diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..636f769 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,9 @@ +**/bin/ +**/obj/ +.vs/ +TestResults/ +.git/ +.repo-tasks/ +.repo-context/ +.tasks/ +.agile/ diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..680fb28 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,20 @@ +# syntax=docker/dockerfile:1.7 +ARG SDK_IMAGE=mcr.microsoft.com/dotnet/sdk:10.0 +ARG RUNTIME_IMAGE=mcr.microsoft.com/dotnet/aspnet:10.0 + +FROM ${SDK_IMAGE} AS build +ARG NUGET_FEED_URL=https://gitea.dream-views.com/api/packages/AgileWebs/nuget/index.json +ARG NUGET_FEED_USERNAME= +ARG NUGET_FEED_TOKEN= +WORKDIR /src +COPY . . +RUN if [ -n "$NUGET_FEED_USERNAME" ] && [ -n "$NUGET_FEED_TOKEN" ]; then dotnet nuget add source "$NUGET_FEED_URL" --name gitea-org --username "$NUGET_FEED_USERNAME" --password "$NUGET_FEED_TOKEN" --store-password-in-clear-text --allow-insecure-connections --configfile /root/.nuget/NuGet/NuGet.Config; fi +RUN dotnet restore "src/Thalos.DAL.Host/Thalos.DAL.Host.csproj" --configfile /root/.nuget/NuGet/NuGet.Config +RUN dotnet publish "src/Thalos.DAL.Host/Thalos.DAL.Host.csproj" -c Release -o /app/publish /p:UseAppHost=false --no-restore + +FROM ${RUNTIME_IMAGE} AS runtime +WORKDIR /app +ENV ASPNETCORE_URLS=http://+:8080 ASPNETCORE_ENVIRONMENT=Production +EXPOSE 8080 +COPY --from=build /app/publish . +ENTRYPOINT ["dotnet", "Thalos.DAL.Host.dll"] diff --git a/Thalos.DAL.slnx b/Thalos.DAL.slnx index 05290cb..152e61d 100644 --- a/Thalos.DAL.slnx +++ b/Thalos.DAL.slnx @@ -1,5 +1,6 @@ + diff --git a/docs/dal/package-consumption-baseline.md b/docs/dal/package-consumption-baseline.md index ded3f92..837a0b3 100644 --- a/docs/dal/package-consumption-baseline.md +++ b/docs/dal/package-consumption-baseline.md @@ -15,7 +15,7 @@ Remove cross-repo source coupling from `Thalos.DAL` and consume shared contracts Repository-level `nuget.config` includes: -- `gitea-org`: `http://192.168.10.100:3000/api/packages/AgileWebs/nuget/index.json` +- `gitea-org`: `https://gitea.dream-views.com/api/packages/AgileWebs/nuget/index.json` - `nuget.org` Because feed is currently HTTP, `allowInsecureConnections="true"` is required for the Gitea source. diff --git a/docs/runbooks/containerization.md b/docs/runbooks/containerization.md new file mode 100644 index 0000000..a464abc --- /dev/null +++ b/docs/runbooks/containerization.md @@ -0,0 +1,23 @@ +# Containerization Runbook + +## Image Build + +```bash +docker build --build-arg NUGET_FEED_USERNAME= --build-arg NUGET_FEED_TOKEN= -t agilewebs/thalos-dal:dev . +``` + +## Local Run + +```bash +docker run --rm -p 8080:8080 --name thalos-dal agilewebs/thalos-dal:dev +``` + +## Health Probe + +- Path: `/health` +- Fallback path: `/healthz` +- Port: `8080` + +## Runtime Notes + +- Exposes internal DAL lookup endpoints for identity token, policy, and permissions data. diff --git a/nuget.config b/nuget.config index 4716b33..1d0cf9f 100644 --- a/nuget.config +++ b/nuget.config @@ -2,7 +2,7 @@ - + diff --git a/src/Thalos.DAL.Host/Program.cs b/src/Thalos.DAL.Host/Program.cs new file mode 100644 index 0000000..b70c748 --- /dev/null +++ b/src/Thalos.DAL.Host/Program.cs @@ -0,0 +1,71 @@ +using Microsoft.Extensions.Primitives; +using Thalos.DAL.Contracts; +using Thalos.DAL.DependencyInjection; +using Thalos.DAL.Repositories; +using IdentityAuthProvider = BuildingBlock.Identity.Contracts.Conventions.IdentityAuthProvider; + +const string CorrelationHeaderName = "x-correlation-id"; +const string ContractVersion = "v1"; + +var builder = WebApplication.CreateBuilder(args); +builder.Services.AddHealthChecks(); +builder.Services.AddThalosDalRuntime(); + +var app = builder.Build(); + +app.MapGet("/internal/thalos-dal/token", async ( + string subjectId, + string tenantId, + string? externalToken, + IIdentityRepository repository, + HttpContext context, + CancellationToken ct) => +{ + var envelope = new IdentityContractEnvelope(ContractVersion, ResolveCorrelationId(context)); + var request = new IdentityTokenLookupRequest(envelope, subjectId, tenantId, IdentityAuthProvider.InternalJwt, externalToken ?? string.Empty); + var record = await repository.ReadIdentityTokenAsync(request, ct); + return record is null ? Results.NotFound() : Results.Ok(record); +}); + +app.MapGet("/internal/thalos-dal/policy", async ( + string subjectId, + string tenantId, + string permissionCode, + IIdentityRepository repository, + HttpContext context, + CancellationToken ct) => +{ + var envelope = new IdentityContractEnvelope(ContractVersion, ResolveCorrelationId(context)); + var request = new IdentityPolicyLookupRequest(envelope, subjectId, tenantId, permissionCode); + var record = await repository.ReadIdentityPolicyAsync(request, ct); + return record is null ? Results.NotFound() : Results.Ok(record); +}); + +app.MapGet("/internal/thalos-dal/permissions", async ( + string subjectId, + string tenantId, + IIdentityRepository repository, + HttpContext context, + CancellationToken ct) => +{ + var envelope = new IdentityContractEnvelope(ContractVersion, ResolveCorrelationId(context)); + var request = new IdentityPermissionSetLookupRequest(envelope, subjectId, tenantId); + var records = await repository.ReadPermissionSetAsync(request, ct); + return Results.Ok(records); +}); + +app.MapHealthChecks("/health"); +app.MapHealthChecks("/healthz"); + +app.Run(); + +static string ResolveCorrelationId(HttpContext context) +{ + if (context.Request.Headers.TryGetValue(CorrelationHeaderName, out var headerValue) && + !StringValues.IsNullOrEmpty(headerValue)) + { + return headerValue.ToString(); + } + + return context.TraceIdentifier; +} diff --git a/src/Thalos.DAL.Host/Properties/launchSettings.json b/src/Thalos.DAL.Host/Properties/launchSettings.json new file mode 100644 index 0000000..c55f6a2 --- /dev/null +++ b/src/Thalos.DAL.Host/Properties/launchSettings.json @@ -0,0 +1,23 @@ +{ + "$schema": "https://json.schemastore.org/launchsettings.json", + "profiles": { + "http": { + "commandName": "Project", + "dotnetRunMessages": true, + "launchBrowser": true, + "applicationUrl": "http://localhost:0", + "environmentVariables": { + "ASPNETCORE_ENVIRONMENT": "Development" + } + }, + "https": { + "commandName": "Project", + "dotnetRunMessages": true, + "launchBrowser": true, + "applicationUrl": "https://localhost:0;http://localhost:0", + "environmentVariables": { + "ASPNETCORE_ENVIRONMENT": "Development" + } + } + } +} diff --git a/src/Thalos.DAL.Host/Thalos.DAL.Host.csproj b/src/Thalos.DAL.Host/Thalos.DAL.Host.csproj new file mode 100644 index 0000000..64b5ac5 --- /dev/null +++ b/src/Thalos.DAL.Host/Thalos.DAL.Host.csproj @@ -0,0 +1,13 @@ + + + + net10.0 + enable + enable + + + + + + + diff --git a/src/Thalos.DAL.Host/appsettings.Development.json b/src/Thalos.DAL.Host/appsettings.Development.json new file mode 100644 index 0000000..0c208ae --- /dev/null +++ b/src/Thalos.DAL.Host/appsettings.Development.json @@ -0,0 +1,8 @@ +{ + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft.AspNetCore": "Warning" + } + } +} diff --git a/src/Thalos.DAL.Host/appsettings.json b/src/Thalos.DAL.Host/appsettings.json new file mode 100644 index 0000000..10f68b8 --- /dev/null +++ b/src/Thalos.DAL.Host/appsettings.json @@ -0,0 +1,9 @@ +{ + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft.AspNetCore": "Warning" + } + }, + "AllowedHosts": "*" +}