diff --git a/.m2/maven-settings.xml b/.github/.m2/maven-settings.xml
similarity index 100%
rename from .m2/maven-settings.xml
rename to .github/.m2/maven-settings.xml
diff --git a/.github/workflows/deploy_feature.yaml b/.github/workflows/deploy_feature.yaml
index a414a137..d65dbe92 100644
--- a/.github/workflows/deploy_feature.yaml
+++ b/.github/workflows/deploy_feature.yaml
@@ -3,6 +3,7 @@ on:
push:
branches:
- '**'
+ - '!main'
env:
GITHUB_USERNAME: x-access-token
@@ -27,7 +28,7 @@ jobs:
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- - run: mvn -Dmaven.test.skip=true -B -e --settings .m2/maven-settings.xml clean install
+ - run: mvn -Dmaven.test.skip=true -B -e --settings .github/.m2/maven-settings.xml clean install
- uses: nais/docker-build-push@v0
id: docker-push
with:
@@ -54,7 +55,7 @@ jobs:
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- - run: mvn -B -e --settings .m2/maven-settings.xml clean install
+ - run: mvn -B -e --settings .github/.m2/maven-settings.xml clean install
deploy-feature:
runs-on: ubuntu-latest
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
index 4270a207..daf7d2f7 100644
--- a/.github/workflows/pr.yaml
+++ b/.github/workflows/pr.yaml
@@ -2,9 +2,6 @@ name: Deploy to dev
on:
pull_request:
types: [ ready_for_review, opened, synchronize ]
- push:
- branches:
- - 'main'
env:
GITHUB_USERNAME: x-access-token
@@ -29,7 +26,7 @@ jobs:
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- - run: mvn -Dmaven.test.skip=true -B -e --settings .m2/maven-settings.xml clean install
+ - run: mvn -Dmaven.test.skip=true -B -e --settings .github/.m2/maven-settings.xml clean install
- uses: nais/docker-build-push@v0
id: docker-push
with:
@@ -56,7 +53,7 @@ jobs:
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- - run: mvn -B -e --settings .m2/maven-settings.xml clean install
+ - run: mvn -B -e --settings .github/.m2/maven-settings.xml clean install
deploy-main:
runs-on: ubuntu-latest
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index a0ae95e5..4497520f 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -26,7 +26,7 @@ jobs:
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- - run: mvn -Dmaven.test.skip=true -B -e --settings .m2/maven-settings.xml clean install
+ - run: mvn -Dmaven.test.skip=true -B -e --settings .github/.m2/maven-settings.xml clean install
- uses: nais/docker-build-push@v0
id: docker-push
with:
diff --git a/.gitignore b/.gitignore
index f99f0b77..9228d29f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,3 +11,4 @@
.settings/
.vscode/
.DS_Store
+*nais-secrets*
\ No newline at end of file
diff --git a/README.md b/README.md
index 3439b72a..e67aab21 100644
--- a/README.md
+++ b/README.md
@@ -72,4 +72,29 @@ Kan vurdere å sette opp wiremocks for de eksterne tjenestene for å kunne kjør
Applikasjonen testes enklest i Swagger (for generering av gyldig token, se over):
```
https://bidrag-grunnlag.dev.intern.nav.no/bidrag-grunnlag/swagger-ui/index.html?configUrl=/bidrag-grunnlag/v3/api-docs/swagger-config#/grunnlagspakke-controller
-```
\ No newline at end of file
+```
+
+### Kjøre lokalt mot nais med lokal database
+##### Start opp database
+Start opp lokal postgres database med følgende kommando på rotmappen.
+```
+docker-compose up -d
+```
+Dette vil starte en tom postgres database.
+Ved oppstart av appen vil flyway skriptene initialiseree alle tabeller som er nødvendig for lokal kjøring.
+
+Databasen er persistent. Det vil si at all data vil bli lagret lokalt og være tilgjengelig selv ved restart av PC eller docker.
+
+##### Initialiser miljøvariabler
+Kjør ```initLocalEnv.sh``` skriptet for å sette opp miljøvariabler for lokal kjøring.
+
+Dette vil hente Azure hemmeligheter og diverse miljøvariabler fra POD kjørende i dev
+
+Hvis du ikke får `permission denied` når du prøver å kjøre skriptet så må du gi deg selv tilgang til å kjøre shell skript med følgende kommand:
+```bash
+Kjør chmod +x ./initLocalEnv.sh
+```
+
+Du kan da starte opp applikasjonen ved å kjøre [BidragGrunnlagLokalNais.kt](src/test/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlagLokalNais.kt)
+
+Gå til http://localhost:8086 for å åpne swagger-ui
\ No newline at end of file
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 00000000..64f7556e
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,17 @@
+version: "3.9"
+services:
+ database:
+ image: postgres:latest
+ ports:
+ - "5455:5432"
+ environment:
+ POSTGRES_USER: cloudsqliamuser
+ POSTGRES_PASSWORD: admin
+ POSTGRES_DB: bidrag-grunnlag
+ volumes:
+ - db:/var/lib/postgresql/data
+volumes:
+ db:
+ driver: local
+ storage:
+ driver: local
\ No newline at end of file
diff --git a/initEnv.sh b/initEnv.sh
new file mode 100755
index 00000000..0d2c66a3
--- /dev/null
+++ b/initEnv.sh
@@ -0,0 +1,2 @@
+kubectl config use dev-gcp
+kubectl exec -n=bidrag --tty deployment/bidrag-grunnlag printenv | grep -E 'AZURE_|_URL|SCOPE' > src/test/resources/application-lokal-nais-secrets.properties
diff --git a/pom.xml b/pom.xml
index 6e7e49d1..5ea11e22 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
org.springframework.boot
spring-boot-starter-parent
- 3.0.6
+ 3.1.2
@@ -43,7 +43,12 @@
org.yaml
snakeyaml
- 2.0
+ 2.2
+
+
+ io.swagger.core.v3
+ swagger-annotations
+ 2.2.15
diff --git a/src/main/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlag.kt b/src/main/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlag.kt
index 4bdd0fbb..eebc9ba3 100644
--- a/src/main/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlag.kt
+++ b/src/main/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlag.kt
@@ -4,7 +4,9 @@ import no.nav.security.token.support.spring.api.EnableJwtTokenValidation
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import org.springframework.boot.SpringApplication
+import org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration
import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
@EnableJwtTokenValidation(ignore = ["org.springdoc", "org.springframework"])
@SpringBootApplication
diff --git a/src/main/kotlin/no/nav/bidrag/grunnlag/security/SecurityConfiguration.kt b/src/main/kotlin/no/nav/bidrag/grunnlag/security/SecurityConfiguration.kt
index 22b4b321..49a33116 100644
--- a/src/main/kotlin/no/nav/bidrag/grunnlag/security/SecurityConfiguration.kt
+++ b/src/main/kotlin/no/nav/bidrag/grunnlag/security/SecurityConfiguration.kt
@@ -5,22 +5,19 @@ import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.http.SessionCreationPolicy
import org.springframework.security.web.SecurityFilterChain
+import org.springframework.security.web.authentication.Http403ForbiddenEntryPoint
@Configuration
class SecurityConfiguration {
@Bean
fun filterChain(http: HttpSecurity): SecurityFilterChain {
- http.sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
- .and()
- .csrf()
- .disable()
- .authorizeHttpRequests()
- .requestMatchers("/**")
- .permitAll()
- .anyRequest()
- .fullyAuthenticated()
+
+ http
+ .authorizeHttpRequests { auth ->
+ auth.anyRequest().permitAll()
+ }
+ .csrf { it.disable() }
return http.build()
}
}
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index aa74cb84..ea2751e2 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -24,22 +24,7 @@ management:
####################################################################
spring:
- config.activate.on-profile: live
- datasource:
- type: com.zaxxer.hikari.HikariDataSource
- url: jdbc:postgresql://${DB_HOST}:${DB_PORT}/${DB_DATABASE}?user=${DB_USERNAME}&password=${DB_PASSWORD}
- hikari:
- idle-timeout: 10001
- max-lifetime: 30001
- connectionTimeout: 1000
- maximum-pool-size: 10
- minimum-idle: 1
- flyway:
- enabled: true
- locations: classpath:/db/migration
- jpa:
- hibernate.connection.provider_class: org.hibernate.hikaricp.internal.HikariCPConnectionProvider
- database: postgresql
+ config.activate.on-profile: live,lokal-nais
security:
oauth2:
resourceserver:
@@ -114,3 +99,21 @@ no.nav.security.jwt:
discoveryurl: ${AZURE_APP_WELL_KNOWN_URL}
accepted_audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID}
+---
+spring:
+ config.activate.on-profile: live
+ datasource:
+ type: com.zaxxer.hikari.HikariDataSource
+ url: jdbc:postgresql://${DB_HOST}:${DB_PORT}/${DB_DATABASE}?user=${DB_USERNAME}&password=${DB_PASSWORD}
+ hikari:
+ idle-timeout: 10001
+ max-lifetime: 30001
+ connectionTimeout: 1000
+ maximum-pool-size: 10
+ minimum-idle: 1
+ flyway:
+ enabled: true
+ locations: classpath:/db/migration
+ jpa:
+ hibernate.connection.provider_class: org.hibernate.hikaricp.internal.HikariCPConnectionProvider
+ database: postgresql
\ No newline at end of file
diff --git a/src/test/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlagLokalNais.kt b/src/test/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlagLokalNais.kt
new file mode 100644
index 00000000..f2f59786
--- /dev/null
+++ b/src/test/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlagLokalNais.kt
@@ -0,0 +1,23 @@
+package no.nav.bidrag.grunnlag
+
+import no.nav.security.token.support.spring.api.EnableJwtTokenValidation
+import no.nav.security.token.support.spring.test.EnableMockOAuth2Server
+import org.springframework.boot.SpringApplication
+import org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
+import org.springframework.context.annotation.ComponentScan
+import org.springframework.context.annotation.FilterType
+import org.springframework.context.annotation.Profile
+
+@SpringBootApplication
+@EnableJwtTokenValidation(ignore = ["org.springdoc", "org.springframework"])
+@ComponentScan(excludeFilters = [ComponentScan.Filter(type = FilterType.ASSIGNABLE_TYPE, value = [BidragGrunnlag::class])])
+@Profile("lokal-nais")
+class BidragGrunnlagLokalNais
+
+fun main(args: Array) {
+ val app = SpringApplication(BidragGrunnlagLokalNais::class.java)
+ app.setAdditionalProfiles("lokal-nais", "lokal-nais-secrets")
+ app.run(*args)
+}
diff --git a/src/test/resources/application-lokal-nais.yaml b/src/test/resources/application-lokal-nais.yaml
new file mode 100644
index 00000000..4cf2387c
--- /dev/null
+++ b/src/test/resources/application-lokal-nais.yaml
@@ -0,0 +1,16 @@
+server.port: 8086
+spring:
+ flyway:
+ enabled: true
+ locations: classpath:/db/migration
+ datasource:
+ url: jdbc:postgresql://localhost:${DB_PORT:5455}/${DB_DATABASE:bidrag-grunnlag}?user=${DB_USERNAME:cloudsqliamuser}&password=${DB_PASSWORD:admin}
+ type: com.zaxxer.hikari.HikariDataSource
+ kafka:
+ bootstrap-servers: ${KAFKA_BROKERS}
+ properties:
+ security.protocol: PLAINTEXT
+ consumer:
+ enableAutoCommit: false
+ listener:
+ ackMode: RECORD
\ No newline at end of file