Merge branch 'refs/heads/dev' into 116-setup-entwicklung-fuer-wls-ser…

…vice-ergebnismeldung # Conflicts: # docs/.vitepress/config.mts # stack/oracle-database/add-user-on-startup.sql
it-at-m · Jun 13, 2024 · bc38f87 · bc38f87
2 parents 31c8d76 + 059d5d0
commit bc38f87
Show file tree

Hide file tree

Showing 268 changed files with 13,008 additions and 41 deletions.
diff --git a/.github/workflows/callable-create-github-release-from-tag.yml b/.github/workflows/callable-create-github-release-from-tag.yml
@@ -10,6 +10,10 @@ on:
         required: true
         type: string
         description: 'name of service to use'
+      files:
+        required: true
+        type: string
+        description: 'Newline-delimited globs of paths to assets to upload for release'
 
 env:
   REGISTRY: ghcr.io
@@ -41,8 +45,7 @@ jobs:
         id: create_release
         uses: softprops/action-gh-release@v2
         with:
-          files: |
-            ${{ inputs.service }}/target/*.jar
+          files: ${{ inputs.files }}
           tag_name: ${{ inputs.tag }}
           draft: false
           prerelease: false

diff --git a/.github/workflows/dispatch-eai-microservice-mvn-release.yml b/.github/workflows/dispatch-eai-microservice-mvn-release.yml
@@ -0,0 +1,83 @@
+name: dispatch eai microserivce maven release
+
+on:
+  workflow_dispatch:
+    inputs:
+      release-version:
+        required: true
+        description: release version to build
+      development-version:
+        required: true
+        description: next development version to set
+      service:
+        required: true
+        description: service/directory to build (wls-broadcast-service, ...)
+
+jobs:
+  run-mvn-release-prepare:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Check out Git repository
+        uses: actions/checkout@v4
+      - name: Setup git user
+        uses: fregante/setup-git-user@v2
+      - name: Install Java and Maven
+        uses: actions/setup-java@v4
+        with:
+          java-version: 17
+          distribution: "temurin"
+          cache: 'maven'
+          cache-dependency-path: '${{ github.event.inputs.service }}/pom.xml'
+      - name: Perform maven release
+        run: >
+          mvn -B -ntp release:prepare -f ${{ github.event.inputs.service }}/pom.xml
+          -DreleaseVersion=${{ github.event.inputs.release-version }} 
+          -DdevelopmentVersion=${{ github.event.inputs.development-version }} 
+          -Dtag=${{ github.event.inputs.service }}/${{ github.event.inputs.release-version }}
+          -Darguments="-DskipTests"
+
+  build-github-release:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    needs:
+      - run-mvn-release-prepare
+    steps:
+      - name: Check out Git repository
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.service }}/${{ github.event.inputs.release-version }}
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          cache: 'maven'
+          cache-dependency-path: '${{ github.event.inputs.service }}/pom.xml'
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name: build jar without tests
+        run: mvn -B -ntp -DskipTests verify -f ${{ github.event.inputs.service }}/pom.xml
+
+      - name: Create GitHub Release
+        id: create_release
+        uses: softprops/action-gh-release@v2
+        with:
+          files: "${{ github.event.inputs.service }}/target/*.jar\n${{ github.event.inputs.service }}/target/openapi.json"
+          tag_name: ${{ github.event.inputs.service }}/${{ github.event.inputs.release-version }}
+          draft: false
+          prerelease: false
+          generate_release_notes: false
+
+  build-github-container-image:
+    permissions:
+      packages: write
+    needs:
+      - run-mvn-release-prepare
+    uses:
+      ./.github/workflows/callable-create-github-container-image.yml
+    with:
+      tag: ${{ github.event.inputs.service }}/${{ github.event.inputs.release-version }}
+      service: ${{ github.event.inputs.service }}
diff --git a/.github/workflows/dispatch-microservice-mvn-release.yml b/.github/workflows/dispatch-microservice-mvn-release.yml
@@ -48,6 +48,7 @@ jobs:
     with:
       tag: ${{ github.event.inputs.service }}/${{ github.event.inputs.release-version }}
       service: ${{ github.event.inputs.service }}
+      files: ${{ inputs.service }}/target/*.jar
 
   build-github-container-image:
     permissions:

diff --git a/.github/workflows/wls-basisdaten-service_pull-request.yml b/.github/workflows/wls-basisdaten-service_pull-request.yml
@@ -0,0 +1,14 @@
+name: verify pull request basisdaten-service
+
+on:
+  pull_request:
+    paths:
+      - 'wls-basisdaten-service/**'
+      - '.github/workflows/wls-basisdaten-service_pull-request.yml'
+
+jobs:
+  verify-pull-request:
+    uses:
+      ./.github/workflows/callable-run-mvn-verify.yml
+    with:
+      pom-dir: 'wls-basisdaten-service'
diff --git a/.github/workflows/wls-basisdaten-service_push-dev.yml b/.github/workflows/wls-basisdaten-service_push-dev.yml
@@ -0,0 +1,18 @@
+name: build push dev basisdaten-service
+
+on:
+  push:
+    branches:
+      - dev
+    paths:
+      - 'wls-basisdaten-service/**'
+      - '.github/workflows/wls-basisdaten-service_push-dev.yml'
+
+jobs:
+  build-github-container-image:
+    permissions:
+      packages: write
+    uses:
+      ./.github/workflows/callable-create-github-container-image.yml
+    with:
+      service: 'wls-basisdaten-service'
diff --git a/.github/workflows/wls-monitoring-service_pull-request.yml b/.github/workflows/wls-monitoring-service_pull-request.yml
@@ -0,0 +1,14 @@
+name: verify pull request monitoring-service
+
+on:
+  pull_request:
+    paths:
+      - 'wls-monitoring-service/**'
+      - '.github/workflows/wls-monitoring-service_pull-request.yml'
+
+jobs:
+  verify-pull-request:
+    uses:
+      ./.github/workflows/callable-run-mvn-verify.yml
+    with:
+      pom-dir: 'wls-monitoring-service'
diff --git a/.github/workflows/wls-monitoring-service_push-dev.yml b/.github/workflows/wls-monitoring-service_push-dev.yml
@@ -0,0 +1,18 @@
+name: build push dev monitoring-service
+
+on:
+  push:
+    branches:
+      - dev
+    paths:
+      - 'wls-monitoring-service/**'
+      - '.github/workflows/wls-monitoring-service_push-dev.yml'
+
+jobs:
+  build-github-container-image:
+    permissions:
+      packages: write
+    uses:
+      ./.github/workflows/callable-create-github-container-image.yml
+    with:
+      service: 'wls-monitoring-service'
diff --git a/.github/workflows/wls-wahlvorstand-service_pull-request.yml b/.github/workflows/wls-wahlvorstand-service_pull-request.yml
@@ -0,0 +1,14 @@
+name: verify pull request wahlvorstand-service
+
+on:
+  pull_request:
+    paths:
+      - 'wls-wahlvorstand-service/**'
+      - '.github/workflows/wls-wahlvorstand-service_pull-request.yml'
+
+jobs:
+  verify-pull-request:
+    uses:
+      ./.github/workflows/callable-run-mvn-verify.yml
+    with:
+      pom-dir: 'wls-wahlvorstand-service'
diff --git a/.github/workflows/wls-wahlvorstand-service_push-dev.yml b/.github/workflows/wls-wahlvorstand-service_push-dev.yml
@@ -0,0 +1,18 @@
+name: build push dev wahlvorstand-service
+
+on:
+  push:
+    branches:
+      - dev
+    paths:
+      - 'wls-wahlvorstand-service/**'
+      - '.github/workflows/wls-wahlvorstand-service_push-dev.yml'
+
+jobs:
+  build-github-container-image:
+    permissions:
+      packages: write
+    uses:
+      ./.github/workflows/callable-create-github-container-image.yml
+    with:
+      service: 'wls-wahlvorstand-service'
diff --git a/docs/.vitepress/config.mts b/docs/.vitepress/config.mts
@@ -48,6 +48,9 @@ export default withMermaid({
                 {text: 'Briefwahl-Service', link: `${PATH_FEATURES}briefwahl-service/`},
                 {text: 'Infomanagement-Service', link: `${PATH_FEATURES}infomanagement-service/`},
                 {text: 'EAI-Service', link: `${PATH_FEATURES}eai-service/`},
+                {text: 'Basisdaten-Service', link: `${PATH_FEATURES}basisdaten-service/`},
+                {text: 'Monitoring-Service', link: `${PATH_FEATURES}monitoring-service/`},
+                {text: 'Wahlvorstand-Service', link: `${PATH_FEATURES}wahlvorstand-service/`},
                 {text: 'Ergebnismeldung-Service', link: `${PATH_FEATURES}ergebnismeldung-service/`},
             ]
         },

diff --git a/docs/src/features/basisdaten-service/index.md b/docs/src/features/basisdaten-service/index.md
@@ -0,0 +1,17 @@
+# Basisdaten-Service
+
+Service zur Bereitstellung folgender Basisdaten:
+
+- Wahltage
+- Wahlen
+- Wahlbezirke
+- Wahlvorschläge
+- Kopfdaten
+
+Wahlen, Wahlbezirke und Kopfdaten können in der Service-Datenbank gespeichert werden.
+
+## Abhängigkeiten
+
+Folgende Services werden zum Betrieb benötigt:
+- EAI-Service
+- Infomanagement-Service
diff --git a/docs/src/features/monitoring-service/index.md b/docs/src/features/monitoring-service/index.md
@@ -0,0 +1,15 @@
+# Monitoring-Service
+
+Empfangen von Informationen über Ereignisse der Wahlbezirke.
+
+## Abhängigkeiten
+
+Folgende Services sind für den Betrieb erforderlich:
+- EAI-Service
+
+## Daten und Funktionen
+
+- Wahlbeteiligung
+- letzter Logout
+- letzte Meldung im Netzwerk
+- Druck- und Sendezeiten von Schnellmeldungen und Niederschriften
diff --git a/docs/src/features/wahlvorstand-service/index.md b/docs/src/features/wahlvorstand-service/index.md
@@ -0,0 +1,15 @@
+# Wahlvorstand-Service
+
+Service für Themen im Zusammenhang mit Wahlvorständen und Anwesenheiten.
+
+## Abhängigkeiten
+
+Folgende Services werden für den Betrieb benötigt:
+- Basisdaten-Service
+- EAI-Service
+- Infomanagement-Service
+
+## Daten und Funktionen
+
+- Abrufen der Wahlvorstände der Wahlbezirke
+- Pflege der Anwesenheiten der Wahlvorstände
diff --git a/stack/.env b/stack/.env
@@ -19,4 +19,8 @@ WLS_BROADCAST_SERVICE_KEYCLOAK_URL=http://kubernetes.docker.internal:8100/auth/r
 
 WLS_INFOMANAGEMENT_SERVICE_PROFILE=local,db-oracle
 WLS_INFOMANAGEMENT_SERVICE_DB_URL=jdbc:oracle:thin:@//wls-db-oracle:1521/XEPDB1
-WLS_INFOMANAGEMENT_SERVICE_KEYCLOAK_URL=http://kubernetes.docker.internal:8100/auth/realms/${SSO_REALM}/protocol/openid-connect
+WLS_INFOMANAGEMENT_SERVICE_KEYCLOAK_URL=http://kubernetes.docker.internal:8100/auth/realms/${SSO_REALM}/protocol/openid-connect
+
+WLS_BRIEFWAHL_SERVICE_PROFILE=local,db-oracle
+WLS_BRIEFWAHL_SERVICE_DB_URL=jdbc:oracle:thin:@//wls-db-oracle:1521/XEPDB1
+WLS_BRIEFWAHL_SERVICE_KEYCLOAK_URL=http://kubernetes.docker.internal:8100/auth/realms/${SSO_REALM}/protocol/openid-connect
diff --git a/stack/docker-compose.yml b/stack/docker-compose.yml
@@ -38,6 +38,24 @@ services:
       - services
       - keycloak
 
+  wls-briefwahl-service:
+    container_name: wls-briefwahl-service
+    image: ghcr.io/it-at-m/wahllokalsystem-wls-briefwahl-service:latest
+    depends_on:
+      - wls-db-oracle
+    env_file:
+      - .env
+    environment:
+      - SPRING_PROFILES_ACTIVE=${WLS_BRIEFWAHL_SERVICE_PROFILE}
+      - SPRING_DATASOURCE_URL=${WLS_BRIEFWAHL_SERVICE_DB_URL}
+      - SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK-SET-URI=${WLS_BRIEFWAHL_SERVICE_KEYCLOAK_URL}/certs
+      - SECURITY_OAUTH2_RESOURCE_USER-INFO-URI=${WLS_BRIEFWAHL_SERVICE_KEYCLOAK_URL}/userinfo
+    ports:
+      - 8202:39146
+    networks:
+      - services
+      - keycloak
+
   ## Keycloak
   wls-keycloak:
     container_name: wls-keycloak

diff --git a/stack/keycloak/migration/add-authorities-wahlvorbereitung-fortsetzungsuhrzeit.yml b/stack/keycloak/migration/add-authorities-wahlvorbereitung-fortsetzungsuhrzeit.yml
@@ -0,0 +1,39 @@
+id: add authorities wahlvorbereitung fortsetzungsuhrzeit
+author: dragonfly28
+realm: ${SSO_REALM}
+changes:
+  - addRole:
+      name: Wahlvorbereitung_BUSINESSACTION_FortsetzungsUhrzeit
+      clientRole: true
+      clientId: ${SSO_CLIENT_ID}
+  - assignRoleToGroup:
+      group: allWahlvorbereitungAuthorities
+      role: Wahlvorbereitung_BUSINESSACTION_FortsetzungsUhrzeit
+      clientId: ${SSO_CLIENT_ID}
+
+  - addRole:
+      name: Wahlvorbereitung_READ_FortsetzungsUhrzeit
+      clientRole: true
+      clientId: ${SSO_CLIENT_ID}
+  - assignRoleToGroup:
+      group: allWahlvorbereitungAuthorities
+      role: Wahlvorbereitung_READ_FortsetzungsUhrzeit
+      clientId: ${SSO_CLIENT_ID}
+
+  - addRole:
+      name: Wahlvorbereitung_WRITE_FortsetzungsUhrzeit
+      clientRole: true
+      clientId: ${SSO_CLIENT_ID}
+  - assignRoleToGroup:
+      group: allWahlvorbereitungAuthorities
+      role: Wahlvorbereitung_WRITE_FortsetzungsUhrzeit
+      clientId: ${SSO_CLIENT_ID}
+
+  - addRole:
+      name: Wahlvorbereitung_DELETE_FortsetzungsUhrzeit
+      clientRole: true
+      clientId: ${SSO_CLIENT_ID}
+  - assignRoleToGroup:
+      group: allWahlvorbereitungAuthorities
+      role: Wahlvorbereitung_DELETE_FortsetzungsUhrzeit
+      clientId: ${SSO_CLIENT_ID}