Commit d7584c79 authored by Nikhil Singh[MicroSoft]'s avatar Nikhil Singh[MicroSoft]
Browse files

merge master

parents deb152ff b0d1d49a
Pipeline #63101 failed with stages
in 22 minutes and 30 seconds
......@@ -12,6 +12,8 @@ variables:
AWS_TEST_SUBDIR: testing/notification-test-aws
AWS_SERVICE: notification
AWS_ENVIRONMENT: dev
AWS_DEPLOY_TARGET: EKS
AWS_EKS_DEPLOYMENT_NAME: os-notification
AZURE_SERVICE: notification
AZURE_BUILD_SUBDIR: provider/notification-azure
......
......@@ -17,6 +17,8 @@ global:
# Service(s) Replica Count
replicaCount: 1
nodepool: services
isAutoscalingEnabled: false
################################################################################
# Specify the Gitlab branch being used for image creation
......
......@@ -28,6 +28,10 @@ spec:
app: {{ .Chart.Name }}
aadpodidbinding: osdu-identity
spec:
{{- if .Values.global.isAutoscalingEnabled }}
nodeSelector:
nodepool: {{ .Values.global.nodepool }}
{{- end }}
volumes:
- name: azure-keyvault
csi:
......
......@@ -14,8 +14,10 @@
global:
replicaCount: 1
nodepool: services
isAutoscalingEnabled: false
image:
repository: community.opengroup.org:5555/osdu/platform/system/notification
branch: master
tag: latest
\ No newline at end of file
tag: latest
......@@ -19,7 +19,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-core</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-core</name>
<description>Core module for the notification service</description>
<packaging>jar</packaging>
......@@ -27,7 +27,7 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
......
......@@ -18,14 +18,14 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<description>Root Notification Service project</description>
<properties>
<java.version>8</java.version>
<maven.compiler.target>${java.version}</maven.compiler.target>
<maven.compiler.source>${java.version}</maven.compiler.source>
<os-core-common.version>0.11.0-SNAPSHOT</os-core-common.version>
<os-core-common.version>0.11.0</os-core-common.version>
</properties>
<licenses>
......
......@@ -21,6 +21,11 @@ env:
secrets-manager:
DOCKER_USERNAME: /osdu/devops/docker_credentials:username
DOCKER_PASSWORD: /osdu/devops/docker_credentials:password
SONAR_USERNAME: /osdu/devops/sonar_credentials:username
SONAR_PASSWORD: /osdu/devops/sonar_credentials:password
parameter-store:
SONAR_URL: /osdu/devops/sonar_url
phases:
install:
......@@ -58,7 +63,7 @@ phases:
- printenv
- echo "Building primary service assemblies..."
- mvn -ntp -B test install -pl notification-core,provider/notification-aws -Ddeployment.environment=prod
- mvn -ntp -B test install sonar:sonar -pl .,notification-core,provider/notification-aws -Ddeployment.environment=prod -Dsonar.login=${SONAR_USERNAME} -Dsonar.password=${SONAR_PASSWORD} -Dsonar.branch.name=${BRANCH_NAME}
- echo "Building integration testing assemblies and gathering artifacts..."
- ./testing/notification-test-aws/build-aws/prepare-dist.sh
......@@ -78,6 +83,9 @@ phases:
python provider/notification-aws/build-aws/build-info.py --branch ${CODEBUILD_SOURCE_VERSION} --commit ${CODEBUILD_RESOLVED_SOURCE_VERSION} \
--buildid ${CODEBUILD_BUILD_ID} --buildnumber ${CODEBUILD_BUILD_NUMBER} --reponame ${REPO_NAME} --outdir ${OUTPUT_DIR} \
--artifact ${ECR_IMAGE}
post_build:
commands:
- cp provider/notification-aws/target/dependency-check-report.html ${OUTPUT_DIR}
reports:
SurefireReports: # CodeBuild will create a report group called "SurefireReports".
files: #Store all of the files
......
......@@ -54,6 +54,17 @@ limitations under the License.
<azure.devops.token>no-default</azure.devops.token>
</properties>
</profile>
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<sonar.host.url>
${env.SONAR_URL}
</sonar.host.url>
</properties>
</profile>
</profiles>
<servers>
......
......@@ -19,7 +19,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-aws</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-aws</name>
<description>AWS implementation for Notification service</description>
<packaging>jar</packaging>
......@@ -27,7 +27,7 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
......@@ -42,7 +42,7 @@
<dependency>
<groupId>org.opengroup.osdu.core.aws</groupId>
<artifactId>os-core-lib-aws</artifactId>
<version>0.10.0</version>
<version>0.11.0</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-secretsmanager -->
......@@ -55,7 +55,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-core</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
</dependency>
<dependency>
......@@ -116,6 +116,18 @@
<failOnMissingWebXml>false</failOnMissingWebXml>
</configuration>
</plugin>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>6.2.2</version>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
......@@ -19,7 +19,7 @@ server.port=${APPLICATION_PORT:8080}
AUTHORIZE_API=${ENTITLEMENTS_BASE_URL}/api/entitlements/v2
PARTITION_API=${ENTITLEMENTS_BASE_URL}/api/partition/v1
REGISTER_SERVICE_URL=${ENTITLEMENTS_BASE_URL}/api/register/v1
REGISTER_SERVICE_URL=${REGISTER_BASE_URL}/api/register/v1
aws.ssm=${SSM_ENABLED:True}
aws.environment=${RESOURCE_PREFIX}
......
......@@ -18,7 +18,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>notification-azure</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-azure</name>
<description>Azure implementation for Notification service</description>
<packaging>jar</packaging>
......@@ -26,7 +26,7 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
......@@ -35,11 +35,11 @@
<maven.compiler.target>${java.version}</maven.compiler.target>
<maven.compiler.source>${java.version}</maven.compiler.source>
<jacoco-maven-plugin.version>0.8.2</jacoco-maven-plugin.version>
<osdu.notification-core.version>0.10.0-SNAPSHOT</osdu.notification-core.version>
<osdu.notification-core.version>0.12.0-SNAPSHOT</osdu.notification-core.version>
<springframework.version>4.3.0.RELEASE</springframework.version>
<reactor.netty.version>0.10.0.RELEASE</reactor.netty.version>
<reactor.netty.version>0.11.0.RELEASE</reactor.netty.version>
<reactor.core.version>3.3.0.RELEASE</reactor.core.version>
<osdu.corelibazure.version>0.11.0-rc3</osdu.corelibazure.version>
<osdu.corelibazure.version>0.11.0</osdu.corelibazure.version>
<junit.version>5.6.0</junit.version>
<jjwt.version>3.8.1</jjwt.version>
<mockito.version>2.23.0</mockito.version>
......
......@@ -14,82 +14,19 @@
package org.opengroup.osdu.notification.provider.azure.util;
import com.auth0.jwt.JWT;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;
import com.microsoft.aad.adal4j.ClientCredential;
import org.apache.http.HttpStatus;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.model.search.IdToken;
import org.opengroup.osdu.core.common.provider.interfaces.IJwtCache;
import org.opengroup.osdu.azure.util.AzureServicePrincipleTokenService;
import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.net.MalformedURLException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
@Component
public class ServiceAccountJwtAzureClientImpl implements IServiceAccountJwtClient {
@Autowired
private AppProperties config;
@Autowired
private IJwtCache tenantJwtCache;
public String getIdToken(String tenantName) {
String ACCESS_TOKEN = "";
ExecutorService service = null;
try {
// TODO : Refactor to move ID token form Common.Core.model.search to Common.core
IdToken cachedToken = (IdToken) this.tenantJwtCache.get(tenantName);
if ((cachedToken != null) && !IdToken.refreshToken(cachedToken)) {
return "Bearer " + cachedToken.getTokenValue();
}
// TODO : Control the thread count via config and pool should be created once.
service = Executors.newFixedThreadPool(1);
ACCESS_TOKEN = getAccessToken(service);
IdToken idToken = IdToken.builder().tokenValue(ACCESS_TOKEN).expirationTimeMillis(JWT.decode(ACCESS_TOKEN).getExpiresAt().getTime()).build();
this.tenantJwtCache.put(tenantName, idToken);
} finally {
if(service != null) {
service.shutdown();
}
}
return "Bearer " + ACCESS_TOKEN;
}
// TODO : Refactor for making it test-able.
// THIS METHOD IS PUBLIC ONLY TO ENABLE UNIT TESTING
public String getAccessToken(ExecutorService service) {
AuthenticationContext context = null;
ClientCredential credential = null;
String ACCESS_TOKEN = null;
try {
context = new AuthenticationContext(this.config.getAuthURL(), false, service);
credential = new ClientCredential(this.config.getAuthClientID(), this.config.getAuthClientSecret());
Future<AuthenticationResult> future = context.acquireToken(this.config.getAadClientID(), credential, null);
private AzureServicePrincipleTokenService tokenService;
if (future == null) {
throw new AppException(HttpStatus.SC_FORBIDDEN, "Token not generated", "The user is not authorized to obtain Token From AAD");
}
ACCESS_TOKEN = future.get().getAccessToken();
} catch (MalformedURLException malformedURLException) {
malformedURLException.printStackTrace();
} catch (InterruptedException e) {
e.printStackTrace();
} catch (ExecutionException e) {
e.printStackTrace();
}
return ACCESS_TOKEN;
@Override
public String getIdToken(String partitionId){
return "Bearer " + this.tokenService.getAuthorizationToken();
}
}
......@@ -14,104 +14,56 @@
package org.opengroup.osdu.notification.util;
import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Spy;
import org.mockito.junit.MockitoJUnitRunner;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.mockito.junit.jupiter.MockitoExtension;
import org.omg.CORBA.portable.ApplicationException;
import org.opengroup.osdu.azure.util.AzureServicePrincipleTokenService;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.model.search.IdToken;
import org.opengroup.osdu.notification.provider.azure.cache.JwtCache;
import org.opengroup.osdu.notification.provider.azure.util.AppProperties;
import org.opengroup.osdu.notification.provider.azure.util.ServiceAccountJwtAzureClientImpl;
import java.util.concurrent.ExecutorService;
import java.io.UnsupportedEncodingException;
import static org.junit.Assert.fail;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.when;
import static org.mockito.MockitoAnnotations.initMocks;
import static org.junit.jupiter.api.Assertions.*;
import static org.mockito.Mockito.*;
import static org.mockito.Mockito.times;
@RunWith(MockitoJUnitRunner.class)
@ExtendWith(MockitoExtension.class)
public class ServiceAccountClientImplTest {
final String tenantName = "Test Tenant";
final String validToken = "validToken";
@Mock
private IdToken idToken;
@Mock
private ExecutorService executorService;
@Mock
private AppProperties appProperties;
@Mock
private JwtCache tenantJwtCacheMock;
@Mock
private JaxRsDpsLog logger;
private static final String tenantId = "tenantId";
private static final String token = "jwt-token";
@InjectMocks
@Spy
private ServiceAccountJwtAzureClientImpl sut;
private ServiceAccountJwtAzureClientImpl serviceAccountJwtAzureClient;
@Before
public void setup() {
initMocks(this);
idToken = IdToken.builder().tokenValue(validToken).expirationTimeMillis(System.currentTimeMillis() + 10000000L).build();
}
@Mock
private AzureServicePrincipleTokenService azureServicePrincipleTokenService;
@Test
public void should_getTokenFromCache_getIdTokenTest() {
// SetUp
when(tenantJwtCacheMock.get(any())).thenReturn(idToken);
String expectedToken = "Bearer " +idToken.getTokenValue();
public void shouldSuccessfullyGenerateToken() throws UnsupportedEncodingException, ApplicationException {
// Act
String returnedIdToken = sut.getIdToken(tenantName);
when(azureServicePrincipleTokenService.getAuthorizationToken()).thenReturn(token);
// Assert
Assert.assertEquals(expectedToken, returnedIdToken);
String result = serviceAccountJwtAzureClient.getIdToken(tenantId);
assertEquals("Bearer " + token, result);
verify(azureServicePrincipleTokenService, times(1)).getAuthorizationToken();
}
@Test
public void should_updateCache_getIdTokenTest() {
// Set up
when(tenantJwtCacheMock.get(any())).thenReturn(idToken);
String expectedToken = "Bearer " +idToken.getTokenValue();
public void shouldThrowAppException() throws UnsupportedEncodingException {
// Act
String returnedToken = this.sut.getIdToken(tenantName);
doThrow(AppException.class).when(azureServicePrincipleTokenService).getAuthorizationToken();
// Assert
Assert.assertEquals(expectedToken, returnedToken);
}
AppException exception = assertThrows(AppException.class, () -> {
serviceAccountJwtAzureClient.getIdToken(tenantId);
});
@Test
public void should_return403GivenInvalidApplicationProperties_getAccessToken() {
when(appProperties.getAuthURL()).thenReturn("https://login.microsoftonline.com/s/oauth2/token/");
when(appProperties.getAuthClientID()).thenReturn("testAuthClientID");
when(appProperties.getAuthClientSecret()).thenReturn("testAuthClientSecret");
when(appProperties.getAadClientID()).thenReturn("testAadClientID");
try {
// Act
sut.getAccessToken(executorService);
// Assert
fail("Should throw exception");
} catch (AppException appException) {
Assert.assertEquals(HttpStatus.SC_FORBIDDEN, appException.getError().getCode());
} catch (Exception e) {
fail("Should not throw this exception" + e.getMessage());
}
assertNotNull(exception);
verify(azureServicePrincipleTokenService, times(1)).getAuthorizationToken();
}
}
......@@ -136,7 +136,7 @@ After the service has started it should be accessible via a web browser by visit
| `ENVIRONMENT` | `dev` OR `local` OR `dev_gke`| Local for running locally with services url's predefined as http://localhost , Dev & Dev_Gke is configurable environment | no | - |
| `HMAC_SECRET` | ex`7a786376626e` | String in hex , must match pattern ^[a-zA-Z0-9]{8,30}+$ & be in register variable SUBSCRIBER_SECRET | yes | - |
| `REGISTER_BASE_URL` | `http://localhost:8081/api/register/v1` | Register service url | no | - |
| `NOTIFICATION_BASE_URL` | `http://localhost:8080/` | Notification service url | no | - |
| `NOTIFICATION_BASE_URL` | `http://localhost:8080/api/notification/v1/` | Notification service url | no | - |
| `INTEGRATION_TEST_AUDIENCE` | `********` | Client application ID | yes | https://console.cloud.google.com/apis/credentials |
| `CLIENT_TENANT` | ex `opendes` | Client tenant | no | - |
| `OSDU_TENANT` | ex `osdu` | Osdu tenant | no | - |
......
......@@ -18,7 +18,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-gcp</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-gcp</name>
<description>GCP implementation for Notification service</description>
<packaging>jar</packaging>
......@@ -26,7 +26,7 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
......@@ -44,13 +44,13 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-gcp</artifactId>
<version>0.10.0</version>
<version>0.11.0</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-core</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
</dependency>
<dependency>
......
......@@ -16,7 +16,7 @@
LOG_PREFIX=notification
logging.level.org.springframework.web=${LOG_LEVEL:DEBUG}
server.servlet.contextPath=/
server.servlet.contextPath=/api/notification/v1
app.expireTime=300
app.maxCacheSize=10
server.error.whitelabel.enabled=false
......
......@@ -16,7 +16,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-ibm</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-ibm</name>
<description>IBM implementation for Notification service</description>
<packaging>jar</packaging>
......@@ -24,7 +24,7 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
......@@ -50,7 +50,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-core</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
</dependency>
<!-- unit test dependencies -->
......
......@@ -21,13 +21,13 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification-testing</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-test-aws</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-test-aws</name>
<description>AWS Integration tests for Notification Service</description>
<packaging>jar</packaging>
......@@ -52,7 +52,7 @@
<dependency>
<groupId>org.opengroup.osdu.notification</groupId>
<artifactId>notification-test-core</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
......
......@@ -21,13 +21,13 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification-testing</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>notification-test-azure</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
<name>notification-test-azure</name>
<description>Integration tests Azure for notification</description>
<packaging>jar</packaging>
......@@ -42,7 +42,7 @@
<dependency>
<groupId>org.opengroup.osdu.notification</groupId>
<artifactId>notification-test-core</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>
</dependency>
<dependency>
......
......@@ -21,13 +21,13 @@
<parent>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-notification-testing</artifactId>
<version>0.10.0-SNAPSHOT</version>
<version>0.12.0-SNAPSHOT</version>