diff --git a/alfa-client/apps/alfa-e2e/10-admin-client-proxy.conf b/alfa-client/apps/alfa-e2e/10-admin-client-proxy.conf
new file mode 100644
index 0000000000000000000000000000000000000000..d3ffd92bc026995c673c2b5e67e7ec5fa4fc4c45
--- /dev/null
+++ b/alfa-client/apps/alfa-e2e/10-admin-client-proxy.conf
@@ -0,0 +1,75 @@
+# Verarbeitungsreihenfolge von location rules:
+# --------------------------------------------------------------------------------------------------------------------------------------------
+# Search-Order Modifier Description Match-Type Stops-search-on-match
+# --------------------------------------------------------------------------------------------------------------------------------------------
+# 1st = The URI must match the specified pattern exactly Simple-string Yes
+# 2nd ^~ The URI must begin with the specified pattern Simple-string Yes
+# 3rd (None) The URI must begin with the specified pattern Simple-string No
+# 4th ~ The URI must be a case-sensitive match to the specified Rx Perl-Compatible-Rx Yes (first match)
+# 4th ~* The URI must be a case-insensitive match to the specified Rx Perl-Compatible-Rx Yes (first match)
+# N/A @ Defines a named location block. Simple-string Yes
+# --------------------------------------------------------------------------------------------------------------------------------------------
+#
+# Regex Matches werden bevorzugt verwendet.
+# Mehr: https://stackoverflow.com/a/59846239/1546181
+pid /tmp/nginx.pid;
+worker_processes 1;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ server_tokens off;
+ access_log off;
+ error_log stderr crit;
+
+ server {
+ listen 8080;
+ server_name localhost;
+
+ root /usr/share/nginx/html;
+ index index.html;
+ include /etc/nginx/mime.types;
+
+
+ client_body_temp_path /tmp/client_temp;
+ proxy_temp_path /tmp/proxy_temp_path;
+ fastcgi_temp_path /tmp/fastcgi_temp;
+ uwsgi_temp_path /tmp/uwsgi_temp;
+ scgi_temp_path /tmp/scgi_temp;
+
+ gzip on;
+ gzip_min_length 1000;
+ gzip_proxied expired no-cache no-store private auth;
+ gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+
+ # Add security related headers.
+ # TODO Fuehrt teilweise zu Content Security Policy Fehler (CSP). Cache deaktivieren beim Testen!
+ # see https://dri.es/headers?url=https://meine-domain.xy
+ #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+ #add_header X-Content-Type-Options "nosniff" always;
+ #add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+ #add_header X-Frame-Options "SAMEORIGIN" always;
+ # Tricky for Angular, see https://github.com/angular/angular-cli/issues/3430#issuecomment-415063027
+ # Seit Angular 12 ist 'unsafe-inline' für script-src nötig, weil index.html:13 irgendwas geladen wird
+ # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/manifest-src
+ #add_header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self'; connect-src 'self'; manifest-src 'self'; font-src 'self'" always;
+
+
+
+ # Enable Path Routing (default for Angular)
+ location / {
+ try_files $uri$args $uri$args/ /index.html;
+ }
+
+ location ^~ /api {
+ proxy_pass http://administration:8080/api;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection 'upgrade';
+ proxy_set_header Host localhost:4300;
+ proxy_cache_bypass $http_upgrade;
+ }
+ }
+}
diff --git a/alfa-client/apps/alfa-e2e/docker-compose.yml b/alfa-client/apps/alfa-e2e/docker-compose.yml
index e87654d697b9a340f65e9a666dff2fcca1b5ad98..931b77172c4e23a1bcf45e302240ca55eb100978 100644
--- a/alfa-client/apps/alfa-e2e/docker-compose.yml
+++ b/alfa-client/apps/alfa-e2e/docker-compose.yml
@@ -1,168 +1,38 @@
-#
-# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
-# Ministerpräsidenten des Landes Schleswig-Holstein
-# Staatskanzlei
-# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
-#
-# Lizenziert unter der EUPL, Version 1.2 oder - sobald
-# diese von der Europäischen Kommission genehmigt wurden -
-# Folgeversionen der EUPL ("Lizenz");
-# Sie dürfen dieses Werk ausschließlich gemäß
-# dieser Lizenz nutzen.
-# Eine Kopie der Lizenz finden Sie hier:
-#
-# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
-#
-# Sofern nicht durch anwendbare Rechtsvorschriften
-# gefordert oder in schriftlicher Form vereinbart, wird
-# die unter der Lizenz verbreitete Software "so wie sie
-# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
-# ausdrücklich oder stillschweigend - verbreitet.
-# Die sprachspezifischen Genehmigungen und Beschränkungen
-# unter der Lizenz sind dem Lizenztext zu entnehmen.
-#
+version: '3'
+
+volumes:
+ mongodb:
+
services:
mongodb:
image: mongo:7
ports:
- - 27018:27017
- environment:
- - MONGODB_EXTRA_FLAGS=--profile=2
+ - 27017:27017
+ volumes:
+ - mongodb:/data/db
+ healthcheck:
+ test: ["CMD", "mongosh", "--eval", "db.settings.find()"]
+ interval: 10s
+ timeout: 5s
+ retries: 5
- vorgang-manager:
- image: docker.ozg-sh.de/vorgang-manager:${VORGANG_MANAGER_DOCKER_IMAGE:-snapshot-latest}
- platform: linux/amd64
+ administration:
+ image: docker.ozg-sh.de/administration:${ADMINISTRATION_DOCKER_IMAGE:-snapshot-latest}
environment:
- - GRPC_CLIENT_USER-MANAGER_ADDRESS=static://user-manager:9000
- - GRPC_CLIENT_USER-MANAGER_NEGOTIATION_TYPE=PLAINTEXT
- - logging_level_org_springframework_security=${LOGGING_LEVEL:-WARN}
- - logging_level_io_grpc_netty_shaded_io_grpc=TRACE
- - OZGCLOUD_ELASTICSEARCH_ADDRESS=elastic:9200
- - OZGCLOUD_ELASTICSEARCH_INDEX=e2e-test-index
- - OZGCLOUD_ELASTICSEARCH_PASSWORD=password
- - OZGCLOUD_ELASTICSEARCH_USERNAME=elastic
- - OZGCLOUD_ELASTICSEARCH_USESSL=false
- - OZGCLOUD_PROCESSORS_0_ADDRESS=http://smocker:5080/externe-processor-success
- - OZGCLOUD_PROCESSORS_0_NAME=ticketCheck
- - OZGCLOUD_USER-MANAGER_URL=http://localhost:9092
- - SPRING_DATA_MONGODB_HOST=mongodb
- - SPRING_DATA_MONGODB_DATABASE=local
- - SPRING_PROFILES_ACTIVE=${SPRING_PROFILE:-local,e2e}
- - LOGGING_CONFIG=classpath:log4j2-local.xml
- - GRPC_CLIENT_PLUTO_NEGOTIATIONTYPE=PLAINTEXT
- - GRPC_CLIENT_VORGANG-MANAGER_NEGOTIATIONTYPE=PLAINTEXT
- - GRPC_CLIENT_EMAIL_NEGOTIATIONTYPE=PLAINTEXT
- - GRPC_CLIENT_NACHRICHTEN-MANAGER_NEGOTIATIONTYPE=PLAINTEXT
- - GRPC_CLIENT_INFO-MANAGER_NEGOTIATIONTYPE=PLAINTEXT
- - GRPC_CLIENT_COMMAND-MANAGER_NEGOTIATIONTYPE=PLAINTEXT
- - GRPC_SERVER_SECURITY_ENABLED=false
- # Bescheid-Wizard
- - OZGCLOUD_FEATURE_BESCHEID_ENABLE-DUMMY-DOCUMENT-PROCESSOR=false
- - OZGCLOUD_BESCHEID_SMART_DOCUMENTS_URL=http://smocker:8080/smartdocuments
- - OZGCLOUD_BESCHEID_SMART_DOCUMENTS_BASIC_AUTH_USERNAME=MGM
- - OZGCLOUD_BESCHEID_SMART_DOCUMENTS_BASIC_AUTH_PASSWORD=MGM
- - OZGCLOUD_BESCHEID_SMART_DOCUMENTS_TEMPLATE_GROUP=OzgCloudTest
- - OZGCLOUD_BESCHEID_SMART_DOCUMENTS_TEMPLATE=Halteverbot
+ - SPRING_PROFILES_ACTIVE=${SPRING_PROFILE:-local,remotekc}
+ - SPRING_DATA_MONGODB_URI=mongodb://mongodb:27017/config-db
ports:
- - 9091:9090
+ - 8080:8080
depends_on:
mongodb:
- condition: service_started
- elastic:
condition: service_healthy
- alfa:
- image: docker.ozg-sh.de/alfa:${ALFA_DOCKER_IMAGE:-snapshot-latest}
- platform: linux/amd64
- environment:
- - GRPC_CLIENT_USER-MANAGER_ADDRESS=static://user-manager:9000
- - GRPC_CLIENT_USER-MANAGER_NEGOTIATIONTYPE=PLAINTEXT
- - GRPC_CLIENT_VORGANG-MANAGER_ADDRESS=static://vorgang-manager:9090
- - GRPC_CLIENT_VORGANG-MANAGER_NEGOTIATIONTYPE=PLAINTEXT
- - KEYCLOAK_AUTH_SERVER_URL=https://sso.dev.by.ozg-cloud.de
- - KEYCLOAK_REALM=${KEYCLOAK_REALM:-by-e2e-tests-local-dev}
- - KEYCLOAK_RESOURCE=${KEYCLOAK_CLIENT:-alfa}
- - OZGCLOUD_FEATURE_VORGANG_EXPORT=true
- - OZGCLOUD_USER-ASSISTANCE_DOCUMENTATION_URL=/assets/benutzerleitfaden/Benutzerleitfaden_2.5.pdf
- - OZGCLOUD_USER-MANAGER_URL=http://localhost:9092
- - OZGCLOUD_VORGANG_PROCESSOR_0_FORM_ENGINE_NAME=AFM
- - OZGCLOUD_VORGANG_PROCESSOR_0_FORM_ID=Erstattung_ERFOLG
- - OZGCLOUD_VORGANG_PROCESSOR_1_FORM_ENGINE_NAME=AFM
- - OZGCLOUD_VORGANG_PROCESSOR_1_FORM_ID=Erstattung_FAIL
- - OZGCLOUD_VORGANG_PROCESSOR_NAMES_0=ticketCheck
- - SPRING_PROFILES_ACTIVE=remotekc, e2e
- - LOGGING_CONFIG=classpath:log4j2-local.xml
- - BPL_DEBUG_ENABLED=true
- - BPL_DEBUG_PORT=5000
- - OZGCLOUD_VORGANG_BESCHEID_0_FORM_ENGINE_NAME=FormSolutions
- - OZGCLOUD_VORGANG_BESCHEID_0_FORM_ID=KFAS_STAGE_KI_10_Haltverbot_LANDESHACKATHON
+ admin-client:
+ image: docker.ozg-sh.de/admin-client:${ADMIN_CLIENT_DOCKER_IMAGE:-snapshot-latest}
ports:
- - 8080:8080
- - 5000:5000
+ - 4300:8080
+ volumes:
+ - ./10-admin-client-proxy.conf:/etc/nginx/conf.d/10-admin-client-proxy.conf:ro
depends_on:
- - vorgang-manager
- - user-manager
+ - administration
- elastic:
- image: docker.elastic.co/elasticsearch/elasticsearch:8.3.2
- ports:
- - 9200:9200
- - 9300:9300
- environment:
- - discovery.type=single-node
- - ELASTIC_PASSWORD=password
- - ES_JAVA_OPTS=-Xms1g -Xmx1g
- - MEM_LIMIT=1073741824
- - xpack.security.enabled=false
- - xpack.security.http.ssl.enabled=false
- ulimits:
- memlock:
- soft: -1
- hard: -1
- nofile:
- soft: 65536
- hard: 65536
- healthcheck:
- test:
- [
- 'CMD-SHELL',
- "curl -s 'http://localhost:9200/_cat/health?h=status' | egrep -q '(green|yellow)'",
- ]
- interval: 10s
- timeout: 10s
- retries: 5
-
- user-manager:
- image: docker.ozg-sh.de/user-manager:${USER_MANAGER_DOCKER_IMAGE:-snapshot-latest}
- platform: linux/amd64
- environment:
- - KEYCLOAK_URL=https://sso.dev.by.ozg-cloud.de
- - OZGCLOUD_KEYCLOAK_API_CLIENT=alfa
- - OZGCLOUD_KEYCLOAK_API_PASSWORD=
- - OZGCLOUD_KEYCLOAK_API_REALM=${KEYCLOAK_REALM:-by-e2e-tests-local-dev}
- - OZGCLOUD_KEYCLOAK_API_USER=usermanagerapiuser
- - OZGCLOUD_USER_MANAGER_URL=http://localhost:9092
- - OZGCLOUD_USERSYNC_PERIOD=disabled
- - OZGCLOUD_USERSYNC_ONSTART=false
- - QUARKUS_GRPC_SERVER_SSL_CERTIFICATE=
- - QUARKUS_GRPC_SERVER_SSL_KEY=
- - QUARKUS_HTTP_CORS_ORIGINS=http://localhost:4300,http://127.0.0.1:4300,https://e2e.dev.by.ozg-cloud.de,http://localhost:8080
- - QUARKUS_LOG_CONSOLE_JSON=false
- - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://mongodb:27017
- - QUARKUS_MONGODB_DATABASE=usermanager
- - QUARKUS_OIDC_AUTH_SERVER_URL=https://sso.dev.by.ozg-cloud.de/realms/${KEYCLOAK_REALM:-by-e2e-tests-local-dev}
- - QUARKUS_OIDC_CLIENT_ID=alfa
- - quarkus.log.category."io.quarkus.oidc.runtime.OidcProvider".level=TRACE
- - quarkus.log.category."io.quarkus.oidc.runtime.OidcProvider".min-level=TRACE
- - quarkus.log.category."io.grpc.netty.shaded.io.grpc".level=TRACE
- ports:
- - 9092:8080
- - 9000:9000
- depends_on:
- - mongodb
-
- smocker:
- image: thiht/smocker
- ports:
- - 7080:8080
- - 7081:8081