Merge master into update-fhir-server-versions branch

.github/workflows/chart-release.yaml

@@ -21,11 +21,6 @@ jobs:
           git config user.name "$GITHUB_ACTOR"
           git config user.email "[email protected]"
 
-      - name: Install Helm
-        uses: azure/setup-helm@v1
-        with:
-          version: v3.7.0
-
       - name: Add bitnami repo
         run: helm repo add bitnami https://charts.bitnami.com/bitnami
 

.github/workflows/chart-test.yaml

@@ -43,11 +43,6 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Set up Helm
-        uses: azure/setup-helm@v1
-        with:
-          version: v3.7.0
-
       - name: Set up chart-testing
         uses: helm/[email protected]
 

.github/workflows/cucumber-integration-test.yml

@@ -53,15 +53,18 @@ jobs:
           TEST_RAIL_PASSWORD: ${{ secrets.TEST_RAIL_PASSWORD }}
           TEST_RAIL_URL: ${{ secrets.TEST_RAIL_URL }}
 
-      - name: Disable hapi fhir keycloak authentication
+      - name: Update hapi fhir application yaml
         run: |
           sed -i 's/keycloak:/keycloak:\n\ \ \enabled:\ false/g' src/main/resources/application.yaml
+          sed -i 's/hibernate.dialect: ca.uhn.fhir.jpa.model.dialect.HapiFhirH2Dialect/hibernate.dialect: org.hibernate.dialect.PostgreSQLDialect/g' src/main/resources/application.yaml
+          sed -i 's/hibernate.dialect: org.hibernate.dialect.PostgreSQLDialect/hibernate.dialect: org.hibernate.dialect.PostgreSQLDialect\n\ \ \ \ \ \ \hibernate.hbm2ddl.auto: update/g' src/main/resources/application.yaml
 
       - name: Run hapi fhir server
         run: mvn clean spring-boot:run -Pboot > /dev/null 2>&1 &
 
-      - name: Wait for hapi fhir server to be reachable
-        run: while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:8080/fhir/Patient)" != "200" ]]; do sleep 5; done
+      - name: Wait (max 2 mins) for hapi fhir server to be reachable
+        run: |
+          count=0; while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:8080/fhir/Patient)" != "200" ]]; do if [[ count -lt 24 ]]; then ((count=count+1)); else exit 1; fi; sleep 5; done
 
       - name: Run integration test
         run: mvn -f tools/api-automation/ clean test

README.md

@@ -354,10 +354,14 @@ elasticsearch.schema_management_strategy=CREATE
 
 Set `hapi.fhir.lastn_enabled=true` in the [application.yaml](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/application.yaml) file to enable the $lastn operation on this server.  Note that the $lastn operation relies on Elasticsearch, so for $lastn to work, indexing must be enabled using Elasticsearch.
 
+## Enabling Resource to be stored in Lucene Index
+
+Set `hapi.fhir.store_resource_in_lucene_index_enabled` in the [application.yaml](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/application.yaml) file to enable storing of resource json along with Lucene/Elasticsearch index mappings.
+
 ## Changing cached search results time
 
-It is possible to change the cached search results time. The option `reuse_cached_search_results_millis` in the [application.yaml] is 6000 miliseconds by default.
-Set `reuse_cached_search_results_millis: -1` in the [application.yaml] file to ignore the cache time every search. 
+It is possible to change the cached search results time. The option `reuse_cached_search_results_millis` in the [application.yaml](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/application.yaml) is 6000 miliseconds by default.
+Set `reuse_cached_search_results_millis: -1` in the [application.yaml](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/application.yaml) file to ignore the cache time every search. 
 
 ## Build the distroless variant of the image (for lower footprint and improved security)
 
@@ -368,7 +372,7 @@ using the `gcr.io/distroless/java-debian10:11` base image:
 docker build --target=release-distroless -t hapi-fhir:distroless .
 ```
 
-Note that distroless images are also automatically build and pushed to the container registry,
+Note that distroless images are also automatically built and pushed to the container registry,
 see the `-distroless` suffix in the image tags.
 
 ## Adding custom operations

charts/hapi-fhir-jpaserver/Chart.yaml

@@ -18,6 +18,9 @@ annotations:
     # added, changed, deprecated, removed, fixed, and security.
     - kind: changed
       description: |
-        updated HAPI FHIR starter image to 5.5.1
-appVersion: v5.5.1
-version: 0.6.0
+        updated HAPI FHIR starter image to 5.6.0
+    - kind: added
+      description: |
+        added support for configuring PodDisruptionBudget for the server pods
+appVersion: v5.6.0
+version: 0.7.0

charts/hapi-fhir-jpaserver/README.md

@@ -1,6 +1,6 @@
 # HAPI FHIR JPA Server Starter Helm Chart
 
-![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v5.5.1](https://img.shields.io/badge/AppVersion-v5.5.1-informational?style=flat-square)
+![Version: 0.7.0](https://img.shields.io/badge/Version-0.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v5.6.0](https://img.shields.io/badge/AppVersion-v5.6.0-informational?style=flat-square)
 
 This helm chart will help you install the HAPI FHIR JPA Server in a Kubernetes environment.
 
@@ -11,6 +11,9 @@ helm repo add hapifhir https://hapifhir.github.io/hapi-fhir-jpaserver-starter/
 helm install --render-subchart-notes hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
 ```
 
+> ⚠ By default, the included [PostgreSQL Helm chart](https://github.com/bitnami/charts/tree/master/bitnami/postgresql#upgrading)
+> auto-generates a random password for the database which may cause problems when upgrading the chart (see [here for details](https://github.com/bitnami/charts/tree/master/bitnami/postgresql#upgrading)).
+
 ## Values
 
 | Key | Type | Default | Description |
@@ -24,11 +27,12 @@ helm install --render-subchart-notes hapi-fhir-jpaserver hapifhir/hapi-fhir-jpas
 | externalDatabase.password | string | `""` | database password |
 | externalDatabase.port | int | `5432` | database port number |
 | externalDatabase.user | string | `"fhir"` | username for the external database |
+| extraEnv | list | `[]` | extra environment variables to set on the server container |
 | fullnameOverride | string | `""` | override the chart fullname |
 | image.flavor | string | `"distroless"` | the flavor or variant of the image to use. appended to the image tag by `-`. |
-| image.pullPolicy | string | `"IfNotPresent"` |  |
-| image.registry | string | `"docker.io"` |  |
-| image.repository | string | `"hapiproject/hapi"` |  |
+| image.pullPolicy | string | `"IfNotPresent"` | image pullPolicy to use |
+| image.registry | string | `"docker.io"` | registry where the HAPI FHIR server image is hosted |
+| image.repository | string | `"hapiproject/hapi"` | the path inside the repository |
 | image.tag | string | `""` | defaults to `Chart.appVersion` |
 | imagePullSecrets | list | `[]` | image pull secrets to use when pulling the image |
 | ingress.annotations | object | `{}` | provide any additional annotations which may be required. Evaluated as a template. |
@@ -43,6 +47,9 @@ helm install --render-subchart-notes hapi-fhir-jpaserver hapifhir/hapi-fhir-jpas
 | networkPolicy.explicitNamespacesSelector | object | `{}` | a Kubernetes LabelSelector to explicitly select namespaces from which ingress traffic could be allowed |
 | nodeSelector | object | `{}` | node selector for the pod |
 | podAnnotations | object | `{}` | annotations applied to the server pod |
+| podDisruptionBudget.enabled | bool | `false` | Enable PodDisruptionBudget for the server pods. uses policy/v1/PodDisruptionBudget thus requiring k8s 1.21+ |
+| podDisruptionBudget.maxUnavailable | string | `""` | maximum unavailable instances |
+| podDisruptionBudget.minAvailable | int | `1` | minimum available instances |
 | podSecurityContext | object | `{}` | pod security context |
 | postgresql.containerSecurityContext.allowPrivilegeEscalation | bool | `false` |  |
 | postgresql.containerSecurityContext.capabilities.drop[0] | string | `"ALL"` |  |
@@ -61,14 +68,26 @@ helm install --render-subchart-notes hapi-fhir-jpaserver hapifhir/hapi-fhir-jpas
 | securityContext.readOnlyRootFilesystem | bool | `true` |  |
 | securityContext.runAsNonRoot | bool | `true` |  |
 | securityContext.runAsUser | int | `65532` |  |
-| service.port | int | `8080` |  |
-| service.type | string | `"ClusterIP"` |  |
+| service.port | int | `8080` | port where the server will be exposed at |
+| service.type | string | `"ClusterIP"` | service type |
 | startupProbe.failureThreshold | int | `10` |  |
 | startupProbe.initialDelaySeconds | int | `60` |  |
 | startupProbe.periodSeconds | int | `30` |  |
 | startupProbe.successThreshold | int | `1` |  |
 | startupProbe.timeoutSeconds | int | `30` |  |
 | tolerations | list | `[]` | pod tolerations |
 
+## Development
+
+To update the Helm chart when a new version of the `hapiproject/hapi` image is released, the [Chart.yaml](Chart.yaml)'s
+`appVersion` and `version` fields need to be updated accordingly. Afterwards, re-generate the [README.md](README.md)
+by running:
+
+```sh
+$ helm-docs
+INFO[2021-11-20T12:38:04Z] Found Chart directories [charts/hapi-fhir-jpaserver]
+INFO[2021-11-20T12:38:04Z] Generating README Documentation for chart /usr/src/app/charts/hapi-fhir-jpaserver
+```
+
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0)

charts/hapi-fhir-jpaserver/README.md.gotmpl

@@ -11,6 +11,21 @@ helm repo add hapifhir https://hapifhir.github.io/hapi-fhir-jpaserver-starter/
 helm install --render-subchart-notes hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
 ```
 
+> ⚠ By default, the included [PostgreSQL Helm chart](https://github.com/bitnami/charts/tree/master/bitnami/postgresql#upgrading)
+> auto-generates a random password for the database which may cause problems when upgrading the chart (see [here for details](https://github.com/bitnami/charts/tree/master/bitnami/postgresql#upgrading)).
+
 {{ template "chart.valuesSection" . }}
 
+## Development
+
+To update the Helm chart when a new version of the `hapiproject/hapi` image is released, the [Chart.yaml](Chart.yaml)'s
+`appVersion` and `version` fields need to be updated accordingly. Afterwards, re-generate the [README.md](README.md)
+by running:
+
+```sh
+$ helm-docs
+INFO[2021-11-20T12:38:04Z] Found Chart directories [charts/hapi-fhir-jpaserver]
+INFO[2021-11-20T12:38:04Z] Generating README Documentation for chart /usr/src/app/charts/hapi-fhir-jpaserver
+```
+
 {{ template "helm-docs.versionFooter" . }}

charts/hapi-fhir-jpaserver/templates/poddisruptionbudget.yaml

@@ -0,0 +1,18 @@
+{{- if .Values.podDisruptionBudget.enabled }}
+kind: PodDisruptionBudget
+apiVersion: policy/v1
+metadata:
+  name: {{ include "hapi-fhir-jpaserver.fullname" . }}
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+spec:
+  {{- if .Values.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 6 }}
+{{- end }}

charts/hapi-fhir-jpaserver/values.yaml

@@ -2,13 +2,16 @@
 replicaCount: 1
 
 image:
+  # -- registry where the HAPI FHIR server image is hosted
   registry: docker.io
+  # -- the path inside the repository
   repository: hapiproject/hapi
   # -- defaults to `Chart.appVersion`
   tag: ""
   # -- the flavor or variant of the image to use.
   # appended to the image tag by `-`.
   flavor: "distroless"
+  # -- image pullPolicy to use
   pullPolicy: IfNotPresent
 
 # -- image pull secrets to use when pulling the image
@@ -42,7 +45,9 @@ securityContext:
 
 # service to expose the server
 service:
+  # -- service type
   type: ClusterIP
+  # -- port where the server will be exposed at
   port: 8080
 
 ingress:
@@ -157,3 +162,18 @@ networkPolicy:
   #       matchLabels:
   #         app.kubernetes.io/name: {{ $.Release.Name }}
   allowedFrom: []
+
+# -- extra environment variables to set on the server container
+extraEnv:
+  []
+  # - name: SPRING_FLYWAY_BASELINE_ON_MIGRATE
+  #   value: "true"
+
+podDisruptionBudget:
+  # -- Enable PodDisruptionBudget for the server pods.
+  # uses policy/v1/PodDisruptionBudget thus requiring k8s 1.21+
+  enabled: false
+  # -- minimum available instances
+  minAvailable: 1
+  # -- maximum unavailable instances
+  maxUnavailable: ""

pom.xml

@@ -14,20 +14,21 @@
     <parent>
         <groupId>ca.uhn.hapi.fhir</groupId>
         <artifactId>hapi-fhir</artifactId>
-		  <version>5.7.0-PRE8-SNAPSHOT</version>
+		  <version>5.7.0</version>
     </parent>
 
     <artifactId>hapi-fhir-jpaserver-starter</artifactId>
     <groupId>org.smartregister</groupId>
-    <version>5.5.3-SNAPSHOT</version>
+    <version>5.6.3-SNAPSHOT</version>
 
     <properties>
         <java.version>8</java.version>
-        <hapi.fhir.version>5.7.0-PRE8-SNAPSHOT</hapi.fhir.version>
+        <hapi.fhir.version>5.7.0</hapi.fhir.version>
+        <spring_boot_version>2.5.6</spring_boot_version>
     </properties>
 
     <prerequisites>
-        <maven>3.6.3</maven>
+        <maven>3.8.3</maven>
     </prerequisites>
 
     <packaging>war</packaging>
@@ -59,24 +60,21 @@
         <dependency>
             <groupId>mysql</groupId>
             <artifactId>mysql-connector-java</artifactId>
-            <version>8.0.25</version>
         </dependency>
-        <!-- https://mvnrepository.com/artifact/org.postgresql/postgresql -->
         <dependency>
             <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>
-            <version>42.2.23</version>
         </dependency>
 
         <!-- Needed for Email subscriptions -->
         <dependency>
-            <groupId>com.sun.mail</groupId>
-            <artifactId>javax.mail</artifactId>
+            <groupId>org.simplejavamail</groupId>
+            <artifactId>simple-java-mail</artifactId>
             <version>1.6.2</version>
             <exclusions>
                 <exclusion>
-                    <groupId>javax.activation</groupId>
-                    <artifactId>activation</artifactId>
+                    <groupId>jakarta.annotation</groupId>
+                    <artifactId>jakarta.annotation-api</artifactId>
                 </exclusion>
             </exclusions>
         </dependency>
@@ -87,6 +85,12 @@
             <artifactId>hapi-fhir-base</artifactId>
             <version>${hapi.fhir.version}</version>
         </dependency>
+        <!-- This dependency includes the EmailSenderImpl we will be using instead of standard javamail.-->
+        <dependency>
+            <groupId>ca.uhn.hapi.fhir</groupId>
+            <artifactId>hapi-fhir-jpaserver-subscription</artifactId>
+            <version>${hapi.fhir.version}</version>
+        </dependency>
 
         <!-- This dependency includes the JPA server itself, which is packaged separately from the rest of HAPI FHIR -->
         <dependency>
@@ -116,6 +120,12 @@
             <artifactId>hapi-fhir-jpaserver-mdm</artifactId>
             <version>${hapi.fhir.version}</version>
         </dependency>
+        <!-- This dependency includes the OpenAPI Server -->
+        <dependency>
+            <groupId>ca.uhn.hapi.fhir</groupId>
+            <artifactId>hapi-fhir-server-openapi</artifactId>
+            <version>${hapi.fhir.version}</version>
+        </dependency>
         <!-- This dependency is used for the "FHIR Tester" web app overlay -->
         <dependency>
             <groupId>ca.uhn.hapi.fhir</groupId>
@@ -134,7 +144,7 @@
         <dependency>
             <groupId>org.smartregister</groupId>
             <artifactId>hapi-fhir-keycloak</artifactId>
-            <version>0.0.3-SNAPSHOT</version>
+            <version>0.0.7-SNAPSHOT</version>
         </dependency>
 
         <!-- This dependency holds all the code extensions that OpenSRP will build on top of Hapi-Fhir-->
@@ -144,6 +154,11 @@
             <version>0.0.4-SNAPSHOT</version>
         </dependency>
 
+        <dependency>
+            <groupId>org.smartregister.hapi-fhir-opensrp-extensions</groupId>
+            <artifactId>practitioner</artifactId>
+            <version>0.0.4-SNAPSHOT</version>
+        </dependency>
 
         <!-- HAPI-FHIR uses Logback for logging support. The logback library is included automatically by Maven as a part of the hapi-fhir-base dependency, but you also need to include a logging library. Logback
             is used here, but log4j would also be fine. -->
@@ -169,7 +184,7 @@
         <dependency>
             <groupId>org.yaml</groupId>
             <artifactId>snakeyaml</artifactId>
-            <version>1.29</version>
+            <version>1.30</version>
         </dependency>
 
         <!-- Used for CORS support -->
@@ -202,7 +217,7 @@
         <dependency>
             <groupId>org.webjars</groupId>
             <artifactId>bootstrap</artifactId>
-            <version>3.4.1</version>
+            <version>5.1.3</version>
         </dependency>
         <dependency>
             <groupId>org.webjars</groupId>