Local testing fixes

.gitignore

@@ -1,3 +1,4 @@
+tmp
 logs
 target
 /.idea

aws-certs.sh

@@ -2,6 +2,7 @@
 # modified to import into cacerts so they're available without specifying a truststore
 # modified to not require perl
 
+set -euxo pipefail
 
 mydir=tmp/certs
 if [ ! -e "${mydir}" ]
@@ -12,13 +13,15 @@ fi
 storepassword=changeit
 
 curl -sS "https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem" > ${mydir}/global-bundle.pem
-awk 'split_after == 1 {n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1}{print > "rds-ca-" n+1 ".pem"}' < ${mydir}/global-bundle.pem
+#awk 'split_after == 1 {n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1}{print > "rds-ca-" n+1 ".pem"}' < ${mydir}/global-bundle.pem
+cd ${mydir} && awk 'BEGIN {n=0; split_after=0} split_after == 1 {n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1}{print > ("rds-ca-" (n+1) ".pem")}' < global-bundle.pem && cd -
 
-for CERT in rds-ca-*; do
+#for CERT in rds-ca-*; do
+for CERT in ${mydir}/rds-ca-*; do
   alias=$(openssl x509 -noout -subject -in $CERT | awk -F'CN=' '{print $2}')
   echo "Importing $alias"
   keytool -import -file ${CERT} -alias "${alias}" -storepass ${storepassword} -cacerts -noprompt
   rm $CERT
 done
 
-rm ${mydir}/global-bundle.pem
+rm ${mydir}/global-bundle.pem

db-scripts/00-init.sql

@@ -0,0 +1,30 @@
+CREATE TABLE account (
+                                id integer NOT NULL,
+                                key character(32) NOT NULL,
+                                email character varying(100) NOT NULL,
+                                enabled boolean DEFAULT true,
+                                staff boolean DEFAULT false,
+                                created_at timestamp with time zone DEFAULT timezone('utc'::text, now()),
+                                updated_at timestamp with time zone DEFAULT timezone('utc'::text, now())
+);
+
+CREATE SEQUENCE account_id_seq
+    START WITH 1
+    INCREMENT BY 1
+    NO MINVALUE
+    NO MAXVALUE
+    CACHE 1;
+
+ALTER SEQUENCE account_id_seq OWNED BY account.id;
+
+ALTER TABLE ONLY account ALTER COLUMN id SET DEFAULT nextval('account_id_seq'::regclass);
+
+ALTER TABLE ONLY account
+    ADD CONSTRAINT account_pkey PRIMARY KEY (id);
+
+CREATE INDEX account_email_idx ON account USING btree (email);
+
+CREATE UNIQUE INDEX account_key_idx ON account USING btree (key);
+
+
+

db-scripts/01-api-key.sql

@@ -0,0 +1,8 @@
+insert into account (key,
+                     email,
+                     enabled,
+                     staff)
+values ('ool1Phovah1wie7juapheGoo9aNg1quu',
+        'foo@bar.com',
+        true,
+        true);

docker-compose.yml

@@ -0,0 +1,63 @@
+services:
+
+  setup:
+    image: docker.elastic.co/elasticsearch/elasticsearch:7.3.2
+    volumes:
+      - ./es-scripts:/usr/share/elasticsearch/config/scripts
+    command: >
+      /bin/bash -c "
+        chmod +x /usr/share/elasticsearch/config/scripts/*.sh &&
+        /usr/share/elasticsearch/config/scripts/init-indices.sh
+      "
+    depends_on:
+      - elasticsearch
+
+  elasticsearch:
+    image: docker.elastic.co/elasticsearch/elasticsearch:7.3.2
+    volumes:
+      - ./tmp/elasticsearch:/usr/share/elasticsearch/data
+    environment:
+      #- network.host=localhost
+      - discovery.type=single-node
+      - bootstrap.system_call_filter=false
+      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
+
+    ports:
+      - "9200:9200"
+
+  # psql -h localhost -p 5432 -U postgres -f src/main/resources/00-init.sql
+  postgres:
+    image: postgres:16
+    volumes:
+      - ./tmp/db:/var/lib/postgresql/data
+      - ./db-scripts:/docker-entrypoint-initdb.d
+    environment:
+      - POSTGRES_USER=postgres
+      - POSTGRES_PASSWORD=weebaeloo3taZiezaip6Uph4R
+      - POSTGRES_DB=postgres
+    ports:
+      - "5432:5432"
+
+  api:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    ports:
+      - "8080:8080"
+    environment:
+      - ELASTICSEARCH_URL=http://elasticsearch:9200
+      - DATABASE_URL=jdbc:postgresql://postgres:5432/postgres
+      - ITEM_ELASTICSEARCH_URL=http://elasticsearch:9200/dpla_alias
+      - PSS_ELASTICSEARCH_URL=http://search.internal.dp.la:9200/dpla_pss
+      - EBOOK_ELASTICSEARCH_URL=http://elasticsearch:9200/dpla_ebooks
+      - POSTGRES_PASSWORD=weebaeloo3taZiezaip6Uph4R
+      - POSTGRES_SERVER=postgres
+      - POSTGRES_DB=postgres
+      - POSTGRES_USER=postgres
+      - SSL_MODE=disable
+      - SSL=false
+      - SSL_FACTORY=org.postgresql.ssl.DefaultJavaSSLFactory
+    command: ["/usr/bin/java", "-jar", "/opt/api/dpla-api.jar"]
+    depends_on:
+      - elasticsearch
+      - postgres