Merge branch 'dev' into deshruch

.gitlab-ci.yml

@@ -4,14 +4,17 @@ variables:
   OSDU_GCP_VENDOR: gcp
   OSDU_GCP_SERVICE: notification
   OSDU_GCP_REGISTER_BASE_URL: https://os-register-attcrcktoa-uc.a.run.app/api/register/v1
-  OSDU_GCP_ENV_VARS: APP_PROJECT=$OSDU_GCP_PROJECT,APP_ENTITLEMENTS=$OSDU_GCP_ENTITLEMENTS_URL,APP_REGISTER=$OSDU_GCP_REGISTER_BASE_URL,APP_GOOGLEAUDIENCE=$GOOGLE_AUDIENCE
+  OSDU_GCP_ENV_VARS: APP_PROJECT=$OSDU_GCP_PROJECT,APP_ENTITLEMENTS=$OSDU_GCP_ENTITLEMENTS_V2_URL,APP_REGISTER=$OSDU_GCP_REGISTER_BASE_URL,APP_GOOGLEAUDIENCE=$GOOGLE_AUDIENCE,PARTITION_API=$OSDU_GCP_PARTITION_API,GOOGLE_AUDIENCES=$GOOGLE_AUDIENCE
   OSDU_GCP_ENVIRONMENT: dev_gke
   OSDU_GCP_LOG_LEVEL: INFO
+  OSDU_GCP_HELM_PACKAGE_CHARTS: "devops/gcp/deploy devops/gcp/configmap"
 
   AWS_BUILD_SUBDIR: provider/notification-aws/build-aws
   AWS_TEST_SUBDIR: testing/notification-test-aws
   AWS_SERVICE: notification
   AWS_ENVIRONMENT: dev
+  AWS_DEPLOY_TARGET: EKS
+  AWS_EKS_DEPLOYMENT_NAME: os-notification
 
   AZURE_SERVICE: notification
   AZURE_BUILD_SUBDIR: provider/notification-azure

devops/azure/chart/helm-config.yaml

@@ -17,6 +17,8 @@ global:
 
   # Service(s) Replica Count
   replicaCount: 1
+  nodepool: services
+  isAutoscalingEnabled: false
 
 ################################################################################
 # Specify the Gitlab branch being used for image creation
@@ -26,3 +28,5 @@ image:
   repository: #{container-registry}#.azurecr.io
   branch: #{ENVIRONMENT_NAME}#
   tag: #{Build.SourceVersion}#
+
+istioDnsHost: #{ISTIO_DNS_HOST}#
\ No newline at end of file

devops/azure/chart/templates/authSB.yaml

+# Source: istio/templates/notification.yaml
+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+  name: notification-sb-jwt-authz
+  namespace: osdu
+spec:
+  selector:
+    matchLabels:
+      app: notification-sb
+  action: DENY
+  rules:
+    - from:
+        - source:
+            notRequestPrincipals: ["*"]
+      to:
+        - operation:
+            notPaths: ["/","*/swagger-resources","*/swagger",
+                       "/api/notification/v1/swagger-resources/*","*/swagger-ui.html","*/actuator/health"]
\ No newline at end of file

devops/azure/chart/templates/deployment.yaml

@@ -28,6 +28,10 @@ spec:
         app: {{ .Chart.Name }}
         aadpodidbinding: osdu-identity
     spec:
+{{- if .Values.global.isAutoscalingEnabled }}
+      nodeSelector:
+        nodepool: {{ .Values.global.nodepool }}
+{{- end }}
       volumes:
         - name: azure-keyvault
           csi:
@@ -58,6 +62,8 @@ spec:
               value: /api/notification/v1
             - name: server_port
               value: "80"
+            - name: notification_spring_logging_level
+              value: INFO
             - name: KEYVAULT_URI
               valueFrom:
                 configMapKeyRef:
@@ -77,9 +83,27 @@ spec:
               value: osdu-db
             - name: entitlements_service_endpoint
               value: http://entitlements/api/entitlements/v2
+            - name: entitlements_service_api_key
+              value: "OBSOLETE"
             - name: registeration_service_endpoint
               value: http://register/api/register/v1
             - name: partition_service_endpoint
               value: http://partition/api/partition/v1
             - name: maxCacheSize
-              value:  "20"
\ No newline at end of file
+              value:  "20"
+            - name: max_concurrent_calls
+              value: "3"
+            - name: executor_n_threads
+              value: "32"
+            - name: max_lock_renew_duration_seconds
+              value: "2000"
+            - name: initial_subscription_manager_delay_seconds
+              value: "0"
+            - name: consecutive_subscription_manager_delay_seconds
+              value: "1800"
+            - name: service_bus_enabled
+              value: "false"
+            - name: event_grid_to_service_bus_enabled
+              value: "false"
+            - name: event_grid_enabled
+              value: "true"
\ No newline at end of file

devops/azure/chart/templates/deploymentSB.yaml

+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-sb
+  namespace: osdu
+spec:
+  replicas: {{ .Values.global.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ .Chart.Name }}-sb
+  template:
+    metadata:
+      labels:
+        app: {{ .Chart.Name }}-sb
+        aadpodidbinding: osdu-identity
+    spec:
+      volumes:
+        - name: azure-keyvault
+          csi:
+            driver: secrets-store.csi.k8s.io
+            readOnly: true
+            volumeAttributes:
+              secretProviderClass: azure-keyvault
+      containers:
+        - name: {{ .Chart.Name }}-sb
+          image: {{ .Values.image.repository }}/{{ .Chart.Name }}-{{ .Values.image.branch }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 81
+          readinessProbe:
+            httpGet:
+              path: /api/notification/v1/swagger-ui.html
+              port: 81
+          volumeMounts:
+            - name: azure-keyvault
+              mountPath: "/mnt/azure-keyvault"
+              readOnly: true
+          env:
+            - name: spring_application_name
+              value: notification-sb-azure
+            - name: LOG_PREFIX
+              value: "notification-sb"
+            - name: server.servlet.contextPath
+              value: /api/notification/v1
+            - name: server_port
+              value: "81"
+            - name: notification_spring_logging_level
+              value: INFO
+            - name: KEYVAULT_URI
+              valueFrom:
+                configMapKeyRef:
+                  name: osdu-svc-properties
+                  key: ENV_KEYVAULT
+            - name: aad_client_id
+              valueFrom:
+                secretKeyRef:
+                  name: active-directory
+                  key: application-appid
+            - name: appinsights_key
+              valueFrom:
+                secretKeyRef:
+                  name: central-logging
+                  key: appinsights
+            - name: cosmosdb_database
+              value: osdu-db
+            - name: entitlements_service_endpoint
+              value: http://entitlements/api/entitlements/v2
+            - name: entitlements_service_api_key
+              value: "OBSOLETE"
+            - name: registeration_service_endpoint
+              value: http://register/api/register/v1
+            - name: partition_service_endpoint
+              value: http://partition/api/partition/v1
+            - name: maxCacheSize
+              value:  "20"
+            - name: max_concurrent_calls
+              value: "3"
+            - name: executor_n_threads
+              value: "32"
+            - name: max_lock_renew_duration_seconds
+              value: "500"
+            - name: initial_subscription_manager_delay_seconds
+              value: "0"
+            - name: consecutive_subscription_manager_delay_seconds
+              value: "600"
+            - name: service_bus_enabled
+              value: "true"
+            - name: event_grid_to_service_bus_enabled
+              value: "false"
+            - name: event_grid_enabled
+              value: "false"
\ No newline at end of file

devops/azure/chart/templates/serviceSB.yaml

+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Chart.Name }}-sb
+  namespace: osdu
+spec:
+  type: ClusterIP
+  ports:
+    - protocol: TCP
+      port: 81
+      targetPort: 81
+  selector:
+    app: {{ .Chart.Name }}-sb
\ No newline at end of file

devops/azure/chart/templates/virtual-service.yaml

+---
+# Source: /devops/azure/chart/templates/virtual-service.yaml
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+  name: {{ .Chart.Name }}
+  namespace: osdu
+spec:
+  hosts:
+  - "{{ .Values.istioDnsHost }}"
+  gateways:
+  - istio-gateway
+  http:  
+  - match:
+    - uri:
+        prefix: "/api/{{ .Chart.Name }}/v1"
+    route:
+    - destination:
+        host: {{ .Chart.Name }}
+        port:
+          number: 80
+    corsPolicy:
+      maxAge: "60m"
+      allowCredentials: true
+      allowHeaders:
+      - Authorization
+      - Data-Partition-Id
+      - Correlation-Id
+      - Content-Type
+      allowMethods:
+      - POST
+      - GET
+      - PUT
+      - PATCH
+      - DELETE
+      allowOrigins:
+      - prefix: "*" 
\ No newline at end of file

devops/azure/chart/values.yaml

@@ -14,8 +14,12 @@
 
 global:
   replicaCount: 1
+  nodepool: services
+  isAutoscalingEnabled: false
 
 image:
   repository: community.opengroup.org:5555/osdu/platform/system/notification
   branch: master
-  tag: latest
\ No newline at end of file
+  tag: latest
+
+istioDnsHost: ""
\ No newline at end of file

devops/azure/development-pipeline.yml

@@ -57,8 +57,8 @@ stages:
     parameters:
       mavenGoal: 'package'
       mavenPublishJUnitResults: true
-      serviceCoreMavenOptions: '-P notification-core --settings .mvn/community-maven.settings.xml'
-      mavenOptions: '-P notification-azure --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
+      serviceCoreMavenOptions: '-pl notification-core --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
+      mavenOptions: '-pl provider/notification-azure --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
       copyFileContents: |
         pom.xml
         provider/notification-azure/maven/settings.xml

devops/azure/pipeline.yml

@@ -57,8 +57,9 @@ stages:
     parameters:
       mavenGoal: 'package'
       mavenPublishJUnitResults: true
-      serviceCoreMavenOptions: '-P notification-core --settings .mvn/community-maven.settings.xml'
-      mavenOptions: '-P notification-azure --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
+      serviceCoreMavenOptions: '-pl notification-core --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
+      mavenOptions: '-pl provider/notification-azure --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
+
       copyFileContents: |
         pom.xml
         provider/notification-azure/maven/settings.xml

devops/gcp/configmap/Chart.yaml

+apiVersion: v2
+name: gcp-notification-configmap
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"

devops/gcp/configmap/templates/notification-configmap.yaml

+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    app: "{{ .Values.conf.app_name }}"
+  name: "{{ .Values.conf.configmap }}"
+  namespace: "{{ .Release.Namespace }}"
+data:
+  LOG_LEVEL: "{{ .Values.data.log_level }}"
+  APP_PROJECT: "{{ .Values.data.app_project }}"
+  APP_ENTITLEMENTS: "{{ .Values.data.app_entitlements }}"
+  APP_REGISTER: "{{ .Values.data.app_register }}"
+  APP_GOOGLEAUDIENCE: "{{ .Values.data.app_googleaudience }}"
+  PARTITION_API: "{{ .Values.data.partition_api }}"
+  GOOGLE_AUDIENCES: "{{ .Values.data.google_audiences }}"

devops/gcp/configmap/values.yaml

+data:
+  log_level: "INFO"
+  app_project: ""
+  app_entitlements: "http://entitlements/api/entitlements/v2/"
+  app_register: "http://register/api/register/v1"
+  app_googleaudience: ""
+  partition_api: "http://partition/api/partition/v1/"
+  google_audiences: ""
+conf:
+  configmap: "notification-config"
+  app_name: "notification"

devops/gcp/deploy/Chart.yaml

+apiVersion: v2
+name: gcp-notification-deploy
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"

devops/gcp/deploy/templates/deployment.yaml

+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: "{{ .Values.conf.app_name }}"
+  name: "{{ .Values.conf.app_name }}"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  selector:
+    matchLabels:
+      app: "{{ .Values.conf.app_name }}"
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: "{{ .Values.conf.app_name }}"
+      annotations:
+        rollme: {{ randAlphaNum 5 | quote }}
+    spec:
+      containers:
+        - name: "{{ .Values.conf.app_name }}"
+          image: "{{ .Values.data.image }}"
+          envFrom:
+          - configMapRef:
+              name: "{{ .Values.conf.configmap }}"
+          securityContext:
+            allowPrivilegeEscalation: false
+            runAsUser: 0
+          ports:
+            - containerPort: 8080
+          resources:
+            requests:
+              cpu: "{{ .Values.data.requests_cpu }}"
+              memory: "{{ .Values.data.requests_memory }}"
+            limits:
+              cpu: "{{ .Values.data.limits_cpu }}"
+              memory: "{{ .Values.data.limits_memory }}"
+      serviceAccountName: "{{ .Values.data.serviceAccountName }}"

devops/gcp/deploy/templates/service.yaml

+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{ .Values.conf.app_name }}"
+  annotations:
+    cloud.google.com/neg: '{"ingress": true}'
+  namespace: "{{ .Release.Namespace }}"
+  labels:
+    app: "{{ .Values.conf.app_name }}"
+    service: "{{ .Values.conf.app_name }}"
+spec:
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+      name: http
+  selector:
+    app: "{{ .Values.conf.app_name }}"

devops/gcp/deploy/templates/virtual-service.yaml

+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+  name: "{{ .Values.conf.app_name }}"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  hosts:
+    - "*"
+  gateways:
+    - service-gateway
+  http:
+    - match:
+        - uri:
+            prefix: "/api/notification"
+      route:
+        - destination:
+            port:
+              number: 80
+            host: "{{ .Values.conf.app_name }}.{{ .Release.Namespace }}.svc.cluster.local"

devops/gcp/deploy/values.yaml

+data:
+  requests_cpu: "0.25"
+  requests_memory: "256M"
+  limits_cpu: "1"
+  limits_memory: "1G"
+  serviceAccountName: ""
+  image: ""
+
+conf:
+  configmap: "notification-config"
+  app_name: "notification"

docs/api/notification_openapi.yaml

@@ -12,6 +12,8 @@ info:
 tags:
   - name: pubsub-endpoint
     description: Pubsub Endpoint
+  - name: info
+    description: Version info endpoint
 paths:
   /push-handlers/records-changed:
     post:
@@ -45,6 +47,21 @@ paths:
       security:
         - JWT:
             - global
+  /info:
+    get:
+      tags:
+        - info
+      summary: "Version info"
+      description: "For deployment available public `/info` endpoint, \
+            \ which provides build and git related information."
+      operationId: "Version info"
+      produces:
+        - "application/json"
+      responses:
+        200:
+          description: "Version info."
+          schema:
+            $ref: "#/components/schemas/VersionInfo"
 servers:
   - url: https://evq.csp.osdu.com/api/notification/v1
     description: EVT
@@ -66,4 +83,44 @@ components:
           type: string
         statusCodeValue:
           type: integer
-          format: int32
\ No newline at end of file
+          format: int32
+    VersionInfo:
+      type: "object"
+      properties:
+        groupId:
+          type: "string"
+          description: "Maven artifact group ID."
+        actifactId:
+          type: "string"
+          description: "Maven artifact ID."
+        version:
+          type: "string"
+          description: "Maven artifact version"
+        buildTime:
+          type: "string"
+          description: "Maven artifact build time"
+        branch:
+          type: "string"
+          description: "Current git branch"
+        commitId:
+          type: "string"
+          description: "Latest commit hash"
+        commitMessage:
+          type: "string"
+          description: "Latest commit message"
+        connectedOuterServices:
+          type: "array"
+          description: "Connected outer services information"
+          items:
+            $ref: "#/components/schemas/ConnectedOuterService"
+      description: "Version info."
+    ConnectedOuterService:
+      type: "object"
+      properties:
+        name:
+          type: "string"
+          description: "Connected outer service name."
+        version:
+          type: "string"
+          description: "Connected outer service version."
+      description: "Connected outer service information."
\ No newline at end of file