Commit b714d954 authored by Aliaksei Darafeyeu's avatar Aliaksei Darafeyeu
Browse files

adds multi-partition support

parent 0c87c5c0
......@@ -90,9 +90,13 @@ spec:
key: appinsights
- name: cosmosdb_database
value: osdu-db
- name: ACCEPT_HTTP # TEMPORARY UNTIL HTTPS
value: "true"
- name: azure_activedirectory_AppIdUri
value: "api://$(aad_client_id)"
- name: ENTITLEMENTS_API
value: http://entitlements-azure/entitlements/v1
- name: RECORDS_CHANGE_PUBSUB_ENDPOINT
value: https://haaggarw-eventgrid-viewer.azurewebsites.net/api/updates
- name: ACCEPT_HTTP # TEMPORARY UNTIL HTTPS
value: "true"
\ No newline at end of file
- name: partition_service_endpoint
value: http://partition/api/partition/v1
\ No newline at end of file
......@@ -54,7 +54,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>0.3.6</version>
<version>0.3.12</version>
</dependency>
</dependencies>
</dependencyManagement>
......
......@@ -55,6 +55,8 @@ In order to run the service locally, you will need to have the following environ
| `server_port` | ex `8082` | Port the service will run on | no | -- |
| `RECORDS_CHANGE_PUBSUB_ENDPOINT` | ex `https://notification.azurewebsites.net/api/notification/v1/push-handler/records-changed` | This will be the notification service endpoint where record changed events will be pushed | no | -- |
| `ACCEPT_HTTP` | ex `true/false` | to Enable/disable http requests | no | -- |
| `partition_service_endpoint` | ex `https://foo-partition.azurewebsites.net` | Partition Service API endpoint | no | output of infrastructure deployment |
| `azure.activedirectory.app-resource-id` | `********` | AAD client application ID | yes | output of infrastructure deployment |
**Required to run integration tests**
......
......@@ -29,21 +29,19 @@
<packaging>jar</packaging>
<version>1.0.0-SNAPSHOT</version>
<properties>
<azure.appservice.resourcegroup></azure.appservice.resourcegroup>
<azure.appservice.plan></azure.appservice.plan>
<azure.appservice.appname></azure.appservice.appname>
<azure.appservice.subscription></azure.appservice.subscription>
<azure.keyvault.keys.version>4.2.3</azure.keyvault.keys.version>
<azure.evengrid.version>1.0.0-beta-3</azure.evengrid.version>
<osdu.corelibazure.version>0.0.48</osdu.corelibazure.version>
<osdu.oscorecommon.version>0.3.16</osdu.oscorecommon.version>
<osdu.register-core.version>1.0.0</osdu.register-core.version>
<osdu.corelibazure.version>0.0.50</osdu.corelibazure.version>
<osdu.oscorecommon.version>0.3.16</osdu.oscorecommon.version>
<azure.version>1.21.0</azure.version>
<azure-security-keyvault-keys.version>4.1.4</azure-security-keyvault-keys.version>
<azure-mgmt-eventgrid.version>1.0.0-beta-3</azure-mgmt-eventgrid.version>
<junit-jupiter.version>5.6.0</junit-jupiter.version>
<mockito-junit-jupiter.version>2.23.0</mockito-junit-jupiter.version>
</properties>
<dependencyManagement>
<dependencies>
<!-- Inherit managed dependencies from core-lib-azure. -->
<!-- Inherit managed dependencies from core-lib-azure -->
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-azure</artifactId>
......@@ -55,20 +53,50 @@
</dependencyManagement>
<dependencies>
<!-- OSDU Dependencies -->
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-azure</artifactId>
<version>${osdu.corelibazure.version}</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>register-core</artifactId>
<version>${osdu.register-core.version}</version>
</dependency>
<!-- Azure Dependencies -->
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-active-directory-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>com.microsoft.azure.eventgrid.v2020_04_01_preview</groupId>
<artifactId>azure-mgmt-eventgrid</artifactId>
<version>${azure-mgmt-eventgrid.version}</version>
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-security-keyvault-keys</artifactId>
<version>${azure.keyvault.keys.version}</version>
<version>${azure-security-keyvault-keys.version}</version>
</dependency>
<dependency>
<groupId>com.microsoft.azure.eventgrid.v2020_04_01_preview</groupId>
<artifactId>azure-mgmt-eventgrid</artifactId>
<version>${azure.evengrid.version}</version>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure</artifactId>
<version>${azure.version}</version>
<exclusions>
<exclusion>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-client-authentication</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Spring Dependencies -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
......@@ -101,25 +129,12 @@
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-azure</artifactId>
<version>${osdu.corelibazure.version}</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>${osdu.oscorecommon.version}</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>register-core</artifactId>
<version>${osdu.register-core.version}</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
<!-- Test Dependencies -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
......@@ -134,6 +149,7 @@
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-junit-jupiter</artifactId>
<version>${mockito-junit-jupiter.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
......
......@@ -14,9 +14,15 @@
package org.opengroup.osdu.register.provider.azure.di;
import java.util.HashMap;
import javax.inject.Named;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import com.azure.core.credential.TokenCredential;
import com.azure.cosmos.CosmosClient;
import com.azure.cosmos.CosmosClientBuilder;
import com.azure.identity.DefaultAzureCredentialBuilder;
import com.azure.security.keyvault.keys.cryptography.CryptographyClient;
import com.azure.security.keyvault.keys.cryptography.CryptographyClientBuilder;
......@@ -27,146 +33,116 @@ import com.microsoft.azure.credentials.ApplicationTokenCredentials;
import com.microsoft.azure.credentials.AzureTokenCredentials;
import com.microsoft.azure.management.eventgrid.v2020_04_01_preview.implementation.EventGridManager;
import com.microsoft.rest.LogLevel;
import lombok.Getter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.inject.Named;
import java.util.HashMap;
import lombok.Getter;
@Configuration
@Getter
public class AzureBootstrapConfig {
@Value("${azure.keyvault.url}")
private String keyVaultURL;
@Value("${azure.cosmosdb.database}")
private String cosmosDBName;
@Value("${azure.clientId}")
private String azureClientId;
@Value("${azure.clientSecret}")
private String azureClientSecret;
@Value("${azure.tenantId}")
private String azureTenantId;
@Value("${azure.appResourceId}")
private String AzureAppResourceId;
private String keyIdentifier;
private String azureSubscriptionId;
private String resourceGroupName;
private String eventGridTopicName;
@Bean
@Named("KEY_VAULT_URL")
public String keyVaultURL() {
return keyVaultURL;
@Value("${azure.keyvault.url}")
private String keyVaultURL;
@Value("${azure.cosmosdb.database}")
private String cosmosDBName;
@Value("${azure.clientId}")
private String azureClientId;
@Value("${azure.clientSecret}")
private String azureClientSecret;
@Value("${azure.tenantId}")
private String azureTenantId;
@Value("${azure.appResourceId}")
private String AzureAppResourceId;
private String keyIdentifier;
private String azureSubscriptionId;
private String resourceGroupName;
private String eventGridTopicName;
@Bean
@Named("KEY_VAULT_URL")
public String keyVaultURL() {
return keyVaultURL;
}
@Bean
@Named("COSMOS_DB_NAME")
public String cosmosDBName() {
return cosmosDBName;
}
private void setEventGridTopicName(SecretClient kv) {
eventGridTopicName = getKeyVaultSecret(kv, "opendes-eventgrid-recordstopic").split("\\.")[0]
.replace("https://", "");
}
private void setResourceGroupName(SecretClient kv) {
resourceGroupName = getKeyVaultSecret(kv, "opendes-eventgrid-resourcegroup");
}
private void setAzureSubscriptionId(SecretClient kv) {
azureSubscriptionId = getKeyVaultSecret(kv, "subscription-id");
}
private void setKeyIdentifier(SecretClient kv) {
keyIdentifier = getKeyVaultSecret(kv, "opendes-encryption-key-identifier");
}
@Bean
public CryptographyClient getCryptographyClient(SecretClient kv) {
setKeyIdentifier(kv);
setAzureSubscriptionId(kv);
TokenCredential credential = new DefaultAzureCredentialBuilder().build();
return new CryptographyClientBuilder()
.keyIdentifier(keyIdentifier)
.credential(credential)
.buildClient();
}
@Bean
public EventGridManager eventGridManager(SecretClient kv) {
setResourceGroupName(kv);
setAzureSubscriptionId(kv);
setEventGridTopicName(kv);
AzureTokenCredentials azureTokenCredentials = getAzureTokenCredentials();
return EventGridManager
.configure()
.withLogLevel(LogLevel.BASIC)
.authenticate(azureTokenCredentials, azureTokenCredentials.defaultSubscriptionId());
}
private AzureTokenCredentials getAzureTokenCredentials() {
AzureEnvironment azureEnvironment = new AzureEnvironment(new HashMap<>());
azureEnvironment.endpoints().putAll(AzureEnvironment.AZURE.endpoints());
return new ApplicationTokenCredentials(
azureClientId,
azureTenantId,
azureClientSecret,
azureEnvironment).withDefaultSubscriptionId(azureSubscriptionId);
}
String getKeyVaultSecret(SecretClient kv, String secretName) {
KeyVaultSecret secret = kv.getSecret(secretName);
if (secret == null) {
throw new IllegalStateException(String.format("No secret found with name %s", secretName));
}
@Bean
@Named("COSMOS_DB_NAME")
public String cosmosDBName() {
return cosmosDBName;
String secretValue = secret.getValue();
if (secretValue == null) {
throw new IllegalStateException(String.format(
"Secret unexpectedly missing from KeyVault response for secret with name %s", secretName));
}
private void setEventGridTopicName(SecretClient kv) {
eventGridTopicName = getKeyVaultSecret(kv, "opendes-eventgrid-recordstopic").split("\\.")[0].replace("https://", "");
}
private void setResourceGroupName(SecretClient kv) {
resourceGroupName = getKeyVaultSecret(kv, "opendes-eventgrid-resourcegroup");
}
private void setAzureSubscriptionId(SecretClient kv) {
azureSubscriptionId = getKeyVaultSecret(kv, "subscription-id");
}
private void setKeyIdentifier(SecretClient kv) {
keyIdentifier = getKeyVaultSecret(kv, "opendes-encryption-key-identifier");
}
@Bean
@Named("COSMOS_ENDPOINT")
public String cosmosEndpoint(SecretClient kv) {
return getKeyVaultSecret(kv, "opendes-cosmos-endpoint");
}
@Bean
@Named("COSMOS_KEY")
public String cosmosKey(SecretClient kv) {
return getKeyVaultSecret(kv, "opendes-cosmos-primary-key");
}
@Bean
public CryptographyClient getCryptographyClient(SecretClient kv) {
setKeyIdentifier(kv);
setAzureSubscriptionId(kv);
TokenCredential credential = new DefaultAzureCredentialBuilder().build();
return new CryptographyClientBuilder()
.keyIdentifier(keyIdentifier)
.credential(credential)
.buildClient();
}
@Bean
public EventGridManager eventGridManager(SecretClient kv) {
setResourceGroupName(kv);
setAzureSubscriptionId(kv);
setEventGridTopicName(kv);
AzureTokenCredentials azureTokenCredentials = getAzureTokenCredentials();
return EventGridManager
.configure()
.withLogLevel(LogLevel.BASIC)
.authenticate(azureTokenCredentials, azureTokenCredentials.defaultSubscriptionId());
}
private AzureTokenCredentials getAzureTokenCredentials() {
AzureEnvironment azureEnvironment = new AzureEnvironment(new HashMap<>());
azureEnvironment.endpoints().putAll(AzureEnvironment.AZURE.endpoints());
return new ApplicationTokenCredentials(
azureClientId,
azureTenantId,
azureClientSecret,
azureEnvironment).withDefaultSubscriptionId(azureSubscriptionId);
}
String getKeyVaultSecret(SecretClient kv, String secretName) {
KeyVaultSecret secret = kv.getSecret(secretName);
if (secret == null) {
throw new IllegalStateException(String.format("No secret found with name %s", secretName));
}
String secretValue = secret.getValue();
if (secretValue == null) {
throw new IllegalStateException(String.format(
"Secret unexpectedly missing from KeyVault response for secret with name %s", secretName));
}
return secretValue;
}
@Autowired
@Named("COSMOS_ENDPOINT")
String cosmosEndpoint;
@Autowired
@Named("COSMOS_KEY")
String cosmosPrimaryKey;
@Bean
public CosmosClient buildCosmosClient(SecretClient kv) {
return new CosmosClientBuilder().endpoint(cosmosEndpoint).key(cosmosPrimaryKey).buildClient();
}
return secretValue;
}
}
\ No newline at end of file
package org.opengroup.osdu.register.provider.azure.di;
import com.azure.cosmos.CosmosClient;
import org.opengroup.osdu.azure.cosmosdb.ICosmosClientFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Component;
@Component
@Primary
public class SinglePartitionCosmosClientFactory implements ICosmosClientFactory {
@Autowired
CosmosClient cosmosClient;
@Override
public CosmosClient getClient(final String s) {
return cosmosClient;
}
}
......@@ -13,46 +13,55 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
LOG_PREFIX=register
server.servlet.contextPath=/api/register/v1
# Application name
spring.application.name=${spring_application_name}
server.servlet.contextPath=${server.servlet.contextPath}
service.domain.name=${service_domain_name}
# Logging configuration
LOG_PREFIX=${LOG_PREFIX}
logging.transaction.enabled=true
logging.slf4jlogger.enabled=true
logging.mdccontext.enabled=true
ENTITLEMENTS_API=${ENTITLEMENTS_API}
PARTITION_API=${partition_service_endpoint}
RECORDS_CHANGE_PUBSUB_ENDPOINT=${RECORDS_CHANGE_PUBSUB_ENDPOINT}
# Partition Service configuration
azure.activedirectory.app-resource-id=${aad_client_id}
# Azure AD configuration
azure.clientId=${AZURE_CLIENT_ID}
azure.clientSecret=${AZURE_CLIENT_SECRET}
azure.tenantId=${AZURE_TENANT_ID}
azure.appResourceId=${aad_client_id}
# Azure CosmosDB configuration
azure.cosmosdb.database=${cosmosdb_database}
# Azure KeyVault configuration
azure.keyvault.url=${KEYVAULT_URI}
# Azure App Insights configuration
azure.application-insights.instrumentation-key=${appinsights_key}
# Application name
spring.application.name=register-azure
# Azure CosmosDB configuration
azure.cosmosdb.database=${cosmosdb_database}
# Cosmosdb container name
registerAction.container.name=RegisterAction
registerDdms.container.name=RegisterDdms
registerSubscription.container.name=RegisterSubscription
#logging configuration
logging.transaction.enabled=true
logging.slf4jlogger.enabled=true
logging.mdccontext.enabled=true
# TenantFactory configuration
tenantFactoryImpl.required=true
# Health checks
management.health.defaults.enabled=false
management.health.azure-key-vault.enabled=false
#
INTEGRATION_TEST_AUDIENCES=
CRON_JOB_EXPECTED_IP=0:0:0:0:0:0:0:1
SUBSCRIBER_PRIVATE_KEY_ID=
ENVIRONMENT=LOCAL
SUBSCRIBER_SECRET=395f1b05e95171d7c0dde0b19fd6cf
management.health.defaults.enabled=false
management.health.azure-key-vault.enabled=false
azure.activedirectory.app-resource-id=${aad_client_id}
\ No newline at end of file
SUBSCRIBER_SECRET=395f1b05e95171d7c0dde0b19fd6cf
\ No newline at end of file
......@@ -48,21 +48,4 @@ public class AzureBootstrapConfigTest {
assertEquals("Secret unexpectedly missing from KeyVault response for secret with name secret-name", exception.getMessage());
}
@Test
public void configReturnsCorrectSecretCosmosKey() {
doReturn("opendes-cosmos-key-secret").when(secret).getValue();
doReturn(secret).when(kv).getSecret("opendes-cosmos-primary-key");
String secretValue = bootstrapConfig.cosmosKey(kv);
assertEquals( "opendes-cosmos-key-secret", secretValue);
}
@Test
public void configReturnsCorrectSecretCosmosEndpoint() {
doReturn("opendes-cosmos-endpoint-secret").when(secret).getValue();
doReturn(secret).when(kv).getSecret("opendes-cosmos-endpoint");
String secretValue = bootstrapConfig.cosmosEndpoint(kv);
assertEquals( "opendes-cosmos-endpoint-secret", secretValue);
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment