#12 authentication

- k8s config
maciejgz · Oct 8, 2023 · 56bbcbd · 56bbcbd
1 parent 9c8252e
commit 56bbcbd
Show file tree

Hide file tree

Showing 9 changed files with 39 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -147,7 +147,13 @@ Linux:
 ### Kubernetes
 
 K8S scripts should be run in the following order from the project root directory:
+</br> Run all scripts from the root directory:
 
+```docker
+.\k8s\start.bat
+```
+
+Or run each scripts separately:
 - [k8s](k8s) - directory with global configuration:
     - special role and privileges
     - ingress

diff --git a/k8s/start.bat b/k8s/start.bat
@@ -0,0 +1,8 @@
+@echo off
+kubectl apply -f k8s
+kubectl apply -f ms-admin/k8s
+kubectl apply -f ms-api-gateway/k8s
+kubectl apply -f ms-cms-service/k8s
+kubectl apply -f ms-stock-service/k8s
+
+
diff --git a/ms-api-gateway/src/main/resources/application-k8s.yml b/ms-api-gateway/src/main/resources/application-k8s.yml
@@ -12,6 +12,11 @@ management:
 
 ## API Gateway routes
 spring:
+  security:
+    oauth2:
+      resourceserver:
+        jwt:
+          jwk-set-uri: http://${DATA_REDIS_HOST}:8082/realms/ms/protocol/openid-connect/certs
   cloud:
     gateway:
       routes:

diff --git a/ms-cms-service/k8s/configmap.yml b/ms-cms-service/k8s/configmap.yml
@@ -3,6 +3,7 @@ apiVersion: v1
 metadata:
   name: ms-cms-service
 data:
+  DATA_REDIS_HOST: "192.168.0.129"
   application-k8s.properties: |-
     spring.datasource.url=jdbc:postgresql://localhost:5433/cms
     spring.profiles.active=k8s
diff --git a/ms-cms-service/k8s/deployment.yml b/ms-cms-service/k8s/deployment.yml
@@ -27,4 +27,9 @@ spec:
             - name: SPRING_CLOUD_KUBERNETES_SECRETS_ENABLEAPI
               value: "true"
             - name: SPRING_PROFILES_ACTIVE
-              value: k8s
+              value: k8s
+            - name: DATA_REDIS_HOST
+              valueFrom:
+                configMapKeyRef:
+                  name: ms-cms-service
+                  key: DATA_REDIS_HOST
diff --git a/ms-cms-service/src/main/resources/application-k8s.properties b/ms-cms-service/src/main/resources/application-k8s.properties
@@ -1,2 +1,3 @@
-spring.datasource.url=jdbc:postgresql://192.168.0.129:5432/cms
-spring.kafka.bootstrap-servers=192.168.0.129:9092
+spring.datasource.url=jdbc:postgresql://${DATA_REDIS_HOST}:5432/cms
+spring.kafka.bootstrap-servers=${DATA_REDIS_HOST}:9092
+spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://${DATA_REDIS_HOST}:8082/realms/ms/protocol/openid-connect/certs
diff --git a/ms-stock-service/k8s/configmap.yml b/ms-stock-service/k8s/configmap.yml
@@ -3,6 +3,7 @@ apiVersion: v1
 metadata:
   name: ms-stock-service
 data:
+  HOST_IP: "192.168.0.129"
   application-k8s.properties: |-
     spring.datasource.url=jdbc:postgresql://localhost:5433/stock
     spring.profiles.active=k8s
diff --git a/ms-stock-service/k8s/deployment.yml b/ms-stock-service/k8s/deployment.yml
@@ -27,4 +27,9 @@ spec:
             - name: SPRING_CLOUD_KUBERNETES_SECRETS_ENABLEAPI
               value: "true"
             - name: SPRING_PROFILES_ACTIVE
-              value: k8s
+              value: k8s
+            - name: HOST_IP
+              valueFrom:
+                configMapKeyRef:
+                  name: ms-stock-service
+                  key: HOST_IP
diff --git a/ms-stock-service/src/main/resources/application-k8s.properties b/ms-stock-service/src/main/resources/application-k8s.properties
@@ -1,2 +1,3 @@
-spring.datasource.url=jdbc:postgresql://192.168.0.129:5432/stock
-spring.kafka.bootstrap-servers=192.168.0.129:9092
+spring.datasource.url=jdbc:postgresql://${HOST_IP}:5432/stock
+spring.kafka.bootstrap-servers=${HOST_IP}:9092
+spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://${HOST_IP}:8082/realms/ms/protocol/openid-connect/certs