From fa08b3b9cd95dc99a65e354b6a51278ab194985c Mon Sep 17 00:00:00 2001 From: Mads Opheim <71336041+madsop-nav@users.noreply.github.com> Date: Mon, 9 Sep 2024 16:43:17 +0200 Subject: [PATCH 1/5] EY-4178 micrometeroppgradering (#315) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * EY-4178: Oppgraderer micrometer * Slette ubrukte imports * Slettar med det samme unna ubrukt kode * Slettar unna ubrukte avhengnadar * Oppgraderer rapids and rivers med det samme, for å ha konsekvent micrometer-versjon. Skjønner ikkje heilt korfor vi ikkje måtte ha github-autentisering for denne allereie, men no er det iallfall på plass * EY-4178: Akkurat samme registry-oppsett som i Gjenny --- .../build.gradle.kts | 3 - apps/etterlatte-proxy/build.gradle.kts | 6 -- .../auth/ClientCredentialAuthProvider.kt | 82 ------------------- .../kotlin/auth/DefaultOAuth2HttpClient.kt | 43 ---------- .../src/main/kotlin/routes/InternalRoute.kt | 34 ++++---- .../main/kotlin/routes/TilbakekrevingRoute.kt | 2 - .../src/test/kotlin/ApplicationTest.kt | 1 - .../main/kotlin/etterlatte.common.gradle.kts | 7 ++ gradle/libs.versions.toml | 15 +--- 9 files changed, 29 insertions(+), 164 deletions(-) delete mode 100644 apps/etterlatte-proxy/src/main/kotlin/auth/ClientCredentialAuthProvider.kt delete mode 100644 apps/etterlatte-proxy/src/main/kotlin/auth/DefaultOAuth2HttpClient.kt diff --git a/apps/etterlatte-notifikasjoner/build.gradle.kts b/apps/etterlatte-notifikasjoner/build.gradle.kts index fad4e63c..a4b5ecb8 100644 --- a/apps/etterlatte-notifikasjoner/build.gradle.kts +++ b/apps/etterlatte-notifikasjoner/build.gradle.kts @@ -3,17 +3,14 @@ plugins { } dependencies { - implementation(libs.ktor.jackson) implementation(libs.rapidAndRivers) implementation(libs.brukernotifikasjonSchemas) { exclude("org.apache.commons", "commons-compress") } - implementation(libs.commons.compress) implementation(libs.kafka.avro.serializer) { exclude(group = "org.slf4j", module = "slf4j-log4j12") } - implementation(libs.kafka.clients) testImplementation(libs.mockk) } diff --git a/apps/etterlatte-proxy/build.gradle.kts b/apps/etterlatte-proxy/build.gradle.kts index 3425c870..aefa9a5a 100644 --- a/apps/etterlatte-proxy/build.gradle.kts +++ b/apps/etterlatte-proxy/build.gradle.kts @@ -10,19 +10,14 @@ repositories { dependencies { implementation(libs.ktor.serverAuth) - implementation(libs.ktor.clientCore) implementation(libs.ktor.callLogging) implementation(libs.ktor.clientApache) - implementation(libs.ktor.clientAuth) implementation(libs.ktor.clientLogging) implementation(libs.ktor.jackson) implementation(libs.ktor.serverContentNegotiation) implementation(libs.ktor.clientContentNegotiation) - implementation(libs.ktor.serverCore) implementation(libs.ktor.serverNetty) implementation(libs.ktor.serverAuthJwt) - implementation(libs.ktor.okHttp) - implementation(libs.navFellesTokenClientCore) implementation(libs.tjenestespesifikasjonerTilbakekreving) implementation(libs.tjenestespesifikasjonerOppdragSimulering) implementation(libs.cxf.logging) @@ -36,7 +31,6 @@ dependencies { exclude("org.eclipse.angus:angus-mail") } implementation(libs.micrometer.prometheus) - implementation(libs.jacksonDatatypejsr310) testImplementation(libs.mockOauth2Server) testImplementation(libs.ktor.serverTests) diff --git a/apps/etterlatte-proxy/src/main/kotlin/auth/ClientCredentialAuthProvider.kt b/apps/etterlatte-proxy/src/main/kotlin/auth/ClientCredentialAuthProvider.kt deleted file mode 100644 index d525f210..00000000 --- a/apps/etterlatte-proxy/src/main/kotlin/auth/ClientCredentialAuthProvider.kt +++ /dev/null @@ -1,82 +0,0 @@ -package no.nav.etterlatte.auth - -import com.nimbusds.oauth2.sdk.GrantType -import com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod -import io.ktor.client.plugins.auth.Auth -import io.ktor.client.plugins.auth.AuthProvider -import io.ktor.client.request.HttpRequestBuilder -import io.ktor.http.HttpHeaders -import io.ktor.http.auth.HttpAuthHeader -import no.nav.security.token.support.client.core.ClientAuthenticationProperties -import no.nav.security.token.support.client.core.ClientProperties -import no.nav.security.token.support.client.core.OAuth2CacheFactory -import no.nav.security.token.support.client.core.oauth2.ClientCredentialsTokenClient -import no.nav.security.token.support.client.core.oauth2.OAuth2AccessTokenService -import no.nav.security.token.support.client.core.oauth2.OnBehalfOfTokenClient -import no.nav.security.token.support.client.core.oauth2.TokenExchangeClient -import java.net.URI -import java.time.Duration - -fun Auth.clientCredential(block: ClientCredentialAuthConfig.() -> Unit) { - with(ClientCredentialAuthConfig().apply(block)) { - providers.add(ClientCredentialAuthProvider(config)) - } -} - -class ClientCredentialAuthConfig { - lateinit var config: Map -} - -class ClientCredentialAuthProvider( - config: Map -) : AuthProvider { - override val sendWithoutRequest: Boolean = true - - private val clientPropertiesConfig = - ClientProperties( - tokenEndpointUrl = null, // URI(conf["token_endpoint_url"]!!), - wellKnownUrl = config["AZURE_APP_WELL_KNOWN_URL"]?.let { URI(it) }, - grantType = GrantType.CLIENT_CREDENTIALS, - scope = config["AZURE_APP_OUTBOUND_SCOPE"]?.split(",") ?: emptyList(), - authentication = - ClientAuthenticationProperties - .builder( - clientId = config.getOrThrow("AZURE_APP_CLIENT_ID"), - clientAuthMethod = ClientAuthenticationMethod.PRIVATE_KEY_JWT - ).clientJwk(config.getOrThrow("AZURE_APP_JWK")) - .build(), - resourceUrl = null, // conf["resource_url"]?.let { URI(it) }, - tokenExchange = null - ) - - private fun Map.getOrThrow(key: String) = - this[key] - ?: throw IllegalArgumentException("Missing configuration property '$key'") - - private val httpClient = DefaultOAuth2HttpClient() - private val accessTokenService = setupOAuth2AccessTokenService(httpClient = httpClient) - - override fun isApplicable(auth: HttpAuthHeader): Boolean = true - - override suspend fun addRequestHeaders( - request: HttpRequestBuilder, - authHeader: HttpAuthHeader? - ) { - accessTokenService.getAccessToken(clientPropertiesConfig)?.accessToken.also { - request.headers[HttpHeaders.Authorization] = "Bearer $it" - } - } -} - -internal fun setupOAuth2AccessTokenService(httpClient: DefaultOAuth2HttpClient): OAuth2AccessTokenService = - OAuth2AccessTokenService( - tokenResolver = { throw IllegalArgumentException("Skal ikke kalle denne") }, - onBehalfOfTokenClient = OnBehalfOfTokenClient(httpClient), - clientCredentialsTokenClient = ClientCredentialsTokenClient(httpClient), - clientCredentialsGrantCache = - OAuth2CacheFactory.accessTokenResponseCache( - maximumSize = 10, - skewInSeconds = Duration.ofMinutes(50L).toSeconds() - ), - tokenExchangeClient = TokenExchangeClient(httpClient) - ) \ No newline at end of file diff --git a/apps/etterlatte-proxy/src/main/kotlin/auth/DefaultOAuth2HttpClient.kt b/apps/etterlatte-proxy/src/main/kotlin/auth/DefaultOAuth2HttpClient.kt deleted file mode 100644 index 70bdfe35..00000000 --- a/apps/etterlatte-proxy/src/main/kotlin/auth/DefaultOAuth2HttpClient.kt +++ /dev/null @@ -1,43 +0,0 @@ -package no.nav.etterlatte.auth - -import com.fasterxml.jackson.annotation.JsonInclude -import com.fasterxml.jackson.databind.DeserializationFeature -import io.ktor.client.HttpClient -import io.ktor.client.call.body -import io.ktor.client.engine.okhttp.OkHttp -import io.ktor.client.plugins.contentnegotiation.ContentNegotiation -import io.ktor.client.request.forms.submitForm -import io.ktor.http.Parameters -import io.ktor.serialization.jackson.jackson -import kotlinx.coroutines.runBlocking -import no.nav.security.token.support.client.core.http.OAuth2HttpClient -import no.nav.security.token.support.client.core.http.OAuth2HttpRequest -import no.nav.security.token.support.client.core.oauth2.OAuth2AccessTokenResponse - -class DefaultOAuth2HttpClient : OAuth2HttpClient { - private val defaultHttpClient = - HttpClient(OkHttp) { - install(ContentNegotiation) { - expectSuccess = true - jackson { - configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false) - setSerializationInclusion(JsonInclude.Include.NON_NULL) - } - } - } - - // Override default POST with other form parameters specified for Idp request - override fun post(request: OAuth2HttpRequest): OAuth2AccessTokenResponse = - runBlocking { - defaultHttpClient - .submitForm( - url = request.tokenEndpointUrl.toString(), - formParameters = - Parameters.build { - request.formParameters.forEach { - append(it.key, it.value) - } - } - ).body() - } -} \ No newline at end of file diff --git a/apps/etterlatte-proxy/src/main/kotlin/routes/InternalRoute.kt b/apps/etterlatte-proxy/src/main/kotlin/routes/InternalRoute.kt index 1c68a99a..8e7a9168 100644 --- a/apps/etterlatte-proxy/src/main/kotlin/routes/InternalRoute.kt +++ b/apps/etterlatte-proxy/src/main/kotlin/routes/InternalRoute.kt @@ -1,31 +1,37 @@ package no.nav.etterlatte.routes -import io.ktor.http.ContentType +import io.ktor.http.HttpStatusCode import io.ktor.server.application.call -import io.ktor.server.response.respondText -import io.ktor.server.response.respondTextWriter +import io.ktor.server.response.respond import io.ktor.server.routing.Route import io.ktor.server.routing.get import io.ktor.server.routing.route -import io.prometheus.client.CollectorRegistry -import io.prometheus.client.exporter.common.TextFormat +import io.micrometer.core.instrument.Clock +import io.micrometer.prometheusmetrics.PrometheusConfig +import io.micrometer.prometheusmetrics.PrometheusMeterRegistry +import io.prometheus.metrics.model.registry.PrometheusRegistry + +object Metrikker { + private val collectorRegistry = PrometheusRegistry.defaultRegistry + + val registry = + PrometheusMeterRegistry( + PrometheusConfig.DEFAULT, + collectorRegistry, + Clock.SYSTEM, + ) +} fun Route.internalRoute() { route("/internal") { get("/is_alive") { - call.respondText { "Alive" } + call.respond(HttpStatusCode.OK) } get("/is_ready") { - call.respondText { "Ready" } + call.respond(HttpStatusCode.OK) } get("/metrics") { - val names = - call.request.queryParameters - .getAll("name[]") - ?.toSet() ?: emptySet() - call.respondTextWriter(ContentType.parse(TextFormat.CONTENT_TYPE_004)) { - TextFormat.write004(this, CollectorRegistry.defaultRegistry.filteredMetricFamilySamples(names)) - } + call.respond(Metrikker.registry) } } } \ No newline at end of file diff --git a/apps/etterlatte-proxy/src/main/kotlin/routes/TilbakekrevingRoute.kt b/apps/etterlatte-proxy/src/main/kotlin/routes/TilbakekrevingRoute.kt index f3a33677..e5ccb54d 100644 --- a/apps/etterlatte-proxy/src/main/kotlin/routes/TilbakekrevingRoute.kt +++ b/apps/etterlatte-proxy/src/main/kotlin/routes/TilbakekrevingRoute.kt @@ -5,10 +5,8 @@ import io.ktor.server.application.call import io.ktor.server.application.log import io.ktor.server.request.receive import io.ktor.server.response.respond -import io.ktor.server.response.respondText import io.ktor.server.routing.Route import io.ktor.server.routing.application -import io.ktor.server.routing.get import io.ktor.server.routing.post import no.nav.okonomi.tilbakekrevingservice.KravgrunnlagHentDetaljRequest import no.nav.okonomi.tilbakekrevingservice.TilbakekrevingPortType diff --git a/apps/etterlatte-proxy/src/test/kotlin/ApplicationTest.kt b/apps/etterlatte-proxy/src/test/kotlin/ApplicationTest.kt index 37cd8ae7..01519aa0 100644 --- a/apps/etterlatte-proxy/src/test/kotlin/ApplicationTest.kt +++ b/apps/etterlatte-proxy/src/test/kotlin/ApplicationTest.kt @@ -48,7 +48,6 @@ internal class ApplicationTest { client.get("internal/is_alive").also { assertEquals(HttpStatusCode.OK, it.status) - assertEquals("Alive", it.body()) } } } diff --git a/buildSrc/src/main/kotlin/etterlatte.common.gradle.kts b/buildSrc/src/main/kotlin/etterlatte.common.gradle.kts index f5ac1b55..f58b014a 100644 --- a/buildSrc/src/main/kotlin/etterlatte.common.gradle.kts +++ b/buildSrc/src/main/kotlin/etterlatte.common.gradle.kts @@ -12,6 +12,13 @@ repositories { mavenCentral() maven("https://packages.confluent.io/maven/") maven("https://jitpack.io") + maven { + url = uri("https://maven.pkg.github.com/navikt/rapids-and-rivers") + credentials { + username = "token" + password = System.getenv("GITHUB_TOKEN") + } + } } dependencies { diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 64f71d63..3bc6ac28 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -3,7 +3,6 @@ cutterslade-analyze = { id = "ca.cutterslade.analyze", version = "1.10.0" } [versions] -navfelles-token-version = "5.0.5" ktor-version = "2.3.12" jupiter-version = "5.11.0" cxf-version = "4.0.5" # Obs: Når vi oppgraderer denne, bør vi også kunne rydde bort guava og guava-workarounden @@ -13,36 +12,26 @@ angus-version = "1.1.0" [libraries] #NavFelles -rapidAndRivers = { module = "com.github.navikt:rapids-and-rivers", version = "2024010209171704183456.6d035b91ffb4" } +rapidAndRivers = { module = "com.github.navikt:rapids-and-rivers", version = "2024082313161724411773.1db923f4402d" } brukernotifikasjonSchemas = { module = "com.github.navikt:brukernotifikasjon-schemas", version = "2.5.2"} mockOauth2Server = { module = "no.nav.security:mock-oauth2-server", version = "2.1.9"} -navFellesTokenClientCore = { module = "no.nav.security:token-client-core", version.ref = "navfelles-token-version"} tjenestespesifikasjonerTilbakekreving = { module = "com.github.navikt.pensjon-etterlatte-tjenestespesifikasjoner:tilbakekreving-v1-tjenestespesifikasjon", version = "1.d27898d"} tjenestespesifikasjonerOppdragSimulering = { module = "com.github.navikt.pensjon-etterlatte-tjenestespesifikasjoner:nav-system-os-simuler-fp-service-tjenestespesifikasjon", version = "1.d27898d"} #Ktor ktor-callLogging = { module = "io.ktor:ktor-server-call-logging", version.ref = "ktor-version"} -ktor-clientCore = { module = "io.ktor:ktor-client-core", version.ref = "ktor-version"} ktor-clientApache = { module = "io.ktor:ktor-client-apache", version.ref = "ktor-version"} -ktor-clientAuth = { module = "io.ktor:ktor-client-auth", version.ref = "ktor-version"} ktor-clientContentNegotiation = { module = "io.ktor:ktor-client-content-negotiation", version.ref = "ktor-version"} ktor-clientLogging = { module = "io.ktor:ktor-client-logging", version.ref = "ktor-version" } ktor-jackson = { module = "io.ktor:ktor-serialization-jackson", version.ref = "ktor-version" } ktor-serverAuth = { module = "io.ktor:ktor-server-auth", version.ref = "ktor-version" } ktor-serverAuthJwt = { module = "io.ktor:ktor-server-auth-jwt", version.ref = "ktor-version" } -ktor-serverCore = { module = "io.ktor:ktor-server-core", version.ref = "ktor-version" } ktor-serverContentNegotiation = { module = "io.ktor:ktor-server-content-negotiation", version.ref = "ktor-version" } ktor-serverNetty = { module = "io.ktor:ktor-server-netty", version.ref = "ktor-version" } -ktor-okHttp = { module = "io.ktor:ktor-client-okhttp", version.ref = "ktor-version" } ktor-serverTests = { module = "io.ktor:ktor-server-tests", version.ref = "ktor-version" } -#Jackson -jacksonDatatypejsr310 = { module = "com.fasterxml.jackson.datatype:jackson-datatype-jsr310", version = "2.17.2" } - #Kafka -kafka-clients = { module = "org.apache.kafka:kafka-clients", version = "3.8.0"} kafka-avro-serializer = { module = "io.confluent:kafka-avro-serializer", version = "7.6.0"} -commons-compress = { module = "org.apache.commons:commons-compress", version = "1.27.1" } #Jupiter jupiter-api = { module = "org.junit.jupiter:junit-jupiter-api", version.ref = "jupiter-version" } @@ -55,7 +44,7 @@ logging-logbackClassic = { module = "ch.qos.logback:logback-classic", version = logging-logstashLogbackEncoder = { module = "net.logstash.logback:logstash-logback-encoder", version = "8.0"} #Micrometer -micrometer-prometheus = { module = "io.micrometer:micrometer-registry-prometheus", version = "1.12.5"} +micrometer-prometheus = { module = "io.micrometer:micrometer-registry-prometheus", version = "1.13.3"} #MockK mockk = { module = "io.mockk:mockk", version = "1.13.12" } From c3e2177668d8f3d05d960bed279f225e6db1c2ff Mon Sep 17 00:00:00 2001 From: Mads Opheim Date: Tue, 10 Sep 2024 08:38:28 +0200 Subject: [PATCH 2/5] Commons-compress skulle ikkje bort her --- apps/etterlatte-notifikasjoner/build.gradle.kts | 1 + gradle/libs.versions.toml | 1 + 2 files changed, 2 insertions(+) diff --git a/apps/etterlatte-notifikasjoner/build.gradle.kts b/apps/etterlatte-notifikasjoner/build.gradle.kts index a4b5ecb8..ffe5088f 100644 --- a/apps/etterlatte-notifikasjoner/build.gradle.kts +++ b/apps/etterlatte-notifikasjoner/build.gradle.kts @@ -8,6 +8,7 @@ dependencies { implementation(libs.brukernotifikasjonSchemas) { exclude("org.apache.commons", "commons-compress") } + implementation(libs.commons.compress) implementation(libs.kafka.avro.serializer) { exclude(group = "org.slf4j", module = "slf4j-log4j12") } diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 3bc6ac28..b128723a 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -32,6 +32,7 @@ ktor-serverTests = { module = "io.ktor:ktor-server-tests", version.ref = "ktor-v #Kafka kafka-avro-serializer = { module = "io.confluent:kafka-avro-serializer", version = "7.6.0"} +commons-compress = { module = "org.apache.commons:commons-compress", version = "1.27.1" } #Jupiter jupiter-api = { module = "org.junit.jupiter:junit-jupiter-api", version.ref = "jupiter-version" } From b227c23ffbb1e7fc891f0eb44d8a68634dfd9c9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Oliver=20S=C3=B8berg?= <82504565+sebassonav@users.noreply.github.com> Date: Tue, 10 Sep 2024 09:09:52 +0200 Subject: [PATCH 3/5] =?UTF-8?q?=C3=98ke=20kafka=20til=202=20uker=20(#324)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .deploy/topic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.deploy/topic.yaml b/.deploy/topic.yaml index 8fb7db89..1cba205d 100644 --- a/.deploy/topic.yaml +++ b/.deploy/topic.yaml @@ -13,7 +13,7 @@ spec: partitions: 1 replication: 3 # see min/max requirements retentionBytes: -1 # -1 means unlimited - retentionHours: 168 # -1 means unlimited + retentionHours: 336 # 2 uker acl: - team: etterlatte application: dodsfall-fra-leesah From 3a0c2a4e7ae5304ba4accdefdbe58f8c557bcb01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Oliver=20S=C3=B8berg?= <82504565+sebassonav@users.noreply.github.com> Date: Tue, 10 Sep 2024 09:14:58 +0200 Subject: [PATCH 4/5] =?UTF-8?q?=C3=98ke=20kafka=20til=202=20uker=20lagring?= =?UTF-8?q?=20(#325)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .deploy/topic-prod.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.deploy/topic-prod.yaml b/.deploy/topic-prod.yaml index f265f32b..4c00945c 100644 --- a/.deploy/topic-prod.yaml +++ b/.deploy/topic-prod.yaml @@ -13,7 +13,7 @@ spec: partitions: 1 replication: 3 # see min/max requirements retentionBytes: -1 # -1 means unlimited - retentionHours: 168 # -1 means unlimited + retentionHours: 336 # 2 uker acl: - team: etterlatte application: dodsfall-fra-leesah From 84046bfb4ab441f60930cc157081a1f53839d45d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Oliver=20S=C3=B8berg?= Date: Tue, 10 Sep 2024 09:21:59 +0200 Subject: [PATCH 5/5] Update readme --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 74776321..2cba5d26 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,9 @@ Monorepo med apper som er felles for Team Etterlatte Legg inn appen i `.deploy/topic.yaml` for dev, `.deploy/topic-prod.yaml` for prod. Etter at det er lagt inn kan du oppdatere topicet ved å kjøre +## For å oppdatere endringer i topic yamler kjør dette: +### Obs: Må stå samme path som filen(e) +https://docs.nais.io/persistence/kafka/how-to/create/?h=kafka+topic#apply-the-topic-resource ``` kubectl apply -f .deploy/topic.yaml ```