chore(thalos-dal): checkpoint pending development updates

2026-03-09 11:57:46 -06:00 · 2026-03-09 11:57:46 -06:00 · aac5efb01b
commit aac5efb01b
parent ae8bbb1928
11 changed files with 179 additions and 2 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,9 @@
+**/bin/
+**/obj/
+.vs/
+TestResults/
+.git/
+.repo-tasks/
+.repo-context/
+.tasks/
+.agile/
--- a/20
+++ b/20
@ -0,0 +1,20 @@
+# syntax=docker/dockerfile:1.7
+ARG SDK_IMAGE=mcr.microsoft.com/dotnet/sdk:10.0
+ARG RUNTIME_IMAGE=mcr.microsoft.com/dotnet/aspnet:10.0
+
+FROM ${SDK_IMAGE} AS build
+ARG NUGET_FEED_URL=https://gitea.dream-views.com/api/packages/AgileWebs/nuget/index.json
+ARG NUGET_FEED_USERNAME=
+ARG NUGET_FEED_TOKEN=
+WORKDIR /src
+COPY . .
+RUN if [ -n "$NUGET_FEED_USERNAME" ] && [ -n "$NUGET_FEED_TOKEN" ]; then dotnet nuget add source "$NUGET_FEED_URL" --name gitea-org --username "$NUGET_FEED_USERNAME" --password "$NUGET_FEED_TOKEN" --store-password-in-clear-text --allow-insecure-connections --configfile /root/.nuget/NuGet/NuGet.Config; fi
+RUN dotnet restore "src/Thalos.DAL.Host/Thalos.DAL.Host.csproj" --configfile /root/.nuget/NuGet/NuGet.Config
+RUN dotnet publish "src/Thalos.DAL.Host/Thalos.DAL.Host.csproj" -c Release -o /app/publish /p:UseAppHost=false --no-restore
+
+FROM ${RUNTIME_IMAGE} AS runtime
+WORKDIR /app
+ENV ASPNETCORE_URLS=http://+:8080     ASPNETCORE_ENVIRONMENT=Production
+EXPOSE 8080
+COPY --from=build /app/publish .
+ENTRYPOINT ["dotnet", "Thalos.DAL.Host.dll"]
--- a/Thalos.DAL.slnx
+++ b/Thalos.DAL.slnx
@ -1,5 +1,6 @@
 <Solution>
  <Folder Name="/src/">
+    <Project Path="src/Thalos.DAL.Host/Thalos.DAL.Host.csproj" />
    <Project Path="src/Thalos.DAL/Thalos.DAL.csproj" />
  </Folder>
  <Folder Name="/tests/">
--- a/docs/dal/package-consumption-baseline.md
+++ b/docs/dal/package-consumption-baseline.md
@ -15,7 +15,7 @@ Remove cross-repo source coupling from `Thalos.DAL` and consume shared contracts

 Repository-level `nuget.config` includes:

- `gitea-org`: `http://192.168.10.100:3000/api/packages/AgileWebs/nuget/index.json`
+- `gitea-org`: `https://gitea.dream-views.com/api/packages/AgileWebs/nuget/index.json`
 - `nuget.org`

 Because feed is currently HTTP, `allowInsecureConnections="true"` is required for the Gitea source.
--- a/docs/runbooks/containerization.md
+++ b/docs/runbooks/containerization.md
@ -0,0 +1,23 @@
+# Containerization Runbook
+
+## Image Build
+
+```bash
+docker build   --build-arg NUGET_FEED_USERNAME=<gitea-login>   --build-arg NUGET_FEED_TOKEN=<gitea-token>   -t agilewebs/thalos-dal:dev .
+```
+
+## Local Run
+
+```bash
+docker run --rm -p 8080:8080 --name thalos-dal agilewebs/thalos-dal:dev
+```
+
+## Health Probe
+
+- Path: `/health`
+- Fallback path: `/healthz`
+- Port: `8080`
+
+## Runtime Notes
+
+- Exposes internal DAL lookup endpoints for identity token, policy, and permissions data.
--- a/nuget.config
+++ b/nuget.config
@ -2,7 +2,7 @@
 <configuration>
  <packageSources>
    <clear />
-    <add key="gitea-org" value="http://192.168.10.100:3000/api/packages/AgileWebs/nuget/index.json" allowInsecureConnections="true" />
+    <add key="gitea-org" value="https://gitea.dream-views.com/api/packages/AgileWebs/nuget/index.json" allowInsecureConnections="true" />
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
  </packageSources>
 </configuration>
--- a/src/Thalos.DAL.Host/Program.cs
+++ b/src/Thalos.DAL.Host/Program.cs
@ -0,0 +1,71 @@
+using Microsoft.Extensions.Primitives;
+using Thalos.DAL.Contracts;
+using Thalos.DAL.DependencyInjection;
+using Thalos.DAL.Repositories;
+using IdentityAuthProvider = BuildingBlock.Identity.Contracts.Conventions.IdentityAuthProvider;
+
+const string CorrelationHeaderName = "x-correlation-id";
+const string ContractVersion = "v1";
+
+var builder = WebApplication.CreateBuilder(args);
+builder.Services.AddHealthChecks();
+builder.Services.AddThalosDalRuntime();
+
+var app = builder.Build();
+
+app.MapGet("/internal/thalos-dal/token", async (
+    string subjectId,
+    string tenantId,
+    string? externalToken,
+    IIdentityRepository repository,
+    HttpContext context,
+    CancellationToken ct) =>
+{
+    var envelope = new IdentityContractEnvelope(ContractVersion, ResolveCorrelationId(context));
+    var request = new IdentityTokenLookupRequest(envelope, subjectId, tenantId, IdentityAuthProvider.InternalJwt, externalToken ?? string.Empty);
+    var record = await repository.ReadIdentityTokenAsync(request, ct);
+    return record is null ? Results.NotFound() : Results.Ok(record);
+});
+
+app.MapGet("/internal/thalos-dal/policy", async (
+    string subjectId,
+    string tenantId,
+    string permissionCode,
+    IIdentityRepository repository,
+    HttpContext context,
+    CancellationToken ct) =>
+{
+    var envelope = new IdentityContractEnvelope(ContractVersion, ResolveCorrelationId(context));
+    var request = new IdentityPolicyLookupRequest(envelope, subjectId, tenantId, permissionCode);
+    var record = await repository.ReadIdentityPolicyAsync(request, ct);
+    return record is null ? Results.NotFound() : Results.Ok(record);
+});
+
+app.MapGet("/internal/thalos-dal/permissions", async (
+    string subjectId,
+    string tenantId,
+    IIdentityRepository repository,
+    HttpContext context,
+    CancellationToken ct) =>
+{
+    var envelope = new IdentityContractEnvelope(ContractVersion, ResolveCorrelationId(context));
+    var request = new IdentityPermissionSetLookupRequest(envelope, subjectId, tenantId);
+    var records = await repository.ReadPermissionSetAsync(request, ct);
+    return Results.Ok(records);
+});
+
+app.MapHealthChecks("/health");
+app.MapHealthChecks("/healthz");
+
+app.Run();
+
+static string ResolveCorrelationId(HttpContext context)
+{
+    if (context.Request.Headers.TryGetValue(CorrelationHeaderName, out var headerValue) &&
+        !StringValues.IsNullOrEmpty(headerValue))
+    {
+        return headerValue.ToString();
+    }
+
+    return context.TraceIdentifier;
+}
--- a/src/Thalos.DAL.Host/Properties/launchSettings.json
+++ b/src/Thalos.DAL.Host/Properties/launchSettings.json
@ -0,0 +1,23 @@
+{
+  "$schema": "https://json.schemastore.org/launchsettings.json",
+  "profiles": {
+    "http": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "applicationUrl": "http://localhost:0",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "https": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "applicationUrl": "https://localhost:0;http://localhost:0",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}
--- a/src/Thalos.DAL.Host/Thalos.DAL.Host.csproj
+++ b/src/Thalos.DAL.Host/Thalos.DAL.Host.csproj
@ -0,0 +1,13 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>net10.0</TargetFramework>
+    <Nullable>enable</Nullable>
+    <ImplicitUsings>enable</ImplicitUsings>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\Thalos.DAL\Thalos.DAL.csproj" />
+  </ItemGroup>
+
+</Project>
--- a/src/Thalos.DAL.Host/appsettings.Development.json
+++ b/src/Thalos.DAL.Host/appsettings.Development.json
@ -0,0 +1,8 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  }
+}
--- a/src/Thalos.DAL.Host/appsettings.json
+++ b/src/Thalos.DAL.Host/appsettings.json
@ -0,0 +1,9 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "AllowedHosts": "*"
+}