Merge branch 'development' into 'master'

Update the license See merge request !9

Merge branch 'development' into 'master'
Update the license See merge request !9
95b7d2fa · Nicolas CASTEJON · 8f2314eb · 55e727a7 · 95b7d2fa · 95b7d2fa
Commit 95b7d2fa authored Feb 24, 2020 by Nicolas CASTEJON
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
 stages:
+  - sonar-analysis
  - build
-  - deploy

 variables:
-  LEGACY_AUTH_SERVICE_URL: https://download.data.grandlyon.com/auth
-  ADMIN_USERNAME: data-beta-grandlyon-com
-  USER_SUPPORT_MAILBOX: alpha-test@erasme.org
-  ACCESS_TOKEN_COOKIE_KEY: access_token
+  SONAR_URL: https://sonarqube.forge.grandlyon.com 
+
+sonarqube:
+  stage: sonar-analysis
+  only:
+    - master
+  before_script:
+    - export PATH=$PATH:/usr/local/bin/sonar-scanner-3.2.0.1227-linux/bin/
+    - export NODE_PATH=$NODE_PATH:`npm root -g`
+  script:
+    - >
+      sonar-scanner
+      -Dsonar.projectName=${SONAR_PROJECT_KEY}
+      -Dsonar.projectVersion=1.0
+      -Dsonar.sourceEncoding=UTF-8
+      -Dsonar.projectBaseDir=.
+      -Dsonar.host.url=${SONAR_URL}
+      -Dsonar.projectKey=${SONAR_PROJECT_KEY}
+      -Dsonar.login=${SONAR_TOKEN}

 build_development:
  stage: build
  only:
    - development
  script:
-    - export TAG=dev
+    - export TAG=$CI_COMMIT_SHORT_SHA
    - export MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=3004
    - export REDIS_SENTINEL_PORT=26379
+    - export REDIS_SENTINEL_EXPOSED_PORT=26379
    - export REDIS_SLAVE_PORT=6380
    - export REDIS_MASTER_PORT=6379
    - docker-compose build 
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - docker-compose push
+    - "curl -X POST -F token=$CI_JOB_TOKEN -F ref=master -F variables[TAG]=${TAG} https://forge.grandlyon.com/api/v4/projects/337/trigger/pipeline"

 build_release:
  stage: build
  only:
    - tags
-  # except:
-  #   - /^(?!master).+@/
  script:
    - export TAG=$(echo $CI_COMMIT_TAG | sed 's/v//g')
    - export MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=3004
    - export REDIS_SENTINEL_PORT=26379
+    - export REDIS_SENTINEL_EXPOSED_PORT=26379
    - export REDIS_SLAVE_PORT=6380
    - export REDIS_MASTER_PORT=6379
    - docker-compose build
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-    - docker-compose push
-
-deploy_development:
-  stage: deploy
-  only:
-    - development
-  script:
-    - export TAG=dev
-    - export MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=3004
-    - export REDIS_SENTINEL_PORT=26379
-    - export REDIS_SLAVE_PORT=6380
-    - export REDIS_MASTER_PORT=6379
-    - export SERVICE_EMAIL_URL=http://vm-refonte-data-2:9000/email
-    - export FRONT_END_URL=https://data-reloaded-dev.alpha.grandlyon.com/fr
-    - export API_KEY=$DEV_API_KEY
-    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-    - docker-compose pull
-    - docker-compose --project-name middleware-legacy-auth-${TAG} up -d --force-recreate
-  environment:
-    name: development
-
-deploy_staging:
-  stage: deploy
-  only:
-    - development
-  when: manual
-  script:
-    - export TAG=staging
-    - export MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=3104
-    - export REDIS_SENTINEL_PORT=26479
-    - export REDIS_SLAVE_PORT=6480
-    - export REDIS_MASTER_PORT=6479
-    - export SERVICE_EMAIL_URL=http://vm-refonte-data-2:9100/email
-    - export FRONT_END_URL=https://data-reloaded-rec.alpha.grandlyon.com/fr
-    - export API_KEY=$REC_API_KEY
-    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-    - TAG=dev docker-compose pull
-    - export REGISTRY_PATH=web-et-numerique/web-et-numerique-internet/data.grandlyon.com/web-portal/components/middlewares/legacy-auth
-    - docker tag $CI_REGISTRY/$REGISTRY_PATH:dev $CI_REGISTRY/$REGISTRY_PATH:${TAG}
-    - docker push $CI_REGISTRY/$REGISTRY_PATH:${TAG}
-    - docker-compose --project-name middleware-legacy-auth-${TAG} up -d --force-recreate
-  environment:
-    name: staging
-
+    - docker-compose push
\ No newline at end of file
--- a/LICENSE
+++ b/LICENSE
--- a/README.md
+++ b/README.md
+# Legacy AUTH middleware
+
 ## Installation

+This middleware has been developed with the [NestJS](https://nestjs.com/) framework. It requires [Node.js](https://nodejs.org/en/) in order to run.
+
+Once Node.js installed on your computer, you will need to install the project's dependencies. Go to the root of the project and run the following command.
+
 ```bash
-$ npm install
+npm install
 ```

 ## Environment variables
@@ -13,7 +19,7 @@ For a local deployment:
 1. `cp template.env .env`
 2. Edit .env according to the chosen configuration

-The values will be read from the file by default, but you can override any of those by exporting manually the variable before launching the service.
+The values will be read from the file by default when running with docker. If you run the service outside of docker you can export those variables.

 ## Running the app without docker

@@ -21,26 +27,26 @@ You will need to provide a healthy connection to a database in order for the ser

 ```bash
 # development
-$ npm run start
+npm run start

 # watch mode
-$ npm run start:dev
+npm run start:dev

 # production mode
-$ npm run start:prod
+npm run start:prod
 ```

 ## Running the app with docker

 ```bash
 # build
-$ docker-compose build
+docker-compose build

 # deploy
-$ docker-compose up [-d]
+docker-compose up [-d]

 # build and deploy
-$ docker-compose up --build [-d]
+docker-compose up --build [-d]
 ```

 <!-- ## Test
@@ -54,6 +60,4 @@ $ npm run test:e2e

 # test coverage
 $ npm run test:cov
-``` -->
-
-
+``` -->
\ No newline at end of file
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -13,50 +13,50 @@ services:
      - SERVICE_EMAIL_URL=${SERVICE_EMAIL_URL}
      - USER_SUPPORT_MAILBOX=${USER_SUPPORT_MAILBOX}
      - FRONT_END_URL=${FRONT_END_URL}
-      - VALIDATE_ACCOUNT_URI=connexion
-      - PASSWORD_RESET_URI=reinitialiser-mon-mot-de-passe
+      - VALIDATE_ACCOUNT_URI=${VALIDATE_ACCOUNT_URI}
+      - PASSWORD_RESET_URI=${PASSWORD_RESET_URI}
      - API_KEY=${API_KEY}
      - ACCESS_TOKEN_COOKIE_KEY=${ACCESS_TOKEN_COOKIE_KEY}
-      - IMAGE_HOST=https://minio.alpha.grandlyon.com/email-template-assets
-      - REDIS_SENTINEL_HOST=redis-sentinel-1
-      - REDIS_SENTINEL_PORT=26379
-      - REDIS_GROUP_NAME=mymaster
+      - IMAGE_HOST=${IMAGE_HOST}
+      - REDIS_SENTINEL_HOST=${REDIS_SENTINEL_HOST}
+      - REDIS_SENTINEL_PORT=${REDIS_SENTINEL_PORT}
+      - REDIS_GROUP_NAME=${REDIS_GROUP_NAME}
    restart: unless-stopped
    depends_on:
-      - redis-sentinel-1
+      - redis-sentinel

  redis-master:
-    image: 'bitnami/redis:latest'
+    image: 'bitnami/redis:5.0.5'
    environment:
-      - ALLOW_EMPTY_PASSWORD=yes
+      - ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}
    ports:
      - '${REDIS_MASTER_PORT}:6379'
    volumes:
      - redis-master:/bitnami/redis/data
+    restart: unless-stopped

-  redis-sentinel-1:
-    image: 'bitnami/redis-sentinel:latest'
+  redis-sentinel:
+    image: 'bitnami/redis-sentinel:5.0.5'
    environment:
-      - REDIS_MASTER_HOST=redis-master
-      - REDIS_MASTER_SET=mymaster
+      - REDIS_MASTER_HOST=${REDIS_MASTER_HOST}
+      - REDIS_MASTER_SET=${REDIS_GROUP_NAME}
    ports:
-      - '${REDIS_SENTINEL_PORT}:26379'
-    volumes:
-      - redis-sentinel-1:/bitnami/redis/data
+      - '${REDIS_SENTINEL_EXPOSED_PORT}:26379'
+    restart: unless-stopped

-  redis-slave-1:
-    image: 'bitnami/redis:latest'
-    command: redis-server --bind 0.0.0.0 --slaveof redis-master 6379 --dir /bitnami/redis/data
+  redis-slave:
+    image: 'bitnami/redis:5.0.5'
    environment:
-      - ALLOW_EMPTY_PASSWORD=yes
+      - ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}
    ports:
      - '${REDIS_SLAVE_PORT}:6379'
+    command: redis-server --bind 0.0.0.0 --slaveof redis-master 6379 --dir /bitnami/redis/data
    volumes:
      - redis-slave-1:/bitnami/redis/data
+    restart: unless-stopped

 volumes:
  redis-master:
-  redis-sentinel-1:
  redis-slave-1:


--- a/package.json
+++ b/package.json
@@ -3,7 +3,7 @@
  "version": "3.2.5",
  "description": "",
  "author": "",
-  "license": "MIT",
+  "license": "GNU Affero General Public License v3.0",
  "scripts": {
    "format": "prettier --write \"src/**/*.ts\"",
    "start": "ts-node -r tsconfig-paths/register src/main.ts",

--- a/template.env
+++ b/template.env
-TAG=<version of the service to deploy>
-MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=<listening port of the service>
-LEGACY_AUTH_SERVICE_URL=<base url of the legacy auth service>
-ADMIN_PASSWORD=<admin password of the legacy auth service>
-ADMIN_USERNAME=<admin username of the legacy auth service>
-SERVICE_EMAIL_URL=<base url of the mail service>
-USER_SUPPORT_MAILBOX=<user support email address>
-FRONT_END_URL=<web app url>
-API_KEY=<api key of the of the service (generated in kong)>
-ACCESS_TOKEN_COOKIE_KEY=<cookie key where the access token will be stored>
-IMAGE_HOST=<host of the images present in the emails body>
-REDIS_SENTINEL_HOST=<redis sentinel host>
-REDIS_SENTINEL_PORT=<redis sentinel port>
-REDIS_MASTER_PORT=<redis master port>
-REDIS_SLAVE_PORT=<redis slave port>
-REDIS_GROUP_NAME=<group name containing a master, and one or more slaves>
\ No newline at end of file
+TAG=<version/tag of the docker image to be deployed>
+MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=<port on which the service will be running>
+LEGACY_AUTH_SERVICE_URL=<root url of the legacy auth service>
+ADMIN_PASSWORD=<legacy auth service admin password>
+ADMIN_USERNAME=<legacy auth service admin username>
+SERVICE_EMAIL_URL=<the email service URL>
+USER_SUPPORT_MAILBOX=<email address of the support team>
+FRONT_END_URL=<the root url of the web app>
+VALIDATE_ACCOUNT_URI=<path in the web app to the validate account page ex: '/connexion'>
+PASSWORD_RESET_URI=<path in the web app that allow a user to reset/reenter its password >
+API_KEY=<the API key that allows this service to be authentified by the API gateway>
+ACCESS_TOKEN_COOKIE_KEY=<key of the cookie where the JWT has been set>
+IMAGE_HOST=<host of the images in the email templates>
+REDIS_SENTINEL_HOST=<host of the redis sentinel from the service point of view ex: 'redis-sentinel-1'>
+REDIS_SENTINEL_PORT=<port of the redis sentinel from the service point of view ex: 26379>
+REDIS_SENTINEL_EXPOSED_PORT=<port on which the redis sentinel is exposed>
+REDIS_GROUP_NAME=<name of the group of the different sentinels>
+ALLOW_EMPTY_PASSWORD=<whether empty password is accepted or not for a redis instance ex: 'yes'>
+REDIS_MASTER_PORT=<port of the redis master>
+REDIS_MASTER_HOST=<host of the redis master>
+REDIS_SLAVE_PORT=<port of the redis slave>
\ No newline at end of file