diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml
index d2c7fa5..ba2bbde 100644
--- a/.github/workflows/ci-main.yml
+++ b/.github/workflows/ci-main.yml
@@ -1,6 +1,5 @@
name: ci-main
on:
- workflow_dispatch:
push:
branches:
- main
@@ -49,23 +48,9 @@ jobs:
--password-stdin
docker build . \
--file ./Dockerfile \
- --tag "${APP_PACKAGES_URL}:${APP_VERSION}" \
- --tag "${TRUSTED_URL}/${TRUSTED_REPOSITORY}/cwa-dcc-rules:${APP_VERSION}"
+ --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
env:
APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
APP_PACKAGES_USERNAME: ${{ github.actor }}
APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- TRUSTED_URL: ${{ secrets.TRUSTED_URL }}
- TRUSTED_REPOSITORY: ${{ secrets.TRUSTED_REPOSITORY }}
- - name: docker push trusted
- run: |
- echo ${TRUSTED_TOKEN} | docker login ${TRUSTED_URL} -u ${TRUSTED_USER} --password-stdin
- docker push ${TRUSTED_URL}/${TRUSTED_REPOSITORY}/cwa-dcc-rules:${APP_VERSION}
- env:
- TRUSTED_KEY: ${{ secrets.TRUSTED_KEY }}
- TRUSTED_URL: ${{ secrets.TRUSTED_URL }}
- TRUSTED_SERVER_URL: ${{ secrets.TRUSTED_SERVER_URL }}
- TRUSTED_REPOSITORY: ${{ secrets.TRUSTED_REPOSITORY }}
- TRUSTED_USER: ${{ secrets.TRUSTED_USER }}
- TRUSTED_TOKEN: ${{ secrets.TRUSTED_TOKEN }}
diff --git a/.github/workflows/ci-sonar.yml b/.github/workflows/ci-sonar.yml
new file mode 100644
index 0000000..f278a1e
--- /dev/null
+++ b/.github/workflows/ci-sonar.yml
@@ -0,0 +1,39 @@
+name: ci-sonar
+on:
+ push:
+ branches:
+ - main
+ pull_request:
+ types:
+ - opened
+ - synchronize
+ - reopened
+jobs:
+ sonar:
+ runs-on: ubuntu-20.04
+ steps:
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 11
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: mvn
+ run: |-
+ mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
+ --batch-mode \
+ --file ./pom.xml \
+ --settings ./settings.xml \
+ --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+ env:
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/pom.xml b/pom.xml
index b67a248..a6009f9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -26,7 +26,7 @@
6.1.1
2.4.4
- 2020.0.1
+ 2020.0.2
5.3.5
5.4.6
1.18.20
@@ -107,7 +107,6 @@
pom
import
-
org.projectlombok
lombok
@@ -159,14 +158,6 @@
org.springframework.boot
spring-boot-starter-actuator
-
- org.springframework.cloud
- spring-cloud-starter-vault-config
-
-
- org.springframework.cloud
- spring-cloud-starter-bootstrap
-
org.springframework.boot
spring-boot-test
@@ -274,10 +265,6 @@
nimbus-jose-jwt
9.9.2
-
- org.springframework.boot
- spring-boot-starter-security
-
diff --git a/scripts/Readme.md b/scripts/Readme.md
deleted file mode 100644
index 68a6222..0000000
--- a/scripts/Readme.md
+++ /dev/null
@@ -1,28 +0,0 @@
-# DCC Rules Upload Script
-
-This Batch script allows to upload multiple DCC-Validation Rules with one CMD command.
-
-## Preparation
-
-Install DGC-CLI on your computer. Follow all the steps described in Readme file.
-https://github.com/eu-digital-green-certificates/dgc-cli
-
-Copy your DCC-Validation Rules in a directory next to the Batch-File.
-The Rules can be placed within a directory structure.
-A rule file MUST have the filename ```rule.json```. All other files will be ignored.
-
-Copy you Upload- and MTLS-Certificate into the directory.
-
-Open the Batch-File with a Text-Editor of your choice and set the following Values
-
-| Variable | Value |
-| --- | --- |
-| DGCG_ENDPOINT | URL of rules upload endpoint (should end with /rules) |
-| SIGNING_KEY | Path to PrivateKeyFile of your Upload Certificate |
-| SIGNING_CERT | Path to PEM-File of your Upload Certificate |
-| TLS_KEY | Path to PrivateKeyFile of your TLS Certificate |
-| TLS_CERT | Path to PEM-File of your TLS Certificate |
-
-## Upload Rules
-
-Just execute the Batch Script and all Rules will be uploaded.
\ No newline at end of file
diff --git a/scripts/sign-and-upload.bat b/scripts/sign-and-upload.bat
deleted file mode 100644
index 654277d..0000000
--- a/scripts/sign-and-upload.bat
+++ /dev/null
@@ -1,26 +0,0 @@
-@echo off
-REM Change this values according to your needs
-SET DGCG_ENDPOINT="https://example.org/rules"
-SET SIGNING_KEY="upload_key.pem"
-SET SIGNING_CERT="upload.pem"
-SET TLS_KEY="auth_key.pem"
-SET TLS_CERT="auth.pem"
-
-
-REM DO NOT CHANGE ANYTHING BELOW THIS!
-
-echo Search rule files and sign with Upload Certificate and Upload to DGCG
-
-for /f "usebackq delims=|" %%f in (`dir /s/b rule.json`) do (call :upload %%f)
-
-echo deleting temporary file
-del -f tmp.cms
-
-goto :eof
-
-:upload
-echo Processing JSON file %1
-call dgc signing sign-string -c %SIGNING_CERT% -k %SIGNING_KEY% -i "%1" -o tmp.cms
-call curl --no-progress-bar --request POST "%DGCG_ENDPOINT%" --header "Content-Type: application/cms-text" --header "Accept: application/json" --data-binary @tmp.cms --cert %TLS_CERT% --key %TLS_KEY%
-echo.
-echo.
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/config/CorsConfig.java b/src/main/java/eu/europa/ec/dgc/businessrule/config/CorsConfig.java
deleted file mode 100644
index 4cc9aaa..0000000
--- a/src/main/java/eu/europa/ec/dgc/businessrule/config/CorsConfig.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package eu.europa.ec.dgc.businessrule.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-@Configuration
-@EnableWebSecurity
-public class CorsConfig implements WebMvcConfigurer {
-
- @Bean
- CorsConfigurationSource corsConfigurationSource(DgcConfigProperties dgcConfigProperties) {
- UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
- CorsConfiguration corsConfiguration = new CorsConfiguration().applyPermitDefaultValues();
- corsConfiguration.addAllowedOrigin(dgcConfigProperties.getCorsUrl());
- source.registerCorsConfiguration("/**",corsConfiguration);
- return source;
- }
-
-}
\ No newline at end of file
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/config/DgcConfigProperties.java b/src/main/java/eu/europa/ec/dgc/businessrule/config/DgcConfigProperties.java
index 9f79d28..962da8a 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/config/DgcConfigProperties.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/config/DgcConfigProperties.java
@@ -35,8 +35,6 @@ public class DgcConfigProperties {
private final GatewayDownload countryListDownload = new GatewayDownload();
- private String corsUrl;
-
@Getter
@Setter
public static class GatewayDownload {
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/config/WebSecurityConfig.java b/src/main/java/eu/europa/ec/dgc/businessrule/config/WebSecurityConfig.java
deleted file mode 100644
index c2a471b..0000000
--- a/src/main/java/eu/europa/ec/dgc/businessrule/config/WebSecurityConfig.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package eu.europa.ec.dgc.businessrule.config;
-
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-
-@EnableWebSecurity
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.cors();
- }
-
-}
\ No newline at end of file
diff --git a/src/main/resources/application-cloud.yml b/src/main/resources/application-cloud.yml
index 35186fc..4659664 100644
--- a/src/main/resources/application-cloud.yml
+++ b/src/main/resources/application-cloud.yml
@@ -1,30 +1,11 @@
spring:
+ h2:
+ console:
+ enabled: false
datasource:
driver-class-name: org.postgresql.Driver
- url: jdbc:postgresql://${POSTGRESQL_SERVICE_HOST}:${POSTGRESQL_SERVICE_PORT}/${POSTGRESQL_DATABASE}
- username: ${POSTGRESQL_USER}
- password: ${POSTGRESQL_PASSWORD}
+ url: jdbc:postgresql://localhost:5432/postgres
+ username: postgres
+ password: postgres
jpa:
database-platform: org.hibernate.dialect.PostgreSQLDialect
-springdoc:
- api-docs:
- enabled: false
-dgc:
- corsUrl: ${DGC_CORS_ENABLED_URL}
- gateway:
- connector:
- enabled: true
- endpoint: ${DGC_GATEWAY_CONNECTOR_ENDPOINT}
- proxy:
- enabled: false
- tls-trust-store:
- password: ${DGC_GATEWAY_CONNECTOR_TLSTRUSTSTORE_PASSWORD}
- path: ${DGC_GATEWAY_CONNECTOR_TLSTRUSTSTORE_PATH}
- tls-key-store:
- alias: ${DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_ALIAS}
- password: ${DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_PASSWORD}
- path: ${DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_PATH}
- trust-anchor:
- alias: ${DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_ALIAS}
- password: ${DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_PASSWORD}
- path: ${DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_PATH}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 74bd26f..a9e0409 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -25,34 +25,17 @@ spring:
pool:
size: 5
management:
- server:
- ssl:
- enabled: false
- port: 8081
endpoint:
info:
enabled: true
health:
enabled: true
- metrics:
- enabled: true
- prometheus:
- enabled: true
endpoints:
enabled-by-default: false
web:
+ base-path: /management
exposure:
- include: info,health,metrics,prometheus
- jmx:
- exposure:
- include: info,health,metrics,prometheus
- health:
- probes:
- enabled: true
- metrics:
- export:
- prometheus:
- enabled: true
+ include: info,health
info:
name: ${spring.application.name}
profiles: ${spring.profiles.active}
@@ -63,7 +46,6 @@ springdoc:
swagger-ui:
path: /swagger
dgc:
- corsUrl: https://dgc-gateway.example.com
businessRulesDownload:
timeInterval: 1800000
lockLimit: 3600000
diff --git a/src/main/resources/bootstrap-cloud.yaml b/src/main/resources/bootstrap-cloud.yaml
deleted file mode 100644
index 83c0b08..0000000
--- a/src/main/resources/bootstrap-cloud.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
----
-spring:
- application:
- name: cwa-dcc-rules
- cloud:
- vault:
- ssl:
- trust-store: file:${SSL_VAULT_TRUSTSTORE_PATH}
- trust-store-password: ${SSL_VAULT_TRUSTSTORE_PASSWORD}
- enabled: true
- generic:
- enabled: false
- kv:
- enabled: true
- backend: ${VAULT_BACKEND}
- profile-separator: '/'
- application-name: 'cwa-dcc-rules'
- default-context: ''
- profiles: cloud
- fail-fast: true
- authentication: KUBERNETES
- kubernetes:
- role: ${VAULT_ROLE}
- kubernetes-path: kubernetes
- service-account-token-file: /var/run/secrets/kubernetes.io/serviceaccount/token
- uri: ${VAULT_URI}
- connection-timeout: 5000
- read-timeout: 15000
- config:
- order: -10
diff --git a/src/main/resources/bootstrap.yaml b/src/main/resources/bootstrap.yaml
deleted file mode 100644
index 4eed0ce..0000000
--- a/src/main/resources/bootstrap.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-spring:
- cloud:
- vault:
- enabled: false
diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml
index bbbd95f..338cdf0 100644
--- a/src/test/resources/application.yml
+++ b/src/test/resources/application.yml
@@ -11,7 +11,6 @@ spring:
main:
allow-bean-definition-overriding: true
dgc:
- corsUrl: "localhost"
businessRulesDownload:
timeInterval: 1800000
lockLimit: 3600000