Gå over til unleash next (#57)

* gå over til unleash next * Mangler Permissions for deploy * Feil navn secret + manglende prod-config * workflow concurrency --------- Co-authored-by: Hans Petter Simonsen <[email protected]>
navikt · Sep 14, 2023 · 8d0280e · 8d0280e
1 parent edda861
commit 8d0280e
Show file tree

Hide file tree

Showing 14 changed files with 130 additions and 26 deletions.
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
@@ -4,6 +4,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: deploy_main
+  cancel-in-progress: true
+
 permissions:
   packages: write
   contents: write

diff --git a/.github/workflows/feature-branch-deploy.yaml b/.github/workflows/feature-branch-deploy.yaml
@@ -2,6 +2,14 @@ name: Deploy feature branch
 on:
   workflow_dispatch:
 
+concurrency:
+  group: deploy_feture_branch
+  cancel-in-progress: true
+
+permissions:
+  packages: write
+  contents: write
+
 env:
   IMAGE_TAG: ${{ github.sha }}
   IMAGE: ghcr.io/${{ github.repository }}/aktivitet-arena-acl

diff --git a/.github/workflows/unleash-apitoken.yaml b/.github/workflows/unleash-apitoken.yaml
@@ -0,0 +1,30 @@
+name: Unleash api-tokens
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - '.github/workflows/unleash-apitoken.yaml'
+      - '.nais/unleash-apitoken-dev.yaml'
+      - '.nais/unleash-apitoken.yaml'
+
+jobs:
+  apply-apitoken-unleash:
+    name: Apply ApiToken for Unleash to cluster
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: deploy to dev
+        uses: nais/deploy/actions/deploy@v1
+        env:
+          APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
+          CLUSTER: dev-gcp
+          RESOURCE: .nais/unleash-apitoken-dev.yaml
+      - name: deploy to prod
+        uses: nais/deploy/actions/deploy@v1
+        env:
+          APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
+          CLUSTER: prod-gcp
+          RESOURCE: .nais/unleash-apitoken.yaml
diff --git a/.nais/nais-dev.yaml b/.nais/nais-dev.yaml
@@ -51,6 +51,9 @@ spec:
       external:
         - host: amt-arena-ords-proxy.dev-fss-pub.nais.io
         - host: veilarboppfolging.dev-fss-pub.nais.io
+        - host: dab-unleash-api.nav.cloud.nais.io
+  envFrom:
+    - secret: aktivitet-arena-acl-unleash-api-token
   env:
     # q2: api://dev-fss.amt.amt-arena-ords-proxy/.default q1: api://dev-fss.amt.amt-arena-ords-proxy-q1/.default
     - name: AMT_ARENA_ORDS_PROXY_SCOPE
@@ -75,6 +78,8 @@ spec:
       value: api://dev-fss.pto.veilarboppfolging/.default
     - name: VEILARBOPPFOLGING_URL
       value: https://veilarboppfolging.dev-fss-pub.nais.io
+    - name: UNLEASH_ENVIRONMENT
+      value: development
   gcp:
     sqlInstances:
       - name: aktivitet-arena-acl-v1

diff --git a/.nais/nais-prod.yaml b/.nais/nais-prod.yaml
@@ -49,6 +49,9 @@ spec:
       external:
         - host: amt-arena-ords-proxy.prod-fss-pub.nais.io
         - host: veilarboppfolging.prod-fss-pub.nais.io
+        - host: dab-unleash-api.nav.cloud.nais.io
+  envFrom:
+    - secret: aktivitet-arena-acl-unleash-api-token
   env:
     - name: AMT_ARENA_ORDS_PROXY_SCOPE
       value: api://prod-fss.amt.amt-arena-ords-proxy/.default
@@ -71,6 +74,8 @@ spec:
       value: api://prod-fss.pto.veilarboppfolging/.default
     - name: VEILARBOPPFOLGING_URL
       value: https://veilarboppfolging.prod-fss-pub.nais.io
+    - name: UNLEASH_ENVIRONMENT
+      value: production
   gcp:
     sqlInstances:
       - name: aktivitet-arena-acl-v1

diff --git a/.nais/unleash-apitoken-dev.yaml b/.nais/unleash-apitoken-dev.yaml
@@ -0,0 +1,14 @@
+apiVersion: unleash.nais.io/v1
+kind: ApiToken
+metadata:
+  name: aktivitet-arena-acl
+  namespace: dab
+  labels:
+    team: dab
+spec:
+  unleashInstance:
+    apiVersion: unleash.nais.io/v1
+    kind: RemoteUnleash
+    name: dab
+  secretName: aktivitet-arena-acl-unleash-api-token
+  environment: development
diff --git a/.nais/unleash-apitoken.yaml b/.nais/unleash-apitoken.yaml
@@ -0,0 +1,14 @@
+apiVersion: unleash.nais.io/v1
+kind: ApiToken
+metadata:
+  name: aktivitet-arena-acl
+  namespace: dab
+  labels:
+    team: dab
+spec:
+  unleashInstance:
+    apiVersion: unleash.nais.io/v1
+    kind: RemoteUnleash
+    name: dab
+  secretName: aktivitet-arena-acl-unleash-api-token
+  environment: production
diff --git a/pom.xml b/pom.xml
@@ -308,6 +308,11 @@
             <artifactId>junit-jupiter-api</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>io.getunleash</groupId>
+            <artifactId>unleash-client-java</artifactId>
+            <version>8.2.1</version>
+        </dependency>
     </dependencies>
 
     <profiles>

diff --git a/src/main/kotlin/no/nav/arena_tiltak_aktivitet_acl/configuration/ApplicationConfig.kt b/src/main/kotlin/no/nav/arena_tiltak_aktivitet_acl/configuration/ApplicationConfig.kt
@@ -1,17 +1,21 @@
 package no.nav.arena_tiltak_aktivitet_acl.configuration
 
+import io.getunleash.DefaultUnleash
+import io.getunleash.Unleash
 import no.nav.common.rest.filter.LogRequestFilter
 import no.nav.common.token_client.builder.AzureAdTokenClientBuilder
 import no.nav.common.token_client.client.MachineToMachineTokenClient
 import no.nav.common.utils.EnvironmentUtils
 import no.nav.security.token.support.spring.api.EnableJwtTokenValidation
+import org.springframework.boot.context.properties.EnableConfigurationProperties
 import org.springframework.boot.web.servlet.FilterRegistrationBean
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.context.annotation.Profile
 
 @EnableJwtTokenValidation(ignore = ["org.springdoc", "org.springframework"])
 @Configuration
+@EnableConfigurationProperties(UnleashConfig::class)
 open class ApplicationConfig {
 
 	companion object {
@@ -37,6 +41,12 @@ open class ApplicationConfig {
 		return registration
 	}
 
+	@Bean
+	@Profile("default")
+	open fun unleash(config: UnleashConfig): Unleash {
+		return DefaultUnleash(config.toUnleashConfig())
+	}
+
 }
 
 fun getEnvOrProperty(key: String): String {

diff --git a/src/main/kotlin/no/nav/arena_tiltak_aktivitet_acl/configuration/FeatureToggleConfig.kt b/src/main/kotlin/no/nav/arena_tiltak_aktivitet_acl/configuration/FeatureToggleConfig.kt
diff --git a/src/main/kotlin/no/nav/arena_tiltak_aktivitet_acl/configuration/UnleashConfig.kt b/src/main/kotlin/no/nav/arena_tiltak_aktivitet_acl/configuration/UnleashConfig.kt
@@ -0,0 +1,23 @@
+package no.nav.arena_tiltak_aktivitet_acl.configuration
+
+import io.getunleash.util.UnleashConfig
+import org.springframework.boot.context.properties.ConfigurationProperties
+
+@ConfigurationProperties(prefix = "unleash")
+data class UnleashConfig(
+	val appName: String,
+    val url: String,
+    val token: String,
+    val instanceId: String,
+    val environment: String,
+) {
+    fun toUnleashConfig(): UnleashConfig {
+        return UnleashConfig.builder()
+            .appName(appName)
+            .instanceId(instanceId)
+            .unleashAPI("$url/api")
+            .apiKey(token)
+            .environment(environment)
+            .build()
+    }
+}
diff --git a/src/main/kotlin/no/nav/arena_tiltak_aktivitet_acl/kafka/KafkaConsumer.kt b/src/main/kotlin/no/nav/arena_tiltak_aktivitet_acl/kafka/KafkaConsumer.kt
@@ -1,8 +1,8 @@
 package no.nav.arena_tiltak_aktivitet_acl.kafka
 
+import io.getunleash.Unleash
 import io.micrometer.core.instrument.MeterRegistry
 import no.nav.arena_tiltak_aktivitet_acl.services.ArenaMessageProcessorService
-import no.nav.common.featuretoggle.UnleashClient
 import no.nav.common.kafka.consumer.KafkaConsumerClient
 import no.nav.common.kafka.consumer.util.KafkaConsumerClientBuilder
 import no.nav.common.kafka.consumer.util.deserializer.Deserializers.stringDeserializer
@@ -16,7 +16,7 @@ open class KafkaConsumer(
 	kafkaTopicProperties: KafkaTopicProperties,
 	kafkaProperties: KafkaProperties,
 	private val arenaMessageProcessorService: ArenaMessageProcessorService,
-	unleashClient: UnleashClient,
+	unleash: Unleash,
 	private val meterRegistry: MeterRegistry
 ) {
 
@@ -45,7 +45,7 @@ open class KafkaConsumer(
 
 		client = KafkaConsumerClientBuilder.builder()
 			.withProperties(kafkaProperties.consumer())
-			.withToggle { unleashClient.isEnabled("aktivitet-arena-acl.kafka.consumer.disabled") }
+			.withToggle { unleash.isEnabled("aktivitet-arena-acl.kafka.consumer.disabled") }
 			.withTopicConfigs(topicConfigs)
 			.build()
 	}

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -10,6 +10,12 @@ app.env.arenaTiltakDeltakerTopic=${ARENA_TILTAK_DELTAKER_TOPIC:null}
 app.env.aktivitetskortTopic=${AKTIVITETSKORT_TOPIC:null}
 app.unleashUrl=https://unleash.nais.io/api/
 
+unleash.appName=${NAIS_APP_NAME}
+unleash.url=${UNLEASH_SERVER_API_URL}
+unleash.token=${UNLEASH_SERVER_API_TOKEN}
+unleash.instanceId=${NAIS_CLIENT_ID}
+unleash.environment=${UNLEASH_ENVIRONMENT}
+
 # swagger-ui custom path
 springdoc.swagger-ui.path=/internal/swagger-ui.html
 springdoc.api-docs.enabled=true

diff --git a/src/test/kotlin/no/nav/arena_tiltak_aktivitet_acl/LocalApplicationConfig.kt b/src/test/kotlin/no/nav/arena_tiltak_aktivitet_acl/LocalApplicationConfig.kt
@@ -1,18 +1,18 @@
 package no.nav.arena_tiltak_aktivitet_acl
 
+import io.getunleash.Unleash
 import io.mockk.every
 import io.mockk.mockk
 import no.nav.arena_tiltak_aktivitet_acl.utils.token_provider.ScopedTokenProvider
-import no.nav.common.featuretoggle.UnleashClient
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 
 @Configuration
 open class LocalApplicationConfig {
 
 	@Bean
-	open fun unlead(): UnleashClient  {
-		val mock = mockk<UnleashClient>()
+	open fun unlead(): Unleash  {
+		val mock = mockk<Unleash>()
 		every { mock.isEnabled(any()) } returns false
 		return mock
 	}