This is required because when we host the server in a docker container, by default the baseUri picked up by Spring security is the DNS name of the appsmith server inside the docker networking bridge. These names may not be valid DNS names that Google can redirect to in the event of a successful Oauth2 login. Hence, we are overriding the base uri with our own uri for each environment.
The customer will have to provide this uri when they host it on their internal networks. This uri must be publicly accessible for Oauth2 to work.
Note that we have to delete the Mongo volume for the inidtb script to take effect. Else, it will not execute. To be used only for testing right now. Will figure out a more robust solution later.
Also using Google's JIB Maven plugin to reduce our Docker image footprint. Will make container upload and download much faster
Currently, ACLFilter communicates with the OPA daemon to determine if the request should be validated or not based on the resource and permissions in user and group
