From f53ff32de0a7ca039c53d71ac778fadf157c9fb0 Mon Sep 17 00:00:00 2001
From: Pavel Salamon <salamonpavel@gmail.com>
Date: Wed, 18 Sep 2024 12:03:41 +0200
Subject: [PATCH 1/2] verify docker image

---
 project/Setup.scala                      |  2 +-
 server/README.md                         | 22 ++++++++++++++++++++++
 server/src/main/resources/logback.xml    |  4 ++--
 server/src/main/resources/reference.conf |  7 ++++---
 4 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/project/Setup.scala b/project/Setup.scala
index 2f5a863a9..14c3f8927 100644
--- a/project/Setup.scala
+++ b/project/Setup.scala
@@ -55,7 +55,7 @@ object Setup {
   }
 
   val serverMergeStrategy = assembly / assemblyMergeStrategy := {
-    case PathList("META-INF", "services") => MergeStrategy.filterDistinctLines
+    case PathList("META-INF", "services", _*) => MergeStrategy.concat
     case PathList("META-INF", "maven", "org.webjars", "swagger-ui", "pom.properties") => MergeStrategy.singleOrError
     case PathList("META-INF", "resources", "webjars", "swagger-ui", _*) => MergeStrategy.singleOrError
     case PathList("META-INF", _*) => MergeStrategy.discard
diff --git a/server/README.md b/server/README.md
index 35be75d25..4c10d385e 100644
--- a/server/README.md
+++ b/server/README.md
@@ -48,3 +48,25 @@ When monitoring enabled, the application exposes `http://localhost:8080/metrics`
 and/or `http://localhost:8080/zio-metrics` endpoints which can be scraped by Prometheus.
 For testing purposes there is [docker-compose.yml](./docker-compose.yml) file which can be used to start up dockerized
 Prometheus and Grafana instances. Prometheus scraping configs are defined in [prometheus.yml](./prometheus.yml) file. 
+
+# Build & run docker image
+
+```shell
+sbt clean assembly
+
+docker build -t absaoss/atum-service:latest --progress=plain --no-cache \
+--build-arg BUILD_PROXY=http://zproxycloud.intra.absaafrica:80 \
+--build-arg CONFIG=./src/main/resources/reference.conf \
+--build-arg SSL=true \
+--build-arg LDAP_SSL_CERTS_PATH=./certs \
+--build-arg SSL_DNAME="CN=*.my.domain.com, OU=project1, O=mycorp, L=Johannesburg, ST=Gauteng, C=za" ./
+
+docker run -p 8080:8080 -p 8443:8443 absaoss/atum-service:latest
+
+# reference.conf file has to be configured as below when running with ssl enabled
+ssl {
+    enabled=true
+    keyStorePassword=changeit
+    keyStorePath="/etc/ssl/certs/selfsigned.jks"
+  }
+```
diff --git a/server/src/main/resources/logback.xml b/server/src/main/resources/logback.xml
index acd40c3d8..8bc032800 100644
--- a/server/src/main/resources/logback.xml
+++ b/server/src/main/resources/logback.xml
@@ -5,9 +5,9 @@
             <Pattern>%d{HH:mm:ss.SSS} %-5level [%thread] %logger{36}:%L - %msg %ex{short}%n</Pattern>
         </layout>
     </appender>
-    <root level="debug">
+    <root level="info">
         <appender-ref ref="STDOUT"/>
     </root>
-    <logger name="za.co.absa" level="debug"/>
+    <logger name="za.co.absa" level="info"/>
     <logger name="com.zaxxer.hikari" level="warn"/>
 </configuration>
diff --git a/server/src/main/resources/reference.conf b/server/src/main/resources/reference.conf
index 86459e37f..cd8193f86 100644
--- a/server/src/main/resources/reference.conf
+++ b/server/src/main/resources/reference.conf
@@ -2,7 +2,8 @@
   postgres {
     # The JDBC driver class
     dataSourceClass=org.postgresql.Driver
-    serverName=localhost // host.docker.internal for local run in docker against db on its host machine; localhost otherwise for testing and for the gh pipeline
+    // host.docker.internal for local run against db running in docker on its host machine; localhost otherwise for testing and for the gh pipeline
+    serverName=localhost
     portNumber=5432
     databaseName=atum_db
     user=atum_user
@@ -16,8 +17,8 @@
   }
   ssl {
     enabled=false
-    keyStorePassword=password
-    keyStorePath="/path/to/your/cert"
+    keyStorePassword=changeit
+    keyStorePath="/etc/ssl/certs/selfsigned.jks"
   }
   monitoring {
     # monitoring of http communication

From b7eeee1079ad463d42706e15087e902368ce65f0 Mon Sep 17 00:00:00 2001
From: Pavel Salamon <salamonpavel@gmail.com>
Date: Thu, 19 Sep 2024 11:04:51 +0200
Subject: [PATCH 2/2] added comment about keyStorePath

---
 server/src/main/resources/reference.conf | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/server/src/main/resources/reference.conf b/server/src/main/resources/reference.conf
index cd8193f86..ee2b2bf46 100644
--- a/server/src/main/resources/reference.conf
+++ b/server/src/main/resources/reference.conf
@@ -2,7 +2,7 @@
   postgres {
     # The JDBC driver class
     dataSourceClass=org.postgresql.Driver
-    // host.docker.internal for local run against db running in docker on its host machine; localhost otherwise for testing and for the gh pipeline
+    # host.docker.internal for local run against db running in docker on its host machine; localhost otherwise for testing and for the gh pipeline
     serverName=localhost
     portNumber=5432
     databaseName=atum_db
@@ -18,6 +18,9 @@
   ssl {
     enabled=false
     keyStorePassword=changeit
+    # location of Java Keystore (JKS) file with certificate to be used for HTTPS communication;
+    # it can be sufficient to use self-signed certificate on testing or development environment or
+    # when application runs in an internal network; otherwise certificates are usually obtained from a trusted CA
     keyStorePath="/etc/ssl/certs/selfsigned.jks"
   }
   monitoring {