Merge branch 'trusted-branch-azure' into 'master'

Service Builds for Azure Cloud Provider

See merge request !6

.gitlab-ci.yml

@@ -11,13 +11,27 @@ variables:
   GCP_DEPLOY_ENV: p4d
   GCP_DOMAIN: cloud.slb-ds.com
   GCP_STORAGE_URL: https://osdu-legal-dot-opendes.appspot.com/api/legal/v2/
+  AZURE_SERVICE: legal
+  AZURE_BUILD_SUBDIR: provider/legal-azure
+  AZURE_TEST_SUBDIR: testing/legal-test-azure
+
 
 include:
-  - project: 'osdu/platform/ci-cd-pipelines'
-    ref: 'master'
-    file: 'temp-service.gitlab-ci.yml'
+  - project: "osdu/platform/ci-cd-pipelines"
+    ref: "master"
+    file: "standard-setup.yml"
+  - project: "osdu/platform/ci-cd-pipelines"
+    ref: "master"
+    file: "build/maven.yml"
+  - project: "osdu/platform/ci-cd-pipelines"
+    ref: "master"
+    file: "cloud-providers/azure.yml"
+  - project: "osdu/platform/ci-cd-pipelines"
+    file: "scanners/fossa.yml"
+  - project: "osdu/platform/ci-cd-pipelines"
+    file: "scanners/gitlab-ultimate.yml"
+
 
-unit-tests: 
-  variables: 
+compile-and-unit-test:
+  variables:
     GOOGLE_CLOUD_PROJECT: opendes
-  
\ No newline at end of file

.mvn/community-maven.settings.xml

 <settings>
-	<profiles>
-		<profile>
-			<!-- This profile uses the CI-Token to authenticate with the server, and is the default case -->
-			<id>GitLab-Authenticate-With-Job-Token</id>
-			<activation>
-				<activeByDefault>true</activeByDefault>
-			</activation>
-			<properties>
-				<gitlab-server>community-maven-via-job-token</gitlab-server>
-			</properties>
-		</profile>
+  <profiles>
+    <profile>
+      <!-- This profile uses the CI-Token to authenticate with the server, and is the default case -->
+      <id>GitLab-Authenticate-With-Job-Token</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+      <properties>
+        <gitlab-server>community-maven-via-job-token</gitlab-server>
+      </properties>
+    </profile>
 
-		<profile>
-			<!-- This profile uses a personal token to authenticate, which is useful for local or manual runs. The
+    <profile>
+      <!-- This profile uses a personal token to authenticate, which is useful for local or manual runs. The
 			     presence of the COMMUNITY_MAVEN_TOKEN variable triggers this and overrides the CI Token
 			     based authentication -->
-			<id>GitLab-Authenticate-With-Private-Token</id>
-			<activation>
-			<property>
-				<name>env.COMMUNITY_MAVEN_TOKEN</name>
-			</property>
-			</activation>
-			<properties>
-				<gitlab-server>community-maven-via-private-token</gitlab-server>
-			</properties>
-		</profile>
-	</profiles>
+      <id>GitLab-Authenticate-With-Private-Token</id>
+      <activation>
+        <property>
+          <name>env.COMMUNITY_MAVEN_TOKEN</name>
+        </property>
+      </activation>
+      <properties>
+        <gitlab-server>community-maven-via-private-token</gitlab-server>
+      </properties>
+    </profile>
+  </profiles>
 
-	<servers>
-		<server>
-			<id>community-maven-via-job-token</id>
-			<configuration>
-				<httpHeaders>
-					<property>
-						<name>Job-Token</name>
-						<value>${env.CI_JOB_TOKEN}</value>
-					</property>
-				</httpHeaders>
-			</configuration>
-		</server>
+  <servers>
+    <server>
+      <id>community-maven-via-job-token</id>
+      <configuration>
+        <httpHeaders>
+          <property>
+            <name>Job-Token</name>
+            <value>${env.CI_JOB_TOKEN}</value>
+          </property>
+        </httpHeaders>
+      </configuration>
+    </server>
 
-		<server>
-			<id>community-maven-via-private-token</id>
-			<configuration>
-				<httpHeaders>
-					<property>
-						<name>Private-Token</name>
-						<value>${env.COMMUNITY_MAVEN_TOKEN}</value>
-					</property>
-				</httpHeaders>
-			</configuration>
-		</server>
-	</servers>
+    <server>
+      <id>community-maven-via-private-token</id>
+      <configuration>
+        <httpHeaders>
+          <property>
+            <name>Private-Token</name>
+            <value>${env.COMMUNITY_MAVEN_TOKEN}</value>
+          </property>
+        </httpHeaders>
+      </configuration>
+    </server>
+
+    <server>
+      <id>azure-auth</id>
+      <configuration>
+        <tenant>${env.AZURE_TENANT_ID}</tenant>
+        <client>${env.AZURE_CLIENT_ID}</client>
+        <key>${env.AZURE_CLIENT_SECRET}</key>
+        <environment>AZURE</environment>
+      </configuration>
+    </server>
+  </servers>
 </settings>

devops/azure-pipeline.yml

+#####################
+# README: Defines a template to be used as a starting point for defining a service pipeline
+#####################
+
+trigger:
+  batch: true
+  branches:
+    include:
+      - master
+  paths:
+    exclude:
+      - /**/*.md
+      - .gitignore
+      - images/
+
+pr:
+  autoCancel: true
+  branches:
+    include:
+      - '*'
+  paths:
+    exclude:
+      - /**/*.md
+      - .gitignore
+      - images/
+
+resources:
+  repositories:
+    - repository: osdu-infrastructure
+      type: git
+      name: osdu-r2/osdu-infrastructure
+
+variables:
+  - group: 'Azure Common Secrets'
+  - group: 'Azure - Common'
+
+  - name: serviceName
+    value: 'legal'
+
+stages:
+  - template: devops/service-pipelines/build-stage.yml@osdu-infrastructure
+    parameters:
+      mavenGoal: 'package'
+      mavenPublishJUnitResults: true
+      serviceCoreMavenOptions: '-P legal-core'
+      mavenOptions: '-P legal-azure'
+      copyFileContents: |
+        pom.xml
+        provider/legal-azure/maven/settings.xml
+        provider/legal-azure/pom.xml
+        provider/legal-azure/target/*-spring-boot.jar
+      copyFileContentsToFlatten: ''
+      mavenSettingsFile: './maven/settings.xml'
+      serviceBase: ${{ variables.serviceName }}
+      testingRootFolder: 'testing'
+  - template: devops/service-pipelines/deploy-stages.yml@osdu-infrastructure
+    parameters:
+      serviceName: ${{ variables.serviceName }}
+      testCoreMavenPomFile: 'testing/legal-test-core/pom.xml'
+      testCoreMavenOptions: '--settings $(System.DefaultWorkingDirectory)/drop/deploy/testing/maven/settings.xml'
+      providers:
+        -  name: Azure
+           environments: ['demo']

provider/legal-azure/README.md

@@ -88,7 +88,7 @@ Java version: 1.8.0_212, vendor: AdoptOpenJDK, runtime: /usr/lib/jvm/jdk8u212-b0
 ...
 ```
 
-You will need to configure access to the remote maven repository that holds the OSDU dependencies. This file should live within `~/.m2/settings.xml`:
+You may need to configure access to the remote maven repository that holds the OSDU dependencies. This file should live within `~/.m2/settings.xml`:
 ```bash
 $ cat ~/.m2/settings.xml
 <?xml version="1.0" encoding="UTF-8"?>
@@ -107,6 +107,8 @@ $ cat ~/.m2/settings.xml
 </settings>
 ```
 
+_A settings file is also conveniently located in ./.mvn/community-maven.settings.xml which is also used for CI/CD processes._
+
 ### Build and run the application
 
 After configuring your environment as specified above, you can follow these steps to build and run the application. These steps should be invoked from the *repository root.*
@@ -123,6 +125,9 @@ $ (cd provider/legal-azure/ && mvn clean package)
 # Note: this assumes that the environment variables for running the service as outlined
 #       above are already exported in your environment.
 $ java -jar $(find provider/legal-azure/target/ -name '*-spring-boot.jar')
+
+# Alternately you can run using the Mavan Task
+$ mvn spring-boot:run
 ```
 
 ### Test the application
@@ -145,18 +150,110 @@ $ (cd testing/legal-test-azure/ && mvn clean test)
 Jet Brains - the authors of Intellij IDEA, have written an [excellent guide](https://www.jetbrains.com/help/idea/debugging-your-first-java-application.html) on how to debug java programs.
 
 
-## Deploying service to Azure
+## Deploying the Service
 
 Service deployments into Azure are standardized to make the process the same for all services. The steps to deploy into
 Azure can be [found here](https://dev.azure.com/slb-des-ext-collaboration/open-data-ecosystem/_git/infrastructure-templates?path=%2Fdocs%2Fosdu%2FSERVICE_DEPLOYMENTS.md&_a=preview)
 
+### Manual Deployment Steps
+
+__Environment Settings__
+
+The following environment variables are necessary to properly deploy a service to an Azure OSDU Environment.
+
+```bash
+# Group Level Variables
+export AZURE_TENANT_ID=""
+export AZURE_SUBSCRIPTION_ID=""
+export AZURE_SUBSCRIPTION_NAME=""
+export AZURE_PRINCIPAL_ID=""
+export AZURE_PRINCIPAL_SECRET=""
+export AZURE_APP_ID=""
+export AZURE_NO_ACCESS_ID=""
+export AZURE_NO_ACCESS_SECRET=""
+export AZURE_OTHER_APP_ID=""
+export AZURE_BASENAME_21=""
+export AZURE_BASENAME=""
+export AZURE_BASE=""
+export AZURE_INVALID_JWT=""
+export AZURE_STORAGE_KEY=""
+
+# Pipeline Level Variable
+export AZURE_SERVICE="legal"
+export AZURE_BUILD_SUBDIR="provider/legal-azure"
+export AZURE_TEST_SUBDIR="testing/legal-test-azure"
+export AZURE_OSDU_TENANT="opendes"
+export AZURE_SERVICE_BUS_TOPIC="legaltags"
+export LEGAL_STORAGE_CONTAINER="legal-service-azure-configuration"
+
+
+# Required for Azure Deployment
+export AZURE_CLIENT_ID="${AZURE_PRINCIPAL_ID}"
+export AZURE_CLIENT_SECRET="${AZURE_PRINCIPAL_SECRET}"
+export AZURE_RESOURCE_GROUP="${AZURE_BASENAME}-osdu-r2-app-rg"
+export AZURE_APPSERVICE_PLAN="${AZURE_BASENAME}-osdu-r2-sp"
+export AZURE_APPSERVICE_NAME="${AZURE_BASENAME_21}-au-${AZURE_SERVICE}"
+
+# Required for Testing
+export HOST_URL="https://${AZURE_BASENAME_21}-au-legal.azurewebsites.net/"
+export ENTITLEMENT_URL="https://${AZURE_BASENAME_21}-au-entitlements.azurewebsites.net/"
+export MY_TENANT="${AZURE_OSDU_TENANT}"
+export AZURE_AD_TENANT_ID="${AZURE_TENANT_ID}"
+export INTEGRATION_TESTER="${AZURE_PRINCIPAL_ID}"
+export AZURE_TESTER_SERVICEPRINCIPAL_SECRET="${AZURE_PRINCIPAL_SECRET}"
+export AZURE_AD_APP_RESOURCE_ID="${AZURE_APP_ID}"
+export AZURE_LEGAL_STORAGE_ACCOUNT="${AZURE_BASE}sa"
+export AZURE_LEGAL_STORAGE_KEY="${AZURE_STORAGE_KEY}"
+export AZURE_LEGAL_SERVICEBUS="Endpoint=sb://${AZURE_BASENAME_21}sb.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=${AZURE_SERVICEBUS_KEY}"
+export AZURE_LEGAL_TOPICNAME="${AZURE_SERVICE_BUS_TOPIC}"
+```
+
+__Azure Service Deployment__
+
+
+1. Deploy the service using the Maven Plugin  _(azure_deploy)_
+
+```bash
+cd $AZURE_BUILD_SUBDIR
+mvn azure-webapp:deploy \
+  -DAZURE_TENANT_ID=$AZURE_TENANT_ID \
+  -Dazure.appservice.subscription=$AZURE_SUBSCRIPTION_ID \
+  -DAZURE_CLIENT_ID=$AZURE_CLIENT_ID \
+  -DAZURE_CLIENT_SECRET=$AZURE_CLIENT_SECRET \
+  -Dazure.appservice.resourcegroup=$AZURE_RESOURCE_GROUP \
+  -Dazure.appservice.plan=$AZURE_APPSERVICE_PLAN \
+  -Dazure.appservice.appname=$AZURE_APPSERVICE_NAME
+```
+
+2. Configure the Web App to start the SpringBoot Application _(azure_config)_
+
+```bash
+az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID
+
+# Set the JAR FILE as required
+TARGET=$(find ./target/ -name '*-spring-boot.jar')
+JAR_FILE=${TARGET##*/}
+
+JAVA_COMMAND="java -jar /home/site/wwwroot/${JAR_FILE}"
+JSON_TEMPLATE='{"appCommandLine":"%s"}'
+JSON_FILE="config.json"
+echo $(printf "$JSON_TEMPLATE" "$JAVA_COMMAND") > $JSON_FILE
+
+az webapp config set --resource-group $AZURE_RESOURCE_GROUP --name $AZURE_APPSERVICE_NAME --generic-configurations @$JSON_FILE
+```
+
+3. Execute the Integration Tests against the Service Deployment _(azure_test)_
+
+```bash
+mvn clean test -f $AZURE_TEST_SUBDIR/pom.xml
+```
 
 ## License
 Copyright © Microsoft Corporation
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
-You may obtain a copy of the License at 
+You may obtain a copy of the License at
 
 [http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0)
 
@@ -164,4 +261,4 @@ Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
-limitations under the License.
\ No newline at end of file
+limitations under the License.