Fix dev service to start postgres only and allow horreum to start wit…

…hout oidc.auth-server-url

horreum-backend/src/main/java/io/hyperfoil/tools/horreum/server/HorreumAuthorizationFilter.java

@@ -19,10 +19,10 @@
 @Singleton
 public class HorreumAuthorizationFilter {
 
-   private final String authServerUrl;
+   private final Optional<String> authServerUrl;
    private final Optional<String> issuer;
 
-   public HorreumAuthorizationFilter(@ConfigProperty(name = "quarkus.oidc.auth-server-url") String authServerUrl,
+   public HorreumAuthorizationFilter(@ConfigProperty(name = "quarkus.oidc.auth-server-url") Optional<String> authServerUrl,
                                      @ConfigProperty(name = "quarkus.oidc.token.issuer") Optional<String> issuer) {
       this.authServerUrl = authServerUrl;
       this.issuer = issuer;
@@ -51,8 +51,10 @@ public Response filter(ResteasyReactiveContainerRequestContext containerRequestC
                } else if (!issuer.get().equals(iss)) {
                   return replyWrongIss(iss, issuer.get());
                }
-            } else if (!authServerUrl.equals(iss)) {
-               return replyWrongIss(iss, authServerUrl);
+            } else if (authServerUrl.isEmpty()) {
+               return Response.status(Response.Status.FORBIDDEN).entity("Missing URL to validate authorization token. Set OIDC authentication server URL (or OIDC token issuer) in Horreum config.").build();
+            } else if (!authServerUrl.get().equals(iss)) {
+               return replyWrongIss(iss, authServerUrl.get());
             }
             return null;
          }

horreum-backend/src/main/java/io/hyperfoil/tools/horreum/svc/ConfigServiceImpl.java

@@ -142,7 +142,7 @@ public void deleteDatastore(String datastoreId) {
     }
 
     private String getString(String propertyName) {
-        return ConfigProvider.getConfig().getValue(propertyName, String.class);
+        return ConfigProvider.getConfig().getOptionalValue(propertyName, String.class).orElse("");
     }
 
 }

infra/horreum-dev-services/deployment/src/main/java/io/hyperfoil/tools/horreum/dev/services/deployment/HorreumDevServicesProcessor.java

@@ -99,51 +99,45 @@ public void startHorreumContainers(
 
                         Map<String, String> envvars = HorreumResources.startContainers(Collections.unmodifiableMap(containerArgs));
 
-                        Map<String, String> postgresConfig = new HashMap<>();
-                        String jdbcUrl = HorreumResources.postgreSQLResource.getJdbcUrl();
-
-                        postgresConfig.put("quarkus.datasource.jdbc.url", jdbcUrl);
-                        postgresConfig.put("quarkus.datasource.migration.jdbc.url", jdbcUrl);
-                        if (horreumBuildTimeConfig.postgres.sslEnabled) {
-                            // see https://jdbc.postgresql.org/documentation/ssl/ for details
-                            postgresConfig.put("quarkus.datasource.jdbc.additional-jdbc-properties.ssl", "true");
-                            postgresConfig.put("quarkus.datasource.jdbc.additional-jdbc-properties.sslmode", "verify-full");
-                            postgresConfig.put("quarkus.datasource.jdbc.additional-jdbc-properties.sslrootcert", envvars.get("quarkus.datasource.jdbc.sslrootcert"));
+                        if (horreumBuildTimeConfig.postgres.enabled) {
+                            Map<String, String> postgresConfig = new HashMap<>();
+                            String jdbcUrl = HorreumResources.postgreSQLResource.getJdbcUrl();
+
+                            postgresConfig.put("quarkus.datasource.jdbc.url", jdbcUrl);
+                            postgresConfig.put("quarkus.datasource.migration.jdbc.url", jdbcUrl);
+                            if (horreumBuildTimeConfig.postgres.sslEnabled) {
+                                // see https://jdbc.postgresql.org/documentation/ssl/ for details
+                                postgresConfig.put("quarkus.datasource.jdbc.additional-jdbc-properties.ssl", "true");
+                                postgresConfig.put("quarkus.datasource.jdbc.additional-jdbc-properties.sslmode", "verify-full");
+                                postgresConfig.put("quarkus.datasource.jdbc.additional-jdbc-properties.sslrootcert", envvars.get("quarkus.datasource.jdbc.sslrootcert"));
+                            }
+
+                            horreumPostgresDevService = new DevServicesResultBuildItem.RunningDevService(
+                                    HorreumResources.postgreSQLResource.getContainer().getContainerName(),
+                                    HorreumResources.postgreSQLResource.getContainer().getContainerId(),
+                                    HorreumResources.postgreSQLResource.getContainer()::close,
+                                    postgresConfig);
                         }
-
-                        horreumPostgresDevService = new DevServicesResultBuildItem.RunningDevService(
-                                HorreumResources.postgreSQLResource.getContainer().getContainerName(),
-                                HorreumResources.postgreSQLResource.getContainer().getContainerId(),
-                                HorreumResources.postgreSQLResource.getContainer()::close,
-                                postgresConfig);
-
-                        Map<String, String> keycloakConfig = new HashMap<>();
-                        Integer keycloakPort = HorreumResources.keycloakResource.getContainer().getMappedPort(horreumBuildTimeConfig.keycloak.httpsEnabled ? 8443 : 8080);
-                        String keycloakURL = (horreumBuildTimeConfig.keycloak.httpsEnabled ? "https" : "http") + "://localhost:" + keycloakPort;
-
-                        keycloakConfig.put("horreum.keycloak.url", keycloakURL);
-                        keycloakConfig.put("quarkus.oidc.auth-server-url", keycloakURL + "/realms/horreum");
-                        keycloakConfig.put("quarkus.oidc.credentials.secret", envvars.get("quarkus.oidc.credentials.secret"));
-                        if (envvars.containsKey("quarkus.oidc.tls.trust-store-file")) {
-                            keycloakConfig.put("quarkus.oidc.tls.trust-store-file", envvars.get("quarkus.oidc.tls.trust-store-file"));
-                            keycloakConfig.put("quarkus.oidc.tls.verification", "required"); // "certificate-validation" validates the certificate chain, but not the hostname. could also be "none" and disable TLS verification altogether
+                        if (horreumBuildTimeConfig.keycloak.enabled) {
+                            Map<String, String> keycloakConfig = new HashMap<>();
+                            Integer keycloakPort = HorreumResources.keycloakResource.getContainer().getMappedPort(horreumBuildTimeConfig.keycloak.httpsEnabled ? 8443 : 8080);
+                            String keycloakURL = (horreumBuildTimeConfig.keycloak.httpsEnabled ? "https" : "http") + "://localhost:" + keycloakPort;
+
+                            keycloakConfig.put("horreum.keycloak.url", keycloakURL);
+                            keycloakConfig.put("quarkus.oidc.auth-server-url", keycloakURL + "/realms/horreum");
+                            keycloakConfig.put("quarkus.oidc.credentials.secret", envvars.get("quarkus.oidc.credentials.secret"));
+                            if (envvars.containsKey("quarkus.oidc.tls.trust-store-file")) {
+                                keycloakConfig.put("quarkus.oidc.tls.trust-store-file", envvars.get("quarkus.oidc.tls.trust-store-file"));
+                                keycloakConfig.put("quarkus.oidc.tls.verification", "required"); // "certificate-validation" validates the certificate chain, but not the hostname. could also be "none" and disable TLS verification altogether
+                            }
+
+                            horreumKeycloakDevService = new DevServicesResultBuildItem.RunningDevService(
+                                    HorreumResources.keycloakResource.getContainer().getContainerName(),
+                                    HorreumResources.keycloakResource.getContainer().getContainerId(),
+                                    HorreumResources.keycloakResource.getContainer()::close,
+                                    keycloakConfig);
                         }
-
-                        horreumKeycloakDevService = new DevServicesResultBuildItem.RunningDevService(
-                                HorreumResources.keycloakResource.getContainer().getContainerName(),
-                                HorreumResources.keycloakResource.getContainer().getContainerId(),
-                                HorreumResources.keycloakResource.getContainer()::close,
-                                keycloakConfig);
-                    }
-                }
-
-                if (horreumKeycloakDevService == null || horreumPostgresDevService == null) {
-                    if (!errors) {
-                        compressor.close();
-                    } else {
-                        compressor.closeAndDumpCaptured();
                     }
-                    return;
                 }
 
                 Runnable closeTask = () -> {
@@ -176,8 +170,15 @@ public void startHorreumContainers(
                 throw new RuntimeException(t);
             }
 
-            devServicesResultBuildItemBuildProducer.produce(horreumKeycloakDevService.toBuildItem());
-            devServicesResultBuildItemBuildProducer.produce(horreumPostgresDevService.toBuildItem());
+            if (horreumPostgresDevService != null) {
+                devServicesResultBuildItemBuildProducer.produce(horreumPostgresDevService.toBuildItem());
+
+                // TODO: figure out how to run a SQL script to load dummy data into the database
+                // that has to execute *after* liquibase execution so that the DB schema has been generated
+            }
+            if (horreumKeycloakDevService != null) {
+                devServicesResultBuildItemBuildProducer.produce(horreumKeycloakDevService.toBuildItem());
+            }
         }
     }