Migration complète vers PrimeFaces Freya - Corrections des incompatibilités et intégration de primefaces-freya-extension

2025-12-27 00:18:31 +00:00
parent 5e272a8256
commit 5c996931a6
206 changed files with 36646 additions and 1593 deletions
--- a/scripts/create-kubernetes-secrets-production.ps1
+++ b/scripts/create-kubernetes-secrets-production.ps1
@@ -0,0 +1,243 @@
+#!/usr/bin/env pwsh
+<#
+.SYNOPSIS
+    Script pour créer les secrets Kubernetes en production
+
+.DESCRIPTION
+    Ce script crée les secrets Kubernetes nécessaires pour Lions User Manager :
+    - Secret frontend (Keycloak client secret, OIDC encryption secret)
+    - Secret backend (Keycloak service account secret, DB password, etc.)
+
+.PARAMETER VpsHost
+    Host SSH du VPS (ex: lions@176.57.150.2)
+
+.PARAMETER Namespace
+    Namespace Kubernetes (défaut: lions-user-manager)
+
+.PARAMETER FrontendClientSecret
+    Secret du client frontend Keycloak
+
+.PARAMETER BackendClientSecret
+    Secret du service account backend Keycloak
+
+.PARAMETER OidcEncryptionSecret
+    Secret de chiffrement OIDC (32+ caractères)
+
+.PARAMETER KeycloakAdminPassword
+    Mot de passe admin Keycloak
+
+.PARAMETER DatabasePassword
+    Mot de passe base de données
+
+.PARAMETER BackendUrl
+    URL du backend (défaut: https://api.lions.dev/lions-user-manager)
+
+.EXAMPLE
+    .\create-kubernetes-secrets-production.ps1 `
+        -VpsHost "lions@176.57.150.2" `
+        -FrontendClientSecret "frontend-secret" `
+        -BackendClientSecret "backend-secret" `
+        -OidcEncryptionSecret "32-char-encryption-secret-here" `
+        -KeycloakAdminPassword "admin-password" `
+        -DatabasePassword "db-password"
+#>
+
+param(
+    [Parameter(Mandatory=$true)]
+    [string]$VpsHost,
+    
+    [Parameter(Mandatory=$false)]
+    [string]$Namespace = "lions-user-manager",
+    
+    [Parameter(Mandatory=$true)]
+    [string]$FrontendClientSecret,
+    
+    [Parameter(Mandatory=$true)]
+    [string]$BackendClientSecret,
+    
+    [Parameter(Mandatory=$true)]
+    [string]$OidcEncryptionSecret,
+    
+    [Parameter(Mandatory=$true)]
+    [string]$KeycloakAdminPassword,
+    
+    [Parameter(Mandatory=$true)]
+    [string]$DatabasePassword,
+    
+    [Parameter(Mandatory=$false)]
+    [string]$BackendUrl = "https://api.lions.dev/lions-user-manager"
+)
+
+$ErrorActionPreference = "Stop"
+
+# Couleurs
+function Write-Success { Write-Host "✅ $args" -ForegroundColor Green }
+function Write-Info { Write-Host "ℹ️  $args" -ForegroundColor Cyan }
+function Write-Warning { Write-Host "⚠️  $args" -ForegroundColor Yellow }
+function Write-Error { Write-Host "❌ $args" -ForegroundColor Red }
+function Write-Step { Write-Host "`n🚀 $args" -ForegroundColor Magenta }
+
+Write-Host @"
+
+╔═══════════════════════════════════════════════════════════════════════════════╗
+║                                                                               ║
+║        🔐 CRÉATION SECRETS KUBERNETES PRODUCTION 🔐                          ║
+║                                                                               ║
+╚═══════════════════════════════════════════════════════════════════════════════╝
+
+"@ -ForegroundColor Cyan
+
+Write-Info "VPS Host: $VpsHost"
+Write-Info "Namespace: $Namespace"
+Write-Info ""
+
+# Vérifier que le namespace existe
+Write-Step "1. Vérification du namespace..."
+
+$checkNsCmd = "kubectl get namespace $Namespace"
+try {
+    ssh.exe $VpsHost $checkNsCmd | Out-Null
+    Write-Success "Namespace $Namespace existe"
+} catch {
+    Write-Info "Création du namespace $Namespace..."
+    $createNsCmd = "kubectl create namespace $Namespace"
+    ssh.exe $VpsHost $createNsCmd
+    Write-Success "Namespace $Namespace créé"
+}
+
+# 2. Créer le secret frontend
+Write-Step "2. Création du secret frontend..."
+
+$frontendSecretYaml = @"
+apiVersion: v1
+kind: Secret
+metadata:
+  name: lions-user-manager-client-secrets
+  namespace: $Namespace
+type: Opaque
+stringData:
+  KEYCLOAK_CLIENT_SECRET: $FrontendClientSecret
+  OIDC_ENCRYPTION_SECRET: $OidcEncryptionSecret
+  LIONS_USER_MANAGER_BACKEND_URL: $BackendUrl
+"@
+
+$frontendSecretFile = [System.IO.Path]::GetTempFileName()
+$frontendSecretYaml | Out-File -FilePath $frontendSecretFile -Encoding UTF8
+
+try {
+    # Supprimer le secret s'il existe déjà
+    $deleteCmd = "kubectl delete secret lions-user-manager-client-secrets -n $Namespace --ignore-not-found=true"
+    ssh.exe $VpsHost $deleteCmd | Out-Null
+    
+    # Copier le fichier sur le VPS et créer le secret
+    $remoteFile = "/tmp/frontend-secret.yaml"
+    scp.exe $frontendSecretFile "$VpsHost`:$remoteFile"
+    $createSecretCmd = "kubectl apply -f $remoteFile"
+    ssh.exe $VpsHost $createSecretCmd
+    
+    Write-Success "Secret frontend créé"
+} catch {
+    Write-Error "Erreur création secret frontend: $($_.Exception.Message)"
+    exit 1
+} finally {
+    Remove-Item $frontendSecretFile -Force
+}
+
+# 3. Créer le secret backend
+Write-Step "3. Création du secret backend..."
+
+$backendSecretYaml = @"
+apiVersion: v1
+kind: Secret
+metadata:
+  name: lions-user-manager-server-secrets
+  namespace: $Namespace
+type: Opaque
+stringData:
+  KEYCLOAK_CLIENT_SECRET: $BackendClientSecret
+  KEYCLOAK_ADMIN_USERNAME: admin
+  KEYCLOAK_ADMIN_PASSWORD: $KeycloakAdminPassword
+  DB_PASSWORD: $DatabasePassword
+"@
+
+$backendSecretFile = [System.IO.Path]::GetTempFileName()
+$backendSecretYaml | Out-File -FilePath $backendSecretFile -Encoding UTF8
+
+try {
+    # Supprimer le secret s'il existe déjà
+    $deleteCmd = "kubectl delete secret lions-user-manager-server-secrets -n $Namespace --ignore-not-found=true"
+    ssh.exe $VpsHost $deleteCmd | Out-Null
+    
+    # Copier le fichier sur le VPS et créer le secret
+    $remoteFile = "/tmp/backend-secret.yaml"
+    scp.exe $backendSecretFile "$VpsHost`:$remoteFile"
+    $createSecretCmd = "kubectl apply -f $remoteFile"
+    ssh.exe $VpsHost $createSecretCmd
+    
+    Write-Success "Secret backend créé"
+} catch {
+    Write-Error "Erreur création secret backend: $($_.Exception.Message)"
+    exit 1
+} finally {
+    Remove-Item $backendSecretFile -Force
+}
+
+# 4. Vérifier les secrets
+Write-Step "4. Vérification des secrets créés..."
+
+$listSecretsCmd = "kubectl get secrets -n $Namespace | grep lions-user-manager"
+try {
+    $secrets = ssh.exe $VpsHost $listSecretsCmd
+    Write-Success "Secrets listés:"
+    Write-Host $secrets
+} catch {
+    Write-Warning "Erreur lors de la vérification: $($_.Exception.Message)"
+}
+
+# 5. Décrire les secrets (sans afficher les valeurs)
+Write-Step "5. Description des secrets (sans valeurs)..."
+
+try {
+    Write-Info "Secret frontend:"
+    $describeFrontendCmd = "kubectl describe secret lions-user-manager-client-secrets -n $Namespace"
+    ssh.exe $VpsHost $describeFrontendCmd
+    
+    Write-Info "Secret backend:"
+    $describeBackendCmd = "kubectl describe secret lions-user-manager-server-secrets -n $Namespace"
+    ssh.exe $VpsHost $describeBackendCmd
+} catch {
+    Write-Warning "Erreur lors de la description: $($_.Exception.Message)"
+}
+
+# 6. Résumé
+Write-Step "6. Résumé de la configuration..."
+
+Write-Host @"
+
+╔═══════════════════════════════════════════════════════════════════════════════╗
+║                                                                               ║
+║                    ✅ SECRETS KUBERNETES CRÉÉS ✅                            ║
+║                                                                               ║
+╚═══════════════════════════════════════════════════════════════════════════════╝
+
+"@ -ForegroundColor Green
+
+Write-Host "📋 SECRETS CRÉÉS:" -ForegroundColor Yellow
+Write-Host ""
+Write-Host "🔐 FRONTEND (lions-user-manager-client-secrets):" -ForegroundColor Cyan
+Write-Host "   - KEYCLOAK_CLIENT_SECRET"
+Write-Host "   - OIDC_ENCRYPTION_SECRET"
+Write-Host "   - LIONS_USER_MANAGER_BACKEND_URL"
+Write-Host ""
+Write-Host "🔐 BACKEND (lions-user-manager-server-secrets):" -ForegroundColor Cyan
+Write-Host "   - KEYCLOAK_CLIENT_SECRET"
+Write-Host "   - KEYCLOAK_ADMIN_USERNAME"
+Write-Host "   - KEYCLOAK_ADMIN_PASSWORD"
+Write-Host "   - DB_PASSWORD"
+Write-Host ""
+Write-Host "⚠️  PROCHAINES ÉTAPES:" -ForegroundColor Yellow
+Write-Host "   1. Vérifiez que les secrets sont correctement créés"
+Write-Host "   2. Configurez les Deployments pour utiliser ces secrets"
+Write-Host "   3. Procédez au déploiement avec lionsctl"
+Write-Host ""
+