diff --git a/.github/workflows/app.udi-stub.yml b/.github/workflows/app.udi-stub.yml index 839be1717ae..9422e05c872 100644 --- a/.github/workflows/app.udi-stub.yml +++ b/.github/workflows/app.udi-stub.yml @@ -1,4 +1,4 @@ -name: testnav-udi-stub +name: udi-stub on: push: diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 68d139b3d80..16c25d9ff37 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -1,16 +1,9 @@ name: Integration Tests on: push: - branches: - - master paths: - 'apps/bruker-service/**' - 'apps/person-organisasjon-tilgang-service/**' - pull_request: - paths: - - 'apps/bruker-service/**' - - 'apps/person-organisasjon-tilgang-service/**' - types: [ ready_for_review, review_requested ] workflow_dispatch: jobs: diff --git a/README.md b/README.md index d49bd31bdfb..e706c96fbed 100644 --- a/README.md +++ b/README.md @@ -7,62 +7,16 @@ Info/lenker til Team Dollys interne verktøy finnes [her](https://navikt.github.io/testnorge/). ## Bygging/Kjøring -### Kjør lokalt - -**NB: `navtunnel` må kjøre, eller man må være logget inn med `naisdevice`** - -For å kunne hente ned alle avheningehter må det opprettes en Personal access tokens fra https://github.com/settings/tokens. Denne token må legges inn i system variabler NAV_TOKEN. - -Fra Mac -``` -/etc/profile -export NAV_TOKEN=xxxx-yyyy-zzzz -``` - -Gradle følger med prosjektet og `./gradlew build` vil derfor fungere. `gradle build` bruker lokalt installert Gradle. - - -### Utviklerimage -- Opprett Personal access tokens i Github og legg til token som systemvariabelen NAV_TOKEN (se forklaring over) -- Opprett `gradle.properties` under `C:/Users/%USERNAME%/.gradle` med innhold (bytt ut truststorepassord og -path): -``` -systemProp.http.proxyHost=webproxy-utvikler.nav.no -systemProp.http.proxyPort=8088 -systemProp.http.nonProxyHosts=localhost|127.0.0.1|*.local|*.adeo.no|*.nav.no|*.aetat.no|*.devillo.no|*.oera.no|*devel -systemProp.https.proxyHost=webproxy-utvikler.nav.no -systemProp.https.proxyPort=8088 -systemProp.https.nonProxyHosts=localhost|127.0.0.1|*.local|*.adeo.no|*.nav.no|*.aetat.no|*.devillo.no|*.oera.no|*devel -systemProp.javax.net.ssl.trustStorePassword=TRUSTSTORE_PASS -systemProp.javax.net.ssl.trustStore=TRUSTSTORE_PATH -``` -- Legg til sertifikat til truststore: https://plugins.gradle.org og https://repository-cdn.liferay.com/nexus/content/groups/public - - Åpne URL i nettleser - - Trykk på hengelås til venstre for URL og klikk på "Sertifikat" - - Velg fanen "Detaljer" og klikk "Kopier til fil". Last ned DER-kodet binær. Merk at sertifikatet får filformat .cer - - Sertifikat legges til TrustStore ved hjelp av kommandoen: - ``keytool -import -trustcacerts -alias ALIAS -file DIN_DOWNLOAD_DIR/SERTIFIKAT_FILNAVN.cer -keystore PATH_TIL_KEYSTORE/KEYSTORE_FILNAVN.jts`` -- Hvis punktene over ikke er tilstrekkelig og prosjektet sliter med å hente pakker fra maven, forsøk å legge til denne -under repositories i `java-conventions.gradle` (MERK! Denne må fjernes igjen før commit): -``` -maven { - url = uri('https://repo.adeo.no/repository/github-package-registry-navikt') - } -``` -## Dokumentasjon -Enhver applikasjon skal ha dokumentasjon i fila `/README.md`. Hver av disse filene må starte med -``` ---- -layout: default -title: min-app -parent: Applikasjoner ---- - -# min-app -[...] -``` -for å bli vist på riktig måte under https://navikt.github.io/testnorge. -README-filen skal beskrive kort hva appen er til, og hvordan den fungerer. Det er også fint om du beskriver kort -info om lokal kjøring osv. +> **Mac:** +> +> For å kjøre tester som bruker Testcontainers eller kjøre en applikasjon lokalt som krever en tjeneste kjørende i Docker så må disse miljøvariablene settes: +> +> `DOCKER_HOST=unix://${HOME}/.colima/default/docker.sock`\ +> `TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE=/var/run/docker.sock`\ +> `TESTCONTAINERS_RYUK_DISABLED=true` + +### Lokal kjøring +Se `README.md` for hver enkelt applikasjon/proxy. Felles dokumentasjon ligger i [/docs](./docs). ## Migrering inn i monorepo diff --git a/apps/adresse-service/README.md b/apps/adresse-service/README.md index 1d2e674abdb..bb4f382f69c 100644 --- a/apps/adresse-service/README.md +++ b/apps/adresse-service/README.md @@ -1,22 +1,7 @@ # Adresse-service Adresse-service gir tilgang til adresser fra PDL. Søk kan gjøres på postnummer, kommunenummer, fritekstsøk, mm - -## Swagger -Swagger finnes under [/swagger](https://testnav-adresse-service.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. ## Lokal kjøring -Ha naisdevice kjørende og kjør AdresseServiceApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=local ---add-opens java.base/java.lang=ALL-UNNAMED -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/adresse-service/build.gradle b/apps/adresse-service/build.gradle index bdf5ed3cd78..3bcd193a8e1 100644 --- a/apps/adresse-service/build.gradle +++ b/apps/adresse-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/adresse-service/settings.gradle b/apps/adresse-service/settings.gradle index 4d35f0bf0f4..6a2058d2d50 100644 --- a/apps/adresse-service/settings.gradle +++ b/apps/adresse-service/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/adresse-service/src/main/java/no/nav/testnav/apps/adresseservice/config/LocalVaultConfig.java b/apps/adresse-service/src/main/java/no/nav/testnav/apps/adresseservice/config/LocalVaultConfig.java deleted file mode 100644 index b0a329e7ca7..00000000000 --- a/apps/adresse-service/src/main/java/no/nav/testnav/apps/adresseservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.adresseservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/adresse-service/src/main/resources/application-local.yaml b/apps/adresse-service/src/main/resources/application-local.yaml index 7be8d69e501..4b75550d16b 100644 --- a/apps/adresse-service/src/main/resources/application-local.yaml +++ b/apps/adresse-service/src/main/resources/application-local.yaml @@ -1 +1,10 @@ -TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-adresse-service \ No newline at end of file +TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-adresse-service + +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/adresse-service/src/main/resources/application.yaml b/apps/adresse-service/src/main/resources/application.yaml index e899f831d91..98dbbe9e7bf 100644 --- a/apps/adresse-service/src/main/resources/application.yaml +++ b/apps/adresse-service/src/main/resources/application.yaml @@ -11,7 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/adresse-service/src/test/resources/application-test.properties b/apps/adresse-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/adresse-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/adresse-service/src/test/resources/application-test.yml b/apps/adresse-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..594f36142c8 --- /dev/null +++ b/apps/adresse-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false diff --git a/apps/amelding-service/README.md b/apps/amelding-service/README.md index 923ec838ef6..70164b7baec 100644 --- a/apps/amelding-service/README.md +++ b/apps/amelding-service/README.md @@ -1,20 +1,6 @@ # Amelding-service Service for å sende syntetiske arbeidsmeldinger videre til oppsummerings-dokument-service. -## Swagger -Swagger finnes under [/swagger](https://testnav-amelding-service.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. - ## Lokal kjøring -For å kjøre lokalt (AMeldingServiceApplicationStarter) må active profile settes til `dev`. I tillegg, må cloud vault token -hentes fra Vault. Vault token hentes ved at man logger inn i Vault, trykker på nedtrekksmenyen oppe til høyre, og -trykker på "Copy token". - -Disse verdiene fylles deretter inn i VM Options på IDE: - -Run -> Edit Configurations -> VM Options - -``` --Dspring.cloud.vault.token=(Copy token fra Vault) --Dspring.profiles.active=dev -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/amelding-service/build.gradle b/apps/amelding-service/build.gradle index bd7beae1b48..7fbda466bb1 100644 --- a/apps/amelding-service/build.gradle +++ b/apps/amelding-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:vault" implementation "no.nav.testnav.libs:commands" implementation "no.nav.testnav.libs:avro-schema" diff --git a/apps/amelding-service/settings.gradle b/apps/amelding-service/settings.gradle index 805045195b3..09582fbd408 100644 --- a/apps/amelding-service/settings.gradle +++ b/apps/amelding-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/amelding-service/src/main/java/no/nav/registre/testnav/ameldingservice/config/LocalVaultConfig.java b/apps/amelding-service/src/main/java/no/nav/registre/testnav/ameldingservice/config/LocalVaultConfig.java deleted file mode 100644 index 25a97458e07..00000000000 --- a/apps/amelding-service/src/main/java/no/nav/registre/testnav/ameldingservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnav.ameldingservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/amelding-service/src/main/resources/application-dev.yml b/apps/amelding-service/src/main/resources/application-dev.yml index 5dbf08bbfb3..e222fbad757 100644 --- a/apps/amelding-service/src/main/resources/application-dev.yml +++ b/apps/amelding-service/src/main/resources/application-dev.yml @@ -1,3 +1,11 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: oppsummeringsdokument-service: diff --git a/apps/amelding-service/src/main/resources/application.yml b/apps/amelding-service/src/main/resources/application.yml index 1698ea6a87f..e90182fd21e 100644 --- a/apps/amelding-service/src/main/resources/application.yml +++ b/apps/amelding-service/src/main/resources/application.yml @@ -11,7 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/amelding-service/src/main/resources/bootstrap.yml b/apps/amelding-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/amelding-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/amelding-service/src/test/resources/application-test.properties b/apps/amelding-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/amelding-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/amelding-service/src/test/resources/application-test.yml b/apps/amelding-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/amelding-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/app-tilgang-analyse-service/README.md b/apps/app-tilgang-analyse-service/README.md index dafe47ea7ff..c5a0c41033d 100644 --- a/apps/app-tilgang-analyse-service/README.md +++ b/apps/app-tilgang-analyse-service/README.md @@ -10,24 +10,16 @@ Swagger finnes under [/swagger](https://testnav-app-tilgang-analyse-service.inte applikasjonen. ## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) -### In Memmory DB -Ha naisdevice kjørende og kjør AppTilgangAnalyseServiceApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=local -``` - -### GCP DB +En egen Spring profile _localdb_ er satt opp for å kjøre med proxy mot applikasjonens reelle DB. -Kjør opp `cloud_sql_proxy` +Kjør `cloud_sql_proxy` i bakgrunnen. ``` -./cloud_sql_proxy -instances=dolly-dev-ff83:europe-north1:testnav-app-tilgang-analyse-service=tcp:3306 +> cloud_sql_proxy -instances=dolly-dev-ff83:europe-north1:testnav-app-tilgang-analyse-service=tcp:3306 ``` - -Ha naisdevice kjørende og kjør AppTilgangAnalyseServiceApplicationStarter med følgende argumenter: +Start applikasjonen med Spring profile _localdb_ og definer DB_PASSORD (kan hentes fra pod). ``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=localdb -DDB_PASSWORD=[passord for testnav-app-tilgang-analyse-service-db] -``` \ No newline at end of file +``` diff --git a/apps/app-tilgang-analyse-service/build.gradle b/apps/app-tilgang-analyse-service/build.gradle index a5f907e8394..aabf1cef55e 100644 --- a/apps/app-tilgang-analyse-service/build.gradle +++ b/apps/app-tilgang-analyse-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/app-tilgang-analyse-service/settings.gradle b/apps/app-tilgang-analyse-service/settings.gradle index 8ff81fe0643..9dbb9e11e77 100644 --- a/apps/app-tilgang-analyse-service/settings.gradle +++ b/apps/app-tilgang-analyse-service/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/app-tilgang-analyse-service/src/main/java/no/nav/testnav/apps/apptilganganalyseservice/config/LocalVaultConfig.java b/apps/app-tilgang-analyse-service/src/main/java/no/nav/testnav/apps/apptilganganalyseservice/config/LocalVaultConfig.java deleted file mode 100644 index 7de354716ed..00000000000 --- a/apps/app-tilgang-analyse-service/src/main/java/no/nav/testnav/apps/apptilganganalyseservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.apptilganganalyseservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile({"local", "localdb"}) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/app-tilgang-analyse-service/src/main/resources/application-local.yml b/apps/app-tilgang-analyse-service/src/main/resources/application-local.yml index ace32b615a4..6e81acdc788 100644 --- a/apps/app-tilgang-analyse-service/src/main/resources/application-local.yml +++ b/apps/app-tilgang-analyse-service/src/main/resources/application-local.yml @@ -1,5 +1,13 @@ spring: + config: + import: "sm://" flyway: url: jdbc:h2:mem:testdb username: sa - password: \ No newline at end of file + password: + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + diff --git a/apps/app-tilgang-analyse-service/src/main/resources/application-localdb.yml b/apps/app-tilgang-analyse-service/src/main/resources/application-localdb.yml index 7758f35c75d..baf2a030a5e 100644 --- a/apps/app-tilgang-analyse-service/src/main/resources/application-localdb.yml +++ b/apps/app-tilgang-analyse-service/src/main/resources/application-localdb.yml @@ -1,9 +1,16 @@ spring: + config: + import: "sm://" + flyway: + url: jdbc:postgresql://localhost:3306/testnav-app-tilgang-analyse-service-db + user: testnav-app-tilgang-analyse-service + password: ${DB_PASSWORD} r2dbc: url: r2dbc:postgresql://localhost:3306/testnav-app-tilgang-analyse-service-db username: testnav-app-tilgang-analyse-service password: ${DB_PASSWORD} - flyway: - url: jdbc:postgresql://localhost:3306/testnav-app-tilgang-analyse-service-db - username: testnav-app-tilgang-analyse-service - password: ${DB_PASSWORD} \ No newline at end of file + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/app-tilgang-analyse-service/src/main/resources/application.yml b/apps/app-tilgang-analyse-service/src/main/resources/application.yml index 3ec1b0c00ee..ebf58a884c3 100644 --- a/apps/app-tilgang-analyse-service/src/main/resources/application.yml +++ b/apps/app-tilgang-analyse-service/src/main/resources/application.yml @@ -1,9 +1,6 @@ AAD_ISSUER_URI: https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b spring: - cloud: - vault: - enabled: false application: version: application.version.todo #TODO Finn ut hvordan denne kan settes fra gradle name: testnav-app-tilgang-analyse-service @@ -14,7 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/app-tilgang-analyse-service/src/test/resources/application-test.yml b/apps/app-tilgang-analyse-service/src/test/resources/application-test.yml index 060eeae71e3..77a88244e60 100644 --- a/apps/app-tilgang-analyse-service/src/test/resources/application-test.yml +++ b/apps/app-tilgang-analyse-service/src/test/resources/application-test.yml @@ -1,9 +1,12 @@ DOLLY_READER_TOKEN: test +TOKEN_X_ISSUER: dummy spring: + cloud: + gcp: + secretmanager: + enabled: false flyway: url: jdbc:h2:mem:testdb username: sa - password: - -TOKEN_X_ISSUER: dummy \ No newline at end of file + password: \ No newline at end of file diff --git a/apps/arbeidsforhold-service/README.md b/apps/arbeidsforhold-service/README.md index 4aeb2e7829d..e25476ca6ec 100644 --- a/apps/arbeidsforhold-service/README.md +++ b/apps/arbeidsforhold-service/README.md @@ -1,19 +1,6 @@ # testnav-arbeidsforhold-service API for arbeidsforhold som hentes fra testnav-aareg-proxy. -## Swagger -Swagger finnes under [/swagger](https://testnav-arbeidsforhold-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør ArbeidsforholdApiApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/arbeidsforhold-service/build.gradle b/apps/arbeidsforhold-service/build.gradle index 9f7c5b47406..77cb3bf9c00 100644 --- a/apps/arbeidsforhold-service/build.gradle +++ b/apps/arbeidsforhold-service/build.gradle @@ -23,7 +23,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/arbeidsforhold-service/settings.gradle b/apps/arbeidsforhold-service/settings.gradle index dfcdf5023f1..936af046ee4 100644 --- a/apps/arbeidsforhold-service/settings.gradle +++ b/apps/arbeidsforhold-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/arbeidsforhold-service/src/main/java/no/nav/registre/testnorge/arbeidsforholdservice/config/LocalVaultConfig.java b/apps/arbeidsforhold-service/src/main/java/no/nav/registre/testnorge/arbeidsforholdservice/config/LocalVaultConfig.java deleted file mode 100644 index 0e6ad5ab37f..00000000000 --- a/apps/arbeidsforhold-service/src/main/java/no/nav/registre/testnorge/arbeidsforholdservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.arbeidsforholdservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/arbeidsforhold-service/src/main/resources/application-dev.yml b/apps/arbeidsforhold-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/arbeidsforhold-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/arbeidsforhold-service/src/main/resources/application.yml b/apps/arbeidsforhold-service/src/main/resources/application.yml index 1ede0997de3..9e816896986 100644 --- a/apps/arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/arbeidsforhold-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -27,10 +27,7 @@ consumers: namespace: dolly url: https://testnav-aareg-proxy.dev-fss-pub.nais.io cluster: dev-fss -spec: - azure: - application: - enabled: true + management: endpoints: enabled-by-default: true diff --git a/apps/arbeidsforhold-service/src/main/resources/bootstrap.yml b/apps/arbeidsforhold-service/src/main/resources/bootstrap.yml deleted file mode 100644 index ecb0a23c187..00000000000 --- a/apps/arbeidsforhold-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1 +0,0 @@ -spring.cloud.vault.enabled: false \ No newline at end of file diff --git a/apps/arbeidsforhold-service/src/test/resources/application-test.properties b/apps/arbeidsforhold-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/arbeidsforhold-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/arbeidsforhold-service/src/test/resources/application-test.yml b/apps/arbeidsforhold-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/arbeidsforhold-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/batch-bestilling-service/README.md b/apps/batch-bestilling-service/README.md index f9327b1d9be..237fac92fba 100644 --- a/apps/batch-bestilling-service/README.md +++ b/apps/batch-bestilling-service/README.md @@ -1,18 +1,6 @@ # Batch-bestilling-service App for å sende inn et stort antall bestillinger mot backend over tid, for å ikke overbelaste Dolly -## Swagger -Swagger finnes under [/swagger](https://testnav-batch-bestilling-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør MiljoerServiceApplicationStarter med følgende argumenter: -``` --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/batch-bestilling-service/build.gradle b/apps/batch-bestilling-service/build.gradle index 129a68b9273..fd98618053d 100644 --- a/apps/batch-bestilling-service/build.gradle +++ b/apps/batch-bestilling-service/build.gradle @@ -18,7 +18,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/batch-bestilling-service/config.yml b/apps/batch-bestilling-service/config.yml index 47787f147c3..4ed5aacd8ee 100644 --- a/apps/batch-bestilling-service/config.yml +++ b/apps/batch-bestilling-service/config.yml @@ -47,8 +47,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 200m diff --git a/apps/batch-bestilling-service/settings.gradle b/apps/batch-bestilling-service/settings.gradle index 2c9010e2117..c3664eb2a8d 100644 --- a/apps/batch-bestilling-service/settings.gradle +++ b/apps/batch-bestilling-service/settings.gradle @@ -13,7 +13,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-insecure-security' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/batch-bestilling-service/src/main/java/no/nav/registre/testnorge/batchbestillingservice/config/LocalVaultConfig.java b/apps/batch-bestilling-service/src/main/java/no/nav/registre/testnorge/batchbestillingservice/config/LocalVaultConfig.java deleted file mode 100644 index efc8549b2a5..00000000000 --- a/apps/batch-bestilling-service/src/main/java/no/nav/registre/testnorge/batchbestillingservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.batchbestillingservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/batch-bestilling-service/src/main/resources/application-dev.yml b/apps/batch-bestilling-service/src/main/resources/application-dev.yml index 646701de3d6..c3bbec56cd7 100644 --- a/apps/batch-bestilling-service/src/main/resources/application-dev.yml +++ b/apps/batch-bestilling-service/src/main/resources/application-dev.yml @@ -1,3 +1,12 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + consumers: dolly-backend: url: https://dolly-backend.intern.dev.nav.no \ No newline at end of file diff --git a/apps/batch-bestilling-service/src/main/resources/application.yml b/apps/batch-bestilling-service/src/main/resources/application.yml index 2c0f29cb9dd..5e056d09e77 100644 --- a/apps/batch-bestilling-service/src/main/resources/application.yml +++ b/apps/batch-bestilling-service/src/main/resources/application.yml @@ -1,9 +1,6 @@ AAD_ISSUER_URI: https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b spring: - cloud: - vault: - enabled: false main: banner-mode: off application: @@ -15,7 +12,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/batch-bestilling-service/src/test/resources/application-test.properties b/apps/batch-bestilling-service/src/test/resources/application-test.properties deleted file mode 100644 index 483fe127f1f..00000000000 --- a/apps/batch-bestilling-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER= dummy \ No newline at end of file diff --git a/apps/batch-bestilling-service/src/test/resources/application-test.yml b/apps/batch-bestilling-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/batch-bestilling-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/brreg-stub/README.md b/apps/brreg-stub/README.md index 8603f36a855..221c8187996 100644 --- a/apps/brreg-stub/README.md +++ b/apps/brreg-stub/README.md @@ -15,9 +15,7 @@ For dokumentasjon av applikasjonen sine endepunkter: - `/api` - `WSDL: /ws` -## Deployment - -Applikasjonen deployes til dev-fss ved bruk av [Github Actions.](https://github.com/navikt/testnorge/actions) Nytt bygg trigges ved PR eller merge til master. - -Applikasjonen kan også startes opp lokalt ved å bruke LocalApplicationStarter +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Lokal PostgreSQL.](../../docs/local_db.md) diff --git a/apps/brreg-stub/build.gradle b/apps/brreg-stub/build.gradle index a87ac6709a9..9c396b61094 100644 --- a/apps/brreg-stub/build.gradle +++ b/apps/brreg-stub/build.gradle @@ -46,7 +46,6 @@ dependencies { implementation "org.flywaydb:flyway-core" implementation "org.flywaydb:flyway-database-postgresql" - implementation "com.h2database:h2" implementation "wsdl4j:wsdl4j" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" @@ -56,7 +55,6 @@ dependencies { implementation "no.nav.common:util" implementation "no.nav.common:cxf:3.2023.10.17_06.55-4e30d96bba05" - implementation "com.h2database:h2" implementation "com.sun.xml.ws:jaxws-rt:$versions.jaxws" testImplementation "org.testcontainers:junit-jupiter" testImplementation "org.testcontainers:postgresql" diff --git a/apps/brreg-stub/src/main/java/no/nav/brregstub/BrregApplicationLauncher.java b/apps/brreg-stub/src/main/java/no/nav/brregstub/BrregApplicationLauncher.java index 12faa239d78..8b8c4d7295d 100644 --- a/apps/brreg-stub/src/main/java/no/nav/brregstub/BrregApplicationLauncher.java +++ b/apps/brreg-stub/src/main/java/no/nav/brregstub/BrregApplicationLauncher.java @@ -1,6 +1,6 @@ package no.nav.brregstub; -import no.nav.testnav.libs.servletcore.util.VaultUtil; +import no.nav.testnav.libs.vault.VaultUtils; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @@ -9,10 +9,8 @@ public class BrregApplicationLauncher { public static void main(String[] args) { - - if ("prod".equals(System.getProperty("spring.profiles.active"))) { - VaultUtil.initCloudVaultToken(); - } + VaultUtils.initCloudVaultToken("prod"); SpringApplication.run(BrregApplicationLauncher.class, args); } + } diff --git a/apps/brreg-stub/src/main/java/no/nav/brregstub/config/LocalVaultConfig.java b/apps/brreg-stub/src/main/java/no/nav/brregstub/config/LocalVaultConfig.java deleted file mode 100644 index feb88f5e4b5..00000000000 --- a/apps/brreg-stub/src/main/java/no/nav/brregstub/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.brregstub.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/brreg-stub/src/main/resources/application-local.yaml b/apps/brreg-stub/src/main/resources/application-local.yaml index 228ab581635..445837b9c32 100644 --- a/apps/brreg-stub/src/main/resources/application-local.yaml +++ b/apps/brreg-stub/src/main/resources/application-local.yaml @@ -1,21 +1,13 @@ spring: datasource: - url: jdbc:h2:mem:testdb;MODE=PostgreSQL;DB_CLOSE_DELAY=-1 - driverClassName: org.h2.Driver - username: sa + url: jdbc:postgresql://localhost:5432/testnav-brregstub + username: postgres jpa: - database-platform: org.hibernate.dialect.H2Dialect show-sql: false hibernate: ddl-auto: create - h2: - console: - enabled: true - path: /h2-console cloud: vault: enabled: false - database: - enabled: false flyway: enabled: true \ No newline at end of file diff --git a/apps/brreg-stub/src/main/resources/application.yaml b/apps/brreg-stub/src/main/resources/application.yaml index f5cbfac1e91..de4ff173f11 100644 --- a/apps/brreg-stub/src/main/resources/application.yaml +++ b/apps/brreg-stub/src/main/resources/application.yaml @@ -1,8 +1,4 @@ spring: - jpa: - properties: - hibernate: - dialect: org.hibernate.dialect.PostgreSQLDialect application: name: brreg-stub diff --git a/apps/brreg-stub/src/test/resources/application-test.yml b/apps/brreg-stub/src/test/resources/application-test.yml index e76cddc54d0..286163d0877 100644 --- a/apps/brreg-stub/src/test/resources/application-test.yml +++ b/apps/brreg-stub/src/test/resources/application-test.yml @@ -5,6 +5,9 @@ spring: enabled: false database: enabled: false + gcp: + secretmanager: + enabled: false datasource: url: jdbc:tc:postgresql:15:///test_database username: user @@ -12,9 +15,3 @@ spring: jpa: hibernate: ddl-auto: create - -azure: - app: - client: - id: dummy - secret: dummy diff --git a/apps/bruker-service/README.md b/apps/bruker-service/README.md index 5298493fda3..ca72b5293bf 100644 --- a/apps/bruker-service/README.md +++ b/apps/bruker-service/README.md @@ -3,23 +3,6 @@ Service som henter og validerer en ansatt fra en reell organisasjon og brukes for autensiering ved bruk av våre applikasjoner som har bankId innlogging. -## Swagger - -Swagger finnes under [/swagger](https://testnav-bruker-service.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. - ## Lokal kjøring - -For å kjøre lokalt (BrukerServiceApplicationStarter) må active profile settes til `local`. I tillegg, må cloud vault -token hentes fra Vault. Vault token hentes ved at man logger inn i Vault, trykker på nedtrekksmenyen oppe til høyre, og -trykker på "Copy token". - -Disse verdiene fylles deretter inn i VM Options på IDE: - -Run -> Edit Configurations -> VM Options - -``` --Dspring.cloud.vault.token=(Copy token fra Vault) --Dspring.profiles.active=local -``` +* [Generelt.](../../docs/local_general.md) diff --git a/apps/bruker-service/build.gradle b/apps/bruker-service/build.gradle index 6c67a5154dd..6b0d94a958e 100644 --- a/apps/bruker-service/build.gradle +++ b/apps/bruker-service/build.gradle @@ -25,7 +25,6 @@ sonarqube { dependencies { implementation "com.auth0:java-jwt:$versions.jwt" - implementation "no.nav.testnav.libs:vault" implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" diff --git a/apps/bruker-service/settings.gradle b/apps/bruker-service/settings.gradle index 55f05ce5ca5..dabd186654a 100644 --- a/apps/bruker-service/settings.gradle +++ b/apps/bruker-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/integration-test' includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/bruker-service/src/main/java/no/nav/testnav/apps/brukerservice/config/LocalVaultConfig.java b/apps/bruker-service/src/main/java/no/nav/testnav/apps/brukerservice/config/LocalVaultConfig.java deleted file mode 100644 index ef803603f38..00000000000 --- a/apps/bruker-service/src/main/java/no/nav/testnav/apps/brukerservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.brukerservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/bruker-service/src/main/resources/application-virtual.yml b/apps/bruker-service/src/main/resources/application-virtual.yml index f0a38e20b8a..b45d934be91 100644 --- a/apps/bruker-service/src/main/resources/application-virtual.yml +++ b/apps/bruker-service/src/main/resources/application-virtual.yml @@ -1,4 +1,8 @@ spring: + cloud: + gcp: + secretmanager: + enabled: false security: oauth2: resourceserver: diff --git a/apps/bruker-service/src/main/resources/application.yml b/apps/bruker-service/src/main/resources/application.yml index 8e7c4794648..9f515a648c1 100644 --- a/apps/bruker-service/src/main/resources/application.yml +++ b/apps/bruker-service/src/main/resources/application.yml @@ -2,7 +2,7 @@ spring: application: version: application.version.todo name: testnav-bruker-service - desciption: Tjeneste for brukere + description: Tjeneste for brukere security: oauth2: resourceserver: diff --git a/apps/bruker-service/src/main/resources/bootstrap.yml b/apps/bruker-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/bruker-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/bruker-service/src/test/resources/application-test.yml b/apps/bruker-service/src/test/resources/application-test.yml index 4b0268cd2f4..5ac5d4b6204 100644 --- a/apps/bruker-service/src/test/resources/application-test.yml +++ b/apps/bruker-service/src/test/resources/application-test.yml @@ -4,6 +4,10 @@ JWT_SECRET: DUMMY SUPER SECRET JWT KEY THAT IS NOT SECURE TOKEN_X_CLIENT_ID: test spring: + cloud: + gcp: + secretmanager: + enabled: false flyway: url: jdbc:h2:mem:testdb username: sa diff --git a/apps/budpro-service/README.md b/apps/budpro-service/README.md index 3b225d22d36..795a11f3dcd 100644 --- a/apps/budpro-service/README.md +++ b/apps/budpro-service/README.md @@ -1,17 +1,14 @@ Dette er en tjeneste laget for Team BudPro, for å generere NAV-ansatte og deres informasjon. -Startes lokalt på samme måte som alle andre. Spring profile `local`, definer `spring.cloud.vault.token` fra Vault. -Swagger på http://localhost:8080/swagger. Se endepunkter under `budpro-controller`. Andre endepunkter er for å liste ut definerte grunnverdier. +Startes lokalt på samme måte som alle andre. Spring profile `local`. Se endepunkter under `budpro-controller`. Andre endepunkter er for å liste ut definerte grunnverdier. Kun én integrasjon, med _generer-navn-service_. **Kilder:** +* [Kommuner](https://www.ssb.no/klass/klassifikasjoner/131) +* [Stillinger](https://www.ssb.no/arbeid-og-lonn/sysselsetting/artikler/yrkeskatalogen) +* [Organisasjonsenhet](https://confluence.adeo.no/display/PK/PK-6917?preview=%2F68215567%2F101614076%2FHR+ORGANISASJONSSTRUKTUR2.xls) -*Kommuner:* -> https://www.ssb.no/klass/klassifikasjoner/131 - -*Stillinger:* -> https://www.ssb.no/arbeid-og-lonn/sysselsetting/artikler/yrkeskatalogen - -*Organisasjonsenhet:* -> https://confluence.adeo.no/display/PK/PK-6917?preview=%2F68215567%2F101614076%2FHR+ORGANISASJONSSTRUKTUR2.xls \ No newline at end of file +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/budpro-service/build.gradle b/apps/budpro-service/build.gradle index 1746c789889..4fc43f98721 100644 --- a/apps/budpro-service/build.gradle +++ b/apps/budpro-service/build.gradle @@ -10,7 +10,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/budpro-service/settings.gradle b/apps/budpro-service/settings.gradle index 8c47d75f7c5..1c99b24ef24 100644 --- a/apps/budpro-service/settings.gradle +++ b/apps/budpro-service/settings.gradle @@ -13,7 +13,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-insecure-security' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/budpro-service/src/main/java/no/nav/dolly/budpro/LocalVaultConfig.java b/apps/budpro-service/src/main/java/no/nav/dolly/budpro/LocalVaultConfig.java deleted file mode 100644 index f1db761cd03..00000000000 --- a/apps/budpro-service/src/main/java/no/nav/dolly/budpro/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.dolly.budpro; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/apps/budpro-service/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/apps/budpro-service/src/main/resources/META-INF/additional-spring-configuration-metadata.json index 85f8bbe8e52..303ccf6a7c6 100644 --- a/apps/budpro-service/src/main/resources/META-INF/additional-spring-configuration-metadata.json +++ b/apps/budpro-service/src/main/resources/META-INF/additional-spring-configuration-metadata.json @@ -29,6 +29,6 @@ { "name": "spring.security.oauth2.resourceserver.aad.accepted-audience", "type": "java.lang.String", - "description": "Accepted audience for Azure AD, i.e. '${azure.app.client.id}, api://${azure.app.client.id}'." + "description": "Accepted audience for Azure AD, i.e. ' ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID}'." } ] } \ No newline at end of file diff --git a/apps/budpro-service/src/main/resources/application-local.yml b/apps/budpro-service/src/main/resources/application-local.yml index d934bb26140..10148a7de46 100644 --- a/apps/budpro-service/src/main/resources/application-local.yml +++ b/apps/budpro-service/src/main/resources/application-local.yml @@ -1,13 +1,11 @@ spring: - cloud: - vault: - host: vault.adeo.no - port: 443 + config: + import: "sm://" security: oauth2: resourceserver: aad: - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} management: endpoints: diff --git a/apps/budpro-service/src/main/resources/application.yml b/apps/budpro-service/src/main/resources/application.yml index dbaf3135de7..2f26a58b56d 100644 --- a/apps/budpro-service/src/main/resources/application.yml +++ b/apps/budpro-service/src/main/resources/application.yml @@ -1,16 +1,13 @@ AAD_ISSUER_URI: https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b spring: - cloud: - vault: - enabled: false security: oauth2: resourceserver: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} management: endpoints: diff --git a/apps/budpro-service/src/test/resources/application-test.yml b/apps/budpro-service/src/test/resources/application-test.yml index e69de29bb2d..0aeb22a14f6 100644 --- a/apps/budpro-service/src/test/resources/application-test.yml +++ b/apps/budpro-service/src/test/resources/application-test.yml @@ -0,0 +1,5 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/dolly-backend/README.md b/apps/dolly-backend/README.md index 060a153a43d..1387ff52bc8 100644 --- a/apps/dolly-backend/README.md +++ b/apps/dolly-backend/README.md @@ -13,26 +13,8 @@ Applikasjonen legger også ved potensielle standard verdier som kreves i API vi trenger å ha noe forhold til under utfylling av bestilling. Noe data blir persistert i postgres db, som f.eks brukerne av Dolly, bestillingskriterier, hvem som har sendt de inn og status på disse. -## Utenfor utviklerimage - -https://dolly.ekstern.dev.nav.no/swagger-ui.html - -## Fra utviklerimage - -https://dolly-backend.intern.dev.nav.no/swagger-ui.html - -## Kjør lokalt -* Se [generell informasjon](../../docs/local_general.md). -* Applikasjonen er avhengig av en database i GCP, se [egen dokumentasjon](../../docs/gcp_db.md). -* Applikasjonen er avhengig av OpenSearch: -```aiexclude -> docker run -p 9200:9200 -p 9600:9600 -e "discovery.type=single-node" -e "plugins.security.disabled=true" -e "OPENSEARCH_INITIAL_ADMIN_PASSWORD=YLAgOm}rz#o6#Aq" --name opensearch -d opensearchproject/opensearch:latest -``` -Legg merke til passord `YLAgOm}rz#o6#Aq` (tilfeldig [generert](https://www.strongpasswordgenerator.org/), men må være "sterkt" ellers vil ikke OpenSearch starte). - -**Mac:** For å kjøre tester og bygge appen lokalt må Docker (Colima kan brukes) kjøre og man er nødt til å sette disse miljøvariablene: -``` -DOCKER_HOST=unix://${HOME}/.colima/default/docker.sock -TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE=/var/run/docker.sock -TESTCONTAINERS_RYUK_DISABLED=true -``` \ No newline at end of file +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) +* [Database i GCP.](../../docs/gcp_db.md) +* [OpenSearch.](../../docs/local_opensearch.md) diff --git a/apps/dolly-backend/build.gradle b/apps/dolly-backend/build.gradle index e54384a2308..b51dc1f0fb0 100644 --- a/apps/dolly-backend/build.gradle +++ b/apps/dolly-backend/build.gradle @@ -10,18 +10,13 @@ sonarqube { } dependencies { - implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" - implementation 'no.nav.testnav.libs:servlet-core' implementation 'no.nav.testnav.libs:servlet-security' implementation 'no.nav.testnav.libs:servlet-insecure-security' implementation 'no.nav.testnav.libs:security-core' - implementation 'no.nav.testnav.libs:database' - implementation 'no.nav.testnav.libs:vault' implementation 'no.nav.testnav.libs:data-transfer-objects' implementation 'no.nav.testnav.libs:data-transfer-search-objects' implementation 'no.nav.testnav.libs:reactive-core' - implementation 'no.nav.testnav.libs:vault' implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" diff --git a/apps/dolly-backend/settings.gradle b/apps/dolly-backend/settings.gradle index 33b2f7284fb..a2be1459e30 100644 --- a/apps/dolly-backend/settings.gradle +++ b/apps/dolly-backend/settings.gradle @@ -9,8 +9,6 @@ includeBuild "../../plugins/java" includeBuild '../../.github/workflows' includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/data-transfer-search-objects' -includeBuild '../../libs/database' -includeBuild '../../libs/vault' includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/config/LocalConfig.java b/apps/dolly-backend/src/main/java/no/nav/dolly/config/LocalConfig.java deleted file mode 100644 index 00c3ffa14e7..00000000000 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/config/LocalConfig.java +++ /dev/null @@ -1,17 +0,0 @@ -package no.nav.dolly.config; - -import no.nav.testnav.libs.database.config.FlywayConfiguration; -import no.nav.testnav.libs.database.config.VaultHikariConfiguration; -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -@Import({ - FlywayConfiguration.class, - VaultHikariConfiguration.class -}) -public class LocalConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/dolly-backend/src/main/resources/application-local.yaml b/apps/dolly-backend/src/main/resources/application-local.yaml index 72fb6260486..e4f1a7387b8 100644 --- a/apps/dolly-backend/src/main/resources/application-local.yaml +++ b/apps/dolly-backend/src/main/resources/application-local.yaml @@ -6,16 +6,17 @@ dolly: spring: cache: type: none - cloud: - gcp: - secretmanager: - project-id: dolly-dev-ff83 config: import: "sm://" datasource: url: jdbc:postgresql://localhost:5432/testnav-dolly-backend-local username: testnav-dolly-backend-local password: ${sm://testnav-dolly-backend-local} + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} management: endpoints: diff --git a/apps/dolly-backend/src/main/resources/application.yaml b/apps/dolly-backend/src/main/resources/application.yaml index aedde1793b4..6caad4f8bde 100644 --- a/apps/dolly-backend/src/main/resources/application.yaml +++ b/apps/dolly-backend/src/main/resources/application.yaml @@ -24,9 +24,6 @@ server: max-http-request-header-size: 128KB spring: - cloud: - vault: - enabled: false main: allow-bean-definition-overriding: true flyway: @@ -50,7 +47,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} jackson: parser: include-source-in-location: true diff --git a/apps/dolly-backend/src/test/resources/application-test.yaml b/apps/dolly-backend/src/test/resources/application-test.yaml index 08d2e05cd35..2af37395a12 100644 --- a/apps/dolly-backend/src/test/resources/application-test.yaml +++ b/apps/dolly-backend/src/test/resources/application-test.yaml @@ -8,12 +8,6 @@ jira: username: dummy password: dummy -azure: - app: - client: - id: dummy - secret: dummy - open: search: uri: dummy @@ -90,8 +84,6 @@ spring: gcp: secretmanager: enabled: false - vault: - enabled: false datasource: type: org.springframework.jdbc.datasource.SimpleDriverDataSource url: jdbc:tc:postgresql:15:///dollyDB?TC_REUSABLE=true diff --git a/apps/dolly-frontend/README.md b/apps/dolly-frontend/README.md index f48b71a9c19..86d5113c8b2 100644 --- a/apps/dolly-frontend/README.md +++ b/apps/dolly-frontend/README.md @@ -4,11 +4,9 @@ Prosjekt for å opprette og konfigurere personer knyttet til fellesregistrene i ## Dokumentasjon -### Swagger - -Swagger finnes under /swagger-ui.html - ## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) ### Javascript @@ -26,59 +24,6 @@ generate new token (må ha read:packages og repo tilgang) .npmrc filen skal ligge i brukermappen (cd ~) din, hvis den ikke finnes der må du opprette den. -### Java - -For å kjøre lokalt (DollyFrontendApplicationStarter) må active profile settes til `local`. I tillegg, må cloud vault -token -hentes fra Vault. Vault token hentes ved at man logger inn i Vault, trykker på nedtrekksmenyen oppe til høyre, og -trykker på "Copy token". - -Disse verdiene fylles deretter inn i VM Options på IDE: - -Run -> Edit Configurations -> VM Options - -``` --Dspring.cloud.vault.token=(Copy token fra Vault) --Dspring.profiles.active=local -``` - -#### Utviklerimage - -For å kunne gjøre kall mot NAIS apper fra utviklerimage, må nav truststore settes opp og følgende verdier må -også legges til i VM Options: - -``` --Djavax.net.ssl.trustStore=C:\path\to\truststore --Djavax.net.ssl.trustStorePassword=(Passord) -``` - -##### Legge til sertifikat i truststore: - -Dersom det dukker opp RunTimeException under oppstart kan det være at du mangler sertifikat i din truststore. - -Sertifikat kan hentes -fra [Microsoft Login Cert](https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b/login) (Ignorer -feilmeldingen om POST) - -For Mac: - -- Trykk på hengelåsen til venstre for URL og klikk deretter på sertifikat - -![Microsoft Sertifikat](../../docs/applications/dolly/assets/microsoft_keychain.png) - -- Klikk på pilen ved siden av detaljer og bla helt ned - -![Sertifikat Detaljer](../../docs/applications/dolly/assets/cert_details.png) - -- Ved å trykke på linken vil sertifikat lastes ned og man kan deretter legge denne til i Truststore ved hjelp av - kommandoen: - -``` -keytool -import -trustcacerts -alias MicrosoftLoginCert -file DIN_DOWNLOAD_DIR/DigiCertSHA2SecureServerCA.crt -keystore PATH_TIL_DIN_KEYSTORE.jts -``` - -![Sertifikat Download](../../docs/applications/dolly/assets/cert_download.png) - ### Kjøre Redis lokalt Evt last ned colima og kjør diff --git a/apps/dolly-frontend/build.gradle b/apps/dolly-frontend/build.gradle index eac576f67e8..0e3f47ecbd3 100644 --- a/apps/dolly-frontend/build.gradle +++ b/apps/dolly-frontend/build.gradle @@ -17,6 +17,8 @@ configurations { } dependencies { + implementation "io.grpc:grpc-netty:$versions.grpc" + implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" @@ -24,7 +26,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:reactive-session-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" // Session implementation "redis.clients:jedis:5.1.2" diff --git a/apps/dolly-frontend/settings.gradle b/apps/dolly-frontend/settings.gradle index 43a27cdf7f7..aff0f7d00e4 100644 --- a/apps/dolly-frontend/settings.gradle +++ b/apps/dolly-frontend/settings.gradle @@ -15,7 +15,6 @@ includeBuild '../../libs/reactive-security' includeBuild '../../libs/reactive-session-security' includeBuild '../../libs/security-core' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/LocalVaultConfig.java b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/LocalVaultConfig.java deleted file mode 100644 index 8e2b997adb5..00000000000 --- a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.dolly.web.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/dolly-frontend/src/main/js/src/components/fagsystem/alderspensjon/form/Form.tsx b/apps/dolly-frontend/src/main/js/src/components/fagsystem/alderspensjon/form/Form.tsx index bfb3918d36c..51dd5055471 100644 --- a/apps/dolly-frontend/src/main/js/src/components/fagsystem/alderspensjon/form/Form.tsx +++ b/apps/dolly-frontend/src/main/js/src/components/fagsystem/alderspensjon/form/Form.tsx @@ -159,7 +159,13 @@ export const AlderspensjonForm = () => { const gjeldendeAdresse = adresseUtenTilDato || _get(formMethods.getValues(), 'pdldata.person.bostedsadresse')?.reduce((prev, curr) => { - if (!prev.gyldigTilOgMed || !curr.gyldigTilOgMed) return null + if ( + !prev.gyldigTilOgMed || + !curr.gyldigTilOgMed || + curr.gyldigTilOgMed?.isValid?.() === false || + prev.gyldigTilOgMed?.isValid?.() === false + ) + return null return isAfter(parseISO(prev.gyldigTilOgMed), parseISO(curr.gyldigTilOgMed)) ? prev : curr }) return !gjeldendeAdresse || !gjeldendeAdresse?.adressetype diff --git a/apps/dolly-frontend/src/main/resources/application-local.yml b/apps/dolly-frontend/src/main/resources/application-local.yml index 2ce7060a052..4d5c7544302 100644 --- a/apps/dolly-frontend/src/main/resources/application-local.yml +++ b/apps/dolly-frontend/src/main/resources/application-local.yml @@ -6,16 +6,18 @@ server: port: 8020 spring: + config: + import: "sm://" security: oauth2: client: registration: aad: - client-id: ${azure.app.client.id} - client-secret: ${azure.app.client.secret} + client-id: ${sm://azure-app-client-id} + client-secret: ${sm://azure-app-client-secret} authorization-grant-type: authorization_code redirect-uri: 'http://localhost:3000/login/oauth2/code/{registrationId}' - scope: openid, offline_access, ${azure.app.client.id}/.default + scope: openid, offline_access, ${sm://azure-app-client-id}/.default provider: aad: authorization-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/authorize diff --git a/apps/dolly-frontend/src/main/resources/application.yml b/apps/dolly-frontend/src/main/resources/application.yml index 50bc1e8ca28..5e50e1267ab 100644 --- a/apps/dolly-frontend/src/main/resources/application.yml +++ b/apps/dolly-frontend/src/main/resources/application.yml @@ -3,14 +3,14 @@ POST_LOGOUT_REDIRECT_URI: https://dolly-frontend.intern.dev.nav.no/login REDIS_HOST: dolly-redis-session.dolly.svc.cluster.local spring: - cloud: - vault: - enabled: false application: name: dolly-frontend main: banner-mode: off allow-circular-references: true + cloud: + vault: + enabled: false data: redis: host: ${REDIS_HOST} @@ -21,7 +21,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/dolly-frontend/src/test/resources/application-test.yml b/apps/dolly-frontend/src/test/resources/application-test.yml index 74bf801179e..e55e0f2063d 100644 --- a/apps/dolly-frontend/src/test/resources/application-test.yml +++ b/apps/dolly-frontend/src/test/resources/application-test.yml @@ -2,3 +2,9 @@ TOKEN_X_ISSUER: dummy IDPORTEN_CLIENT_ID: dummy IDPORTEN_CLIENT_JWK: "{}" + +spring: + cloud: + gcp: + secretmanager: + enabled: false diff --git a/apps/dollystatus/README.md b/apps/dollystatus/README.md index 5c7a18cee43..2b2cb28f78d 100644 --- a/apps/dollystatus/README.md +++ b/apps/dollystatus/README.md @@ -5,8 +5,8 @@ Applikasjon for viser status på forskjellig applikasjoner og tjeneserter fra Do Lenke https://dollystatus.intern.dev.nav.no/ ## Lokal kjøring -Ha naisdevice kjørende og i "src/main/js" mappe kjør +Fra `/src/main/js` kjør ``` -npm install -npm start +> npm install +> npm start ``` diff --git a/apps/dollystatus/src/main/resources/application.yml b/apps/dollystatus/src/main/resources/application.yml index 37c37ed05b2..069adad970b 100644 --- a/apps/dollystatus/src/main/resources/application.yml +++ b/apps/dollystatus/src/main/resources/application.yml @@ -1,8 +1,3 @@ -spring: - cloud: - vault: - enabled: false - management: endpoints: enabled-by-default: true diff --git a/apps/dollystatus/src/test/resources/application-test.properties b/apps/dollystatus/src/test/resources/application-test.properties deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/apps/endringsmelding-frontend/README.md b/apps/endringsmelding-frontend/README.md index 7c5d8824c99..910d7a06d7f 100644 --- a/apps/endringsmelding-frontend/README.md +++ b/apps/endringsmelding-frontend/README.md @@ -6,16 +6,5 @@ azure-applikasjonen `dev-gcp:dolly:endringsmelding-frontend`. https://testnav-endringsmelding.intern.dev.nav.no ## Lokal kjøring - -For å kjøre lokalt (DollyFrontendRedirectApplicationStarter) må active profile settes til `dev`. I tillegg, må cloud -vault token hentes fra Vault. Vault token hentes ved at man logger inn i Vault, trykker på nedtrekksmenyen oppe til -høyre, og trykker på "Copy token". - -Disse verdiene fylles deretter inn i VM Options på IDE: - -Run -> Edit Configurations -> VM Options - -``` --Dspring.cloud.vault.token=(Copy token fra Vault) --Dspring.profiles.active=dev -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/endringsmelding-frontend/build.gradle b/apps/endringsmelding-frontend/build.gradle index 1a65769c6d4..e3940d5fc48 100644 --- a/apps/endringsmelding-frontend/build.gradle +++ b/apps/endringsmelding-frontend/build.gradle @@ -18,6 +18,8 @@ configurations { } dependencies { + implementation "io.grpc:grpc-netty:$versions.grpc" + implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -27,7 +29,6 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/endringsmelding-frontend/settings.gradle b/apps/endringsmelding-frontend/settings.gradle index 69f5ef27e77..6f85d6501c5 100644 --- a/apps/endringsmelding-frontend/settings.gradle +++ b/apps/endringsmelding-frontend/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-frontend' includeBuild '../../libs/reactive-session-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/LocalVaultConfig.java b/apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/LocalVaultConfig.java deleted file mode 100644 index b8a0962a7c5..00000000000 --- a/apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.endringsmeldingfrontend.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/endringsmelding-frontend/src/main/resources/application-dev.yml b/apps/endringsmelding-frontend/src/main/resources/application-dev.yml index f2ec8b0abf2..f280c84ef1e 100644 --- a/apps/endringsmelding-frontend/src/main/resources/application-dev.yml +++ b/apps/endringsmelding-frontend/src/main/resources/application-dev.yml @@ -1,3 +1,14 @@ +spring: + config: + import: "sm://" + security: + oauth2: + client: + registration: + aad: + client-id: ${sm://azure-app-client-id} + client-secret: ${sm://azure-app-client-secret} + scope: openid, ${sm://azure-app-client-id}/.default consumers: endringsmelding-service: diff --git a/apps/endringsmelding-frontend/src/main/resources/application.yml b/apps/endringsmelding-frontend/src/main/resources/application.yml index b80dc78aaaf..74f8ec0f202 100644 --- a/apps/endringsmelding-frontend/src/main/resources/application.yml +++ b/apps/endringsmelding-frontend/src/main/resources/application.yml @@ -4,6 +4,9 @@ spring: application: name: endringsmelding-frontend description: App for å sende inn endringsmeldinger til tps + cloud: + vault: + enabled: false main: banner-mode: off security: @@ -11,19 +14,17 @@ spring: client: registration: aad: - client-id: ${azure.app.client.id} - client-secret: ${azure.app.client.secret} + client-id: ${AZURE_APP_CLIENT_ID} + client-secret: ${AZURE_APP_CLIENT_SECRET} authorization-grant-type: authorization_code redirect-uri: '{baseUrl}/login/oauth2/code/{registrationId}' - scope: openid, ${azure.app.client.id}/.default + scope: openid, ${AZURE_APP_CLIENT_ID}/.default provider: aad: authorization-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/authorize token-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/token jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - cloud: - vault: - enabled: false + consumers: endringsmelding-service: cluster: dev-gcp diff --git a/apps/endringsmelding-frontend/src/test/resources/application-test.yml b/apps/endringsmelding-frontend/src/test/resources/application-test.yml new file mode 100644 index 00000000000..0aeb22a14f6 --- /dev/null +++ b/apps/endringsmelding-frontend/src/test/resources/application-test.yml @@ -0,0 +1,5 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/endringsmelding-service/README.md b/apps/endringsmelding-service/README.md index 16f69b04eda..e2ff49a352f 100644 --- a/apps/endringsmelding-service/README.md +++ b/apps/endringsmelding-service/README.md @@ -3,26 +3,6 @@ Service for endringsmeldinger som håndterer kallene fra Endringsmelding-frontend. Sender foedsel og døds meldinger på test identer. -## Swagger - -Swagger finnes under [/swagger](https://testnav-endringsmelding-service.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. For å kunne bruke endringsmelding-endepunktet må det innsendte tokenet ha tilgang via azure -applikasjonen `dev-gcp:dolly:endringsmelding-frontend`. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør EndringsmeldingServiceApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage - -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: - -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/endringsmelding-service/build.gradle b/apps/endringsmelding-service/build.gradle index 43f8cd67284..166e2aec202 100644 --- a/apps/endringsmelding-service/build.gradle +++ b/apps/endringsmelding-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/endringsmelding-service/config.yml b/apps/endringsmelding-service/config.yml index 50aca062cf7..7fcdf22f175 100644 --- a/apps/endringsmelding-service/config.yml +++ b/apps/endringsmelding-service/config.yml @@ -54,8 +54,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 200m diff --git a/apps/endringsmelding-service/settings.gradle b/apps/endringsmelding-service/settings.gradle index c9cf7b46e18..4d0b0949ca0 100644 --- a/apps/endringsmelding-service/settings.gradle +++ b/apps/endringsmelding-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/data-transfer-search-objects' includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/endringsmelding-service/src/main/java/no/nav/testnav/endringsmeldingservice/config/LocalVaultConfig.java b/apps/endringsmelding-service/src/main/java/no/nav/testnav/endringsmeldingservice/config/LocalVaultConfig.java deleted file mode 100644 index 9eac3d9aa08..00000000000 --- a/apps/endringsmelding-service/src/main/java/no/nav/testnav/endringsmeldingservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.endringsmeldingservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/endringsmelding-service/src/main/resources/application-dev.yml b/apps/endringsmelding-service/src/main/resources/application-dev.yml index 749d6f813ed..ba56e2420c7 100644 --- a/apps/endringsmelding-service/src/main/resources/application-dev.yml +++ b/apps/endringsmelding-service/src/main/resources/application-dev.yml @@ -1,3 +1,11 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: adresse-service: diff --git a/apps/endringsmelding-service/src/main/resources/application.yml b/apps/endringsmelding-service/src/main/resources/application.yml index 437c9cd413f..ca9967a8b1f 100644 --- a/apps/endringsmelding-service/src/main/resources/application.yml +++ b/apps/endringsmelding-service/src/main/resources/application.yml @@ -11,7 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/endringsmelding-service/src/main/resources/bootstrap.yml b/apps/endringsmelding-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/endringsmelding-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/endringsmelding-service/src/test/resources/application-test.properties b/apps/endringsmelding-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/endringsmelding-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/endringsmelding-service/src/test/resources/application-test.yml b/apps/endringsmelding-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/endringsmelding-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/faste-data-frontend/README.md b/apps/faste-data-frontend/README.md index 5d4aaa08982..1fe7b92e019 100644 --- a/apps/faste-data-frontend/README.md +++ b/apps/faste-data-frontend/README.md @@ -1,17 +1,10 @@ # Faste data frontend - Applikasjon for å finne faste data som finnes i testmiljøene. Den gir også en oversikt over om de faktiske dataene og dataene som er lagret i de forskjellige mijøene stemmer overens. ## Ingress - Appen har ikke noen swagger, men søkene kan utføres på [Faste data](https://faste-data-frontend.intern.dev.nav.no) ## Lokal kjøring - -Ha naisdevice kjørende og kjør FasteDataFrontendApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/faste-data-frontend/build.gradle b/apps/faste-data-frontend/build.gradle index 27e3a8889ca..f960e48dd39 100644 --- a/apps/faste-data-frontend/build.gradle +++ b/apps/faste-data-frontend/build.gradle @@ -18,6 +18,8 @@ configurations { } dependencies { + implementation "io.grpc:grpc-netty:$versions.grpc" + implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -27,7 +29,6 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/faste-data-frontend/settings.gradle b/apps/faste-data-frontend/settings.gradle index 0f37fce794f..921b9e7763e 100644 --- a/apps/faste-data-frontend/settings.gradle +++ b/apps/faste-data-frontend/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-frontend' includeBuild '../../libs/reactive-session-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/faste-data-frontend/src/main/java/no/nav/testnav/apps/fastedatafrontend/config/LocalVaultConfig.java b/apps/faste-data-frontend/src/main/java/no/nav/testnav/apps/fastedatafrontend/config/LocalVaultConfig.java deleted file mode 100644 index 2875b0a6ff4..00000000000 --- a/apps/faste-data-frontend/src/main/java/no/nav/testnav/apps/fastedatafrontend/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.fastedatafrontend.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/faste-data-frontend/src/main/resources/application-dev.yml b/apps/faste-data-frontend/src/main/resources/application-dev.yml index 4b73567c4dc..a77714ef5d5 100644 --- a/apps/faste-data-frontend/src/main/resources/application-dev.yml +++ b/apps/faste-data-frontend/src/main/resources/application-dev.yml @@ -1,3 +1,14 @@ +spring: + config: + import: "sm://" + security: + oauth2: + client: + registration: + aad: + client-id: ${sm://azure-app-client-id} + client-secret: ${sm://azure-app-client-secret} + scope: openid, ${sm://azure-app-client-id}/.default consumers: testnorge-profil-api: diff --git a/apps/faste-data-frontend/src/main/resources/application.yml b/apps/faste-data-frontend/src/main/resources/application.yml index 154c8d31050..47faf21eb99 100644 --- a/apps/faste-data-frontend/src/main/resources/application.yml +++ b/apps/faste-data-frontend/src/main/resources/application.yml @@ -4,6 +4,9 @@ spring: application: name: testnav-faste-data-frontend description: App for å se faste datasett + cloud: + vault: + enabled: false main: banner-mode: off security: @@ -11,19 +14,16 @@ spring: client: registration: aad: - client-id: ${azure.app.client.id} - client-secret: ${azure.app.client.secret} + client-id: ${AZURE_APP_CLIENT_ID} + client-secret: ${AZURE_APP_CLIENT_SECRET} authorization-grant-type: authorization_code redirect-uri: '{baseUrl}/login/oauth2/code/{registrationId}' - scope: openid, ${azure.app.client.id}/.default + scope: openid, ${AZURE_APP_CLIENT_ID}/.default provider: aad: authorization-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/authorize token-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/token jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - cloud: - vault: - enabled: false consumers: testnorge-profil-api: diff --git a/apps/faste-data-frontend/src/test/resources/application-test.yml b/apps/faste-data-frontend/src/test/resources/application-test.yml new file mode 100644 index 00000000000..0aeb22a14f6 --- /dev/null +++ b/apps/faste-data-frontend/src/test/resources/application-test.yml @@ -0,0 +1,5 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/generer-arbeidsforhold-populasjon-service/README.md b/apps/generer-arbeidsforhold-populasjon-service/README.md index d879ceee23c..97bea213464 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/README.md +++ b/apps/generer-arbeidsforhold-populasjon-service/README.md @@ -1,26 +1,6 @@ # Generer-arbeidsforhold-populasjon-service - Service som genererer arbeidsforhold i et valgt miljø for en spesifisert tidsperiode. -## Swagger - -Swagger finnes under [/swagger](https://testnav-generer-arbeidsforhold-populasjon-service.intern.dev.nav.no/swagger) --endepunktet til applikasjonen - ## Lokal kjøring - -Ha naisdevice kjørende og kjør GenererArbeidsforholdPopulasjonServiceApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage - -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: - -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/generer-arbeidsforhold-populasjon-service/build.gradle b/apps/generer-arbeidsforhold-populasjon-service/build.gradle index dfd817591a0..cfa772f62d0 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/build.gradle +++ b/apps/generer-arbeidsforhold-populasjon-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-arbeidsforhold-populasjon-service/settings.gradle b/apps/generer-arbeidsforhold-populasjon-service/settings.gradle index cb622304069..8489d0c4c11 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/settings.gradle +++ b/apps/generer-arbeidsforhold-populasjon-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-insecure-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/main/java/no/nav/registre/testnav/genererarbeidsforholdpopulasjonservice/config/LocalVaultConfig.java b/apps/generer-arbeidsforhold-populasjon-service/src/main/java/no/nav/registre/testnav/genererarbeidsforholdpopulasjonservice/config/LocalVaultConfig.java deleted file mode 100644 index 9ad9109e77e..00000000000 --- a/apps/generer-arbeidsforhold-populasjon-service/src/main/java/no/nav/registre/testnav/genererarbeidsforholdpopulasjonservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnav.genererarbeidsforholdpopulasjonservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application-dev.yml b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application-dev.yml index c14823c5ece..59f4904438e 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application-dev.yml +++ b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application-dev.yml @@ -1,3 +1,12 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + consumers: oppsummeringsdokument-service: url: https://testnav-oppsummeringsdokument-service.dev.intern.nav.no diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml index cc75a1aabe5..3c4d2f1263e 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml @@ -10,14 +10,11 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/test/resources/application-test.properties b/apps/generer-arbeidsforhold-populasjon-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/generer-arbeidsforhold-populasjon-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/test/resources/application-test.yml b/apps/generer-arbeidsforhold-populasjon-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/generer-arbeidsforhold-populasjon-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/generer-navn-service/README.md b/apps/generer-navn-service/README.md index 9f127fa418e..5856b9133a4 100644 --- a/apps/generer-navn-service/README.md +++ b/apps/generer-navn-service/README.md @@ -1,27 +1,8 @@ # Generer navn-service - App for å generere fiktive navn. Navnene består av et adjektiv (som ofte brukes som fornavn), et ikke påkrevd adverb (mellomavn) og et substantiv (som ofte brukes som etternavn). Det er vurdert at sammenstillingen av slike navn er forskjellig nok fra ekte navn til at data med disse ikke kan forveksles med skarpe data. -## Swagger - -Swagger finnes under [/swagger](https://generer-navn-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør GenererNavnServiceApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - -### Utviklerimage - -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: - -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/generer-navn-service/build.gradle b/apps/generer-navn-service/build.gradle index 9f184de8c41..96007c01cea 100644 --- a/apps/generer-navn-service/build.gradle +++ b/apps/generer-navn-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/generer-navn-service/settings.gradle b/apps/generer-navn-service/settings.gradle index 9d6adf62155..cd3395308ff 100644 --- a/apps/generer-navn-service/settings.gradle +++ b/apps/generer-navn-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' includeBuild '../../libs/testing' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/generer-navn-service/src/main/java/no/nav/registre/testnorge/generernavnservice/config/LocalVaultConfig.java b/apps/generer-navn-service/src/main/java/no/nav/registre/testnorge/generernavnservice/config/LocalVaultConfig.java deleted file mode 100644 index dd1f7038efd..00000000000 --- a/apps/generer-navn-service/src/main/java/no/nav/registre/testnorge/generernavnservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.generernavnservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/generer-navn-service/src/main/resources/application-dev.yml b/apps/generer-navn-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/generer-navn-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/generer-navn-service/src/main/resources/application.yml b/apps/generer-navn-service/src/main/resources/application.yml index b4332bd4614..5777e19d691 100644 --- a/apps/generer-navn-service/src/main/resources/application.yml +++ b/apps/generer-navn-service/src/main/resources/application.yml @@ -13,14 +13,11 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/generer-navn-service/src/test/resources/application-test.properties b/apps/generer-navn-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/generer-navn-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/generer-navn-service/src/test/resources/application-test.yml b/apps/generer-navn-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/generer-navn-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/generer-organisasjon-populasjon-service/README.md b/apps/generer-organisasjon-populasjon-service/README.md index b1b6e985353..4b756417106 100644 --- a/apps/generer-organisasjon-populasjon-service/README.md +++ b/apps/generer-organisasjon-populasjon-service/README.md @@ -1,17 +1,6 @@ # Testnav-generer-organisasjon-populasjon-service - Genererer og henter opplysningspliktige organisasjoner i valgt miljø. -## Swagger - -Swagger finnes under [/swagger](https://testnav-generer-organisasjon-populasjon-service.intern.dev.nav.no/swagger) --endepunktet til applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør GenererOrganisasjonPopulasjonServiceApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/generer-organisasjon-populasjon-service/build.gradle b/apps/generer-organisasjon-populasjon-service/build.gradle index fd28ad05b83..18aa5749aa6 100644 --- a/apps/generer-organisasjon-populasjon-service/build.gradle +++ b/apps/generer-organisasjon-populasjon-service/build.gradle @@ -13,21 +13,17 @@ dependencies { implementation "no.nav.testnav.libs:avro-schema" implementation "no.nav.testnav.libs:commands" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:database" implementation "no.nav.testnav.libs:kafka-config" implementation "no.nav.testnav.libs:kafka-producers" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-data-jpa" - - implementation "org.springframework.cloud:spring-cloud-vault-config-databases" implementation "org.springframework.cloud:spring-cloud-starter-bootstrap" // TODO remove legacy bootstrap config diff --git a/apps/generer-organisasjon-populasjon-service/settings.gradle b/apps/generer-organisasjon-populasjon-service/settings.gradle index ccf59c03fa9..d81188723ab 100644 --- a/apps/generer-organisasjon-populasjon-service/settings.gradle +++ b/apps/generer-organisasjon-populasjon-service/settings.gradle @@ -9,14 +9,12 @@ includeBuild "../../plugins/java" includeBuild '../../libs/avro-schema' includeBuild '../../libs/commands' includeBuild '../../libs/data-transfer-objects' -includeBuild '../../libs/database' includeBuild '../../libs/kafka-config' includeBuild '../../libs/kafka-producers' includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/generer-organisasjon-populasjon-service/src/main/java/no/nav/registre/testnav/genererorganisasjonpopulasjonservice/config/LocalVaultConfig.java b/apps/generer-organisasjon-populasjon-service/src/main/java/no/nav/registre/testnav/genererorganisasjonpopulasjonservice/config/LocalVaultConfig.java deleted file mode 100644 index 981f2580c3d..00000000000 --- a/apps/generer-organisasjon-populasjon-service/src/main/java/no/nav/registre/testnav/genererorganisasjonpopulasjonservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnav.genererorganisasjonpopulasjonservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/generer-organisasjon-populasjon-service/src/main/resources/application-dev.yml b/apps/generer-organisasjon-populasjon-service/src/main/resources/application-dev.yml index 07e2dabc2a5..c8f5ecd88f7 100644 --- a/apps/generer-organisasjon-populasjon-service/src/main/resources/application-dev.yml +++ b/apps/generer-organisasjon-populasjon-service/src/main/resources/application-dev.yml @@ -1,5 +1,6 @@ - spring: + config: + import: "sm://" h2: console: enabled: true @@ -15,6 +16,11 @@ spring: properties: hibernate: dialect: org.hibernate.dialect.H2Dialect + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: generer-navn-service: diff --git a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml index 49df1d9f339..241b6cc21ef 100644 --- a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/generer-organisasjon-populasjon-service/src/main/resources/bootstrap.yml b/apps/generer-organisasjon-populasjon-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/generer-organisasjon-populasjon-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/generer-organisasjon-populasjon-service/src/test/resources/application-test.properties b/apps/generer-organisasjon-populasjon-service/src/test/resources/application-test.properties deleted file mode 100644 index f039fb475ec..00000000000 --- a/apps/generer-organisasjon-populasjon-service/src/test/resources/application-test.properties +++ /dev/null @@ -1,2 +0,0 @@ -TOKEN_X_ISSUER=dummy -KAFKA_KEYSTORE_PATH="" \ No newline at end of file diff --git a/apps/generer-organisasjon-populasjon-service/src/test/resources/application-test.yml b/apps/generer-organisasjon-populasjon-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..825469b32e6 --- /dev/null +++ b/apps/generer-organisasjon-populasjon-service/src/test/resources/application-test.yml @@ -0,0 +1,8 @@ +TOKEN_X_ISSUER: dummy +KAFKA_KEYSTORE_PATH: "" + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/generer-synt-amelding-service/README.md b/apps/generer-synt-amelding-service/README.md index 70c3edf7442..78f7c780679 100644 --- a/apps/generer-synt-amelding-service/README.md +++ b/apps/generer-synt-amelding-service/README.md @@ -1,19 +1,6 @@ # Testnav-generer-synt-amelding-service App for å generere syntetiske ameldinger. -## Swagger -Swagger finnes under [/swagger](https://testnav-generer-synt-amelding-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør GenererSyntAMeldingApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/generer-synt-amelding-service/build.gradle b/apps/generer-synt-amelding-service/build.gradle index ac3cbd6f43a..c04034272fb 100644 --- a/apps/generer-synt-amelding-service/build.gradle +++ b/apps/generer-synt-amelding-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/generer-synt-amelding-service/config.yml b/apps/generer-synt-amelding-service/config.yml index b205f6c4097..61970695588 100644 --- a/apps/generer-synt-amelding-service/config.yml +++ b/apps/generer-synt-amelding-service/config.yml @@ -51,8 +51,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 200m diff --git a/apps/generer-synt-amelding-service/settings.gradle b/apps/generer-synt-amelding-service/settings.gradle index 8f3249c185e..ef0b90b9536 100644 --- a/apps/generer-synt-amelding-service/settings.gradle +++ b/apps/generer-synt-amelding-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/generer-synt-amelding-service/src/main/java/no/nav/registre/testnorge/generersyntameldingservice/config/LocalVaultConfig.java b/apps/generer-synt-amelding-service/src/main/java/no/nav/registre/testnorge/generersyntameldingservice/config/LocalVaultConfig.java deleted file mode 100644 index 72f4c56e31c..00000000000 --- a/apps/generer-synt-amelding-service/src/main/java/no/nav/registre/testnorge/generersyntameldingservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.generersyntameldingservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/generer-synt-amelding-service/src/main/resources/application-dev.yml b/apps/generer-synt-amelding-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/generer-synt-amelding-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/generer-synt-amelding-service/src/main/resources/application.yml b/apps/generer-synt-amelding-service/src/main/resources/application.yml index 646d5965c2f..e50b841c107 100644 --- a/apps/generer-synt-amelding-service/src/main/resources/application.yml +++ b/apps/generer-synt-amelding-service/src/main/resources/application.yml @@ -15,7 +15,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/generer-synt-amelding-service/src/main/resources/bootstrap.yml b/apps/generer-synt-amelding-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/generer-synt-amelding-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/generer-synt-amelding-service/src/test/resources/application-test.yml b/apps/generer-synt-amelding-service/src/test/resources/application-test.yml index c7ad525dd9c..3a6b7afa2ab 100644 --- a/apps/generer-synt-amelding-service/src/test/resources/application-test.yml +++ b/apps/generer-synt-amelding-service/src/test/resources/application-test.yml @@ -1,13 +1,11 @@ -azure: - app: - client: - id: dummy - secret: dummy +AAD_ISSUER_URI: http://localhost:${wiremock.server.port:0}/token +TOKEN_X_ISSUER: dummy spring: cloud: - vault: - token: dummy + gcp: + secretmanager: + enabled: false consumers: synt-amelding: @@ -15,7 +13,3 @@ consumers: cluster: dev-gcp namespace: dolly name: synthdata-amelding - - -AAD_ISSUER_URI: http://localhost:${wiremock.server.port:0}/token -TOKEN_X_ISSUER: dummy diff --git a/apps/helsepersonell-service/README.md b/apps/helsepersonell-service/README.md index e5d75aa0d84..9e81aa30e65 100644 --- a/apps/helsepersonell-service/README.md +++ b/apps/helsepersonell-service/README.md @@ -1,12 +1,6 @@ # Helsepersonell-service API for helsepersonell. Gir oversikt på helsepersonell som finnes både i felles kontaktregister og TSS. -## Swagger -Swagger finnes under [/swagger](https://testnav-helsepersonell-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør HelsepersonellApiApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/helsepersonell-service/build.gradle b/apps/helsepersonell-service/build.gradle index 71da5ae729f..5a86c7a8f3c 100644 --- a/apps/helsepersonell-service/build.gradle +++ b/apps/helsepersonell-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/helsepersonell-service/config.yml b/apps/helsepersonell-service/config.yml index 8ba4d4f2e31..1aaa9910aa7 100644 --- a/apps/helsepersonell-service/config.yml +++ b/apps/helsepersonell-service/config.yml @@ -52,8 +52,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 100m diff --git a/apps/helsepersonell-service/settings.gradle b/apps/helsepersonell-service/settings.gradle index 27bbf168265..68390be5bd8 100644 --- a/apps/helsepersonell-service/settings.gradle +++ b/apps/helsepersonell-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' includeBuild '../../libs/testing' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/helsepersonell-service/src/main/java/no/nav/registre/testnorge/helsepersonellservice/config/LocalVaultConfig.java b/apps/helsepersonell-service/src/main/java/no/nav/registre/testnorge/helsepersonellservice/config/LocalVaultConfig.java deleted file mode 100644 index 39fb1767499..00000000000 --- a/apps/helsepersonell-service/src/main/java/no/nav/registre/testnorge/helsepersonellservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.helsepersonellservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/helsepersonell-service/src/main/resources/application-dev.yml b/apps/helsepersonell-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/helsepersonell-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/helsepersonell-service/src/main/resources/application.yml b/apps/helsepersonell-service/src/main/resources/application.yml index 1d0a77c0f9f..43f90ed6aca 100644 --- a/apps/helsepersonell-service/src/main/resources/application.yml +++ b/apps/helsepersonell-service/src/main/resources/application.yml @@ -1,8 +1,5 @@ AAD_ISSUER_URI: https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b spring: - cloud: - vault: - enabled: false main: banner-mode: off application: @@ -16,7 +13,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/helsepersonell-service/src/test/resources/application-test.properties b/apps/helsepersonell-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/helsepersonell-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/helsepersonell-service/src/test/resources/application-test.yml b/apps/helsepersonell-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/helsepersonell-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/inntektsmelding-generator-service/README.md b/apps/inntektsmelding-generator-service/README.md index bbfb749009b..65bf6dbf8f4 100644 --- a/apps/inntektsmelding-generator-service/README.md +++ b/apps/inntektsmelding-generator-service/README.md @@ -1,5 +1,4 @@ # Inntektsmelding generator - Microservice for å mappe inntektsmeldinger i JSON format til XML format basert på [kodeverk](https://github.com/navikt/tjenestespesifikasjoner/blob/master/nav-altinn-inntektsmelding/src/main/xsd/). Foreløpig er bare 201812 format støttet. @@ -11,29 +10,6 @@ versjon av rammeverk: implementation 'no.nav.tjenestespesifikasjoner:nav-altinn-inntektsmelding:1.2019.09.25-00.21-49b69f0625e0' ``` -## Swagger - -Swagger finnes under [/swagger](https://testnav-inntektsmelding-generator-service.intern.dev.nav.no/swagger) --endepunktet til applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør InntektsmeldingGeneratorApplicationStarter med følgende argumenter: - -``` - --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev - -``` - -### Utviklerimage - -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: - -``` - --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] - -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/inntektsmelding-generator-service/build.gradle b/apps/inntektsmelding-generator-service/build.gradle index e1fcef6e6b0..d0220df6669 100644 --- a/apps/inntektsmelding-generator-service/build.gradle +++ b/apps/inntektsmelding-generator-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-generator-service/settings.gradle b/apps/inntektsmelding-generator-service/settings.gradle index 9100c860bef..3935a9c629f 100644 --- a/apps/inntektsmelding-generator-service/settings.gradle +++ b/apps/inntektsmelding-generator-service/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/inntektsmelding-generator-service/src/main/java/no/nav/testnav/inntektsmeldinggeneratorservice/config/LocalVaultConfig.java b/apps/inntektsmelding-generator-service/src/main/java/no/nav/testnav/inntektsmeldinggeneratorservice/config/LocalVaultConfig.java deleted file mode 100644 index 14e707c8b34..00000000000 --- a/apps/inntektsmelding-generator-service/src/main/java/no/nav/testnav/inntektsmeldinggeneratorservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.inntektsmeldinggeneratorservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/inntektsmelding-generator-service/src/main/resources/application-dev.yml b/apps/inntektsmelding-generator-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/inntektsmelding-generator-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/inntektsmelding-generator-service/src/main/resources/application.yml b/apps/inntektsmelding-generator-service/src/main/resources/application.yml index 36e7e00f1e5..593df4d3e10 100644 --- a/apps/inntektsmelding-generator-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-generator-service/src/main/resources/application.yml @@ -12,10 +12,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} - cloud: - vault: - enabled: false + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/inntektsmelding-generator-service/src/test/resources/application-test.yaml b/apps/inntektsmelding-generator-service/src/test/resources/application-test.yaml deleted file mode 100644 index 424586f333f..00000000000 --- a/apps/inntektsmelding-generator-service/src/test/resources/application-test.yaml +++ /dev/null @@ -1,13 +0,0 @@ -TOKEN_X_ISSUER: dummy - -azure: - app: - client: - id: dummy - secret: dummy - -spring: - cloud: - vault: - token: test - enabled: false diff --git a/apps/inntektsmelding-generator-service/src/test/resources/application-test.yml b/apps/inntektsmelding-generator-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..09e586a7980 --- /dev/null +++ b/apps/inntektsmelding-generator-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false diff --git a/apps/inntektsmelding-service/README.md b/apps/inntektsmelding-service/README.md index 886bf686caf..c4505d87e82 100644 --- a/apps/inntektsmelding-service/README.md +++ b/apps/inntektsmelding-service/README.md @@ -1,17 +1,6 @@ # Testnav-inntektsmelding-service - Service for å opprette og validere inntektsmeldinger som sendes inn på testpersoner. -## Swagger - -Swagger finnes under [/swagger](https://testnav-inntektsmelding-service.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør InntektsmeldingApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/inntektsmelding-service/build.gradle b/apps/inntektsmelding-service/build.gradle index 3a07a3c963c..328840a81c3 100644 --- a/apps/inntektsmelding-service/build.gradle +++ b/apps/inntektsmelding-service/build.gradle @@ -14,9 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" - implementation "org.springframework.cloud:spring-cloud-vault-config-databases" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-data-jpa" diff --git a/apps/inntektsmelding-service/settings.gradle b/apps/inntektsmelding-service/settings.gradle index 712f6c842d3..c21b8727a14 100644 --- a/apps/inntektsmelding-service/settings.gradle +++ b/apps/inntektsmelding-service/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/inntektsmelding-service/src/main/java/no/nav/registre/testnav/inntektsmeldingservice/config/LocalVaultConfig.java b/apps/inntektsmelding-service/src/main/java/no/nav/registre/testnav/inntektsmeldingservice/config/LocalVaultConfig.java deleted file mode 100644 index 5946d0541ba..00000000000 --- a/apps/inntektsmelding-service/src/main/java/no/nav/registre/testnav/inntektsmeldingservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnav.inntektsmeldingservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/inntektsmelding-service/src/main/resources/application-dev.yml b/apps/inntektsmelding-service/src/main/resources/application-dev.yml index e357b9edbb2..5d2fe16fb8b 100644 --- a/apps/inntektsmelding-service/src/main/resources/application-dev.yml +++ b/apps/inntektsmelding-service/src/main/resources/application-dev.yml @@ -3,6 +3,8 @@ consumers: url: https://testnav-inntektsmelding-generator-service.intern.dev.nav.no spring: + config: + import: "sm://" h2: console: enabled: true @@ -17,4 +19,9 @@ spring: jpa: properties: hibernate: - dialect: org.hibernate.dialect.H2Dialect \ No newline at end of file + dialect: org.hibernate.dialect.H2Dialect + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/inntektsmelding-service/src/main/resources/application.yml b/apps/inntektsmelding-service/src/main/resources/application.yml index b6a30e24333..dc654d232cf 100644 --- a/apps/inntektsmelding-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-service/src/main/resources/application.yml @@ -10,16 +10,13 @@ spring: application: name: testnav-inntektsmelding-service description: Tjeneste for sende inntektsmelding til dokarkiv. - cloud: - vault: - enabled: false security: oauth2: resourceserver: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/inntektsmelding-service/src/test/resources/application-test.properties b/apps/inntektsmelding-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/inntektsmelding-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/inntektsmelding-service/src/test/resources/application-test.yml b/apps/inntektsmelding-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/inntektsmelding-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/jenkins-batch-status-service/README.md b/apps/jenkins-batch-status-service/README.md index 4b492888af1..d95f0f60726 100644 --- a/apps/jenkins-batch-status-service/README.md +++ b/apps/jenkins-batch-status-service/README.md @@ -1,19 +1,6 @@ # jenkins-batch-status-service App for å hente ut batch status fra Jenkins. -## Swagger -Swagger finnes under [/swagger](https://jenkins-batch-status-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør JenkinsBatchStatusServiceApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/jenkins-batch-status-service/build.gradle b/apps/jenkins-batch-status-service/build.gradle index 93b20139330..ba0f256a038 100644 --- a/apps/jenkins-batch-status-service/build.gradle +++ b/apps/jenkins-batch-status-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/jenkins-batch-status-service/settings.gradle b/apps/jenkins-batch-status-service/settings.gradle index 9fd9b69933d..fc49d836f47 100644 --- a/apps/jenkins-batch-status-service/settings.gradle +++ b/apps/jenkins-batch-status-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/jenkins-batch-status-service/src/main/java/no/nav/registre/testnorge/jenkinsbatchstatusservice/config/LocalVaultConfig.java b/apps/jenkins-batch-status-service/src/main/java/no/nav/registre/testnorge/jenkinsbatchstatusservice/config/LocalVaultConfig.java deleted file mode 100644 index d97f122e6bc..00000000000 --- a/apps/jenkins-batch-status-service/src/main/java/no/nav/registre/testnorge/jenkinsbatchstatusservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.jenkinsbatchstatusservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/apps/jenkins-batch-status-service/src/main/resources/application-dev.yml b/apps/jenkins-batch-status-service/src/main/resources/application-dev.yml index ecc599f98a7..f1aa0058e84 100644 --- a/apps/jenkins-batch-status-service/src/main/resources/application-dev.yml +++ b/apps/jenkins-batch-status-service/src/main/resources/application-dev.yml @@ -1,3 +1,11 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: organisasjon-bestilling-service: diff --git a/apps/jenkins-batch-status-service/src/main/resources/application.yml b/apps/jenkins-batch-status-service/src/main/resources/application.yml index e03bc81d3c9..12bda26837d 100644 --- a/apps/jenkins-batch-status-service/src/main/resources/application.yml +++ b/apps/jenkins-batch-status-service/src/main/resources/application.yml @@ -13,7 +13,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/jenkins-batch-status-service/src/main/resources/bootstrap.yml b/apps/jenkins-batch-status-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/jenkins-batch-status-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/jenkins-batch-status-service/src/test/resources/application-test.properties b/apps/jenkins-batch-status-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/jenkins-batch-status-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/jenkins-batch-status-service/src/test/resources/application-test.yml b/apps/jenkins-batch-status-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/jenkins-batch-status-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/joark-dokument-service/README.md b/apps/joark-dokument-service/README.md index b6f76262d18..810c1f23234 100644 --- a/apps/joark-dokument-service/README.md +++ b/apps/joark-dokument-service/README.md @@ -1,25 +1,6 @@ # testnav-joark-dokument-service - App for å hente ut joark dokumenter. -## Swagger - -Swagger finnes under [/swagger](https://testnav-joark-dokument-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør JoarkDokuemntServiceApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - -### Utviklerimage - -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: - -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/joark-dokument-service/build.gradle b/apps/joark-dokument-service/build.gradle index ed4bdc88323..4b9e55263c5 100644 --- a/apps/joark-dokument-service/build.gradle +++ b/apps/joark-dokument-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/joark-dokument-service/settings.gradle b/apps/joark-dokument-service/settings.gradle index 0a7aaa0bcc4..3616ad10c4e 100644 --- a/apps/joark-dokument-service/settings.gradle +++ b/apps/joark-dokument-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/joark-dokument-service/src/main/java/no/nav/testnav/joarkdokumentservice/config/LocalVaultConfig.java b/apps/joark-dokument-service/src/main/java/no/nav/testnav/joarkdokumentservice/config/LocalVaultConfig.java deleted file mode 100644 index 5f9ec2f564d..00000000000 --- a/apps/joark-dokument-service/src/main/java/no/nav/testnav/joarkdokumentservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.joarkdokumentservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/joark-dokument-service/src/main/resources/application-dev.yml b/apps/joark-dokument-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/joark-dokument-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/joark-dokument-service/src/main/resources/application.yml b/apps/joark-dokument-service/src/main/resources/application.yml index fbbb0b3349a..50215c47d64 100644 --- a/apps/joark-dokument-service/src/main/resources/application.yml +++ b/apps/joark-dokument-service/src/main/resources/application.yml @@ -18,7 +18,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/joark-dokument-service/src/main/resources/bootstrap.yml b/apps/joark-dokument-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/joark-dokument-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/joark-dokument-service/src/test/resources/application-test.properties b/apps/joark-dokument-service/src/test/resources/application-test.properties deleted file mode 100644 index 483fe127f1f..00000000000 --- a/apps/joark-dokument-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER= dummy \ No newline at end of file diff --git a/apps/joark-dokument-service/src/test/resources/application-test.yml b/apps/joark-dokument-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/joark-dokument-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/kodeverk-service/README.md b/apps/kodeverk-service/README.md index 73961c7b3e0..fd0a716da6f 100644 --- a/apps/kodeverk-service/README.md +++ b/apps/kodeverk-service/README.md @@ -1,10 +1,7 @@ # Testnav-Kodeverk-Service Henter, formatterer, og cacher data fra felles kodeverk.
-Lagt til eget kodeverk, Kommuner2024, som henter Kommuner og fjerner gamle kommunenummere - -## Swagger -Swagger finnes under [/swagger](https://testnav-kodeverk-service.intern.dev.nav.no/swagger-ui.html) -endepunktet til -applikasjonen. +Lagt til eget kodeverk, Kommuner2024, som henter Kommuner og fjerner gamle kommunenummere ## Lokal kjøring -Sett profile til dev \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/kodeverk-service/build.gradle b/apps/kodeverk-service/build.gradle index 68778960bd4..37b4afe3181 100644 --- a/apps/kodeverk-service/build.gradle +++ b/apps/kodeverk-service/build.gradle @@ -15,13 +15,11 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" implementation "org.springframework.boot:spring-boot-starter-actuator" implementation "io.micrometer:micrometer-registry-prometheus" diff --git a/apps/kodeverk-service/settings.gradle b/apps/kodeverk-service/settings.gradle index 6535871e728..7b680dfe7ba 100644 --- a/apps/kodeverk-service/settings.gradle +++ b/apps/kodeverk-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/servlet-core' includeBuild '../../libs/reactive-core' includeBuild '../../libs/servlet-insecure-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/kodeverk-service/src/main/java/no/nav/testnav/kodeverkservice/config/LocalVaultConfig.java b/apps/kodeverk-service/src/main/java/no/nav/testnav/kodeverkservice/config/LocalVaultConfig.java deleted file mode 100644 index de370850363..00000000000 --- a/apps/kodeverk-service/src/main/java/no/nav/testnav/kodeverkservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.kodeverkservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/apps/kodeverk-service/src/main/resources/application-dev.yml b/apps/kodeverk-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/kodeverk-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/kodeverk-service/src/main/resources/application.yml b/apps/kodeverk-service/src/main/resources/application.yml index 3994b3c891b..824b314a535 100644 --- a/apps/kodeverk-service/src/main/resources/application.yml +++ b/apps/kodeverk-service/src/main/resources/application.yml @@ -10,10 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} - cloud: - vault: - enabled: false + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/kodeverk-service/src/test/resources/application-test.yml b/apps/kodeverk-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..0aeb22a14f6 --- /dev/null +++ b/apps/kodeverk-service/src/test/resources/application-test.yml @@ -0,0 +1,5 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/levende-arbeidsforhold-ansettelse/README.md b/apps/levende-arbeidsforhold-ansettelse/README.md index fceaff59f07..2485d0f7ea3 100644 --- a/apps/levende-arbeidsforhold-ansettelse/README.md +++ b/apps/levende-arbeidsforhold-ansettelse/README.md @@ -1,11 +1,5 @@ # Levende arbeidsforhold-ansettelse - -## Swagger - -Swagger finnes under [/swagger](https://testnav-levende-arbeidsforhold-ansettelse.intern.dev.nav.no/swagger-ui/index.html#/jobb-controller/ansettelseJobb) -endepunktet til -applikasjonen. - ## Forbedringspotensial * Nå så blir samme antall mennesker ansatt i hver organisasjon og vi tenker at dette er noe som kan bli forbedret. * Vi har ikke lagt til forskjellige arbeidsforhold typer noe som kan gjøre dette mer realistisk. @@ -89,19 +83,5 @@ https://www.ssb.no/arbeid-og-lonn/sysselsetting/statistikk/antall-arbeidsforhold ## Lokal kjøring - -Ha naisdevice kjørende og kjør GenererNavnServiceApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - -### Utviklerimage - -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: - -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/levende-arbeidsforhold-ansettelse/build.gradle b/apps/levende-arbeidsforhold-ansettelse/build.gradle index e0037afe5c5..f0a24a7410d 100644 --- a/apps/levende-arbeidsforhold-ansettelse/build.gradle +++ b/apps/levende-arbeidsforhold-ansettelse/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" @@ -31,7 +30,7 @@ dependencies { implementation "io.micrometer:micrometer-registry-prometheus" implementation "org.springdoc:springdoc-openapi-starter-webflux-ui:$versions.springdoc" implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" - + testRuntimeOnly "io.r2dbc:r2dbc-h2" } diff --git a/apps/levende-arbeidsforhold-ansettelse/settings.gradle b/apps/levende-arbeidsforhold-ansettelse/settings.gradle index bb179528ada..362dd785164 100644 --- a/apps/levende-arbeidsforhold-ansettelse/settings.gradle +++ b/apps/levende-arbeidsforhold-ansettelse/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-insecure-security' includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/data-transfer-search-objects' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/levende-arbeidsforhold-ansettelse/src/main/java/no/nav/testnav/levendearbeidsforholdansettelse/config/LocalVaultConfig.java b/apps/levende-arbeidsforhold-ansettelse/src/main/java/no/nav/testnav/levendearbeidsforholdansettelse/config/LocalVaultConfig.java deleted file mode 100644 index 99bd73b3072..00000000000 --- a/apps/levende-arbeidsforhold-ansettelse/src/main/java/no/nav/testnav/levendearbeidsforholdansettelse/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.levendearbeidsforholdansettelse.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application-dev.yml b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application-dev.yml index 8e05042d920..3fab1d15b70 100644 --- a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application-dev.yml +++ b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application-dev.yml @@ -1,5 +1,16 @@ spring: + config: + import: "sm://" + h2: + console: + enabled: true + path: /h2 + datasource: + url: jdbc:h2:mem:testdb + username: sa + password: + driverClassName: org.h2.Driver flyway: # InMemmory database url: jdbc:postgresql://localhost:5432/testnav-levende-arbeidsforhold @@ -9,22 +20,15 @@ spring: url: r2dbc:postgresql://localhost:5432/testnav-levende-arbeidsforhold username: ${NAV_USERNAME} password: -# sql: -# init: -# mode: always -# data-locations: classpath:/db/dev/h2-default-config.sql - -# main: -# allow-bean-definition-overriding: true -# -#config: -# r2dbc: -# driver: h2 -# protocol: mem -# port: 5432 -# database: testdb -# username: sa -# password: + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + sql: + init: + mode: always + data-locations: classpath:/db/dev/h2-default-config.sql consumers: testnav-kodeverk-service: diff --git a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml index f04dd806222..29a6a0e10d4 100644 --- a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml @@ -13,10 +13,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} - cloud: - vault: - enabled: false + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} flyway: locations: classpath:db/migration enabled: true diff --git a/apps/levende-arbeidsforhold-ansettelse/src/test/java/no/nav/testnav/levendearbeidsforholdansettelse/LevendeArbeidsforholdAnsettelseApplicationTests.java b/apps/levende-arbeidsforhold-ansettelse/src/test/java/no/nav/testnav/levendearbeidsforholdansettelse/LevendeArbeidsforholdAnsettelseApplicationTests.java index f0251a8e160..bfc00a93a64 100644 --- a/apps/levende-arbeidsforhold-ansettelse/src/test/java/no/nav/testnav/levendearbeidsforholdansettelse/LevendeArbeidsforholdAnsettelseApplicationTests.java +++ b/apps/levende-arbeidsforhold-ansettelse/src/test/java/no/nav/testnav/levendearbeidsforholdansettelse/LevendeArbeidsforholdAnsettelseApplicationTests.java @@ -1,7 +1,5 @@ package no.nav.testnav.levendearbeidsforholdansettelse; -import io.netty.handler.ssl.SslContextBuilder; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; @@ -10,11 +8,7 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; -import java.io.File; -import java.io.FileInputStream; - import static org.assertj.core.api.AssertionsForClassTypes.assertThat; -import static org.junit.jupiter.api.Assertions.fail; @SpringBootTest @ActiveProfiles("test") @@ -33,23 +27,4 @@ void load_app_context() { .isNotNull(); } - @Disabled("Useful for checking the format of a SSL key file manually.") - @Test - @SuppressWarnings("java:S2699") - void attemptToLoadSslKeyFile() - throws Exception { - var sslKey = "key.pk8"; - System.err.println("SSL Key File: " + sslKey); - var file = new File(sslKey); - System.out.println("File " + file.getAbsolutePath() + (file.exists() ? " exists" : " not found")); - if (!file.exists()) { - fail(); - } else { - SslContextBuilder - .forClient() - .keyManager(null, new FileInputStream(file), null) - .build(); - } - } - } diff --git a/apps/levende-arbeidsforhold-ansettelse/src/test/resources/application-test.yml b/apps/levende-arbeidsforhold-ansettelse/src/test/resources/application-test.yml index 00672563fc5..6f0b72ba8ea 100644 --- a/apps/levende-arbeidsforhold-ansettelse/src/test/resources/application-test.yml +++ b/apps/levende-arbeidsforhold-ansettelse/src/test/resources/application-test.yml @@ -2,4 +2,8 @@ spring: r2dbc: url: r2dbc:h2:mem:///~/db/testdb username: sa - password: \ No newline at end of file + password: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/levende-arbeidsforhold-scheduler/README.md b/apps/levende-arbeidsforhold-scheduler/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/apps/levende-arbeidsforhold-scheduler/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/levende-arbeidsforhold-scheduler/build.gradle b/apps/levende-arbeidsforhold-scheduler/build.gradle index 5436a38c43e..f0cc5802adc 100644 --- a/apps/levende-arbeidsforhold-scheduler/build.gradle +++ b/apps/levende-arbeidsforhold-scheduler/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-quartz" diff --git a/apps/levende-arbeidsforhold-scheduler/settings.gradle b/apps/levende-arbeidsforhold-scheduler/settings.gradle index a71ddd1e37e..7b5bf84faf9 100644 --- a/apps/levende-arbeidsforhold-scheduler/settings.gradle +++ b/apps/levende-arbeidsforhold-scheduler/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/servlet-security' includeBuild '../../libs/servlet-insecure-security' includeBuild '../../libs/testing' includeBuild '../../.github/workflows' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/levende-arbeidsforhold-scheduler/src/main/java/no/nav/testnav/levendearbeidsforholdscheduler/config/LocalVaultConfig.java b/apps/levende-arbeidsforhold-scheduler/src/main/java/no/nav/testnav/levendearbeidsforholdscheduler/config/LocalVaultConfig.java deleted file mode 100644 index cdd4484e175..00000000000 --- a/apps/levende-arbeidsforhold-scheduler/src/main/java/no/nav/testnav/levendearbeidsforholdscheduler/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.levendearbeidsforholdscheduler.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application-dev.yml b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application-dev.yml index 92a5a9b44c8..1aaf694b9f8 100644 --- a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application-dev.yml +++ b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application-dev.yml @@ -1,3 +1,11 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: levende-arbeidsforhold-ansettelse: diff --git a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml index 8e3b69aaad2..e1281b264c9 100644 --- a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml @@ -13,10 +13,8 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} - cloud: - vault: - enabled: false + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + springdoc: swagger-ui: disable-swagger-default-url: true diff --git a/apps/levende-arbeidsforhold-scheduler/src/test/java/no/nav/testnav/levendearbeidsforholdscheduler/LevendeArbeidsforholdSchedulerApplicationTests.java b/apps/levende-arbeidsforhold-scheduler/src/test/java/no/nav/testnav/levendearbeidsforholdscheduler/LevendeArbeidsforholdSchedulerApplicationTests.java index a2119dfcd3c..9d7db1d361e 100644 --- a/apps/levende-arbeidsforhold-scheduler/src/test/java/no/nav/testnav/levendearbeidsforholdscheduler/LevendeArbeidsforholdSchedulerApplicationTests.java +++ b/apps/levende-arbeidsforhold-scheduler/src/test/java/no/nav/testnav/levendearbeidsforholdscheduler/LevendeArbeidsforholdSchedulerApplicationTests.java @@ -2,12 +2,17 @@ import org.junit.jupiter.api.Test; import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.ActiveProfiles; + +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; @SpringBootTest +@ActiveProfiles("test") class LevendeArbeidsforholdSchedulerApplicationTests { @Test void contextLoads() { + assertThat(true).isTrue(); } } diff --git a/apps/levende-arbeidsforhold-scheduler/src/test/resources/application-test.yml b/apps/levende-arbeidsforhold-scheduler/src/test/resources/application-test.yml new file mode 100644 index 00000000000..0aeb22a14f6 --- /dev/null +++ b/apps/levende-arbeidsforhold-scheduler/src/test/resources/application-test.yml @@ -0,0 +1,5 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/levende-arbeidsforhold-service/README.md b/apps/levende-arbeidsforhold-service/README.md index 8f4c27a0910..7058429959c 100644 --- a/apps/levende-arbeidsforhold-service/README.md +++ b/apps/levende-arbeidsforhold-service/README.md @@ -1,26 +1,5 @@ # Levende arbeidsforhold-service -Fyll inn: - -## Swagger - -Swagger finnes under [/swagger](https://levende-arbeidsforhold-service.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør GenererNavnServiceApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - -### Utviklerimage - -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: - -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/levende-arbeidsforhold-service/build.gradle b/apps/levende-arbeidsforhold-service/build.gradle index d99b1976de8..1ff86f414b6 100644 --- a/apps/levende-arbeidsforhold-service/build.gradle +++ b/apps/levende-arbeidsforhold-service/build.gradle @@ -20,7 +20,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:vault" implementation "org.apache.kafka:kafka-clients:$versions.apacheKafka" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" diff --git a/apps/levende-arbeidsforhold-service/settings.gradle b/apps/levende-arbeidsforhold-service/settings.gradle index 564bb75acd1..b20e80d0ce7 100644 --- a/apps/levende-arbeidsforhold-service/settings.gradle +++ b/apps/levende-arbeidsforhold-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/servlet-insecure-security' includeBuild '../../libs/data-transfer-objects' includeBuild '../../.github/workflows' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/levende-arbeidsforhold-service/src/main/java/no/nav/testnav/levendearbeidsforholdservice/config/LocalVaultConfig.java b/apps/levende-arbeidsforhold-service/src/main/java/no/nav/testnav/levendearbeidsforholdservice/config/LocalVaultConfig.java deleted file mode 100644 index be631e12346..00000000000 --- a/apps/levende-arbeidsforhold-service/src/main/java/no/nav/testnav/levendearbeidsforholdservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.levendearbeidsforholdservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/levende-arbeidsforhold-service/src/main/resources/application-dev.yml b/apps/levende-arbeidsforhold-service/src/main/resources/application-dev.yml index 7df314e0e54..b2f3d1346f0 100644 --- a/apps/levende-arbeidsforhold-service/src/main/resources/application-dev.yml +++ b/apps/levende-arbeidsforhold-service/src/main/resources/application-dev.yml @@ -1,2 +1,11 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + kafka: group-id: testnav-levende-arbeidsforhold-service diff --git a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml index 0e91756066c..bd6d7946969 100644 --- a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml @@ -14,10 +14,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} - cloud: - vault: - enabled: false + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} kafka: consumer: group-id: testnav-levende-arbeidsforhold-service diff --git a/apps/levende-arbeidsforhold-service/src/test/resources/application-test.yml b/apps/levende-arbeidsforhold-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..0aeb22a14f6 --- /dev/null +++ b/apps/levende-arbeidsforhold-service/src/test/resources/application-test.yml @@ -0,0 +1,5 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/miljoer-service/README.md b/apps/miljoer-service/README.md index 2c2ae1f4b39..b6ec4c277d2 100644 --- a/apps/miljoer-service/README.md +++ b/apps/miljoer-service/README.md @@ -1,19 +1,6 @@ # Miljoer-service App for å sjekke hvilke miljøer i test og preprod som er tilgjengelige nå. -## Swagger -Swagger finnes under [/swagger](https://miljoer-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør MiljoerServiceApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/miljoer-service/build.gradle b/apps/miljoer-service/build.gradle index eaab96c581f..ea53e959c2d 100644 --- a/apps/miljoer-service/build.gradle +++ b/apps/miljoer-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/miljoer-service/config.yml b/apps/miljoer-service/config.yml index b8097164d8a..22a893bf88d 100644 --- a/apps/miljoer-service/config.yml +++ b/apps/miljoer-service/config.yml @@ -56,8 +56,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 100m diff --git a/apps/miljoer-service/settings.gradle b/apps/miljoer-service/settings.gradle index 296f776b0dc..339b7c0335f 100644 --- a/apps/miljoer-service/settings.gradle +++ b/apps/miljoer-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/miljoer-service/src/main/java/no/nav/registre/testnorge/miljoerservice/config/LocalVaultConfig.java b/apps/miljoer-service/src/main/java/no/nav/registre/testnorge/miljoerservice/config/LocalVaultConfig.java deleted file mode 100644 index 8f786521066..00000000000 --- a/apps/miljoer-service/src/main/java/no/nav/registre/testnorge/miljoerservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.miljoerservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/miljoer-service/src/main/resources/application-dev.yml b/apps/miljoer-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/miljoer-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/miljoer-service/src/main/resources/application.yml b/apps/miljoer-service/src/main/resources/application.yml index 41871840501..41fae00bc00 100644 --- a/apps/miljoer-service/src/main/resources/application.yml +++ b/apps/miljoer-service/src/main/resources/application.yml @@ -15,14 +15,11 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/miljoer-service/src/test/resources/application-test.properties b/apps/miljoer-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/miljoer-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/miljoer-service/src/test/resources/application-test.yml b/apps/miljoer-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..594f36142c8 --- /dev/null +++ b/apps/miljoer-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false diff --git a/apps/oppsummeringsdokument-service/README.md b/apps/oppsummeringsdokument-service/README.md index 83d2d498325..6d45eacb10f 100644 --- a/apps/oppsummeringsdokument-service/README.md +++ b/apps/oppsummeringsdokument-service/README.md @@ -6,31 +6,24 @@ grand_parent: Applikasjoner --- # Oppsummeringsdokument - API for å sende inn oppsummeringsdokumenter til AAreg, og søke i de innsendte dokumentene. -Applikasjonen kan nås fra [/swagger](https://testnav-oppsummeringsdokument-service.intern.dev.nav.no/swagger) -endepunktet. - -## Lokal utvikling - -``` --Dspring.cloud.vault.token={VAULT_TOKEN} -Dspring.profiles.active=dev -``` - -For å kjøre lokalt med opensearch: +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [OpenSearch.](../../docs/local_opensearch.md) -docker run -p 9200:9200 -p 9600:9600 -e "discovery.type=single-node" -e "plugins.security.disabled=true" --name opensearch-node -d opensearchproject/opensearch:latest - -lister alle indekser: +Liste over alle indekser: http://localhost:9200/_cat/indices?v -curl kommandoer for å søke lokalt: +`curl` for å søke lokalt: -curl -X GET "localhost:9200/oppsummeringsdokument-8/_search?pretty" -H 'Content-Type: application/json' -d' +``` +> curl -X GET "localhost:9200/oppsummeringsdokument-8/_search?pretty" -H 'Content-Type: application/json' -d' { "query": { "match": {"miljo": "q1"} } } -' \ No newline at end of file +' +``` \ No newline at end of file diff --git a/apps/oppsummeringsdokument-service/build.gradle b/apps/oppsummeringsdokument-service/build.gradle index afe4654c998..53d2b548a79 100644 --- a/apps/oppsummeringsdokument-service/build.gradle +++ b/apps/oppsummeringsdokument-service/build.gradle @@ -18,7 +18,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "no.nav.testnav.xsd:arbeidsforhold-xsd" implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-xml" diff --git a/apps/oppsummeringsdokument-service/settings.gradle b/apps/oppsummeringsdokument-service/settings.gradle index f74780146e5..c63fd9917c8 100644 --- a/apps/oppsummeringsdokument-service/settings.gradle +++ b/apps/oppsummeringsdokument-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' includeBuild '../../xsd/arbeidsforhold-xsd' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/oppsummeringsdokument-service/src/main/java/no/nav/testnav/apps/oppsummeringsdokumentservice/config/LocalVaultConfig.java b/apps/oppsummeringsdokument-service/src/main/java/no/nav/testnav/apps/oppsummeringsdokumentservice/config/LocalVaultConfig.java deleted file mode 100644 index 6a0af60770b..00000000000 --- a/apps/oppsummeringsdokument-service/src/main/java/no/nav/testnav/apps/oppsummeringsdokumentservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.apps.oppsummeringsdokumentservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "kv/preprod/fss/oppsummeringsdokument-service/dev", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/oppsummeringsdokument-service/src/main/resources/application.yml b/apps/oppsummeringsdokument-service/src/main/resources/application.yml index f24768dca66..a3800a156d5 100644 --- a/apps/oppsummeringsdokument-service/src/main/resources/application.yml +++ b/apps/oppsummeringsdokument-service/src/main/resources/application.yml @@ -7,14 +7,11 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} application: name: oppsummeringsdokument-service version: application.version.todo #TODO Finn ut hvordan denne kan settes fra gradle description: Tjeneste for å sende inn oppsummeringsdokument til aareg og søke i innsendte oppsummeringsdokumenter. - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/oppsummeringsdokument-service/src/test/resources/application-test.properties b/apps/oppsummeringsdokument-service/src/test/resources/application-test.properties deleted file mode 100644 index 22db53e5b18..00000000000 --- a/apps/oppsummeringsdokument-service/src/test/resources/application-test.properties +++ /dev/null @@ -1,5 +0,0 @@ -TOKEN_X_ISSUER=dummy -OPENSEARCH_USERNAME=username -OPENSEARCH_PASSWORD=password -OPENSEARCH_HOST=localhost -OPENSEARCH_PORT=9200 \ No newline at end of file diff --git a/apps/organisasjon-bestilling-service/README.md b/apps/organisasjon-bestilling-service/README.md index 37ddcc12fbd..a3ec9700c07 100644 --- a/apps/organisasjon-bestilling-service/README.md +++ b/apps/organisasjon-bestilling-service/README.md @@ -8,20 +8,6 @@ grand_parent: Applikasjoner ## organisajon-bestilling-service App for å opprette organiasjoner i EREG som lytter fra en kafka kø. - -## Swagger -Swagger finnes under [/swagger](https://organisasjon-bestilling-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør ApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/organisasjon-bestilling-service/build.gradle b/apps/organisasjon-bestilling-service/build.gradle index 2a3d06ffb1d..ad67dd75d86 100644 --- a/apps/organisasjon-bestilling-service/build.gradle +++ b/apps/organisasjon-bestilling-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/organisasjon-bestilling-service/settings.gradle b/apps/organisasjon-bestilling-service/settings.gradle index 488d5c3efcb..4f619dfb811 100644 --- a/apps/organisasjon-bestilling-service/settings.gradle +++ b/apps/organisasjon-bestilling-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/organisasjon-bestilling-service/src/main/java/no/nav/testnav/apps/organisasjonbestillingservice/config/LocalVaultConfig.java b/apps/organisasjon-bestilling-service/src/main/java/no/nav/testnav/apps/organisasjonbestillingservice/config/LocalVaultConfig.java deleted file mode 100644 index 56bd1e1a613..00000000000 --- a/apps/organisasjon-bestilling-service/src/main/java/no/nav/testnav/apps/organisasjonbestillingservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.organisasjonbestillingservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/organisasjon-bestilling-service/src/main/resources/application-dev.yml b/apps/organisasjon-bestilling-service/src/main/resources/application-dev.yml index c9b24a44336..c56790d0bd9 100644 --- a/apps/organisasjon-bestilling-service/src/main/resources/application-dev.yml +++ b/apps/organisasjon-bestilling-service/src/main/resources/application-dev.yml @@ -1,5 +1,7 @@ spring: + config: + import: "sm://" h2: console: enabled: true @@ -11,6 +13,11 @@ spring: username: sa password: driverClassName: org.h2.Driver + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} sql: init: mode: always diff --git a/apps/organisasjon-bestilling-service/src/main/resources/application.yml b/apps/organisasjon-bestilling-service/src/main/resources/application.yml index 62c18b46b95..5d10b138922 100644 --- a/apps/organisasjon-bestilling-service/src/main/resources/application.yml +++ b/apps/organisasjon-bestilling-service/src/main/resources/application.yml @@ -14,7 +14,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-bestilling-service/src/main/resources/bootstrap.yml b/apps/organisasjon-bestilling-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/organisasjon-bestilling-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/organisasjon-bestilling-service/src/test/resources/application-test.properties b/apps/organisasjon-bestilling-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/organisasjon-bestilling-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/organisasjon-bestilling-service/src/test/resources/application-test.yml b/apps/organisasjon-bestilling-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..594f36142c8 --- /dev/null +++ b/apps/organisasjon-bestilling-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false diff --git a/apps/organisasjon-faste-data-service/README.md b/apps/organisasjon-faste-data-service/README.md index 0c6c266c688..c2082a960b8 100644 --- a/apps/organisasjon-faste-data-service/README.md +++ b/apps/organisasjon-faste-data-service/README.md @@ -1,18 +1,7 @@ # Organisasjon Faste data service - Service som utfører CRUD funksjonalitet for organisasjoner mot EREG. Ofte benyttet etter prod laster mot miljøer for å sende inn organisasjoner fra grupper som er blitt overskrevet. -## Swagger - -Swagger finnes under [/swagger](https://testnav-organisasjon-faste-data-service.intern.dev.nav.no/swagger) -endepunktet -til applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør OrganisasjonFasteDataServiceApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/organisasjon-faste-data-service/build.gradle b/apps/organisasjon-faste-data-service/build.gradle index 86dac56730b..20a603b65d3 100644 --- a/apps/organisasjon-faste-data-service/build.gradle +++ b/apps/organisasjon-faste-data-service/build.gradle @@ -13,20 +13,17 @@ dependencies { implementation "no.nav.testnav.libs:avro-schema" implementation "no.nav.testnav.libs:commands" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:database" implementation "no.nav.testnav.libs:kafka-config" implementation "no.nav.testnav.libs:kafka-producers" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-data-jpa" - implementation "org.springframework.cloud:spring-cloud-vault-config-databases" implementation "jakarta.validation:jakarta.validation-api:$versions.jakartaValidation" implementation "io.confluent:kafka-avro-serializer:$versions.avro" diff --git a/apps/organisasjon-faste-data-service/settings.gradle b/apps/organisasjon-faste-data-service/settings.gradle index 6f4fbf24de9..478f881c910 100644 --- a/apps/organisasjon-faste-data-service/settings.gradle +++ b/apps/organisasjon-faste-data-service/settings.gradle @@ -9,14 +9,12 @@ includeBuild "../../plugins/java" includeBuild '../../libs/avro-schema' includeBuild '../../libs/commands' includeBuild '../../libs/data-transfer-objects' -includeBuild '../../libs/database' includeBuild '../../libs/kafka-config' includeBuild '../../libs/kafka-producers' includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/organisasjon-faste-data-service/src/main/java/no/nav/registre/testnorge/organisasjonfastedataservice/config/LocalVaultConfig.java b/apps/organisasjon-faste-data-service/src/main/java/no/nav/registre/testnorge/organisasjonfastedataservice/config/LocalVaultConfig.java deleted file mode 100644 index 0c91c21b267..00000000000 --- a/apps/organisasjon-faste-data-service/src/main/java/no/nav/registre/testnorge/organisasjonfastedataservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.organisasjonfastedataservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/organisasjon-faste-data-service/src/main/resources/application-dev.yml b/apps/organisasjon-faste-data-service/src/main/resources/application-dev.yml index b73f614e194..f1f72efbd09 100644 --- a/apps/organisasjon-faste-data-service/src/main/resources/application-dev.yml +++ b/apps/organisasjon-faste-data-service/src/main/resources/application-dev.yml @@ -1,5 +1,7 @@ spring: + config: + import: "sm://" h2: console: enabled: true @@ -14,4 +16,9 @@ spring: jpa: properties: hibernate: - dialect: org.hibernate.dialect.H2Dialect \ No newline at end of file + dialect: org.hibernate.dialect.H2Dialect + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/organisasjon-faste-data-service/src/main/resources/application.yml b/apps/organisasjon-faste-data-service/src/main/resources/application.yml index ffe179b761c..b35c5e82706 100644 --- a/apps/organisasjon-faste-data-service/src/main/resources/application.yml +++ b/apps/organisasjon-faste-data-service/src/main/resources/application.yml @@ -10,14 +10,11 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/organisasjon-faste-data-service/src/test/resources/application-test.properties b/apps/organisasjon-faste-data-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/organisasjon-faste-data-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/organisasjon-faste-data-service/src/test/resources/application-test.yml b/apps/organisasjon-faste-data-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/organisasjon-faste-data-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/organisasjon-forvalter/README.md b/apps/organisasjon-forvalter/README.md index 2e2f6d14ba5..dbe28ba9f42 100644 --- a/apps/organisasjon-forvalter/README.md +++ b/apps/organisasjon-forvalter/README.md @@ -1,13 +1,8 @@ # Organisasjon Forvalter - Forvalter som oppretter og deretter deployer organisasjoner basert på innsendte kriterier. Håndterer også status per orgnr når de sendes videre mot EREG. -## Swagger - -Swagger finnes under [/swagger](https://testnav-organisasjon-forvalter.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. - -## Kjør lokalt -* Se [generell informasjon](../../docs/local_general.md). -* Applikasjonen er avhengig av en database i GCP, se [egen dokumentasjon](../../docs/gcp_db.md). \ No newline at end of file +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) +* [Database i GCP.](../../docs/gcp_db.md) \ No newline at end of file diff --git a/apps/organisasjon-forvalter/build.gradle b/apps/organisasjon-forvalter/build.gradle index cc5bb9ad425..64a563dd5e7 100644 --- a/apps/organisasjon-forvalter/build.gradle +++ b/apps/organisasjon-forvalter/build.gradle @@ -14,11 +14,8 @@ properties { } dependencies { - implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" - implementation "no.nav.testnav.libs:avro-schema" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:database" implementation "no.nav.testnav.libs:kafka-config" implementation "no.nav.testnav.libs:kafka-producers" implementation "no.nav.testnav.libs:reactive-core" diff --git a/apps/organisasjon-forvalter/settings.gradle b/apps/organisasjon-forvalter/settings.gradle index dd5c7f21ef4..7f11fefe4e1 100644 --- a/apps/organisasjon-forvalter/settings.gradle +++ b/apps/organisasjon-forvalter/settings.gradle @@ -8,7 +8,6 @@ includeBuild "../../plugins/java" includeBuild '../../libs/avro-schema' includeBuild '../../libs/data-transfer-objects' -includeBuild '../../libs/database' includeBuild '../../libs/kafka-config' includeBuild '../../libs/kafka-producers' includeBuild '../../libs/security-core' diff --git a/apps/organisasjon-forvalter/src/main/resources/application-local.yml b/apps/organisasjon-forvalter/src/main/resources/application-local.yml index 8555fea2280..52c41656e48 100644 --- a/apps/organisasjon-forvalter/src/main/resources/application-local.yml +++ b/apps/organisasjon-forvalter/src/main/resources/application-local.yml @@ -1,14 +1,15 @@ spring: - cloud: - gcp: - secretmanager: - project-id: dolly-dev-ff83 config: import: "sm://" datasource: url: jdbc:postgresql://localhost:5432/testnav-organisasjon-forvalter-local username: testnav-organisasjon-forvalter-local password: ${sm://testnav-organisasjon-forvalter-local} + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: generer-navn-service: diff --git a/apps/organisasjon-forvalter/src/main/resources/application.yml b/apps/organisasjon-forvalter/src/main/resources/application.yml index df16b6b16a8..095c0107efa 100644 --- a/apps/organisasjon-forvalter/src/main/resources/application.yml +++ b/apps/organisasjon-forvalter/src/main/resources/application.yml @@ -5,9 +5,6 @@ spring: name: Testnav-Organisasjon-Forvalter version: 1.0 description: Bestilling, persistering og opphenting av testorganisasjoner - cloud: - vault: - enabled: false flyway: enabled: true # Disabled by default as you should probably think twice before running Flyway-migrations locations: classpath:db/migration @@ -18,7 +15,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-mottak-service/README.md b/apps/organisasjon-mottak-service/README.md index f1a786c3547..1b992ae3e2e 100644 --- a/apps/organisasjon-mottak-service/README.md +++ b/apps/organisasjon-mottak-service/README.md @@ -1,17 +1,6 @@ ## organisajon-mottak-service - App for å opprette organisasjoner i EREG som lytter fra en kafka kø. -## Swagger - -Swagger finnes under [/swagger](https://testnav-organisasjon-mottak-service.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør OMSApplicationStarter med følgende argumenter: - -``` --Dspring.profiles.active=dev --Dspring.cloud.vault.token=[vault-token] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/organisasjon-mottak-service/build.gradle b/apps/organisasjon-mottak-service/build.gradle index 746d66520c0..80a0eee1e24 100644 --- a/apps/organisasjon-mottak-service/build.gradle +++ b/apps/organisasjon-mottak-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" @@ -28,6 +27,7 @@ dependencies { implementation "org.springframework.cloud:spring-cloud-starter-bootstrap" // TODO remove legacy bootstrap config implementation "org.springframework.kafka:spring-kafka" + implementation "org.apache.httpcomponents.core5:httpcore5:5.3" implementation "org.apache.kafka:kafka-clients:$versions.apacheKafka" implementation "io.confluent:kafka-avro-serializer:$versions.avro" diff --git a/apps/organisasjon-mottak-service/settings.gradle b/apps/organisasjon-mottak-service/settings.gradle index 46f0e1fc819..9e68b2ca4c2 100644 --- a/apps/organisasjon-mottak-service/settings.gradle +++ b/apps/organisasjon-mottak-service/settings.gradle @@ -15,7 +15,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-insecure-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/organisasjon-mottak-service/src/main/java/no/nav/registre/testnorge/organisasjonmottak/config/LocalVaultConfig.java b/apps/organisasjon-mottak-service/src/main/java/no/nav/registre/testnorge/organisasjonmottak/config/LocalVaultConfig.java deleted file mode 100644 index 728679b4093..00000000000 --- a/apps/organisasjon-mottak-service/src/main/java/no/nav/registre/testnorge/organisasjonmottak/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.organisasjonmottak.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/organisasjon-mottak-service/src/main/resources/application-dev.yml b/apps/organisasjon-mottak-service/src/main/resources/application-dev.yml index e4632c2d78b..ff1273cc8cc 100644 --- a/apps/organisasjon-mottak-service/src/main/resources/application-dev.yml +++ b/apps/organisasjon-mottak-service/src/main/resources/application-dev.yml @@ -1,3 +1,11 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: jenkins-batch-status-service: diff --git a/apps/organisasjon-mottak-service/src/main/resources/application.yml b/apps/organisasjon-mottak-service/src/main/resources/application.yml index ed586798433..f5454299df6 100644 --- a/apps/organisasjon-mottak-service/src/main/resources/application.yml +++ b/apps/organisasjon-mottak-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/organisasjon-mottak-service/src/main/resources/bootstrap.yml b/apps/organisasjon-mottak-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/organisasjon-mottak-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/organisasjon-mottak-service/src/test/resources/application-test.properties b/apps/organisasjon-mottak-service/src/test/resources/application-test.properties deleted file mode 100644 index a550c3bea79..00000000000 --- a/apps/organisasjon-mottak-service/src/test/resources/application-test.properties +++ /dev/null @@ -1,8 +0,0 @@ -TOKEN_X_ISSUER=dummy - -kafka.bootstrapservers= dummy -kafka.schemaregistryservers= dummy -kafka.username= dummy -kafka.password= dummy -kafka.truststorepath= dummy -kafka.credstorepassword= dummy \ No newline at end of file diff --git a/apps/organisasjon-mottak-service/src/test/resources/application-test.yml b/apps/organisasjon-mottak-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..a28916c6e65 --- /dev/null +++ b/apps/organisasjon-mottak-service/src/test/resources/application-test.yml @@ -0,0 +1,15 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false + +kafka: + bootstrapservers: dummy + schemaregistryservers: dummy + username: dummy + password: dummy + truststorepath: dummy + credstorepassword: dummy \ No newline at end of file diff --git a/apps/organisasjon-service/README.md b/apps/organisasjon-service/README.md index 6eb742f3e6a..d096ef6514e 100644 --- a/apps/organisasjon-service/README.md +++ b/apps/organisasjon-service/README.md @@ -8,20 +8,6 @@ grand_parent: Applikasjoner ## Organisasjon-api API for organsiasjoner. -### Swagger -Swagger finnes under [/swagger](https://testnav-organisasjon-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - -### Lokal kjøring -Ha naisdevice kjørende og kjør OrganisasjonApiApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/organisasjon-service/build.gradle b/apps/organisasjon-service/build.gradle index 8d8ea932c79..451471a8309 100644 --- a/apps/organisasjon-service/build.gradle +++ b/apps/organisasjon-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-service/settings.gradle b/apps/organisasjon-service/settings.gradle index cbd3b36a2c5..4539eac79ba 100644 --- a/apps/organisasjon-service/settings.gradle +++ b/apps/organisasjon-service/settings.gradle @@ -13,7 +13,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' includeBuild '../../libs/testing' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/organisasjon-service/src/main/java/no/nav/registre/testnorge/organisasjonservice/config/LocalVaultConfig.java b/apps/organisasjon-service/src/main/java/no/nav/registre/testnorge/organisasjonservice/config/LocalVaultConfig.java deleted file mode 100644 index c0ef187cd8d..00000000000 --- a/apps/organisasjon-service/src/main/java/no/nav/registre/testnorge/organisasjonservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.organisasjonservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/organisasjon-service/src/main/resources/application-dev.yml b/apps/organisasjon-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/organisasjon-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/organisasjon-service/src/main/resources/application.yml b/apps/organisasjon-service/src/main/resources/application.yml index acb2f690e9c..9f897c11c45 100644 --- a/apps/organisasjon-service/src/main/resources/application.yml +++ b/apps/organisasjon-service/src/main/resources/application.yml @@ -9,14 +9,11 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/organisasjon-service/src/test/java/no/nav/registre/testnorge/organisasjonservice/ApplicationContextTest.java b/apps/organisasjon-service/src/test/java/no/nav/registre/testnorge/organisasjonservice/ApplicationContextTest.java index 0c3299d7aef..b5cebbd5b6b 100644 --- a/apps/organisasjon-service/src/test/java/no/nav/registre/testnorge/organisasjonservice/ApplicationContextTest.java +++ b/apps/organisasjon-service/src/test/java/no/nav/registre/testnorge/organisasjonservice/ApplicationContextTest.java @@ -1,6 +1,5 @@ package no.nav.registre.testnorge.organisasjonservice; - import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.boot.test.context.SpringBootTest; @@ -10,19 +9,22 @@ import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringRunner; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; @RunWith(SpringRunner.class) @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @AutoConfigureWireMock(port = 0) -@TestPropertySource(locations = "classpath:application-test.properties") +@TestPropertySource(locations = "classpath:application-test.yml") public class ApplicationContextTest { + @MockBean - public JwtDecoder jwtDecoder; - /** - * Used to test app runtime dependency and properties - */ + @SuppressWarnings("unused") + private JwtDecoder jwtDecoder; + @Test @SuppressWarnings("java:S2699") - public void load_app_context() { + public void loadAppContext() { + assertThat(true).isTrue(); } + } diff --git a/apps/organisasjon-service/src/test/java/no/nav/registre/testnorge/organisasjonservice/provider/OrganisasjonControllerEregIntegrationTest.java b/apps/organisasjon-service/src/test/java/no/nav/registre/testnorge/organisasjonservice/provider/OrganisasjonControllerEregIntegrationTest.java index e4cb11c677e..6f0664f9086 100644 --- a/apps/organisasjon-service/src/test/java/no/nav/registre/testnorge/organisasjonservice/provider/OrganisasjonControllerEregIntegrationTest.java +++ b/apps/organisasjon-service/src/test/java/no/nav/registre/testnorge/organisasjonservice/provider/OrganisasjonControllerEregIntegrationTest.java @@ -30,7 +30,7 @@ @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @AutoConfigureWireMock(port = 0) @AutoConfigureMockMvc(addFilters = false) -@TestPropertySource(locations = "classpath:application-test.properties") +@TestPropertySource(locations = "classpath:application-test.yml") public class OrganisasjonControllerEregIntegrationTest { @Autowired @@ -39,9 +39,9 @@ public class OrganisasjonControllerEregIntegrationTest { @Autowired private ObjectMapper objectMapper; - private static final String orgnummer = "123456789"; - private static final String miljo = "test"; - private static final String eregUrl = "/api/{miljo}/v1/organisasjon/" + orgnummer; + private static final String ORGNUMMER = "123456789"; + private static final String MILJO = "test"; + private static final String EREG_URL = "/api/{miljo}/v1/organisasjon/" + ORGNUMMER; private OrganisasjonDTO organisasjonReponse; @@ -51,7 +51,7 @@ public void setUp(){ .navn(NavnDTO.builder().navnelinje1("NavneLinje").redigertnavn("RedigertNavn").build()) .type("Type") .detaljer(DetaljerDTO.builder().enhetstype("Enhetstype").build()) - .organisasjonsnummer(orgnummer) + .organisasjonsnummer(ORGNUMMER) .build(); } @@ -61,20 +61,20 @@ public void shouldGetOrganisasjon() throws Exception { JsonWiremockHelper .builder(objectMapper) - .withUrlPathMatching(eregUrl) + .withUrlPathMatching(EREG_URL) .withQueryParam("inkluderHierarki", "true") .withQueryParam("inkluderHistorikk", "false") .withResponseBody(organisasjonReponse) .stubGet(); - mvc.perform(get("/api/v1/organisasjoner/" + orgnummer) + mvc.perform(get("/api/v1/organisasjoner/" + ORGNUMMER) .contentType(MediaType.APPLICATION_JSON) - .header("miljo", miljo)); + .header("miljo", MILJO)); JsonWiremockHelper .builder(objectMapper) - .withUrlPathMatching(eregUrl) + .withUrlPathMatching(EREG_URL) .withQueryParam("inkluderHierarki", "true") .withQueryParam("inkluderHistorikk", "false") .withResponseBody(organisasjonReponse) diff --git a/apps/organisasjon-service/src/test/resources/application-test.properties b/apps/organisasjon-service/src/test/resources/application-test.properties deleted file mode 100644 index 6763c44e6a5..00000000000 --- a/apps/organisasjon-service/src/test/resources/application-test.properties +++ /dev/null @@ -1,3 +0,0 @@ -consumers.ereg.url=http://localhost:${wiremock.server.port} - -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/organisasjon-service/src/test/resources/application-test.yml b/apps/organisasjon-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..f99fe06d85b --- /dev/null +++ b/apps/organisasjon-service/src/test/resources/application-test.yml @@ -0,0 +1,5 @@ +TOKEN_X_ISSUER: dummy + +consumers: + ereg: + url: http://localhost:${wiremock.server.port} \ No newline at end of file diff --git a/apps/organisasjon-tilgang-service/README.md b/apps/organisasjon-tilgang-service/README.md index ce83fbae8ae..7e9442ea085 100644 --- a/apps/organisasjon-tilgang-service/README.md +++ b/apps/organisasjon-tilgang-service/README.md @@ -1,17 +1,6 @@ ## organisajon-tilgang-service - Service som godkjenner tilganger for en spesifisert organisasjoner mot Dolly ved bruk av bankid. -## Swagger - -Swagger finnes under [/swagger-ui.html](https://testnav-organisasjon-tilgang-service.intern.dev.nav.no/swagger-ui.html) --endepunktet til applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør OrganisasjonTilgangServiceApplicationStarter med følgende argumenter: - -``` --Dspring.profiles.active=local --Dspring.cloud.vault.token=[vault-token] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/organisasjon-tilgang-service/build.gradle b/apps/organisasjon-tilgang-service/build.gradle index 47645eaf712..7ec15dac6dc 100644 --- a/apps/organisasjon-tilgang-service/build.gradle +++ b/apps/organisasjon-tilgang-service/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/organisasjon-tilgang-service/settings.gradle b/apps/organisasjon-tilgang-service/settings.gradle index 05bb93a9147..29ccda116b3 100644 --- a/apps/organisasjon-tilgang-service/settings.gradle +++ b/apps/organisasjon-tilgang-service/settings.gradle @@ -8,7 +8,6 @@ includeBuild "../../plugins/java" includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/organisasjon-tilgang-service/src/main/java/no/nav/testnav/apps/organisasjontilgangservice/config/LocalVaultConfig.java b/apps/organisasjon-tilgang-service/src/main/java/no/nav/testnav/apps/organisasjontilgangservice/config/LocalVaultConfig.java deleted file mode 100644 index 75e01aaa877..00000000000 --- a/apps/organisasjon-tilgang-service/src/main/java/no/nav/testnav/apps/organisasjontilgangservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.organisasjontilgangservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/organisasjon-tilgang-service/src/main/resources/application-local.yml b/apps/organisasjon-tilgang-service/src/main/resources/application-local.yml index f212b988f4a..3ab69be9150 100644 --- a/apps/organisasjon-tilgang-service/src/main/resources/application-local.yml +++ b/apps/organisasjon-tilgang-service/src/main/resources/application-local.yml @@ -10,7 +10,14 @@ MASKINPORTEN_SCOPES: dummy MASKINPORTEN_WELL_KNOWN_URL: dummy spring: + config: + import: "sm://" flyway: url: jdbc:h2:mem:testdb username: sa - password: \ No newline at end of file + password: + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/organisasjon-tilgang-service/src/main/resources/application.yml b/apps/organisasjon-tilgang-service/src/main/resources/application.yml index b1a79edb18b..1d4c4dbdf0a 100644 --- a/apps/organisasjon-tilgang-service/src/main/resources/application.yml +++ b/apps/organisasjon-tilgang-service/src/main/resources/application.yml @@ -11,7 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,9 +19,6 @@ spring: jackson: serialization: write_dates_as_timestamps: false - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/organisasjon-tilgang-service/src/test/resources/application-test.yml b/apps/organisasjon-tilgang-service/src/test/resources/application-test.yml index dfbee67495e..0468cb34222 100644 --- a/apps/organisasjon-tilgang-service/src/test/resources/application-test.yml +++ b/apps/organisasjon-tilgang-service/src/test/resources/application-test.yml @@ -4,4 +4,10 @@ MASKINPORTEN_CLIENT_ID: dummy MASKINPORTEN_CLIENT_JWK: dummy MASKINPORTEN_SCOPES: dummy MASKINPORTEN_WELL_KNOWN_URL: http://localhost:8080 -TOKEN_X_ISSUER: dummy \ No newline at end of file +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/orgnummer-service/README.md b/apps/orgnummer-service/README.md index 64b1629b546..5eaf82333fa 100644 --- a/apps/orgnummer-service/README.md +++ b/apps/orgnummer-service/README.md @@ -8,20 +8,6 @@ grand_parent: Applikasjoner # Organisasjonsnummer Service App for å hente gyldige organisasjonsnummer som ikke er i bruk i EREG. -## Swagger -Swagger finnes under [/swagger](https://testnav-orgnummer-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - - ## Lokal kjøring -Ha naisdevice kjørende og kjør OrgnummerServiceApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/orgnummer-service/build.gradle b/apps/orgnummer-service/build.gradle index 8bc4b427b81..1df3d299209 100644 --- a/apps/orgnummer-service/build.gradle +++ b/apps/orgnummer-service/build.gradle @@ -12,17 +12,14 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:commands" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:database" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-data-jpa" - implementation "org.springframework.cloud:spring-cloud-vault-config-databases" implementation "jakarta.validation:jakarta.validation-api:$versions.jakartaValidation" implementation "org.flywaydb:flyway-core" diff --git a/apps/orgnummer-service/config.yml b/apps/orgnummer-service/config.yml index 4c70e3d34bd..c1aa172baf5 100644 --- a/apps/orgnummer-service/config.yml +++ b/apps/orgnummer-service/config.yml @@ -56,8 +56,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 200m diff --git a/apps/orgnummer-service/settings.gradle b/apps/orgnummer-service/settings.gradle index 07ba9d46d01..f0420ddc0fa 100644 --- a/apps/orgnummer-service/settings.gradle +++ b/apps/orgnummer-service/settings.gradle @@ -8,12 +8,10 @@ includeBuild "../../plugins/java" includeBuild '../../libs/commands' includeBuild '../../libs/data-transfer-objects' -includeBuild '../../libs/database' includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/orgnummer-service/src/main/java/no/nav/registre/orgnrservice/config/LocalVaultConfig.java b/apps/orgnummer-service/src/main/java/no/nav/registre/orgnrservice/config/LocalVaultConfig.java deleted file mode 100644 index 418c7b0df1d..00000000000 --- a/apps/orgnummer-service/src/main/java/no/nav/registre/orgnrservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.orgnrservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/orgnummer-service/src/main/resources/application-dev.yml b/apps/orgnummer-service/src/main/resources/application-dev.yml index e5beab850d7..4e86cc4cf3c 100644 --- a/apps/orgnummer-service/src/main/resources/application-dev.yml +++ b/apps/orgnummer-service/src/main/resources/application-dev.yml @@ -1,5 +1,7 @@ spring: + config: + import: "sm://" h2: console: enabled: true @@ -13,6 +15,11 @@ spring: properties: hibernate: dialect: org.hibernate.dialect.H2Dialect + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: testnav-organisasjon-service: diff --git a/apps/orgnummer-service/src/main/resources/application.yml b/apps/orgnummer-service/src/main/resources/application.yml index 58c3ed56ef1..7928e2c4f00 100644 --- a/apps/orgnummer-service/src/main/resources/application.yml +++ b/apps/orgnummer-service/src/main/resources/application.yml @@ -15,14 +15,11 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: dev-gcp:dolly:testnav-orgnummer-service - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/orgnummer-service/src/test/resources/application-test.properties b/apps/orgnummer-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/orgnummer-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/orgnummer-service/src/test/resources/application-test.yml b/apps/orgnummer-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/orgnummer-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/oversikt-frontend/README.md b/apps/oversikt-frontend/README.md index 6c4cdf41b1c..eec4ecf8e5d 100644 --- a/apps/oversikt-frontend/README.md +++ b/apps/oversikt-frontend/README.md @@ -5,22 +5,11 @@ parent: Applikasjoner --- # Team Token Frontend - Applikasjon for bruk av Team Dolly til å kunne generere personlige tokens til bruk i apper som ikke støtter Client Credential (service brukere). Det er kun Team Dolly som bruker denne appen. Lenke https://testnav-oversikt.dev.adeo.no/ ## Lokal kjøring -Ha naisdevice kjørende og kjør OversiktFrontendApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/oversikt-frontend/build.gradle b/apps/oversikt-frontend/build.gradle index 6a0dae2b5c5..45a292fb976 100644 --- a/apps/oversikt-frontend/build.gradle +++ b/apps/oversikt-frontend/build.gradle @@ -17,7 +17,6 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.cloud:spring-cloud-starter-gateway" diff --git a/apps/oversikt-frontend/settings.gradle b/apps/oversikt-frontend/settings.gradle index 24ff295c1a7..77232fe6e5f 100644 --- a/apps/oversikt-frontend/settings.gradle +++ b/apps/oversikt-frontend/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-frontend' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/oversikt-frontend/src/main/java/no/nav/testnav/apps/oversiktfrontend/config/LocalVaultConfig.java b/apps/oversikt-frontend/src/main/java/no/nav/testnav/apps/oversiktfrontend/config/LocalVaultConfig.java deleted file mode 100644 index b8b572f6a2d..00000000000 --- a/apps/oversikt-frontend/src/main/java/no/nav/testnav/apps/oversiktfrontend/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.oversiktfrontend.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/oversikt-frontend/src/main/resources/application-dev.yml b/apps/oversikt-frontend/src/main/resources/application-dev.yml index b22db68be6b..3c102fb42f4 100644 --- a/apps/oversikt-frontend/src/main/resources/application-dev.yml +++ b/apps/oversikt-frontend/src/main/resources/application-dev.yml @@ -1,6 +1,15 @@ server: port: 8080 +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + consumers: testnorge-profil-api: url: https://testnorge-profil-api-dev.intern.dev.nav.no/api diff --git a/apps/oversikt-frontend/src/main/resources/application.yml b/apps/oversikt-frontend/src/main/resources/application.yml index 7b9ccda5e73..fe0df0c08ce 100644 --- a/apps/oversikt-frontend/src/main/resources/application.yml +++ b/apps/oversikt-frontend/src/main/resources/application.yml @@ -1,19 +1,20 @@ AAD_ISSUER_URI: https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b spring: + cloud: + vault: + enabled: false security: oauth2: resourceserver: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} - cloud: - vault: - enabled: false + consumers: testnorge-profil-api: cluster: dev-gcp diff --git a/apps/pdl-forvalter/README.md b/apps/pdl-forvalter/README.md index f9abb5cdfe3..1dfa2ecfa29 100644 --- a/apps/pdl-forvalter/README.md +++ b/apps/pdl-forvalter/README.md @@ -1,9 +1,7 @@ # Testnav-PDL-forvalter PDL-forvalter bygger og vedlikeholder testpersoner for PDL. - -## Swagger -Swagger finnes under [/swagger](https://testnav-pdl-forvalter.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. -## Kjør lokalt -* Se [generell informasjon](../../docs/local_general.md). -* Applikasjonen er avhengig av en database i GCP, se [egen dokumentasjon](../../docs/gcp_db.md). \ No newline at end of file +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) +* [Database i GCP](../../docs/gcp_db.md) \ No newline at end of file diff --git a/apps/pdl-forvalter/build.gradle b/apps/pdl-forvalter/build.gradle index e5203f33255..160fb17c31a 100644 --- a/apps/pdl-forvalter/build.gradle +++ b/apps/pdl-forvalter/build.gradle @@ -14,10 +14,7 @@ properties { } dependencies { - implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" - implementation "no.nav.testnav.libs:database" - implementation "no.nav.testnav.libs:vault" implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:data-transfer-search-objects" implementation "no.nav.testnav.libs:servlet-core" diff --git a/apps/pdl-forvalter/settings.gradle b/apps/pdl-forvalter/settings.gradle index 55439f16a1a..c5eee4e5ef0 100644 --- a/apps/pdl-forvalter/settings.gradle +++ b/apps/pdl-forvalter/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/data-transfer-search-objects' includeBuild '../../libs/database' -includeBuild '../../libs/vault' includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' diff --git a/apps/pdl-forvalter/src/main/java/no/nav/pdl/forvalter/config/LocalVaultConfig.java b/apps/pdl-forvalter/src/main/java/no/nav/pdl/forvalter/config/LocalVaultConfig.java deleted file mode 100644 index 65026b7c5b9..00000000000 --- a/apps/pdl-forvalter/src/main/java/no/nav/pdl/forvalter/config/LocalVaultConfig.java +++ /dev/null @@ -1,17 +0,0 @@ -package no.nav.pdl.forvalter.config; - -import no.nav.testnav.libs.database.config.FlywayConfiguration; -import no.nav.testnav.libs.database.config.VaultHikariConfiguration; -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -@Import({ - FlywayConfiguration.class, - VaultHikariConfiguration.class -}) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/pdl-forvalter/src/main/resources/application-local.yaml b/apps/pdl-forvalter/src/main/resources/application-local.yaml index 74abe6fd89a..4f89efa5869 100644 --- a/apps/pdl-forvalter/src/main/resources/application-local.yaml +++ b/apps/pdl-forvalter/src/main/resources/application-local.yaml @@ -1,14 +1,15 @@ spring: - cloud: - gcp: - secretmanager: - project-id: dolly-dev-ff83 config: import: "sm://" datasource: url: jdbc:postgresql://localhost:5432/testnav-pdl-forvalter-local username: testnav-pdl-forvalter-local password: ${sm://testnav-pdl-forvalter-local} + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: adresse-service: diff --git a/apps/pdl-forvalter/src/main/resources/application.yaml b/apps/pdl-forvalter/src/main/resources/application.yaml index 96fb8dc86f7..e2b6c90f4ca 100644 --- a/apps/pdl-forvalter/src/main/resources/application.yaml +++ b/apps/pdl-forvalter/src/main/resources/application.yaml @@ -38,16 +38,13 @@ consumers: name: testnav-person-service spring: - cloud: - vault: - enabled: false security: oauth2: resourceserver: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/person-faste-data-service/README.md b/apps/person-faste-data-service/README.md index c68f6f56edb..ca800847407 100644 --- a/apps/person-faste-data-service/README.md +++ b/apps/person-faste-data-service/README.md @@ -1,17 +1,6 @@ # Person Faste Data Service - Service som administrerer de faste data personene som er i bruk i Dolly. -## Swagger - -Swagger finnes under [/swagger-ui.html](https://testnav-person-faste-data-service.intern.dev.nav.no/swagger-ui.html) --endepunktet til applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør PersonFasteDataServiceApplicationStarter med følgende argumenter: - -``` --Dspring.profiles.active=dev --Dspring.cloud.vault.token=[vault-token] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/person-faste-data-service/build.gradle b/apps/person-faste-data-service/build.gradle index 1b451ac5549..a78921e3700 100644 --- a/apps/person-faste-data-service/build.gradle +++ b/apps/person-faste-data-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-data-jpa" diff --git a/apps/person-faste-data-service/settings.gradle b/apps/person-faste-data-service/settings.gradle index 943ea9907cb..1afbd34226a 100644 --- a/apps/person-faste-data-service/settings.gradle +++ b/apps/person-faste-data-service/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild '../../libs/data-transfer-objects' includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/person-faste-data-service/src/main/java/no/nav/testnav/personfastedataservice/config/LocalVaultConfig.java b/apps/person-faste-data-service/src/main/java/no/nav/testnav/personfastedataservice/config/LocalVaultConfig.java deleted file mode 100644 index 5de39260231..00000000000 --- a/apps/person-faste-data-service/src/main/java/no/nav/testnav/personfastedataservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.personfastedataservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/person-faste-data-service/src/main/resources/application-dev.yml b/apps/person-faste-data-service/src/main/resources/application-dev.yml index 935e7807eb2..a4ca1d03845 100644 --- a/apps/person-faste-data-service/src/main/resources/application-dev.yml +++ b/apps/person-faste-data-service/src/main/resources/application-dev.yml @@ -1,5 +1,7 @@ spring: + config: + import: "sm://" h2: console: enabled: true @@ -15,6 +17,11 @@ spring: properties: hibernate: dialect: org.hibernate.dialect.H2Dialect + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} testnav: config: diff --git a/apps/person-faste-data-service/src/main/resources/application.yml b/apps/person-faste-data-service/src/main/resources/application.yml index 85ac1aca946..96c6b85b36e 100644 --- a/apps/person-faste-data-service/src/main/resources/application.yml +++ b/apps/person-faste-data-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/person-faste-data-service/src/main/resources/bootstrap.yml b/apps/person-faste-data-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/person-faste-data-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/person-faste-data-service/src/test/resources/application-test.properties b/apps/person-faste-data-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/person-faste-data-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/person-faste-data-service/src/test/resources/application-test.yml b/apps/person-faste-data-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/person-faste-data-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/person-organisasjon-tilgang-service/README.md b/apps/person-organisasjon-tilgang-service/README.md index b6b8cf6afef..c51ae05b890 100644 --- a/apps/person-organisasjon-tilgang-service/README.md +++ b/apps/person-organisasjon-tilgang-service/README.md @@ -1,9 +1,6 @@ # Person Organisasjon Tilgang Service - Service som henter organisasjoner fra Altinn og hvilke tilganger de har. -## Swagger - -Swagger finnes -under [/swagger-ui.html](https://testnav-person-organisasjon-tilgang-service.intern.dev.nav.no/swagger-ui.html) --endepunktet til applikasjonen. \ No newline at end of file +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/person-organisasjon-tilgang-service/build.gradle b/apps/person-organisasjon-tilgang-service/build.gradle index 6498a92c45c..a3ff5f959d4 100644 --- a/apps/person-organisasjon-tilgang-service/build.gradle +++ b/apps/person-organisasjon-tilgang-service/build.gradle @@ -25,7 +25,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/person-organisasjon-tilgang-service/settings.gradle b/apps/person-organisasjon-tilgang-service/settings.gradle index 3b9b14e0aa5..6c93b49e1a4 100644 --- a/apps/person-organisasjon-tilgang-service/settings.gradle +++ b/apps/person-organisasjon-tilgang-service/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/integration-test' includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/person-organisasjon-tilgang-service/src/main/java/no/nav/testnav/apps/persontilgangservice/config/LocalVaultConfig.java b/apps/person-organisasjon-tilgang-service/src/main/java/no/nav/testnav/apps/persontilgangservice/config/LocalVaultConfig.java deleted file mode 100644 index 2772ad8e8e7..00000000000 --- a/apps/person-organisasjon-tilgang-service/src/main/java/no/nav/testnav/apps/persontilgangservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.persontilgangservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/person-organisasjon-tilgang-service/src/main/resources/application-local.yml b/apps/person-organisasjon-tilgang-service/src/main/resources/application-local.yml index 75b070dc5c2..584cb8082a4 100644 --- a/apps/person-organisasjon-tilgang-service/src/main/resources/application-local.yml +++ b/apps/person-organisasjon-tilgang-service/src/main/resources/application-local.yml @@ -8,4 +8,13 @@ ALTINN_API_KEY: dummy MASKINPORTEN_CLIENT_ID: dummy MASKINPORTEN_CLIENT_JWK: dummy MASKINPORTEN_SCOPES: dummy -MASKINPORTEN_WELL_KNOWN_URL: dummy \ No newline at end of file +MASKINPORTEN_WELL_KNOWN_URL: dummy + +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/person-organisasjon-tilgang-service/src/main/resources/application-virtual.yml b/apps/person-organisasjon-tilgang-service/src/main/resources/application-virtual.yml index 328010a8d87..2a087356478 100644 --- a/apps/person-organisasjon-tilgang-service/src/main/resources/application-virtual.yml +++ b/apps/person-organisasjon-tilgang-service/src/main/resources/application-virtual.yml @@ -1,7 +1,13 @@ TOKEN_X_ISSUER: http://tokendings:8080 -OKEN_X_JWKS_URI: http://tokendings:8080/jwks +TOKEN_X_JWKS_URI: http://tokendings:8080/jwks TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-person-organisasjon-tilgang-service +spring: + cloud: + gcp: + secretmanager: + enabled: false + altinn: api: url: http://altinn:8080 diff --git a/apps/person-organisasjon-tilgang-service/src/main/resources/application.yml b/apps/person-organisasjon-tilgang-service/src/main/resources/application.yml index ede70c60482..1da5b3b1184 100644 --- a/apps/person-organisasjon-tilgang-service/src/main/resources/application.yml +++ b/apps/person-organisasjon-tilgang-service/src/main/resources/application.yml @@ -11,7 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,9 +19,6 @@ spring: jackson: serialization: write_dates_as_timestamps: false - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/person-organisasjon-tilgang-service/src/test/resources/application-test.yml b/apps/person-organisasjon-tilgang-service/src/test/resources/application-test.yml index a52f05f20ca..7e52003da3c 100644 --- a/apps/person-organisasjon-tilgang-service/src/test/resources/application-test.yml +++ b/apps/person-organisasjon-tilgang-service/src/test/resources/application-test.yml @@ -4,4 +4,10 @@ ALTINN_API_KEY: dummy MASKINPORTEN_CLIENT_ID: dummy MASKINPORTEN_CLIENT_JWK: dummy MASKINPORTEN_SCOPES: dummy -MASKINPORTEN_WELL_KNOWN_URL: dummy \ No newline at end of file +MASKINPORTEN_WELL_KNOWN_URL: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/person-search-service/README.md b/apps/person-search-service/README.md index 0f6d6f10418..838897254e5 100644 --- a/apps/person-search-service/README.md +++ b/apps/person-search-service/README.md @@ -1,24 +1,8 @@ # testnav-person-search-service - Service som forvalter søking på personer basert på innsendte kriterier -## Swagger - -Swagger finnes under [/swagger](https://testnav-person-search-service.intern.dev.nav.no/swagger) --endepunktet til applikasjonen. - -## Lokal utvikling - -Ha naisdevice kjørende og kjør PersonSearchServiceApplicationStarter med følgende argumenter: - -``` ---add-opens java.base/java.lang=ALL-UNNAMED --Dspring.cloud.vault.token=[Kopi av token fra vault] --Dspring.profiles.active=dev -``` - -og kjør opp en lokal version av en elasticsearch instance +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) +* [OpenSearch.](../../docs/local_opensearch.md) -``` -docker run -d --name es762 -p 9200:9200 -e "discovery.type=single-node" elasticsearch:7.10.1 -``` diff --git a/apps/person-search-service/build.gradle b/apps/person-search-service/build.gradle index 63c36ef991a..7fb6dbcb708 100644 --- a/apps/person-search-service/build.gradle +++ b/apps/person-search-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" diff --git a/apps/person-search-service/settings.gradle b/apps/person-search-service/settings.gradle index ec9890b0ad9..373092ece6d 100644 --- a/apps/person-search-service/settings.gradle +++ b/apps/person-search-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/person-search-service/src/main/java/no/nav/registre/testnorge/personsearchservice/config/LocalVaultConfig.java b/apps/person-search-service/src/main/java/no/nav/registre/testnorge/personsearchservice/config/LocalVaultConfig.java deleted file mode 100644 index 56334534dc9..00000000000 --- a/apps/person-search-service/src/main/java/no/nav/registre/testnorge/personsearchservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.personsearchservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/person-search-service/src/main/resources/application-dev.yml b/apps/person-search-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/person-search-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/person-search-service/src/main/resources/application.yml b/apps/person-search-service/src/main/resources/application.yml index 970fa1f9642..1aecee96702 100644 --- a/apps/person-search-service/src/main/resources/application.yml +++ b/apps/person-search-service/src/main/resources/application.yml @@ -15,14 +15,11 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/person-search-service/src/test/resources/application-test.yml b/apps/person-search-service/src/test/resources/application-test.yml index 6ddfd499610..ee2f6b75ba0 100644 --- a/apps/person-search-service/src/test/resources/application-test.yml +++ b/apps/person-search-service/src/test/resources/application-test.yml @@ -1,5 +1,11 @@ TOKEN_X_ISSUER: dummy +spring: + cloud: + gcp: + secretmanager: + enabled: false + elasticsearch: client: username: dummy diff --git a/apps/person-service/README.md b/apps/person-service/README.md index 6da042975d4..f121026141a 100644 --- a/apps/person-service/README.md +++ b/apps/person-service/README.md @@ -7,19 +7,6 @@ parent: Applikasjoner # Testnav-Person-Service API for oppretting og henting av personer fra PDL og TPS -## Swagger -Swagger finnes under [/swagger-ui.html](https://testnav-person-service.intern.dev.nav.no/swagger-ui.html) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør PersonServiceApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[Copy token fra Vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/person-service/build.gradle b/apps/person-service/build.gradle index 89e71af63a4..60ed4e286c2 100644 --- a/apps/person-service/build.gradle +++ b/apps/person-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/person-service/settings.gradle b/apps/person-service/settings.gradle index 1a495388428..9ebfc24c114 100644 --- a/apps/person-service/settings.gradle +++ b/apps/person-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/person-service/src/main/java/no/nav/testnav/apps/personservice/config/LocalVaultConfig.java b/apps/person-service/src/main/java/no/nav/testnav/apps/personservice/config/LocalVaultConfig.java deleted file mode 100644 index d7bfa2a5777..00000000000 --- a/apps/person-service/src/main/java/no/nav/testnav/apps/personservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.personservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/person-service/src/main/resources/application-dev.yml b/apps/person-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/person-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/person-service/src/main/resources/application.yml b/apps/person-service/src/main/resources/application.yml index ec4d5bf200a..6a61ab08e39 100644 --- a/apps/person-service/src/main/resources/application.yml +++ b/apps/person-service/src/main/resources/application.yml @@ -17,13 +17,10 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} jackson: serialization: write_dates_as_timestamps: false - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/person-service/src/test/resources/application-test.properties b/apps/person-service/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/apps/person-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/apps/person-service/src/test/resources/application-test.yml b/apps/person-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/person-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/profil-api/README.md b/apps/profil-api/README.md index 3c021ed1ee0..83a9c87bae7 100644 --- a/apps/profil-api/README.md +++ b/apps/profil-api/README.md @@ -5,22 +5,8 @@ parent: Applikasjoner --- # profil-api - Api for henting av profil (navn, e-post og avdeling) og profilbilde for innlogget bruker. -## Swagger -Swagger finnes under [/swagger](https://testnorge-profil-api.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - ## Lokal kjøring -Ha naisdevice kjørende og kjør ProfilApiApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[vault-token] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/profil-api/build.gradle b/apps/profil-api/build.gradle index cc5fb156a3c..309e7d0bb8d 100644 --- a/apps/profil-api/build.gradle +++ b/apps/profil-api/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "no.nav.testnav.libs:data-transfer-objects" diff --git a/apps/profil-api/config.yml b/apps/profil-api/config.yml index 87d2f3dd35f..0fafd9f254f 100644 --- a/apps/profil-api/config.yml +++ b/apps/profil-api/config.yml @@ -59,8 +59,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 200m diff --git a/apps/profil-api/settings.gradle b/apps/profil-api/settings.gradle index cad24f303ed..3ad637cb7fa 100644 --- a/apps/profil-api/settings.gradle +++ b/apps/profil-api/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/config/LocalVaultConfig.java b/apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/config/LocalVaultConfig.java deleted file mode 100644 index 7daebbcbf11..00000000000 --- a/apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.profil.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/profil-api/src/main/resources/application-dev.yml b/apps/profil-api/src/main/resources/application-dev.yml index 67eeb473689..712e852d148 100644 --- a/apps/profil-api/src/main/resources/application-dev.yml +++ b/apps/profil-api/src/main/resources/application-dev.yml @@ -1,3 +1,11 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: testnav-person-organisasjon-tilgang-service: diff --git a/apps/profil-api/src/main/resources/application.yml b/apps/profil-api/src/main/resources/application.yml index 9a6bdad86fc..9878c224663 100644 --- a/apps/profil-api/src/main/resources/application.yml +++ b/apps/profil-api/src/main/resources/application.yml @@ -13,7 +13,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/profil-api/src/main/resources/bootstrap.yml b/apps/profil-api/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/profil-api/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/profil-api/src/test/resources/application-test.yml b/apps/profil-api/src/test/resources/application-test.yml index 91377f25679..bf7cc5cb0e7 100644 --- a/apps/profil-api/src/test/resources/application-test.yml +++ b/apps/profil-api/src/test/resources/application-test.yml @@ -1,5 +1,11 @@ TOKEN_X_ISSUER: dummy +spring: + cloud: + gcp: + secretmanager: + enabled: false + consumers: testnav-person-organisasjon-tilgang-service: cluster: cluster diff --git a/apps/skattekort-service/README.md b/apps/skattekort-service/README.md index 531252dfbd0..188b7803019 100644 --- a/apps/skattekort-service/README.md +++ b/apps/skattekort-service/README.md @@ -5,21 +5,12 @@ parent: Applikasjoner --- # skattekort-service - Tjeneste for å legge til skattekort i os-eskatt ved innsending til deres eget API for test. ## Bruk - Applikasjonen omformer JSON-request til XML-request og sender inn på overnevnte endepunkt. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør SkattekortServiceApplicationStarter med følgende argumenter: - -``` ---add-opens java.base/java.lang=ALL-UNNAMED --Dspring.profiles.active=dev --Dspring.cloud.vault.token=[vault-token] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/skattekort-service/build.gradle b/apps/skattekort-service/build.gradle index ea0d35ce0f7..dbb4b9ab1b7 100644 --- a/apps/skattekort-service/build.gradle +++ b/apps/skattekort-service/build.gradle @@ -31,7 +31,8 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" + + implementation "org.apache.httpcomponents.core5:httpcore5:5.3" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/skattekort-service/config.yml b/apps/skattekort-service/config.yml index 7042b0431eb..ed9aca96afa 100644 --- a/apps/skattekort-service/config.yml +++ b/apps/skattekort-service/config.yml @@ -49,8 +49,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: limits: memory: 2048Mi diff --git a/apps/skattekort-service/settings.gradle b/apps/skattekort-service/settings.gradle index c8a9fc1bea1..a35cbdbc703 100644 --- a/apps/skattekort-service/settings.gradle +++ b/apps/skattekort-service/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' includeBuild '../../libs/data-transfer-objects' -includeBuild '../../libs/vault' gradleEnterprise { buildScan { diff --git a/apps/skattekort-service/src/main/java/no/nav/skattekortservice/config/LocalVaultConfig.java b/apps/skattekort-service/src/main/java/no/nav/skattekortservice/config/LocalVaultConfig.java deleted file mode 100644 index d1a4512c101..00000000000 --- a/apps/skattekort-service/src/main/java/no/nav/skattekortservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.skattekortservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/skattekort-service/src/main/resources/application-dev.yml b/apps/skattekort-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/skattekort-service/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/skattekort-service/src/main/resources/application.yaml b/apps/skattekort-service/src/main/resources/application.yaml index b4e0d63057f..51e2bcada96 100644 --- a/apps/skattekort-service/src/main/resources/application.yaml +++ b/apps/skattekort-service/src/main/resources/application.yaml @@ -5,16 +5,13 @@ spring: name: Testnav-Skattekort-Service version: 1.0 description: Service for å sende inn skattekort - cloud: - vault: - enabled: false security: oauth2: resourceserver: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/skattekort-service/src/main/resources/bootstrap.yml b/apps/skattekort-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/skattekort-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/skattekort-service/src/test/resources/application-test.yml b/apps/skattekort-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..0aeb22a14f6 --- /dev/null +++ b/apps/skattekort-service/src/test/resources/application-test.yml @@ -0,0 +1,5 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/sykemelding-api/README.md b/apps/sykemelding-api/README.md index acdc2eaa124..c456870ab66 100644 --- a/apps/sykemelding-api/README.md +++ b/apps/sykemelding-api/README.md @@ -1,25 +1,6 @@ # testnav-sykemelding-api - API for sykemeldinger. -## Swagger - -Swagger finnes under [/api](https://testnav-sykemelding-api.dev.intern.nav.no/api) -endepunktet til applikasjonen. - ## Lokal kjøring - -Ha naisdevice kjørende og kjør SykemeldingApiApplicationStarter med følgende argumenter: - -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage - -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: - -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/sykemelding-api/build.gradle b/apps/sykemelding-api/build.gradle index a41d620d9c0..9d5d8e6d49d 100644 --- a/apps/sykemelding-api/build.gradle +++ b/apps/sykemelding-api/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/sykemelding-api/settings.gradle b/apps/sykemelding-api/settings.gradle index 4c0a23fa254..33c86f668d9 100644 --- a/apps/sykemelding-api/settings.gradle +++ b/apps/sykemelding-api/settings.gradle @@ -13,7 +13,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' includeBuild '../../libs/testing' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/sykemelding-api/src/main/java/no/nav/registre/testnorge/sykemelding/config/LocalVaultConfig.java b/apps/sykemelding-api/src/main/java/no/nav/registre/testnorge/sykemelding/config/LocalVaultConfig.java deleted file mode 100644 index 480a0aaedf3..00000000000 --- a/apps/sykemelding-api/src/main/java/no/nav/registre/testnorge/sykemelding/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.testnorge.sykemelding.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/sykemelding-api/src/main/resources/application-dev.yml b/apps/sykemelding-api/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..bea43da510a --- /dev/null +++ b/apps/sykemelding-api/src/main/resources/application-dev.yml @@ -0,0 +1,8 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/apps/sykemelding-api/src/main/resources/application.yml b/apps/sykemelding-api/src/main/resources/application.yml index 357f2b5c5f6..6075f7a084a 100644 --- a/apps/sykemelding-api/src/main/resources/application.yml +++ b/apps/sykemelding-api/src/main/resources/application.yml @@ -9,16 +9,20 @@ spring: version: application.version.todo name: testnav-sykemelding-api description: Api for opprettelse av detaljerte sykemeldinger + cloud: + vault: + enabled: false security: oauth2: resourceserver: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} - cloud: - vault: - enabled: false + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + tokenx: + issuer-uri: ${TOKEN_X_ISSUER} + jwk-set-uri: ${TOKEN_X_JWKS_URI} + accepted-audience: ${TOKEN_X_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/sykemelding-api/src/test/resources/application-test.yml b/apps/sykemelding-api/src/test/resources/application-test.yml index 96469f485dc..d10879a455e 100644 --- a/apps/sykemelding-api/src/test/resources/application-test.yml +++ b/apps/sykemelding-api/src/test/resources/application-test.yml @@ -14,15 +14,13 @@ SERVICEUSER_USERNAME: dummy SERVICEUSER_PASSWORD: dummy TOKEN_X_CLIENT_ID: test -azure: - app: - client: - id: dummy - secret: dummy + spring: cloud: - vault: - enabled: false + gcp: + secretmanager: + enabled: false + ibm: mq: queue-manager: dummy diff --git a/apps/synt-sykemelding-api/README.md b/apps/synt-sykemelding-api/README.md index 932bdf45eb5..da58a614ad2 100644 --- a/apps/synt-sykemelding-api/README.md +++ b/apps/synt-sykemelding-api/README.md @@ -7,20 +7,7 @@ parent: Applikasjoner ## Synt-Sykemelding-api API for syntetisering av sykemeldinger -### Swagger -Swagger finnes under [/swagger](https://testnav-synt-sykemelding-api.dev.adeo.no/swagger) -endepunktet til applikasjonen. - -### Lokal kjøring -Ha naisdevice kjørende og kjør SyntSykemeldingApiApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/synt-sykemelding-api/build.gradle b/apps/synt-sykemelding-api/build.gradle index 64a1eabed6e..a95ba6918a9 100644 --- a/apps/synt-sykemelding-api/build.gradle +++ b/apps/synt-sykemelding-api/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-sykemelding-api/config.yml b/apps/synt-sykemelding-api/config.yml index d1622f0bba1..5ab174743b7 100644 --- a/apps/synt-sykemelding-api/config.yml +++ b/apps/synt-sykemelding-api/config.yml @@ -42,8 +42,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 200m diff --git a/apps/synt-sykemelding-api/settings.gradle b/apps/synt-sykemelding-api/settings.gradle index ebfcf4716b2..1effa97ad87 100644 --- a/apps/synt-sykemelding-api/settings.gradle +++ b/apps/synt-sykemelding-api/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' includeBuild '../../libs/testing' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/synt-sykemelding-api/src/main/java/no/nav/testnav/apps/syntsykemeldingapi/config/LocalVaultConfig.java b/apps/synt-sykemelding-api/src/main/java/no/nav/testnav/apps/syntsykemeldingapi/config/LocalVaultConfig.java deleted file mode 100644 index c7ec9427324..00000000000 --- a/apps/synt-sykemelding-api/src/main/java/no/nav/testnav/apps/syntsykemeldingapi/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.syntsykemeldingapi.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/synt-sykemelding-api/src/main/resources/application-dev.yml b/apps/synt-sykemelding-api/src/main/resources/application-dev.yml index e0dc5a65e3c..4c1de6302c8 100644 --- a/apps/synt-sykemelding-api/src/main/resources/application-dev.yml +++ b/apps/synt-sykemelding-api/src/main/resources/application-dev.yml @@ -1,8 +1,13 @@ +TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-synt-sykemelding-api spring: + config: + import: "sm://" security: oauth2: resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/synt-sykemelding-api/src/main/resources/application.yml b/apps/synt-sykemelding-api/src/main/resources/application.yml index 424f21bfb59..6e4c9d4a232 100644 --- a/apps/synt-sykemelding-api/src/main/resources/application.yml +++ b/apps/synt-sykemelding-api/src/main/resources/application.yml @@ -5,16 +5,20 @@ spring: version: application.version.todo name: testnav-synt-sykemelding-api description: Api for opprettelse av syntetiske sykemeldinger + cloud: + vault: + enabled: false security: oauth2: resourceserver: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} - cloud: - vault: - enabled: false + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + tokenx: + issuer-uri: ${TOKEN_X_ISSUER} + jwk-set-uri: ${TOKEN_X_JWKS_URI} + accepted-audience: ${TOKEN_X_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/synt-sykemelding-api/src/test/resources/application-test.yml b/apps/synt-sykemelding-api/src/test/resources/application-test.yml index 1f8e50d2449..0c8f756eae8 100644 --- a/apps/synt-sykemelding-api/src/test/resources/application-test.yml +++ b/apps/synt-sykemelding-api/src/test/resources/application-test.yml @@ -1,8 +1,14 @@ +TOKEN_X_ISSUER: dummy + wiremock: server: port: 0 -TOKEN_X_ISSUER: dummy +spring: + cloud: + gcp: + secretmanager: + enabled: false consumers: synt-sykemelding: diff --git a/apps/synt-vedtakshistorikk-service/README.md b/apps/synt-vedtakshistorikk-service/README.md index 578620caa72..d0efd9fc46b 100644 --- a/apps/synt-vedtakshistorikk-service/README.md +++ b/apps/synt-vedtakshistorikk-service/README.md @@ -2,10 +2,5 @@ Applikasjon for å registrere Testnorge identer som brukere i Arena forvalteren og registrere vedtak på dem. ## Lokal kjøring - -Start `SyntVedtakshistorikkServiceApplicationStarter` med følgenede props: - -``` --Dspring.profiles.active=dev --Dspring.cloud.vault.token=<> -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/synt-vedtakshistorikk-service/build.gradle b/apps/synt-vedtakshistorikk-service/build.gradle index a69261890cb..6a169089ca1 100644 --- a/apps/synt-vedtakshistorikk-service/build.gradle +++ b/apps/synt-vedtakshistorikk-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-vedtakshistorikk-service/settings.gradle b/apps/synt-vedtakshistorikk-service/settings.gradle index b64b87a9193..26c841f5cbd 100644 --- a/apps/synt-vedtakshistorikk-service/settings.gradle +++ b/apps/synt-vedtakshistorikk-service/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-insecure-security' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/synt-vedtakshistorikk-service/src/main/java/no/nav/testnav/apps/syntvedtakshistorikkservice/config/LocalVaultConfig.java b/apps/synt-vedtakshistorikk-service/src/main/java/no/nav/testnav/apps/syntvedtakshistorikkservice/config/LocalVaultConfig.java deleted file mode 100644 index 139e0c57b1f..00000000000 --- a/apps/synt-vedtakshistorikk-service/src/main/java/no/nav/testnav/apps/syntvedtakshistorikkservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.syntvedtakshistorikkservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/synt-vedtakshistorikk-service/src/main/resources/application-dev.yml b/apps/synt-vedtakshistorikk-service/src/main/resources/application-dev.yml index 827909020eb..428a4204f6f 100644 --- a/apps/synt-vedtakshistorikk-service/src/main/resources/application-dev.yml +++ b/apps/synt-vedtakshistorikk-service/src/main/resources/application-dev.yml @@ -1,3 +1,11 @@ +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} batch: miljoe: q2 diff --git a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml index 9d5ade6dbbd..12285d7ae0a 100644 --- a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml +++ b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml @@ -11,10 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} - cloud: - vault: - enabled: false + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/synt-vedtakshistorikk-service/src/test/resources/application-test.yml b/apps/synt-vedtakshistorikk-service/src/test/resources/application-test.yml index c3803f91db5..b9cb22f75c1 100644 --- a/apps/synt-vedtakshistorikk-service/src/test/resources/application-test.yml +++ b/apps/synt-vedtakshistorikk-service/src/test/resources/application-test.yml @@ -1,5 +1,12 @@ +AAD_ISSUER_URI: http://localhost:${wiremock.server.port:0}/token TOKEN_X_ISSUER: dummy +spring: + cloud: + gcp: + secretmanager: + enabled: false + consumers: synt-vedtakshistorikk: url: http://localhost:${wiremock.server.port:0}/synt @@ -27,9 +34,6 @@ consumers: name: testnav-pdl-proxy url: http://localhost:${wiremock.server.port:0}/pdl - -AAD_ISSUER_URI: http://localhost:${wiremock.server.port:0}/token - batch: miljoe: test antallMedHistorikk: 0 diff --git a/apps/tenor-search-service/README.md b/apps/tenor-search-service/README.md index db28fe607b5..964ec94ffa7 100644 --- a/apps/tenor-search-service/README.md +++ b/apps/tenor-search-service/README.md @@ -1,9 +1,6 @@ # Tenor Search Service - Service som formidler søk til Tenor testdata hos Skatteetaten. -## Swagger - -Swagger finnes -under [/swagger-ui.html](https://testnav-tenor-search-service.intern.dev.nav.no/swagger-ui.html) --endepunktet til applikasjonen. \ No newline at end of file +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/apps/tenor-search-service/build.gradle b/apps/tenor-search-service/build.gradle index fba9a1fb78e..da1b52e4ad7 100644 --- a/apps/tenor-search-service/build.gradle +++ b/apps/tenor-search-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/tenor-search-service/settings.gradle b/apps/tenor-search-service/settings.gradle index a9888f93d70..39bbdfb050c 100644 --- a/apps/tenor-search-service/settings.gradle +++ b/apps/tenor-search-service/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/integration-test' includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/tenor-search-service/src/main/java/no/nav/testnav/apps/tenorsearchservice/config/LocalVaultConfig.java b/apps/tenor-search-service/src/main/java/no/nav/testnav/apps/tenorsearchservice/config/LocalVaultConfig.java deleted file mode 100644 index 16e6860d3bd..00000000000 --- a/apps/tenor-search-service/src/main/java/no/nav/testnav/apps/tenorsearchservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.apps.tenorsearchservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/tenor-search-service/src/main/resources/application-local.yml b/apps/tenor-search-service/src/main/resources/application-local.yml index c0ac1db455d..4b2ebb35015 100644 --- a/apps/tenor-search-service/src/main/resources/application-local.yml +++ b/apps/tenor-search-service/src/main/resources/application-local.yml @@ -5,6 +5,15 @@ MASKINPORTEN_CLIENT_JWK: dummy MASKINPORTEN_SCOPES: dummy MASKINPORTEN_WELL_KNOWN_URL: dummy +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + consumers: dolly-backend: url: https://dolly-backend.intern.dev.nav.no diff --git a/apps/tenor-search-service/src/main/resources/application.yml b/apps/tenor-search-service/src/main/resources/application.yml index ad7b7357991..a8a87170a82 100644 --- a/apps/tenor-search-service/src/main/resources/application.yml +++ b/apps/tenor-search-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -18,9 +18,6 @@ spring: jackson: serialization: write_dates_as_timestamps: false - cloud: - vault: - enabled: false springdoc: swagger-ui: diff --git a/apps/tenor-search-service/src/test/resources/application-test.yml b/apps/tenor-search-service/src/test/resources/application-test.yml index dee4ed64372..c9e2e70764b 100644 --- a/apps/tenor-search-service/src/test/resources/application-test.yml +++ b/apps/tenor-search-service/src/test/resources/application-test.yml @@ -2,4 +2,10 @@ TOKEN_X_ISSUER: dummy MASKINPORTEN_CLIENT_ID: dummy MASKINPORTEN_CLIENT_JWK: dummy MASKINPORTEN_SCOPES: dummy -MASKINPORTEN_WELL_KNOWN_URL: dummy \ No newline at end of file +MASKINPORTEN_WELL_KNOWN_URL: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/testnav-ident-pool/README.md b/apps/testnav-ident-pool/README.md index d58642266f0..5e48730185e 100644 --- a/apps/testnav-ident-pool/README.md +++ b/apps/testnav-ident-pool/README.md @@ -3,36 +3,9 @@ Testnav-Ident-pool har oversikt på syntetiske identer, og sjekker mot prod og t Fra ident-pool kan det rekvireres identer basert på født-før og født-etter samt kjønn og type. Spesifikke identer kan også allokeres. Identer kan frigjøres og benyttes om igjen - -## Swagger -Swagger finnes under [/swagger](https://testnav-ident-pool.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. ## Lokal kjøring - - -### Utenfor utviklerimage -Ha naisdevice kjørende og kjør IdentPoolApplicationStarter med følgende argumenter: -``` ---add-opens java.base/java.lang=ALL-UNNAMED --Dspring.profiles.active=local --Dspring.cloud.vault.token=[Kopier token fra vault] -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` - -Det kan være nødvendig å ha disse også: -``` --Dhttp.proxyHost=webproxy-utvikler.nav.no --Dhttps.proxyHost=webproxy-utvikler.nav.no --Dhttp.proxyPort=8088 --Dhttps.proxyPort=8088 --Dhttp.nonProxyHosts=localhost|127.0.0.1|10.254.0.1|*.local|*.adeo.no|*.nav.no|*.aetat.no|*.devillo.no|*.oera.no|*.nais.io -``` - -Applikasjonen er avhengig av en lokal PSQL-database. For mer informasjon se [egen dokumentasjon](../../docs/local_db.md). +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) +* [Lokal PostgreSQL.](../../docs/local_db.md) diff --git a/apps/testnav-ident-pool/build.gradle b/apps/testnav-ident-pool/build.gradle index b37ac17d49b..840db0d9398 100644 --- a/apps/testnav-ident-pool/build.gradle +++ b/apps/testnav-ident-pool/build.gradle @@ -14,12 +14,10 @@ properties { } dependencies { - implementation "no.nav.testnav.libs:database" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-data-jpa" @@ -27,7 +25,6 @@ dependencies { implementation "org.springframework.security:spring-security-oauth2-jose" implementation "org.springframework.boot:spring-boot-starter-validation" - implementation "org.springframework.cloud:spring-cloud-vault-config-databases" implementation "org.springframework.cloud:spring-cloud-starter-bootstrap" // TODO remove legacy bootstrap config implementation "org.springframework.retry:spring-retry" diff --git a/apps/testnav-ident-pool/settings.gradle b/apps/testnav-ident-pool/settings.gradle index 04d6c4d706a..2883ebb6a8c 100644 --- a/apps/testnav-ident-pool/settings.gradle +++ b/apps/testnav-ident-pool/settings.gradle @@ -6,13 +6,11 @@ rootProject.name = 'testnav-ident-pool' includeBuild "../../plugins/java" -includeBuild '../../libs/database' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-insecure-security' includeBuild '../../libs/servlet-security' includeBuild '../../libs/testing' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/testnav-ident-pool/src/main/java/no/nav/testnav/identpool/config/LocalVaultConfig.java b/apps/testnav-ident-pool/src/main/java/no/nav/testnav/identpool/config/LocalVaultConfig.java deleted file mode 100644 index 122cd8d948e..00000000000 --- a/apps/testnav-ident-pool/src/main/java/no/nav/testnav/identpool/config/LocalVaultConfig.java +++ /dev/null @@ -1,17 +0,0 @@ -package no.nav.testnav.identpool.config; - -import no.nav.testnav.libs.database.config.FlywayConfiguration; -import no.nav.testnav.libs.database.config.VaultHikariConfiguration; -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -@Import({ - FlywayConfiguration.class, - VaultHikariConfiguration.class -}) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/testnav-ident-pool/src/main/resources/application-local.yml b/apps/testnav-ident-pool/src/main/resources/application-local.yml index 69e57990421..e548e6ffc9e 100644 --- a/apps/testnav-ident-pool/src/main/resources/application-local.yml +++ b/apps/testnav-ident-pool/src/main/resources/application-local.yml @@ -1,4 +1,6 @@ spring: + config: + import: "sm://" h2: console: enabled: true @@ -8,6 +10,11 @@ spring: username: sa password: driverClassName: org.h2.Driver + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} sql: init: mode: always diff --git a/apps/testnav-ident-pool/src/main/resources/application.yaml b/apps/testnav-ident-pool/src/main/resources/application.yaml index 027f8d20270..eec84e92cc7 100644 --- a/apps/testnav-ident-pool/src/main/resources/application.yaml +++ b/apps/testnav-ident-pool/src/main/resources/application.yaml @@ -48,7 +48,7 @@ spring: aad: issuer-uri: https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b/v2.0 #The client_id of this application - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/testnav-ident-pool/src/main/resources/bootstrap.yaml b/apps/testnav-ident-pool/src/main/resources/bootstrap.yaml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/testnav-ident-pool/src/main/resources/bootstrap.yaml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/testnav-ident-pool/src/test/resources/application-test.yml b/apps/testnav-ident-pool/src/test/resources/application-test.yml new file mode 100644 index 00000000000..bea909f59d4 --- /dev/null +++ b/apps/testnav-ident-pool/src/test/resources/application-test.yml @@ -0,0 +1,17 @@ +TOKEN_X_ISSUER: dummy + +### DATABASE ### +spring: + datasource: + driver-class-name: org.h2.Driver + url: jdbc:h2:mem:testdb;MODE=Postgresql;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE; + cloud: + gcp: + secretmanager: + enabled: false + +tps-forvalteren: + rest: + api: + url: dummy + diff --git a/apps/testnav-ident-pool/src/test/resources/application.properties b/apps/testnav-ident-pool/src/test/resources/application.properties deleted file mode 100644 index 1691598aacc..00000000000 --- a/apps/testnav-ident-pool/src/test/resources/application.properties +++ /dev/null @@ -1,7 +0,0 @@ -### DATABASE ### -spring.datasource.driver-class-name=org.h2.Driver -spring.datasource.url=jdbc:h2:mem:testdb;MODE=Postgresql;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE; - -tps-forvalteren.rest.api.url=dummy - -TOKEN_X_ISSUER= dummy \ No newline at end of file diff --git a/apps/testnav-ident-pool/src/test/resources/bootstrap.yaml b/apps/testnav-ident-pool/src/test/resources/bootstrap.yaml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/testnav-ident-pool/src/test/resources/bootstrap.yaml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/testnorge-statisk-data-forvalter/README.md b/apps/testnorge-statisk-data-forvalter/README.md index ec6f24d12e6..51311a92e4a 100644 --- a/apps/testnorge-statisk-data-forvalter/README.md +++ b/apps/testnorge-statisk-data-forvalter/README.md @@ -5,7 +5,6 @@ parent: Applikasjoner --- # testnorge-statisk-data-forvalter - Statisk data forvalter er en applikasjon som har som ansvar å forvalte faste test-data i NAV. Denne applikasjonen belager seg på flere andre applikasjoner for å kunne legge inn data. @@ -13,7 +12,6 @@ Denne applikasjonen belager seg på flere andre applikasjoner for å kunne legge Integrasjonen mot TPSF og TPS er fjernet men ikke oppdatert i figur: ![Faste data flowchart](./doc/images/Faste%20data%20flowchart.png "Faste data flowchart") - All data som eksisterer i databasen er test-data som skal kjøres inn i miljøer etter tømming og produksjonslaster. Av dataen som skal inn i TPS er det bare ekstra identer som ikke eksisterer i TPSF avspillergruppen til SKD-mantallet som er lagt inn. Resten av mantallet ekisterer der. @@ -28,7 +26,6 @@ I dette tilfellet må bedriftsnavn og enhetstype settes, og for en person må ma osv. Disse verdiene blir automatisk satt av applikasjonene som er gitt som avhengigheter. ## API - Apiet inneholder endepunkter for å individuelt legge inn all statisk data i et miljø gitt hvilken type (SAM, TP, SKD, EREG). Swagger finnes under [/swagger](https://testnorge-statisk-data-forvalter.dev.intern.nav.no/swagger) -endepunktet til applikasjonen. @@ -40,7 +37,6 @@ konverteres til ANSI for å vise korrekte tegn i Excel. ## Nytt domene - For å opprette et nytt domene må en POJO og repository opprettes. Det er sterkt anbefalt å eksponere dette nye domenet i APIet. Nåværende domener belager seg på eksisterende applikasjoner som ikke er direkte tilknyttet fast data. Denne modellen er også @@ -48,10 +44,6 @@ sterkt anbefalt å følge. Disse applikasjonen er ansvarlige for å opprette man ## Lokal kjøring -Ha naisdevice kjørende og kjør StatiskDataForvalterApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=local -``` -Swagger på [http://localhost:8080/swagger](http://localhost:4390/swagger). +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/StatiskDataForvalterApplicationStarter.java b/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/StatiskDataForvalterApplicationStarter.java index 1caf883368d..c9f3fd4a383 100644 --- a/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/StatiskDataForvalterApplicationStarter.java +++ b/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/StatiskDataForvalterApplicationStarter.java @@ -1,19 +1,16 @@ package no.nav.registre.sdforvalter; -import lombok.extern.slf4j.Slf4j; -import no.nav.registre.sdforvalter.util.VaultUtil; +import no.nav.testnav.libs.vault.VaultUtils; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; -@Slf4j @SpringBootApplication public class StatiskDataForvalterApplicationStarter { public static void main(String[] args) { - if ("prod".equals(System.getProperty("spring.profiles.active"))) { - VaultUtil.initCloudVaultToken(); - } - + VaultUtils.initCloudVaultToken("prod"); SpringApplication.run(StatiskDataForvalterApplicationStarter.class, args); + } + } \ No newline at end of file diff --git a/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/config/LocalVaultConfig.java b/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/config/LocalVaultConfig.java deleted file mode 100644 index d2d7a3a2897..00000000000 --- a/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/config/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.registre.sdforvalter.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("local") -@VaultPropertySource(value = "kv/preprod/fss/testnorge-statisk-data-forvalter/local", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/util/VaultUtil.java b/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/util/VaultUtil.java deleted file mode 100644 index 806c7964b35..00000000000 --- a/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/util/VaultUtil.java +++ /dev/null @@ -1,46 +0,0 @@ -package no.nav.registre.sdforvalter.util; - -import java.nio.charset.StandardCharsets; -import java.nio.file.Files; -import java.nio.file.Paths; - -import org.springframework.context.annotation.AnnotationConfigApplicationContext; -import org.springframework.core.env.ConfigurableEnvironment; - -import lombok.extern.slf4j.Slf4j; - -import no.nav.registre.sdforvalter.exception.UgyldigVaultTokenException; - -@Slf4j -public final class VaultUtil { - - private VaultUtil() { - } - - private static final String VAULT_TOKEN_PROPERTY = "VAULT_TOKEN"; - - private static String getVaultToken() { - - AnnotationConfigApplicationContext context = - new AnnotationConfigApplicationContext(); - ConfigurableEnvironment environment = context.getEnvironment(); - - try { - if (environment.containsProperty(VAULT_TOKEN_PROPERTY) && !"".equals(environment.getProperty(VAULT_TOKEN_PROPERTY))) { - return environment.getProperty(VAULT_TOKEN_PROPERTY); - } else if (Files.exists(Paths.get("/var/run/secrets/nais.io/vault/vault_token"))) { - byte[] encoded = Files.readAllBytes(Paths.get("/var/run/secrets/nais.io/vault/vault_token")); - return new String(encoded, StandardCharsets.UTF_8).trim(); - } else { - throw new UgyldigVaultTokenException("Neither VAULT_TOKEN or VAULT_TOKEN_PATH is set"); - } - } catch (Exception e) { - throw new UgyldigVaultTokenException("Could not get a vault token for authentication", e); - } - } - - public static void initCloudVaultToken() { - System.setProperty("spring.cloud.vault.token", getVaultToken()); - log.info(getVaultToken()); - } -} diff --git a/apps/testnorge-statisk-data-forvalter/src/main/resources/application-local.yml b/apps/testnorge-statisk-data-forvalter/src/main/resources/application-local.yml index 4e356d4f598..990670ce6dc 100644 --- a/apps/testnorge-statisk-data-forvalter/src/main/resources/application-local.yml +++ b/apps/testnorge-statisk-data-forvalter/src/main/resources/application-local.yml @@ -1,24 +1,31 @@ spring: + config: + import: "sm://" + cloud: + vault: + enabled: false + datasource: + url: jdbc:h2:mem:testdb?useUnicode=yes&characterEncoding=UTF-8 + username: sa + flyway: + enabled: true h2: console: enabled: true path: /h2 - flyway: - enabled: true - datasource: - url: jdbc:h2:mem:testdb?useUnicode=yes&characterEncoding=UTF-8 - username: sa jpa: properties: hibernate: dialect: org.hibernate.dialect.H2Dialect - cloud: - vault: - enabled: false + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} ereg.api: dummy -VAULT_URL: dummy +#VAULT_URL: dummy consumers: testnav-bruker-service: diff --git a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml index f38c4d4cc98..e5589722506 100644 --- a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml +++ b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml @@ -16,7 +16,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1AaregIntegrationTest.java b/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1AaregIntegrationTest.java index 2b3ad5222a0..e4a55a1408a 100644 --- a/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1AaregIntegrationTest.java +++ b/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1AaregIntegrationTest.java @@ -15,6 +15,7 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock; import org.springframework.http.MediaType; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.TestPropertySource; import org.springframework.test.web.servlet.MockMvc; @@ -30,6 +31,7 @@ @TestPropertySource( locations = "classpath:application-test.yml" ) +@ActiveProfiles("test") class StaticDataControllerV1AaregIntegrationTest { @Autowired private MockMvc mvc; diff --git a/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1EregIntegrationTest.java b/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1EregIntegrationTest.java index 7302232faa2..79be0e0d8cb 100644 --- a/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1EregIntegrationTest.java +++ b/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1EregIntegrationTest.java @@ -22,6 +22,7 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.http.MediaType; import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.TestPropertySource; import org.springframework.test.web.servlet.MockMvc; @@ -40,6 +41,7 @@ @TestPropertySource( locations = "classpath:application-test.yml" ) +@ActiveProfiles("test") class StaticDataControllerV1EregIntegrationTest { private static final String EREG_API = "/api/v1/faste-data/ereg"; @Autowired @@ -158,10 +160,9 @@ void shouldAddEregSetToDatabase() throws Exception { assertThat(eregRepository.findAll()) .hasSize(1) .first() - .isEqualToIgnoringGivenFields( - new EregModel(ereg, null, null, null), - "id", "createdAt", "updatedAt" - ); + .usingRecursiveComparison() + .ignoringFields("id", "createdAt", "updatedAt") + .isEqualTo(new EregModel(ereg, null, null, null)); } @Test @@ -216,7 +217,7 @@ void shouldOnlyGetEregWithGruppe() throws Exception { @Test @DirtiesContext(methodMode = DirtiesContext.MethodMode.BEFORE_METHOD) - void shouldAddEregWithGrouppe() throws Exception { + void shouldAddEregWithGruppe() throws Exception { GruppeModel gruppeModel = gruppeRepository.save(new GruppeModel( null, "TestKode", @@ -232,7 +233,9 @@ void shouldAddEregWithGrouppe() throws Exception { Iterable iterable = eregRepository.findAll(); assertThat(iterable).hasSize(1); assertThat(iterable.iterator().next().getGruppeModel()) - .isEqualToIgnoringGivenFields(gruppeModel, "id", "updatedAt", "createdAt"); + .usingRecursiveComparison() + .ignoringFields("createdAt", "updatedAt") + .isEqualTo(gruppeModel); } @@ -240,16 +243,18 @@ void shouldAddEregWithGrouppe() throws Exception { @DirtiesContext(methodMode = DirtiesContext.MethodMode.BEFORE_METHOD) void shouldAddOpprinnelseToDatabase() throws Exception { Opprinnelse altinn = new Opprinnelse("Altinn"); - Ereg ereg_123456789 = createEreg("123456789", "BEDR", altinn.getNavn()); - Ereg ereg_987654321 = createEreg("987654321", "BEDR", altinn.getNavn()); + var ereg123456789 = createEreg("123456789", "BEDR", altinn.getNavn()); + var ereg987654321 = createEreg("987654321", "BEDR", altinn.getNavn()); mvc.perform(post(EREG_API) - .content(objectMapper.writeValueAsString(create(ereg_123456789, ereg_987654321))) + .content(objectMapper.writeValueAsString(create(ereg123456789, ereg987654321))) .contentType(MediaType.APPLICATION_JSON).with(jwt())) .andExpect(status().isOk()); assertThat(Lists.newArrayList(opprinnelseRepository.findAll())) .hasSize(1) .first() - .isEqualToComparingOnlyGivenFields(new OpprinnelseModel(altinn), "navn"); + .usingRecursiveComparison() + .comparingOnlyFields("navn") + .isEqualTo(new OpprinnelseModel(altinn)); } diff --git a/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1KrrIntegrationTest.java b/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1KrrIntegrationTest.java index 4d6e2598e77..8f2bc905730 100644 --- a/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1KrrIntegrationTest.java +++ b/apps/testnorge-statisk-data-forvalter/src/test/java/no/nav/registre/sdforvalter/provider/rs/v1/StaticDataControllerV1KrrIntegrationTest.java @@ -15,6 +15,7 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock; import org.springframework.http.MediaType; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.TestPropertySource; import org.springframework.test.web.servlet.MockMvc; @@ -34,6 +35,7 @@ @TestPropertySource( locations = "classpath:application-test.yml" ) +@ActiveProfiles("test") class StaticDataControllerV1KrrIntegrationTest { @Autowired private MockMvc mvc; diff --git a/apps/testnorge-statisk-data-forvalter/src/test/resources/application-test.yml b/apps/testnorge-statisk-data-forvalter/src/test/resources/application-test.yml index ab90dcc896b..00f18d3c630 100644 --- a/apps/testnorge-statisk-data-forvalter/src/test/resources/application-test.yml +++ b/apps/testnorge-statisk-data-forvalter/src/test/resources/application-test.yml @@ -12,6 +12,9 @@ spring: flyway: enabled: true cloud: + gcp: + secretmanager: + enabled: false vault: token: dummy diff --git a/apps/tilbakemelding-api/README.md b/apps/tilbakemelding-api/README.md index de5a7cc328c..10f467e64cd 100644 --- a/apps/tilbakemelding-api/README.md +++ b/apps/tilbakemelding-api/README.md @@ -7,20 +7,7 @@ parent: Applikasjoner # testnorge-tilbakemelding-api App for innsending av tilbakemeldinger. Tilbakemeldingene blir publisert i slack -## Swagger -Swagger finnes under [/swagger](https://testnorge-tilbakemelding-api.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. - - ## Lokal kjøring -Ha naisdevice kjørende og kjør TilbakemeldingApiApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=dev -``` +* [Generelt.](../../docs/local_general.md) -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +**NB: Bruk av TOKEN_X_ISSUER må fikses før applikasjonen kan kjøres lokalt.** diff --git a/apps/tilbakemelding-api/build.gradle b/apps/tilbakemelding-api/build.gradle index 67b3ce5db55..bb1fe38a683 100644 --- a/apps/tilbakemelding-api/build.gradle +++ b/apps/tilbakemelding-api/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:slack" - implementation "no.nav.testnav.libs:vault" implementation "no.nav.testnav.libs:data-transfer-objects" diff --git a/apps/tilbakemelding-api/settings.gradle b/apps/tilbakemelding-api/settings.gradle index 47e3294afbd..ff9d177fc6e 100644 --- a/apps/tilbakemelding-api/settings.gradle +++ b/apps/tilbakemelding-api/settings.gradle @@ -12,7 +12,6 @@ includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' includeBuild '../../libs/slack' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/TilbakemeldingApiApplicationStarter.java b/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/TilbakemeldingApiApplicationStarter.java index fb2fdf1188d..f3a9979d47e 100644 --- a/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/TilbakemeldingApiApplicationStarter.java +++ b/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/TilbakemeldingApiApplicationStarter.java @@ -2,10 +2,14 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; @SpringBootApplication +@EnableWebSecurity public class TilbakemeldingApiApplicationStarter { + public static void main(String[] args) { SpringApplication.run(TilbakemeldingApiApplicationStarter.class, args); } + } diff --git a/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/config/LocalVaultConfig.java b/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/config/LocalVaultConfig.java deleted file mode 100644 index 343cff4e4d8..00000000000 --- a/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/config/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.registre.testnorge.tilbakemeldingapi.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "kv/preprod/fss/testnorge-tilbakemelding-api/dev", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/config/SecurityConfig.java b/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/config/SecurityConfig.java index 577f5335a1c..3ac54bb6c89 100644 --- a/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/config/SecurityConfig.java +++ b/apps/tilbakemelding-api/src/main/java/no/nav/registre/testnorge/tilbakemeldingapi/config/SecurityConfig.java @@ -2,17 +2,13 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.web.SecurityFilterChain; -@EnableWebSecurity @Configuration -@Profile({ "prod", "dev" }) public class SecurityConfig { @Bean diff --git a/apps/tilbakemelding-api/src/main/resources/application-dev.yml b/apps/tilbakemelding-api/src/main/resources/application-dev.yml index b25b57f4c2d..6d22c7f56a1 100644 --- a/apps/tilbakemelding-api/src/main/resources/application-dev.yml +++ b/apps/tilbakemelding-api/src/main/resources/application-dev.yml @@ -1,3 +1,6 @@ +TOKEN_X_ISSUER: dummy +SLACK_CHANNEL: dummy +SLACK_TOKEN: dummy consumers: profil-api: diff --git a/apps/tilbakemelding-api/src/main/resources/application.yml b/apps/tilbakemelding-api/src/main/resources/application.yml index 5a9f356e5bd..f90336663c1 100644 --- a/apps/tilbakemelding-api/src/main/resources/application.yml +++ b/apps/tilbakemelding-api/src/main/resources/application.yml @@ -11,7 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/tilbakemelding-api/src/main/resources/bootstrap.yml b/apps/tilbakemelding-api/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/tilbakemelding-api/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/tilbakemelding-api/src/test/java/no/nav/registre/testnorge/tilbakemeldingapi/ApplicationContextTest.java b/apps/tilbakemelding-api/src/test/java/no/nav/registre/testnorge/tilbakemeldingapi/ApplicationContextTest.java index 551f5d40be1..e4e96cffc49 100644 --- a/apps/tilbakemelding-api/src/test/java/no/nav/registre/testnorge/tilbakemeldingapi/ApplicationContextTest.java +++ b/apps/tilbakemelding-api/src/test/java/no/nav/registre/testnorge/tilbakemeldingapi/ApplicationContextTest.java @@ -6,15 +6,20 @@ import org.springframework.security.oauth2.jwt.JwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean + @SuppressWarnings("unused") private JwtDecoder jwtDecoder; @Test @SuppressWarnings("java:S2699") - void load_app_context() { + void loadAppContext() { + assertThat(true).isTrue(); } + } diff --git a/apps/tilbakemelding-api/src/test/resources/application-test.properties b/apps/tilbakemelding-api/src/test/resources/application-test.properties deleted file mode 100644 index b03ff5a1383..00000000000 --- a/apps/tilbakemelding-api/src/test/resources/application-test.properties +++ /dev/null @@ -1,3 +0,0 @@ -SLACK_TOKEN=dummy -SLACK_CHANNEL=dummy -TOKEN_X_ISSUER= dummy \ No newline at end of file diff --git a/apps/tilbakemelding-api/src/test/resources/application-test.yml b/apps/tilbakemelding-api/src/test/resources/application-test.yml new file mode 100644 index 00000000000..70b69dfb28a --- /dev/null +++ b/apps/tilbakemelding-api/src/test/resources/application-test.yml @@ -0,0 +1,9 @@ +SLACK_TOKEN: dummy +SLACK_CHANNEL: dummy +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/tps-messaging-service/README.md b/apps/tps-messaging-service/README.md index 34489b5e73c..5cf4e99502d 100644 --- a/apps/tps-messaging-service/README.md +++ b/apps/tps-messaging-service/README.md @@ -1,21 +1,11 @@ # TPS-messaging-service TPS-messaging-service gir mulighet å sende og motta XML-meldinger mot TPS MQ-køer, samt lese XML-innhold fra TPS servicerutiner over CICS. - -## Swagger -Swagger finnes under [/swagger](https://testnav-tps-messaging-service.intern.dev.nav.no/swagger) -endepunktet til -applikasjonen. ## Lokal kjøring -Ha naisdevice kjørende og kjør TpsMessagingServiceApplicationStarter med følgende argumenter: -``` ---add-opens java.base/java.lang=ALL-UNNAMED --Dspring.profiles.active=local --Dspring.cloud.vault.token=[kopier token fra vault] -``` +* [Generelt](../../docs/local_general.md) +* [Lokal PostgreSQL.](../../docs/local_db.md) -På Naisdevice er det ikke åpnet opp for kjøring mot MQ. Det er mulig å teste mot et Dockerimage som innholder en test-MQ, -i hht denne lenke: -https://developer.ibm.com/tutorials/mq-connect-app-queue-manager-containers/ +Gjennom `naisdevice` er det ikke åpnet opp for kjøring mot MQ. Det er mulig å teste mot et Dockerimage som innholder en test-MQ, i hht. [dokumentasjon](https://developer.ibm.com/tutorials/mq-connect-app-queue-manager-containers/). Kommandoer for Docker: ``` diff --git a/apps/tps-messaging-service/build.gradle b/apps/tps-messaging-service/build.gradle index a2c244db4ed..2312c2bdaa3 100644 --- a/apps/tps-messaging-service/build.gradle +++ b/apps/tps-messaging-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/tps-messaging-service/settings.gradle b/apps/tps-messaging-service/settings.gradle index cf84b0dd2d8..4eef351ae4e 100644 --- a/apps/tps-messaging-service/settings.gradle +++ b/apps/tps-messaging-service/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/data-transfer-search-objects' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/tps-messaging-service/src/main/java/no/nav/testnav/apps/tpsmessagingservice/config/LocalVaultConfig.java b/apps/tps-messaging-service/src/main/java/no/nav/testnav/apps/tpsmessagingservice/config/LocalVaultConfig.java deleted file mode 100644 index 9b460eca5b7..00000000000 --- a/apps/tps-messaging-service/src/main/java/no/nav/testnav/apps/tpsmessagingservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.apps.tpsmessagingservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("local") -@VaultPropertySource(value = "serviceuser/dev/srvtestnav-tps-messa", propertyNamePrefix = "credentials.mq.", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/tps-messaging-service/src/main/resources/application-local.yaml b/apps/tps-messaging-service/src/main/resources/application-local.yml similarity index 100% rename from apps/tps-messaging-service/src/main/resources/application-local.yaml rename to apps/tps-messaging-service/src/main/resources/application-local.yml diff --git a/apps/tps-messaging-service/src/main/resources/application-prod.yaml b/apps/tps-messaging-service/src/main/resources/application-prod.yml similarity index 100% rename from apps/tps-messaging-service/src/main/resources/application-prod.yaml rename to apps/tps-messaging-service/src/main/resources/application-prod.yml diff --git a/apps/tps-messaging-service/src/main/resources/application.yaml b/apps/tps-messaging-service/src/main/resources/application.yml similarity index 91% rename from apps/tps-messaging-service/src/main/resources/application.yaml rename to apps/tps-messaging-service/src/main/resources/application.yml index d0c77894e46..56048e1677b 100644 --- a/apps/tps-messaging-service/src/main/resources/application.yaml +++ b/apps/tps-messaging-service/src/main/resources/application.yml @@ -4,8 +4,9 @@ spring: application: name: testnav-tps-messaging-service cloud: - vault: - enabled: false + gcp: + secretmanager: + enabled: false flyway: enabled: false security: @@ -14,7 +15,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tps-messaging-service/src/main/resources/bootstrap.yaml b/apps/tps-messaging-service/src/main/resources/bootstrap.yaml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/tps-messaging-service/src/main/resources/bootstrap.yaml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/tps-messaging-service/src/test/Resources/application-test.yaml b/apps/tps-messaging-service/src/test/Resources/application-test.yml similarity index 77% rename from apps/tps-messaging-service/src/test/Resources/application-test.yaml rename to apps/tps-messaging-service/src/test/Resources/application-test.yml index 9996130350b..b44dd04c473 100644 --- a/apps/tps-messaging-service/src/test/Resources/application-test.yaml +++ b/apps/tps-messaging-service/src/test/Resources/application-test.yml @@ -1,3 +1,5 @@ +TOKEN_X_ISSUER: dummy + config: mq: test: @@ -12,10 +14,4 @@ consumers: url: http://not.actually.used cluster: dev-gcp namespace: dolly - name: testnav-miljoer-service - -TOKEN_X_ISSUER: dummy -spring: - cloud: - vault: - enabled: false \ No newline at end of file + name: testnav-miljoer-service \ No newline at end of file diff --git a/apps/tps-messaging-service/src/test/java/no/nav/testnav/apps/tpsmessagingservice/ApplicationContextTest.java b/apps/tps-messaging-service/src/test/java/no/nav/testnav/apps/tpsmessagingservice/ApplicationContextTest.java index a2835984b37..90ed768d9e0 100644 --- a/apps/tps-messaging-service/src/test/java/no/nav/testnav/apps/tpsmessagingservice/ApplicationContextTest.java +++ b/apps/tps-messaging-service/src/test/java/no/nav/testnav/apps/tpsmessagingservice/ApplicationContextTest.java @@ -1,7 +1,5 @@ package no.nav.testnav.apps.tpsmessagingservice; -import org.junit.jupiter.api.Disabled; -import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.Test; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.mock.mockito.MockBean; @@ -10,7 +8,6 @@ import static org.assertj.core.api.AssertionsForClassTypes.assertThat; -@Disabled @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @@ -20,8 +17,7 @@ class ApplicationContextTest { private JwtDecoder jwtDecoder; @Test - @DisplayName("Application context should load") - void load_app_context() { + void loadAppContext() { assertThat(true).isTrue(); } diff --git a/apps/udi-stub/README.md b/apps/udi-stub/README.md index a610a861dda..e2cfc7c1e6b 100644 --- a/apps/udi-stub/README.md +++ b/apps/udi-stub/README.md @@ -5,12 +5,10 @@ parent: Applikasjoner --- # UDI-stub - Stub av UDI sine tjenester som brukes av NAV. Stubben inneholder også REST endepunkter for å legge til personer i databasen. ## Bruk - Applikasjonen eksponerer SOAP tjenesten 'person status' fra UDI, men med egne data. Data opprettes via REST-tjenesten @@ -21,28 +19,5 @@ For dokumentasjon av applikasjonen sine endepunkter: - `WSDL: /ws/udistub.wsdl ## Lokal kjøring - -Ha naisdevice kjørende og kjør UdiStubApplicationStarter med følgende argumenter: - -``` ---add-opens java.base/java.lang=ALL-UNNAMED --Dspring.profiles.active=local --Dspring.cloud.vault.token=[vault-token] -``` - -For å kjøre tester og bygge appen lokalt må Docker (Colima kan brukes på Mac) kjøre og man er nødt til å sette disse -miljøvariablene: - -``` -DOCKER_HOST=unix://${HOME}/.colima/default/docker.sock -TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE=/var/run/docker.sock -TESTCONTAINERS_RYUK_DISABLED=true -``` - -## Deployment - -Applikasjonen kan kjøre lokalt med en h2 database som kjører i minnet. Applikasjonen kan også kjøres i en skytjeneste -med integrasjon mot Vault og postgresql. Hvis andre integrasjoner er ønskelig må disse implementeres i en egen submodul -hvor integrasjonen defineres f.eks via en @Configuration annotert klasse. - -Applikasjonen er avhengig av en lokal PSQL-database. For mer informasjon se [egen dokumentasjon](../../docs/local_db.md). \ No newline at end of file +* [Generelt.](../../docs/local_general.md) +* [Lokal PostgreSQL.](../../docs/local_db.md) \ No newline at end of file diff --git a/apps/udi-stub/src/main/java/no/nav/udistub/UdiStubApplicationStarter.java b/apps/udi-stub/src/main/java/no/nav/udistub/UdiStubApplicationStarter.java index b6eb3a1b723..69021133142 100644 --- a/apps/udi-stub/src/main/java/no/nav/udistub/UdiStubApplicationStarter.java +++ b/apps/udi-stub/src/main/java/no/nav/udistub/UdiStubApplicationStarter.java @@ -1,6 +1,6 @@ package no.nav.udistub; -import no.nav.testnav.libs.servletcore.util.VaultUtil; +import no.nav.testnav.libs.vault.VaultUtils; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @@ -8,11 +8,8 @@ public class UdiStubApplicationStarter { public static void main(String[] args) { - - if ("prod".equals(System.getProperty("spring.profiles.active"))) { - VaultUtil.initCloudVaultToken(); - } - + VaultUtils.initCloudVaultToken("prod"); SpringApplication.run(UdiStubApplicationStarter.class, args); } + } diff --git a/apps/udi-stub/src/main/java/no/nav/udistub/config/LocalVaultConfig.java b/apps/udi-stub/src/main/java/no/nav/udistub/config/LocalVaultConfig.java deleted file mode 100644 index f928da09121..00000000000 --- a/apps/udi-stub/src/main/java/no/nav/udistub/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.udistub.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/udi-stub/src/main/resources/application-local.yml b/apps/udi-stub/src/main/resources/application-local.yml index dbdde1d44dd..655f30ef7a8 100644 --- a/apps/udi-stub/src/main/resources/application-local.yml +++ b/apps/udi-stub/src/main/resources/application-local.yml @@ -1,4 +1,7 @@ spring: + cloud: + vault: + enabled: false datasource: hikari: maximum-pool-size: 3 diff --git a/apps/udi-stub/src/main/resources/application.yml b/apps/udi-stub/src/main/resources/application.yml index 01a94b41a53..0072dcc00e8 100644 --- a/apps/udi-stub/src/main/resources/application.yml +++ b/apps/udi-stub/src/main/resources/application.yml @@ -9,7 +9,6 @@ spring: properties: hibernate: default-schema: public - dialect: org.hibernate.dialect.PostgreSQLDialect flyway: enabled: true connect-retries-interval: 15s @@ -22,7 +21,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/udi-stub/src/test/resources/application-test.yml b/apps/udi-stub/src/test/resources/application-test.yml index 123ac8aa009..e191f5ee131 100644 --- a/apps/udi-stub/src/test/resources/application-test.yml +++ b/apps/udi-stub/src/test/resources/application-test.yml @@ -1,5 +1,10 @@ +TOKEN_X_ISSUER: dummy + spring: cloud: + gcp: + secretmanager: + enabled: false vault: database: enabled: false @@ -13,6 +18,4 @@ spring: hibernate: ddl-auto: create flyway: - enabled: false - -TOKEN_X_ISSUER: dummy \ No newline at end of file + enabled: false \ No newline at end of file diff --git a/apps/varslinger-service/README.md b/apps/varslinger-service/README.md index 5a0cd75447f..5210a34559f 100644 --- a/apps/varslinger-service/README.md +++ b/apps/varslinger-service/README.md @@ -5,21 +5,8 @@ parent: Applikasjoner --- # Varslinger-service -Applikasjon for registering av varslinger og brukeres varslinger. - -## Swagger -Swagger finnes under [/swagger](https://testnav-varslinger-service.intern.dev.nav.no/swagger) -endepunktet til applikasjonen. +Applikasjon for registering av varslinger og brukeres varslinger. ## Lokal kjøring -Ha naisdevice kjørende og kjør deretter VarslingerServiceApplicationStarter med følgende argumenter: -``` --Dspring.cloud.vault.token=[kopier token fra vault] --Dspring.profiles.active=dev -``` - -### Utviklerimage -I utviklerimage brukes ikke naisdevice og du må legge til følgende ekstra argumenter: -``` --Djavax.net.ssl.trustStore=[path til lokal truststore] --Djavax.net.ssl.trustStorePassword=[passord til lokal truststore] -``` +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) diff --git a/apps/varslinger-service/build.gradle b/apps/varslinger-service/build.gradle index fb8da68e8c9..1f8ebfd2ccd 100644 --- a/apps/varslinger-service/build.gradle +++ b/apps/varslinger-service/build.gradle @@ -13,16 +13,12 @@ dependencies { implementation "com.google.guava:guava:$versions.guava" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:database" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.cloud:spring-cloud-starter-bootstrap" // TODO remove legacy bootstrap config - implementation "org.springframework.cloud:spring-cloud-vault-config-databases" - implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/varslinger-service/settings.gradle b/apps/varslinger-service/settings.gradle index a8de5bf5f9e..9b26ef87ef0 100644 --- a/apps/varslinger-service/settings.gradle +++ b/apps/varslinger-service/settings.gradle @@ -7,11 +7,9 @@ rootProject.name = 'varslinger-service' includeBuild "../../plugins/java" includeBuild '../../libs/data-transfer-objects' -includeBuild '../../libs/database' includeBuild '../../libs/security-core' includeBuild '../../libs/servlet-core' includeBuild '../../libs/servlet-security' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/apps/varslinger-service/src/main/java/no/nav/registre/varslingerservice/config/ApplicationConfig.java b/apps/varslinger-service/src/main/java/no/nav/registre/varslingerservice/config/ApplicationConfig.java index 40bd4555d11..01d97996a29 100644 --- a/apps/varslinger-service/src/main/java/no/nav/registre/varslingerservice/config/ApplicationConfig.java +++ b/apps/varslinger-service/src/main/java/no/nav/registre/varslingerservice/config/ApplicationConfig.java @@ -1,6 +1,5 @@ package no.nav.registre.varslingerservice.config; -import no.nav.testnav.libs.database.config.FlywayConfiguration; import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig; import no.nav.testnav.libs.servletsecurity.config.SecureOAuth2ServerToServerConfiguration; import org.springframework.context.annotation.Configuration; @@ -11,7 +10,6 @@ @Configuration @Import({ ApplicationCoreConfig.class, - FlywayConfiguration.class, SecureOAuth2ServerToServerConfiguration.class }) public class ApplicationConfig { diff --git a/apps/varslinger-service/src/main/java/no/nav/registre/varslingerservice/config/LocalVaultConfig.java b/apps/varslinger-service/src/main/java/no/nav/registre/varslingerservice/config/LocalVaultConfig.java deleted file mode 100644 index 4eef1029192..00000000000 --- a/apps/varslinger-service/src/main/java/no/nav/registre/varslingerservice/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.registre.varslingerservice.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/apps/varslinger-service/src/main/resources/application-local.yml b/apps/varslinger-service/src/main/resources/application-local.yml index ff0bb76a278..d3b9d76b55c 100644 --- a/apps/varslinger-service/src/main/resources/application-local.yml +++ b/apps/varslinger-service/src/main/resources/application-local.yml @@ -1,5 +1,7 @@ spring: + config: + import: "sm://" h2: console: enabled: true @@ -15,7 +17,10 @@ spring: properties: hibernate: dialect: org.hibernate.dialect.H2Dialect + security: oauth2: resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} tokenx: accepted-audience: dev-gcp:dolly:testnav-varslinger-service-dev diff --git a/apps/varslinger-service/src/main/resources/application.yml b/apps/varslinger-service/src/main/resources/application.yml index 8a78f09871b..2308249ef43 100644 --- a/apps/varslinger-service/src/main/resources/application.yml +++ b/apps/varslinger-service/src/main/resources/application.yml @@ -13,7 +13,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} diff --git a/apps/varslinger-service/src/main/resources/bootstrap.yml b/apps/varslinger-service/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/varslinger-service/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/apps/varslinger-service/src/test/resources/application-test.properties b/apps/varslinger-service/src/test/resources/application-test.properties deleted file mode 100644 index 483fe127f1f..00000000000 --- a/apps/varslinger-service/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER= dummy \ No newline at end of file diff --git a/apps/varslinger-service/src/test/resources/application-test.yml b/apps/varslinger-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..aa8bfa92394 --- /dev/null +++ b/apps/varslinger-service/src/test/resources/application-test.yml @@ -0,0 +1,7 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/apps/varslinger-service/src/test/resources/bootstrap.yml b/apps/varslinger-service/src/test/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/apps/varslinger-service/src/test/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/docs/local_opensearch.md b/docs/local_opensearch.md new file mode 100644 index 00000000000..e9b33aa5bde --- /dev/null +++ b/docs/local_opensearch.md @@ -0,0 +1,5 @@ +Enkelte applikasjoner trenger OpenSearch kjørende lokalt i Docker: +``` +> docker run -p 9200:9200 -p 9600:9600 -e "discovery.type=single-node" -e "plugins.security.disabled=true" -e "OPENSEARCH_INITIAL_ADMIN_PASSWORD=YLAgOm}rz#o6#Aq" --name opensearch -d opensearchproject/opensearch:latest +``` +Legg merke til passord `YLAgOm}rz#o6#Aq` (tilfeldig [generert](https://www.strongpasswordgenerator.org/), men må være "sterkt" ellers vil ikke OpenSearch starte). \ No newline at end of file diff --git a/docs/local_secretmanager.md b/docs/local_secretmanager.md new file mode 100644 index 00000000000..bad8222050d --- /dev/null +++ b/docs/local_secretmanager.md @@ -0,0 +1,18 @@ +## Google Cloud Secret Manager + +Noen hemmeligheter lagres i [Secret Manager](https://console.cloud.google.com/security/secret-manager?project=dolly-dev-ff83), som tilsvarer gamle [Vault](https://vault.adeo.no/). Disse hentes automagisk av applikasjonen ved oppstart lokalt gitt at man autentiserer seg med [gcloud CLI](https://cloud.google.com/cli?hl=en) først. + +Applikasjonen må ha en dependency på `com.google.cloud:spring-cloud-gcp-starter-secretmanager`. Denne er inkludert ved bruk av plugins [dolly-apps](../plugins/java/src/main/groovy/dolly-apps.gradle) eller [dolly-proxies](../plugins/java/src/main/groovy/dolly-proxies.gradle). + +Konfigurasjonen importerer namespace `sm://` og refererer deretter til secrets i ordinær config med `${sm://SECRET_NAME}`. Eks. fra en `application-local.yml`: +```yaml +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} +``` +Ingen annen kode kreves. \ No newline at end of file diff --git a/docs/local_vault.md b/docs/local_vault.md deleted file mode 100644 index 0acf1256fed..00000000000 --- a/docs/local_vault.md +++ /dev/null @@ -1,20 +0,0 @@ -# Hvordan bruke Vault for kjøring lokalt - -Enkelte applikasjoner/proxyer er avhengig av tilgang til Vault for å hente ut enkelte properties under lokal kjøring. - -Det er 3 måter å konfigurere tilgang til Vault på. Uansett hvilken metode du velger så er token gyldig i 8 timer. Du trenger altså ikke å autentisere deg på nytt før token utgår. - -### 1. Bruke Vault CLI. -Avhenger av at du har [Vault CLI](https://developer.hashicorp.com/vault/docs/commands) installert, og har autentisert deg på forhånd vha. `vault login -method=oidc`. -### 2. Sette VM option `spring.cloud.vault.token`. -Avhenger av at du henter token fra [Vault](https://vault.adeo.no/) og oppdaterer runtime configuration med VM option `-Dspring.cloud.vault.token=`. -### 3. Sette system environment variable `VAULT_TOKEN`. -Avhenger av at du henter token fra Vault og oppdaterer runtime configuration med environment variable `VAULT_TOKEN=`. - -### Prioritering -Vault token hentes i rekkefølgen: -1. Environment variable `VAULT_TOKEN`. -2. VM option `spring.cloud.vault.token`. -3. Vault CLI `vault print token`. - -Koden for dette ligger i [AbstractLocalVaultConfiguration](../libs/vault/src/main/java/no/nav/testnav/libs/vault/AbstractLocalVaultConfiguration.java). \ No newline at end of file diff --git a/libs/servlet-core/build.gradle b/libs/servlet-core/build.gradle index 37aba9ca55a..0b12d2a71ed 100644 --- a/libs/servlet-core/build.gradle +++ b/libs/servlet-core/build.gradle @@ -10,11 +10,9 @@ sonarqube { } dependencies { - implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" - implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.boot:spring-boot-starter-actuator' } \ No newline at end of file diff --git a/libs/vault/build.gradle b/libs/vault/build.gradle index fca4297e516..e4af068b808 100644 --- a/libs/vault/build.gradle +++ b/libs/vault/build.gradle @@ -3,5 +3,5 @@ plugins { } dependencies { - implementation 'org.springframework.cloud:spring-cloud-vault-config-databases' + api "org.springframework.cloud:spring-cloud-starter-vault-config" } \ No newline at end of file diff --git a/libs/vault/src/main/java/no/nav/testnav/libs/vault/AbstractLocalVaultConfiguration.java b/libs/vault/src/main/java/no/nav/testnav/libs/vault/AbstractLocalVaultConfiguration.java deleted file mode 100644 index c4c23fd503f..00000000000 --- a/libs/vault/src/main/java/no/nav/testnav/libs/vault/AbstractLocalVaultConfiguration.java +++ /dev/null @@ -1,75 +0,0 @@ -package no.nav.testnav.libs.vault; - -import io.micrometer.common.lang.NonNullApi; -import lombok.extern.slf4j.Slf4j; -import org.springframework.context.annotation.Configuration; -import org.springframework.vault.annotation.VaultPropertySource; -import org.springframework.vault.authentication.ClientAuthentication; -import org.springframework.vault.authentication.TokenAuthentication; -import org.springframework.vault.client.VaultEndpoint; -import org.springframework.vault.config.AbstractVaultConfiguration; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; - -@Configuration -@VaultPropertySource(value = "secret/dolly/lokal", ignoreSecretNotFound = false) -@NonNullApi -@Slf4j -public abstract class AbstractLocalVaultConfiguration extends AbstractVaultConfiguration { - - private static final String SYSTEM_PROPERTY = "spring.cloud.vault.token"; - private static final String ENVIRONMENT_VARIABLE = "VAULT_TOKEN"; - - @Override - public VaultEndpoint vaultEndpoint() { - return VaultEndpoint.create("vault.adeo.no", 443); - } - - @Override - public ClientAuthentication clientAuthentication() - throws IllegalArgumentException { - - if (missingToken()) { - setTokenFromEnvironment(); - } - if (missingToken()) { - setTokenFromCommand(); - } - if (missingToken()) { - throw new IllegalArgumentException("Vault token '%s' not configured as a system property".formatted(SYSTEM_PROPERTY)); - } - return new TokenAuthentication(System.getProperty(SYSTEM_PROPERTY)); - - } - - private static boolean missingToken() { - var token = System.getProperty(SYSTEM_PROPERTY); - return token == null || token.isEmpty(); - } - - private static void setTokenFromEnvironment() { - if (System.getenv().containsKey(ENVIRONMENT_VARIABLE)) { - System.setProperty(SYSTEM_PROPERTY, System.getenv(ENVIRONMENT_VARIABLE)); - log.info("Vault token '{}' set from environment", SYSTEM_PROPERTY); - } - } - - private static void setTokenFromCommand() { - try { - var process = new ProcessBuilder() - .command("vault", "print", "token") - .start(); - var token = new BufferedReader(new InputStreamReader(process.getInputStream())) - .readLine(); - if (token != null && !token.isEmpty()) { - System.setProperty(SYSTEM_PROPERTY, token); - log.info("Vault token '{}' set from command", SYSTEM_PROPERTY); - } - } catch (IOException e) { - log.warn("Failed to read token from 'vault print token'", e); - } - } - -} diff --git a/libs/servlet-core/src/main/java/no/nav/testnav/libs/servletcore/util/VaultException.java b/libs/vault/src/main/java/no/nav/testnav/libs/vault/VaultException.java similarity index 82% rename from libs/servlet-core/src/main/java/no/nav/testnav/libs/servletcore/util/VaultException.java rename to libs/vault/src/main/java/no/nav/testnav/libs/vault/VaultException.java index acf7a533722..29d5f2c7534 100644 --- a/libs/servlet-core/src/main/java/no/nav/testnav/libs/servletcore/util/VaultException.java +++ b/libs/vault/src/main/java/no/nav/testnav/libs/vault/VaultException.java @@ -1,4 +1,4 @@ -package no.nav.testnav.libs.servletcore.util; +package no.nav.testnav.libs.vault; public class VaultException extends RuntimeException { diff --git a/libs/servlet-core/src/main/java/no/nav/testnav/libs/servletcore/util/VaultUtil.java b/libs/vault/src/main/java/no/nav/testnav/libs/vault/VaultUtils.java similarity index 86% rename from libs/servlet-core/src/main/java/no/nav/testnav/libs/servletcore/util/VaultUtil.java rename to libs/vault/src/main/java/no/nav/testnav/libs/vault/VaultUtils.java index c29cc53cd3b..e2082e44ed9 100644 --- a/libs/servlet-core/src/main/java/no/nav/testnav/libs/servletcore/util/VaultUtil.java +++ b/libs/vault/src/main/java/no/nav/testnav/libs/vault/VaultUtils.java @@ -1,4 +1,4 @@ -package no.nav.testnav.libs.servletcore.util; +package no.nav.testnav.libs.vault; import lombok.NoArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -13,7 +13,7 @@ @NoArgsConstructor(access = PRIVATE) @Slf4j -public final class VaultUtil { +public final class VaultUtils { private static final String NAIS_CLUSTER_SYSTEM_PROPERTY = "NAIS_CLUSTER_NAME"; private static final String VAULT_TOKEN_SYSTEM_PROPERTY = "spring.cloud.vault.token"; @@ -49,8 +49,10 @@ private static String getVaultToken() { } - public static void initCloudVaultToken() { - System.setProperty(VAULT_TOKEN_SYSTEM_PROPERTY, getVaultToken()); + public static void initCloudVaultToken(String ifProfileIs) { + if (ifProfileIs.equals(System.getProperty("spring.profiles.active"))) { + System.setProperty(VAULT_TOKEN_SYSTEM_PROPERTY, getVaultToken()); + } } } diff --git a/plugins/java/src/main/groovy/dolly-apps.gradle b/plugins/java/src/main/groovy/dolly-apps.gradle index 3426f98bdd1..0fae49b11a1 100644 --- a/plugins/java/src/main/groovy/dolly-apps.gradle +++ b/plugins/java/src/main/groovy/dolly-apps.gradle @@ -21,12 +21,12 @@ dependencies { developmentOnly "org.springframework.boot:spring-boot-devtools" + implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" runtimeOnly "io.micrometer:micrometer-registry-prometheus" diff --git a/plugins/java/src/main/groovy/dolly-proxies.gradle b/plugins/java/src/main/groovy/dolly-proxies.gradle index 32d66f2e394..49e56913c03 100644 --- a/plugins/java/src/main/groovy/dolly-proxies.gradle +++ b/plugins/java/src/main/groovy/dolly-proxies.gradle @@ -21,6 +21,7 @@ dependencies { developmentOnly "org.springframework.boot:spring-boot-devtools" + implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" @@ -29,8 +30,8 @@ dependencies { implementation "org.springframework.boot:spring-boot-starter-actuator" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.cloud:spring-cloud-starter-gateway" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" + runtimeOnly "io.grpc:grpc-netty:$versions.grpc" runtimeOnly "io.micrometer:micrometer-registry-prometheus" testAnnotationProcessor "org.projectlombok:lombok" diff --git a/plugins/java/src/main/groovy/dolly-versions.gradle b/plugins/java/src/main/groovy/dolly-versions.gradle index bd7e53dcd9f..21ecd0f94d8 100644 --- a/plugins/java/src/main/groovy/dolly-versions.gradle +++ b/plugins/java/src/main/groovy/dolly-versions.gradle @@ -17,6 +17,7 @@ class DollyVersionCatalog { String avro = "7.6.1" String bouncyCastle = "1.78.1" String guava = "33.2.0-jre" + String grpc = "1.68.1" String jackson = "2.17.2" String jakartaActivation = "2.1.3" String jakartaValidation = "3.1.0" diff --git a/proxies/aareg-proxy/README.md b/proxies/aareg-proxy/README.md index 31c246f9b4c..68b08c1c776 100644 --- a/proxies/aareg-proxy/README.md +++ b/proxies/aareg-proxy/README.md @@ -1,10 +1,5 @@ En proxy for lesetilgang til [aareg-services](https://github.com/navikt/aareg-services), og skrivetilgang til [aareg-vedlikehold](https://github.com/navikt/aareg-vedlikehold). -For å kjøre lokalt (Spring profile _local_) så må en secret hentes fra pod og legges inn i `application-local.yaml` for `AZURE_TRYGDEETATEN_APP_CLIENT_SECRET`: -```powershell -POWERSHELL> $mypod = &{kubectl get pods -l app=testnav-aareg-proxy --no-headers -o custom-columns=":metadata.name"}; ` - Write-Output "AZURE_TRYGDEETATEN_APP_CLIENT_SECRET=$(kubectl exec $mypod -- printenv AZURE_APP_CLIENT_SECRET)" -``` -Ellers gjelder vanlig rutine med [Vault](https://vault.adeo.no/) token i `-Dspring.cloud.vault.token=`. - -En del ekstra actuators aktiveres i Spring profile _local_, ref. http://localhost:8080/actuator, se. f.eks. http://localhost:8080/actuator/gateway/routes. \ No newline at end of file +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/aareg-proxy/build.gradle b/proxies/aareg-proxy/build.gradle index 33156f84549..bc14357ff77 100644 --- a/proxies/aareg-proxy/build.gradle +++ b/proxies/aareg-proxy/build.gradle @@ -12,8 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/aareg-proxy/settings.gradle b/proxies/aareg-proxy/settings.gradle index 7903b34c17e..a2b3817b5a1 100644 --- a/proxies/aareg-proxy/settings.gradle +++ b/proxies/aareg-proxy/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-proxy' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/proxies/aareg-proxy/src/main/java/no/nav/testnav/proxies/aareg/LocalVaultConfig.java b/proxies/aareg-proxy/src/main/java/no/nav/testnav/proxies/aareg/LocalVaultConfig.java deleted file mode 100644 index 4aa730bc0dc..00000000000 --- a/proxies/aareg-proxy/src/main/java/no/nav/testnav/proxies/aareg/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.proxies.aareg; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/aareg-proxy/src/main/resources/application-local.yaml b/proxies/aareg-proxy/src/main/resources/application-local.yaml index 7d3efcea59b..8cfb4ce9a21 100644 --- a/proxies/aareg-proxy/src/main/resources/application-local.yaml +++ b/proxies/aareg-proxy/src/main/resources/application-local.yaml @@ -1,5 +1,14 @@ TOKEN_X_ISSUER: dummy +spring: + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + management: endpoint: shutdown: @@ -7,11 +16,4 @@ management: endpoints: web: exposure: - include: "*" - -logging: - level: - org.springframework.security: trace - org.springframework.cloud.gateway: trace - org.springframework.web.reactive: trace - org.springframework.web.server: trace \ No newline at end of file + include: "*" \ No newline at end of file diff --git a/proxies/aareg-proxy/src/main/resources/application.yaml b/proxies/aareg-proxy/src/main/resources/application.yaml index a66a8f59855..33bcb2490dd 100644 --- a/proxies/aareg-proxy/src/main/resources/application.yaml +++ b/proxies/aareg-proxy/src/main/resources/application.yaml @@ -11,7 +11,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -20,8 +20,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false springdoc: swagger-ui: diff --git a/proxies/aareg-proxy/src/test/java/no/nav/testnav/proxies/aareg/ApplicationContextTest.java b/proxies/aareg-proxy/src/test/java/no/nav/testnav/proxies/aareg/ApplicationContextTest.java index 97893924508..6818a8cfb6c 100644 --- a/proxies/aareg-proxy/src/test/java/no/nav/testnav/proxies/aareg/ApplicationContextTest.java +++ b/proxies/aareg-proxy/src/test/java/no/nav/testnav/proxies/aareg/ApplicationContextTest.java @@ -20,4 +20,5 @@ class ApplicationContextTest { void contextLoads() { assertThat(true).isTrue(); } + } diff --git a/proxies/aareg-proxy/src/test/resources/application-test.properties b/proxies/aareg-proxy/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/proxies/aareg-proxy/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/proxies/aareg-proxy/src/test/resources/application-test.yml b/proxies/aareg-proxy/src/test/resources/application-test.yml new file mode 100644 index 00000000000..f05debbd219 --- /dev/null +++ b/proxies/aareg-proxy/src/test/resources/application-test.yml @@ -0,0 +1 @@ +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/README.md b/proxies/aareg-synt-services-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/aareg-synt-services-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/build.gradle b/proxies/aareg-synt-services-proxy/build.gradle index 8c1f7f043bc..7d905e49431 100644 --- a/proxies/aareg-synt-services-proxy/build.gradle +++ b/proxies/aareg-synt-services-proxy/build.gradle @@ -7,8 +7,4 @@ sonarqube { property "sonar.projectKey", "aareg-synt-services-proxy" property "sonar.projectName", "aareg-synt-services-proxy" } -} - -dependencies { - implementation "no.nav.testnav.libs:vault" } \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/settings.gradle b/proxies/aareg-synt-services-proxy/settings.gradle index f92b7385eef..68b1a1c873c 100644 --- a/proxies/aareg-synt-services-proxy/settings.gradle +++ b/proxies/aareg-synt-services-proxy/settings.gradle @@ -8,7 +8,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/aareg-synt-services-proxy/src/main/java/no/nav/testnav/proxies/aaregsyntservicesproxy/LocalVaultConfig.java b/proxies/aareg-synt-services-proxy/src/main/java/no/nav/testnav/proxies/aaregsyntservicesproxy/LocalVaultConfig.java deleted file mode 100644 index 9c92afc614c..00000000000 --- a/proxies/aareg-synt-services-proxy/src/main/java/no/nav/testnav/proxies/aaregsyntservicesproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.aaregsyntservicesproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/aareg-synt-services-proxy/src/main/resources/application-dev.yml b/proxies/aareg-synt-services-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/aareg-synt-services-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml index 075c3c04e6b..42e48fd6556 100644 --- a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml +++ b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/aareg-synt-services-proxy/src/test/java/no/nav/testnav/proxies/aaregsyntservicesproxy/ApplicationContextTest.java b/proxies/aareg-synt-services-proxy/src/test/java/no/nav/testnav/proxies/aaregsyntservicesproxy/ApplicationContextTest.java index 0d60d68e6a1..382af6d0294 100644 --- a/proxies/aareg-synt-services-proxy/src/test/java/no/nav/testnav/proxies/aaregsyntservicesproxy/ApplicationContextTest.java +++ b/proxies/aareg-synt-services-proxy/src/test/java/no/nav/testnav/proxies/aaregsyntservicesproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/aareg-synt-services-proxy/src/test/resources/application-test.properties b/proxies/aareg-synt-services-proxy/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/proxies/aareg-synt-services-proxy/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/src/test/resources/application-test.yml b/proxies/aareg-synt-services-proxy/src/test/resources/application-test.yml new file mode 100644 index 00000000000..f05debbd219 --- /dev/null +++ b/proxies/aareg-synt-services-proxy/src/test/resources/application-test.yml @@ -0,0 +1 @@ +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/arbeidsplassencv-proxy/README.md b/proxies/arbeidsplassencv-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/arbeidsplassencv-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/arbeidsplassencv-proxy/build.gradle b/proxies/arbeidsplassencv-proxy/build.gradle index 1baa5fee142..fbe4e0b832c 100644 --- a/proxies/arbeidsplassencv-proxy/build.gradle +++ b/proxies/arbeidsplassencv-proxy/build.gradle @@ -12,8 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/arbeidsplassencv-proxy/settings.gradle b/proxies/arbeidsplassencv-proxy/settings.gradle index 74e006e346d..60b1f29d3e3 100644 --- a/proxies/arbeidsplassencv-proxy/settings.gradle +++ b/proxies/arbeidsplassencv-proxy/settings.gradle @@ -10,7 +10,6 @@ includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/arbeidsplassencv-proxy/src/main/java/no/nav/testnav/proxies/arbeidsplassencvproxy/config/LocalVaultConfig.java b/proxies/arbeidsplassencv-proxy/src/main/java/no/nav/testnav/proxies/arbeidsplassencvproxy/config/LocalVaultConfig.java deleted file mode 100644 index 46245f662c6..00000000000 --- a/proxies/arbeidsplassencv-proxy/src/main/java/no/nav/testnav/proxies/arbeidsplassencvproxy/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.proxies.arbeidsplassencvproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/arbeidsplassencv-proxy/src/main/resources/application-dev.yml b/proxies/arbeidsplassencv-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/arbeidsplassencv-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml index 6d226f14d87..b639cc1088c 100644 --- a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml +++ b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 30s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/arbeidsplassencv-proxy/src/test/java/no/nav/testnav/proxies/arbeidsplassencvproxy/ApplicationContextTest.java b/proxies/arbeidsplassencv-proxy/src/test/java/no/nav/testnav/proxies/arbeidsplassencvproxy/ApplicationContextTest.java index e298bf9d286..96dd71fced3 100644 --- a/proxies/arbeidsplassencv-proxy/src/test/java/no/nav/testnav/proxies/arbeidsplassencvproxy/ApplicationContextTest.java +++ b/proxies/arbeidsplassencv-proxy/src/test/java/no/nav/testnav/proxies/arbeidsplassencvproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/arena-forvalteren-proxy/README.md b/proxies/arena-forvalteren-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/arena-forvalteren-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/arena-forvalteren-proxy/build.gradle b/proxies/arena-forvalteren-proxy/build.gradle index 6ed16f55979..e4db3059397 100644 --- a/proxies/arena-forvalteren-proxy/build.gradle +++ b/proxies/arena-forvalteren-proxy/build.gradle @@ -12,5 +12,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:vault" } diff --git a/proxies/arena-forvalteren-proxy/settings.gradle b/proxies/arena-forvalteren-proxy/settings.gradle index bf548522b8d..353765ffcf9 100644 --- a/proxies/arena-forvalteren-proxy/settings.gradle +++ b/proxies/arena-forvalteren-proxy/settings.gradle @@ -10,7 +10,6 @@ includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" includeBuild "../../libs/security-core" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/arena-forvalteren-proxy/src/main/java/no/nav/testnav/proxies/arenaforvalterenproxy/LocalVaultConfig.java b/proxies/arena-forvalteren-proxy/src/main/java/no/nav/testnav/proxies/arenaforvalterenproxy/LocalVaultConfig.java deleted file mode 100644 index 8a90898af77..00000000000 --- a/proxies/arena-forvalteren-proxy/src/main/java/no/nav/testnav/proxies/arenaforvalterenproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.arenaforvalterenproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/arena-forvalteren-proxy/src/main/resources/application-dev.yml b/proxies/arena-forvalteren-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/arena-forvalteren-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml index 0de10a6f643..794459932cf 100644 --- a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml +++ b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 120s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/arena-forvalteren-proxy/src/test/java/no/nav/testnav/proxies/arenaforvalterenproxy/ApplicationContextTest.java b/proxies/arena-forvalteren-proxy/src/test/java/no/nav/testnav/proxies/arenaforvalterenproxy/ApplicationContextTest.java index d0be63d3175..81082b6907b 100644 --- a/proxies/arena-forvalteren-proxy/src/test/java/no/nav/testnav/proxies/arenaforvalterenproxy/ApplicationContextTest.java +++ b/proxies/arena-forvalteren-proxy/src/test/java/no/nav/testnav/proxies/arenaforvalterenproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/batch-adeo-proxy/README.md b/proxies/batch-adeo-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/batch-adeo-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/batch-adeo-proxy/build.gradle b/proxies/batch-adeo-proxy/build.gradle index d16da131e3a..12df8fce778 100644 --- a/proxies/batch-adeo-proxy/build.gradle +++ b/proxies/batch-adeo-proxy/build.gradle @@ -8,7 +8,3 @@ sonarqube { property "sonar.projectName", "testnorge-batch-adeo-proxy" } } - -dependencies { - implementation "no.nav.testnav.libs:vault" -} diff --git a/proxies/batch-adeo-proxy/settings.gradle b/proxies/batch-adeo-proxy/settings.gradle index 2631848caec..44cdb3b7153 100644 --- a/proxies/batch-adeo-proxy/settings.gradle +++ b/proxies/batch-adeo-proxy/settings.gradle @@ -8,7 +8,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/batch-adeo-proxy/src/main/java/no/nav/testnav/proxies/batchadeoproxy/LocalVaultConfig.java b/proxies/batch-adeo-proxy/src/main/java/no/nav/testnav/proxies/batchadeoproxy/LocalVaultConfig.java deleted file mode 100644 index d9a6ce94724..00000000000 --- a/proxies/batch-adeo-proxy/src/main/java/no/nav/testnav/proxies/batchadeoproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.batchadeoproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/batch-adeo-proxy/src/main/resources/application-dev.yml b/proxies/batch-adeo-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/batch-adeo-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/batch-adeo-proxy/src/main/resources/application.yml b/proxies/batch-adeo-proxy/src/main/resources/application.yml index cfdde3eaad8..b3508b30109 100644 --- a/proxies/batch-adeo-proxy/src/main/resources/application.yml +++ b/proxies/batch-adeo-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 30s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/batch-adeo-proxy/src/test/java/no/nav/testnav/proxies/batchadeoproxy/ApplicationContextTest.java b/proxies/batch-adeo-proxy/src/test/java/no/nav/testnav/proxies/batchadeoproxy/ApplicationContextTest.java index f97a1fa72b0..adb79f69ca5 100644 --- a/proxies/batch-adeo-proxy/src/test/java/no/nav/testnav/proxies/batchadeoproxy/ApplicationContextTest.java +++ b/proxies/batch-adeo-proxy/src/test/java/no/nav/testnav/proxies/batchadeoproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/batch-adeo-proxy/src/test/resources/application-test.properties b/proxies/batch-adeo-proxy/src/test/resources/application-test.properties deleted file mode 100644 index 483fe127f1f..00000000000 --- a/proxies/batch-adeo-proxy/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER= dummy \ No newline at end of file diff --git a/proxies/batch-adeo-proxy/src/test/resources/application-test.yml b/proxies/batch-adeo-proxy/src/test/resources/application-test.yml new file mode 100644 index 00000000000..f05debbd219 --- /dev/null +++ b/proxies/batch-adeo-proxy/src/test/resources/application-test.yml @@ -0,0 +1 @@ +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/brregstub-proxy/README.md b/proxies/brregstub-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/brregstub-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/brregstub-proxy/build.gradle b/proxies/brregstub-proxy/build.gradle index 727cb55c9d1..017d06d43ea 100644 --- a/proxies/brregstub-proxy/build.gradle +++ b/proxies/brregstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:vault" } diff --git a/proxies/brregstub-proxy/settings.gradle b/proxies/brregstub-proxy/settings.gradle index 35c45c9e81f..94d641812fa 100644 --- a/proxies/brregstub-proxy/settings.gradle +++ b/proxies/brregstub-proxy/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/brregstub-proxy/src/main/java/no/nav/testnav/proxies/brregstubproxy/LocalVaultConfig.java b/proxies/brregstub-proxy/src/main/java/no/nav/testnav/proxies/brregstubproxy/LocalVaultConfig.java deleted file mode 100644 index df9c43061b6..00000000000 --- a/proxies/brregstub-proxy/src/main/java/no/nav/testnav/proxies/brregstubproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.brregstubproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/brregstub-proxy/src/main/resources/application-dev.yml b/proxies/brregstub-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/brregstub-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/brregstub-proxy/src/main/resources/application.yml b/proxies/brregstub-proxy/src/main/resources/application.yml index b2925a062a0..c12d28aac67 100644 --- a/proxies/brregstub-proxy/src/main/resources/application.yml +++ b/proxies/brregstub-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 30s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/brregstub-proxy/src/test/java/no/nav/testnav/proxies/brregstubproxy/ApplicationContextTest.java b/proxies/brregstub-proxy/src/test/java/no/nav/testnav/proxies/brregstubproxy/ApplicationContextTest.java index 31522587432..7aa3e0f575d 100644 --- a/proxies/brregstub-proxy/src/test/java/no/nav/testnav/proxies/brregstubproxy/ApplicationContextTest.java +++ b/proxies/brregstub-proxy/src/test/java/no/nav/testnav/proxies/brregstubproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/dokarkiv-proxy/README.md b/proxies/dokarkiv-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/dokarkiv-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/dokarkiv-proxy/build.gradle b/proxies/dokarkiv-proxy/build.gradle index 02dc52af06c..a70fae5d3e5 100644 --- a/proxies/dokarkiv-proxy/build.gradle +++ b/proxies/dokarkiv-proxy/build.gradle @@ -13,8 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/dokarkiv-proxy/settings.gradle b/proxies/dokarkiv-proxy/settings.gradle index da9216c0046..67900969191 100644 --- a/proxies/dokarkiv-proxy/settings.gradle +++ b/proxies/dokarkiv-proxy/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-proxy' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/proxies/dokarkiv-proxy/src/main/java/no/nav/testnav/proxies/dokarkivproxy/config/LocalVaultConfig.java b/proxies/dokarkiv-proxy/src/main/java/no/nav/testnav/proxies/dokarkivproxy/config/LocalVaultConfig.java deleted file mode 100644 index 8c80cc2141f..00000000000 --- a/proxies/dokarkiv-proxy/src/main/java/no/nav/testnav/proxies/dokarkivproxy/config/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.dokarkivproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/proxies/dokarkiv-proxy/src/main/resources/application-dev.yml b/proxies/dokarkiv-proxy/src/main/resources/application-dev.yml index b90d04f0a14..19dd01a26ed 100644 --- a/proxies/dokarkiv-proxy/src/main/resources/application-dev.yml +++ b/proxies/dokarkiv-proxy/src/main/resources/application-dev.yml @@ -1 +1,15 @@ -TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-dokarkiv-proxy \ No newline at end of file +TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-dokarkiv-proxy +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/dokarkiv-proxy/src/main/resources/application.yml b/proxies/dokarkiv-proxy/src/main/resources/application.yml index 20ecfb51209..70d12c4d61d 100644 --- a/proxies/dokarkiv-proxy/src/main/resources/application.yml +++ b/proxies/dokarkiv-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 120s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/dokarkiv-proxy/src/test/java/no/nav/testnav/proxies/dokarkivproxy/ApplicationContextTest.java b/proxies/dokarkiv-proxy/src/test/java/no/nav/testnav/proxies/dokarkivproxy/ApplicationContextTest.java index ce2d7e64245..ca878ee5c89 100644 --- a/proxies/dokarkiv-proxy/src/test/java/no/nav/testnav/proxies/dokarkivproxy/ApplicationContextTest.java +++ b/proxies/dokarkiv-proxy/src/test/java/no/nav/testnav/proxies/dokarkivproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean + @SuppressWarnings("unused") public ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/ereg-proxy/README.md b/proxies/ereg-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/ereg-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/ereg-proxy/build.gradle b/proxies/ereg-proxy/build.gradle index 63df2bb6870..baf9c76e4b9 100644 --- a/proxies/ereg-proxy/build.gradle +++ b/proxies/ereg-proxy/build.gradle @@ -8,9 +8,3 @@ sonarqube { property "sonar.projectName", "testnav-ereg-proxy" } } - -dependencies { - implementation "no.nav.testnav.libs:vault" - - implementation "org.springframework.cloud:spring-cloud-starter-bootstrap" // TODO remove legacy bootstrap config -} diff --git a/proxies/ereg-proxy/settings.gradle b/proxies/ereg-proxy/settings.gradle index 46adff985f6..9fa0b9d007a 100644 --- a/proxies/ereg-proxy/settings.gradle +++ b/proxies/ereg-proxy/settings.gradle @@ -8,7 +8,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/ereg-proxy/src/main/java/no/nav/testnav/proxies/eregproxy/LocalVaultConfig.java b/proxies/ereg-proxy/src/main/java/no/nav/testnav/proxies/eregproxy/LocalVaultConfig.java deleted file mode 100644 index 1dd30afbd14..00000000000 --- a/proxies/ereg-proxy/src/main/java/no/nav/testnav/proxies/eregproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.eregproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/ereg-proxy/src/main/resources/application-dev.yml b/proxies/ereg-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/ereg-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/ereg-proxy/src/main/resources/application.yml b/proxies/ereg-proxy/src/main/resources/application.yml index 2e7fe7f93e8..060d27ef767 100644 --- a/proxies/ereg-proxy/src/main/resources/application.yml +++ b/proxies/ereg-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,6 +19,9 @@ spring: gateway: httpclient: response-timeout: 120s + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/ereg-proxy/src/main/resources/bootstrap.yml b/proxies/ereg-proxy/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/proxies/ereg-proxy/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/proxies/ereg-proxy/src/test/java/no/nav/testnav/proxies/eregproxy/ApplicationContextTest.java b/proxies/ereg-proxy/src/test/java/no/nav/testnav/proxies/eregproxy/ApplicationContextTest.java index 81d83bf9188..b4238b59ebf 100644 --- a/proxies/ereg-proxy/src/test/java/no/nav/testnav/proxies/eregproxy/ApplicationContextTest.java +++ b/proxies/ereg-proxy/src/test/java/no/nav/testnav/proxies/eregproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/ereg-proxy/src/test/resources/application-test.properties b/proxies/ereg-proxy/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/proxies/ereg-proxy/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/proxies/ereg-proxy/src/test/resources/application-test.yml b/proxies/ereg-proxy/src/test/resources/application-test.yml new file mode 100644 index 00000000000..f05debbd219 --- /dev/null +++ b/proxies/ereg-proxy/src/test/resources/application-test.yml @@ -0,0 +1 @@ +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/fullmakt-proxy/README.md b/proxies/fullmakt-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/fullmakt-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/fullmakt-proxy/build.gradle b/proxies/fullmakt-proxy/build.gradle index 1ec03267946..dfc055280c0 100644 --- a/proxies/fullmakt-proxy/build.gradle +++ b/proxies/fullmakt-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" + implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/fullmakt-proxy/settings.gradle b/proxies/fullmakt-proxy/settings.gradle index 01a78cae60e..c98d84acfb7 100644 --- a/proxies/fullmakt-proxy/settings.gradle +++ b/proxies/fullmakt-proxy/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-proxy' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/proxies/fullmakt-proxy/src/main/java/no/nav/testnav/proxies/fullmaktproxy/config/LocalConfig.java b/proxies/fullmakt-proxy/src/main/java/no/nav/testnav/proxies/fullmaktproxy/config/LocalConfig.java deleted file mode 100644 index 748f7f16be0..00000000000 --- a/proxies/fullmakt-proxy/src/main/java/no/nav/testnav/proxies/fullmaktproxy/config/LocalConfig.java +++ /dev/null @@ -1,13 +0,0 @@ -package no.nav.testnav.proxies.fullmaktproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("local") -@Import({ -}) -public class LocalConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/proxies/fullmakt-proxy/src/main/resources/application-local.yml b/proxies/fullmakt-proxy/src/main/resources/application-local.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/fullmakt-proxy/src/main/resources/application-local.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/fullmakt-proxy/src/main/resources/application.yml b/proxies/fullmakt-proxy/src/main/resources/application.yml index c07fd7015aa..da6230fc5bd 100644 --- a/proxies/fullmakt-proxy/src/main/resources/application.yml +++ b/proxies/fullmakt-proxy/src/main/resources/application.yml @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/fullmakt-proxy/src/main/resources/logback-spring.xml b/proxies/fullmakt-proxy/src/main/resources/logback-spring.xml index 3b591204bab..86a43aa5b33 100644 --- a/proxies/fullmakt-proxy/src/main/resources/logback-spring.xml +++ b/proxies/fullmakt-proxy/src/main/resources/logback-spring.xml @@ -22,7 +22,7 @@ - + diff --git a/proxies/fullmakt-proxy/src/test/java/no/nav/testnav/proxies/fullmaktproxy/ApplicationContextTest.java b/proxies/fullmakt-proxy/src/test/java/no/nav/testnav/proxies/fullmaktproxy/ApplicationContextTest.java index 2cfbe3605db..9e39e82faac 100644 --- a/proxies/fullmakt-proxy/src/test/java/no/nav/testnav/proxies/fullmaktproxy/ApplicationContextTest.java +++ b/proxies/fullmakt-proxy/src/test/java/no/nav/testnav/proxies/fullmaktproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/histark-proxy/README.md b/proxies/histark-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/histark-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/histark-proxy/build.gradle b/proxies/histark-proxy/build.gradle index 5b7ad95f9f4..e77cab21cd2 100644 --- a/proxies/histark-proxy/build.gradle +++ b/proxies/histark-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:vault" } diff --git a/proxies/histark-proxy/settings.gradle b/proxies/histark-proxy/settings.gradle index 3664ec0c0d4..d42d8b80ebd 100644 --- a/proxies/histark-proxy/settings.gradle +++ b/proxies/histark-proxy/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/histark-proxy/src/main/java/no/nav/testnav/proxies/histarkproxy/LocalVaultConfig.java b/proxies/histark-proxy/src/main/java/no/nav/testnav/proxies/histarkproxy/LocalVaultConfig.java deleted file mode 100644 index 2e825162de7..00000000000 --- a/proxies/histark-proxy/src/main/java/no/nav/testnav/proxies/histarkproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.histarkproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/histark-proxy/src/main/resources/application-dev.yml b/proxies/histark-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/histark-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/histark-proxy/src/main/resources/application.yml b/proxies/histark-proxy/src/main/resources/application.yml index c57132d143a..a7fe5e1b935 100644 --- a/proxies/histark-proxy/src/main/resources/application.yml +++ b/proxies/histark-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/histark-proxy/src/test/java/no/nav/testnav/proxies/histarkproxy/ApplicationContextTest.java b/proxies/histark-proxy/src/test/java/no/nav/testnav/proxies/histarkproxy/ApplicationContextTest.java index 28f402e674a..c8263cb22d3 100644 --- a/proxies/histark-proxy/src/test/java/no/nav/testnav/proxies/histarkproxy/ApplicationContextTest.java +++ b/proxies/histark-proxy/src/test/java/no/nav/testnav/proxies/histarkproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/histark-proxy/src/test/resources/application-test.yml b/proxies/histark-proxy/src/test/resources/application-test.yml index 6c4ae555764..f05debbd219 100644 --- a/proxies/histark-proxy/src/test/resources/application-test.yml +++ b/proxies/histark-proxy/src/test/resources/application-test.yml @@ -1 +1 @@ -TOKEN_X_ISSUER: dummy +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/inntektstub-proxy/README.md b/proxies/inntektstub-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/inntektstub-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/inntektstub-proxy/build.gradle b/proxies/inntektstub-proxy/build.gradle index d197c1556b0..2b0947f58d0 100644 --- a/proxies/inntektstub-proxy/build.gradle +++ b/proxies/inntektstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:vault" } diff --git a/proxies/inntektstub-proxy/settings.gradle b/proxies/inntektstub-proxy/settings.gradle index 631909031d6..e0e8654b062 100644 --- a/proxies/inntektstub-proxy/settings.gradle +++ b/proxies/inntektstub-proxy/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/inntektstub-proxy/src/main/java/no/nav/testnav/proxies/inntektstubproxy/LocalVaultConfig.java b/proxies/inntektstub-proxy/src/main/java/no/nav/testnav/proxies/inntektstubproxy/LocalVaultConfig.java deleted file mode 100644 index 8d619b3ab12..00000000000 --- a/proxies/inntektstub-proxy/src/main/java/no/nav/testnav/proxies/inntektstubproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.inntektstubproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/inntektstub-proxy/src/main/resources/application-dev.yml b/proxies/inntektstub-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/inntektstub-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/inntektstub-proxy/src/main/resources/application.yml b/proxies/inntektstub-proxy/src/main/resources/application.yml index d887142145a..b7851322180 100644 --- a/proxies/inntektstub-proxy/src/main/resources/application.yml +++ b/proxies/inntektstub-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/inntektstub-proxy/src/test/java/no/nav/testnav/proxies/inntektstubproxy/ApplicationContextTest.java b/proxies/inntektstub-proxy/src/test/java/no/nav/testnav/proxies/inntektstubproxy/ApplicationContextTest.java index e4dfcea39ef..9409541e8e2 100644 --- a/proxies/inntektstub-proxy/src/test/java/no/nav/testnav/proxies/inntektstubproxy/ApplicationContextTest.java +++ b/proxies/inntektstub-proxy/src/test/java/no/nav/testnav/proxies/inntektstubproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/inst-proxy/README.md b/proxies/inst-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/inst-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/inst-proxy/build.gradle b/proxies/inst-proxy/build.gradle index ea42b084e65..001bbf62428 100644 --- a/proxies/inst-proxy/build.gradle +++ b/proxies/inst-proxy/build.gradle @@ -13,5 +13,4 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" } \ No newline at end of file diff --git a/proxies/inst-proxy/settings.gradle b/proxies/inst-proxy/settings.gradle index 1118b88f555..7bd65178af0 100644 --- a/proxies/inst-proxy/settings.gradle +++ b/proxies/inst-proxy/settings.gradle @@ -11,7 +11,6 @@ includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/inst-proxy/src/main/java/no/nav/testnav/proxies/instproxy/LocalVaultConfig.java b/proxies/inst-proxy/src/main/java/no/nav/testnav/proxies/instproxy/LocalVaultConfig.java deleted file mode 100644 index 2b85871801d..00000000000 --- a/proxies/inst-proxy/src/main/java/no/nav/testnav/proxies/instproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.instproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/inst-proxy/src/main/resources/application-dev.yml b/proxies/inst-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/inst-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/inst-proxy/src/main/resources/application.yml b/proxies/inst-proxy/src/main/resources/application.yml index 01dd5bd794a..59199e982f5 100644 --- a/proxies/inst-proxy/src/main/resources/application.yml +++ b/proxies/inst-proxy/src/main/resources/application.yml @@ -10,17 +10,18 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} cloud: - vault: - enabled: false gateway: httpclient: response-timeout: 180s + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/inst-proxy/src/test/java/no/nav/testnav/proxies/instproxy/ApplicationContextTest.java b/proxies/inst-proxy/src/test/java/no/nav/testnav/proxies/instproxy/ApplicationContextTest.java index a306f7e9271..2fc7061fa85 100644 --- a/proxies/inst-proxy/src/test/java/no/nav/testnav/proxies/instproxy/ApplicationContextTest.java +++ b/proxies/inst-proxy/src/test/java/no/nav/testnav/proxies/instproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/inst-proxy/src/test/resources/application-test.properties b/proxies/inst-proxy/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/proxies/inst-proxy/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/proxies/inst-proxy/src/test/resources/application-test.yml b/proxies/inst-proxy/src/test/resources/application-test.yml new file mode 100644 index 00000000000..f05debbd219 --- /dev/null +++ b/proxies/inst-proxy/src/test/resources/application-test.yml @@ -0,0 +1 @@ +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/kontoregister-person-proxy/README.md b/proxies/kontoregister-person-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/kontoregister-person-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/kontoregister-person-proxy/build.gradle b/proxies/kontoregister-person-proxy/build.gradle index d0d9049d4ad..516d518b93a 100644 --- a/proxies/kontoregister-person-proxy/build.gradle +++ b/proxies/kontoregister-person-proxy/build.gradle @@ -13,8 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/kontoregister-person-proxy/settings.gradle b/proxies/kontoregister-person-proxy/settings.gradle index 371a5277aa5..308e11806f5 100644 --- a/proxies/kontoregister-person-proxy/settings.gradle +++ b/proxies/kontoregister-person-proxy/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-proxy' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/proxies/kontoregister-person-proxy/src/main/java/no/nav/testnav/proxies/kontoregisterperson/KontoregisterProxyApplicationStarter.java b/proxies/kontoregister-person-proxy/src/main/java/no/nav/testnav/proxies/kontoregisterperson/KontoregisterProxyApplicationStarter.java index 2c06bde3093..db2525486aa 100644 --- a/proxies/kontoregister-person-proxy/src/main/java/no/nav/testnav/proxies/kontoregisterperson/KontoregisterProxyApplicationStarter.java +++ b/proxies/kontoregister-person-proxy/src/main/java/no/nav/testnav/proxies/kontoregisterperson/KontoregisterProxyApplicationStarter.java @@ -7,7 +7,6 @@ import no.nav.testnav.libs.reactivesecurity.exchange.azuread.TrygdeetatenAzureAdTokenService; import no.nav.testnav.libs.securitycore.domain.AccessToken; import no.nav.testnav.proxies.kontoregisterperson.config.Consumers; -import no.nav.testnav.proxies.kontoregisterperson.config.LocalVaultConfig; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.gateway.route.RouteLocator; @@ -17,7 +16,6 @@ @Import({ CoreConfig.class, - LocalVaultConfig.class, SecurityConfig.class, SecureOAuth2ServerToServerConfiguration.class }) diff --git a/proxies/kontoregister-person-proxy/src/main/java/no/nav/testnav/proxies/kontoregisterperson/config/LocalVaultConfig.java b/proxies/kontoregister-person-proxy/src/main/java/no/nav/testnav/proxies/kontoregisterperson/config/LocalVaultConfig.java deleted file mode 100644 index b456766d674..00000000000 --- a/proxies/kontoregister-person-proxy/src/main/java/no/nav/testnav/proxies/kontoregisterperson/config/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.kontoregisterperson.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/kontoregister-person-proxy/src/main/resources/application-dev.yml b/proxies/kontoregister-person-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/kontoregister-person-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/kontoregister-person-proxy/src/main/resources/application.yml b/proxies/kontoregister-person-proxy/src/main/resources/application.yml index 9e6cd97e0d9..6c00b3b7101 100644 --- a/proxies/kontoregister-person-proxy/src/main/resources/application.yml +++ b/proxies/kontoregister-person-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/kontoregister-person-proxy/src/test/java/no/nav/testnav/proxies/kontoregisterperson/ApplicationContextTest.java b/proxies/kontoregister-person-proxy/src/test/java/no/nav/testnav/proxies/kontoregisterperson/ApplicationContextTest.java index 11008df6b6b..0480187bda0 100644 --- a/proxies/kontoregister-person-proxy/src/test/java/no/nav/testnav/proxies/kontoregisterperson/ApplicationContextTest.java +++ b/proxies/kontoregister-person-proxy/src/test/java/no/nav/testnav/proxies/kontoregisterperson/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/kontoregister-person-proxy/src/test/resources/application-test.yml b/proxies/kontoregister-person-proxy/src/test/resources/application-test.yml index 6c4ae555764..f05debbd219 100644 --- a/proxies/kontoregister-person-proxy/src/test/resources/application-test.yml +++ b/proxies/kontoregister-person-proxy/src/test/resources/application-test.yml @@ -1 +1 @@ -TOKEN_X_ISSUER: dummy +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/krrstub-proxy/README.md b/proxies/krrstub-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/krrstub-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/krrstub-proxy/build.gradle b/proxies/krrstub-proxy/build.gradle index 33757b2cc3c..c1e2ce31706 100644 --- a/proxies/krrstub-proxy/build.gradle +++ b/proxies/krrstub-proxy/build.gradle @@ -12,8 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/krrstub-proxy/settings.gradle b/proxies/krrstub-proxy/settings.gradle index 5625c1721a9..c78c01fb986 100644 --- a/proxies/krrstub-proxy/settings.gradle +++ b/proxies/krrstub-proxy/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-proxy' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/proxies/krrstub-proxy/src/main/java/no/nav/testnav/proxies/krrstubproxy/KrrstubProxyApplicationStarter.java b/proxies/krrstub-proxy/src/main/java/no/nav/testnav/proxies/krrstubproxy/KrrstubProxyApplicationStarter.java index eeb404fbaf4..84463fa8cdc 100644 --- a/proxies/krrstub-proxy/src/main/java/no/nav/testnav/proxies/krrstubproxy/KrrstubProxyApplicationStarter.java +++ b/proxies/krrstub-proxy/src/main/java/no/nav/testnav/proxies/krrstubproxy/KrrstubProxyApplicationStarter.java @@ -7,7 +7,6 @@ import no.nav.testnav.libs.reactivesecurity.exchange.azuread.TrygdeetatenAzureAdTokenService; import no.nav.testnav.libs.securitycore.domain.AccessToken; import no.nav.testnav.proxies.krrstubproxy.config.Consumers; -import no.nav.testnav.proxies.krrstubproxy.config.LocalVaultConfig; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.gateway.route.RouteLocator; @@ -17,7 +16,6 @@ @Import({ CoreConfig.class, - LocalVaultConfig.class, SecurityConfig.class, SecureOAuth2ServerToServerConfiguration.class }) diff --git a/proxies/krrstub-proxy/src/main/java/no/nav/testnav/proxies/krrstubproxy/config/LocalVaultConfig.java b/proxies/krrstub-proxy/src/main/java/no/nav/testnav/proxies/krrstubproxy/config/LocalVaultConfig.java deleted file mode 100644 index 5a880c9c35f..00000000000 --- a/proxies/krrstub-proxy/src/main/java/no/nav/testnav/proxies/krrstubproxy/config/LocalVaultConfig.java +++ /dev/null @@ -1,13 +0,0 @@ -package no.nav.testnav.proxies.krrstubproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -@VaultPropertySource(value = "kv/preprod/fss/testnav-krrstub-proxy/dev", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/proxies/krrstub-proxy/src/main/resources/application-dev.yml b/proxies/krrstub-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/krrstub-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/krrstub-proxy/src/main/resources/application.yml b/proxies/krrstub-proxy/src/main/resources/application.yml index 8a784650e62..f3100af5d9e 100644 --- a/proxies/krrstub-proxy/src/main/resources/application.yml +++ b/proxies/krrstub-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/krrstub-proxy/src/test/java/no/nav/testnav/proxies/krrstubproxy/ApplicationContextTest.java b/proxies/krrstub-proxy/src/test/java/no/nav/testnav/proxies/krrstubproxy/ApplicationContextTest.java index 0a432023ceb..ad0124eba2b 100644 --- a/proxies/krrstub-proxy/src/test/java/no/nav/testnav/proxies/krrstubproxy/ApplicationContextTest.java +++ b/proxies/krrstub-proxy/src/test/java/no/nav/testnav/proxies/krrstubproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/medl-proxy/README.md b/proxies/medl-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/medl-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/medl-proxy/build.gradle b/proxies/medl-proxy/build.gradle index c2ae7901926..88115d2aa7b 100644 --- a/proxies/medl-proxy/build.gradle +++ b/proxies/medl-proxy/build.gradle @@ -12,8 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/medl-proxy/settings.gradle b/proxies/medl-proxy/settings.gradle index 7a74e821866..e59a1fa89e2 100644 --- a/proxies/medl-proxy/settings.gradle +++ b/proxies/medl-proxy/settings.gradle @@ -10,7 +10,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-proxy' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/proxies/medl-proxy/src/main/java/no/nav/testnav/proxies/medlproxy/MedlProxyApplicationStarter.java b/proxies/medl-proxy/src/main/java/no/nav/testnav/proxies/medlproxy/MedlProxyApplicationStarter.java index fdcc8f93b25..52146c6cf38 100644 --- a/proxies/medl-proxy/src/main/java/no/nav/testnav/proxies/medlproxy/MedlProxyApplicationStarter.java +++ b/proxies/medl-proxy/src/main/java/no/nav/testnav/proxies/medlproxy/MedlProxyApplicationStarter.java @@ -7,7 +7,6 @@ import no.nav.testnav.libs.reactivesecurity.exchange.azuread.TrygdeetatenAzureAdTokenService; import no.nav.testnav.libs.securitycore.domain.AccessToken; import no.nav.testnav.proxies.medlproxy.config.Consumers; -import no.nav.testnav.proxies.medlproxy.config.LocalVaultConfig; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.gateway.route.RouteLocator; @@ -17,7 +16,6 @@ @Import({ CoreConfig.class, - LocalVaultConfig.class, SecurityConfig.class, SecureOAuth2ServerToServerConfiguration.class }) diff --git a/proxies/medl-proxy/src/main/java/no/nav/testnav/proxies/medlproxy/config/LocalVaultConfig.java b/proxies/medl-proxy/src/main/java/no/nav/testnav/proxies/medlproxy/config/LocalVaultConfig.java deleted file mode 100644 index 56664cbbdee..00000000000 --- a/proxies/medl-proxy/src/main/java/no/nav/testnav/proxies/medlproxy/config/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.medlproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/proxies/medl-proxy/src/main/resources/application-dev.yml b/proxies/medl-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/medl-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/medl-proxy/src/main/resources/application.yml b/proxies/medl-proxy/src/main/resources/application.yml index fdbf0b0c264..d4b194e21fa 100644 --- a/proxies/medl-proxy/src/main/resources/application.yml +++ b/proxies/medl-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/medl-proxy/src/test/java/no/nav/testnav/proxies/medlproxy/ApplicationContextTest.java b/proxies/medl-proxy/src/test/java/no/nav/testnav/proxies/medlproxy/ApplicationContextTest.java index 5b5208ebcd7..82e8113faaa 100644 --- a/proxies/medl-proxy/src/test/java/no/nav/testnav/proxies/medlproxy/ApplicationContextTest.java +++ b/proxies/medl-proxy/src/test/java/no/nav/testnav/proxies/medlproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/medl-proxy/src/test/resources/application-test.yml b/proxies/medl-proxy/src/test/resources/application-test.yml index 5f3a2a2c0c8..f05debbd219 100644 --- a/proxies/medl-proxy/src/test/resources/application-test.yml +++ b/proxies/medl-proxy/src/test/resources/application-test.yml @@ -1,2 +1 @@ -azure.app.client.id: dummy TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/norg2-proxy/README.md b/proxies/norg2-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/norg2-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/norg2-proxy/build.gradle b/proxies/norg2-proxy/build.gradle index b7e51012270..414d34ac1e3 100644 --- a/proxies/norg2-proxy/build.gradle +++ b/proxies/norg2-proxy/build.gradle @@ -11,7 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:vault" - - implementation "org.springframework.cloud:spring-cloud-starter-bootstrap" // TODO remove legacy bootstrap config } diff --git a/proxies/norg2-proxy/config.yml b/proxies/norg2-proxy/config.yml index 4ac00671cab..4dca79a69d0 100644 --- a/proxies/norg2-proxy/config.yml +++ b/proxies/norg2-proxy/config.yml @@ -53,8 +53,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: false resources: requests: cpu: 200m diff --git a/proxies/norg2-proxy/settings.gradle b/proxies/norg2-proxy/settings.gradle index c5316e6e5bc..be380d614f9 100644 --- a/proxies/norg2-proxy/settings.gradle +++ b/proxies/norg2-proxy/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/norg2-proxy/src/main/java/no/nav/testnav/proxies/norg2proxy/LocalVaultConfig.java b/proxies/norg2-proxy/src/main/java/no/nav/testnav/proxies/norg2proxy/LocalVaultConfig.java deleted file mode 100644 index a5e41233db4..00000000000 --- a/proxies/norg2-proxy/src/main/java/no/nav/testnav/proxies/norg2proxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.norg2proxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/norg2-proxy/src/main/resources/application-dev.yml b/proxies/norg2-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/norg2-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/norg2-proxy/src/main/resources/application.yml b/proxies/norg2-proxy/src/main/resources/application.yml index 824d19c8596..7d580bc2045 100644 --- a/proxies/norg2-proxy/src/main/resources/application.yml +++ b/proxies/norg2-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,6 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/norg2-proxy/src/main/resources/bootstrap.yml b/proxies/norg2-proxy/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/proxies/norg2-proxy/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/proxies/norg2-proxy/src/test/java/no/nav/testnav/proxies/norg2proxy/ApplicationContextTest.java b/proxies/norg2-proxy/src/test/java/no/nav/testnav/proxies/norg2proxy/ApplicationContextTest.java index ad2d5ff7389..7a125b93143 100644 --- a/proxies/norg2-proxy/src/test/java/no/nav/testnav/proxies/norg2proxy/ApplicationContextTest.java +++ b/proxies/norg2-proxy/src/test/java/no/nav/testnav/proxies/norg2proxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/pdl-proxy/README.md b/proxies/pdl-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/pdl-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/pdl-proxy/build.gradle b/proxies/pdl-proxy/build.gradle index 8e425e34727..b88f07def05 100644 --- a/proxies/pdl-proxy/build.gradle +++ b/proxies/pdl-proxy/build.gradle @@ -13,9 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-bootstrap" // TODO remove legacy bootstrap config. - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/pdl-proxy/config.yml b/proxies/pdl-proxy/config.yml index a685d4fd29e..64a77463673 100644 --- a/proxies/pdl-proxy/config.yml +++ b/proxies/pdl-proxy/config.yml @@ -90,8 +90,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 200m @@ -100,5 +98,6 @@ spec: memory: 2048Mi envFrom: - secret: azure-trygdeetaten-testnav-pdl-proxy-trygdeetaten + - secret: testnav-pdl-proxy ingresses: - "https://testnav-pdl-proxy.dev-fss-pub.nais.io" diff --git a/proxies/pdl-proxy/settings.gradle b/proxies/pdl-proxy/settings.gradle index 56e4e14bc5a..bb575df7d4a 100644 --- a/proxies/pdl-proxy/settings.gradle +++ b/proxies/pdl-proxy/settings.gradle @@ -11,7 +11,6 @@ includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/dto/CredentialsHolder.java b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/CredentialsHolder.java similarity index 83% rename from proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/dto/CredentialsHolder.java rename to proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/CredentialsHolder.java index 97dc09c8bc4..c43b5cb96c3 100644 --- a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/dto/CredentialsHolder.java +++ b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/CredentialsHolder.java @@ -1,4 +1,4 @@ -package no.nav.testnav.proxies.pdlproxy.dto; +package no.nav.testnav.proxies.pdlproxy; public record CredentialsHolder(String hendelselagerApiKey, String aktoerAdminApiKey, diff --git a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/PdlProxyApplicationStarter.java b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/PdlProxyApplicationStarter.java index 30ef0028151..28d743293c1 100644 --- a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/PdlProxyApplicationStarter.java +++ b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/PdlProxyApplicationStarter.java @@ -8,8 +8,6 @@ import no.nav.testnav.libs.securitycore.domain.AccessToken; import no.nav.testnav.libs.securitycore.domain.ServerProperties; import no.nav.testnav.proxies.pdlproxy.config.Consumers; -import no.nav.testnav.proxies.pdlproxy.dto.CredentialsHolder; -import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.gateway.filter.GatewayFilter; @@ -35,16 +33,6 @@ public static void main(String[] args) { SpringApplication.run(PdlProxyApplicationStarter.class, args); } - @Bean - public CredentialsHolder credentialsHolder( - @Value("${hendelse.lager.api.key}") String hendelselagerApiKey, - @Value("${person.aktor.admin.api}") String aktoerAdminApiKey, - @Value("${elastic.username}") String elasticUsername, - @Value("${elastic.password}") String elasticPassword) { - - return new CredentialsHolder(hendelselagerApiKey, aktoerAdminApiKey, elasticUsername, elasticPassword); - } - @Bean public RouteLocator customRouteLocator(RouteLocatorBuilder builder, CredentialsHolder credentialsHolder, diff --git a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/config/CredentialsConfig.java b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/config/CredentialsConfig.java new file mode 100644 index 00000000000..ea1bd2eda70 --- /dev/null +++ b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/config/CredentialsConfig.java @@ -0,0 +1,28 @@ +package no.nav.testnav.proxies.pdlproxy.config; + +import no.nav.testnav.proxies.pdlproxy.CredentialsHolder; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +@Configuration +public class CredentialsConfig { + + @Value("${app.hendelse.lager.api.key}") + private String hendelselagerApiKey; + + @Value("${app.person.aktor.api.key}") + private String aktoerAdminApiKey; + + @Value("${app.elastic.username}") + private String elasticUsername; + + @Value("${app.elastic.password}") + private String elasticPassword; + + @Bean + CredentialsHolder credentialsHolder() { + return new CredentialsHolder(hendelselagerApiKey, aktoerAdminApiKey, elasticUsername, elasticPassword); + } + +} diff --git a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/config/LocalVaultConfig.java b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/config/LocalVaultConfig.java deleted file mode 100644 index c8ff2443b61..00000000000 --- a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/config/LocalVaultConfig.java +++ /dev/null @@ -1,13 +0,0 @@ -package no.nav.testnav.proxies.pdlproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Profile("dev") -@Configuration -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -@VaultPropertySource(value = "kv/preprod/fss/testnav-pdl-proxy/dev", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/proxies/pdl-proxy/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/proxies/pdl-proxy/src/main/resources/META-INF/additional-spring-configuration-metadata.json new file mode 100644 index 00000000000..822e874f5ef --- /dev/null +++ b/proxies/pdl-proxy/src/main/resources/META-INF/additional-spring-configuration-metadata.json @@ -0,0 +1,23 @@ +{ + "properties": [ + { + "name": "app.hendelse.lager.api.key", + "type": "java.lang.String", + "description": "API key for hendelse-lager-api? Assigned by ?." + }, + { + "name": "app.person.aktor.api.key", + "type": "java.lang.String", + "description": "API key for person-aktor-api? Assigned by ?." + }, + { + "name": "app.elastic.username", + "type": "java.lang.String", + "description": "Elastic username." + }, + { + "name": "app.elastic.password", + "type": "java.lang.String", + "description": "Elastic password." + } + ] } \ No newline at end of file diff --git a/proxies/pdl-proxy/src/main/resources/application-dev.yml b/proxies/pdl-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..946f65f4c53 --- /dev/null +++ b/proxies/pdl-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,16 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + +app: + elastic: + username: ${sm://elastic-username} + password: ${sm://elastic-password} + hendelse.lager.api.key: ${sm://hendelse-lager-api-key} + person.aktor.api.key: ${sm://person-aktor-api-key} \ No newline at end of file diff --git a/proxies/pdl-proxy/src/main/resources/application.yml b/proxies/pdl-proxy/src/main/resources/application.yml index e26237f80f4..0a8d4157349 100644 --- a/proxies/pdl-proxy/src/main/resources/application.yml +++ b/proxies/pdl-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,6 +19,16 @@ spring: gateway: httpclient: response-timeout: 1200s + gcp: + secretmanager: + enabled: false + +app: + elastic: + username: ${ELASTIC_USERNAME} + password: ${ELASTIC_PASSWORD} + hendelse.lager.api.key: ${HENDELSE_LAGER_API_KEY} + person.aktor.api.key: ${PERSON_AKTOR_API_KEY} sts: token: diff --git a/proxies/pdl-proxy/src/main/resources/bootstrap.yml b/proxies/pdl-proxy/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/proxies/pdl-proxy/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/proxies/pdl-proxy/src/test/java/no/nav/testnav/proxies/pdlproxy/ApplicationContextTest.java b/proxies/pdl-proxy/src/test/java/no/nav/testnav/proxies/pdlproxy/ApplicationContextTest.java index e7c3a307cba..105c63bc51e 100644 --- a/proxies/pdl-proxy/src/test/java/no/nav/testnav/proxies/pdlproxy/ApplicationContextTest.java +++ b/proxies/pdl-proxy/src/test/java/no/nav/testnav/proxies/pdlproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean + @SuppressWarnings("unused") private ReactiveJwtDecoder jwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/pdl-proxy/src/test/resources/application-test.properties b/proxies/pdl-proxy/src/test/resources/application-test.properties deleted file mode 100644 index aa18dbf1e43..00000000000 --- a/proxies/pdl-proxy/src/test/resources/application-test.properties +++ /dev/null @@ -1,8 +0,0 @@ -TOKEN_X_ISSUER=dummy - -sts.token.provider.username=dummy -sts.token.provider.password=dummy -hendelse.lager.api.key=dummy -person.aktor.admin.api=dummy -elastic.username=dummy -elastic.password=dummy \ No newline at end of file diff --git a/proxies/pdl-proxy/src/test/resources/application-test.yml b/proxies/pdl-proxy/src/test/resources/application-test.yml new file mode 100644 index 00000000000..d77faa43b11 --- /dev/null +++ b/proxies/pdl-proxy/src/test/resources/application-test.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +sts: + token: + provider: + username: dummy + password: dummy + +app: + elastic: + username: dummy + password: dummy + hendelse.lager.api.key: dummy + person.aktor.api.key: dummy \ No newline at end of file diff --git a/proxies/pensjon-testdata-facade-proxy/README.md b/proxies/pensjon-testdata-facade-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/pensjon-testdata-facade-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/pensjon-testdata-facade-proxy/build.gradle b/proxies/pensjon-testdata-facade-proxy/build.gradle index 5ed37360f08..c4710ef518d 100644 --- a/proxies/pensjon-testdata-facade-proxy/build.gradle +++ b/proxies/pensjon-testdata-facade-proxy/build.gradle @@ -13,8 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } diff --git a/proxies/pensjon-testdata-facade-proxy/settings.gradle b/proxies/pensjon-testdata-facade-proxy/settings.gradle index 6936a160745..70f802c3a29 100644 --- a/proxies/pensjon-testdata-facade-proxy/settings.gradle +++ b/proxies/pensjon-testdata-facade-proxy/settings.gradle @@ -11,7 +11,6 @@ includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/pensjon-testdata-facade-proxy/src/main/java/no/nav/testnav/proxies/pensjontestdatafacadeproxy/config/LocalVaultConfig.java b/proxies/pensjon-testdata-facade-proxy/src/main/java/no/nav/testnav/proxies/pensjontestdatafacadeproxy/config/LocalVaultConfig.java deleted file mode 100644 index b914fcf66f1..00000000000 --- a/proxies/pensjon-testdata-facade-proxy/src/main/java/no/nav/testnav/proxies/pensjontestdatafacadeproxy/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.proxies.pensjontestdatafacadeproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Configuration -@Profile("dev") -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application-dev.yml b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application-dev.yml index 70af6cc16b1..50f5dcfd4c1 100644 --- a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application-dev.yml +++ b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application-dev.yml @@ -1,3 +1,15 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} consumers: pensjon-testdata-facade: diff --git a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml index 6c15990c604..c614ed41395 100644 --- a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml +++ b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: @@ -18,8 +18,9 @@ spring: wiretap: true httpserver: wiretap: true - vault: - enabled: false + gcp: + secretmanager: + enabled: false logging: level: diff --git a/proxies/pensjon-testdata-facade-proxy/src/test/java/no/nav/testnav/proxies/pensjontestdatafacadeproxy/ApplicationContextTest.java b/proxies/pensjon-testdata-facade-proxy/src/test/java/no/nav/testnav/proxies/pensjontestdatafacadeproxy/ApplicationContextTest.java index ec19c494775..eab4ba77905 100644 --- a/proxies/pensjon-testdata-facade-proxy/src/test/java/no/nav/testnav/proxies/pensjontestdatafacadeproxy/ApplicationContextTest.java +++ b/proxies/pensjon-testdata-facade-proxy/src/test/java/no/nav/testnav/proxies/pensjontestdatafacadeproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/pensjon-testdata-facade-proxy/src/test/resources/application-test.yml b/proxies/pensjon-testdata-facade-proxy/src/test/resources/application-test.yml index 9b722c3bc51..2deeda02e69 100644 --- a/proxies/pensjon-testdata-facade-proxy/src/test/resources/application-test.yml +++ b/proxies/pensjon-testdata-facade-proxy/src/test/resources/application-test.yml @@ -1,4 +1,3 @@ - consumers: samboer-testdata: name: pensjon-dummy diff --git a/proxies/saf-proxy/README.md b/proxies/saf-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/saf-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/saf-proxy/build.gradle b/proxies/saf-proxy/build.gradle index a6e2b4b82a6..ceba6e612a2 100644 --- a/proxies/saf-proxy/build.gradle +++ b/proxies/saf-proxy/build.gradle @@ -13,5 +13,4 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" } diff --git a/proxies/saf-proxy/settings.gradle b/proxies/saf-proxy/settings.gradle index f6ae9850df9..f20834874e2 100644 --- a/proxies/saf-proxy/settings.gradle +++ b/proxies/saf-proxy/settings.gradle @@ -11,7 +11,6 @@ includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/saf-proxy/src/main/java/no/nav/testnav/proxies/safproxy/LocalVaultConfig.java b/proxies/saf-proxy/src/main/java/no/nav/testnav/proxies/safproxy/LocalVaultConfig.java deleted file mode 100644 index ca70a76d15b..00000000000 --- a/proxies/saf-proxy/src/main/java/no/nav/testnav/proxies/safproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.safproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/saf-proxy/src/main/resources/application-dev.yml b/proxies/saf-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/saf-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/saf-proxy/src/main/resources/application.yml b/proxies/saf-proxy/src/main/resources/application.yml index 5ad17d622f3..0efb4d0b49b 100644 --- a/proxies/saf-proxy/src/main/resources/application.yml +++ b/proxies/saf-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 1200s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/saf-proxy/src/test/java/no/nav/testnav/proxies/safproxy/ApplicationContextTest.java b/proxies/saf-proxy/src/test/java/no/nav/testnav/proxies/safproxy/ApplicationContextTest.java index b589621f621..410a0ab0c4e 100644 --- a/proxies/saf-proxy/src/test/java/no/nav/testnav/proxies/safproxy/ApplicationContextTest.java +++ b/proxies/saf-proxy/src/test/java/no/nav/testnav/proxies/safproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean + @SuppressWarnings("unused") public ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/saf-proxy/src/test/resources/application-test.yml b/proxies/saf-proxy/src/test/resources/application-test.yml index 3a0b87cb27e..d9e6fdf44ba 100644 --- a/proxies/saf-proxy/src/test/resources/application-test.yml +++ b/proxies/saf-proxy/src/test/resources/application-test.yml @@ -1,11 +1,9 @@ TOKEN_X_ISSUER: dummy + consumers: saf: url: http://saf-dummy.dummy.no cluster: dev-fss name: saf-dummy namespace: dummy -spring: - cloud: - vault: - enabled: false + diff --git a/proxies/sigrunstub-proxy/README.md b/proxies/sigrunstub-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/sigrunstub-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/sigrunstub-proxy/build.gradle b/proxies/sigrunstub-proxy/build.gradle index 2eeeaa62ff6..b6c1e5e936a 100644 --- a/proxies/sigrunstub-proxy/build.gradle +++ b/proxies/sigrunstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:vault" } diff --git a/proxies/sigrunstub-proxy/settings.gradle b/proxies/sigrunstub-proxy/settings.gradle index b0883859278..fa1ab721eca 100644 --- a/proxies/sigrunstub-proxy/settings.gradle +++ b/proxies/sigrunstub-proxy/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/sigrunstub-proxy/src/main/java/no/nav/testnav/proxies/sigrunstubproxy/LocalVaultConfig.java b/proxies/sigrunstub-proxy/src/main/java/no/nav/testnav/proxies/sigrunstubproxy/LocalVaultConfig.java deleted file mode 100644 index 037351b909c..00000000000 --- a/proxies/sigrunstub-proxy/src/main/java/no/nav/testnav/proxies/sigrunstubproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.sigrunstubproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/sigrunstub-proxy/src/main/resources/application-dev.yml b/proxies/sigrunstub-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/sigrunstub-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/sigrunstub-proxy/src/main/resources/application.yml b/proxies/sigrunstub-proxy/src/main/resources/application.yml index 7276fd556ff..4e14eb4e948 100644 --- a/proxies/sigrunstub-proxy/src/main/resources/application.yml +++ b/proxies/sigrunstub-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,8 +19,9 @@ spring: gateway: httpclient: response-timeout: 600s - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/sigrunstub-proxy/src/test/java/no/nav/testnav/proxies/sigrunstubproxy/ApplicationContextTest.java b/proxies/sigrunstub-proxy/src/test/java/no/nav/testnav/proxies/sigrunstubproxy/ApplicationContextTest.java index 2199cc1f682..47bf9ceff2e 100644 --- a/proxies/sigrunstub-proxy/src/test/java/no/nav/testnav/proxies/sigrunstubproxy/ApplicationContextTest.java +++ b/proxies/sigrunstub-proxy/src/test/java/no/nav/testnav/proxies/sigrunstubproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/sigrunstub-proxy/src/test/resources/application-test.properties b/proxies/sigrunstub-proxy/src/test/resources/application-test.properties deleted file mode 100644 index e5e55886152..00000000000 --- a/proxies/sigrunstub-proxy/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER=dummy \ No newline at end of file diff --git a/proxies/sigrunstub-proxy/src/test/resources/application-test.yml b/proxies/sigrunstub-proxy/src/test/resources/application-test.yml new file mode 100644 index 00000000000..f05debbd219 --- /dev/null +++ b/proxies/sigrunstub-proxy/src/test/resources/application-test.yml @@ -0,0 +1 @@ +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/skjermingsregister-proxy/README.md b/proxies/skjermingsregister-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/skjermingsregister-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/skjermingsregister-proxy/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/proxies/skjermingsregister-proxy/src/main/resources/META-INF/additional-spring-configuration-metadata.json new file mode 100644 index 00000000000..2a704be2f85 --- /dev/null +++ b/proxies/skjermingsregister-proxy/src/main/resources/META-INF/additional-spring-configuration-metadata.json @@ -0,0 +1,8 @@ +{ + "properties": [ + { + "name": "consumers.skjermingsregister.url", + "type": "java.net.URL", + "description": "URL to service skjermede-personer." + } +] } \ No newline at end of file diff --git a/proxies/skjermingsregister-proxy/src/main/resources/application-local.yml b/proxies/skjermingsregister-proxy/src/main/resources/application-local.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/skjermingsregister-proxy/src/main/resources/application-local.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/skjermingsregister-proxy/src/main/resources/application.yml b/proxies/skjermingsregister-proxy/src/main/resources/application.yml index 675b5454381..4db5b00c8b2 100644 --- a/proxies/skjermingsregister-proxy/src/main/resources/application.yml +++ b/proxies/skjermingsregister-proxy/src/main/resources/application.yml @@ -10,17 +10,18 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} cloud: - vault: - enabled: false gateway: httpclient: response-timeout: 30s + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/skjermingsregister-proxy/src/test/resources/application-test.yml b/proxies/skjermingsregister-proxy/src/test/resources/application-test.yml index f77593af929..3a43869267f 100644 --- a/proxies/skjermingsregister-proxy/src/test/resources/application-test.yml +++ b/proxies/skjermingsregister-proxy/src/test/resources/application-test.yml @@ -1,4 +1,5 @@ TOKEN_X_ISSUER: dummy -proxy.url: http://localhost STS_TOKEN_PROVIDER_USERNAME: dummy -STS_TOKEN_PROVIDER_PASSWORD: dummy \ No newline at end of file +STS_TOKEN_PROVIDER_PASSWORD: dummy + +proxy.url: http://localhost \ No newline at end of file diff --git a/proxies/sykemelding-proxy/src/main/resources/application.yml b/proxies/sykemelding-proxy/src/main/resources/application.yml index e6753ab77f1..1d29c30041d 100644 --- a/proxies/sykemelding-proxy/src/main/resources/application.yml +++ b/proxies/sykemelding-proxy/src/main/resources/application.yml @@ -16,8 +16,9 @@ spring: jwk-set-uri: ${TOKEN_X_JWKS_URI} accepted-audience: ${TOKEN_X_CLIENT_ID} cloud: - vault: - enabled: false + gcp: + secretmanager: + enabled: false gateway: httpclient: response-timeout: 30s diff --git a/proxies/synthdata-meldekort-proxy/README.md b/proxies/synthdata-meldekort-proxy/README.md index 7384301da9a..dfa8479ddd6 100644 --- a/proxies/synthdata-meldekort-proxy/README.md +++ b/proxies/synthdata-meldekort-proxy/README.md @@ -5,12 +5,9 @@ nå synt-applikasjonen. ## Lokal kjøring -Start `SynthdataMeldekortProxyApplicationStarter` med følgende props: - -``` --Dspring.profiles.active=dev --Dspring.cloud.vault.token=<> -``` +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) ## Access token Siden proxy-en kjører med trygdeetaten tenant kan man ikke bruke oversikt-frontend for å hente access token når man diff --git a/proxies/synthdata-meldekort-proxy/build.gradle b/proxies/synthdata-meldekort-proxy/build.gradle index ce19804eec5..66ce73cf9ae 100644 --- a/proxies/synthdata-meldekort-proxy/build.gradle +++ b/proxies/synthdata-meldekort-proxy/build.gradle @@ -19,8 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" implementation "org.springframework.boot:spring-boot-starter-webflux" - implementation "org.springframework.cloud:spring-cloud-starter-vault-config" } \ No newline at end of file diff --git a/proxies/synthdata-meldekort-proxy/config.yml b/proxies/synthdata-meldekort-proxy/config.yml index 5d6498ba0b8..c20fb8d97da 100644 --- a/proxies/synthdata-meldekort-proxy/config.yml +++ b/proxies/synthdata-meldekort-proxy/config.yml @@ -72,8 +72,6 @@ spec: replicas: min: 1 max: 2 - vault: - enabled: true resources: requests: cpu: 200m diff --git a/proxies/synthdata-meldekort-proxy/settings.gradle b/proxies/synthdata-meldekort-proxy/settings.gradle index 52df408b35e..51a14287d37 100644 --- a/proxies/synthdata-meldekort-proxy/settings.gradle +++ b/proxies/synthdata-meldekort-proxy/settings.gradle @@ -11,7 +11,6 @@ includeBuild '../../libs/reactive-core' includeBuild '../../libs/reactive-proxy' includeBuild '../../libs/reactive-security' includeBuild '../../libs/security-core' -includeBuild '../../libs/vault' develocity { buildScan { diff --git a/proxies/synthdata-meldekort-proxy/src/main/java/no/nav/testnav/proxies/synthdatameldekortproxy/SynthdataMeldekortProxyApplicationStarter.java b/proxies/synthdata-meldekort-proxy/src/main/java/no/nav/testnav/proxies/synthdatameldekortproxy/SynthdataMeldekortProxyApplicationStarter.java index 62e69799ba8..88a92c6bedc 100644 --- a/proxies/synthdata-meldekort-proxy/src/main/java/no/nav/testnav/proxies/synthdatameldekortproxy/SynthdataMeldekortProxyApplicationStarter.java +++ b/proxies/synthdata-meldekort-proxy/src/main/java/no/nav/testnav/proxies/synthdatameldekortproxy/SynthdataMeldekortProxyApplicationStarter.java @@ -7,7 +7,6 @@ import no.nav.testnav.libs.reactivesecurity.exchange.azuread.NavAzureAdTokenService; import no.nav.testnav.libs.securitycore.domain.AccessToken; import no.nav.testnav.proxies.synthdatameldekortproxy.config.Consumers; -import no.nav.testnav.proxies.synthdatameldekortproxy.config.LocalVaultConfig; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.gateway.route.RouteLocator; @@ -17,7 +16,6 @@ @Import({ CoreConfig.class, - LocalVaultConfig.class, SecurityConfig.class, SecureOAuth2ServerToServerConfiguration.class }) diff --git a/proxies/synthdata-meldekort-proxy/src/main/java/no/nav/testnav/proxies/synthdatameldekortproxy/config/LocalVaultConfig.java b/proxies/synthdata-meldekort-proxy/src/main/java/no/nav/testnav/proxies/synthdatameldekortproxy/config/LocalVaultConfig.java deleted file mode 100644 index 9d20b9bf7ab..00000000000 --- a/proxies/synthdata-meldekort-proxy/src/main/java/no/nav/testnav/proxies/synthdatameldekortproxy/config/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.synthdatameldekortproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/proxies/synthdata-meldekort-proxy/src/main/resources/application-dev.yml b/proxies/synthdata-meldekort-proxy/src/main/resources/application-dev.yml index 813a39364c9..0931b73834a 100644 --- a/proxies/synthdata-meldekort-proxy/src/main/resources/application-dev.yml +++ b/proxies/synthdata-meldekort-proxy/src/main/resources/application-dev.yml @@ -1,9 +1,20 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + azure: nav: app: client: - id: ${client_id} - secret: ${client_secret} + id: ${sm://azure-app-client-id} + secret: ${sm://azure-app-client-secret} + openid: + config: + issuer: https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b consumers: synt-meldekort: diff --git a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml index 9e4e5fcdf42..72804a26497 100644 --- a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml +++ b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml @@ -8,12 +8,13 @@ spring: trygdeetaten: issuer-uri: ${azure.openid.config.issuer} jwk-set-uri: ${azure.openid.config.jwks.uri} - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} codec: max-in-memory-size: 15MB cloud: - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/synthdata-meldekort-proxy/src/test/java/no/nav/testnav/proxies/synthdatameldekortproxy/ApplicationContextTest.java b/proxies/synthdata-meldekort-proxy/src/test/java/no/nav/testnav/proxies/synthdatameldekortproxy/ApplicationContextTest.java index 02588100eb7..2c897ad945b 100644 --- a/proxies/synthdata-meldekort-proxy/src/test/java/no/nav/testnav/proxies/synthdatameldekortproxy/ApplicationContextTest.java +++ b/proxies/synthdata-meldekort-proxy/src/test/java/no/nav/testnav/proxies/synthdatameldekortproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } \ No newline at end of file diff --git a/proxies/synthdata-meldekort-proxy/src/test/resources/application-test.yml b/proxies/synthdata-meldekort-proxy/src/test/resources/application-test.yml index e82d8cc835d..0664d10716c 100644 --- a/proxies/synthdata-meldekort-proxy/src/test/resources/application-test.yml +++ b/proxies/synthdata-meldekort-proxy/src/test/resources/application-test.yml @@ -1,10 +1,4 @@ azure: - app: - client: - id: dummy - secret: dummy openid: config: - issuer: dummy - jwks: - uri: dummy \ No newline at end of file + issuer: dummy \ No newline at end of file diff --git a/proxies/udistub-proxy/README.md b/proxies/udistub-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/udistub-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/udistub-proxy/build.gradle b/proxies/udistub-proxy/build.gradle index 0dc2e8ae2c3..e309c212e92 100644 --- a/proxies/udistub-proxy/build.gradle +++ b/proxies/udistub-proxy/build.gradle @@ -13,7 +13,4 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:vault" - - implementation "org.springframework.cloud:spring-cloud-starter-bootstrap" // TODO remove legacy bootstrap config } diff --git a/proxies/udistub-proxy/settings.gradle b/proxies/udistub-proxy/settings.gradle index 94a117cb7a1..b0cb53466d3 100644 --- a/proxies/udistub-proxy/settings.gradle +++ b/proxies/udistub-proxy/settings.gradle @@ -11,7 +11,6 @@ includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/udistub-proxy/src/main/java/no/nav/testnav/proxies/udistubproxy/LocalVaultConfig.java b/proxies/udistub-proxy/src/main/java/no/nav/testnav/proxies/udistubproxy/LocalVaultConfig.java deleted file mode 100644 index b1739871236..00000000000 --- a/proxies/udistub-proxy/src/main/java/no/nav/testnav/proxies/udistubproxy/LocalVaultConfig.java +++ /dev/null @@ -1,12 +0,0 @@ -package no.nav.testnav.proxies.udistubproxy; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.vault.annotation.VaultPropertySource; - -@Configuration -@Profile("dev") -@VaultPropertySource(value = "azuread/prod/creds/team-dolly-lokal-app", ignoreSecretNotFound = false) -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} diff --git a/proxies/udistub-proxy/src/main/resources/application-dev.yml b/proxies/udistub-proxy/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..0f24d85a8e2 --- /dev/null +++ b/proxies/udistub-proxy/src/main/resources/application-dev.yml @@ -0,0 +1,14 @@ +TOKEN_X_ISSUER: dummy + +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} \ No newline at end of file diff --git a/proxies/udistub-proxy/src/main/resources/application.yml b/proxies/udistub-proxy/src/main/resources/application.yml index c3d6f395292..04caa6c4b90 100644 --- a/proxies/udistub-proxy/src/main/resources/application.yml +++ b/proxies/udistub-proxy/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} jwk-set-uri: ${TOKEN_X_JWKS_URI} @@ -19,6 +19,9 @@ spring: gateway: httpclient: response-timeout: 1200s + gcp: + secretmanager: + enabled: false server: servlet: diff --git a/proxies/udistub-proxy/src/main/resources/bootstrap.yml b/proxies/udistub-proxy/src/main/resources/bootstrap.yml deleted file mode 100644 index 0451449ca23..00000000000 --- a/proxies/udistub-proxy/src/main/resources/bootstrap.yml +++ /dev/null @@ -1,4 +0,0 @@ -spring: - cloud: - vault: - enabled: false \ No newline at end of file diff --git a/proxies/udistub-proxy/src/test/java/no/nav/testnav/proxies/udistubproxy/ApplicationContextTest.java b/proxies/udistub-proxy/src/test/java/no/nav/testnav/proxies/udistubproxy/ApplicationContextTest.java index 312111e0f7a..48f8ffb9897 100644 --- a/proxies/udistub-proxy/src/test/java/no/nav/testnav/proxies/udistubproxy/ApplicationContextTest.java +++ b/proxies/udistub-proxy/src/test/java/no/nav/testnav/proxies/udistubproxy/ApplicationContextTest.java @@ -6,15 +6,19 @@ import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.test.context.ActiveProfiles; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + @SpringBootTest @ActiveProfiles("test") class ApplicationContextTest { @MockBean - public ReactiveJwtDecoder reactiveJwtDecoder; + @SuppressWarnings("unused") + private ReactiveJwtDecoder reactiveJwtDecoder; @Test - @SuppressWarnings("java:S2699") void load_app_context() { + assertThat(true).isTrue(); } + } diff --git a/proxies/udistub-proxy/src/test/resources/application-test.properties b/proxies/udistub-proxy/src/test/resources/application-test.properties deleted file mode 100644 index 483fe127f1f..00000000000 --- a/proxies/udistub-proxy/src/test/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -TOKEN_X_ISSUER= dummy \ No newline at end of file diff --git a/proxies/udistub-proxy/src/test/resources/application-test.yml b/proxies/udistub-proxy/src/test/resources/application-test.yml new file mode 100644 index 00000000000..f05debbd219 --- /dev/null +++ b/proxies/udistub-proxy/src/test/resources/application-test.yml @@ -0,0 +1 @@ +TOKEN_X_ISSUER: dummy \ No newline at end of file diff --git a/proxies/yrkesskade-proxy/README.md b/proxies/yrkesskade-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/yrkesskade-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/yrkesskade-proxy/build.gradle b/proxies/yrkesskade-proxy/build.gradle index de7cfad39dd..8ed97fe8337 100644 --- a/proxies/yrkesskade-proxy/build.gradle +++ b/proxies/yrkesskade-proxy/build.gradle @@ -12,5 +12,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:vault" } diff --git a/proxies/yrkesskade-proxy/config.yml b/proxies/yrkesskade-proxy/config.yml index 1fd5540ddfa..a62e067635c 100644 --- a/proxies/yrkesskade-proxy/config.yml +++ b/proxies/yrkesskade-proxy/config.yml @@ -49,8 +49,6 @@ spec: replicas: min: 1 max: 1 - vault: - enabled: true resources: requests: cpu: 200m diff --git a/proxies/yrkesskade-proxy/settings.gradle b/proxies/yrkesskade-proxy/settings.gradle index aba37aba8c1..8a5bb23f0ff 100644 --- a/proxies/yrkesskade-proxy/settings.gradle +++ b/proxies/yrkesskade-proxy/settings.gradle @@ -10,7 +10,6 @@ includeBuild "../../libs/reactive-core" includeBuild "../../libs/reactive-proxy" includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" -includeBuild "../../libs/vault" develocity { buildScan { diff --git a/proxies/yrkesskade-proxy/src/main/java/no/nav/testnav/proxies/yrkesskadeproxy/config/LocalVaultConfig.java b/proxies/yrkesskade-proxy/src/main/java/no/nav/testnav/proxies/yrkesskadeproxy/config/LocalVaultConfig.java deleted file mode 100644 index defca83410b..00000000000 --- a/proxies/yrkesskade-proxy/src/main/java/no/nav/testnav/proxies/yrkesskadeproxy/config/LocalVaultConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package no.nav.testnav.proxies.yrkesskadeproxy.config; - -import no.nav.testnav.libs.vault.AbstractLocalVaultConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Profile("dev") -@Configuration -public class LocalVaultConfig extends AbstractLocalVaultConfiguration { -} \ No newline at end of file diff --git a/proxies/yrkesskade-proxy/src/main/resources/application-dev.yaml b/proxies/yrkesskade-proxy/src/main/resources/application-dev.yaml index 4c4c40f29b0..4fcf0345fde 100644 --- a/proxies/yrkesskade-proxy/src/main/resources/application-dev.yaml +++ b/proxies/yrkesskade-proxy/src/main/resources/application-dev.yaml @@ -1,3 +1,17 @@ +spring: + cloud: + gcp: + secretmanager: + enabled: true + config: + import: "sm://" + security: + oauth2: + resourceserver: + aad: + accepted-audience: ${sm://azure-app-client-id}, api://${sm://azure-app-client-id} + tokenx: + issuer-uri: dummy consumers: yrkesskade: diff --git a/proxies/yrkesskade-proxy/src/main/resources/application.yml b/proxies/yrkesskade-proxy/src/main/resources/application.yml index 6969d7203e1..d184bab8be3 100644 --- a/proxies/yrkesskade-proxy/src/main/resources/application.yml +++ b/proxies/yrkesskade-proxy/src/main/resources/application.yml @@ -10,14 +10,15 @@ spring: aad: issuer-uri: ${AAD_ISSUER_URI}/v2.0 jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys - accepted-audience: ${azure.app.client.id}, api://${azure.app.client.id} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: response-timeout: 30s wiretap: true - vault: - enabled: false + gcp: + secretmanager: + enabled: false server: servlet: