diff --git a/.github/workflows/db.dolly-backend.yml b/.github/workflows/db.dolly-backend.yml deleted file mode 100644 index 003585c5ccb..00000000000 --- a/.github/workflows/db.dolly-backend.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: db-dolly-backend - -on: - push: - paths: - - "apps/dolly-db/db.dolly-backend.yml" - - "apps/dolly-db/src/**" - - ".github/workflows/db.dolly-backend.yml" - -jobs: - workflow: - uses: ./.github/workflows/common.workflow.backend.yml - with: - working-directory: "apps/dolly-db" - nais-manifest: "db.dolly-backend.yml" - deploy-tag: "#db-dolly-backend" - sonar-enabled: false - permissions: - contents: read - id-token: write - secrets: inherit diff --git a/.github/workflows/db.organisasjon-forvalter.yml b/.github/workflows/db.organisasjon-forvalter.yml deleted file mode 100644 index 8e853d977f8..00000000000 --- a/.github/workflows/db.organisasjon-forvalter.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: db-organisasjon-forvalter - -on: - push: - paths: - - "apps/dolly-db/db.organisasjon.forvalter.yml" - - ".github/workflows/db.organisasjon-forvalter.yml" - -jobs: - workflow: - uses: ./.github/workflows/common.workflow.backend.yml - with: - working-directory: "apps/dolly-db" - nais-manifest: "db.organisasjon-forvalter.yml" - deploy-tag: "#db-organisasjon-forvalter" - sonar-enabled: false - permissions: - contents: read - id-token: write - secrets: inherit diff --git a/.github/workflows/db.pdl-forvalter.yml b/.github/workflows/db.pdl-forvalter.yml deleted file mode 100644 index fa822d8ed94..00000000000 --- a/.github/workflows/db.pdl-forvalter.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: db-pdl-forvalter - -on: - push: - paths: - - "apps/dolly-db/db.pdl-forvalter.yml" - - ".github/workflows/db.pdl-forvalter.yml" - -jobs: - workflow: - uses: ./.github/workflows/common.workflow.backend.yml - with: - working-directory: "apps/dolly-db" - nais-manifest: "db.pdl-forvalter.yml" - deploy-tag: "#db-pdl-forvalter" - sonar-enabled: false - permissions: - contents: read - id-token: write - secrets: inherit diff --git a/apps/dolly-backend/build.gradle b/apps/dolly-backend/build.gradle index cddbf3c06a9..dd6d924a330 100644 --- a/apps/dolly-backend/build.gradle +++ b/apps/dolly-backend/build.gradle @@ -10,6 +10,7 @@ sonarqube { } dependencies { + implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" implementation 'no.nav.testnav.libs:servlet-core' implementation 'no.nav.testnav.libs:servlet-security' diff --git a/apps/dolly-backend/src/main/resources/application-local.yaml b/apps/dolly-backend/src/main/resources/application-local.yaml index 9829cc39236..1ed3fff2282 100644 --- a/apps/dolly-backend/src/main/resources/application-local.yaml +++ b/apps/dolly-backend/src/main/resources/application-local.yaml @@ -1,9 +1,16 @@ spring: cache: type: none + cloud: + gcp: + secretmanager: + project-id: dolly-dev-ff83 + config: + import: "sm://" datasource: - url: jdbc:postgresql://localhost:5432/db-dolly-backend - username: ${NAV_USERNAME} + url: jdbc:postgresql://localhost:5432/testnav-dolly-backend-local + username: testnav-dolly-backend-local + password: ${sm://testnav-dolly-backend-local} management: endpoints: diff --git a/apps/dolly-backend/src/test/resources/application-test.yaml b/apps/dolly-backend/src/test/resources/application-test.yaml index 1d8cb420a44..08d2e05cd35 100644 --- a/apps/dolly-backend/src/test/resources/application-test.yaml +++ b/apps/dolly-backend/src/test/resources/application-test.yaml @@ -87,6 +87,9 @@ sts: spring: cloud: + gcp: + secretmanager: + enabled: false vault: enabled: false datasource: diff --git a/apps/dolly-db/.gitignore b/apps/dolly-db/.gitignore deleted file mode 100644 index c2065bc2620..00000000000 --- a/apps/dolly-db/.gitignore +++ /dev/null @@ -1,37 +0,0 @@ -HELP.md -.gradle -build/ -!gradle/wrapper/gradle-wrapper.jar -!**/src/main/**/build/ -!**/src/test/**/build/ - -### STS ### -.apt_generated -.classpath -.factorypath -.project -.settings -.springBeans -.sts4-cache -bin/ -!**/src/main/**/bin/ -!**/src/test/**/bin/ - -### IntelliJ IDEA ### -.idea -*.iws -*.iml -*.ipr -out/ -!**/src/main/**/out/ -!**/src/test/**/out/ - -### NetBeans ### -/nbproject/private/ -/nbbuild/ -/dist/ -/nbdist/ -/.nb-gradle/ - -### VS Code ### -.vscode/ diff --git a/apps/dolly-db/Dockerfile b/apps/dolly-db/Dockerfile deleted file mode 100644 index 8d5324bc770..00000000000 --- a/apps/dolly-db/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM ghcr.io/navikt/baseimages/temurin:21 -LABEL maintainer="Team Dolly" - -COPY build/libs/app.jar /app/app.jar - -EXPOSE 8080 \ No newline at end of file diff --git a/apps/dolly-db/README.md b/apps/dolly-db/README.md deleted file mode 100644 index 414bb76c8fa..00000000000 --- a/apps/dolly-db/README.md +++ /dev/null @@ -1,7 +0,0 @@ -A dummy application deployed as multiple NAIS apps in order to provide easy access to the NAIS managed databases. - -Originally contains one `RedirectToHealthController`, to provide NAIS with a minimum living application. - -No need to run `DatabaseApplication` locally, but in any case: -* Use Spring profile `local`, for human readable log output. -* Swagger at http://localhost:8080/swagger, such as it is. \ No newline at end of file diff --git a/apps/dolly-db/build.gradle b/apps/dolly-db/build.gradle deleted file mode 100644 index 6f44d7d085d..00000000000 --- a/apps/dolly-db/build.gradle +++ /dev/null @@ -1,10 +0,0 @@ -plugins { - id "dolly-apps" -} - -dependencies { - implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" - implementation "org.springframework.boot:spring-boot-starter-web" - - testImplementation "org.testcontainers:junit-jupiter" -} diff --git a/apps/dolly-db/db.dolly-backend.yml b/apps/dolly-db/db.dolly-backend.yml deleted file mode 100644 index 65adffc02c0..00000000000 --- a/apps/dolly-db/db.dolly-backend.yml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: "nais.io/v1alpha1" -kind: "Application" -metadata: - name: "db-dolly-backend" - namespace: "dolly" - labels: - "team": "dolly" -spec: - gcp: - sqlInstances: - - type: POSTGRES_15 - tier: db-custom-2-7680 - databases: - - name: db-dolly-backend - image: "{{image}}" - ingresses: - - "https://dolly-db.intern.dev.nav.no" - liveness: - path: "/internal/health/liveness" - observability: - autoInstrumentation: - enabled: true - runtime: java - prometheus: - enabled: true - path: "/internal/prometheus" - readiness: - path: "/internal/health/readiness" - replicas: - min: 1 - max: 1 \ No newline at end of file diff --git a/apps/dolly-db/db.organisasjon-forvalter.yml b/apps/dolly-db/db.organisasjon-forvalter.yml deleted file mode 100644 index dffa25b4976..00000000000 --- a/apps/dolly-db/db.organisasjon-forvalter.yml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: "nais.io/v1alpha1" -kind: "Application" -metadata: - name: "db-organisasjon-forvalter" - namespace: "dolly" - labels: - "team": "dolly" -spec: - gcp: - sqlInstances: - - type: POSTGRES_15 - tier: db-custom-1-3840 - databases: - - name: db-organisasjon-forvalter - image: "{{image}}" - liveness: - path: "/internal/health/liveness" - observability: - autoInstrumentation: - enabled: true - runtime: java - prometheus: - enabled: true - path: "/internal/prometheus" - readiness: - path: "/internal/health/readiness" - replicas: - min: 1 - max: 1 \ No newline at end of file diff --git a/apps/dolly-db/db.pdl-forvalter.yml b/apps/dolly-db/db.pdl-forvalter.yml deleted file mode 100644 index 15915ff3da9..00000000000 --- a/apps/dolly-db/db.pdl-forvalter.yml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: "nais.io/v1alpha1" -kind: "Application" -metadata: - name: "db-pdl-forvalter" - namespace: "dolly" - labels: - "team": "dolly" -spec: - gcp: - sqlInstances: - - type: POSTGRES_15 - tier: db-custom-1-3840 - databases: - - name: db-pdl-forvalter - image: "{{image}}" - liveness: - path: "/internal/health/liveness" - observability: - autoInstrumentation: - enabled: true - runtime: java - prometheus: - enabled: true - path: "/internal/prometheus" - readiness: - path: "/internal/health/readiness" - replicas: - min: 1 - max: 1 \ No newline at end of file diff --git a/apps/dolly-db/gradle/wrapper/gradle-wrapper.jar b/apps/dolly-db/gradle/wrapper/gradle-wrapper.jar deleted file mode 100644 index c1962a79e29..00000000000 Binary files a/apps/dolly-db/gradle/wrapper/gradle-wrapper.jar and /dev/null differ diff --git a/apps/dolly-db/gradle/wrapper/gradle-wrapper.properties b/apps/dolly-db/gradle/wrapper/gradle-wrapper.properties deleted file mode 100644 index 20db9ad5c95..00000000000 --- a/apps/dolly-db/gradle/wrapper/gradle-wrapper.properties +++ /dev/null @@ -1,6 +0,0 @@ -distributionBase=GRADLE_USER_HOME -distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip -networkTimeout=10000 -zipStoreBase=GRADLE_USER_HOME -zipStorePath=wrapper/dists diff --git a/apps/dolly-db/gradlew b/apps/dolly-db/gradlew deleted file mode 100755 index aeb74cbb43e..00000000000 --- a/apps/dolly-db/gradlew +++ /dev/null @@ -1,245 +0,0 @@ -#!/bin/sh - -# -# Copyright © 2015-2021 the original authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -############################################################################## -# -# Gradle start up script for POSIX generated by Gradle. -# -# Important for running: -# -# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is -# noncompliant, but you have some other compliant shell such as ksh or -# bash, then to run this script, type that shell name before the whole -# command line, like: -# -# ksh Gradle -# -# Busybox and similar reduced shells will NOT work, because this script -# requires all of these POSIX shell features: -# * functions; -# * expansions «$var», «${var}», «${var:-default}», «${var+SET}», -# «${var#prefix}», «${var%suffix}», and «$( cmd )»; -# * compound commands having a testable exit status, especially «case»; -# * various built-in commands including «command», «set», and «ulimit». -# -# Important for patching: -# -# (2) This script targets any POSIX shell, so it avoids extensions provided -# by Bash, Ksh, etc; in particular arrays are avoided. -# -# The "traditional" practice of packing multiple parameters into a -# space-separated string is a well documented source of bugs and security -# problems, so this is (mostly) avoided, by progressively accumulating -# options in "$@", and eventually passing that to Java. -# -# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS, -# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly; -# see the in-line comments for details. -# -# There are tweaks for specific operating systems such as AIX, CygWin, -# Darwin, MinGW, and NonStop. -# -# (3) This script is generated from the Groovy template -# https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt -# within the Gradle project. -# -# You can find Gradle at https://github.com/gradle/gradle/. -# -############################################################################## - -# Attempt to set APP_HOME - -# Resolve links: $0 may be a link -app_path=$0 - -# Need this for daisy-chained symlinks. -while - APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path - [ -h "$app_path" ] -do - ls=$( ls -ld "$app_path" ) - link=${ls#*' -> '} - case $link in #( - /*) app_path=$link ;; #( - *) app_path=$APP_HOME$link ;; - esac -done - -# This is normally unused -# shellcheck disable=SC2034 -APP_BASE_NAME=${0##*/} -APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit - -# Use the maximum available, or set MAX_FD != -1 to use that value. -MAX_FD=maximum - -warn () { - echo "$*" -} >&2 - -die () { - echo - echo "$*" - echo - exit 1 -} >&2 - -# OS specific support (must be 'true' or 'false'). -cygwin=false -msys=false -darwin=false -nonstop=false -case "$( uname )" in #( - CYGWIN* ) cygwin=true ;; #( - Darwin* ) darwin=true ;; #( - MSYS* | MINGW* ) msys=true ;; #( - NONSTOP* ) nonstop=true ;; -esac - -CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar - - -# Determine the Java command to use to start the JVM. -if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD=$JAVA_HOME/jre/sh/java - else - JAVACMD=$JAVA_HOME/bin/java - fi - if [ ! -x "$JAVACMD" ] ; then - die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME - -Please set the JAVA_HOME variable in your environment to match the -location of your Java installation." - fi -else - JAVACMD=java - which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. - -Please set the JAVA_HOME variable in your environment to match the -location of your Java installation." -fi - -# Increase the maximum file descriptors if we can. -if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then - case $MAX_FD in #( - max*) - # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. - # shellcheck disable=SC3045 - MAX_FD=$( ulimit -H -n ) || - warn "Could not query maximum file descriptor limit" - esac - case $MAX_FD in #( - '' | soft) :;; #( - *) - # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. - # shellcheck disable=SC3045 - ulimit -n "$MAX_FD" || - warn "Could not set maximum file descriptor limit to $MAX_FD" - esac -fi - -# Collect all arguments for the java command, stacking in reverse order: -# * args from the command line -# * the main class name -# * -classpath -# * -D...appname settings -# * --module-path (only if needed) -# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. - -# For Cygwin or MSYS, switch paths to Windows format before running java -if "$cygwin" || "$msys" ; then - APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) - CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) - - JAVACMD=$( cygpath --unix "$JAVACMD" ) - - # Now convert the arguments - kludge to limit ourselves to /bin/sh - for arg do - if - case $arg in #( - -*) false ;; # don't mess with options #( - /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath - [ -e "$t" ] ;; #( - *) false ;; - esac - then - arg=$( cygpath --path --ignore --mixed "$arg" ) - fi - # Roll the args list around exactly as many times as the number of - # args, so each arg winds up back in the position where it started, but - # possibly modified. - # - # NB: a `for` loop captures its iteration list before it begins, so - # changing the positional parameters here affects neither the number of - # iterations, nor the values presented in `arg`. - shift # remove old arg - set -- "$@" "$arg" # push replacement arg - done -fi - - -# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' - -# Collect all arguments for the java command; -# * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of -# shell script including quotes and variable substitutions, so put them in -# double quotes to make sure that they get re-expanded; and -# * put everything else in single quotes, so that it's not re-expanded. - -set -- \ - "-Dorg.gradle.appname=$APP_BASE_NAME" \ - -classpath "$CLASSPATH" \ - org.gradle.wrapper.GradleWrapperMain \ - "$@" - -# Stop when "xargs" is not available. -if ! command -v xargs >/dev/null 2>&1 -then - die "xargs is not available" -fi - -# Use "xargs" to parse quoted args. -# -# With -n1 it outputs one arg per line, with the quotes and backslashes removed. -# -# In Bash we could simply go: -# -# readarray ARGS < <( xargs -n1 <<<"$var" ) && -# set -- "${ARGS[@]}" "$@" -# -# but POSIX shell has neither arrays nor command substitution, so instead we -# post-process each arg (as a line of input to sed) to backslash-escape any -# character that might be a shell metacharacter, then use eval to reverse -# that process (while maintaining the separation between arguments), and wrap -# the whole thing up as a single "set" statement. -# -# This will of course break if any of these variables contains a newline or -# an unmatched quote. -# - -eval "set -- $( - printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | - xargs -n1 | - sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | - tr '\n' ' ' - )" '"$@"' - -exec "$JAVACMD" "$@" diff --git a/apps/dolly-db/gradlew.bat b/apps/dolly-db/gradlew.bat deleted file mode 100644 index 93e3f59f135..00000000000 --- a/apps/dolly-db/gradlew.bat +++ /dev/null @@ -1,92 +0,0 @@ -@rem -@rem Copyright 2015 the original author or authors. -@rem -@rem Licensed under the Apache License, Version 2.0 (the "License"); -@rem you may not use this file except in compliance with the License. -@rem You may obtain a copy of the License at -@rem -@rem https://www.apache.org/licenses/LICENSE-2.0 -@rem -@rem Unless required by applicable law or agreed to in writing, software -@rem distributed under the License is distributed on an "AS IS" BASIS, -@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -@rem See the License for the specific language governing permissions and -@rem limitations under the License. -@rem - -@if "%DEBUG%"=="" @echo off -@rem ########################################################################## -@rem -@rem Gradle startup script for Windows -@rem -@rem ########################################################################## - -@rem Set local scope for the variables with windows NT shell -if "%OS%"=="Windows_NT" setlocal - -set DIRNAME=%~dp0 -if "%DIRNAME%"=="" set DIRNAME=. -@rem This is normally unused -set APP_BASE_NAME=%~n0 -set APP_HOME=%DIRNAME% - -@rem Resolve any "." and ".." in APP_HOME to make it shorter. -for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi - -@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" - -@rem Find java.exe -if defined JAVA_HOME goto findJavaFromJavaHome - -set JAVA_EXE=java.exe -%JAVA_EXE% -version >NUL 2>&1 -if %ERRORLEVEL% equ 0 goto execute - -echo. -echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:findJavaFromJavaHome -set JAVA_HOME=%JAVA_HOME:"=% -set JAVA_EXE=%JAVA_HOME%/bin/java.exe - -if exist "%JAVA_EXE%" goto execute - -echo. -echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:execute -@rem Setup the command line - -set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar - - -@rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* - -:end -@rem End local scope for the variables with windows NT shell -if %ERRORLEVEL% equ 0 goto mainEnd - -:fail -rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of -rem the _cmd.exe /c_ return code! -set EXIT_CODE=%ERRORLEVEL% -if %EXIT_CODE% equ 0 set EXIT_CODE=1 -if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% -exit /b %EXIT_CODE% - -:mainEnd -if "%OS%"=="Windows_NT" endlocal - -:omega diff --git a/apps/dolly-db/settings.gradle b/apps/dolly-db/settings.gradle deleted file mode 100644 index 485bc7bf395..00000000000 --- a/apps/dolly-db/settings.gradle +++ /dev/null @@ -1,14 +0,0 @@ -plugins { - id "com.gradle.develocity" version "3.17.4" -} - -rootProject.name = 'dolly-db' - -includeBuild "../../plugins/java" - -develocity { - buildScan { - termsOfUseUrl = "https://gradle.com/terms-of-service" - termsOfUseAgree = "yes" - } -} \ No newline at end of file diff --git a/apps/dolly-db/src/main/java/no/nav/dolly/database/DatabaseApplication.java b/apps/dolly-db/src/main/java/no/nav/dolly/database/DatabaseApplication.java deleted file mode 100644 index 8649afeb375..00000000000 --- a/apps/dolly-db/src/main/java/no/nav/dolly/database/DatabaseApplication.java +++ /dev/null @@ -1,13 +0,0 @@ -package no.nav.dolly.database; - -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; - -@SpringBootApplication -public class DatabaseApplication { - - public static void main(String[] args) { - SpringApplication.run(DatabaseApplication.class, args); - } - -} diff --git a/apps/dolly-db/src/main/java/no/nav/dolly/database/OpenApiConfig.java b/apps/dolly-db/src/main/java/no/nav/dolly/database/OpenApiConfig.java deleted file mode 100644 index 28a3ea7e6a6..00000000000 --- a/apps/dolly-db/src/main/java/no/nav/dolly/database/OpenApiConfig.java +++ /dev/null @@ -1,17 +0,0 @@ -package no.nav.dolly.database; - -import org.springframework.context.annotation.Configuration; -import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; - -@Configuration -class OpenApiConfig implements WebMvcConfigurer { - - @Override - public void addViewControllers(ViewControllerRegistry registry) { - registry - .addViewController("/swagger") - .setViewName("redirect:/swagger-ui.html"); - } - -} diff --git a/apps/dolly-db/src/main/java/no/nav/dolly/database/RedirectToHealthController.java b/apps/dolly-db/src/main/java/no/nav/dolly/database/RedirectToHealthController.java deleted file mode 100644 index a3b20709b26..00000000000 --- a/apps/dolly-db/src/main/java/no/nav/dolly/database/RedirectToHealthController.java +++ /dev/null @@ -1,22 +0,0 @@ -package no.nav.dolly.database; - -import jakarta.servlet.http.HttpServletResponse; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.RestController; - -import java.io.IOException; - -/** - * Just a simple controller, so that we at least have a functional Spring application. - * Required to avoid NAIS entering a restart loop. - */ -@RestController -class RedirectToHealthController { - - @GetMapping("/") - void redirectToHealth(HttpServletResponse response) - throws IOException { - response.sendRedirect("/internal/health"); - } - -} diff --git a/apps/dolly-db/src/main/resources/application.yml b/apps/dolly-db/src/main/resources/application.yml deleted file mode 100644 index dc9c53191a0..00000000000 --- a/apps/dolly-db/src/main/resources/application.yml +++ /dev/null @@ -1,21 +0,0 @@ -spring: - cloud: - vault: - enabled: false - -management: - endpoints: - web: - base-path: /internal - exposure: - include: prometheus,health - endpoint: - health: - probes: - enabled: true - prometheus: - enabled: true - prometheus: - metrics: - export: - enabled: true \ No newline at end of file diff --git a/apps/dolly-db/src/main/resources/logback-spring.xml b/apps/dolly-db/src/main/resources/logback-spring.xml deleted file mode 100644 index 8d108ba7157..00000000000 --- a/apps/dolly-db/src/main/resources/logback-spring.xml +++ /dev/null @@ -1,44 +0,0 @@ - - - - - - - true - - 10280 - 20 - ^sun\.reflect\..*\.invoke - ^net\.sf\.cglib\.proxy\.MethodProxy\.invoke - java\.util\.concurrent\..* - org\.apache\.catalina\..* - org\.apache\.coyote\..* - org\.apache\.tomcat\..* - - bestillingId - - - - - - - - - - - UTF-8 - - %d{HH:mm:ss.SSS} %highlight(%p) | %yellow(%logger{0}): %m%n - - - - - - - - - - - - - diff --git a/apps/dolly-db/src/test/resources/application-test.yml b/apps/dolly-db/src/test/resources/application-test.yml deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/apps/dolly-db/src/test/resources/logback-test.xml b/apps/dolly-db/src/test/resources/logback-test.xml deleted file mode 100644 index 9e4d079929b..00000000000 --- a/apps/dolly-db/src/test/resources/logback-test.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - - \ No newline at end of file diff --git a/apps/organisasjon-forvalter/build.gradle b/apps/organisasjon-forvalter/build.gradle index 6aad329ac3a..cc5bb9ad425 100644 --- a/apps/organisasjon-forvalter/build.gradle +++ b/apps/organisasjon-forvalter/build.gradle @@ -14,6 +14,8 @@ properties { } dependencies { + implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" + implementation "no.nav.testnav.libs:avro-schema" implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:database" diff --git a/apps/organisasjon-forvalter/src/main/resources/application-local.yml b/apps/organisasjon-forvalter/src/main/resources/application-local.yml index b4b73c613d0..8555fea2280 100644 --- a/apps/organisasjon-forvalter/src/main/resources/application-local.yml +++ b/apps/organisasjon-forvalter/src/main/resources/application-local.yml @@ -1,8 +1,14 @@ - spring: + cloud: + gcp: + secretmanager: + project-id: dolly-dev-ff83 + config: + import: "sm://" datasource: - url: jdbc:postgresql://localhost:5432/db-organisasjon-forvalter - username: ${NAV_USERNAME} + url: jdbc:postgresql://localhost:5432/testnav-organisasjon-forvalter-local + username: testnav-organisasjon-forvalter-local + password: ${sm://testnav-organisasjon-forvalter-local} consumers: generer-navn-service: diff --git a/apps/organisasjon-forvalter/src/test/resources/application-test.yml b/apps/organisasjon-forvalter/src/test/resources/application-test.yml index db1ca5d3a2c..f5afb1ea114 100644 --- a/apps/organisasjon-forvalter/src/test/resources/application-test.yml +++ b/apps/organisasjon-forvalter/src/test/resources/application-test.yml @@ -1,6 +1,10 @@ TOKEN_X_ISSUER: dummy spring: + cloud: + gcp: + secretmanager: + enabled: false datasource: url: jdbc:h2:mem:testdb driverClassName: org.h2.Driver diff --git a/apps/pdl-forvalter/build.gradle b/apps/pdl-forvalter/build.gradle index b35263e4dee..e5203f33255 100644 --- a/apps/pdl-forvalter/build.gradle +++ b/apps/pdl-forvalter/build.gradle @@ -14,6 +14,8 @@ properties { } dependencies { + implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" + implementation "no.nav.testnav.libs:database" implementation "no.nav.testnav.libs:vault" implementation "no.nav.testnav.libs:data-transfer-objects" diff --git a/apps/pdl-forvalter/src/main/resources/application-local.yaml b/apps/pdl-forvalter/src/main/resources/application-local.yaml index 1f9ba16ae12..74abe6fd89a 100644 --- a/apps/pdl-forvalter/src/main/resources/application-local.yaml +++ b/apps/pdl-forvalter/src/main/resources/application-local.yaml @@ -1,7 +1,14 @@ spring: + cloud: + gcp: + secretmanager: + project-id: dolly-dev-ff83 + config: + import: "sm://" datasource: - url: jdbc:postgresql://localhost:5432/db-pdl-forvalter - username: ${NAV_USERNAME} + url: jdbc:postgresql://localhost:5432/testnav-pdl-forvalter-local + username: testnav-pdl-forvalter-local + password: ${sm://testnav-pdl-forvalter-local} consumers: adresse-service: diff --git a/docs/gcp_db.md b/docs/gcp_db.md index 015b1f5611d..3c53d05177e 100644 --- a/docs/gcp_db.md +++ b/docs/gcp_db.md @@ -5,25 +5,28 @@ Enkelte applikasjoner bruker en database i GCP som "lokal" database, dvs. i Spri * `organisasjon-forvalter` * `pdl-forvalter` -På grunn av begrensninger i NAIS må disse databasene tilhøre en applikasjon. Det finnes en [../apps/dolly-db](../apps/dolly-db) som deployes flere ganger for å opprette og "eie" disse databasene. +Disse er refert til under som `APP_NAME`. -Disse har derfor en noe annen konfigurasjon for kjøring lokalt, og bruker [NAIS CLI](https://doc.nais.io/operate/cli/reference/postgres/). +Applikasjonene har en noe annen konfigurasjon for kjøring lokalt, og bruker [gcloud CLI](https://doc.nais.io/operate/cli/reference/postgres/) og [cloud_sql_proxy](https://cloud.google.com/sql/docs/postgres/connect-auth-proxy). -* Du må være logget på med gcloud CLI. -* ~~Databasene må forberedes for tilgang.~~ **En gang, dette er allerede gjort.** +`cloud_sql_proxy` installeres med ``` -> nais postgres prepare --all-privs +> gcloud components install cloud-sql-proxy ``` -* Du må gi din personlige bruker tilgang til databasen. **En gang.** + +* Du må være logget på med gcloud CLI. ``` -> nais postgres grant +> gcloud auth login --update-adc ``` -* Tilgang til DB gis gjennom NAIS CLI. +* Du må starte `cloud_sql_proxy` med rett `APP_NAME` (se over). ``` -> nais postgres proxy +> cloud_sql_proxy -instances=dolly-dev-ff83:europe-north1:testnav-APP_NAME-local=tcp:5432 ``` -* Brukernavnet må være din NAV-ident. Du må enten: - * Sette en miljøvariabel `NAV_USERNAME` til din NAV-ident. **En gang.** - * Endre brukernavnet i den aktuelle application-local.yml fra `${NAV_USERNAME}` til ditt navn. **Hver gang. Og ikke commit'e den endringen.** -Etter at proxy'en er startet kan du da kjøre den aktuelle applikasjonen lokalt. \ No newline at end of file +Etter at proxy'en er startet kan du da kjøre den aktuelle applikasjonen lokalt. Applikasjonen henter selv passord vha. [Spring Cloud GCP](https://spring.io/projects/spring-cloud-gcp) ved oppstart. + +Hvis du ønsker tilgang direkte til databasen gjennom en annen klient som IntelliJ så må du hente ut passordet vha. +``` +> gcloud secrets versions access latest --secret=testnav-APP_NAME-local +``` +JDBC connect URL vil være `jdbc:postgresql://localhost:5432/testnav-APP_NAME-local?user=testnav-APP_NAME-local`. \ No newline at end of file diff --git a/docs/local_db.md b/docs/local_db.md index d90e601a2ee..54b406dd48c 100644 --- a/docs/local_db.md +++ b/docs/local_db.md @@ -10,22 +10,17 @@ Dette er en kort beskrivelse på hvordan du setter opp PSQL i Docker og fyller d Her bruker vi `dolly-backend` som eksempel. Vi bruker også [NAIS CLI](https://doc.nais.io/operate/cli/) som igjen avhenger av [gcloud CLI](https://cloud.google.com/sdk/gcloud). Eksport gjøres med [pg_dump](https://www.postgresql.org/docs/current/app-pgdump.html). Først logg inn med gcloud CLI. NAIS CLI avhenger av dette. - ~~~ -> gcloud auth login +> gcloud auth login --update-adc ~~~ - Sett opp en proxy mot databasen [definert i applikasjonen](../apps/dolly-backend/config.yml) `dolly-backend`. Legg merke til hva databasen heter og la proxyen stå og kjøre mens du eksporterer i neste steg. - ~~~ > nais postgres proxy dolly-backend ~~~ -Setter opp en proxy for deg mot databasen - +Setter opp en proxy for deg mot databasen til applikasjonen (her: `dolly-backend`). ~~~ > pg_dump --username=YOUR_NAV_EMAIL_ADDRESS --clean --create --no-owner --no-privileges --verbose --file=~/dump.sql testnav-dolly-backend ~~~ - Output havner her i fila `~/dump.sql` og skal brukes ved import. Legg merke til `--clean --create --no-owner --no-privileges`. Vi eksporterer til et script som tømmer eksisterende database, oppretter en ny database ved behov, og fjerner owner og groups på alle tabeller. Vi ønsker at eier av alle tabellene lokalt er default-brukeren `postgres`. @@ -33,11 +28,9 @@ Legg merke til `--clean --create --no-owner --no-privileges`. Vi eksporterer til ## Eksportere fra FSS Her bruker vi `dolly-backend-dev` som eksempel. Eksport gjøres med [pg_dump](https://www.postgresql.org/docs/current/app-pgdump.html). Databasen er [definert i applikasjonen](../apps/dolly-backend/config.test.yml). - ~~~ > pg_dump --host=dev-pg.intern.nav.no --username=USERNAME_FROM_VAULT --clean --create --no-owner --no-privileges --verbose --exclude-table=idents_from_* --exclude-table=diff_idents --exclude-table=test --file=~/dump.sql dolly-test ~~~ - Brukernavn og passord hentes fra Vault, i dette tilfellet fra https://vault.adeo.no/ui/vault/secrets/postgresql%2Fpreprod-fss/credentials/dolly-test-admin. Legg merke til at vi bruker `--exclude-table` i dette eksempelet. I denne databasen hadde vi noen tabeller med annen eier, som ikke lar seg eksportere med credentials fra Vault. I de fleste andre tilfeller kan du utelate `--exclude-table`. @@ -45,11 +38,9 @@ Legg merke til at vi bruker `--exclude-table` i dette eksempelet. I denne databa ## Sette opp PSQL i Docker **Dette gjøres bare én gang.** Vi lager oss en container kalt `postgres`, der auth er slått av fra din Docker host. Default-brukeren `postgres` vil stå som eier av alle tabeller. - ~~~ > docker run --name postgres -e POSTGRES_HOST_AUTH_METHOD=trust -p 5432:5432 postgres ~~~ - Her kjøres containeren uten `--detach`, slik at vi kan følge med på logger i tilfelle feil under import, men det er valgfritt. ## Importere inn i PSQL @@ -57,7 +48,6 @@ Her kjøres containeren uten `--detach`, slik at vi kan følge med på logger i Import gjøres med [psql](https://www.postgresql.org/docs/current/app-psql.html). Et alternativ er [pg_restore](https://www.postgresql.org/docs/current/app-pgrestore.html), men da må eksporten gjøres med `--format=custom` og du kan ikke justere på SQLen før import ved behov. En evt. eksisterende database vil bli erstattet, men du kan fint ha flere databaser for flere test-scenarier samtidig. Hvis du importerer fra de to eksemplene over så vil du for eksempel ha to databaser lokalt ved navn `testnav-dolly-backend` og `dolly-test`. - ~~~ > psql --username=postgres --file=~\dump.sql ~~~ \ No newline at end of file diff --git a/docs/local_general.md b/docs/local_general.md index bd1a49af937..f0e3dd38ab2 100644 --- a/docs/local_general.md +++ b/docs/local_general.md @@ -1,5 +1,5 @@ # Kjøring lokalt -Dette er felles for alt applikasjon som er ment å kunne kjøres lokalt. +Dette er felles for alle applikasjoner som er ment å kunne kjøres lokalt. * Bruk Spring profile `local`. **NB:** Noen applikasjoner/proxyer bruker fortsatt andre profiler, f.eks. `dev`. Sjekk og vurder å endre til standard `local` der det gjelder. * Bruk VM options `--add-opens java.base/java.lang=ALL-UNNAMED`. * Hvis Swagger er satt opp er det tilgjengelig på http://localhost:8080/swagger. \ No newline at end of file diff --git a/plugins/java/src/main/groovy/dolly-versions.gradle b/plugins/java/src/main/groovy/dolly-versions.gradle index a2656a3d4de..bd7e53dcd9f 100644 --- a/plugins/java/src/main/groovy/dolly-versions.gradle +++ b/plugins/java/src/main/groovy/dolly-versions.gradle @@ -8,6 +8,8 @@ class DollyVersionCatalog { String springSession = "3.3.1" String springCloud = "2023.0.3" + String gcpSecretManager = "5.7.0" + String apacheAvro = "1.11.3" String apacheKafka = "3.7.0" String apachePoi = "5.3.0"