Release M12

7856b94a · Benguria Elguezabal, Gorka · 7856b94a · 7856b94a · 7856b94a · 7856b94a
Commit 7856b94a authored 7 months ago by Benguria Elguezabal, Gorka
--- a/mvnw.cmd
+++ b/mvnw.cmd
+<# : batch portion
+@REM ----------------------------------------------------------------------------
+@REM Licensed to the Apache Software Foundation (ASF) under one
+@REM or more contributor license agreements.  See the NOTICE file
+@REM distributed with this work for additional information
+@REM regarding copyright ownership.  The ASF licenses this file
+@REM to you under the Apache License, Version 2.0 (the
+@REM "License"); you may not use this file except in compliance
+@REM with the License.  You may obtain a copy of the License at
+@REM
+@REM    http://www.apache.org/licenses/LICENSE-2.0
+@REM
+@REM Unless required by applicable law or agreed to in writing,
+@REM software distributed under the License is distributed on an
+@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+@REM KIND, either express or implied.  See the License for the
+@REM specific language governing permissions and limitations
+@REM under the License.
+@REM ----------------------------------------------------------------------------
+
+@REM ----------------------------------------------------------------------------
+@REM Apache Maven Wrapper startup batch script, version 3.3.1
+@REM
+@REM Optional ENV vars
+@REM   MVNW_REPOURL - repo url base for downloading maven distribution
+@REM   MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
+@REM   MVNW_VERBOSE - true: enable verbose log; others: silence the output
+@REM ----------------------------------------------------------------------------
+
+@IF "%__MVNW_ARG0_NAME__%"=="" (SET __MVNW_ARG0_NAME__=%~nx0)
+@SET __MVNW_CMD__=
+@SET __MVNW_ERROR__=
+@SET __MVNW_PSMODULEP_SAVE=%PSModulePath%
+@SET PSModulePath=
+@FOR /F "usebackq tokens=1* delims==" %%A IN (`powershell -noprofile "& {$scriptDir='%~dp0'; $script='%__MVNW_ARG0_NAME__%'; icm -ScriptBlock ([Scriptblock]::Create((Get-Content -Raw '%~f0'))) -NoNewScope}"`) DO @(
+  IF "%%A"=="MVN_CMD" (set __MVNW_CMD__=%%B) ELSE IF "%%B"=="" (echo %%A) ELSE (echo %%A=%%B)
+)
+@SET PSModulePath=%__MVNW_PSMODULEP_SAVE%
+@SET __MVNW_PSMODULEP_SAVE=
+@SET __MVNW_ARG0_NAME__=
+@SET MVNW_USERNAME=
+@SET MVNW_PASSWORD=
+@IF NOT "%__MVNW_CMD__%"=="" (%__MVNW_CMD__% %*)
+@echo Cannot start maven from wrapper >&2 && exit /b 1
+@GOTO :EOF
+: end batch / begin powershell #>
+
+$ErrorActionPreference = "Stop"
+if ($env:MVNW_VERBOSE -eq "true") {
+  $VerbosePreference = "Continue"
+}
+
+# calculate distributionUrl, requires .mvn/wrapper/maven-wrapper.properties
+$distributionUrl = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionUrl
+if (!$distributionUrl) {
+  Write-Error "cannot read distributionUrl property in $scriptDir/.mvn/wrapper/maven-wrapper.properties"
+}
+
+switch -wildcard -casesensitive ( $($distributionUrl -replace '^.*/','') ) {
+  "maven-mvnd-*" {
+    $USE_MVND = $true
+    $distributionUrl = $distributionUrl -replace '-bin\.[^.]*$',"-windows-amd64.zip"
+    $MVN_CMD = "mvnd.cmd"
+    break
+  }
+  default {
+    $USE_MVND = $false
+    $MVN_CMD = $script -replace '^mvnw','mvn'
+    break
+  }
+}
+
+# apply MVNW_REPOURL and calculate MAVEN_HOME
+# maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
+if ($env:MVNW_REPOURL) {
+  $MVNW_REPO_PATTERN = if ($USE_MVND) { "/org/apache/maven/" } else { "/maven/mvnd/" }
+  $distributionUrl = "$env:MVNW_REPOURL$MVNW_REPO_PATTERN$($distributionUrl -replace '^.*'+$MVNW_REPO_PATTERN,'')"
+}
+$distributionUrlName = $distributionUrl -replace '^.*/',''
+$distributionUrlNameMain = $distributionUrlName -replace '\.[^.]*$','' -replace '-bin$',''
+$MAVEN_HOME_PARENT = "$HOME/.m2/wrapper/dists/$distributionUrlNameMain"
+$MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join ''
+$MAVEN_HOME = "$MAVEN_HOME_PARENT/$MAVEN_HOME_NAME"
+
+if (Test-Path -Path "$MAVEN_HOME" -PathType Container) {
+  Write-Verbose "found existing MAVEN_HOME at $MAVEN_HOME"
+  Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"
+  exit $?
+}
+
+if (! $distributionUrlNameMain -or ($distributionUrlName -eq $distributionUrlNameMain)) {
+  Write-Error "distributionUrl is not valid, must end with *-bin.zip, but found $distributionUrl"
+}
+
+# prepare tmp dir
+$TMP_DOWNLOAD_DIR_HOLDER = New-TemporaryFile
+$TMP_DOWNLOAD_DIR = New-Item -Itemtype Directory -Path "$TMP_DOWNLOAD_DIR_HOLDER.dir"
+$TMP_DOWNLOAD_DIR_HOLDER.Delete() | Out-Null
+trap {
+  if ($TMP_DOWNLOAD_DIR.Exists) {
+    try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
+    catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
+  }
+}
+
+New-Item -Itemtype Directory -Path "$MAVEN_HOME_PARENT" -Force | Out-Null
+
+# Download and Install Apache Maven
+Write-Verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
+Write-Verbose "Downloading from: $distributionUrl"
+Write-Verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
+
+$webclient = New-Object System.Net.WebClient
+if ($env:MVNW_USERNAME -and $env:MVNW_PASSWORD) {
+  $webclient.Credentials = New-Object System.Net.NetworkCredential($env:MVNW_USERNAME, $env:MVNW_PASSWORD)
+}
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+$webclient.DownloadFile($distributionUrl, "$TMP_DOWNLOAD_DIR/$distributionUrlName") | Out-Null
+
+# If specified, validate the SHA-256 sum of the Maven distribution zip file
+$distributionSha256Sum = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionSha256Sum
+if ($distributionSha256Sum) {
+  if ($USE_MVND) {
+    Write-Error "Checksum validation is not supported for maven-mvnd. `nPlease disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties."
+  }
+  Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash
+  if ((Get-FileHash "$TMP_DOWNLOAD_DIR/$distributionUrlName" -Algorithm SHA256).Hash.ToLower() -ne $distributionSha256Sum) {
+    Write-Error "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised. If you updated your Maven version, you need to update the specified distributionSha256Sum property."
+  }
+}
+
+# unzip and move
+Expand-Archive "$TMP_DOWNLOAD_DIR/$distributionUrlName" -DestinationPath "$TMP_DOWNLOAD_DIR" | Out-Null
+Rename-Item -Path "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" -NewName $MAVEN_HOME_NAME | Out-Null
+try {
+  Move-Item -Path "$TMP_DOWNLOAD_DIR/$MAVEN_HOME_NAME" -Destination $MAVEN_HOME_PARENT | Out-Null
+} catch {
+  if (! (Test-Path -Path "$MAVEN_HOME" -PathType Container)) {
+    Write-Error "fail to move MAVEN_HOME"
+  }
+} finally {
+  try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
+  catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
+}
+
+Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
+{
+  "name": "rcm-backend",
+  "version": "0.0.0",
+  "private": true,
+  "description": "Description for rcmBackend",
+  "license": "UNLICENSED",
+  "scripts": {
+    "app:start": "./mvnw",
+    "app:up": "docker compose -f src/main/docker/app.yml up --wait",
+    "backend:build-cache": "./mvnw dependency:go-offline -ntp",
+    "backend:debug": "./mvnw -Dspring-boot.run.jvmArguments=\"-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:8000\"",
+    "backend:doc:test": "./mvnw -ntp javadoc:javadoc --batch-mode",
+    "backend:info": "./mvnw --version",
+    "backend:nohttp:test": "./mvnw -ntp checkstyle:check --batch-mode",
+    "backend:start": "./mvnw",
+    "backend:unit:test": "./mvnw -ntp verify --batch-mode -Dlogging.level.ROOT=OFF -Dlogging.level.tech.jhipster=OFF -Dlogging.level.com.emerald.rcm.backend=OFF -Dlogging.level.org.springframework=OFF -Dlogging.level.org.springframework.web=OFF -Dlogging.level.org.springframework.security=OFF",
+    "ci:backend:test": "npm run backend:info && npm run backend:doc:test && npm run backend:nohttp:test && npm run backend:unit:test -- -P$npm_package_config_default_environment",
+    "ci:e2e:package": "npm run java:$npm_package_config_packaging:$npm_package_config_default_environment -- -Pe2e -Denforcer.skip=true",
+    "ci:e2e:prepare": "npm run ci:e2e:prepare:docker",
+    "ci:e2e:prepare:docker": "npm run services:up --if-present && docker ps -a",
+    "preci:e2e:server:start": "npm run services:db:await --if-present && npm run services:others:await --if-present",
+    "ci:e2e:server:start": "java -jar target/e2e.$npm_package_config_packaging --spring.profiles.active=e2e,$npm_package_config_default_environment -Dlogging.level.ROOT=OFF -Dlogging.level.tech.jhipster=OFF -Dlogging.level.com.emerald.rcm.backend=OFF -Dlogging.level.org.springframework=OFF -Dlogging.level.org.springframework.web=OFF -Dlogging.level.org.springframework.security=OFF --logging.level.org.springframework.web=ERROR",
+    "ci:e2e:teardown": "npm run ci:e2e:teardown:docker --if-present",
+    "ci:e2e:teardown:docker": "docker compose -f src/main/docker/services.yml down -v && docker ps -a",
+    "ci:server:await": "echo \"Waiting for server at port $npm_package_config_backend_port to start\" && wait-on -t 180000 http-get://127.0.0.1:undefined/services/rcmbackend/management/health/readiness && echo \"Server at port $npm_package_config_backend_port started\"",
+    "docker:consul:down": "docker compose -f src/main/docker/consul.yml down -v",
+    "docker:consul:up": "docker compose -f src/main/docker/consul.yml up --wait",
+    "docker:db:down": "docker compose -f src/main/docker/mariadb.yml down -v",
+    "docker:db:up": "docker compose -f src/main/docker/mariadb.yml up --wait",
+    "docker:keycloak:down": "docker compose -f src/main/docker/keycloak.yml down -v",
+    "docker:keycloak:up": "docker compose -f src/main/docker/keycloak.yml up --wait",
+    "java:docker": "./mvnw -ntp verify -DskipTests -Pprod jib:dockerBuild",
+    "java:docker:arm64": "npm run java:docker -- -Djib-maven-plugin.architecture=arm64",
+    "java:docker:dev": "npm run java:docker -- -Pdev,webapp",
+    "java:docker:prod": "npm run java:docker -- -Pprod",
+    "java:jar": "./mvnw -ntp verify -DskipTests --batch-mode",
+    "java:jar:dev": "npm run java:jar -- -Pdev,webapp",
+    "java:jar:prod": "npm run java:jar -- -Pprod",
+    "java:war": "./mvnw -ntp verify -DskipTests --batch-mode -Pwar",
+    "java:war:dev": "npm run java:war -- -Pdev,webapp",
+    "java:war:prod": "npm run java:war -- -Pprod",
+    "prettier:check": "prettier --check \"{,src/**/,.blueprint/**/}*.{md,json,yml,html,java}\"",
+    "prettier:format": "prettier --write \"{,src/**/,.blueprint/**/}*.{md,json,yml,html,java}\"",
+    "services:up": "docker compose -f src/main/docker/services.yml up --wait"
+  },
+  "config": {
+    "backend_port": 8081,
+    "default_environment": "prod",
+    "packaging": "jar"
+  },
+  "devDependencies": {
+    "generator-jhipster": "8.6.0"
+  },
+  "engines": {
+    "node": ">=20.15.0"
+  },
+  "cacheDirectories": [
+    "node_modules"
+  ]
+}
--- a/pom.xml
+++ b/pom.xml
--- a/rcmBackend-entities.jdl
+++ b/rcmBackend-entities.jdl
+enum Type {
+    ORGANIZATIONAL("Organizational"), TECHNICAL("Technical"), ORGANIZATIONAL_TECHNICAL("Organizational/Technical")
+}
+
+enum AssuranceLevel {
+    BASIC("Basic"), SUBSTANTIAL("Substantial"), HIGH("High")
+}
+
+entity CloudService {
+  acronym String required
+  name String required
+  type String required
+  description TextBlob required
+}
+
+entity CloudServiceProvider {
+  acronym String required
+  name String required
+  contactDetails TextBlob required
+}
+
+entity Question {
+  code String required
+  question String required
+  defaultEvidence String required
+  defaultComment String required
+}
+
+entity QuestionAnswer {
+  answer String required
+  value Integer required
+  visible Boolean required
+}
+
+entity QuestionAssuranceLevel {
+  assuranceLevel String required
+}
+
+entity Questionnaire {
+  name String required
+  evidences TextBlob required
+  comments TextBlob required
+  lastUpdate Instant required
+}
+
+entity QuestionnaireNonConformity {
+  questionnaireName String required
+  comments TextBlob required
+  compliance String required
+}
+
+entity ReferenceTom {
+  referenceTomImpl String required
+}
+
+entity Resource {
+  acronym String required
+  name String required
+  confidentialityRisk String
+  availabilityRisk String
+  integrityRisk String
+}
+
+entity ResourceType {
+  name String required
+  ontologyTerm String required
+}
+
+entity SecurityControl {
+  code String required
+  name String required
+  objective String required
+  description TextBlob required
+}
+
+entity SecurityControlCategory {
+  code String required
+  name String required
+  description TextBlob required
+}
+
+entity SecurityControlFramework {
+  name String required
+  description TextBlob required
+  version String required
+}
+
+entity SecurityMetric {
+  metricId String required
+  category String required
+  name String required
+  source String required
+  description TextBlob required
+  scale String required
+  operator String required
+  targetValue String required
+  targetValueDatatype String required
+  interval String required
+  targetResourceType String
+  securityFeature String
+  keywords String
+}
+
+entity SimilarControl {
+  code String required
+  name String required
+  securityControlFrameworkName String required
+}
+
+entity TargetValue {
+  value String required
+}
+
+entity Tom {
+  code String required
+  name String required
+  description TextBlob required
+  assuranceLevel AssuranceLevel
+  type Type required
+  guidance TextBlob required
+}
+
+relationship OneToMany {
+  CloudServiceProvider{cloudService(name) required} to CloudService{cloudServiceProvider(name) required}
+  SecurityControlFramework{cloudService(name) required} to CloudService{securityControlFramework(name) required}
+  CloudService{resource(name) required} to Resource{cloudService(name) required}
+  SecurityControl{similarControls(name)} to SimilarControl{securityControl(name) required}
+}
+relationship ManyToOne {
+  ReferenceTom{tom(name) required} to Tom
+  Resource{targetValue(value) required} to TargetValue
+  Resource{resourceType(name) required} to ResourceType
+  SecurityControl{securityControlCategory(name) required} to SecurityControlCategory
+  SecurityControlCategory{securityControlFramework(name) required} to SecurityControlFramework
+  SecurityMetric{referenceTom(referenceTomImpl)} to ReferenceTom
+  SecurityMetric{resourceType(name)} to ResourceType
+  Tom{securityControl(name) required} to SecurityControl
+  Question{questionAssuranceLevel(assuranceLevel)} to QuestionAssuranceLevel
+  Question{securityControl(name) required} to SecurityControl
+  Question{tom(name) required} to Tom
+  Question{securityControlFramework(name) required} to SecurityControlFramework
+  Questionnaire{securityControlFramework(name) required} to SecurityControlFramework
+  Questionnaire{securityControl(name) required} to SecurityControl
+  Questionnaire{questionAssuranceLevel(assuranceLevel)} to QuestionAssuranceLevel
+  Questionnaire{question(code) required} to Question
+  Questionnaire{questionAnswer(answer) required} to QuestionAnswer
+  Questionnaire{User(login) required} to User with builtInEntity
+  QuestionnaireNonConformity{tom(name) required} to Tom
+}
+
+relationship ManyToMany {
+  SecurityControl{resource(name)} to Resource{securityControl(name)}
+  Tom{securityMetric(name)} to SecurityMetric{tom(name)}
+}
+
+search * with no
+microservice * with rcmBackend
+clientRootFolder * with rcmBackend
--- a/rcmBackendExported.jdl
+++ b/rcmBackendExported.jdl
+application {
+  config {
+    applicationType microservice
+    authenticationType oauth2
+    baseName rcmBackend
+    buildTool maven
+    cacheProvider hazelcast
+    clientFramework no
+    creationTimestamp 1721728591271
+    databaseType sql
+    devDatabaseType mariadb
+    enableHibernateCache true
+    enableSwaggerCodegen false
+    enableTranslation true
+    feignClient true
+    jhipsterVersion "8.6.0"
+    jwtSecretKey "MzU0NTRlNzkyYmYxOWU0NWNkN2U5MmY5ZWYwNWJmYzZhMGY2M2ExMTlmZjUwN2RhZGQ0MDI5YjMxNTY2ODYzYWQ5NjYwYzE0Y2M1ZTlkOTY0MzYxMDA3NWJkNjgxMTkwY2IxYjI0NTFjYzA5NWIxOGI5MTZlZWIzNjU2NTY5OWY="
+    languages [en]
+    messageBroker false
+    microfrontends []
+    nativeLanguage en
+    packageName com.emerald.rcm.backend
+    prodDatabaseType mariadb
+    reactive false
+    searchEngine false
+    serverPort 8081
+    serviceDiscoveryType consul
+    skipClient true
+    skipUserManagement true
+    syncUserWithIdp true
+    testFrameworks []
+    websocket false
+  }
+
+  entities *
+}
+
+@ChangelogDate("20240723100125")
+entity CloudService {
+  acronym String required
+  name String required
+  type String required
+  description String required
+}
+@ChangelogDate("20240723100126")
+entity CloudServiceProvider {
+  acronym String required
+  name String required
+  contactDetails String required
+}
+@ChangelogDate("20240723100127")
+entity ReferenceTom {
+  referenceTomImpl String required
+}
+@ChangelogDate("20240723100128")
+entity Resource {
+  acronym String required
+  name String required
+  confidentialityRisk String
+  availabilityRisk String
+  integrityRisk String
+}
+@ChangelogDate("20240723100129")
+entity ResourceType {
+  name String required
+  ontologyTerm String required
+}
+@ChangelogDate("20240723100130")
+entity SecurityControl {
+  code String required
+  name String required
+  objective String required
+  description String required
+  guidance String required
+  riskReductionWeight Float required
+}
+@ChangelogDate("20240723100131")
+entity SecurityControlCategory {
+  code String required
+  name String required
+  description String required
+}
+@ChangelogDate("20240723100132")
+entity SecurityControlFramework {
+  name String required
+  description String required
+  version String required
+}
+@ChangelogDate("20240723100133")
+entity SecurityMetric {
+  metricId String
+  category String required
+  name String required
+  source String required
+  description String required
+  scale String required
+  operator String required
+  targetValue String required
+  targetValueDatatype String required
+  interval String required
+  targetResourceType String
+}
+@ChangelogDate("20240723100134")
+entity SimilarControl {
+  code String required
+  name String required
+  securityControlFrameworkName String required
+}
+@ChangelogDate("20240723100135")
+entity TargetValue {
+  value String required
+}
+@ChangelogDate("20240723100136")
+entity Tom {
+  code String required
+  name String required
+  description String required
+  assuranceLevel AssuranceLevel
+  type Type required
+}
+
+enum AssuranceLevel {
+  BASIC (Basic),
+  SUBSTANTIAL (Substantial),
+  HIGH (High)
+}
+enum Type {
+  ORGANIZATIONAL (Organizational),
+  TECHNICAL (Technical),
+  ORGANIZATIONAL_TECHNICAL (Organizational/Technical)
+}
+
+relationship OneToMany {
+  CloudService{resource(name) required} to Resource{cloudService(name) required}
+  CloudServiceProvider{cloudService(name) required} to CloudService{cloudServiceProvider(name) required}
+  SecurityControl{similarControls(name)} to SimilarControl{securityControl(name) required}
+  SecurityControlFramework{cloudService(name) required} to CloudService{securityControlFramework(name) required}
+}
+relationship ManyToOne {
+  ReferenceTom{tom(name) required} to Tom
+  Resource{targetValue(value) required} to TargetValue
+  Resource{resourceType(name) required} to ResourceType
+  SecurityControl{securityControlCategory(name) required} to SecurityControlCategory
+  SecurityControlCategory{securityControlFramework(name) required} to SecurityControlFramework
+  SecurityMetric{tom(name) required} to Tom
+  SecurityMetric{referenceTom(referenceTomImpl)} to ReferenceTom
+  SecurityMetric{resourceType(name)} to ResourceType
+  Tom{securityControl(name) required} to SecurityControl
+}
+relationship ManyToMany {
+  SecurityControl{resource(name)} to Resource{securityControl(name)}
+}
+
+search * with no
+microservice * with rcmBackend
+clientRootFolder * with rcmBackend
--- a/sonar-project.properties
+++ b/sonar-project.properties
+sonar.projectKey = emerald_private_standards-and-data_rcm_rcm-backend_AZDxejNQLnoxYqwUe1PN
+sonar.qualitygate.wait = true
+sonar.projectName = rcmBackend generated by jhipster
+
+# Typescript tests files must be inside sources and tests, otherwise `INFO: Test execution data ignored for 80 unknown files, including:` 
+# is shown.
+sonar.sources = src
+sonar.tests = src
+
+sonar.test.inclusions = src/test/**/*.*
+sonar.coverage.jacoco.xmlReportPaths = target/site/**/jacoco*.xml
+sonar.java.codeCoveragePlugin = jacoco
+sonar.junit.reportPaths = target/surefire-reports,target/failsafe-reports
+
+sonar.sourceEncoding = UTF-8
+sonar.exclusions = src/main/webapp/content/**/*.*, src/main/webapp/i18n/*.js, target/classes/static/**/*.*
+
+sonar.issue.ignore.multicriteria = S1192,S125,S3437,S4684,S5145,UndocumentedApi
+
+# Rule https://rules.sonarsource.com/java/RSPEC-3437 is ignored, as a JPA-managed field cannot be transient
+sonar.issue.ignore.multicriteria.S3437.resourceKey = src/main/java/**/*
+sonar.issue.ignore.multicriteria.S3437.ruleKey = squid:S3437
+# Rule https://rules.sonarsource.com/java/RSPEC-4684
+sonar.issue.ignore.multicriteria.S4684.resourceKey = src/main/java/**/*
+sonar.issue.ignore.multicriteria.S4684.ruleKey = java:S4684
+# Rule https://rules.sonarsource.com/java/RSPEC-5145 log filter is applied
+sonar.issue.ignore.multicriteria.S5145.resourceKey = src/main/java/**/*
+sonar.issue.ignore.multicriteria.S5145.ruleKey = javasecurity:S5145
+# Rule https://rules.sonarsource.com/java/RSPEC-1176 is ignored, as we want to follow "clean code" guidelines and classes, methods and 
+# arguments names should be self-explanatory
+sonar.issue.ignore.multicriteria.UndocumentedApi.resourceKey = src/main/java/**/*
+sonar.issue.ignore.multicriteria.UndocumentedApi.ruleKey = squid:UndocumentedApi
+# Rule https://rules.sonarsource.com/java/RSPEC-1192
+sonar.issue.ignore.multicriteria.S1192.resourceKey = src/main/java/**/CacheConfiguration.java
+sonar.issue.ignore.multicriteria.S1192.ruleKey = java:S1192
+# Rule https://rules.sonarsource.com/xml/RSPEC-125
+sonar.issue.ignore.multicriteria.S125.resourceKey = src/main/resources/logback-spring.xml
+sonar.issue.ignore.multicriteria.S125.ruleKey = xml:S125
--- a/src/main/docker/app.yml
+++ b/src/main/docker/app.yml
+# This configuration is intended for development purpose, it's **your** responsibility to harden it for production
+name: rcmbackend
+services:
+  app:
+    image: rcmbackend
+    environment:
+      - _JAVA_OPTIONS=-Xmx512m -Xms256m
+      - SPRING_PROFILES_ACTIVE=prod,api-docs
+      - MANAGEMENT_PROMETHEUS_METRICS_EXPORT_ENABLED=true
+      - SPRING_CLOUD_CONSUL_HOST=consul
+      - SPRING_CLOUD_CONSUL_PORT=8500
+      - SPRING_DATASOURCE_URL=jdbc:mariadb://mariadb:3306/rcmbackend?useLegacyDatetimeCode=false
+      - SPRING_LIQUIBASE_URL=jdbc:mariadb://mariadb:3306/rcmbackend?useLegacyDatetimeCode=false
+      - SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=http://keycloak:9080/realms/jhipster
+      - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_ID=internal
+      - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_SECRET=internal
+    healthcheck:
+      test:
+        - CMD
+        - curl
+        - -f
+        - http://localhost:8081/management/health
+      interval: 5s
+      timeout: 5s
+      retries: 40
+    depends_on:
+      mariadb:
+        condition: service_healthy
+      keycloak:
+        condition: service_healthy
+  mariadb:
+    extends:
+      file: ./mariadb.yml
+      service: mariadb
+  keycloak:
+    extends:
+      file: ./keycloak.yml
+      service: keycloak
+  consul:
+    extends:
+      file: ./consul.yml
+      service: consul
+  consul-config-loader:
+    extends:
+      file: ./consul.yml
+      service: consul-config-loader
--- a/src/main/docker/central-server-config/README.md
+++ b/src/main/docker/central-server-config/README.md
+# Central configuration sources details
+
+When running the consul.yml or app.yml docker-compose files, files located in `central-server-config/`
+will get automatically loaded in Consul's K/V store. Adding or editing files will trigger a reloading.
+
+For more info, refer to https://www.jhipster.tech/consul/
--- a/src/main/docker/central-server-config/application.yml
+++ b/src/main/docker/central-server-config/application.yml
+configserver:
+  name: Docker Consul Service
+  status: Connected to Consul Server running in Docker
+
+jhipster:
+  security:
+    authentication:
+      jwt:
+        # secret key which should be base64 encoded and changed in production
+        base64-secret:
--- a/src/main/docker/config/git2consul.json
+++ b/src/main/docker/config/git2consul.json
+{
+  "version": "1.0",
+  "repos": [
+    {
+      "name": "config",
+      "url": "https://github.com/jhipster/generator-jhipster.git",
+      "branches": ["main"],
+      "include_branch_name": false,
+      "source_root": "generators/server/src/main/docker/config/consul-config/",
+      "hooks": [
+        {
+          "type": "polling",
+          "interval": "1"
+        }
+      ]
+    }
+  ]
+}
--- a/src/main/docker/config/mariadb/my.cnf
+++ b/src/main/docker/config/mariadb/my.cnf
+[mysqld]
+port   		= 3306
+#socket 		= /tmp/mysql.sock
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 512K
+skip-host-cache
+skip-name-resolve
+
+# Don't listen on a TCP/IP port at all. This can be a security enhancement,
+# if all processes that need to connect to mysqld run on the same host.
+# All interaction with mysqld must be made via Unix sockets or named pipes.
+# Note that using this option without enabling named pipes on Windows
+# (using the "enable-named-pipe" option) will render mysqld useless!
+#
+#skip-networking
+#server-id      	= 1
+
+# Uncomment the following if you want to log updates
+#log-bin=mysql-bin
+
+# binary logging format - mixed recommended
+#binlog_format=mixed
+
+# Causes updates to non-transactional engines using statement format to be
+# written directly to binary log. Before using this option make sure that
+# there are no dependencies between transactional and non-transactional
+# tables such as in the statement INSERT INTO t_myisam SELECT * FROM
+# t_innodb; otherwise, slaves may diverge from the master.
+#binlog_direct_non_transactional_updates=TRUE
+
+# Uncomment the following if you are using InnoDB tables
+innodb_data_file_path = ibdata1:10M:autoextend
+# You can set .._buffer_pool_size up to 50 - 80 %
+# of RAM but beware of setting memory usage too high
+innodb_buffer_pool_size = 16M
+#innodb_additional_mem_pool_size = 2M
+# Set .._log_file_size to 25 % of buffer pool size
+innodb_log_file_size = 5M
+innodb_log_buffer_size = 8M
+innodb_flush_log_at_trx_commit = 1
+innodb_lock_wait_timeout = 200
+character-set-server = utf8mb4
--- a/src/main/docker/consul.yml
+++ b/src/main/docker/consul.yml
+# This configuration is intended for development purpose, it's **your** responsibility to harden it for production
+name: rcmbackend
+services:
+  consul:
+    image: docker.io/bitnami/consul:1.19.0
+    # If you want to expose these ports outside your dev PC,
+    # remove the "127.0.0.1:" prefix
+    ports:
+      - 127.0.0.1:8300:8300
+      - 127.0.0.1:8500:8500
+      - 127.0.0.1:8600:8600
+    command: consul agent -dev -ui -client 0.0.0.0 -log-level=INFO
+
+  consul-config-loader:
+    image: jhipster/consul-config-loader:v0.4.1
+    volumes:
+      - ./central-server-config:/config
+    environment:
+      - INIT_SLEEP_SECONDS=5
+      - CONSUL_URL=consul
+      - CONSUL_PORT=8500
+      # Uncomment to load configuration into Consul from a Git repository
+      # as configured in central-server-config/git2consul.json
+      # Also set SPRING_CLOUD_CONSUL_CONFIG_FORMAT=files on your apps
+      # - CONFIG_MODE=git
--- a/src/main/docker/grafana/provisioning/dashboards/JVM.json
+++ b/src/main/docker/grafana/provisioning/dashboards/JVM.json
--- a/src/main/docker/grafana/provisioning/dashboards/dashboard.yml
+++ b/src/main/docker/grafana/provisioning/dashboards/dashboard.yml
+apiVersion: 1
+
+providers:
+  - name: 'Prometheus'
+    orgId: 1
+    folder: ''
+    type: file
+    disableDeletion: false
+    editable: true
+    options:
+      path: /etc/grafana/provisioning/dashboards
--- a/src/main/docker/grafana/provisioning/datasources/datasource.yml
+++ b/src/main/docker/grafana/provisioning/datasources/datasource.yml
+apiVersion: 1
+
+# list of datasources that should be deleted from the database
+deleteDatasources:
+  - name: Prometheus
+    orgId: 1
+
+# list of datasources to insert/update depending
+# whats available in the database
+datasources:
+  # <string, required> name of the datasource. Required
+  - name: Prometheus
+    # <string, required> datasource type. Required
+    type: prometheus
+    # <string, required> access mode. direct or proxy. Required
+    access: proxy
+    # <int> org id. will default to orgId 1 if not specified
+    orgId: 1
+    # <string> url
+    # On MacOS, replace localhost by host.docker.internal
+    url: http://localhost:9090
+    # <string> database password, if used
+    password:
+    # <string> database user, if used
+    user:
+    # <string> database name, if used
+    database:
+    # <bool> enable/disable basic auth
+    basicAuth: false
+    # <string> basic auth username
+    basicAuthUser: admin
+    # <string> basic auth password
+    basicAuthPassword: admin
+    # <bool> enable/disable with credentials headers
+    withCredentials:
+    # <bool> mark as default datasource. Max one per org
+    isDefault: true
+    # <map> fields that will be converted to json and stored in json_data
+    jsonData:
+      graphiteVersion: '1.1'
+      tlsAuth: false
+      tlsAuthWithCACert: false
+    # <string> json object of data that will be encrypted.
+    secureJsonData:
+      tlsCACert: '...'
+      tlsClientCert: '...'
+      tlsClientKey: '...'
+    version: 1
+    # <bool> allow users to edit datasources from the UI.
+    editable: true
--- a/src/main/docker/hazelcast-management-center.yml
+++ b/src/main/docker/hazelcast-management-center.yml
+# This configuration is intended for development purpose, it's **your** responsibility to harden it for production
+name: rcmbackend
+services:
+  hazelcast-management-center:
+    image: hazelcast/management-center:5.4.1
+    # If you want to expose these ports outside your dev PC,
+    # remove the "127.0.0.1:" prefix
+    ports:
+      - 127.0.0.1:8180:8080
--- a/src/main/docker/jhipster-control-center.yml
+++ b/src/main/docker/jhipster-control-center.yml
+## How to use JHCC docker compose
+# To allow JHCC to reach JHipster application from a docker container note that we set the host as host.docker.internal
+# To reach the application from a browser, you need to add '127.0.0.1 host.docker.internal' to your hosts file.
+### Discovery mode
+# JHCC support 3 kinds of discovery mode: Consul, Eureka and static
+# In order to use one, please set SPRING_PROFILES_ACTIVE to one (and only one) of this values: consul,eureka,static
+### Discovery properties
+# According to the discovery mode choose as Spring profile, you have to set the right properties
+# please note that current properties are set to run JHCC with default values, personalize them if needed
+# and remove those from other modes. You can only have one mode active.
+#### Eureka
+#       - EUREKA_CLIENT_SERVICE_URL_DEFAULTZONE=http://admin:admin@host.docker.internal:8761/eureka/
+#### Consul
+#       - SPRING_CLOUD_CONSUL_HOST=host.docker.internal
+#       - SPRING_CLOUD_CONSUL_PORT=8500
+#### Static
+# Add instances to "MyApp"
+#       - SPRING_CLOUD_DISCOVERY_CLIENT_SIMPLE_INSTANCES_MYAPP_0_URI=http://host.docker.internal:8081
+#       - SPRING_CLOUD_DISCOVERY_CLIENT_SIMPLE_INSTANCES_MYAPP_1_URI=http://host.docker.internal:8082
+# Or add a new application named MyNewApp
+#       - SPRING_CLOUD_DISCOVERY_CLIENT_SIMPLE_INSTANCES_MYNEWAPP_0_URI=http://host.docker.internal:8080
+# This configuration is intended for development purpose, it's **your** responsibility to harden it for production
+
+#### IMPORTANT
+# If you choose Consul or Eureka mode:
+# Do not forget to remove the prefix "127.0.0.1" in front of their port in order to expose them.
+# This is required because JHCC need to communicate with Consul or Eureka.
+# - In Consul mode, the ports are in the consul.yml file.
+# - In Eureka mode, the ports are in the jhipster-registry.yml file.
+
+name: rcmbackend
+services:
+  jhipster-control-center:
+    image: 'jhipster/jhipster-control-center:v0.5.0'
+    command:
+      - /bin/sh
+      - -c
+      # Patch /etc/hosts to support resolving host.docker.internal to the internal IP address used by the host in all OSes
+      - echo "`ip route | grep default | cut -d ' ' -f3` host.docker.internal" | tee -a /etc/hosts > /dev/null && java -jar /jhipster-control-center.jar
+    environment:
+      - _JAVA_OPTIONS=-Xmx512m -Xms256m
+      - SPRING_PROFILES_ACTIVE=prod,api-docs,none,oauth2
+      # For keycloak to work, you need to add '127.0.0.1 keycloak' to your hosts file
+      - SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=http://keycloak:9080/realms/jhipster
+      - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_ID=jhipster-control-center
+      - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_SECRET=jhipster-control-center
+      - SPRING_CLOUD_CONSUL_HOST=host.docker.internal
+      - SPRING_CLOUD_CONSUL_PORT=8500
+      - LOGGING_FILE_NAME=/tmp/jhipster-control-center.log
+    # If you want to expose these ports outside your dev PC,
+    # remove the "127.0.0.1:" prefix
+    ports:
+      - 127.0.0.1:7419:7419
--- a/src/main/docker/jib/entrypoint.sh
+++ b/src/main/docker/jib/entrypoint.sh
+#!/bin/bash
+
+echo "The application will start in ${JHIPSTER_SLEEP}s..." && sleep ${JHIPSTER_SLEEP}
+
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+    local var="$1"
+    local fileVar="${var}_FILE"
+    local def="${2:-}"
+    if [[ ${!var:-} && ${!fileVar:-} ]]; then
+        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+        exit 1
+    fi
+    local val="$def"
+    if [[ ${!var:-} ]]; then
+        val="${!var}"
+    elif [[ ${!fileVar:-} ]]; then
+        val="$(< "${!fileVar}")"
+    fi
+
+    if [[ -n $val ]]; then
+        export "$var"="$val"
+    fi
+
+    unset "$fileVar"
+}
+
+file_env 'SPRING_DATASOURCE_URL'
+file_env 'SPRING_DATASOURCE_USERNAME'
+file_env 'SPRING_DATASOURCE_PASSWORD'
+file_env 'SPRING_LIQUIBASE_URL'
+file_env 'SPRING_LIQUIBASE_USER'
+file_env 'SPRING_LIQUIBASE_PASSWORD'
+file_env 'JHIPSTER_REGISTRY_PASSWORD'
+
+exec java ${JAVA_OPTS} -noverify -XX:+AlwaysPreTouch -Djava.security.egd=file:/dev/./urandom -cp /app/resources/:/app/classes/:/app/libs/* "com.emerald.rcm.backend.RcmBackendApp"  "$@"
--- a/src/main/docker/keycloak.yml
+++ b/src/main/docker/keycloak.yml
+# This configuration is intended for development purpose, it's **your** responsibility to harden it for production
+name: rcmbackend
+services:
+  keycloak:
+    image: quay.io/keycloak/keycloak:25.0.1
+    command: 'start-dev --import-realm'
+    volumes:
+      - ./realm-config:/opt/keycloak/data/import
+      - ./realm-config/keycloak-health-check.sh:/opt/keycloak/health-check.sh
+    environment:
+      - KC_DB=dev-file
+      - KEYCLOAK_ADMIN=admin
+      - KEYCLOAK_ADMIN_PASSWORD=admin
+      - KC_FEATURES=scripts
+      - KC_HTTP_PORT=9080
+      - KC_HTTPS_PORT=9443
+      - KC_HEALTH_ENABLED=true
+      - KC_HTTP_MANAGEMENT_PORT=9990
+    # If you want to expose these ports outside your dev PC,
+    # remove the "127.0.0.1:" prefix
+    ports:
+      - 127.0.0.1:9080:9080
+      - 127.0.0.1:9443:9443
+    healthcheck:
+      test: 'bash /opt/keycloak/health-check.sh'
+      interval: 5s
+      timeout: 5s
+      retries: 40
+      start_period: 10s