chore: Add dummy election result for 2024

This reverts commit 0082305a5a.

.drone.yml

@@ -118,10 +118,13 @@ steps:
       - ssh-keyscan -H git.2martens.de > $HOME/.ssh/known_hosts 2>/dev/null
       - git clone ssh://giteajim@git.2martens.de:22/2martens/cloud-configuration.git .
       - git checkout main
-  - name: modify deployed image
+  - name: update image version
     image: alpine
     commands:
-      - sed -i -r "s/(wahlrecht_image_version:).*/\1\ ${DRONE_SEMVER}/" ansible/inventories/host_vars/api-server/public.yaml
+      - mkdir $HOME/bin
+      - wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_arm64 -O $HOME/bin/yq && chmod +x $HOME/bin/yq
+      - sed -i -r "s/(tag:).*/\1\ \"${DRONE_SEMVER}\"/" argocd/wahlrecht/${DRONE_DEPLOY_TO}/overwrite_values.yaml
+      - cd argocd/wahlrecht/${DRONE_DEPLOY_TO} && $HOME/bin/yq '. *= load("overwrite_values.yaml")' default_values.yaml > values.yaml
   - name: save modified variable file
     image: alpine/git
     environment:
@@ -134,32 +137,13 @@ steps:
       - touch $HOME/.ssh/known_hosts
       - chmod 600 $HOME/.ssh/known_hosts
       - ssh-keyscan -H git.2martens.de > $HOME/.ssh/known_hosts 2>/dev/null
-      - git add ansible/inventories/host_vars/api-server/public.yaml
+      - git add argocd/wahlrecht/${DRONE_DEPLOY_TO}/*
       - git diff-index --quiet HEAD || git commit -m "[Drone] Changed wahlrecht_image_version to ${DRONE_SEMVER}"
       - git push origin main
-  - name: deploy image
-    image: plugins/ansible:latest
-    volumes:
-      - name: cache
-        path: /root/.ansible
-    settings:
-      playbook: ansible/deploy_spring.yaml
-      inventory: ansible/inventories/production
-      galaxy: ansible/requirements.yaml
-      galaxy_force: false
-      private_key:
-        from_secret: private_ssh_key
-      vault_password:
-        from_secret: vault_password
-
-volumes:
-  - name: cache
-    host:
-      path: /var/lib/drone/cache/.ansible
 
 trigger:
   target:
-    - production
+    - test
   event:
     include:
       - promote

.run/MainApplication.run.xml

@@ -1,20 +0,0 @@
-<component name="ProjectRunConfigurationManager">
-  <configuration default="false" name="MainApplication" type="SpringBootApplicationConfigurationType" factoryName="Spring Boot" nameIsGenerated="true">
-    <module name="wahlrecht.server.main" />
-    <option name="SPRING_BOOT_MAIN_CLASS" value="de.twomartens.wahlrecht.MainApplication" />
-    <extension name="net.ashald.envfile">
-      <option name="IS_ENABLED" value="true" />
-      <option name="IS_SUBST" value="false" />
-      <option name="IS_PATH_MACRO_SUPPORTED" value="false" />
-      <option name="IS_IGNORE_MISSING_FILES" value="false" />
-      <option name="IS_ENABLE_EXPERIMENTAL_INTEGRATIONS" value="false" />
-      <ENTRIES>
-        <ENTRY IS_ENABLED="true" PARSER="runconfig" IS_EXECUTABLE="false" />
-        <ENTRY IS_ENABLED="true" PARSER="env" IS_EXECUTABLE="false" PATH=".env" />
-      </ENTRIES>
-    </extension>
-    <method v="2">
-      <option name="Make" enabled="true" />
-    </method>
-  </configuration>
-</component>

buildSrc/src/main/kotlin/twomartens.java.gradle.kts

@@ -54,7 +54,7 @@ normalization.runtimeClasspath.metaInf {
 }
 
 tasks.register("cleanLibs") {
-    delete("${buildDir}/libs")
+    delete("${layout.buildDirectory}/libs")
 }
 
 tasks.build {

buildSrc/src/main/kotlin/twomartens.nebula-release.gradle.kts

@@ -9,10 +9,10 @@ apply(plugin="com.netflix.nebula.release")
 tasks.register("writeVersionProperties") {
     group = "version"
     mustRunAfter("release")
-    outputs.file("$buildDir/version.properties")
-    val directory = buildDir
+    outputs.file("${layout.buildDirectory}/version.properties")
+    val directory = layout.buildDirectory.asFile
     doLast {
-        Files.createDirectories(directory.toPath())
-        File("$buildDir/version.properties").writeText("VERSION=${project.version}\n")
+        Files.createDirectories(directory.get().toPath())
+        File("${layout.buildDirectory}/version.properties").writeText("VERSION=${project.version}\n")
     }
 }

gradle/libs.versions.toml

@@ -1,21 +1,21 @@
 [versions]
-spring-boot = "3.1.2"
-spring-doc = "2.1.0"
-spring-cloud = "2022.0.4"
+spring-boot = "3.2.3"
+spring-doc = "2.3.0"
+spring-cloud = "2023.0.0"
 spring-grpc = "2.14.0.RELEASE"
 grpc = "1.57.0"
 tomcat-annotations = "6.0.53"
-httpclient = "5.2.1"
-slf4j = "2.0.7"
-log4j = "2.20.0"
-log4j-ecs = "1.5.0"
+httpclient = "5.3.1"
+slf4j = "2.0.12"
+log4j = "2.23.0"
+log4j-ecs = "1.6.0"
 mapstruct = "1.5.5.Final"
-junit = "5.10.0"
-assertj = "3.24.2"
-mockito = "5.4.0"
-keycloak = "22.0.1"
+junit = "5.10.2"
+assertj = "3.25.3"
+mockito = "5.11.0"
+keycloak = "24.0.1"
 kotlin-logging = "3.0.5"
-kotlin-reflect = "1.9.0"
+kotlin-reflect = "1.9.22"
 kotlin-lombok = "1.9.0"
 plugin-nebula-release = "17.2.2"
 plugin-lombok = "8.0.1"

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.2.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.3-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

http-requests/put-election.http

@@ -0,0 +1,60 @@
+PUT http://localhost:12000/wahlrecht/v1/election
+Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkalp3QzZGZEZ4eHl4R0RfX3JRYVhIMzNCc0Fxa29fYXZoelRlX19IYUxRIn0.eyJleHAiOjE3MTQ5ODE3NDUsImlhdCI6MTcxNDk4MDg0NSwiYXV0aF90aW1lIjoxNzE0OTc5Njk1LCJqdGkiOiIyMzcwNTU4My1mYTE2LTQ4NWYtODNlMC0xMWIyZjg0ODEyM2YiLCJpc3MiOiJodHRwczovL2lkLjJtYXJ0ZW5zLmRlL3JlYWxtcy8ybWFydGVucyIsImF1ZCI6WyJ0c3ctdGltZXRhYmxlLWZyb250ZW5kIiwiYWNjb3VudCIsInRpbWV0YWJsZSJdLCJzdWIiOiJkOTRiMzU3My05ZjdhLTRjYmMtYTg5MS1kZGRjYWQ1MjE0YjMiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJ3YWhscmVjaHQiLCJzZXNzaW9uX3N0YXRlIjoiZGIxNmVmNzItZTUyMi00ZWE4LThjNjAtYjRjYmRiMTEzNjEyIiwiYWNyIjoiMCIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwczovL2FwaS4ybWFydGVucy5kZSIsImh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDAiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwiQ09SRV9FTEVDVElPTl9EQVRBX0NPTlRSSUJVVE9SIiwiZGVmYXVsdC1yb2xlcy13YWhscmVjaHQiLCJBRE1JTiIsInVtYV9hdXRob3JpemF0aW9uIiwiVVNFUiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7InRzdy10aW1ldGFibGUtZnJvbnRlbmQiOnsicm9sZXMiOlsiQUNUSVZFX1BMQU4iLCJQRVJTT05BTF9QTEFOIiwiRlJFRV9QTEFOIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX0sInRpbWV0YWJsZSI6eyJyb2xlcyI6WyJBRE1JTiIsIlBFUlNPTkFMX1BMQU4iLCJGUkVFX1BMQU4iXX19LCJzY29wZSI6InByb2ZpbGUgZW1haWwiLCJzaWQiOiJkYjE2ZWY3Mi1lNTIyLTRlYTgtOGM2MC1iNGNiZGIxMTM2MTIiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkppbSBNYXJ0ZW5zIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiZ2l0aHViQDJtYXJ0ZW5zLmRlIiwiZ2l2ZW5fbmFtZSI6IkppbSIsImxvY2FsZSI6ImVuIiwiZmFtaWx5X25hbWUiOiJNYXJ0ZW5zIiwiZW1haWwiOiJnaXRodWJAMm1hcnRlbnMuZGUifQ.VWDniNAGZOdBbQ3rIia81VqchT9fL0PbT4TS8ORpueRTVe8j2gatwDEPz3ocIFNevNh5hv0gQpjcYT8XGh5rk8oNbHrFg48uJZC5SfINzEEq9JYUQCLf_LGiXmfCODwKaRZc6EVFYU34t7d-SXrN0qNcFooFnV7erD57GJB--19nVOAv1zsQKDV_lJYz6SHGlPZol0PBOHwRaREjgsS1zw8kNOBZYFiuaAbHCOl3rrZb0YZevB1_qtPWtdCOCEjCIlGURIU6Wn6xTNUG1MkE2yytArJS1yGUfBnDDg1mAck5q_fl0a9T7lucyhakSNjauFGUWIsJP4ADdJZhn8CDVQ
+Content-Type: application/json
+
+{
+    "name": "Bezirkswahl 2024",
+    "day": "2024-06-09",
+    "votingThreshold": "THREE",
+    "totalNumberOfSeats": 51,
+    "constituencies": [
+      {
+        "electionName": "Bezirkswahl 2024",
+        "number": 5,
+        "name": "Niendorf",
+        "numberOfSeats": 5
+      },
+      {
+        "electionName": "Bezirkswahl 2024",
+        "number": 6,
+        "name": "Schnelsen",
+        "numberOfSeats": 3
+      },
+      {
+        "electionName": "Bezirkswahl 2024",
+        "number": 7,
+        "name": "Eidelstedt",
+        "numberOfSeats": 4
+      },
+      {
+        "electionName": "Bezirkswahl 2024",
+        "number": 8,
+        "name": "Stellingen",
+        "numberOfSeats": 3
+      },
+      {
+        "electionName": "Bezirkswahl 2024",
+        "number": 4,
+        "name": "Lokstedt",
+        "numberOfSeats": 3
+      },
+      {
+        "electionName": "Bezirkswahl 2024",
+        "number": 3,
+        "name": "Rotherbaum/Harvestehude",
+        "numberOfSeats": 4
+      },
+      {
+        "electionName": "Bezirkswahl 2024",
+        "number": 1,
+        "name": "Eimsbüttel-Nord",
+        "numberOfSeats": 3
+      },
+      {
+        "electionName": "Bezirkswahl 2024",
+        "number": 2,
+        "name": "Eimsbüttel-Süd/Hoheluft-West",
+"numberOfSeats": 5
+}
+]
+}

module-deploy/helm/wahlrecht/Chart.yaml

@@ -1,3 +0,0 @@
-apiVersion: v2
-name: wahlrecht
-version: 0.2.4

module-deploy/helm/wahlrecht/LICENSE

@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.

module-deploy/helm/wahlrecht/README.md

@@ -1,4 +0,0 @@
-# Wahlrecht API
-
-This chart installs the Wahlrecht API
-into the Kubernetes cluster.

module-server/src/main/kotlin/de/twomartens/wahlrecht/security/SpringPolicyEnforcer.kt

@@ -13,53 +13,54 @@ import org.keycloak.representations.idm.authorization.Permission
 class SpringPolicyEnforcer(private val policyEnforcer: PolicyEnforcer,
                            private val policyEnforcerConfig: PolicyEnforcerConfig) {
 
-    fun enforce(request: HttpRequest, response: HttpResponse): AuthorizationContext {
-        if (log.isDebugEnabled) {
-            log.debug("Policy enforcement is enabled. Enforcing policy decisions for path [{}].", request.uri)
-        }
-        val context = authorize(request, response)
-        if (log.isDebugEnabled) {
-            log.debug("Policy enforcement result for path [{}] is : {}", request.uri, if (context.isGranted) "GRANTED" else "DENIED")
-            log.debug("Returning authorization context with permissions:")
-            for (permission in context.permissions) {
-                log.debug(permission.toString())
-            }
-        }
-        return context
+  fun enforce(request: HttpRequest, response: HttpResponse): AuthorizationContext {
+    if (log.isDebugEnabled) {
+      log.debug("Policy enforcement is enabled. Enforcing policy decisions for path [{}].", request.uri)
     }
-
-    private fun authorize(request: HttpRequest, response: HttpResponse): AuthorizationContext {
-        val enforcementMode = policyEnforcerConfig.enforcementMode
-        return if (EnforcementMode.DISABLED == enforcementMode) {
-            createAuthorizedContext()
-        } else policyEnforcer.enforce(request, response)
+    val context = authorize(request, response)
+    if (log.isDebugEnabled) {
+      log.debug("Policy enforcement result for path [{}] is : {}", request.uri, if (context.isGranted) "GRANTED" else "DENIED")
+      log.debug("Returning authorization context with permissions:")
+      for (permission in context.permissions) {
+        log.debug(permission.toString())
+      }
     }
+    return context
+  }
 
-    private fun createAuthorizedContext(): AuthorizationContext {
-        return object : ClientAuthorizationContext(policyEnforcer.authzClient) {
-            override fun hasPermission(resourceName: String, scopeName: String): Boolean {
-                return true
-            }
+  private fun authorize(request: HttpRequest, response: HttpResponse): AuthorizationContext {
+    val enforcementMode = policyEnforcerConfig.enforcementMode
+    log.debug("Authorize with enforcement mode: [{}]", enforcementMode)
+    return if (EnforcementMode.DISABLED == enforcementMode) {
+      createAuthorizedContext()
+    } else policyEnforcer.enforce(request, response)
+  }
 
-            override fun hasResourcePermission(resourceName: String): Boolean {
-                return true
-            }
+  private fun createAuthorizedContext(): AuthorizationContext {
+    return object : ClientAuthorizationContext(policyEnforcer.authzClient) {
+      override fun hasPermission(resourceName: String, scopeName: String): Boolean {
+        return true
+      }
 
-            override fun hasScopePermission(scopeName: String): Boolean {
-                return true
-            }
+      override fun hasResourcePermission(resourceName: String): Boolean {
+        return true
+      }
 
-            override fun getPermissions(): List<Permission> {
-                return emptyList()
-            }
+      override fun hasScopePermission(scopeName: String): Boolean {
+        return true
+      }
 
-            override fun isGranted(): Boolean {
-                return true
-            }
-        }
+      override fun getPermissions(): List<Permission> {
+        return emptyList()
+      }
+
+      override fun isGranted(): Boolean {
+        return true
+      }
     }
+  }
 
-    companion object {
-        private val log = KotlinLogging.logger {}
-    }
+  companion object {
+    private val log = KotlinLogging.logger {}
+  }
 }

module-server/src/main/kotlin/de/twomartens/wahlrecht/security/SpringPolicyEnforcerFilter.kt

@@ -12,18 +12,15 @@ import org.keycloak.adapters.authorization.spi.ConfigurationResolver
 import org.keycloak.adapters.authorization.spi.HttpRequest
 import org.keycloak.representations.adapters.config.PolicyEnforcerConfig
 import java.io.IOException
-import java.util.concurrent.ConcurrentHashMap
 
 
 class SpringPolicyEnforcerFilter(private val configResolver: ConfigurationResolver) : Filter {
-    private val policyEnforcer: MutableMap<PolicyEnforcerConfig, SpringPolicyEnforcer> = ConcurrentHashMap()
-
     @Throws(IOException::class, ServletException::class)
     override fun doFilter(servletRequest: ServletRequest, servletResponse: ServletResponse?, filterChain: FilterChain) {
         val request = servletRequest as HttpServletRequest
         val response = servletResponse as HttpServletResponse?
         val httpRequest = ServletHttpRequest(request) { extractBearerToken(request) }
-        val policyEnforcer = getOrCreatePolicyEnforcer(httpRequest)
+        val policyEnforcer = createPolicyEnforcer(httpRequest)
         val authzContext = policyEnforcer.enforce(httpRequest, ServletHttpResponse(response))
         request.setAttribute(AuthorizationContext::class.java.name, authzContext)
         if (authzContext.isGranted) {
@@ -53,8 +50,8 @@ class SpringPolicyEnforcerFilter(private val configResolver: ConfigurationResolv
         return null
     }
 
-    private fun getOrCreatePolicyEnforcer(request: HttpRequest): SpringPolicyEnforcer {
-        return policyEnforcer.computeIfAbsent(configResolver.resolve(request)) { createPolicyEnforcer(it) }
+    private fun createPolicyEnforcer(request: HttpRequest): SpringPolicyEnforcer {
+        return createPolicyEnforcer(configResolver.resolve(request))
     }
 
     private fun createPolicyEnforcer(enforcerConfig: PolicyEnforcerConfig): SpringPolicyEnforcer {

module-server/src/main/resources/application-dev.yaml

@@ -1,9 +1,5 @@
-server.port: 12000
-management.server.port: 12001
-
-
 spring:
   config:
     import:
       - "classpath:config/wahlrecht.yaml"
-      - "optional:configserver:http://localhost:8888/config"
+      - "optional:configserver:${CONFIGSERVER_SCHEME:http}://${CONFIGSERVER_HOST:configserver}:${CONFIGSERVER_PORT:8888}${CONFIGSERVER_PREFIX:/config}"

module-server/src/main/resources/application-prod.yaml

@@ -1,7 +1,7 @@
 spring:
   config:
     import:
-      - "configserver:http://configserver:8888/config"
+      - "configserver:${CONFIGSERVER_SCHEME:http}://${CONFIGSERVER_HOST:configserver}:${CONFIGSERVER_PORT:8888}${CONFIGSERVER_PREFIX:/config}"
   kafka:
     bootstrap-servers:
-      - kafka:9092
+      - "${KAFKA_HOST:kafka}:${KAFKA_PORT:9092}"

module-server/src/main/resources/application.yaml

@@ -1,12 +1,12 @@
 server:
-  port: 12000
+  port: ${PORT:12000}
   shutdown: graceful
   forward-headers-strategy: framework
 
 ### technical configurations ###
 management:
   # for security, don't use same port as application
-  server.port: 12001
+  server.port: ${ACTUATOR_PORT:12001}
   health:
     livenessState.enabled: true
     readinessState.enabled: true
@@ -38,7 +38,7 @@ spring:
     oauth2:
       resourceserver:
         jwt:
-          jwk-set-uri: https://id.2martens.de/realms/2martens/protocol/openid-connect/certs
+          jwk-set-uri: ${KEYCLOAK_URL:https://id.2martens.de}/realms/${KEYCLOAK_REALM:2martens}/protocol/openid-connect/certs
   application:
     name: wahlrecht