README.md

Running Locally - Azure

Requirements

In order to run this service locally, you will need the following:

• Maven 3.6.0+

General Tips

Environment Variable Management The following tools make environment variable configuration simpler

• direnv - for a shell/terminal environment
• EnvFile - for Intellij IDEA

Lombok This project uses Lombok for code generation. You may need to configure your IDE to take advantage of this tool.

• Intellij configuration
• VSCode configuration

Environment Variables

In order to run the service locally, you will need to have the following environment variables defined.

Note The following command can be useful to pull secrets from keyvault:

az keyvault secret show --vault-name $KEY_VAULT_NAME --name $KEY_VAULT_SECRET_NAME --query value -otsv

Required to run service

name	value	description	sensitive?	source
AZURE_TENANT_ID	********	AD tenant to authenticate users from	yes	keyvault secret: $KEYVAULT_URI/secrets/app-dev-sp-tenant-id
AZURE_CLIENT_ID	********	Identity to run the service locally. This enables access to Azure resources. You only need this if running locally	yes	keyvault secret: $KEYVAULT_URI/secrets/app-dev-sp-username
AZURE_CLIENT_SECRET	********	Secret for $AZURE_CLIENT_ID	yes	keyvault secret: $KEYVAULT_URI/secrets/app-dev-sp-password
KEYVAULT_URI	(non-secret)	KeyVault URI	no	variable AZURE_KEYVAULT_URI from GitLab variable group Azure Target Env - {{env}}
azure.activedirectory.app-resource-id	********	AAD client application ID	yes	output of infrastructure deployment
azure.activedirectory.client-id	********	AAD client application ID	yes	keyvault secret: $KEYVAULT_URI/secrets/aad-client-id
azure.activedirectory.AppIdUri	api://${azure.activedirectory.client-id}	URI for AAD Application	no	--
azure.activedirectory.session-stateless	true	Flag run in stateless mode (needed by AAD dependency)	no	--
appinsights_key	********	Application Insights Instrumentation Key, required to hook AppInsights with Partition application	yes	keyvault secret: $KEYVAULT_URI/secrets/appinsights-key
cache.provider	(non-secret)	Cache to be used (can use vm for local testing)	no	-
redis.ssl.enabled	(non-secret)	true if connecting to redis cache with SSL enabled, false otherwise	no	-

Required to run integration tests

name	value	description	sensitive?	source
PARTITION_BASE_URL	ex http://localhost:8080/	The host where the service is running. NO CONTEXT!	no	--
ENVIRONMENT	ex LOCAL	The environment name	no	LOCAL/HOSTED
MY_TENANT	ex opendes	OSDU tenant used for testing	no	--
CLIENT_TENANT	ex common	Client tenant used for testing	no	--
DEFAULT_PARTITION	ex opendes	Default Tenant Name used bypasses Data Preperation and Teardown of tests	no	--
AZURE_AD_TENANT_ID	********	AD tenant to authenticate users from	yes	--
INTEGRATION_TESTER	********	System identity to assume for API calls. Note: this user must have entitlements configured already	no	--
AZURE_TESTER_SERVICEPRINCIPAL_SECRET	********	Secret for $INTEGRATION_TESTER	yes	--
AZURE_AD_APP_RESOURCE_ID	********	AAD client application ID	yes	output of infrastructure deployment
AZURE_AD_OTHER_APP_RESOURCE_ID	********	AAD client application ID for another application	yes	--
NO_DATA_ACCESS_TESTER	********	Service principal ID of a service principal without entitlements	yes	aad-no-data-access-tester-client-id secret from keyvault
NO_DATA_ACCESS_TESTER_SERVICEPRINCIPAL_SECRET	********	Secret for $NO_DATA_ACCESS_TESTER	yes	aad-no-data-access-tester-secret secret from keyvault

Configure Maven

Check that maven is installed:

$ mvn --version
Apache Maven 3.6.0
Maven home: /usr/share/maven
Java version: 1.8.0_212, vendor: AdoptOpenJDK, runtime: /usr/lib/jvm/jdk8u212-b04/jre
...