feat: Improve API key management

Fixes #10 

Use `bootstrap.sh` to manage API key with a two step build process.

docker-compose.yml

@@ -28,7 +28,11 @@ services:
     container_name: oba_app
     depends_on:
       - oba_database
-    build: ./oba
+    build:
+      context: ./oba
+      # For test only, remove in production
+      args:
+        - TEST_API_KEY=test
     environment:
       - JDBC_URL=jdbc:mysql://oba_database:3306/oba_database
       - JDBC_USER=oba_user

oba/Dockerfile

@@ -1,3 +1,16 @@
+FROM alpine:latest as builder
+# Append Test API Key dynamically
+ARG TEST_API_KEY
+ENV TEST_API_KEY=${TEST_API_KEY}
+
+WORKDIR /oba
+COPY bootstrap.sh .
+COPY ./config ./config
+RUN chmod +x bootstrap.sh
+RUN apk update && apk add --no-cache bash && apk add --no-cache xmlstarlet
+RUN ./bootstrap.sh
+
+
 FROM tomcat:8.5.98-jdk11-temurin
 
 ENV CATALINA_HOME /usr/local/tomcat
@@ -45,7 +58,7 @@ WORKDIR /oba/webapps/onebusaway-api-webapp
 RUN cp /oba/libs/onebusaway-api-webapp-${OBA_VERSION}.war .
 RUN jar xvf onebusaway-api-webapp-${OBA_VERSION}.war
 RUN rm onebusaway-api-webapp-${OBA_VERSION}.war
-COPY ./config/onebusaway-api-webapp-data-sources.xml ./WEB-INF/classes/data-sources.xml
+COPY --from=builder /oba/config/onebusaway-api-webapp-data-sources.xml ./WEB-INF/classes/data-sources.xml
 RUN cp $CATALINA_HOME/lib/mysql-connector-j-8.3.0.jar ./WEB-INF/lib
 RUN mv /oba/webapps/onebusaway-api-webapp $CATALINA_HOME/webapps
 

oba/bootstrap.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+XML_FILE="./config/onebusaway-api-webapp-data-sources.xml"
+NAMESPACE_PREFIX="x"
+NAMESPACE_URI="http://www.springframework.org/schema/beans"
+BEAN_ID="testAPIKey"
+
+# Check if the TEST_API_KEY environment variable is set
+if [ -n "$TEST_API_KEY" ]; then
+  # If it is set, then add the API key to the data-sources.xml file
+    echo "TEST_API_KEY set to $TEST_API_KEY, setting API key in data-sources.xml"
+    xmlstarlet ed -L -N ${NAMESPACE_PREFIX}=${NAMESPACE_URI} \
+        -s "//${NAMESPACE_PREFIX}:bean[@id='${BEAN_ID}']" -t elem -n "property" -v "" \
+        -i "//${NAMESPACE_PREFIX}:bean[@id='${BEAN_ID}']/property[not(@name)]" -t attr -n "name" -v "key" \
+        -i "//${NAMESPACE_PREFIX}:bean[@id='${BEAN_ID}']/property[@name='key']" -t attr -n "value" -v "${TEST_API_KEY}" \
+        ${XML_FILE}
+else
+  # If it is not set, then remove the element from the data-sources.xml file
+    echo "TEST_API_KEY environment variable is not set. Removing element from data-sources.xml"
+    xmlstarlet ed -L -N ${NAMESPACE_PREFIX}=${NAMESPACE_URI} \
+        -d "//${NAMESPACE_PREFIX}:bean[@id='${BEAN_ID}']" \
+        ${XML_FILE}
+fi

oba/config/onebusaway-api-webapp-data-sources.xml

@@ -56,11 +56,6 @@
     <constructor-arg type="java.lang.String" value="" />
   </bean>
 
-  <!-- Allows the TEST key for OBA API testing.  Should be removed in production -->
-  <bean class="org.onebusaway.users.impl.CreateApiKeyAction">
-    <property name="key" value="TEST"/>
-  </bean>
-
   <!-- iOS Client key -->
   <bean class="org.onebusaway.users.impl.CreateApiKeyAction">
     <property name="key" value="org.onebusaway.iphone"/>
@@ -71,6 +66,10 @@
     <property name="key" value="v1_BktoDJ2gJlu6nLM6LsT9H8IUbWc=cGF1bGN3YXR0c0BnbWFpbC5jb20="/>
   </bean>
 
+  <!-- Allows the TEST key for OBA API testing.  Automated handled in `bootstrap.sh` -->
+  <bean id="testAPIKey" class="org.onebusaway.users.impl.CreateApiKeyAction">
+  </bean>
+
   <bean class="org.onebusaway.container.spring.PropertyOverrideConfigurer">
     <property name="properties">
       <props>