Commit 62a10fc6 authored by Nikhil Singh[MicroSoft]'s avatar Nikhil Singh[MicroSoft]
Browse files

Merge branch 'master'

parents f7b5c7b7 338d1865
Pipeline #64236 failed with stages
in 22 minutes and 57 seconds
......@@ -111,17 +111,17 @@ The following software have components provided under the terms of this license:
- Jackson 2 extensions to the Google HTTP Client Library for Java. (from https://repo1.maven.org/maven2/com/google/http-client/google-http-client-jackson2)
- Jackson dataformat: CBOR (from http://github.com/FasterXML/jackson-dataformats-binary)
- Jackson datatype: JSR310 (from http://wiki.fasterxml.com/JacksonModuleJSR310)
- Jackson datatype: Joda (from https://github.com/FasterXML/jackson-datatype-joda)
- Jackson datatype: jdk8 (from https://repo1.maven.org/maven2/com/fasterxml/jackson/datatype/jackson-datatype-jdk8)
- Jackson extensions to the Google HTTP Client Library for Java. (from https://repo1.maven.org/maven2/com/google/http-client/google-http-client-jackson)
- Jackson module: Afterburner (from https://github.com/FasterXML/jackson-modules-base)
- Jackson module: Old JAXB Annotations (javax.xml.bind) (from https://github.com/FasterXML/jackson-modules-base)
- Jackson module: JAXB-annotations (from http://github.com/FasterXML/jackson-module-jaxb-annotations)
- Jackson-annotations (from http://github.com/FasterXML/jackson)
- Jackson-core (from https://github.com/FasterXML/jackson-core)
- Jackson-core (from https://github.com/FasterXML/jackson-core)
- Jackson-dataformat-Smile (from http://wiki.fasterxml.com/JacksonForSmile)
- Jackson-dataformat-XML (from https://github.com/FasterXML/jackson-dataformat-xml)
- Jackson-dataformat-XML (from http://wiki.fasterxml.com/JacksonExtensionXmlDataBinding)
- Jackson-dataformat-YAML (from https://github.com/FasterXML/jackson-dataformats-text)
- Jackson-datatype-JODA (from http://wiki.fasterxml.com/JacksonModuleJoda)
- Jackson-module-parameter-names (from https://repo1.maven.org/maven2/com/fasterxml/jackson/module/jackson-module-parameter-names)
- Jakarta Bean Validation API (from https://beanvalidation.org)
- Jakarta Expression Language Implementation (from https://projects.eclipse.org/projects/ee4j.el)
......@@ -150,8 +150,8 @@ The following software have components provided under the terms of this license:
- Lucene Grouping (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-grouping)
- Lucene Highlighter (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-highlighter)
- Lucene Join (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-join)
- Lucene Memory (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-backward-codecs)
- Lucene Memory (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-memory)
- Lucene Memory (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-backward-codecs)
- Lucene Miscellaneous (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-misc)
- Lucene Queries (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-queries)
- Lucene QueryParsers (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-queryparser)
......@@ -198,10 +198,11 @@ The following software have components provided under the terms of this license:
- Nimbus JOSE+JWT (from https://bitbucket.org/connect2id/nimbus-jose-jwt)
- Nimbus LangTag (from https://bitbucket.org/connect2id/nimbus-language-tags)
- Nimbus LangTag (from https://bitbucket.org/connect2id/nimbus-language-tags)
- Non-Blocking Reactive Foundation for the JVM (from https://github.com/reactor/reactor-core)
- Non-Blocking Reactive Foundation for the JVM (from https://github.com/reactor/reactor)
- OAuth 2.0 SDK with OpenID Connect extensions (from https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)
- OAuth 2.0 SDK with OpenID Connect extensions (from https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)
- Objenesis (from http://objenesis.org)
- OkHttp Logging Interceptor (from https://repo1.maven.org/maven2/com/squareup/okhttp3/logging-interceptor)
- Okio (from https://github.com/square/okio/)
- Okio (from https://github.com/square/okio/)
- OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
......@@ -222,10 +223,7 @@ The following software have components provided under the terms of this license:
- SnakeYAML (from http://www.snakeyaml.org)
- Spring AOP (from https://github.com/spring-projects/spring-framework)
- Spring Beans (from https://github.com/spring-projects/spring-framework)
- Spring Boot Log4j 2 Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Tomcat Starter (from https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-starters/spring-boot-starter-tomcat)
- Spring Boot Undertow Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Undertow Starter (from http://projects.spring.io/spring-boot/)
- Spring Commons Logging Bridge (from https://github.com/spring-projects/spring-framework)
- Spring Context (from https://github.com/spring-projects/spring-framework)
- Spring Core (from https://github.com/spring-projects/spring-framework)
......@@ -255,9 +253,9 @@ The following software have components provided under the terms of this license:
- XNIO API (from http://www.jboss.org/xnio)
- XNIO NIO Implementation (from https://repo1.maven.org/maven2/org/jboss/xnio/xnio-nio)
- XNIO NIO Implementation (from https://repo1.maven.org/maven2/org/jboss/xnio/xnio-nio)
- Zipkin Core Library (from https://repo1.maven.org/maven2/io/zipkin/zipkin2/zipkin)
- Zipkin Reporter Brave (from https://repo1.maven.org/maven2/io/zipkin/reporter2/zipkin-reporter-brave)
- Zipkin Reporter: Core (from https://repo1.maven.org/maven2/io/zipkin/reporter2/zipkin-reporter)
- Zipkin v2 (from https://repo1.maven.org/maven2/io/zipkin/zipkin2/zipkin)
- aalto-xml (from )
- aggs-matrix-stats (from https://github.com/elastic/elasticsearch)
- asm (from http://asm.ow2.io/)
......@@ -265,6 +263,7 @@ The following software have components provided under the terms of this license:
- com.google.api.grpc:proto-google-cloud-datastore-v1 (from https://github.com/googleapis/googleapis)
- compiler (from http://github.com/spullara/mustache.java)
- core (from https://github.com/elastic/elasticsearch)
- core (from https://github.com/elastic/elasticsearch)
- datastore-v1-proto-client (from https://repo1.maven.org/maven2/com/google/cloud/datastore/datastore-v1-proto-client)
- error-prone annotations (from https://repo1.maven.org/maven2/com/google/errorprone/error_prone_annotations)
- error-prone annotations (from https://repo1.maven.org/maven2/com/google/errorprone/error_prone_annotations)
......@@ -296,7 +295,6 @@ The following software have components provided under the terms of this license:
- jose4j (from https://bitbucket.org/b_c/jose4j/)
- lang-mustache (from https://github.com/elastic/elasticsearch)
- lettuce (from http://github.com/mp911de/lettuce/wiki)
- logging-interceptor (from https://github.com/square/okhttp)
- micrometer-core (from https://github.com/micrometer-metrics/micrometer)
- micrometer-registry-azure-monitor (from https://github.com/micrometer-metrics/micrometer)
- mockito-core (from https://github.com/mockito/mockito)
......@@ -322,18 +320,17 @@ The following software have components provided under the terms of this license:
- proto-google-iam-v1 (from https://github.com/googleapis/java-iam/proto-google-iam-v1)
- rank-eval (from https://github.com/elastic/elasticsearch)
- resilience4j (from https://resilience4j.readme.io)
- resilience4j (from https://github.com/resilience4j/resilience4j)
- resilience4j (from https://resilience4j.readme.io)
- resilience4j (from https://resilience4j.readme.io)
- resilience4j (from https://resilience4j.readme.io)
- resilience4j (from https://resilience4j.readme.io)
- resilience4j (from https://github.com/resilience4j/resilience4j)
- resilience4j (from https://resilience4j.readme.io)
- resilience4j (from https://github.com/resilience4j/resilience4j)
- rest (from https://github.com/elastic/elasticsearch)
- rest-high-level (from https://github.com/elastic/elasticsearch)
- rxjava (from https://github.com/ReactiveX/RxJava)
- secure-sm (from https://github.com/elastic/elasticsearch)
- server (from https://github.com/elastic/elasticsearch)
- spring-boot (from https://spring.io/projects/spring-boot)
- spring-boot-actuator (from https://spring.io/projects/spring-boot)
- spring-boot-actuator-autoconfigure (from https://spring.io/projects/spring-boot)
......@@ -343,10 +340,13 @@ The following software have components provided under the terms of this license:
- spring-boot-starter-actuator (from https://spring.io/projects/spring-boot)
- spring-boot-starter-aop (from https://spring.io/projects/spring-boot)
- spring-boot-starter-json (from https://spring.io/projects/spring-boot)
- spring-boot-starter-log4j2 (from https://spring.io/projects/spring-boot)
- spring-boot-starter-logging (from https://spring.io/projects/spring-boot)
- spring-boot-starter-reactor-netty (from https://spring.io/projects/spring-boot)
- spring-boot-starter-security (from https://spring.io/projects/spring-boot)
- spring-boot-starter-test (from https://spring.io/projects/spring-boot)
- spring-boot-starter-undertow (from https://spring.io/projects/spring-boot)
- spring-boot-starter-undertow (from https://spring.io/projects/spring-boot)
- spring-boot-starter-validation (from https://spring.io/projects/spring-boot)
- spring-boot-starter-validation (from https://spring.io/projects/spring-boot)
- spring-boot-starter-web (from https://spring.io/projects/spring-boot)
......@@ -354,14 +354,14 @@ The following software have components provided under the terms of this license:
- spring-boot-starter-webflux (from https://spring.io/projects/spring-boot)
- spring-boot-test (from https://spring.io/projects/spring-boot)
- spring-boot-test-autoconfigure (from https://spring.io/projects/spring-boot)
- spring-security-config (from http://spring.io/spring-security)
- spring-security-config (from http://spring.io/spring-security)
- spring-security-core (from http://spring.io/spring-security)
- spring-security-oauth2-core (from http://spring.io/spring-security)
- spring-security-oauth2-jose (from http://spring.io/spring-security)
- spring-security-oauth2-resource-server (from http://spring.io/spring-security)
- spring-security-web (from http://spring.io/spring-security)
- spring-security-web (from http://spring.io/spring-security)
- spring-security-config (from https://spring.io/spring-security)
- spring-security-config (from https://spring.io/spring-security)
- spring-security-core (from https://spring.io/spring-security)
- spring-security-oauth2-core (from https://spring.io/spring-security)
- spring-security-oauth2-jose (from https://spring.io/spring-security)
- spring-security-oauth2-resource-server (from https://spring.io/spring-security)
- spring-security-web (from https://spring.io/spring-security)
- spring-security-web (from https://spring.io/spring-security)
- springfox-core (from https://github.com/springfox/springfox)
- springfox-schema (from https://github.com/springfox/springfox)
- springfox-spi (from https://github.com/springfox/springfox)
......@@ -374,7 +374,7 @@ The following software have components provided under the terms of this license:
- swagger-models (from https://repo1.maven.org/maven2/io/swagger/swagger-models)
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-el (from https://tomcat.apache.org/)
- tomcat-embed-websocket (from https://tomcat.apache.org/)
- tomcat-embed-websocket (from http://tomcat.apache.org/)
- wildfly-common (from )
- x-content (from https://github.com/elastic/elasticsearch)
......@@ -389,7 +389,7 @@ The following software have components provided under the terms of this license:
- GAX (Google Api eXtensions) for Java (from https://github.com/googleapis/gax-java)
- Lucene Common Analyzers (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-analyzers-common)
- Lucene Core (from https://repo1.maven.org/maven2/org/apache/lucene/lucene-core)
- Reflections (from http://github.com/ronmamo/reflections)
- Reflections (from http://code.google.com/p/reflections/)
- Stax2 API (from http://github.com/FasterXML/stax2-api)
- ThreeTen backport (from https://www.threeten.org/threetenbp)
......@@ -418,7 +418,7 @@ The following software have components provided under the terms of this license:
- Protocol Buffers [Core] (from https://repo1.maven.org/maven2/com/google/protobuf/protobuf-java)
- Protocol Buffers [Core] (from https://repo1.maven.org/maven2/com/google/protobuf/protobuf-java)
- Protocol Buffers [Util] (from https://repo1.maven.org/maven2/com/google/protobuf/protobuf-java-util)
- Reflections (from http://github.com/ronmamo/reflections)
- Reflections (from http://code.google.com/p/reflections/)
- SnakeYAML (from http://www.snakeyaml.org)
- Spring Core (from https://github.com/spring-projects/spring-framework)
- ThreeTen backport (from https://www.threeten.org/threetenbp)
......@@ -705,7 +705,7 @@ The following software have components provided under the terms of this license:
- mockito-junit-jupiter (from https://github.com/mockito/mockito)
- msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
- msal4j-persistence-extension (from https://github.com/AzureAD/microsoft-authentication-extensions-for-java)
- spring-security-core (from http://spring.io/spring-security)
- spring-security-core (from https://spring.io/spring-security)
========================================================================
MPL-1.1
......@@ -760,7 +760,7 @@ WTFPL
========================================================================
The following software have components provided under the terms of this license:
- Reflections (from http://github.com/ronmamo/reflections)
- Reflections (from http://code.google.com/p/reflections/)
========================================================================
X11
......
# Source: istio/templates/notification.yaml
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
name: notification-sb-jwt-authz
namespace: osdu
spec:
selector:
matchLabels:
app: notification-sb
action: DENY
rules:
- from:
- source:
notRequestPrincipals: ["*"]
to:
- operation:
notPaths: ["/","*/swagger-resources","*/swagger",
"/api/notification/v1/swagger-resources/*","*/swagger-ui.html","*/actuator/health"]
\ No newline at end of file
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-sb
namespace: osdu
spec:
replicas: {{ .Values.global.replicaCount }}
selector:
matchLabels:
app: {{ .Chart.Name }}-sb
template:
metadata:
labels:
app: {{ .Chart.Name }}-sb
aadpodidbinding: osdu-identity
spec:
volumes:
- name: azure-keyvault
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: azure-keyvault
containers:
- name: {{ .Chart.Name }}-sb
image: {{ .Values.image.repository }}/{{ .Chart.Name }}-{{ .Values.image.branch }}:{{ .Values.image.tag | default .Chart.AppVersion }}
imagePullPolicy: Always
ports:
- containerPort: 81
readinessProbe:
httpGet:
path: /api/notification/v1/swagger-ui.html
port: 81
volumeMounts:
- name: azure-keyvault
mountPath: "/mnt/azure-keyvault"
readOnly: true
env:
- name: spring_application_name
value: notification-sb-azure
- name: LOG_PREFIX
value: "notification-sb"
- name: server.servlet.contextPath
value: /api/notification/v1
- name: server_port
value: "81"
- name: notification_spring_logging_level
value: INFO
- name: KEYVAULT_URI
valueFrom:
configMapKeyRef:
name: osdu-svc-properties
key: ENV_KEYVAULT
- name: aad_client_id
valueFrom:
secretKeyRef:
name: active-directory
key: application-appid
- name: appinsights_key
valueFrom:
secretKeyRef:
name: central-logging
key: appinsights
- name: cosmosdb_database
value: osdu-db
- name: entitlements_service_endpoint
value: http://entitlements/api/entitlements/v2
- name: entitlements_service_api_key
value: "OBSOLETE"
- name: registeration_service_endpoint
value: http://register/api/register/v1
- name: partition_service_endpoint
value: http://partition/api/partition/v1
- name: maxCacheSize
value: "20"
- name: max_concurrent_calls
value: "3"
- name: executor_n_threads
value: "32"
- name: max_lock_renew_duration_seconds
value: "500"
- name: initial_subscription_manager_delay_seconds
value: "0"
- name: consecutive_subscription_manager_delay_seconds
value: "600"
- name: service_bus_enabled
value: "true"
- name: event_grid_to_service_bus_enabled
value: "false"
- name: event_grid_enabled
value: "false"
\ No newline at end of file
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Service
metadata:
name: {{ .Chart.Name }}-sb
namespace: osdu
spec:
type: ClusterIP
ports:
- protocol: TCP
port: 81
targetPort: 81
selector:
app: {{ .Chart.Name }}-sb
\ No newline at end of file
......@@ -19,7 +19,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-core</artifactId>
<version>0.11.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-core</name>
<description>Core module for the notification service</description>
<packaging>jar</packaging>
......@@ -27,7 +27,7 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.11.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
......
......@@ -18,7 +18,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.11.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<description>Root Notification Service project</description>
<properties>
......
......@@ -19,7 +19,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-aws</artifactId>
<version>0.11.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-aws</name>
<description>AWS implementation for Notification service</description>
<packaging>jar</packaging>
......@@ -27,7 +27,7 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.11.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
......@@ -55,7 +55,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-core</artifactId>
<version>0.11.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
</dependency>
<dependency>
......
## Introduction
The document talks about the plan to move from Event Grid to Service Bus. The major consumer of the same iss
Notification Service. As Notification Service is consumed by external customers, so a clean migration path is needed.
## Goals
The Migration must happen respecting the following
1. No re-registration
2. Zero downtime.
3. No notification loss.
#### Prerequisites
1. Please verify that the topic you want to use exists. If not,
follow [this](https://community.opengroup.org/osdu/platform/system/notification/-/blob/master/provider/notification-azure/PLAYBOOK_FOR_TOPIC_CREATION.md)
guide to create one.
2. Install
the [latest version](https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell?view=powershell-7.1)
of PowerShell available for your operating system.
## How to do the migration
Migration is something which must be performed by SRE. The flags must be switched in a sequence.The flags are controlled
by deployment.yaml for the service. Following are the steps needed for successful migration.
1. Have 2 deployment of Notification Service running before migration:
1. Deployment 1,having event_grid_enabled.
2. Deployment 2,having service_bus_enabled.The consecutive_subscription_manager_delay_seconds should not be set much
higher as it will pile up alot of SB messages because of the longer time of listening new subscribers on the fly.
**The number of pods for both the deployments should be managed as per the load during migration**
2. Get list of subscriptions per partition and prepare migrationConfig.json [Manual-from azure portal]:
3. Complete powershell Az module installation and Azure login by running script
- [migrationSetup.ps1](https://community.opengroup.org/osdu/platform/system/notification/-/blob/master/provider/notification-azure/src/main/resources/migrationSetup.ps1)
.
**Note:The Azure Az PowerShell module works with PowerShell 7.x and later on all platforms.To check your PowerShell
version, run the following command from within a PowerShell session:$PSVersionTable.PSVersion**
4. Create the subscribers on Service Bus with the same notification id as in CosmosDB by providing migrationConfig.json
to the
script-[migrationToServiceBus.ps1](https://community.opengroup.org/osdu/platform/system/notification/-/blob/master/provider/notification-azure/src/main/resources/migrationToServiceBus.ps1)
. All the subscriptions from one Event grid topic will be moved to service bus topic for one execution of above
mentioned script.We need to rerun script for multiple topic across multiple partitions.
5. Turn on **Service bus flags** and turn off **Event Grid flags** in Producer Services. For example Storage service
publishes to Service bus and Event grid both as of now. During migration,while we are moving to Service bus
completely we have to stop publishing to Event Grid as a part of migration, so we can eventually disable it and move
to Service Bus completely.Same applies to other producer services like -Legal, Schema
etc. [Manual- Configuring deployment.yaml for Legal, Schema, Storage Services]
6. Wait for Event Grid subscribers to drain.[Manual-from azure portal]
**Note: If there are delivery failures,then retry can occur after a longer duration,EG should be kept enabled for
sufficiently long time**
7. Turn on **Service bus flags** in Register Service.[Manual]
8. Event Grid Subscriber clean up.[Manual-from azure portal]
The 3rd and 4th steps would be performed by the scripts in the order given below :
** Powershell must be elevated to admin.**
1. [migrationSetup.ps1](https://community.opengroup.org/osdu/platform/system/notification/-/blob/master/provider/notification-azure/src/main/resources/migrationSetup.ps1)
2. [migrationToServiceBus.ps1](https://community.opengroup.org/osdu/platform/system/notification/-/blob/master/provider/notification-azure/src/main/resources/migrationToServiceBus.ps1)
## List of Feature Flags to be used from deployment.yaml of respective services
1. Notification Service
1. service_bus_enabled
2. event_grid_enabled
2. Register Service
1. azure_serviceBus_enabled
2. azure_eventGrid_enabled
3. Producer Services
1. Storage Service : azure_publishToEventGrid
2. Legal Service : azure.publishToEventGrid
3. Schema Service : event_grid_enabled
## Post Migration Plan
1. Redeploy Notification Service to have only 1 deployment with service_bus_enabled set to true and event_grid_enabled
set to false.The number of pods can be managed as per the load
## Note
There would be duplication of notifications that accounts for the time when producer services will be publishing to both
Service bus and Event grid at any time during migration.For example Storage service by default publish to both.We have
to use Publish flags carefully to avoid duplication
\ No newline at end of file
......@@ -18,7 +18,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>notification-azure</artifactId>
<version>0.11.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-azure</name>
<description>Azure implementation for Notification service</description>
<packaging>jar</packaging>
......@@ -26,7 +26,7 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.11.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
......@@ -35,7 +35,7 @@
<maven.compiler.target>${java.version}</maven.compiler.target>
<maven.compiler.source>${java.version}</maven.compiler.source>
<jacoco-maven-plugin.version>0.8.2</jacoco-maven-plugin.version>
<osdu.notification-core.version>0.11.0-SNAPSHOT</osdu.notification-core.version>
<osdu.notification-core.version>0.12.0-SNAPSHOT</osdu.notification-core.version>
<springframework.version>4.3.0.RELEASE</springframework.version>
<reactor.netty.version>0.11.0.RELEASE</reactor.netty.version>
<reactor.core.version>3.3.0.RELEASE</reactor.core.version>
......
......@@ -14,82 +14,19 @@
package org.opengroup.osdu.notification.provider.azure.util;
import com.auth0.jwt.JWT;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;
import com.microsoft.aad.adal4j.ClientCredential;
import org.apache.http.HttpStatus;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.model.search.IdToken;
import org.opengroup.osdu.core.common.provider.interfaces.IJwtCache;
import org.opengroup.osdu.azure.util.AzureServicePrincipleTokenService;
import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.net.MalformedURLException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
@Component
public class ServiceAccountJwtAzureClientImpl implements IServiceAccountJwtClient {
@Autowired
private AppProperties config;
@Autowired
private IJwtCache tenantJwtCache;
public String getIdToken(String tenantName) {
String ACCESS_TOKEN = "";
ExecutorService service = null;
try {
// TODO : Refactor to move ID token form Common.Core.model.search to Common.core
IdToken cachedToken = (IdToken) this.tenantJwtCache.get(tenantName);
if ((cachedToken != null) && !IdToken.refreshToken(cachedToken)) {
return "Bearer " + cachedToken.getTokenValue();
}
// TODO : Control the thread count via config and pool should be created once.
service = Executors.newFixedThreadPool(1);
ACCESS_TOKEN = getAccessToken(service);
IdToken idToken = IdToken.builder().tokenValue(ACCESS_TOKEN).expirationTimeMillis(JWT.decode(ACCESS_TOKEN).getExpiresAt().getTime()).build();
this.tenantJwtCache.put(tenantName, idToken);
} finally {
if(service != null) {
service.shutdown();
}
}
return "Bearer " + ACCESS_TOKEN;
}
// TODO : Refactor for making it test-able.
// THIS METHOD IS PUBLIC ONLY TO ENABLE UNIT TESTING
public String getAccessToken(ExecutorService service) {
AuthenticationContext context = null;
ClientCredential credential = null;
String ACCESS_TOKEN = null;
try {
context = new AuthenticationContext(this.config.getAuthURL(), false, service);
credential = new ClientCredential(this.config.getAuthClientID(), this.config.getAuthClientSecret());
Future<AuthenticationResult> future = context.acquireToken(this.config.getAadClientID(), credential, null);
private AzureServicePrincipleTokenService tokenService;
if (future == null) {
throw new AppException(HttpStatus.SC_FORBIDDEN, "Token not generated", "The user is not authorized to obtain Token From AAD");
}
ACCESS_TOKEN = future.get().getAccessToken();
} catch (MalformedURLException malformedURLException) {
malformedURLException.printStackTrace();
} catch (InterruptedException e) {
e.printStackTrace();
} catch (ExecutionException e) {
e.printStackTrace();
}
return ACCESS_TOKEN;
@Override
public String getIdToken(String partitionId){
return "Bearer " + this.tokenService.getAuthorizationToken();
}
}