPASS password
+# Copy the source code into the container
+COPY ./ /app
 
-# JWT Token
-ENV AUTH_CLIENT_SECRET secret
-ENV AUTH_USER_ID_CLAIM sub
+# Change the working directory
+WORKDIR /app
 
-# root required to create default scratch directory - Andre
-USER root
+# Build the jar
+RUN mvn clean install -DskipTests
 
-# Add certs for AWS to trust store
-COPY aws_certs/certificate.der certificate.der
-RUN keytool -noprompt -import -alias root_cert -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -file certificate.der
+FROM amazoncorretto:21.0.1-alpine3.18
 
-# copy modules
-COPY target/modules/system/layers/base/com/sql/mysql/main/* /modules/
-COPY src/main/resources/emailTemplates/accessEmail.mustache /usr/local/share/applications/
+# Copy jar and access token from maven build
+COPY --from=build /app/pic-sure-auth-services/target/pic-sure-auth-services.jar /pic-sure-auth-service.jar
 
-# install modules
-RUN wildfly/bin/jboss-cli.sh --command="module add --name=com.sql.mysql \
-    --resources=/modules/mysql-connector-java-5.1.38.jar --dependencies=javax.api"
+# Copy the AWS certificate
+COPY  pic-sure-auth-services/aws_certs/certificate.der /certificate.der
 
-# Copy standalone.xml
-COPY src/main/resources/wildfly-configuration/standalone.xml wildfly/standalone/configuration/
+# Import the certificate into the Java trust store
+RUN keytool -noprompt -import -alias aws_cert -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -file /certificate.der
 
-# Copy war file
-COPY target/pic-sure-auth-services.war wildfly/standalone/deployments/pic-sure-auth-services.war
-
-#USER jboss
-
-ENTRYPOINT ["/opt/jboss/wildfly/bin/standalone.sh", "-b", "0.0.0.0"]
+ENTRYPOINT ["sh", "-c", "java ${JAVA_OPTS} -jar /pic-sure-auth-service.jar"]

pic-sure-auth-services/dev.Dockerfile

@@ -0,0 +1,20 @@
+FROM maven:3.9.6-amazoncorretto-21 as build
+
+# Copy the source code into the container
+COPY ../ /app
+
+# Change the working directory
+WORKDIR /app
+
+# Build the jar
+RUN mvn clean install -DskipTests
+
+FROM amazoncorretto:21.0.1-alpine3.18
+
+# Copy jar and access token from maven build
+#COPY target/pic-sure-auth-services.jar /pic-sure-auth-service.jar
+COPY --from=build /app/pic-sure-auth-services/target/pic-sure-auth-services.jar /pic-sure-auth-service.jar
+
+EXPOSE 8090
+
+ENTRYPOINT ["sh", "-c", "java ${JAVA_OPTS} -jar /pic-sure-auth-service.jar"]