Merge Conflicts resolved for "add security and swagger in product (#60)"

.env.sample

@@ -0,0 +1,21 @@
+# Postgres
+POSTGRES_USER=
+POSTGRES_PASSWORD=
+POSTGRES_HOST=
+POSTGRES_PORT=
+
+SERVER_PORT=
+
+# Swagger UI
+URLS=
+
+# Start all service when run docker compose up
+COMPOSE_FILE=docker-compose.yml
+
+# ********************* #
+# SERVICES
+# ********************* #
+# Product
+PRODUCT_DATASOURCE_URL=
+PRODUCT_DATA_USERNAME=
+PRODUCT_DATA_PASSWORD=

.github/workflows/sell-bff-ci.yaml

@@ -0,0 +1,168 @@
+name: Sell bff service CI
+
+on:
+  push:
+    branches: [ "main" ]
+    paths:
+      - "sell-bff/**"
+      - ".github/workflows/actions/action.yaml"
+      - ".github/workflows/sell-bff-ci.yaml"
+      - "pom.xml"
+  pull_request:
+    branches: [ "main" ]
+    paths:
+      - "sell-bff/**"
+      - ".github/workflows/actions/action.yaml"
+      - ".github/workflows/sell-bff-ci.yaml"
+      - "pom.xml"
+  workflow_dispatch:
+
+jobs:
+  style:
+    runs-on: ubuntu-latest
+    name: Check style
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Run maven checkstyle
+        run: mvn checkstyle:checkstyle -f sell-bff
+  compile:
+    runs-on: ubuntu-latest
+    name: Compile project
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'adopt'
+          cache: maven
+
+      - name: Compile project
+        run: mvn clean compile -f sell-bff
+
+  unit-tests:
+    runs-on: ubuntu-latest
+    name: Unit tests
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'adopt'
+          cache: maven
+
+      - name: Running unit tests
+        run: mvn test -f sell-bff jacoco:report
+
+  build:
+    runs-on: ubuntu-latest
+    name: Build project
+    needs: [compile, unit-tests]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'adopt'
+          cache: maven
+
+      - name: Building project
+        run: mvn package -f sell-bff
+
+  coverage:
+    runs-on: ubuntu-latest
+    env:
+      FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }}
+    permissions:
+      pull-requests: write
+      packages: write
+    name: Coverage and Package
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'adopt'
+          cache: maven
+      - name: Building project
+        run: mvn package -f sell-bff
+      - name: Add coverage report to PR
+        uses: madrapps/jacoco-report@v1.6.1
+        if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }}
+        with:
+          paths: ${{github.workspace}}/sell-bff/target/site/jacoco/jacoco.xml
+          token: ${{secrets.GITHUB_TOKEN}}
+          min-coverage-overall: 30
+          min-coverage-changed-files: 20
+          title: 'Sell-bff Coverage Report'
+          update-comment: true
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+        continue-on-error: false
+
+      - name: OWASP Dependency Check
+        if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }}
+        uses: dependency-check/Dependency-Check_Action@main
+        env:
+          JAVA_HOME: /opt/jdk
+        with:
+          project: 'matcha'
+          path: '.'
+          format: 'HTML'
+      - name: Upload OWASP Dependency Check results
+        if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }}
+        uses: actions/upload-artifact@master
+        with:
+          name: OWASP Dependency Check Report
+          path: ${{github.workspace}}/reports
+
+      - name: Log in to the Container registry
+        if: ${{ github.ref == 'refs/heads/main' }}
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push Docker images
+        if: ${{ github.ref == 'refs/heads/main' }}
+        uses: docker/build-push-action@v6
+        with:
+          context: ./sell-bff
+          push: true
+          file: ./sell-bff/Dockerfile
+          platforms: linux/amd64
+          tags: ghcr.io/${{ github.repository_owner }}/matcha-sell-bff:latest
+
+  check:
+    runs-on: ubuntu-latest
+    name: Git-leaks check
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Gitleaks check
+        run: |
+          docker pull zricethezav/gitleaks:v8.18.4
+          docker run --rm -v ${{ github.workspace }}:/work -w /work zricethezav/gitleaks:v8.18.4 detect --source="." --config="/work/gitleaks.toml" --verbose --no-git

CODE_OF_CONDUCT.md

@@ -0,0 +1,94 @@
+# Citizen Code of Conduct
+
+## 1. Purpose
+
+A primary goal of Matcha is to be inclusive to the largest number of contributors, with the most varied and diverse backgrounds possible. As such, we are committed to providing a friendly, safe and welcoming environment for all, regardless of gender, sexual orientation, ability, ethnicity, socioeconomic status, and religion (or lack thereof).
+
+This code of conduct outlines our expectations for all those who participate in our community, as well as the consequences for unacceptable behavior.
+
+We invite all those who participate in Matcha to help us create safe and positive experiences for everyone.
+
+## 2. Open [Source/Culture/Tech] Citizenship
+
+A supplemental goal of this Code of Conduct is to increase open [source/culture/tech] citizenship by encouraging participants to recognize and strengthen the relationships between our actions and their effects on our community.
+
+Communities mirror the societies in which they exist and positive action is essential to counteract the many forms of inequality and abuses of power that exist in society.
+
+If you see someone who is making an extra effort to ensure our community is welcoming, friendly, and encourages all participants to contribute to the fullest extent, we want to know.
+
+## 3. Expected Behavior
+
+The following behaviors are expected and requested of all community members:
+
+ * Participate in an authentic and active way. In doing so, you contribute to the health and longevity of this community.
+ * Exercise consideration and respect in your speech and actions.
+ * Attempt collaboration before conflict.
+ * Refrain from demeaning, discriminatory, or harassing behavior and speech.
+ * Be mindful of your surroundings and of your fellow participants. Alert community leaders if you notice a dangerous situation, someone in distress, or violations of this Code of Conduct, even if they seem inconsequential.
+ * Remember that community event venues may be shared with members of the public; please be respectful to all patrons of these locations.
+
+## 4. Unacceptable Behavior
+
+The following behaviors are considered harassment and are unacceptable within our community:
+
+ * Violence, threats of violence or violent language directed against another person.
+ * Sexist, racist, homophobic, transphobic, ableist or otherwise discriminatory jokes and language.
+ * Posting or displaying sexually explicit or violent material.
+ * Posting or threatening to post other people's personally identifying information ("doxing").
+ * Personal insults, particularly those related to gender, sexual orientation, race, religion, or disability.
+ * Inappropriate photography or recording.
+ * Inappropriate physical contact. You should have someone's consent before touching them.
+ * Unwelcome sexual attention. This includes, sexualized comments or jokes; inappropriate touching, groping, and unwelcomed sexual advances.
+ * Deliberate intimidation, stalking or following (online or in person).
+ * Advocating for, or encouraging, any of the above behavior.
+ * Sustained disruption of community events, including talks and presentations.
+
+## 5. Weapons Policy
+
+No weapons will be allowed at Matcha events, community spaces, or in other spaces covered by the scope of this Code of Conduct. Weapons include but are not limited to guns, explosives (including fireworks), and large knives such as those used for hunting or display, as well as any other item used for the purpose of causing injury or harm to others. Anyone seen in possession of one of these items will be asked to leave immediately, and will only be allowed to return without the weapon. Community members are further expected to comply with all state and local laws on this matter.
+
+## 6. Consequences of Unacceptable Behavior
+
+Unacceptable behavior from any community member, including sponsors and those with decision-making authority, will not be tolerated.
+
+Anyone asked to stop unacceptable behavior is expected to comply immediately.
+
+If a community member engages in unacceptable behavior, the community organizers may take any action they deem appropriate, up to and including a temporary ban or permanent expulsion from the community without warning (and without refund in the case of a paid event).
+
+## 7. Reporting Guidelines
+
+If you are subject to or witness unacceptable behavior, or have any other concerns, please notify a community organizer as soon as possible. .
+
+
+
+Additionally, community organizers are available to help community members engage with local law enforcement or to otherwise help those experiencing unacceptable behavior feel safe. In the context of in-person events, organizers will also provide escorts as desired by the person experiencing distress.
+
+## 8. Addressing Grievances
+
+If you feel you have been falsely or unfairly accused of violating this Code of Conduct, you should notify  with a concise description of your grievance. Your grievance will be handled in accordance with our existing governing policies. 
+
+
+
+## 9. Scope
+
+We expect all community participants (contributors, paid or otherwise; sponsors; and other guests) to abide by this Code of Conduct in all community venues--online and in-person--as well as in all one-on-one communications pertaining to community business.
+
+This code of conduct and its related procedures also applies to unacceptable behavior occurring outside the scope of community activities when such behavior has the potential to adversely affect the safety and well-being of community members.
+
+## 10. Contact info
+
+
+
+## 11. License and attribution
+
+The Citizen Code of Conduct is distributed by [Stumptown Syndicate](http://stumptownsyndicate.org) under a [Creative Commons Attribution-ShareAlike license](http://creativecommons.org/licenses/by-sa/3.0/). 
+
+Portions of text derived from the [Django Code of Conduct](https://www.djangoproject.com/conduct/) and the [Geek Feminism Anti-Harassment Policy](http://geekfeminism.wikia.com/wiki/Conference_anti-harassment/Policy).
+
+_Revision 2.3. Posted 6 March 2017._
+
+_Revision 2.2. Posted 4 February 2016._
+
+_Revision 2.1. Posted 23 June 2014._
+
+_Revision 2.0, adopted by the [Stumptown Syndicate](http://stumptownsyndicate.org) board on 10 January 2013. Posted 17 March 2013._

docker-compose.yml

@@ -0,0 +1,71 @@
+version: "3.9"
+
+services:
+#  nginx:
+#    image: nginx:1.25.3
+#    restart: unless-stopped
+#    volumes:
+#      - ./nginx/templates:/etc/nginx/templates
+#      - ./nginx/configuration/custom_proxy_settings.conf:/etc/nginx/conf.d/custom_proxy_settings.conf
+#    ports:
+#      - "80:80"
+#    networks:
+#      - matcha-network
+
+  keycloak:
+    image: quay.io/keycloak/keycloak:21.0.2
+    command: [ 'start-dev --import-realm' ]
+    environment:
+      KEYCLOAK_ADMIN: admin
+      KEYCLOAK_ADMIN_PASSWORD: admin
+      KC_PROXY: passthrough
+      KC_DB: postgres
+      KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak
+      KC_DB_USERNAME: ${POSTGRES_USER}
+      KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
+      KC_HTTP_PORT: 80
+    volumes:
+      - ./identity/realm-export.json:/opt/keycloak/data/import/realm-export.json
+      - ./identity/themes/matcha/theme:/opt/keycloak/themes
+    networks:
+      - matcha-network
+    ports:
+      - "8080:80"
+
+  postgres:
+    image: debezium/postgres:15-alpine
+    build: ./docker/postgres
+    hostname: ${POSTGRES_HOST}
+    ports:
+      - "${POSTGRES_PORT}:${POSTGRES_PORT}"
+    volumes:
+      - ./docker/postgres/postgresql.conf.sample:/usr/share/postgresql/postgresql.conf.sample
+      - ./postgres_init.sql:/docker-entrypoint-initdb.d/postgres_init.sql
+      - postgres:/var/lib/postgresql/data
+    command: postgres -c 'max_connections=500'
+    environment:
+      - POSTGRES_USER
+      - POSTGRES_PASSWORD
+    networks:
+      - matcha-network
+
+  swagger-ui:
+    image: swaggerapi/swagger-ui:v4.16.0
+    environment:
+      - BASE_URL=/swagger-ui
+      - URLS
+      - OAUTH_CLIENT_ID=swagger
+      - OAUTH_USE_PKCE=true
+    networks:
+      - matcha-network
+    ports:
+      - "8090:8080"
+
+networks:
+  matcha-network:
+    driver: bridge
+    name: matcha-network
+
+volumes:
+  postgres:
+  pgadmin:

docker/postgres/Dockerfile

@@ -0,0 +1,7 @@
+FROM debezium/postgres:15-alpine
+ENV WAL2JSON_TAG="wal2json_2_5"
+RUN apk add --no-cache --virtual .debezium-build-deps clang15 gcc git llvm15 make musl-dev pkgconf \
+    && git clone https://github.com/eulerto/wal2json -b master --single-branch \
+    && (cd /wal2json && git checkout tags/"$WAL2JSON_TAG" -b "$WAL2JSON_TAG" && make && make install) \
+    && rm -rf wal2json \
+    && apk del .debezium-build-deps

docker/postgres/postgresql.conf.sample

@@ -0,0 +1,16 @@
+# LOGGING
+# log_min_error_statement = fatal
+# log_min_messages = DEBUG1
+
+# CONNECTION
+listen_addresses = '*'
+
+# MODULES
+shared_preload_libraries = 'decoderbufs,wal2json'
+
+# REPLICATION
+wal_level = logical             # minimal, archive, hot_standby, or logical (change requires restart)
+max_wal_senders = 20             # max number of walsender processes (change requires restart)
+#wal_keep_segments = 4          # in logfile segments, 16MB each; 0 disables
+#wal_sender_timeout = 60s       # in milliseconds; 0 disables
+max_replication_slots = 20       # max number of replication slots (change requires restart)

docs/diagram.md

@@ -1,9 +1,11 @@
 # Description database in this project
 ## Diagram
-![Screenshot 2024-10-02 234532](https://github.com/user-attachments/assets/6f9d1806-9b10-4d96-ae4b-63ad9ca2da61)
+![Screenshot 2024-10-09 080050](https://github.com/user-attachments/assets/7a392dcd-8058-4d0a-8cdf-d59517fe2b62)
 
 ## Behavior of buyer
+<img width="563" alt="Ảnh màn hình 2024-10-04 lúc 16 08 55" src="https://github.com/user-attachments/assets/1d2be5a0-2162-48b2-a9cb-e68279e295f4">
 
 ## Behavior of seller
+![seller diagram](https://github.com/user-attachments/assets/05b0d10c-b8cf-46df-bdf4-9fd3508f8e69)
 
 ## Behavior of manager