From 33f10ca6762034803bc5ece59cb187233eb7690d Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 09:43:05 +0200 Subject: [PATCH 01/13] refactor: init clearing for first iteraton --- .env.default | 12 +++++++ build.gradle | 2 ++ compose.dev.yml | 16 --------- dev.Dockerfile | 9 ----- docker/builder.Dockerfile | 4 +-- docker/compose.dev.yml | 72 +++++++++++++++++++++++++++++++++++++++ package.json | 2 +- 7 files changed, 89 insertions(+), 28 deletions(-) create mode 100644 .env.default delete mode 100644 compose.dev.yml delete mode 100644 dev.Dockerfile create mode 100644 docker/compose.dev.yml diff --git a/.env.default b/.env.default new file mode 100644 index 0000000..5147ebb --- /dev/null +++ b/.env.default @@ -0,0 +1,12 @@ +# this file lists all environment variables needed by this app + +PSQL_HOST=localhost #pragma: allowlist secret +PSQL_PORT=5432 #pragma: allowlist secret +PSQL_USER=postgres #pragma: allowlist secret +PSQL_PASSWORD=admin123456 #pragma: allowlist secret +PSQL_DATABASE_NAME=test #pragma: allowlist secret + +REDIS_HOST=localhost #pragma: allowlist secret +REDIS_PORT=6379 #pragma: allowlist secret +REDIS_USER=admin #pragma: allowlist secret +REDIS_PASSWORD=admin123456 #pragma: allowlist secret diff --git a/build.gradle b/build.gradle index 30ad5da..45505a3 100644 --- a/build.gradle +++ b/build.gradle @@ -223,6 +223,8 @@ jacocoTestReport { } } +// we provide another command as we need to run war in CI without running the tests +// check requires nodejs // war { // dependsOn 'check' // dependsOn 'test' diff --git a/compose.dev.yml b/compose.dev.yml deleted file mode 100644 index 4191c2d..0000000 --- a/compose.dev.yml +++ /dev/null @@ -1,16 +0,0 @@ -# TODO: possibly use only compose with 1 container with nodemon and tomcat -services: - tomcat-webapp-boilerplate: - # environment: - # image: tomcat:9-jdk21-temurin-jammy - build: - dockerfile: ./docker/tomcat.Dockerfile - container_name: tomcat-webapp-boilerplate - develop: - watch: - - action: sync+restart - path: "build/libs/" - target: "/usr/local/tomcat/webapps/" - network_mode: host - ports: - - 127.0.0.1:8080:8080 diff --git a/dev.Dockerfile b/dev.Dockerfile deleted file mode 100644 index df455f9..0000000 --- a/dev.Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -## MULTI STAGE - -FROM tomcat:9-jdk21-temurin-jammy@sha256:f7c4623aa616f46473003b325246befcc5fe7120b39b07c977dd44057bbdc306 - -COPY build/libs/* /usr/local/tomcat/webapps - -EXPOSE ${PORT} - -CMD ["catalina.sh", "run"] diff --git a/docker/builder.Dockerfile b/docker/builder.Dockerfile index 78a3473..122d387 100644 --- a/docker/builder.Dockerfile +++ b/docker/builder.Dockerfile @@ -9,7 +9,7 @@ FROM eclipse-temurin:21@sha256:2e387a63a9086232a53fb668f78bcda1f233118f234326fcb # initialize defaults for overriding through --env # example -# ENV INFISICAL_TOKEN='' +# ENV INFISICAL_TOKEN='' # ENV PORT=8080 @@ -21,7 +21,7 @@ RUN addgroup --system tomcat-webapp-boilerplate && \ RUN mkdir -p /home/tomcat-webapp-boilerplate COPY . /home/tomcat-webapp-boilerplate -RUN chown -R its-battistar-be-go:its-battistar-be-go . +RUN chown -R tomcat-webapp-boilerplate:tomcat-webapp-boilerplate /home/tomcat-webapp-boilerplate WORKDIR /home/tomcat-webapp-boilerplate diff --git a/docker/compose.dev.yml b/docker/compose.dev.yml new file mode 100644 index 0000000..ce152de --- /dev/null +++ b/docker/compose.dev.yml @@ -0,0 +1,72 @@ +# TODO: possibly use only compose with 1 container with nodemon and tomcat +# +# this is a dev only compose file that will be used to start the services needed +# and provide live reload for the tomcat webapp by running npm run dev +services: + tomcat-webapp-boilerplate: + # environment: + # image: tomcat:9-jdk21-temurin-jammy + build: + dockerfile: ./docker/tomcat.Dockerfile + container_name: tomcat-webapp-boilerplate + env_file: ./.env + develop: + # watch allows to sync files from host to container + watch: + - action: sync+restart + path: "build/libs/" + target: "/usr/local/tomcat/webapps/" + network_mode: host + ports: + - 127.0.0.1:8080:8080 + ########## postgres + postgresdev: + env_file: ./.env + image: postgres:latest + # restart: unless-stopped + # user: postgres + network_mode: host + ports: + - 127.0.0.1:5432:5432 + # - 5432:5432 + container_name: postgresdev + volumes: + # - ~/data/postgres:/var/lib/postgresql/data + - /tmp/db/psql:/var/lib/postgresql/data + environment: + POSTGRES_USER: ${PSQL_USER} # default + POSTGRES_PASSWORD: ${PSQL_PASSWORD} + POSTGRES_DB: ${PSQL_DATABASE_NAME} + pgadmin: + container_name: pgadmin4_container + image: dpage/pgadmin4:latest + # restart: unless-stopped + network_mode: host + depends_on: + - postgresdev + environment: + PGADMIN_DEFAULT_EMAIL: admin@admin.com #pragma: allowlist secret + PGADMIN_DEFAULT_PASSWORD: admin #pragma: allowlist secret + # PGADMIN_LISTEN_PORT: 9001 + # ports: + # - 127.0.0.1:9001:80 + # - 9001:80 + ########## redis + redisdev: + env_file: ./.env + image: redis/redis-stack:latest + # user: redis + # restart: unless-stopped + # + # network mode exposes the service to the host, no mapping needed + network_mode: host + # ports: + # - 127.0.0.1:6379:6379 + # - 127.0.0.1:9002:8001 # redis insight + container_name: redisdev + # volumes: + # - ~/data/redis:/data + # - /tmp/db/redis:/data + environment: + # default user is: default + - REDIS_ARGS=--save 60 1000 --appendonly yes --loglevel warning --requirepass ${REDIS_PASSWORD} diff --git a/package.json b/package.json index 8d215b0..ae379e6 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "description": "working with `./gradlew war`", "main": "index.js", "scripts": { - "dev": "docker compose -f compose.dev.yml up --no-recreate --watch & nodemon --watch . --ext '.java' --exec './gradlew war'", + "dev": "docker compose -f docker/compose.dev.yml up --no-recreate --watch & nodemon --watch . --ext '.java' --exec './gradlew war'", "commit": "git cz", "prepare": "node scripts/install-hooks.cjs", "commitlint": "commitlint --edit", From af637c65386654caf243fbf4a89dc03dcd68557c Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 10:31:54 +0200 Subject: [PATCH 02/13] refactor: add tomcat config files --- build.gradle | 4 +- docker/compose.dev.yml => compose.dev.yml | 2 +- docker/tomcat.Dockerfile | 2 + package.json | 2 +- .../com/smi/xxx/rest/base/BaseService.java | 2 +- tomcat/README.md | 9 + tomcat/catalina.policy | 264 + tomcat/catalina.properties | 219 + tomcat/logging.properties | 79 + tomcat/server.xml | 128 + tomcat/tomcat-users.xml | 38 + tomcat/web.xml | 4655 +++++++++++++++++ 12 files changed, 5399 insertions(+), 5 deletions(-) rename docker/compose.dev.yml => compose.dev.yml (98%) create mode 100644 tomcat/README.md create mode 100644 tomcat/catalina.policy create mode 100644 tomcat/catalina.properties create mode 100644 tomcat/logging.properties create mode 100644 tomcat/server.xml create mode 100644 tomcat/tomcat-users.xml create mode 100644 tomcat/web.xml diff --git a/build.gradle b/build.gradle index 45505a3..77f0ef8 100644 --- a/build.gradle +++ b/build.gradle @@ -30,7 +30,7 @@ project.webAppDirName = 'src/main/webapp' // IMP: compatibliity with tomcat 9? // jersey 2+ works only with tomcat 9+ // jersey 3+ works only with tomcat 10+ -// check docke compose file +// check docker compose file // https://stackoverflow.com/questions/62595510/severe-servlet-jersey-web-application-in-web-application-restapp-threw-loa def JERSEY_VERSION = "2+" def TOMCAT_VERSION = "9+" @@ -133,7 +133,7 @@ spotless { format 'xml', { target '**/*.xml' - targetExclude 'build/**/*', 'node_modules/**/*', 'target/**/*', 'out/**/*', 'dist/**/*', 'bin/**/*' + targetExclude 'build/**/*', 'node_modules/**/*', 'target/**/*', 'out/**/*', 'dist/**/*', 'bin/**/*', 'tomcat/**/*' eclipseWtp('xml') } diff --git a/docker/compose.dev.yml b/compose.dev.yml similarity index 98% rename from docker/compose.dev.yml rename to compose.dev.yml index ce152de..e0f8dbc 100644 --- a/docker/compose.dev.yml +++ b/compose.dev.yml @@ -14,7 +14,7 @@ services: # watch allows to sync files from host to container watch: - action: sync+restart - path: "build/libs/" + path: "./build/libs/" target: "/usr/local/tomcat/webapps/" network_mode: host ports: diff --git a/docker/tomcat.Dockerfile b/docker/tomcat.Dockerfile index cfbd955..049dd68 100644 --- a/docker/tomcat.Dockerfile +++ b/docker/tomcat.Dockerfile @@ -4,6 +4,8 @@ RUN adduser tomcat RUN chown -R tomcat:tomcat /usr/local/tomcat/webapps +COPY ../build/libs/*.war /usr/local/tomcat/webapps/ + USER tomcat EXPOSE ${PORT} diff --git a/package.json b/package.json index ae379e6..8d215b0 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "description": "working with `./gradlew war`", "main": "index.js", "scripts": { - "dev": "docker compose -f docker/compose.dev.yml up --no-recreate --watch & nodemon --watch . --ext '.java' --exec './gradlew war'", + "dev": "docker compose -f compose.dev.yml up --no-recreate --watch & nodemon --watch . --ext '.java' --exec './gradlew war'", "commit": "git cz", "prepare": "node scripts/install-hooks.cjs", "commitlint": "commitlint --edit", diff --git a/src/main/java/com/smi/xxx/rest/base/BaseService.java b/src/main/java/com/smi/xxx/rest/base/BaseService.java index fe40d99..21dea27 100644 --- a/src/main/java/com/smi/xxx/rest/base/BaseService.java +++ b/src/main/java/com/smi/xxx/rest/base/BaseService.java @@ -18,7 +18,7 @@ public class BaseService { @Path("/") public Response get() { - return Response.ok("Hello World").build(); + return Response.ok("Hello World 2").build(); } // get @POST diff --git a/tomcat/README.md b/tomcat/README.md new file mode 100644 index 0000000..983ba47 --- /dev/null +++ b/tomcat/README.md @@ -0,0 +1,9 @@ +# tomcat configs + +default tomcat config files as found in the official tomcat docker image under /usr/local/tomcat/conf + +those files could be modified and copied into /usr/local/tomcat/conf to override the default configuration + +TODO: use tomcat config files in docker + +## Note: at the moment those are unused diff --git a/tomcat/catalina.policy b/tomcat/catalina.policy new file mode 100644 index 0000000..6b2fa6d --- /dev/null +++ b/tomcat/catalina.policy @@ -0,0 +1,264 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// ============================================================================ +// catalina.policy - Security Policy Permissions for Tomcat +// +// This file contains a default set of security policies to be enforced (by the +// JVM) when Catalina is executed with the "-security" option. In addition +// to the permissions granted here, the following additional permissions are +// granted to each web application: +// +// * Read access to the web application's document root directory +// * Read, write and delete access to the web application's working directory +// ============================================================================ + + +// ========== SYSTEM CODE PERMISSIONS ========================================= + + +// These permissions apply to javac +grant codeBase "file:${java.home}/lib/-" { + permission java.security.AllPermission; +}; + +// These permissions apply to all shared system extensions +grant codeBase "file:${java.home}/jre/lib/ext/-" { + permission java.security.AllPermission; +}; + +// These permissions apply to javac when ${java.home} points at $JAVA_HOME/jre +grant codeBase "file:${java.home}/../lib/-" { + permission java.security.AllPermission; +}; + +// These permissions apply to all shared system extensions when +// ${java.home} points at $JAVA_HOME/jre +grant codeBase "file:${java.home}/lib/ext/-" { + permission java.security.AllPermission; +}; + +// This permission is required when using javac to compile JSPs on Java 9 +// onwards +//grant codeBase "jrt:/jdk.compiler" { +// permission java.security.AllPermission; +//}; + + +// ========== CATALINA CODE PERMISSIONS ======================================= + +// These permissions apply to the daemon code +grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" { + permission java.security.AllPermission; +}; + +// These permissions apply to the logging API +// Note: If tomcat-juli.jar is in ${catalina.base} and not in ${catalina.home}, +// update this section accordingly. +// grant codeBase "file:${catalina.base}/bin/tomcat-juli.jar" {..} +grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { + permission java.io.FilePermission + "${java.home}${file.separator}lib${file.separator}logging.properties", "read"; + + permission java.io.FilePermission + "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read"; + permission java.io.FilePermission + "${catalina.base}${file.separator}logs", "read, write"; + permission java.io.FilePermission + "${catalina.base}${file.separator}logs${file.separator}*", "read, write, delete"; + + permission java.lang.RuntimePermission "shutdownHooks"; + permission java.lang.RuntimePermission "getClassLoader"; + permission java.lang.RuntimePermission "setContextClassLoader"; + + permission java.lang.management.ManagementPermission "monitor"; + + permission java.util.logging.LoggingPermission "control"; + + permission java.util.PropertyPermission "java.util.logging.config.class", "read"; + permission java.util.PropertyPermission "java.util.logging.config.file", "read"; + permission java.util.PropertyPermission "org.apache.juli.AsyncMaxRecordCount", "read"; + permission java.util.PropertyPermission "org.apache.juli.AsyncOverflowDropType", "read"; + permission java.util.PropertyPermission "org.apache.juli.ClassLoaderLogManager.debug", "read"; + permission java.util.PropertyPermission "catalina.base", "read"; + + // Note: To enable per context logging configuration, permit read access to + // the appropriate file. Be sure that the logging configuration is + // secure before enabling such access. + // E.g. for the examples web application (uncomment and unwrap + // the following to be on a single line): + // permission java.io.FilePermission "${catalina.base}${file.separator} + // webapps${file.separator}examples${file.separator}WEB-INF + // ${file.separator}classes${file.separator}logging.properties", "read"; +}; + +// These permissions apply to the server startup code +grant codeBase "file:${catalina.home}/bin/bootstrap.jar" { + permission java.security.AllPermission; +}; + +// These permissions apply to the servlet API classes +// and those that are shared across all class loaders +// located in the "lib" directory +grant codeBase "file:${catalina.home}/lib/-" { + permission java.security.AllPermission; +}; + + +// If using a per instance lib directory, i.e. ${catalina.base}/lib, +// then the following permission will need to be uncommented +// grant codeBase "file:${catalina.base}/lib/-" { +// permission java.security.AllPermission; +// }; + + +// ========== WEB APPLICATION PERMISSIONS ===================================== + + +// These permissions are granted by default to all web applications +// In addition, a web application will be given a read FilePermission +// for all files and directories in its document root. +grant { + // Required for JNDI lookup of named JDBC DataSource's and + // javamail named MimePart DataSource used to send mail + permission java.util.PropertyPermission "java.home", "read"; + permission java.util.PropertyPermission "java.naming.*", "read"; + permission java.util.PropertyPermission "javax.sql.*", "read"; + + // OS Specific properties to allow read access + permission java.util.PropertyPermission "os.name", "read"; + permission java.util.PropertyPermission "os.version", "read"; + permission java.util.PropertyPermission "os.arch", "read"; + permission java.util.PropertyPermission "file.separator", "read"; + permission java.util.PropertyPermission "path.separator", "read"; + permission java.util.PropertyPermission "line.separator", "read"; + + // JVM properties to allow read access + permission java.util.PropertyPermission "java.version", "read"; + permission java.util.PropertyPermission "java.vendor", "read"; + permission java.util.PropertyPermission "java.vendor.url", "read"; + permission java.util.PropertyPermission "java.class.version", "read"; + permission java.util.PropertyPermission "java.specification.version", "read"; + permission java.util.PropertyPermission "java.specification.vendor", "read"; + permission java.util.PropertyPermission "java.specification.name", "read"; + + permission java.util.PropertyPermission "java.vm.specification.version", "read"; + permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; + permission java.util.PropertyPermission "java.vm.specification.name", "read"; + permission java.util.PropertyPermission "java.vm.version", "read"; + permission java.util.PropertyPermission "java.vm.vendor", "read"; + permission java.util.PropertyPermission "java.vm.name", "read"; + + // Required for OpenJMX + permission java.lang.RuntimePermission "getAttribute"; + + // Allow read of JAXP compliant XML parser debug + permission java.util.PropertyPermission "jaxp.debug", "read"; + + // All JSPs need to be able to read this package + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat"; + + // Precompiled JSPs need access to these packages. + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime"; + permission java.lang.RuntimePermission + "accessClassInPackage.org.apache.jasper.runtime.*"; + + // Applications using WebSocket need to be able to access these packages + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.websocket"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.websocket.server"; +}; + + +// The Manager application needs access to the following packages to support the +// session display functionality. It also requires the custom Tomcat +// DeployXmlPermission to enable the use of META-INF/context.xml +// These settings support the following configurations: +// - default CATALINA_HOME == CATALINA_BASE +// - CATALINA_HOME != CATALINA_BASE, per instance Manager in CATALINA_BASE +// - CATALINA_HOME != CATALINA_BASE, shared Manager in CATALINA_HOME +grant codeBase "file:${catalina.base}/webapps/manager/-" { + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.ha.session"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager.util"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.util"; + permission org.apache.catalina.security.DeployXmlPermission "manager"; +}; +grant codeBase "file:${catalina.home}/webapps/manager/-" { + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.ha.session"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager.util"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.util"; + permission org.apache.catalina.security.DeployXmlPermission "manager"; +}; + +// The Host Manager application needs the custom Tomcat DeployXmlPermission to +// enable the use of META-INF/context.xml +// These settings support the following configurations: +// - default CATALINA_HOME == CATALINA_BASE +// - CATALINA_HOME != CATALINA_BASE, per instance Host Manager in CATALINA_BASE +// - CATALINA_HOME != CATALINA_BASE, shared Host Manager in CATALINA_HOME +grant codeBase "file:${catalina.base}/webapps/host-manager/-" { + permission org.apache.catalina.security.DeployXmlPermission "host-manager"; +}; +grant codeBase "file:${catalina.home}/webapps/host-manager/-" { + permission org.apache.catalina.security.DeployXmlPermission "host-manager"; +}; + + +// You can assign additional permissions to particular web applications by +// adding additional "grant" entries here, based on the code base for that +// application, /WEB-INF/classes/, or /WEB-INF/lib/ jar files. +// +// Different permissions can be granted to JSP pages, classes loaded from +// the /WEB-INF/classes/ directory, all jar files in the /WEB-INF/lib/ +// directory, or even to individual jar files in the /WEB-INF/lib/ directory. +// +// For instance, assume that the standard "examples" application +// included a JDBC driver that needed to establish a network connection to the +// corresponding database and used the scrape taglib to get the weather from +// the NOAA web server. You might create a "grant" entries like this: +// +// The permissions granted to the context root directory apply to JSP pages. +// grant codeBase "file:${catalina.base}/webapps/examples/-" { +// permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect"; +// permission java.net.SocketPermission "*.noaa.gov:80", "connect"; +// }; +// +// The permissions granted to the context WEB-INF/classes directory +// grant codeBase "file:${catalina.base}/webapps/examples/WEB-INF/classes/-" { +// }; +// +// The permission granted to your JDBC driver +// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/driver.jar!/-" { +// permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect"; +// }; +// The permission granted to the scrape taglib +// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/scrape.jar!/-" { +// permission java.net.SocketPermission "*.noaa.gov:80", "connect"; +// }; + +// To grant permissions for web applications using packed WAR files, use the +// Tomcat specific WAR url scheme. +// +// The permissions granted to the entire web application +// grant codeBase "war:file:${catalina.base}/webapps/examples.war*/-" { +// }; +// +// The permissions granted to a specific JAR +// grant codeBase "war:file:${catalina.base}/webapps/examples.war*/WEB-INF/lib/foo.jar" { +// }; diff --git a/tomcat/catalina.properties b/tomcat/catalina.properties new file mode 100644 index 0000000..38ce4c1 --- /dev/null +++ b/tomcat/catalina.properties @@ -0,0 +1,219 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# +# List of comma-separated packages that start with or equal this string +# will cause a security exception to be thrown when +# passed to checkPackageAccess unless the +# corresponding RuntimePermission ("accessClassInPackage."+package) has +# been granted. +package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.jasper.,org.apache.tomcat. +# +# List of comma-separated packages that start with or equal this string +# will cause a security exception to be thrown when +# passed to checkPackageDefinition unless the +# corresponding RuntimePermission ("defineClassInPackage."+package) has +# been granted. +# +# by default, no packages are restricted for definition, and none of +# the class loaders supplied with the JDK call checkPackageDefinition. +# +package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,\ +org.apache.jasper.,org.apache.naming.,org.apache.tomcat. + +# +# +# List of comma-separated paths defining the contents of the "common" +# classloader. Prefixes should be used to define what is the repository type. +# Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute. +# If left as blank,the JVM system loader will be used as Catalina's "common" +# loader. +# Examples: +# "foo": Add this folder as a class repository +# "foo/*.jar": Add all the JARs of the specified folder as class +# repositories +# "foo/bar.jar": Add bar.jar as a class repository +# +# Note: Values are enclosed in double quotes ("...") in case either the +# ${catalina.base} path or the ${catalina.home} path contains a comma. +# Because double quotes are used for quoting, the double quote character +# may not appear in a path. +common.loader="${catalina.base}/lib","${catalina.base}/lib/*.jar","${catalina.home}/lib","${catalina.home}/lib/*.jar" + +# +# List of comma-separated paths defining the contents of the "server" +# classloader. Prefixes should be used to define what is the repository type. +# Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute. +# If left as blank, the "common" loader will be used as Catalina's "server" +# loader. +# Examples: +# "foo": Add this folder as a class repository +# "foo/*.jar": Add all the JARs of the specified folder as class +# repositories +# "foo/bar.jar": Add bar.jar as a class repository +# +# Note: Values may be enclosed in double quotes ("...") in case either the +# ${catalina.base} path or the ${catalina.home} path contains a comma. +# Because double quotes are used for quoting, the double quote character +# may not appear in a path. +server.loader= + +# +# List of comma-separated paths defining the contents of the "shared" +# classloader. Prefixes should be used to define what is the repository type. +# Path may be relative to the CATALINA_BASE path or absolute. If left as blank, +# the "common" loader will be used as Catalina's "shared" loader. +# Examples: +# "foo": Add this folder as a class repository +# "foo/*.jar": Add all the JARs of the specified folder as class +# repositories +# "foo/bar.jar": Add bar.jar as a class repository +# Please note that for single jars, e.g. bar.jar, you need the URL form +# starting with file:. +# +# Note: Values may be enclosed in double quotes ("...") in case either the +# ${catalina.base} path or the ${catalina.home} path contains a comma. +# Because double quotes are used for quoting, the double quote character +# may not appear in a path. +shared.loader= + +# Default list of JAR files that should not be scanned using the JarScanner +# functionality. This is typically used to scan JARs for configuration +# information. JARs that do not contain such information may be excluded from +# the scan to speed up the scanning process. This is the default list. JARs on +# this list are excluded from all scans. The list must be a comma separated list +# of JAR file names. +# The list of JARs to skip may be over-ridden at a Context level for individual +# scan types by configuring a JarScanner with a nested JarScanFilter. +# The JARs listed below include: +# - Tomcat Bootstrap JARs +# - Tomcat API JARs +# - Catalina JARs +# - Jasper JARs +# - Tomcat JARs +# - Common non-Tomcat JARs +# - Test JARs (JUnit, Cobertura and dependencies) +tomcat.util.scan.StandardJarScanFilter.jarsToSkip=\ +annotations-api.jar,\ +ant-junit*.jar,\ +ant-launcher*.jar,\ +ant*.jar,\ +asm-*.jar,\ +aspectj*.jar,\ +bcel*.jar,\ +biz.aQute.bnd*.jar,\ +bootstrap.jar,\ +catalina-ant.jar,\ +catalina-ha.jar,\ +catalina-ssi.jar,\ +catalina-storeconfig.jar,\ +catalina-tribes.jar,\ +catalina.jar,\ +cglib-*.jar,\ +cobertura-*.jar,\ +commons-beanutils*.jar,\ +commons-codec*.jar,\ +commons-collections*.jar,\ +commons-compress*.jar,\ +commons-daemon.jar,\ +commons-dbcp*.jar,\ +commons-digester*.jar,\ +commons-fileupload*.jar,\ +commons-httpclient*.jar,\ +commons-io*.jar,\ +commons-lang*.jar,\ +commons-logging*.jar,\ +commons-math*.jar,\ +commons-pool*.jar,\ +derby-*.jar,\ +dom4j-*.jar,\ +easymock-*.jar,\ +ecj-*.jar,\ +el-api.jar,\ +geronimo-spec-jaxrpc*.jar,\ +h2*.jar,\ +ha-api-*.jar,\ +hamcrest-*.jar,\ +hibernate*.jar,\ +httpclient*.jar,\ +icu4j-*.jar,\ +jasper-el.jar,\ +jasper.jar,\ +jaspic-api.jar,\ +jaxb-*.jar,\ +jaxen-*.jar,\ +jaxws-rt-*.jar,\ +jdom-*.jar,\ +jetty-*.jar,\ +jmx-tools.jar,\ +jmx.jar,\ +jsp-api.jar,\ +jstl.jar,\ +jta*.jar,\ +junit-*.jar,\ +junit.jar,\ +log4j*.jar,\ +mail*.jar,\ +objenesis-*.jar,\ +oraclepki.jar,\ +org.hamcrest.core_*.jar,\ +org.junit_*.jar,\ +oro-*.jar,\ +servlet-api-*.jar,\ +servlet-api.jar,\ +slf4j*.jar,\ +taglibs-standard-spec-*.jar,\ +tagsoup-*.jar,\ +tomcat-api.jar,\ +tomcat-coyote.jar,\ +tomcat-dbcp.jar,\ +tomcat-i18n-*.jar,\ +tomcat-jdbc.jar,\ +tomcat-jni.jar,\ +tomcat-juli-adapters.jar,\ +tomcat-juli.jar,\ +tomcat-util-scan.jar,\ +tomcat-util.jar,\ +tomcat-websocket.jar,\ +tools.jar,\ +unboundid-ldapsdk-*.jar,\ +websocket-api.jar,\ +wsdl4j*.jar,\ +xercesImpl.jar,\ +xml-apis.jar,\ +xmlParserAPIs-*.jar,\ +xmlParserAPIs.jar,\ +xom-*.jar + +# Default list of JAR files that should be scanned that overrides the default +# jarsToSkip list above. This is typically used to include a specific JAR that +# has been excluded by a broad file name pattern in the jarsToSkip list. +# The list of JARs to scan may be over-ridden at a Context level for individual +# scan types by configuring a JarScanner with a nested JarScanFilter. +tomcat.util.scan.StandardJarScanFilter.jarsToScan=\ +log4j-taglib*.jar,\ +log4j-web*.jar,\ +log4javascript*.jar,\ +slf4j-taglib*.jar + +# String cache configuration. +tomcat.util.buf.StringCache.byte.enabled=true +#tomcat.util.buf.StringCache.char.enabled=true +#tomcat.util.buf.StringCache.trainThreshold=500000 +#tomcat.util.buf.StringCache.cacheSize=5000 + +# Disable use of some privilege blocks Tomcat doesn't need since calls to the +# code in question are always already inside a privilege block +org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED=false diff --git a/tomcat/logging.properties b/tomcat/logging.properties new file mode 100644 index 0000000..e8b7b16 --- /dev/null +++ b/tomcat/logging.properties @@ -0,0 +1,79 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +handlers = 1catalina.org.apache.juli.AsyncFileHandler, 2localhost.org.apache.juli.AsyncFileHandler, 3manager.org.apache.juli.AsyncFileHandler, 4host-manager.org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler + +.handlers = 1catalina.org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler + +############################################################ +# Handler specific properties. +# Describes specific configuration info for Handlers. +############################################################ + +1catalina.org.apache.juli.AsyncFileHandler.level = FINE +1catalina.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs +1catalina.org.apache.juli.AsyncFileHandler.prefix = catalina. +1catalina.org.apache.juli.AsyncFileHandler.maxDays = 90 +1catalina.org.apache.juli.AsyncFileHandler.encoding = UTF-8 + +2localhost.org.apache.juli.AsyncFileHandler.level = FINE +2localhost.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs +2localhost.org.apache.juli.AsyncFileHandler.prefix = localhost. +2localhost.org.apache.juli.AsyncFileHandler.maxDays = 90 +2localhost.org.apache.juli.AsyncFileHandler.encoding = UTF-8 + +3manager.org.apache.juli.AsyncFileHandler.level = FINE +3manager.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs +3manager.org.apache.juli.AsyncFileHandler.prefix = manager. +3manager.org.apache.juli.AsyncFileHandler.maxDays = 90 +3manager.org.apache.juli.AsyncFileHandler.encoding = UTF-8 + +4host-manager.org.apache.juli.AsyncFileHandler.level = FINE +4host-manager.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs +4host-manager.org.apache.juli.AsyncFileHandler.prefix = host-manager. +4host-manager.org.apache.juli.AsyncFileHandler.maxDays = 90 +4host-manager.org.apache.juli.AsyncFileHandler.encoding = UTF-8 + +java.util.logging.ConsoleHandler.level = FINE +java.util.logging.ConsoleHandler.formatter = org.apache.juli.OneLineFormatter +java.util.logging.ConsoleHandler.encoding = UTF-8 + + +############################################################ +# Facility specific properties. +# Provides extra control for each logger. +############################################################ + +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.AsyncFileHandler + +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = INFO +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.AsyncFileHandler + +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.AsyncFileHandler + +# For example, set the org.apache.catalina.util.LifecycleBase logger to log +# each component that extends LifecycleBase changing state: +#org.apache.catalina.util.LifecycleBase.level = FINE + +# To see debug messages in TldLocationsCache, uncomment the following line: +#org.apache.jasper.compiler.TldLocationsCache.level = FINE + +# To see debug messages for HTTP/2 handling, uncomment the following line: +#org.apache.coyote.http2.level = FINE + +# To see debug messages for WebSocket handling, uncomment the following line: +#org.apache.tomcat.websocket.level = FINE diff --git a/tomcat/server.xml b/tomcat/server.xml new file mode 100644 index 0000000..8ac7058 --- /dev/null +++ b/tomcat/server.xml @@ -0,0 +1,128 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/tomcat/tomcat-users.xml b/tomcat/tomcat-users.xml new file mode 100644 index 0000000..cca5e6b --- /dev/null +++ b/tomcat/tomcat-users.xml @@ -0,0 +1,38 @@ + + + + + + + + diff --git a/tomcat/web.xml b/tomcat/web.xml new file mode 100644 index 0000000..ddd7bf7 --- /dev/null +++ b/tomcat/web.xml @@ -0,0 +1,4655 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + default + org.apache.catalina.servlets.DefaultServlet + + debug + 0 + + + listings + false + + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + jsp + org.apache.jasper.servlet.JspServlet + + fork + false + + + xpoweredBy + false + + 3 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + default + / + + + + + jsp + *.jsp + *.jspx + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 30 + + + + + + + + + + + + + 123 + application/vnd.lotus-1-2-3 + + + 3dml + text/vnd.in3d.3dml + + + 3ds + image/x-3ds + + + 3g2 + video/3gpp2 + + + 3gp + video/3gpp + + + 7z + application/x-7z-compressed + + + aab + application/x-authorware-bin + + + aac + audio/x-aac + + + aam + application/x-authorware-map + + + aas + application/x-authorware-seg + + + abs + audio/x-mpeg + + + abw + application/x-abiword + + + ac + application/pkix-attr-cert + + + acc + application/vnd.americandynamics.acc + + + ace + application/x-ace-compressed + + + acu + application/vnd.acucobol + + + acutc + application/vnd.acucorp + + + adp + audio/adpcm + + + aep + application/vnd.audiograph + + + afm + application/x-font-type1 + + + afp + application/vnd.ibm.modcap + + + ahead + application/vnd.ahead.space + + + ai + application/postscript + + + aif + audio/x-aiff + + + aifc + audio/x-aiff + + + aiff + audio/x-aiff + + + aim + application/x-aim + + + air + application/vnd.adobe.air-application-installer-package+zip + + + ait + application/vnd.dvb.ait + + + ami + application/vnd.amiga.ami + + + anx + application/annodex + + + apk + application/vnd.android.package-archive + + + appcache + text/cache-manifest + + + application + application/x-ms-application + + + apr + application/vnd.lotus-approach + + + arc + application/x-freearc + + + art + image/x-jg + + + asc + application/pgp-signature + + + asf + video/x-ms-asf + + + asm + text/x-asm + + + aso + application/vnd.accpac.simply.aso + + + asx + video/x-ms-asf + + + atc + application/vnd.acucorp + + + atom + application/atom+xml + + + atomcat + application/atomcat+xml + + + atomsvc + application/atomsvc+xml + + + atx + application/vnd.antix.game-component + + + au + audio/basic + + + avi + video/x-msvideo + + + avx + video/x-rad-screenplay + + + aw + application/applixware + + + axa + audio/annodex + + + axv + video/annodex + + + azf + application/vnd.airzip.filesecure.azf + + + azs + application/vnd.airzip.filesecure.azs + + + azw + application/vnd.amazon.ebook + + + bat + application/x-msdownload + + + bcpio + application/x-bcpio + + + bdf + application/x-font-bdf + + + bdm + application/vnd.syncml.dm+wbxml + + + bed + application/vnd.realvnc.bed + + + bh2 + application/vnd.fujitsu.oasysprs + + + bin + application/octet-stream + + + blb + application/x-blorb + + + blorb + application/x-blorb + + + bmi + application/vnd.bmi + + + bmp + image/bmp + + + body + text/html + + + book + application/vnd.framemaker + + + box + application/vnd.previewsystems.box + + + boz + application/x-bzip2 + + + bpk + application/octet-stream + + + btif + image/prs.btif + + + bz + application/x-bzip + + + bz2 + application/x-bzip2 + + + c + text/x-c + + + c11amc + application/vnd.cluetrust.cartomobile-config + + + c11amz + application/vnd.cluetrust.cartomobile-config-pkg + + + c4d + application/vnd.clonk.c4group + + + c4f + application/vnd.clonk.c4group + + + c4g + application/vnd.clonk.c4group + + + c4p + application/vnd.clonk.c4group + + + c4u + application/vnd.clonk.c4group + + + cab + application/vnd.ms-cab-compressed + + + caf + audio/x-caf + + + cap + application/vnd.tcpdump.pcap + + + car + application/vnd.curl.car + + + cat + application/vnd.ms-pki.seccat + + + cb7 + application/x-cbr + + + cba + application/x-cbr + + + cbr + application/x-cbr + + + cbt + application/x-cbr + + + cbz + application/x-cbr + + + cc + text/x-c + + + cct + application/x-director + + + ccxml + application/ccxml+xml + + + cdbcmsg + application/vnd.contact.cmsg + + + cdf + application/x-cdf + + + cdkey + application/vnd.mediastation.cdkey + + + cdmia + application/cdmi-capability + + + cdmic + application/cdmi-container + + + cdmid + application/cdmi-domain + + + cdmio + application/cdmi-object + + + cdmiq + application/cdmi-queue + + + cdx + chemical/x-cdx + + + cdxml + application/vnd.chemdraw+xml + + + cdy + application/vnd.cinderella + + + cer + application/pkix-cert + + + cfs + application/x-cfs-compressed + + + cgm + image/cgm + + + chat + application/x-chat + + + chm + application/vnd.ms-htmlhelp + + + chrt + application/vnd.kde.kchart + + + cif + chemical/x-cif + + + cii + application/vnd.anser-web-certificate-issue-initiation + + + cil + application/vnd.ms-artgalry + + + cla + application/vnd.claymore + + + class + application/java + + + clkk + application/vnd.crick.clicker.keyboard + + + clkp + application/vnd.crick.clicker.palette + + + clkt + application/vnd.crick.clicker.template + + + clkw + application/vnd.crick.clicker.wordbank + + + clkx + application/vnd.crick.clicker + + + clp + application/x-msclip + + + cmc + application/vnd.cosmocaller + + + cmdf + chemical/x-cmdf + + + cml + chemical/x-cml + + + cmp + application/vnd.yellowriver-custom-menu + + + cmx + image/x-cmx + + + cod + application/vnd.rim.cod + + + com + application/x-msdownload + + + conf + text/plain + + + cpio + application/x-cpio + + + cpp + text/x-c + + + cpt + application/mac-compactpro + + + crd + application/x-mscardfile + + + crl + application/pkix-crl + + + crt + application/x-x509-ca-cert + + + cryptonote + application/vnd.rig.cryptonote + + + csh + application/x-csh + + + csml + chemical/x-csml + + + csp + application/vnd.commonspace + + + css + text/css + + + cst + application/x-director + + + csv + text/csv + + + cu + application/cu-seeme + + + curl + text/vnd.curl + + + cww + application/prs.cww + + + cxt + application/x-director + + + cxx + text/x-c + + + dae + model/vnd.collada+xml + + + daf + application/vnd.mobius.daf + + + dart + application/vnd.dart + + + dataless + application/vnd.fdsn.seed + + + davmount + application/davmount+xml + + + dbk + application/docbook+xml + + + dcr + application/x-director + + + dcurl + text/vnd.curl.dcurl + + + dd2 + application/vnd.oma.dd2+xml + + + ddd + application/vnd.fujixerox.ddd + + + deb + application/x-debian-package + + + def + text/plain + + + deploy + application/octet-stream + + + der + application/x-x509-ca-cert + + + dfac + application/vnd.dreamfactory + + + dgc + application/x-dgc-compressed + + + dib + image/bmp + + + dic + text/x-c + + + dir + application/x-director + + + dis + application/vnd.mobius.dis + + + dist + application/octet-stream + + + distz + application/octet-stream + + + djv + image/vnd.djvu + + + djvu + image/vnd.djvu + + + dll + application/x-msdownload + + + dmg + application/x-apple-diskimage + + + dmp + application/vnd.tcpdump.pcap + + + dms + application/octet-stream + + + dna + application/vnd.dna + + + doc + application/msword + + + docm + application/vnd.ms-word.document.macroenabled.12 + + + docx + application/vnd.openxmlformats-officedocument.wordprocessingml.document + + + dot + application/msword + + + dotm + application/vnd.ms-word.template.macroenabled.12 + + + dotx + application/vnd.openxmlformats-officedocument.wordprocessingml.template + + + dp + application/vnd.osgi.dp + + + dpg + application/vnd.dpgraph + + + dra + audio/vnd.dra + + + dsc + text/prs.lines.tag + + + dssc + application/dssc+der + + + dtb + application/x-dtbook+xml + + + dtd + application/xml-dtd + + + dts + audio/vnd.dts + + + dtshd + audio/vnd.dts.hd + + + dump + application/octet-stream + + + dv + video/x-dv + + + dvb + video/vnd.dvb.file + + + dvi + application/x-dvi + + + dwf + model/vnd.dwf + + + dwg + image/vnd.dwg + + + dxf + image/vnd.dxf + + + dxp + application/vnd.spotfire.dxp + + + dxr + application/x-director + + + ecelp4800 + audio/vnd.nuera.ecelp4800 + + + ecelp7470 + audio/vnd.nuera.ecelp7470 + + + ecelp9600 + audio/vnd.nuera.ecelp9600 + + + ecma + application/ecmascript + + + edm + application/vnd.novadigm.edm + + + edx + application/vnd.novadigm.edx + + + efif + application/vnd.picsel + + + ei6 + application/vnd.pg.osasli + + + elc + application/octet-stream + + + emf + application/x-msmetafile + + + eml + message/rfc822 + + + emma + application/emma+xml + + + emz + application/x-msmetafile + + + eol + audio/vnd.digital-winds + + + eot + application/vnd.ms-fontobject + + + eps + application/postscript + + + epub + application/epub+zip + + + es3 + application/vnd.eszigno3+xml + + + esa + application/vnd.osgi.subsystem + + + esf + application/vnd.epson.esf + + + et3 + application/vnd.eszigno3+xml + + + etx + text/x-setext + + + eva + application/x-eva + + + evy + application/x-envoy + + + exe + application/octet-stream + + + exi + application/exi + + + ext + application/vnd.novadigm.ext + + + ez + application/andrew-inset + + + ez2 + application/vnd.ezpix-album + + + ez3 + application/vnd.ezpix-package + + + f + text/x-fortran + + + f4v + video/x-f4v + + + f77 + text/x-fortran + + + f90 + text/x-fortran + + + fbs + image/vnd.fastbidsheet + + + fcdt + application/vnd.adobe.formscentral.fcdt + + + fcs + application/vnd.isac.fcs + + + fdf + application/vnd.fdf + + + fe_launch + application/vnd.denovo.fcselayout-link + + + fg5 + application/vnd.fujitsu.oasysgp + + + fgd + application/x-director + + + fh + image/x-freehand + + + fh4 + image/x-freehand + + + fh5 + image/x-freehand + + + fh7 + image/x-freehand + + + fhc + image/x-freehand + + + fig + application/x-xfig + + + flac + audio/flac + + + fli + video/x-fli + + + flo + application/vnd.micrografx.flo + + + flv + video/x-flv + + + flw + application/vnd.kde.kivio + + + flx + text/vnd.fmi.flexstor + + + fly + text/vnd.fly + + + fm + application/vnd.framemaker + + + fnc + application/vnd.frogans.fnc + + + for + text/x-fortran + + + fpx + image/vnd.fpx + + + frame + application/vnd.framemaker + + + fsc + application/vnd.fsc.weblaunch + + + fst + image/vnd.fst + + + ftc + application/vnd.fluxtime.clip + + + fti + application/vnd.anser-web-funds-transfer-initiation + + + fvt + video/vnd.fvt + + + fxp + application/vnd.adobe.fxp + + + fxpl + application/vnd.adobe.fxp + + + fzs + application/vnd.fuzzysheet + + + g2w + application/vnd.geoplan + + + g3 + image/g3fax + + + g3w + application/vnd.geospace + + + gac + application/vnd.groove-account + + + gam + application/x-tads + + + gbr + application/rpki-ghostbusters + + + gca + application/x-gca-compressed + + + gdl + model/vnd.gdl + + + geo + application/vnd.dynageo + + + gex + application/vnd.geometry-explorer + + + ggb + application/vnd.geogebra.file + + + ggs + application/vnd.geogebra.slides + + + ggt + application/vnd.geogebra.tool + + + ghf + application/vnd.groove-help + + + gif + image/gif + + + gim + application/vnd.groove-identity-message + + + gml + application/gml+xml + + + gmx + application/vnd.gmx + + + gnumeric + application/x-gnumeric + + + gph + application/vnd.flographit + + + gpx + application/gpx+xml + + + gqf + application/vnd.grafeq + + + gqs + application/vnd.grafeq + + + gram + application/srgs + + + gramps + application/x-gramps-xml + + + gre + application/vnd.geometry-explorer + + + grv + application/vnd.groove-injector + + + grxml + application/srgs+xml + + + gsf + application/x-font-ghostscript + + + gtar + application/x-gtar + + + gtm + application/vnd.groove-tool-message + + + gtw + model/vnd.gtw + + + gv + text/vnd.graphviz + + + gxf + application/gxf + + + gxt + application/vnd.geonext + + + gz + application/x-gzip + + + h + text/x-c + + + h261 + video/h261 + + + h263 + video/h263 + + + h264 + video/h264 + + + hal + application/vnd.hal+xml + + + hbci + application/vnd.hbci + + + hdf + application/x-hdf + + + hh + text/x-c + + + hlp + application/winhlp + + + hpgl + application/vnd.hp-hpgl + + + hpid + application/vnd.hp-hpid + + + hps + application/vnd.hp-hps + + + hqx + application/mac-binhex40 + + + htc + text/x-component + + + htke + application/vnd.kenameaapp + + + htm + text/html + + + html + text/html + + + hvd + application/vnd.yamaha.hv-dic + + + hvp + application/vnd.yamaha.hv-voice + + + hvs + application/vnd.yamaha.hv-script + + + i2g + application/vnd.intergeo + + + icc + application/vnd.iccprofile + + + ice + x-conference/x-cooltalk + + + icm + application/vnd.iccprofile + + + ico + image/x-icon + + + ics + text/calendar + + + ief + image/ief + + + ifb + text/calendar + + + ifm + application/vnd.shana.informed.formdata + + + iges + model/iges + + + igl + application/vnd.igloader + + + igm + application/vnd.insors.igm + + + igs + model/iges + + + igx + application/vnd.micrografx.igx + + + iif + application/vnd.shana.informed.interchange + + + imp + application/vnd.accpac.simply.imp + + + ims + application/vnd.ms-ims + + + in + text/plain + + + ink + application/inkml+xml + + + inkml + application/inkml+xml + + + install + application/x-install-instructions + + + iota + application/vnd.astraea-software.iota + + + ipfix + application/ipfix + + + ipk + application/vnd.shana.informed.package + + + irm + application/vnd.ibm.rights-management + + + irp + application/vnd.irepository.package+xml + + + iso + application/x-iso9660-image + + + itp + application/vnd.shana.informed.formtemplate + + + ivp + application/vnd.immervision-ivp + + + ivu + application/vnd.immervision-ivu + + + jad + text/vnd.sun.j2me.app-descriptor + + + jam + application/vnd.jam + + + jar + application/java-archive + + + java + text/x-java-source + + + jisp + application/vnd.jisp + + + jlt + application/vnd.hp-jlyt + + + jnlp + application/x-java-jnlp-file + + + joda + application/vnd.joost.joda-archive + + + jpe + image/jpeg + + + jpeg + image/jpeg + + + jpg + image/jpeg + + + jpgm + video/jpm + + + jpgv + video/jpeg + + + jpm + video/jpm + + + js + text/javascript + + + jsf + text/plain + + + json + application/json + + + jsonml + application/jsonml+json + + + jspf + text/plain + + + kar + audio/midi + + + karbon + application/vnd.kde.karbon + + + kfo + application/vnd.kde.kformula + + + kia + application/vnd.kidspiration + + + kml + application/vnd.google-earth.kml+xml + + + kmz + application/vnd.google-earth.kmz + + + kne + application/vnd.kinar + + + knp + application/vnd.kinar + + + kon + application/vnd.kde.kontour + + + kpr + application/vnd.kde.kpresenter + + + kpt + application/vnd.kde.kpresenter + + + kpxx + application/vnd.ds-keypoint + + + ksp + application/vnd.kde.kspread + + + ktr + application/vnd.kahootz + + + ktx + image/ktx + + + ktz + application/vnd.kahootz + + + kwd + application/vnd.kde.kword + + + kwt + application/vnd.kde.kword + + + lasxml + application/vnd.las.las+xml + + + latex + application/x-latex + + + lbd + application/vnd.llamagraphics.life-balance.desktop + + + lbe + application/vnd.llamagraphics.life-balance.exchange+xml + + + les + application/vnd.hhe.lesson-player + + + lha + application/x-lzh-compressed + + + link66 + application/vnd.route66.link66+xml + + + list + text/plain + + + list3820 + application/vnd.ibm.modcap + + + listafp + application/vnd.ibm.modcap + + + lnk + application/x-ms-shortcut + + + log + text/plain + + + lostxml + application/lost+xml + + + lrf + application/octet-stream + + + lrm + application/vnd.ms-lrm + + + ltf + application/vnd.frogans.ltf + + + lvp + audio/vnd.lucent.voice + + + lwp + application/vnd.lotus-wordpro + + + lzh + application/x-lzh-compressed + + + m13 + application/x-msmediaview + + + m14 + application/x-msmediaview + + + m1v + video/mpeg + + + m21 + application/mp21 + + + m2a + audio/mpeg + + + m2v + video/mpeg + + + m3a + audio/mpeg + + + m3u + audio/x-mpegurl + + + m3u8 + application/vnd.apple.mpegurl + + + m4a + audio/mp4 + + + m4b + audio/mp4 + + + m4r + audio/mp4 + + + m4u + video/vnd.mpegurl + + + m4v + video/mp4 + + + ma + application/mathematica + + + mac + image/x-macpaint + + + mads + application/mads+xml + + + mag + application/vnd.ecowin.chart + + + maker + application/vnd.framemaker + + + man + text/troff + + + mar + application/octet-stream + + + mathml + application/mathml+xml + + + mb + application/mathematica + + + mbk + application/vnd.mobius.mbk + + + mbox + application/mbox + + + mc1 + application/vnd.medcalcdata + + + mcd + application/vnd.mcd + + + mcurl + text/vnd.curl.mcurl + + + mdb + application/x-msaccess + + + mdi + image/vnd.ms-modi + + + me + text/troff + + + mesh + model/mesh + + + meta4 + application/metalink4+xml + + + metalink + application/metalink+xml + + + mets + application/mets+xml + + + mfm + application/vnd.mfmp + + + mft + application/rpki-manifest + + + mgp + application/vnd.osgeo.mapguide.package + + + mgz + application/vnd.proteus.magazine + + + mid + audio/midi + + + midi + audio/midi + + + mie + application/x-mie + + + mif + application/x-mif + + + mime + message/rfc822 + + + mj2 + video/mj2 + + + mjp2 + video/mj2 + + + mjs + text/javascript + + + mk3d + video/x-matroska + + + mka + audio/x-matroska + + + mks + video/x-matroska + + + mkv + video/x-matroska + + + mlp + application/vnd.dolby.mlp + + + mmd + application/vnd.chipnuts.karaoke-mmd + + + mmf + application/vnd.smaf + + + mmr + image/vnd.fujixerox.edmics-mmr + + + mng + video/x-mng + + + mny + application/x-msmoney + + + mobi + application/x-mobipocket-ebook + + + mods + application/mods+xml + + + mov + video/quicktime + + + movie + video/x-sgi-movie + + + mp1 + audio/mpeg + + + mp2 + audio/mpeg + + + mp21 + application/mp21 + + + mp2a + audio/mpeg + + + mp3 + audio/mpeg + + + mp4 + video/mp4 + + + mp4a + audio/mp4 + + + mp4s + application/mp4 + + + mp4v + video/mp4 + + + mpa + audio/mpeg + + + mpc + application/vnd.mophun.certificate + + + mpe + video/mpeg + + + mpeg + video/mpeg + + + mpega + audio/x-mpeg + + + mpg + video/mpeg + + + mpg4 + video/mp4 + + + mpga + audio/mpeg + + + mpkg + application/vnd.apple.installer+xml + + + mpm + application/vnd.blueice.multipass + + + mpn + application/vnd.mophun.application + + + mpp + application/vnd.ms-project + + + mpt + application/vnd.ms-project + + + mpv2 + video/mpeg2 + + + mpy + application/vnd.ibm.minipay + + + mqy + application/vnd.mobius.mqy + + + mrc + application/marc + + + mrcx + application/marcxml+xml + + + ms + text/troff + + + mscml + application/mediaservercontrol+xml + + + mseed + application/vnd.fdsn.mseed + + + mseq + application/vnd.mseq + + + msf + application/vnd.epson.msf + + + msh + model/mesh + + + msi + application/x-msdownload + + + msl + application/vnd.mobius.msl + + + msty + application/vnd.muvee.style + + + mts + model/vnd.mts + + + mus + application/vnd.musician + + + musicxml + application/vnd.recordare.musicxml+xml + + + mvb + application/x-msmediaview + + + mwf + application/vnd.mfer + + + mxf + application/mxf + + + mxl + application/vnd.recordare.musicxml + + + mxml + application/xv+xml + + + mxs + application/vnd.triscape.mxs + + + mxu + video/vnd.mpegurl + + + n-gage + application/vnd.nokia.n-gage.symbian.install + + + n3 + text/n3 + + + nb + application/mathematica + + + nbp + application/vnd.wolfram.player + + + nc + application/x-netcdf + + + ncx + application/x-dtbncx+xml + + + nfo + text/x-nfo + + + ngdat + application/vnd.nokia.n-gage.data + + + nitf + application/vnd.nitf + + + nlu + application/vnd.neurolanguage.nlu + + + nml + application/vnd.enliven + + + nnd + application/vnd.noblenet-directory + + + nns + application/vnd.noblenet-sealer + + + nnw + application/vnd.noblenet-web + + + npx + image/vnd.net-fpx + + + nsc + application/x-conference + + + nsf + application/vnd.lotus-notes + + + ntf + application/vnd.nitf + + + nzb + application/x-nzb + + + oa2 + application/vnd.fujitsu.oasys2 + + + oa3 + application/vnd.fujitsu.oasys3 + + + oas + application/vnd.fujitsu.oasys + + + obd + application/x-msbinder + + + obj + application/x-tgif + + + oda + application/oda + + + + odb + application/vnd.oasis.opendocument.database + + + + odc + application/vnd.oasis.opendocument.chart + + + + odf + application/vnd.oasis.opendocument.formula + + + odft + application/vnd.oasis.opendocument.formula-template + + + + odg + application/vnd.oasis.opendocument.graphics + + + + odi + application/vnd.oasis.opendocument.image + + + + odm + application/vnd.oasis.opendocument.text-master + + + + odp + application/vnd.oasis.opendocument.presentation + + + + ods + application/vnd.oasis.opendocument.spreadsheet + + + + odt + application/vnd.oasis.opendocument.text + + + oga + audio/ogg + + + ogg + audio/ogg + + + ogv + video/ogg + + + + ogx + application/ogg + + + omdoc + application/omdoc+xml + + + onepkg + application/onenote + + + onetmp + application/onenote + + + onetoc + application/onenote + + + onetoc2 + application/onenote + + + opf + application/oebps-package+xml + + + opml + text/x-opml + + + oprc + application/vnd.palm + + + opus + audio/ogg + + + org + application/vnd.lotus-organizer + + + osf + application/vnd.yamaha.openscoreformat + + + osfpvg + application/vnd.yamaha.openscoreformat.osfpvg+xml + + + otc + application/vnd.oasis.opendocument.chart-template + + + otf + font/otf + + + + otg + application/vnd.oasis.opendocument.graphics-template + + + + oth + application/vnd.oasis.opendocument.text-web + + + oti + application/vnd.oasis.opendocument.image-template + + + + otp + application/vnd.oasis.opendocument.presentation-template + + + + ots + application/vnd.oasis.opendocument.spreadsheet-template + + + + ott + application/vnd.oasis.opendocument.text-template + + + oxps + application/oxps + + + oxt + application/vnd.openofficeorg.extension + + + p + text/x-pascal + + + p10 + application/pkcs10 + + + p12 + application/x-pkcs12 + + + p7b + application/x-pkcs7-certificates + + + p7c + application/pkcs7-mime + + + p7m + application/pkcs7-mime + + + p7r + application/x-pkcs7-certreqresp + + + p7s + application/pkcs7-signature + + + p8 + application/pkcs8 + + + pas + text/x-pascal + + + paw + application/vnd.pawaafile + + + pbd + application/vnd.powerbuilder6 + + + pbm + image/x-portable-bitmap + + + pcap + application/vnd.tcpdump.pcap + + + pcf + application/x-font-pcf + + + pcl + application/vnd.hp-pcl + + + pclxl + application/vnd.hp-pclxl + + + pct + image/pict + + + pcurl + application/vnd.curl.pcurl + + + pcx + image/x-pcx + + + pdb + application/vnd.palm + + + pdf + application/pdf + + + pfa + application/x-font-type1 + + + pfb + application/x-font-type1 + + + pfm + application/x-font-type1 + + + pfr + application/font-tdpfr + + + pfx + application/x-pkcs12 + + + pgm + image/x-portable-graymap + + + pgn + application/x-chess-pgn + + + pgp + application/pgp-encrypted + + + pic + image/pict + + + pict + image/pict + + + pkg + application/octet-stream + + + pki + application/pkixcmp + + + pkipath + application/pkix-pkipath + + + plb + application/vnd.3gpp.pic-bw-large + + + plc + application/vnd.mobius.plc + + + plf + application/vnd.pocketlearn + + + pls + audio/x-scpls + + + pml + application/vnd.ctc-posml + + + png + image/png + + + pnm + image/x-portable-anymap + + + pnt + image/x-macpaint + + + portpkg + application/vnd.macports.portpkg + + + pot + application/vnd.ms-powerpoint + + + potm + application/vnd.ms-powerpoint.template.macroenabled.12 + + + potx + application/vnd.openxmlformats-officedocument.presentationml.template + + + ppam + application/vnd.ms-powerpoint.addin.macroenabled.12 + + + ppd + application/vnd.cups-ppd + + + ppm + image/x-portable-pixmap + + + pps + application/vnd.ms-powerpoint + + + ppsm + application/vnd.ms-powerpoint.slideshow.macroenabled.12 + + + ppsx + application/vnd.openxmlformats-officedocument.presentationml.slideshow + + + ppt + application/vnd.ms-powerpoint + + + pptm + application/vnd.ms-powerpoint.presentation.macroenabled.12 + + + pptx + application/vnd.openxmlformats-officedocument.presentationml.presentation + + + pqa + application/vnd.palm + + + prc + application/x-mobipocket-ebook + + + pre + application/vnd.lotus-freelance + + + prf + application/pics-rules + + + ps + application/postscript + + + psb + application/vnd.3gpp.pic-bw-small + + + psd + image/vnd.adobe.photoshop + + + psf + application/x-font-linux-psf + + + pskcxml + application/pskc+xml + + + ptid + application/vnd.pvi.ptid1 + + + pub + application/x-mspublisher + + + pvb + application/vnd.3gpp.pic-bw-var + + + pwn + application/vnd.3m.post-it-notes + + + pya + audio/vnd.ms-playready.media.pya + + + pyv + video/vnd.ms-playready.media.pyv + + + qam + application/vnd.epson.quickanime + + + qbo + application/vnd.intu.qbo + + + qfx + application/vnd.intu.qfx + + + qps + application/vnd.publishare-delta-tree + + + qt + video/quicktime + + + qti + image/x-quicktime + + + qtif + image/x-quicktime + + + qwd + application/vnd.quark.quarkxpress + + + qwt + application/vnd.quark.quarkxpress + + + qxb + application/vnd.quark.quarkxpress + + + qxd + application/vnd.quark.quarkxpress + + + qxl + application/vnd.quark.quarkxpress + + + qxt + application/vnd.quark.quarkxpress + + + ra + audio/x-pn-realaudio + + + ram + audio/x-pn-realaudio + + + rar + application/x-rar-compressed + + + ras + image/x-cmu-raster + + + rcprofile + application/vnd.ipunplugged.rcprofile + + + rdf + application/rdf+xml + + + rdz + application/vnd.data-vision.rdz + + + rep + application/vnd.businessobjects + + + res + application/x-dtbresource+xml + + + rgb + image/x-rgb + + + rif + application/reginfo+xml + + + rip + audio/vnd.rip + + + ris + application/x-research-info-systems + + + rl + application/resource-lists+xml + + + rlc + image/vnd.fujixerox.edmics-rlc + + + rld + application/resource-lists-diff+xml + + + rm + application/vnd.rn-realmedia + + + rmi + audio/midi + + + rmp + audio/x-pn-realaudio-plugin + + + rms + application/vnd.jcp.javame.midlet-rms + + + rmvb + application/vnd.rn-realmedia-vbr + + + rnc + application/relax-ng-compact-syntax + + + roa + application/rpki-roa + + + roff + text/troff + + + rp9 + application/vnd.cloanto.rp9 + + + rpss + application/vnd.nokia.radio-presets + + + rpst + application/vnd.nokia.radio-preset + + + rq + application/sparql-query + + + rs + application/rls-services+xml + + + rsd + application/rsd+xml + + + rss + application/rss+xml + + + rtf + application/rtf + + + rtx + text/richtext + + + s + text/x-asm + + + s3m + audio/s3m + + + saf + application/vnd.yamaha.smaf-audio + + + sbml + application/sbml+xml + + + sc + application/vnd.ibm.secure-container + + + scd + application/x-msschedule + + + scm + application/vnd.lotus-screencam + + + scq + application/scvp-cv-request + + + scs + application/scvp-cv-response + + + scurl + text/vnd.curl.scurl + + + sda + application/vnd.stardivision.draw + + + sdc + application/vnd.stardivision.calc + + + sdd + application/vnd.stardivision.impress + + + sdkd + application/vnd.solent.sdkm+xml + + + sdkm + application/vnd.solent.sdkm+xml + + + sdp + application/sdp + + + sdw + application/vnd.stardivision.writer + + + see + application/vnd.seemail + + + seed + application/vnd.fdsn.seed + + + sema + application/vnd.sema + + + semd + application/vnd.semd + + + semf + application/vnd.semf + + + ser + application/java-serialized-object + + + setpay + application/set-payment-initiation + + + setreg + application/set-registration-initiation + + + sfd-hdstx + application/vnd.hydrostatix.sof-data + + + sfs + application/vnd.spotfire.sfs + + + sfv + text/x-sfv + + + sgi + image/sgi + + + sgl + application/vnd.stardivision.writer-global + + + sgm + text/sgml + + + sgml + text/sgml + + + sh + application/x-sh + + + shar + application/x-shar + + + shf + application/shf+xml + + + + sid + image/x-mrsid-image + + + sig + application/pgp-signature + + + sil + audio/silk + + + silo + model/mesh + + + sis + application/vnd.symbian.install + + + sisx + application/vnd.symbian.install + + + sit + application/x-stuffit + + + sitx + application/x-stuffitx + + + skd + application/vnd.koan + + + skm + application/vnd.koan + + + skp + application/vnd.koan + + + skt + application/vnd.koan + + + sldm + application/vnd.ms-powerpoint.slide.macroenabled.12 + + + sldx + application/vnd.openxmlformats-officedocument.presentationml.slide + + + slt + application/vnd.epson.salt + + + sm + application/vnd.stepmania.stepchart + + + smf + application/vnd.stardivision.math + + + smi + application/smil+xml + + + smil + application/smil+xml + + + smv + video/x-smv + + + smzip + application/vnd.stepmania.package + + + snd + audio/basic + + + snf + application/x-font-snf + + + so + application/octet-stream + + + spc + application/x-pkcs7-certificates + + + spf + application/vnd.yamaha.smaf-phrase + + + spl + application/x-futuresplash + + + spot + text/vnd.in3d.spot + + + spp + application/scvp-vp-response + + + spq + application/scvp-vp-request + + + spx + audio/ogg + + + sql + application/x-sql + + + src + application/x-wais-source + + + srt + application/x-subrip + + + sru + application/sru+xml + + + srx + application/sparql-results+xml + + + ssdl + application/ssdl+xml + + + sse + application/vnd.kodak-descriptor + + + ssf + application/vnd.epson.ssf + + + ssml + application/ssml+xml + + + st + application/vnd.sailingtracker.track + + + stc + application/vnd.sun.xml.calc.template + + + std + application/vnd.sun.xml.draw.template + + + stf + application/vnd.wt.stf + + + sti + application/vnd.sun.xml.impress.template + + + stk + application/hyperstudio + + + stl + application/vnd.ms-pki.stl + + + str + application/vnd.pg.format + + + stw + application/vnd.sun.xml.writer.template + + + sub + text/vnd.dvb.subtitle + + + sus + application/vnd.sus-calendar + + + susp + application/vnd.sus-calendar + + + sv4cpio + application/x-sv4cpio + + + sv4crc + application/x-sv4crc + + + svc + application/vnd.dvb.service + + + svd + application/vnd.svd + + + svg + image/svg+xml + + + svgz + image/svg+xml + + + swa + application/x-director + + + swf + application/x-shockwave-flash + + + swi + application/vnd.aristanetworks.swi + + + sxc + application/vnd.sun.xml.calc + + + sxd + application/vnd.sun.xml.draw + + + sxg + application/vnd.sun.xml.writer.global + + + sxi + application/vnd.sun.xml.impress + + + sxm + application/vnd.sun.xml.math + + + sxw + application/vnd.sun.xml.writer + + + t + text/troff + + + t3 + application/x-t3vm-image + + + taglet + application/vnd.mynfc + + + tao + application/vnd.tao.intent-module-archive + + + tar + application/x-tar + + + tcap + application/vnd.3gpp2.tcap + + + tcl + application/x-tcl + + + teacher + application/vnd.smart.teacher + + + tei + application/tei+xml + + + teicorpus + application/tei+xml + + + tex + application/x-tex + + + texi + application/x-texinfo + + + texinfo + application/x-texinfo + + + text + text/plain + + + tfi + application/thraud+xml + + + tfm + application/x-tex-tfm + + + tga + image/x-tga + + + thmx + application/vnd.ms-officetheme + + + tif + image/tiff + + + tiff + image/tiff + + + tmo + application/vnd.tmobile-livetv + + + torrent + application/x-bittorrent + + + tpl + application/vnd.groove-tool-template + + + tpt + application/vnd.trid.tpt + + + tr + text/troff + + + tra + application/vnd.trueapp + + + trm + application/x-msterminal + + + tsd + application/timestamped-data + + + tsv + text/tab-separated-values + + + ttc + font/collection + + + ttf + font/ttf + + + ttl + text/turtle + + + twd + application/vnd.simtech-mindmapper + + + twds + application/vnd.simtech-mindmapper + + + txd + application/vnd.genomatix.tuxedo + + + txf + application/vnd.mobius.txf + + + txt + text/plain + + + u32 + application/x-authorware-bin + + + udeb + application/x-debian-package + + + ufd + application/vnd.ufdl + + + ufdl + application/vnd.ufdl + + + ulw + audio/basic + + + ulx + application/x-glulx + + + umj + application/vnd.umajin + + + unityweb + application/vnd.unity + + + uoml + application/vnd.uoml+xml + + + uri + text/uri-list + + + uris + text/uri-list + + + urls + text/uri-list + + + ustar + application/x-ustar + + + utz + application/vnd.uiq.theme + + + uu + text/x-uuencode + + + uva + audio/vnd.dece.audio + + + uvd + application/vnd.dece.data + + + uvf + application/vnd.dece.data + + + uvg + image/vnd.dece.graphic + + + uvh + video/vnd.dece.hd + + + uvi + image/vnd.dece.graphic + + + uvm + video/vnd.dece.mobile + + + uvp + video/vnd.dece.pd + + + uvs + video/vnd.dece.sd + + + uvt + application/vnd.dece.ttml+xml + + + uvu + video/vnd.uvvu.mp4 + + + uvv + video/vnd.dece.video + + + uvva + audio/vnd.dece.audio + + + uvvd + application/vnd.dece.data + + + uvvf + application/vnd.dece.data + + + uvvg + image/vnd.dece.graphic + + + uvvh + video/vnd.dece.hd + + + uvvi + image/vnd.dece.graphic + + + uvvm + video/vnd.dece.mobile + + + uvvp + video/vnd.dece.pd + + + uvvs + video/vnd.dece.sd + + + uvvt + application/vnd.dece.ttml+xml + + + uvvu + video/vnd.uvvu.mp4 + + + uvvv + video/vnd.dece.video + + + uvvx + application/vnd.dece.unspecified + + + uvvz + application/vnd.dece.zip + + + uvx + application/vnd.dece.unspecified + + + uvz + application/vnd.dece.zip + + + vcard + text/vcard + + + vcd + application/x-cdlink + + + vcf + text/x-vcard + + + vcg + application/vnd.groove-vcard + + + vcs + text/x-vcalendar + + + vcx + application/vnd.vcx + + + vis + application/vnd.visionary + + + viv + video/vnd.vivo + + + vob + video/x-ms-vob + + + vor + application/vnd.stardivision.writer + + + vox + application/x-authorware-bin + + + vrml + model/vrml + + + vsd + application/vnd.visio + + + vsf + application/vnd.vsf + + + vss + application/vnd.visio + + + vst + application/vnd.visio + + + vsw + application/vnd.visio + + + vtu + model/vnd.vtu + + + vxml + application/voicexml+xml + + + w3d + application/x-director + + + wad + application/x-doom + + + wasm + application/wasm + + + wav + audio/x-wav + + + wax + audio/x-ms-wax + + + + wbmp + image/vnd.wap.wbmp + + + wbs + application/vnd.criticaltools.wbs+xml + + + wbxml + application/vnd.wap.wbxml + + + wcm + application/vnd.ms-works + + + wdb + application/vnd.ms-works + + + wdp + image/vnd.ms-photo + + + weba + audio/webm + + + webm + video/webm + + + webp + image/webp + + + wg + application/vnd.pmi.widget + + + wgt + application/widget + + + wks + application/vnd.ms-works + + + wm + video/x-ms-wm + + + wma + audio/x-ms-wma + + + wmd + application/x-ms-wmd + + + wmf + application/x-msmetafile + + + + wml + text/vnd.wap.wml + + + + wmlc + application/vnd.wap.wmlc + + + + wmls + text/vnd.wap.wmlscript + + + + wmlsc + application/vnd.wap.wmlscriptc + + + wmv + video/x-ms-wmv + + + wmx + video/x-ms-wmx + + + wmz + application/x-msmetafile + + + woff + font/woff + + + woff2 + font/woff2 + + + wpd + application/vnd.wordperfect + + + wpl + application/vnd.ms-wpl + + + wps + application/vnd.ms-works + + + wqd + application/vnd.wqd + + + wri + application/x-mswrite + + + wrl + model/vrml + + + wsdl + application/wsdl+xml + + + wspolicy + application/wspolicy+xml + + + wtb + application/vnd.webturbo + + + wvx + video/x-ms-wvx + + + x32 + application/x-authorware-bin + + + x3d + model/x3d+xml + + + x3db + model/x3d+binary + + + x3dbz + model/x3d+binary + + + x3dv + model/x3d+vrml + + + x3dvz + model/x3d+vrml + + + x3dz + model/x3d+xml + + + xaml + application/xaml+xml + + + xap + application/x-silverlight-app + + + xar + application/vnd.xara + + + xbap + application/x-ms-xbap + + + xbd + application/vnd.fujixerox.docuworks.binder + + + xbm + image/x-xbitmap + + + xdf + application/xcap-diff+xml + + + xdm + application/vnd.syncml.dm+xml + + + xdp + application/vnd.adobe.xdp+xml + + + xdssc + application/dssc+xml + + + xdw + application/vnd.fujixerox.docuworks + + + xenc + application/xenc+xml + + + xer + application/patch-ops-error+xml + + + xfdf + application/vnd.adobe.xfdf + + + xfdl + application/vnd.xfdl + + + xht + application/xhtml+xml + + + xhtml + application/xhtml+xml + + + xhvml + application/xv+xml + + + xif + image/vnd.xiff + + + xla + application/vnd.ms-excel + + + xlam + application/vnd.ms-excel.addin.macroenabled.12 + + + xlc + application/vnd.ms-excel + + + xlf + application/x-xliff+xml + + + xlm + application/vnd.ms-excel + + + xls + application/vnd.ms-excel + + + xlsb + application/vnd.ms-excel.sheet.binary.macroenabled.12 + + + xlsm + application/vnd.ms-excel.sheet.macroenabled.12 + + + xlsx + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + + + xlt + application/vnd.ms-excel + + + xltm + application/vnd.ms-excel.template.macroenabled.12 + + + xltx + application/vnd.openxmlformats-officedocument.spreadsheetml.template + + + xlw + application/vnd.ms-excel + + + xm + audio/xm + + + xml + application/xml + + + xo + application/vnd.olpc-sugar + + + xop + application/xop+xml + + + xpi + application/x-xpinstall + + + xpl + application/xproc+xml + + + xpm + image/x-xpixmap + + + xpr + application/vnd.is-xpr + + + xps + application/vnd.ms-xpsdocument + + + xpw + application/vnd.intercon.formnet + + + xpx + application/vnd.intercon.formnet + + + xsl + application/xml + + + xslt + application/xslt+xml + + + xsm + application/vnd.syncml+xml + + + xspf + application/xspf+xml + + + xul + application/vnd.mozilla.xul+xml + + + xvm + application/xv+xml + + + xvml + application/xv+xml + + + xwd + image/x-xwindowdump + + + xyz + chemical/x-xyz + + + xz + application/x-xz + + + yang + application/yang + + + yin + application/yin+xml + + + z + application/x-compress + + + z1 + application/x-zmachine + + + z2 + application/x-zmachine + + + z3 + application/x-zmachine + + + z4 + application/x-zmachine + + + z5 + application/x-zmachine + + + z6 + application/x-zmachine + + + z7 + application/x-zmachine + + + z8 + application/x-zmachine + + + zaz + application/vnd.zzazz.deck+xml + + + zip + application/zip + + + zir + application/vnd.zul + + + zirz + application/vnd.zul + + + zmm + application/vnd.handheld-entertainment+xml + + + + + + + + + + + + + + + + + + index.html + index.htm + index.jsp + + + From a7d03ba7eddf47a5b8a8079374c161bb20b338da Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 12:50:35 +0200 Subject: [PATCH 03/13] WIP preparing workflow for docker image testing --- .github/inactive/app-start.yml | 33 +++++++ .github/workflows/gradle-check-build.yml | 29 ++++--- Dockerfile | 86 ++++++++++++------- compose.dev.yml | 21 +++-- docker/tomcat.Dockerfile | 2 +- .../com/smi/xxx/rest/base/BaseService.java | 13 ++- 6 files changed, 127 insertions(+), 57 deletions(-) create mode 100644 .github/inactive/app-start.yml diff --git a/.github/inactive/app-start.yml b/.github/inactive/app-start.yml new file mode 100644 index 0000000..8a3b8ae --- /dev/null +++ b/.github/inactive/app-start.yml @@ -0,0 +1,33 @@ +# this workflow will build the docker file and verify the image gets up and running +name: App Start Workflow +on: + push: + branches: + - dev +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + # - name: Build Docker Image + # run: docker build -t myapp . + # - name: Run Docker Image + # run: docker run -d -p 8080:8080 myapp + # - name: Verify Docker Image + # run: curl -s http://localhost:8080 | grep "Hello World" + - name: Cache Docker images. + uses: ScribeMD/docker-cache@0.5.0 + with: + key: docker-${{ runner.os }}-${{ hashFiles('Dockerfile') }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build docker image + uses: docker/build-push-action@v5 + with: + push: false + context: . + file: ./Dockerfile + platforms: linux/arm64 diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index 2fd346e..a3c526b 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -14,19 +14,24 @@ jobs: - uses: ./.github/actions/ci-setup name: Setup CI environment - name: Build with Gradle Wrapper Step - run: ./gradlew build + # buildWar runs check and test tasks + run: ./gradlew buildWar - name: Upload coverage to Codecov uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # v4.4.1 with: token: ${{ secrets.CODECOV_TOKEN }} - build-windows: - if: github.event.pull_request.draft == false - name: Lint and Build on Windows Job - runs-on: windows-latest - steps: - - name: Checkout sources Step - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - - uses: ./.github/actions/ci-setup - name: Setup CI environment - - name: Build with Gradle Wrapper Step - run: ./gradlew build +# +# +# we don't care about windows for this app since it only runs on linux +# build-windows: +# if: github.event.pull_request.draft == false +# name: Lint and Build on Windows Job +# runs-on: windows-latest +# steps: +# - name: Checkout sources Step +# uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 +# - uses: ./.github/actions/ci-setup +# name: Setup CI environment +# - name: Build with Gradle Wrapper Step +# # buildWar runs check and test tasks +# run: ./gradlew buildWar diff --git a/Dockerfile b/Dockerfile index da38cd1..7d7e58b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,36 +1,56 @@ -# steps: -# 1. build image on java image -# 2. move war to tomcat image -# 3. run tomcat image - -FROM eclipse-temurin:21@sha256:2e387a63a9086232a53fb668f78bcda1f233118f234326fcb88b0bb2a968ec39 as BUILD_IMAGE - -# VULN: should probably not run as root - -# VULN: should probably move to alpine, preferably embedding tomcat in the app - -# initialize defaults for overriding through --env - -# example -ENV INFISICAL_TOKEN='' - -ENV PORT=8080 - -RUN mkdir -p /home/app - -WORKDIR /home/app - -COPY . /home/app - -WORKDIR /home/app - -RUN ./gradlew war - -## MULTI STAGE - -FROM tomcat:9-jdk21-temurin-jammy@sha256:f7c4623aa616f46473003b325246befcc5fe7120b39b07c977dd44057bbdc306 - -COPY --from=BUILD_IMAGE /home/app/build/libs/* /usr/local/tomcat/webapps +# # steps: +# # 1. build image on java image +# # 2. move war to tomcat image +# # 3. run tomcat image +# +# # FROM eclipse-temurin:21@sha256:2e387a63a9086232a53fb668f78bcda1f233118f234326fcb88b0bb2a968ec39 as BUILD_IMAGE +# FROM gradle:8-jdk21 as BUILD_IMAGE +# +# # VULN: should probably not run as root +# +# # VULN: should probably move to alpine, preferably embedding tomcat in the app +# +# # initialize defaults for overriding through --env +# +# # example +# ENV INFISICAL_TOKEN='' +# +# ENV PORT=8080 +# +# RUN mkdir -p /home/app +# +# WORKDIR /home/app +# +# COPY . /home/app +# +# WORKDIR /home/app +# +# # RUN ./gradlew war +# # if we don't use the wrapper, we can use the gradle image and prevent +# # downloading gradle every time which takes ALOT and allows for caching +# RUN gradle war + +FROM tomcat:9-jdk21 + +# If not using multistage: docker file expects the war file to be in the build/libs folder. +# if we build it outside we can use github action gradle caching +# to make the build faster + +## IF MULTI STAGE +# COPY --from=BUILD_IMAGE /home/app/build/libs/* /usr/local/tomcat/webapps +## else +COPY build/libs/* /usr/local/tomcat/webapps + +RUN adduser tomcat + +RUN chown -R tomcat:tomcat /usr/local/tomcat/webapps + +# HEALTHCHECK --interval=30s --timeout=10s --retries=5 --start-period=30s \ +# CMD curl --fail http://localhost:8080/tomcat-webapp-boilerplate/api/base/health || exit 1 +# HEALTHCHECK --interval=30s --timeout=10s --retries=5 --start-period=30s \ +# CMD curl --fail http://localhost:8080/wrong || exit 1 + +USER tomcat EXPOSE ${PORT} diff --git a/compose.dev.yml b/compose.dev.yml index e0f8dbc..ac6982d 100644 --- a/compose.dev.yml +++ b/compose.dev.yml @@ -2,12 +2,17 @@ # # this is a dev only compose file that will be used to start the services needed # and provide live reload for the tomcat webapp by running npm run dev +# +# network mode exposes the service directly to the host, no mapping needed +# requires ports available on the host + services: tomcat-webapp-boilerplate: # environment: # image: tomcat:9-jdk21-temurin-jammy build: - dockerfile: ./docker/tomcat.Dockerfile + # dockerfile: ./docker/tomcat.Dockerfile + dockerfile: ./Dockerfile container_name: tomcat-webapp-boilerplate env_file: ./.env develop: @@ -17,18 +22,18 @@ services: path: "./build/libs/" target: "/usr/local/tomcat/webapps/" network_mode: host - ports: - - 127.0.0.1:8080:8080 - ########## postgres + # ports: + # - 127.0.0.1:8080:8080 + ########## postgres postgresdev: env_file: ./.env image: postgres:latest # restart: unless-stopped # user: postgres network_mode: host - ports: - - 127.0.0.1:5432:5432 - # - 5432:5432 + # ports: + # - 127.0.0.1:5432:5432 + # - 5432:5432 container_name: postgresdev volumes: # - ~/data/postgres:/var/lib/postgresql/data @@ -57,8 +62,6 @@ services: image: redis/redis-stack:latest # user: redis # restart: unless-stopped - # - # network mode exposes the service to the host, no mapping needed network_mode: host # ports: # - 127.0.0.1:6379:6379 diff --git a/docker/tomcat.Dockerfile b/docker/tomcat.Dockerfile index 049dd68..4777448 100644 --- a/docker/tomcat.Dockerfile +++ b/docker/tomcat.Dockerfile @@ -1,4 +1,4 @@ -FROM tomcat:9-jdk21-temurin-jammy@sha256:f7c4623aa616f46473003b325246befcc5fe7120b39b07c977dd44057bbdc306 +FROM tomcat:9-jdk21 RUN adduser tomcat diff --git a/src/main/java/com/smi/xxx/rest/base/BaseService.java b/src/main/java/com/smi/xxx/rest/base/BaseService.java index 21dea27..aff7f71 100644 --- a/src/main/java/com/smi/xxx/rest/base/BaseService.java +++ b/src/main/java/com/smi/xxx/rest/base/BaseService.java @@ -1,5 +1,7 @@ package com.smi.xxx.rest.base; +import com.google.gson.Gson; +import java.util.HashMap; import javax.ws.rs.Consumes; import javax.ws.rs.FormParam; import javax.ws.rs.GET; @@ -14,6 +16,8 @@ @Path("/base") public class BaseService { + private static final Gson GSON = new Gson(); + @GET @Path("/") public Response get() { @@ -50,11 +54,16 @@ public Response loginByModel(LoginModel datas) { return Response.ok(createToken(datas.username, datas.password)).build(); } // loginByModel - @POST + @GET + @Produces({MediaType.APPLICATION_JSON}) @Path("/health") public Response health() { + var resJson = new HashMap(); + resJson.put("status", "UP"); + + var json = GSON.toJson(resJson); - return Response.ok().build(); + return Response.ok(json).build(); } // health private String createToken(String username, String password) { From d1273302c2e219b10ffc6622602192acc2750395 Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 12:51:57 +0200 Subject: [PATCH 04/13] WIP javadoc --- src/main/java/com/smi/xxx/rest/base/BaseService.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/com/smi/xxx/rest/base/BaseService.java b/src/main/java/com/smi/xxx/rest/base/BaseService.java index aff7f71..3e27cb7 100644 --- a/src/main/java/com/smi/xxx/rest/base/BaseService.java +++ b/src/main/java/com/smi/xxx/rest/base/BaseService.java @@ -54,6 +54,7 @@ public Response loginByModel(LoginModel datas) { return Response.ok(createToken(datas.username, datas.password)).build(); } // loginByModel + /** Health check. */ @GET @Produces({MediaType.APPLICATION_JSON}) @Path("/health") From ef43c540dbe7e473ff305f1326cad6038f898a22 Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 12:56:24 +0200 Subject: [PATCH 05/13] WIP prepare setup docker action --- .github/actions/docker-setup/action.yml | 12 ++++++++++++ .github/inactive/app-start.yml | 10 ++-------- .github/workflows/gradle-check-build.yml | 3 ++- 3 files changed, 16 insertions(+), 9 deletions(-) create mode 100644 .github/actions/docker-setup/action.yml diff --git a/.github/actions/docker-setup/action.yml b/.github/actions/docker-setup/action.yml new file mode 100644 index 0000000..b3c03c2 --- /dev/null +++ b/.github/actions/docker-setup/action.yml @@ -0,0 +1,12 @@ +name: Setup DOCKER +runs: + using: composite + steps: + - name: Cache Docker images. + uses: ScribeMD/docker-cache@0.5.0 + with: + key: docker-${{ runner.os }}-${{ hashFiles('Dockerfile') }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 diff --git a/.github/inactive/app-start.yml b/.github/inactive/app-start.yml index 8a3b8ae..9cb9ab7 100644 --- a/.github/inactive/app-start.yml +++ b/.github/inactive/app-start.yml @@ -16,14 +16,8 @@ jobs: # run: docker run -d -p 8080:8080 myapp # - name: Verify Docker Image # run: curl -s http://localhost:8080 | grep "Hello World" - - name: Cache Docker images. - uses: ScribeMD/docker-cache@0.5.0 - with: - key: docker-${{ runner.os }}-${{ hashFiles('Dockerfile') }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + - name: Setup DOCKER environment + uses: ./.github/actions/docker-setup - name: Build docker image uses: docker/build-push-action@v5 with: diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index a3c526b..e31b691 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -14,7 +14,8 @@ jobs: - uses: ./.github/actions/ci-setup name: Setup CI environment - name: Build with Gradle Wrapper Step - # buildWar runs check and test tasks + # buildWar runs check, test, war tasks + # at this point we won't know if the app will run in a container run: ./gradlew buildWar - name: Upload coverage to Codecov uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # v4.4.1 From 7170031be9209ef621befe0e148af12421b1d912 Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 14:14:18 +0200 Subject: [PATCH 06/13] WIP test docker action --- .github/inactive/app-start.yml | 14 ++++++++++- .github/workflows/gradle-check-build.yml | 30 ++++++++++++++++++++++-- 2 files changed, 41 insertions(+), 3 deletions(-) diff --git a/.github/inactive/app-start.yml b/.github/inactive/app-start.yml index 9cb9ab7..8cfd7f9 100644 --- a/.github/inactive/app-start.yml +++ b/.github/inactive/app-start.yml @@ -4,6 +4,7 @@ on: push: branches: - dev + workflow_dispatch: {} jobs: build: runs-on: ubuntu-latest @@ -18,10 +19,21 @@ jobs: # run: curl -s http://localhost:8080 | grep "Hello World" - name: Setup DOCKER environment uses: ./.github/actions/docker-setup - - name: Build docker image + - name: Build and export to docker uses: docker/build-push-action@v5 with: push: false context: . file: ./Dockerfile + load: true # load the image after building so it can be used in the next steps platforms: linux/arm64 + tags: gipo999/tomcat-webapp-boilerplate:latest + # - name: Test docker image + # run: | + # docker run --rm ${{ env.TEST_TAG }} + - name: Run docker image + run: | + docker run -d -p 8080:8080 gipo999/tomcat-webapp-boilerplate:latest + - name: Verify docker image endpoint + run: | + curl -s http://localhost:8080/tomcat-webapp-boilerplate/app/base/health | grep "Hello World" diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index e31b691..59082f1 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -2,6 +2,8 @@ name: Gradle Check and Build Workflow on: pull_request: branches: ["dev"] + push: + branches: ["app-start-test"] workflow_dispatch: {} jobs: build-linux: @@ -11,8 +13,9 @@ jobs: steps: - name: Checkout sources Step uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - - uses: ./.github/actions/ci-setup - name: Setup CI environment + - name: Setup CI environment + uses: ./.github/actions/ci-setup + # run the gradle check and build tasks - name: Build with Gradle Wrapper Step # buildWar runs check, test, war tasks # at this point we won't know if the app will run in a container @@ -21,6 +24,29 @@ jobs: uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # v4.4.1 with: token: ${{ secrets.CODECOV_TOKEN }} + # test the docker image + - name: Setup DOCKER environment + uses: ./.github/actions/docker-setup + - name: Build and export to docker + uses: docker/build-push-action@v5 + with: + push: false + context: . + file: ./Dockerfile + load: true # load the image after building so it can be used in the next steps + platforms: linux/arm64 + tags: gipo999/tomcat-webapp-boilerplate:latest + # - name: Test docker image + # run: | + # docker run --rm ${{ env.TEST_TAG }} + - name: Run docker image + run: | + docker run -d -p 8080:8080 gipo999/tomcat-webapp-boilerplate:latest + - name: Verify docker image endpoint + # it returns 200 with json {"status":"UP"} + run: | + curl -s http://localhost:8080/tomcat-webapp-boilerplate/app/base/health | grep "UP" + # # # we don't care about windows for this app since it only runs on linux From d3acdd9b8e4d5be7d5678d55ded4e8948e57888c Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 14:21:00 +0200 Subject: [PATCH 07/13] WIP test retry curl --- .github/workflows/gradle-check-build.yml | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index 59082f1..cdb9771 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -1,4 +1,6 @@ name: Gradle Check and Build Workflow +env: + TEST_TAG: gipo999/tomcat-webapp-boilerplate:test on: pull_request: branches: ["dev"] @@ -35,17 +37,27 @@ jobs: file: ./Dockerfile load: true # load the image after building so it can be used in the next steps platforms: linux/arm64 - tags: gipo999/tomcat-webapp-boilerplate:latest + tags: ${{ env.TEST_TAG }} # - name: Test docker image # run: | # docker run --rm ${{ env.TEST_TAG }} - name: Run docker image run: | docker run -d -p 8080:8080 gipo999/tomcat-webapp-boilerplate:latest - - name: Verify docker image endpoint - # it returns 200 with json {"status":"UP"} - run: | - curl -s http://localhost:8080/tomcat-webapp-boilerplate/app/base/health | grep "UP" + # - name: Verify docker image endpoint + # # it returns 200 with json {"status":"UP"} + # run: | + # curl -s http://localhost:8080/tomcat-webapp-boilerplate/app/base/health | grep "UP" + - name: Test docker image endpoint + # Use the retry action + uses: nick-fields/retry@v3 + with: + max_attempts: 5 + retry_on: error + timeout_seconds: 10 + # You can specify the shell commands you want to retry here + command: | + curl -s http://localhost:8080/tomcat-webapp-boilerplate/app/base/health | grep "UP" # # From 8e2ad9f37428594cf0df5a43d0ca456df6e7f9d3 Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 14:24:21 +0200 Subject: [PATCH 08/13] WIP fix tag --- .github/workflows/gradle-check-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index cdb9771..a2d2ef4 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -43,7 +43,7 @@ jobs: # docker run --rm ${{ env.TEST_TAG }} - name: Run docker image run: | - docker run -d -p 8080:8080 gipo999/tomcat-webapp-boilerplate:latest + docker run -d -p 8080:8080 gipo999/tomcat-webapp-boilerplate:${{ env.TEST_TAG }} # - name: Verify docker image endpoint # # it returns 200 with json {"status":"UP"} # run: | From 8d89878d983bf1eee0859a0f4cf874cdb90db969 Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 14:26:39 +0200 Subject: [PATCH 09/13] WIP fix tag --- .github/workflows/gradle-check-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index a2d2ef4..af149cf 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -43,7 +43,7 @@ jobs: # docker run --rm ${{ env.TEST_TAG }} - name: Run docker image run: | - docker run -d -p 8080:8080 gipo999/tomcat-webapp-boilerplate:${{ env.TEST_TAG }} + docker run -d -p 8080:8080 ${{ env.TEST_TAG }} # - name: Verify docker image endpoint # # it returns 200 with json {"status":"UP"} # run: | From 1aedebda86c7429cdad7be65274fb14ec53fd064 Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 14:29:18 +0200 Subject: [PATCH 10/13] WIP fix platform --- .github/workflows/gradle-check-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index af149cf..6670404 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -36,7 +36,7 @@ jobs: context: . file: ./Dockerfile load: true # load the image after building so it can be used in the next steps - platforms: linux/arm64 + platforms: linux/amd64 tags: ${{ env.TEST_TAG }} # - name: Test docker image # run: | From 5377c3bded77335596e76abd0aa0cf02e94c71b7 Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 14:29:29 +0200 Subject: [PATCH 11/13] WIP fix platform --- .github/inactive/app-start.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/inactive/app-start.yml b/.github/inactive/app-start.yml index 8cfd7f9..1509b30 100644 --- a/.github/inactive/app-start.yml +++ b/.github/inactive/app-start.yml @@ -26,7 +26,7 @@ jobs: context: . file: ./Dockerfile load: true # load the image after building so it can be used in the next steps - platforms: linux/arm64 + platforms: linux/amd64 tags: gipo999/tomcat-webapp-boilerplate:latest # - name: Test docker image # run: | From 223611c986616751f98ad87287a08a3a35976dcf Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 15:05:08 +0200 Subject: [PATCH 12/13] WIP working app ping health check in github action --- .github/workflows/gradle-check-build.yml | 3 ++ Dockerfile | 1 + README.md | 35 ++++++++++++++++++++---- 3 files changed, 33 insertions(+), 6 deletions(-) diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index 6670404..71e7a8a 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -59,6 +59,9 @@ jobs: command: | curl -s http://localhost:8080/tomcat-webapp-boilerplate/app/base/health | grep "UP" +# pen test and put comment in pr with the results now using PR image +# we will replicate the pen test with cron on another action on the dev branch tag released image + # # # we don't care about windows for this app since it only runs on linux diff --git a/Dockerfile b/Dockerfile index 7d7e58b..e72cd60 100644 --- a/Dockerfile +++ b/Dockerfile @@ -45,6 +45,7 @@ RUN adduser tomcat RUN chown -R tomcat:tomcat /usr/local/tomcat/webapps +# FIXME: this should be run in the compose or cli command to run # HEALTHCHECK --interval=30s --timeout=10s --retries=5 --start-period=30s \ # CMD curl --fail http://localhost:8080/tomcat-webapp-boilerplate/api/base/health || exit 1 # HEALTHCHECK --interval=30s --timeout=10s --retries=5 --start-period=30s \ diff --git a/README.md b/README.md index 5f503a4..ebb8a1f 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,32 @@ compose up -d # env vars -SEMGREP_APP_TOKEN -DOCKERHUB_TOKEN -DOCKERHUB_USERNAME -SNYK_TOKEN -PAT -CODECOV_TOKEN +- SEMGREP_APP_TOKEN +- DOCKERHUB_TOKEN +- DOCKERHUB_USERNAME +- SNYK_TOKEN +- PAT +- CODECOV_TOKEN + +# feats + +- gradle + +- docker + +- compose + auto restart on src change + +- pre commit + +- post commit + +- pre push + +- on pr + test, check, war, tomcat /health + vulnerability checks on container and image + +- on dev push + +- cron From 51e58896d1c518223ae05e80979767e2642a6639 Mon Sep 17 00:00:00 2001 From: gipo355 <91525512+gipo355@users.noreply.github.com> Date: Mon, 3 Jun 2024 15:08:21 +0200 Subject: [PATCH 13/13] WIP remove push app-start-test --- .github/workflows/gradle-check-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index 71e7a8a..92fe5a6 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -4,8 +4,8 @@ env: on: pull_request: branches: ["dev"] - push: - branches: ["app-start-test"] + # push: + # branches: ["app-start-test"] workflow_dispatch: {} jobs: build-linux: