CoSec : RBAC-based And Policy-based Multi-Tenant Security Framework (#1)

* CoSec : RBAC-based And Policy-based Multi-Tenant Security Framework

Author: Ahoo-Wang

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,27 @@
+---
+name: "\U0001F41B Bug Report"
+about: Something isn't working as expected
+---
+
+## Bug Report
+
+Before report a bug, make sure you have:
+
+- Searched open and closed [GitHub issues](https://github.com/Ahoo-Wang/CoSec/issues).
+
+Please pay attention on issues you submitted, because we maybe need more details.
+If no response anymore and we cannot reproduce it on current information, we will **close it**.
+
+Please answer these questions before submitting your issue. Thanks!
+
+### Which version of CoSec did you use?
+
+### Expected behavior
+
+### Actual behavior
+
+### Reason analyze (If you can)
+
+### Steps to reproduce the behavior
+
+### Example codes for reproduce this issue (such as a github link).

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/PULL_REQUEST_TEMPLATE

@@ -0,0 +1,6 @@
+Fixes #ISSUSE_ID.
+
+Changes proposed in this pull request:
+-
+-
+-

.github/workflows/codecov.yml

@@ -0,0 +1,57 @@
+name: Codecov
+on:
+  push:
+    paths-ignore:
+      - 'document/**'
+      - 'cosec-gateway-server/**'
+  pull_request:
+    paths-ignore:
+      - 'document/**'
+      - 'cosec-gateway-server/**'
+
+jobs:
+  codecov:
+    name: Codecov
+    runs-on: ubuntu-latest
+    env:
+      CODECOV: true
+    services:
+      redis:
+        image: redis
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 6379:6379
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Check
+        run: gradle check
+
+      - name: Build Code Coverage Report
+        run: gradle codeCoverageReport
+
+      - name: Upload Code Coverage Report to Codecov
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          flags: unittests # optional
+          name: codecov-umbrella # optional
+          fail_ci_if_error: true # optional (default = false)
+          verbose: true # optional (default = false)
+          #          directory: ./build/reports/jacoco/codeCoverageReport/
+          files: ./build/reports/jacoco/codeCoverageReport/codeCoverageReport.xml
+          path_to_write_report: ./coverage/codecov_report.txt

.github/workflows/docker-deploy.yml

@@ -0,0 +1,86 @@
+#
+# Copyright [2021-present] [ahoo wang <[email protected]> (https://github.com/Ahoo-Wang)].
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#      http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: Docker Image Deploy
+on:
+  schedule:
+    - cron: '0 10 * * *'
+  push:
+    branches:
+      - '**'
+    tags:
+      - 'v*.*.*'
+  pull_request:
+    branches:
+      - 'main'
+jobs:
+  docker-deploy:
+    name: Push Docker image
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Build Dist
+        run: gradle cosec-gateway-server:installDist
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ahoowang/cosec-gateway
+            ghcr.io/ahoo-wang/cosec-gateway
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          platforms: linux/amd64,linux/arm64
+          context: cosec-gateway-server
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/integration-test.yml

@@ -0,0 +1,177 @@
+#
+# Copyright [2021-present] [ahoo wang <[email protected]> (https://github.com/Ahoo-Wang)].
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#      http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: Integration Test
+on: [ push, pull_request ]
+jobs:
+  cosec-core-test:
+    name: CoSec Core Test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Test CoSec-Core
+        run: gradle cosec-core:clean cosec-core:check
+
+  cosec-jwt-test:
+    name: CoSec Jwt Test
+    needs: [ cosec-core-test ]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Test CoSec-Jwt
+        run: gradle cosec-jwt:clean cosec-jwt:check
+
+  cosec-oauth-test:
+    name: CoSec OAuth Test
+    needs: [ cosec-core-test ]
+    runs-on: ubuntu-latest
+    services:
+      redis:
+        image: redis
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 6379:6379
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Test CoSec-OAuth
+        run: gradle cosec-oauth:clean cosec-oauth:check
+
+  cosec-redis-test:
+    name: CoSec Redis Test
+    needs: [ cosec-core-test ]
+    runs-on: ubuntu-latest
+    services:
+      redis:
+        image: redis
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 6379:6379
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Test CoSec-Redis
+        run: gradle cosec-redis:clean cosec-redis:check
+
+  cosec-webflux-test:
+    name: CoSec WebFlux Test
+    needs: [ cosec-core-test ]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Test CoSec-WebFlux
+        run: gradle cosec-webflux:clean cosec-webflux:check
+
+  cosec-webmvc-test:
+    name: CoSec WebMvc Test
+    needs: [ cosec-core-test ]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Test CoSec-WebMvc
+        run: gradle cosec-webmvc:clean cosec-webmvc:check
+
+  cosec-spring-boot-starter-test:
+    name: CoSec Spring Boot Starter Test
+    needs: [ cosec-core-test ]
+    runs-on: ubuntu-latest
+    services:
+      redis:
+        image: redis
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 6379:6379
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'adopt'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: Test CoSec-Spring-Boot-Starter
+        run: gradle cosec-spring-boot-starter:clean cosec-spring-boot-starter:check