fix: kafka dev standalone, OIDC realm LUM, Flyway out-of-order, shutdown guard, TypeRef categorie/modules

- docker-compose.dev.yml: retire le service kafka (standalone existant sur :9092), kafka-ui pointe host.docker.internal:9092 - application-dev.properties: OIDC admin-service realm corrigé lions-user-manager (fix AUTH changement mdp) - application-prod.properties: nouvelle var KEYCLOAK_LUM_AUTH_SERVER_URL + fallback KEYCLOAK_CLIENT_SECRET - application.properties: quarkus.flyway.out-of-order=true (évite échec si migration hors-séquence) - V10 renommé V10_1 (évite conflit avec historique Flyway existant) - AlertMonitoringService: guard Arc.container().isRunning() pour éviter NPE au shutdown - TypeOrganisationReferenceResource: forward categorie + modulesRequis au service - Tests: coverage TypeOrganisationReferenceResource + TypeReferenceService
2026-04-11 01:25:45 +00:00
parent 065b0008b0
commit 31e8d5534c
9 changed files with 72 additions and 51 deletions
--- a/src/main/java/dev/lions/unionflow/server/resource/TypeOrganisationReferenceResource.java
+++ b/src/main/java/dev/lions/unionflow/server/resource/TypeOrganisationReferenceResource.java
@@ -70,6 +70,8 @@ public class TypeOrganisationReferenceResource {
                .estDefaut(request.estDefaut())
                .estSysteme(request.estSysteme())
                .organisationId(request.organisationId())
+                .categorie(request.categorie())
+                .modulesRequis(request.modulesRequis())
                .build();
        try {
            TypeReferenceResponse created = typeReferenceService.creer(withDomaine);
--- a/src/main/java/dev/lions/unionflow/server/service/AlertMonitoringService.java
+++ b/src/main/java/dev/lions/unionflow/server/service/AlertMonitoringService.java
@@ -5,6 +5,7 @@ import dev.lions.unionflow.server.entity.SystemAlert;
 import dev.lions.unionflow.server.repository.AlertConfigurationRepository;
 import dev.lions.unionflow.server.repository.SystemAlertRepository;
 import dev.lions.unionflow.server.repository.SystemLogRepository;
+import io.quarkus.arc.Arc;
 import io.quarkus.scheduler.Scheduled;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
@@ -47,6 +48,10 @@ public class AlertMonitoringService {
    @Scheduled(cron = "0 * * * * ?") // Toutes les minutes à la seconde 0
    @Transactional
    public void monitorSystemMetrics() {
+        // Guard contre l'exécution pendant le shutdown Quarkus (Arc.container() null → NPE)
+        if (!Arc.container().isRunning()) {
+            return;
+        }
        try {
            log.debug("Running scheduled system metrics monitoring...");

--- a/src/main/resources/application-dev.properties
+++ b/src/main/resources/application-dev.properties
@@ -50,10 +50,12 @@ quarkus.log.category."io.quarkus.security".level=INFO
 wave.mock.enabled=true
 wave.redirect.base.url=http://localhost:8085

-# OIDC client "admin-service" — service account pour appels admin vers lions-user-manager
-quarkus.oidc-client.admin-service.auth-server-url=http://localhost:8180/realms/unionflow
+# OIDC client "admin-service" — service account pour appels vers lions-user-manager
+# Utilise le realm lions-user-manager (cohérent avec le serveur LUM qui valide ce realm)
+# Le client unionflow-server existe dans lions-user-manager realm avec ce secret
+quarkus.oidc-client.admin-service.auth-server-url=http://localhost:8180/realms/lions-user-manager
 quarkus.oidc-client.admin-service.client-id=unionflow-server
-quarkus.oidc-client.admin-service.credentials.secret=unionflow-secret-2025
+quarkus.oidc-client.admin-service.credentials.secret=Esj0DzyRt7wSPtcePDae1dQQdqmQxlJm
 quarkus.oidc-client.admin-service.grant.type=client
 quarkus.oidc-client.admin-service.tls.verification=none
 quarkus.oidc-client.admin-service.early-tokens-acquisition=true
--- a/src/main/resources/application-prod.properties
+++ b/src/main/resources/application-prod.properties
@@ -58,9 +58,10 @@ quarkus.log.category."org.jboss.resteasy".level=WARN
 quarkus.rest-client.lions-user-manager-api.url=${LIONS_USER_MANAGER_URL:http://lions-user-manager:8081}

 # OIDC client "admin-service" — service account pour appels admin vers lions-user-manager
-quarkus.oidc-client.admin-service.auth-server-url=${KEYCLOAK_AUTH_SERVER_URL:https://security.lions.dev/realms/unionflow}
+# Utilise le realm lions-user-manager (cohérent avec le serveur LUM qui valide ce realm)
+quarkus.oidc-client.admin-service.auth-server-url=${KEYCLOAK_LUM_AUTH_SERVER_URL:https://security.lions.dev/realms/lions-user-manager}
 quarkus.oidc-client.admin-service.client-id=unionflow-server
-quarkus.oidc-client.admin-service.credentials.secret=${KEYCLOAK_CLIENT_SECRET}
+quarkus.oidc-client.admin-service.credentials.secret=${KEYCLOAK_ADMIN_SERVICE_SECRET:${KEYCLOAK_CLIENT_SECRET}}
 quarkus.oidc-client.admin-service.grant.type=client

 # Wave Money — Production
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -45,6 +45,7 @@ quarkus.hibernate-orm.metrics.enabled=false
 quarkus.flyway.migrate-at-start=true
 quarkus.flyway.baseline-on-migrate=true
 quarkus.flyway.baseline-version=0
+quarkus.flyway.out-of-order=true

 # Configuration Keycloak OIDC — base commune
 quarkus.oidc.application-type=service
--- a/src/main/resources/db/migration/V10_1__Fix_ModulesDisponibles_Version_Column_Type.sql
+++ b/src/main/resources/db/migration/V10_1__Fix_ModulesDisponibles_Version_Column_Type.sql