Merge indexer changes from ADO - provider updates

8aaa85e4 · Wyatt Nielsen · ab068719 · 8aaa85e4 · 8aaa85e4 · 8aaa85e4
Commit 8aaa85e4 authored 5 years ago by Wyatt Nielsen
--- a/provider/indexer-gcp/azure-build.yml
+++ b/provider/indexer-gcp/azure-build.yml
+# Maven
+# Build your Java project and run tests with Apache Maven.
+# Add steps that analyze code, save build artifacts, deploy, and more:
+# https://docs.microsoft.com/azure/devops/pipelines/languages/java
+
+trigger:
+  branches:
+    include:
+    - master
+  paths:
+    exclude:
+      - README.md
+      - .gitignore
+
+pool:
+  name: dps-build
+  demands: maven
+
+steps:
+- task: Maven@3
+  displayName: 'build, test, code coverage'
+  inputs:
+    mavenPomFile: 'pom.xml'
+    options: '--settings ./indexer-core/maven/settings.xml -DVSTS_FEED_TOKEN=$(VSTS_FEED_TOKEN)'
+    testResultsFiles: '**/*/TEST-*.xml'
+    codeCoverageToolOption: JaCoCo
+    goals: 'install'
+
+- task: Maven@3
+  displayName: 'build, test, code coverage'
+  inputs:
+    mavenPomFile: 'pom.xml'
+    options: '--settings ./provider/indexer-gcp/maven/settings.xml -DVSTS_FEED_TOKEN=$(VSTS_FEED_TOKEN) -P indexer-gcp'
+    testResultsFiles: '**/*/TEST-*.xml'
+    codeCoverageToolOption: JaCoCo
+    goals: 'package'
+
+- task: ShellScript@2
+  displayName: 'Bash Script: Stage artifacts'
+  inputs:
+    scriptPath: 'provider/indexer-gcp/scripts/stage-artifacts.sh'
+    args: '$(Build.ArtifactStagingDirectory)'
+
+- task: PublishBuildArtifacts@1
+  displayName: 'Publish Artifact: drop'
+  inputs:
+    PathtoPublish: '$(build.artifactstagingdirectory)'
+  condition: succeededOrFailed()
--- a/provider/indexer-gcp/maven/settings.xml
+++ b/provider/indexer-gcp/maven/settings.xml
+<?xml version="1.0" encoding="UTF-8"?>
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
+	<servers>
+		<server>
+			<id>dev-azure-com-slb-des-ext-collaboration-os-core</id>
+			<username>os-core</username>
+			<!-- Treat this auth token like a password. Do not share it with anyone, including Microsoft support. -->
+			<!-- The generated token expires on or before 10/8/2019 -->
+			<password>${VSTS_FEED_TOKEN}</password>
+		</server>
+	</servers>
+</settings>
\ No newline at end of file
--- a/provider/indexer-gcp/scripts/config.sh
+++ b/provider/indexer-gcp/scripts/config.sh
+#!/bin/bash
+
+if [ "$PROJECT_ID" = "" ]
+then
+    export PROJECT_ID=$(gcloud config get-value project)
+fi
--- a/provider/indexer-gcp/scripts/deploy.sh
+++ b/provider/indexer-gcp/scripts/deploy.sh
+#!/bin/bash
+
+# deploy script
+
+# Exit as soon as a command fails
+set -e
+
+SCRIPTS_DIR=$(dirname $0)
+DROP_DIR=$(dirname $SCRIPTS_DIR)
+
+# Go to drop directory
+cd $DROP_DIR
+# convert to full path
+DROP_DIR=`pwd`
+echo "Current working directory: $DROP_DIR"
+
+DEPLOY_DIR=$DROP_DIR/deploy
+
+if [ -s $DEPLOY_DIR ]; then
+  rm -rf $DEPLOY_DIR/*
+else
+  mkdir $DEPLOY_DIR
+fi
+
+DEPLOY_SCRIPTS_DIR=$DEPLOY_DIR/scripts
+
+mkdir -p $DEPLOY_SCRIPTS_DIR
+
+echo "Copy artifacts to folder: $DEPLOY_DIR"
+cp $DROP_DIR/app.yaml $DEPLOY_DIR
+cp $DROP_DIR/indexer-gcp-*.jar  $DEPLOY_DIR
+cp $DROP_DIR/testing.zip  $DEPLOY_DIR
+cp $DROP_DIR/scripts/* $DEPLOY_SCRIPTS_DIR
+chmod a+x $DEPLOY_SCRIPTS_DIR/*.sh
+
+# Go to deploy directory
+cd $DEPLOY_DIR
+echo "Current working directory: $DEPLOY_DIR"
+
+source $DEPLOY_SCRIPTS_DIR/config.sh
+
+echo "Deploying to gcp"
+$DEPLOY_SCRIPTS_DIR/deploy2gcp.sh
+echo "Deployed to gcp"
\ No newline at end of file
--- a/provider/indexer-gcp/scripts/deploy2gcp.sh.tmpl
+++ b/provider/indexer-gcp/scripts/deploy2gcp.sh.tmpl
+#!/bin/bash
+
+# Exit as soon as a command fails
+set -e
+
+{{$definitionName := getenv "BUILD_DEFINITIONNAME" -}}
+{{$sourceBranchName := getenv "BUILD_SOURCEBRANCHNAME" -}}
+{{$buildNumber := getenv "BUILD_BUILDNUMBER" -}}
+
+BUILD_DEFINITIONNAME={{$definitionName}}
+BUILD_SOURCEBRANCHNAME={{$sourceBranchName}}
+BUILD_BUILDNUMBER={{$buildNumber}}
+
+SCRIPTS_DIR=$(dirname $0)
+DEPLOY_DIR=$(dirname $SCRIPTS_DIR)
+
+# Go to deploy directory
+cd $DEPLOY_DIR
+# convert to full path
+DEPLOY_DIR=`pwd`
+echo "Current working directory: $DEPLOY_DIR"
+
+source $SCRIPTS_DIR/config.sh
+
+echo "This script will deploy the app to $PROJECT_ID"
+
+if [ "$REGION" = "" ]
+then
+    REGION=$(gcloud config get-value compute/region)
+fi
+
+echo "Environment"
+echo "  Project = $PROJECT_ID"
+echo "  Compute zone = $CLOUDSDK_COMPUTE_ZONE"
+echo "  Build definition = $BUILD_DEFINITIONNAME"
+echo "  Source branch = $BUILD_SOURCEBRANCHNAME"
+echo "  Build number = $BUILD_BUILDNUMBER"
+echo "  Directory = $DEPLOY_DIR"
+
+VERSION_NUMBER=$BUILD_BUILDNUMBER
+VERSION_NUMBER=$(echo "$VERSION_NUMBER" | tr _ - | tr . - | tr '[:upper:]' '[:lower:]')
+
+count=$(gcloud app services list --project $PROJECT_ID | grep os-indexer | wc -l)
+if [ $count -gt 0 ]; then
+  CURRENT_VERSION=$(gcloud app services describe os-indexer --project $PROJECT_ID --format=json | jq --raw-output '.split.allocations | keys[0]')
+else
+  CURRENT_VERSION=""
+fi
+
+echo "Current version = $CURRENT_VERSION"
+echo "Version to be deployed = $VERSION_NUMBER"
+
+if [ "$VERSION_NUMBER" != "$CURRENT_VERSION" -o "$BUILD_FORCE_DEPLOY" = "true" ]
+then
+    SERVICE_NAME="os-indexer"
+    # If the version $VERSION_NUMBER already exists, but not serving traffic, gcloud app deploy will fail. In this case, simply start that version and migrate traffic to it
+    doesVersionExist=`gcloud app versions list --service=$SERVICE_NAME --project=$PROJECT_ID | grep $VERSION_NUMBER | wc -l`
+    if [ "$doesVersionExist" -eq "1" ]
+    then
+        echo "Starting version $VERSION_NUMBER"
+        gcloud app versions start $VERSION_NUMBER --service=$SERVICE_NAME --project=$PROJECT_ID --quiet
+        echo "Migrating all traffic to version $VERSION_NUMBER"
+        gcloud app services set-traffic $SERVICE_NAME --splits $VERSION_NUMBER=1 --project=$PROJECT_ID --quiet
+    else
+        export INDEXER_HOSTNAME="os-indexer-dot-$PROJECT_ID.appspot.com"
+
+        echo "Replacing GOOGLE_CLOUD_PROJECT_PLACE_HOLDER with $PROJECT_ID"
+        sed -i "s|GOOGLE_CLOUD_PROJECT_PLACE_HOLDER|$PROJECT_ID|g" app.yaml
+
+        echo "Content of app.yaml:"
+        cat app.yaml
+
+        echo "Deploying $INDEXER_HOSTNAME service"
+        gcloud app deploy --project=$PROJECT_ID --version=$VERSION_NUMBER app.yaml
+        echo "$INDEXER_HOSTNAME service deployed successfully"
+
+    fi
+else
+    echo "Not deploying the application because $VERSION_NUMBER is already deployed and force deploy flag is not set to true"
+fi
--- a/provider/indexer-gcp/scripts/stage-artifacts.sh
+++ b/provider/indexer-gcp/scripts/stage-artifacts.sh
+#!/bin/bash
+
+# Exit as soon as a command fails
+set -e
+
+if [ ! $# = 1 ]; then
+    echo "Usage: $0 dir"
+    exit 1
+fi
+
+STAGE_DIR=$1
+
+cd $BUILD_REPOSITORY_LOCALPATH/provider/indexer-gcp/scripts
+
+source ./config.sh
+
+#apply gomplate to deploy2gcp.sh.tmpl
+gomplate -f ./deploy2gcp.sh.tmpl -o ./deploy2gcp.sh
+chmod a+x ./*.sh
+echo "Contents of deploy2gcp.sh:"
+cat ./deploy2gcp.sh
+
+cd ..
+
+# Upload all build and deploy scripts as artifacts
+cp -R ./scripts $STAGE_DIR
+# Upload the build generated .jar file as an artifact
+cp ./target/indexer-gcp-1.0.0.jar $STAGE_DIR
+
+echo "Staging deployment artifacts to folder: $STAGE_DIR"
+cp ./src/main/appengine/app.yaml $STAGE_DIR
+
+# set current directory back to build repo root
+cd $BUILD_REPOSITORY_LOCALPATH
+
+# Zip integration tests and upload it as artifact
+pushd testing
+zip -r testing.zip *
+cp testing.zip $STAGE_DIR
+popd
+
--- a/provider/indexer-gcp/src/main/java/org/opengroup/osdu/indexer/security/GSuiteSecurityConfig.java
+++ b/provider/indexer-gcp/src/main/java/org/opengroup/osdu/indexer/security/GSuiteSecurityConfig.java
+package org.opengroup.osdu.indexer.security;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
+public class GSuiteSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+
+        http.httpBasic().disable()
+                .csrf().disable();  //disable default authN. AuthN handled by endpoints proxy
+
+    }
+
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        web.ignoring().antMatchers("/api-docs")
+                .antMatchers("/swagger");
+    }
+
+}