Skip to content

leathermen/carres

Repository files navigation

GitHub Workflow Status (with event) Quality Gate Status Coverage Maintainability Rating

A test project to put together some knowledge I have about creating web apps with Spring (and also eventually Javascript and some DevOps practiques).

Promoted demo admin account (with the access to the Dashboard):

login: example@nikitades.com
password: example15

Please, log in with Github or Google or register yourself with registration form.

Applications and parts

  • Spring Boot API (readme)
  • Spring Boot Telegram Notifier (readme)
  • React (Next.js) frontend app (readme)
  • Keycloak SSO server (readme)
  • CloudFlare reverse proxying (readme)

Diagram

Services are located in the K8S cluster and exposed over Traefik ingresses.

Ideas

This whole project is supposed to visualize the idea of a great web application. The API is covered with tests thoroughly, both in unit and integration style. The domain area of the app is rather simple, so it takes no Ubiquitous Language to describe. Also, DDD techniques were intentionally not used to speed up the development and also out of lack of reason to use ones: the project is small, as I already said.

Visual metrics and materials

General technical specification

The project is hosted at Hetzner (ARM), using Kubernetes setup. The Continuous Integration is done using GitHub actions.

DDOS mitigation is achieved by hiding the real IP address of the cluster entrypoints, by reverse proxying all the requests through CloudFlare system. It's known for being able to withstand attacks of a solid density.

Github Actions is used as CI/CD platform. An extensive set prefabricated actions helps a lot.

Please see more in root folders of every particular application.

Technologies used

  • Spring Boot (main API & Telegram notifier)
  • Next.js (SSR website)
  • Keycloak (SSO service)
  • Rabbit MQ (AMQP bus)
  • Kubernetes (orchestration)
  • Prometheus (metrics scraping)
  • Grafana (metrics visualization)
  • CloudFlare (reverse proxying and DDOS mitigation)
  • SonarCloud (code quality gate)

Metrics & observability

Prometheus is responsible for scraping metrics from services. The observed services:

  • Spring Boot API
  • Next.js website
  • Rabbit MQ
  • Kubernetes cluster itself

Typically metrics endpoints are protected with OAuth2 security. Only users of "Cars Reservation" realm with role "metrics-scraper" are allowed to the metrics data. Prometheus is capable of obtaining the JWT agains the SSO service on its own.

Local launch

This project is supposed to be launched locally with Minikube or any other sort of local K8S cluster. You will need Minikube or similar technology to achieve this.

See more at "Launching locally".

Credits

The author: Nikita Pavlovskiy, nikitades@pm.me.

Contact me in Telegram: @nikitades.