fix: docker image for java + fix access to swagger (#12)

Matithieu · web-flow · commit 586045b9983c · 2025-12-20T15:37:33.000+01:00
diff --git a/Dockerfile b/Dockerfile
@@ -1,32 +1,24 @@
 # Build Stage
 FROM gradle:8.13-jdk21 AS build
-
-# Set the working directory inside the container
 WORKDIR /home/gradle/src
-
-# Copy only the necessary files to the container to minimize cache invalidation
-COPY . /home/gradle/src
-
-# Build the project without the Gradle daemon to avoid cache issues
+COPY . .
 RUN gradle clean build --no-daemon
 
-# Final Stage: Create a minimal Docker image with just the JAR file
-FROM openjdk:21-jdk-slim
-
-# Install curl for debugging purposes
-RUN apt update && apt install -y curl
-
-# Set the working directory inside the container
+# Runtime Stage (JRE only)
+FROM eclipse-temurin:21-jre
 WORKDIR /app
 
+RUN apt-get update \
+  && apt-get install -y --no-install-recommends curl \
+  && rm -rf /var/lib/apt/lists/*
+
 # Copy the built jar from the build stage
-COPY --from=build /home/gradle/src/build/libs/*.jar app.jar
+COPY --from=build /home/gradle/src/build/libs/*.jar /app/app.jar
 
-# Expose the application's port
 EXPOSE 8083
 
-# Set JVM options to handle memory issues
-ENV JAVA_OPTS="-Xms2g -Xmx4g"
+# JVM options (optional)
+ENV JAVA_OPTS="-XX:MaxRAMPercentage=75"
 
-# Command to run the application
-CMD ["java", "-jar", "app.jar"]
+# Use a shell form to expand JAVA_OPTS
+CMD ["sh", "-c", "java $JAVA_OPTS -jar /app/app.jar"]
diff --git a/README.md b/README.md
@@ -0,0 +1,10 @@
+# Local API Usage
+
+To use the API locally, you must pass the following token using the ModHeader browser extension. Otherwise, the API will not work.
+
+**Header:** `X-Auth-Request-Access-Token`
+
+**Token:** `eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ1MTlCYW5HbVlqV1hFZHhHTmRIdlVFSTRKbTFlU29YOFRzU3RSSWFjVEprIn0.eyJleHAiOjE3NjYyNDExODgsImlhdCI6MTc2NjI0MDg4OCwiYXV0aF90aW1lIjoxNzY2MjQwODg4LCJqdGkiOiIyMmE5M2M5Yy04MTU4LTQ1MDgtYjBiZC1jYjlkMzVjNDI3YTMiLCJpc3MiOiJodHRwczovL2xvY2FsaG9zdC9hdXRoL3JlYWxtcy9pbmZvQ29tcGFuaWVzIiwiYXVkIjpbInNwcmluZy1hcGktaW5mb2NvbXBhbmllcyIsInJlYWxtLW1hbmFnZW1lbnQiLCJhY2NvdW50Il0sInN1YiI6ImViYjU5MGViLTA5N2UtNDEyYS04MTg3LWU1YTU0NTZlYTg3NSIsInR5cCI6IkJlYXJlciIsImF6cCI6InNwcmluZy1hcGktaW5mb2NvbXBhbmllcyIsInNpZCI6IjY1MzNkZWUzLWVmY2YtNDc3My1hNzgwLTExZTM1NDMwNzE3NiIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9sb2NhbGhvc3QvKiIsImh0dHA6Ly9sb2NhbGhvc3Q6NTE3My8qIiwiaHR0cDovL2xvY2FsaG9zdC8qIiwiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzLyoiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidmVyaWZpZWQiLCJhZG1pbiIsInVtYV9hdXRob3JpemF0aW9uIiwiZGVmYXVsdC1yb2xlcy1pbmZvY29tcGFuaWVzIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsicmVhbG0tbWFuYWdlbWVudCI6eyJyb2xlcyI6WyJ2aWV3LXJlYWxtIiwidmlldy1pZGVudGl0eS1wcm92aWRlcnMiLCJtYW5hZ2UtaWRlbnRpdHktcHJvdmlkZXJzIiwiaW1wZXJzb25hdGlvbiIsInJlYWxtLWFkbWluIiwiY3JlYXRlLWNsaWVudCIsIm1hbmFnZS11c2VycyIsInF1ZXJ5LXJlYWxtcyIsInZpZXctYXV0aG9yaXphdGlvbiIsInF1ZXJ5LWNsaWVudHMiLCJxdWVyeS11c2VycyIsIm1hbmFnZS1ldmVudHMiLCJtYW5hZ2UtcmVhbG0iLCJ2aWV3LWV2ZW50cyIsInZpZXctdXNlcnMiLCJ2aWV3LWNsaWVudHMiLCJtYW5hZ2UtYXV0aG9yaXphdGlvbiIsIm1hbmFnZS1jbGllbnRzIiwicXVlcnktZ3JvdXBzIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6Im9wZW5pZCBwaG9uZSBhZGRyZXNzIGVtYWlsIHByb2ZpbGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiYWRkcmVzcyI6e30sInJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidmVyaWZpZWQiLCJhZG1pbiIsInVtYV9hdXRob3JpemF0aW9uIiwiZGVmYXVsdC1yb2xlcy1pbmZvY29tcGFuaWVzIl0sIm5hbWUiOiJSb290dXMgQWRtaW51cyIsInByZWZlcnJlZF91c2VybmFtZSI6ImxvY2FsLWFkbWluQG1haWwuY29tIiwiZ2l2ZW5fbmFtZSI6IlJvb3R1cyIsImZhbWlseV9uYW1lIjoiQWRtaW51cyIsImVtYWlsIjoibG9jYWwtYWRtaW5AbWFpbC5jb20ifQ.N9HMe6DeZFz5-mX2a7LEsYFTRmMKefTzD37ZM2YKVKvrOLY_KNq7bxCl-KHE0b0QKLiORCIITr8StqmKF6vRSVT2DsooOjgdzYGvAnpu_65yQvV1_hAcmhKiA8i5nBrVe_ZZMf6p7pNx8wC6WMXylSYvIoK0hCK1TZLtI5cqFuQohbiSv_bLaO_7vhEcJ0mqRLeX3bIjrROLVJxyvWSDa_W6rO_qwEuYiDBGvDW04uO6gZzIoTU6YrPxiX20d74fIc5AjgliuAnNWYYcguTJjhh8hCougrQZGaC_9qkxyWLgakWJATo3DilbuYPoNy0ylFwJZZvr1la5m1S2Kwr5HA`
+
+1. Install the [ModHeader](https://modheader.com/) extension in your browser.
+2. Add a new header with the required token when making requests to the API.
diff --git a/gradle.properties b/gradle.properties
@@ -0,0 +1,2 @@
+org.gradle.caching=true
+org.gradle.parallel=true
diff --git a/src/main/java/com/example/spring/security/SecurityConfig.java b/src/main/java/com/example/spring/security/SecurityConfig.java
@@ -45,8 +45,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 
                     // Swagger + OpenAPI - only in dev
                     // To access Swagger UI and OpenAPI documentation on Docker
+                    // Swagger UI: http://localhost:8080/swagger-ui/index.html
                     // Fill the search bar at the top with: https://localhost/api/v3/api-docs
-                    authorize.requestMatchers("/swagger-ui/**", "/api/v3/api-docs").hasRole("admin");
+                    authorize.requestMatchers("/swagger-ui/index.html", "/v3/api-docs").hasRole("admin");
 
                     // permitAll() is used here because the OAuth proxy handles the authentication
                     // and the user is already authenticated before reaching this point.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+org.gradle.caching=true`
	`2`	`+org.gradle.parallel=true`