Spring Boot Admin Integration

.github/workflows/build.yml

@@ -85,6 +85,8 @@ jobs:
       run: npm i -g typescript
     - name: Maven Build
       run: mvn -T 1C clean install -D maven.test.skip=true -D skipTests -D maven.javadoc.skip=true -D license.skip=true -U
+    - if: runner.os == 'Windows'
+      run: Set-DisplayResolution -Width 1920 -Height 1080 -Force
     - name: Integration tests
       run: mvn -f tests/pom.xml verify -P integration-tests
     - name: Upload selenide screenshots

.github/workflows/pull-request.yml

@@ -80,6 +80,8 @@ jobs:
       run: npm i -g typescript
     - name: Maven Build
       run: mvn -T 1C clean install -D maven.test.skip=true -D skipTests -D maven.javadoc.skip=true -D license.skip=true -U
+    - if: runner.os == 'Windows'
+      run: Set-DisplayResolution -Width 1920 -Height 1080 -Force
     - name: Integration tests
       run: mvn -f tests/pom.xml verify -P integration-tests
     - name: Upload selenide screenshots

.gitignore

@@ -8,7 +8,9 @@ bin/
 .history
 .vscode
 node_modules
-build/
+**/build
+build/application/dirigible
+!/build
 
 # files
 .DS_Store

build/application/pom.xml

@@ -256,14 +256,23 @@
 		    <version>${snowflake.version}</version>
 		</dependency>
 		-->
-
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-devtools</artifactId>
 			<version>${spring.boot.version}</version>
 			<scope>runtime</scope>
 			<optional>true</optional>
 		</dependency>
+		<dependency>
+		    <groupId>de.codecentric</groupId>
+		    <artifactId>spring-boot-admin-starter-server</artifactId>
+		    <version>${spring.boot.version}</version>
+		</dependency>
+		<dependency>
+		    <groupId>de.codecentric</groupId>
+		    <artifactId>spring-boot-admin-starter-client</artifactId>
+		    <version>${spring.boot.version}</version>
+		</dependency>
 	</dependencies>
 
 

build/application/src/main/java/org/eclipse/dirigible/DirigibleApplication.java

@@ -23,7 +23,9 @@
 import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
 import org.springframework.scheduling.annotation.EnableScheduling;
 import org.springframework.web.client.RestTemplate;
+import de.codecentric.boot.admin.server.config.EnableAdminServer;
 
+@EnableAdminServer
 @EnableJpaAuditing
 @EnableJpaRepositories
 @SpringBootApplication

build/application/src/main/java/org/eclipse/dirigible/DirigibleConfiguration.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2023 SAP SE or an SAP affiliate company and Eclipse Dirigible contributors
+ *
+ * All rights reserved. This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v2.0 which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v20.html
+ *
+ * SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and Eclipse Dirigible
+ * contributors SPDX-License-Identifier: EPL-2.0
+ */
+package org.eclipse.dirigible;
+
+import org.springframework.boot.task.TaskExecutorBuilder;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
+
+@Configuration
+class DirigibleConfiguration {
+
+    @Bean
+    ThreadPoolTaskExecutor applicationTaskExecutor(TaskExecutorBuilder builder) {
+        builder.corePoolSize(8);
+        builder.maxPoolSize(10);
+        builder.queueCapacity(100);
+
+        ThreadPoolTaskExecutor executor = builder.build();
+        executor.initialize();
+
+        return executor;
+    }
+
+}

build/application/src/main/resources/application.properties

@@ -1,5 +1,9 @@
+spring.application.name=Eclipse Dirigible
+
 spring.main.allow-bean-definition-overriding=true
+
 server.error.include-message=always
+server.port=8080
 
 spring.servlet.multipart.enabled=true
 spring.servlet.multipart.file-size-threshold=2KB
@@ -16,6 +20,7 @@ keycloak.enabled=${DIRIGIBLE_KEYCLOAK_ENABLED:false}
 keycloak.realm=${DIRIGIBLE_KEYCLOAK_REALM:null}
 keycloak.auth-server-url=${DIRIGIBLE_KEYCLOAK_AUTH_SERVER_URL:null}
 keycloak.ssl-required=${DIRIGIBLE_KEYCLOAK_SSL_REQUIRED:external}
+
 keycloak.resource=${DIRIGIBLE_KEYCLOAK_CLIENT_ID:null}
 keycloak.public-client=true
 keycloak.principal-attribute=preferred_username
@@ -32,4 +37,17 @@ management.metrics.mongo.command.enabled=false
 management.metrics.mongo.connectionpool.enabled=false
 
 spring.devtools.restart.poll-interval=6s
-spring.devtools.restart.quiet-period=5s
+spring.devtools.restart.quiet-period=5s
+
+spring.boot.admin.context-path=spring-admin
+spring.boot.admin.ui.title=${spring.application.name} Admin
+spring.boot.admin.ui.brand=<img src="/services/web/resources/images/dirigible.svg"><span>Eclipse Dirigible Admin</span>
+
+spring.boot.admin.client.url=http://localhost:${server.port}/spring-admin
+spring.boot.admin.client.username=${DIRIGIBLE_SPRING_ADMIN_USERNAME:admin}
+spring.boot.admin.client.password=${DIRIGIBLE_SPRING_ADMIN_PASSWORD:admin}
+spring.boot.admin.client.instance.metadata.user.name=${spring.boot.admin.client.username}
+spring.boot.admin.client.instance.metadata.user.password=${spring.boot.admin.client.password}
+
+management.endpoints.web.exposure.include=mappings,caches,configprops,camelroutes,metrics,threaddump,heapdump,loggers,health,quartz,scheduledtasks,env,beans,conditions,info
+management.endpoints.health.show-details=always

build/application/src/main/resources/dirigible.properties

@@ -19,4 +19,6 @@ DIRIGIBLE_DATABASE_PROVIDER=local
 DIRIGIBLE_JAVASCRIPT_HANDLER_CLASS_NAME=org.eclipse.dirigible.graalium.handler.GraaliumJavascriptHandler
 DIRIGIBLE_GRAALIUM_ENABLE_DEBUG=true
 DIRIGIBLE_HOME_URL=services/web/ide/
-DIRIGIBLE_DATABASE_NAMES_CASE_SENSITIVE=true
+DIRIGIBLE_DATABASE_NAMES_CASE_SENSITIVE=true
+DIRIGIBLE_SPRING_ADMIN_USERNAME=admin
+DIRIGIBLE_SPRING_ADMIN_PASSWORD=admin

components/core/core-base/src/main/java/org/eclipse/dirigible/components/base/http/access/DirigibleRole.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2023 SAP SE or an SAP affiliate company and Eclipse Dirigible contributors
+ *
+ * All rights reserved. This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v2.0 which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v20.html
+ *
+ * SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and Eclipse Dirigible
+ * contributors SPDX-License-Identifier: EPL-2.0
+ */
+package org.eclipse.dirigible.components.base.http.access;
+
+public enum DirigibleRole {
+
+    DEVELOPER(RoleNames.DEVELOPER), OPERATOR(RoleNames.OPERATOR);
+
+    private final String roleName;
+
+    DirigibleRole(String roleName) {
+        this.roleName = roleName;
+    }
+
+    public String getName() {
+        return roleName;
+    }
+
+    @SuppressWarnings("hiding")
+    public static class RoleNames {
+        public static final String OPERATOR = "OPERATOR";
+        public static final String DEVELOPER = "DEVELOPER";
+
+    }
+}

components/core/core-base/src/main/java/org/eclipse/dirigible/components/base/http/access/HttpSecurityURIConfigurator.java

@@ -65,9 +65,13 @@ public static void configure(HttpSecurity http) throws Exception {
             .antMatchers("/services/integrations/**")
             .permitAll()
 
-            .antMatchers("/actuator/**")
+            // Actuator
+            .antMatchers("/actuator/health/**")
             .permitAll()
 
+            .antMatchers("/actuator/**")
+            .hasRole(DirigibleRole.OPERATOR.getName())
+
             // Authenticated
             .antMatchers("/services/**")
             .authenticated()
@@ -85,15 +89,12 @@ public static void configure(HttpSecurity http) throws Exception {
             .authenticated()
 
             // "Developer" role required
-            .antMatchers("/services/ide/**")
-            .hasRole("Developer")
-            .antMatchers("/websockets/ide/**")
+            .antMatchers("/services/ide/**", "/websockets/ide/**")
             .hasRole("Developer")
 
-            // "Operator" role required
-            // .antMatchers("/services/ops/**").hasRole("Operator")
-            // .antMatchers("/services/transport/**").hasRole("Operator")
-            // .antMatchers("/websockets/ops/**").hasRole("Operator")
+            // Spring Boot Admin
+            .antMatchers("/spring-admin/**")
+            .hasRole(DirigibleRole.OPERATOR.getName())
 
             // Deny all other requests
             .anyRequest()

components/resources/resources-core/src/main/resources/META-INF/dirigible/resources-core/services/menus/help.js

@@ -43,6 +43,13 @@ const defaultMenuItems = [
 		action: "open",
 		order: 5,
 		data: "http://download.dirigible.io/",
+		divider: false
+	},
+	{
+		label: "Admin Panel",
+		action: "open",
+		order: 6,
+		data: "/spring-admin",
 		divider: true
 	}
 ];
@@ -57,7 +64,7 @@ exports.getMenu = function () {
 			{
 				label: "About",
 				action: "openDialogWindow",
-				order: 6,
+				order: 7,
 				dialogId: "about",
 				divider: false
 			}]

components/security/security-basic/src/main/java/org/eclipse/dirigible/components/security/basic/BasicAuthSecurityConfiguration.java

@@ -12,8 +12,8 @@
 
 import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
-
 import org.apache.commons.codec.binary.Base64;
+import org.eclipse.dirigible.components.base.http.access.DirigibleRole;
 import org.eclipse.dirigible.components.base.http.access.HttpSecurityURIConfigurator;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
@@ -69,7 +69,7 @@ public InMemoryUserDetailsManager userDetailsService() {
         String password = org.eclipse.dirigible.commons.config.Configuration.get("DIRIGIBLE_BASIC_PASSWORD", "YWRtaW4="); // admin
         UserDetails user = User.withUsername(new String(new Base64().decode(username.getBytes()), StandardCharsets.UTF_8).trim())
                                .password("{noop}" + new String(new Base64().decode(password.getBytes()), StandardCharsets.UTF_8).trim())
-                               .roles("DEVELOPER", "OPERATOR")
+                               .roles(DirigibleRole.DEVELOPER.getName(), DirigibleRole.OPERATOR.getName())
                                .build();
         return new InMemoryUserDetailsManager(user);
     }