cameleer/cameleer-server
1
0
Fork 0
Code Issues 44 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: tenant-scoped environment network names
All checks were successful
CI / cleanup-branch (push) Has been skipped
Details
CI / build (push) Successful in 1m27s
Details
CI / docker (push) Successful in 1m9s
Details
CI / deploy-feature (push) Has been skipped
Details
CI / deploy (push) Successful in 38s
Details

Browse Source 
Environment networks now include the tenant ID to prevent cross-tenant
collisions: cameleer-env-{tenantId}-{envSlug} instead of cameleer-env-
{envSlug}. Without this, two tenants with a "dev" environment would
share the same Docker network.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-10 08:13:47 +02:00
parent 50e3f1ade6
commit 2ac52d3918
2 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cameleer3-server-app/src/main/java/com/cameleer3/server/app/runtime/DeploymentExecutor.java
View File

@@ -64,6 +64,9 @@ public class DeploymentExecutor {
@Value("${cameleer.runtime.jar-storage-path:/data/jars}") @Value("${cameleer.runtime.jar-storage-path:/data/jars}")
private String jarStoragePath; private String jarStoragePath;
@Value("${cameleer.tenant.id:default}")
private String tenantId;
public DeploymentExecutor(RuntimeOrchestrator orchestrator, public DeploymentExecutor(RuntimeOrchestrator orchestrator,
DeploymentService deploymentService, DeploymentService deploymentService,
AppService appService, AppService appService,
@@ -116,8 +119,8 @@ public class DeploymentExecutor {
// Traefik network for routing (apps need to be reachable by Traefik) // Traefik network for routing (apps need to be reachable by Traefik)
networkManager.ensureNetwork(DockerNetworkManager.TRAEFIK_NETWORK); networkManager.ensureNetwork(DockerNetworkManager.TRAEFIK_NETWORK);
additionalNets.add(DockerNetworkManager.TRAEFIK_NETWORK); additionalNets.add(DockerNetworkManager.TRAEFIK_NETWORK);
// Per-environment network for intra-environment service discovery // Per-environment network scoped to tenant to prevent cross-tenant collisions
envNet = DockerNetworkManager.envNetworkName(env.slug()); envNet = DockerNetworkManager.envNetworkName(tenantId, env.slug());
networkManager.ensureNetwork(envNet); networkManager.ensureNetwork(envNet);
additionalNets.add(envNet); additionalNets.add(envNet);
} }

5
cameleer3-server-app/src/main/java/com/cameleer3/server/app/runtime/DockerNetworkManager.java
View File

@@ -59,4 +59,9 @@ public class DockerNetworkManager {
public static String envNetworkName(String envSlug) { public static String envNetworkName(String envSlug) {
return ENV_NETWORK_PREFIX + envSlug; return ENV_NETWORK_PREFIX + envSlug;
} }
/** Tenant-scoped environment network name to prevent cross-tenant collisions. */
public static String envNetworkName(String tenantId, String envSlug) {
return ENV_NETWORK_PREFIX + tenantId + "-" + envSlug;
}
} }