From 0674542d2ae5b75c3104a1cb208b5f6789df907e Mon Sep 17 00:00:00 2001 From: Thomas Richner Date: Fri, 9 Feb 2024 10:29:04 +0100 Subject: [PATCH] ARC-1238: Add a HealthCheck for our ehealthid-relying-party (#20) * ARC-1238: Added health endpoint * ARC-1238: Unrelated cleanup :) * ARC-1238: Review findings --- .github/workflows/latest.yml | 38 +++++++++++++++ .github/workflows/release.yml | 24 +++++----- Dockerfile | 48 ++++++++++++++----- README.md | 1 - ehealthid-rp/pom.xml | 23 +++++---- .../oviva/ehealthid/relyingparty/ws/App.java | 3 +- .../relyingparty/ws/HealthEndpoint.java | 19 ++++++++ .../relyingparty/ws/HealthEndpointTest.java | 20 ++++++++ pom.xml | 15 ++++++ 9 files changed, 156 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/latest.yml create mode 100644 ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/HealthEndpoint.java create mode 100644 ehealthid-rp/src/test/java/com/oviva/ehealthid/relyingparty/ws/HealthEndpointTest.java diff --git a/.github/workflows/latest.yml b/.github/workflows/latest.yml new file mode 100644 index 0000000..939bfea --- /dev/null +++ b/.github/workflows/latest.yml @@ -0,0 +1,38 @@ +name: Build and Publish the latest and greatest Application Image + +on: + push: + branches: + - main + +env: + REGISTRY: ghcr.io + +jobs: + deploy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Setup Java + uses: actions/setup-java@v4 + with: + java-version: 21 + distribution: 'temurin' + cache: 'maven' + - name: Log in to the Container registry + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - id: buildx + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build and push Image + run: | + make dist RELEASE_TAG=latest + permissions: + contents: read + packages: write \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 50c51df..a16faa7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,4 @@ -name: Build and Publish Application Image +name: Build and Publish a tagged Application Image on: push: @@ -10,9 +10,10 @@ env: jobs: deploy: - env: - DOCKER_REPO: 'europe-docker.pkg.dev/oviva-pkg/ovi/' runs-on: ubuntu-latest + permissions: + contents: read + packages: write steps: - uses: actions/checkout@v4 - name: Setup Java @@ -27,12 +28,6 @@ jobs: echo "parsing version from ref '$GITHUB_REF'" VERSION=$(echo "$GITHUB_REF" | sed -e 's|.*/ehealthid-relying-party/v\(.*\)|\1|g') echo "version=$VERSION" >> $GITHUB_OUTPUT - - name: Update Version - env: - VERSION: ${{ steps.version.outputs.version }} - run: | - echo "updating version to '$VERSION'" - make update-version "VERSION=$VERSION" - name: Log in to the Container registry uses: docker/login-action@v2 with: @@ -44,11 +39,14 @@ jobs: - id: buildx name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Update Version + env: + VERSION: ${{ steps.version.outputs.version }} + run: | + echo "updating version to '$VERSION'" + make update-version "VERSION=$VERSION" - name: Build and push Image env: VERSION: ${{ steps.version.outputs.version }} run: | - make dist RELEASE_TAG=v$VERSION - permissions: - contents: read - packages: write \ No newline at end of file + make dist RELEASE_TAG=v$VERSION \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 88bdf31..38688a2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,26 +4,50 @@ LABEL org.opencontainers.image.source="https://github.com/oviva-ag/ehealthid-rel ARG JAVA_PACKAGE=java-21-openjdk-headless ARG RUN_JAVA_VERSION=1.3.8 +ARG OTEL_AGENT_VERSION=v1.32.1 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf -y install ca-certificates ${JAVA_PACKAGE} \ - && microdnf -y update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/conf/security/java.security \ - && echo "securerandom.strongAlgorithms=NativePRNGNonBlocking:SUN,DRBG:SUN" >> /etc/alternatives/jre/conf/security/java.security +RUN <> /etc/alternatives/jre/conf/security/java.security +echo "securerandom.strongAlgorithms=NativePRNGNonBlocking:SUN,DRBG:SUN" >> /etc/alternatives/jre/conf/security/java.security +EOF + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-javaagent:/opentelemetry-javaagent.jar -Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" + +# Configure OpenTelemetry +ENV OTEL_JAVAAGENT_DEBUG=false +ENV OTEL_JAVAAGENT_ENABLED=false +ENV OTEL_METRICS_EXPORTER=none +ENV OTEL_LOGS_EXPORTER=none +ENV OTEL_TRACES_EXPORTER=otlp +ENV OTEL_EXPORTER_OTLP_TRACES_PROTOCOL=grpc + +## Allowlist instrumented components for faster startup +ENV OTEL_INSTRUMENTATION_COMMON_DEFAULT_ENABLED=false +ENV OTEL_INSTRUMENTATION_JAVA_HTTP_CLIENT_ENABLED=true +ENV OTEL_INSTRUMENTATION_JAXRS_ENABLED=true +ENV OTEL_INSTRUMENTATION_UNDERTOW_ENABLED=true COPY --chown=1001 ehealthid-rp/target/ehealthid-rp-jar-with-dependencies.jar /deployments/ USER 1001 +# The default port, configurable though. +EXPOSE 1234 + ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file diff --git a/README.md b/README.md index 8b03c29..ce0235b 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,6 @@ # TODO In order of priority: -- [ ] Health endpoint - sanity check whether Jakarta ws is up should be enough. I.e. `/health` - [ ] Continuous Deployment - [ ] Helm chart (externally) - [ ] Internationalization (ResourceBundles) for templates (en & de) diff --git a/ehealthid-rp/pom.xml b/ehealthid-rp/pom.xml index cf3c7e3..ae35859 100644 --- a/ehealthid-rp/pom.xml +++ b/ehealthid-rp/pom.xml @@ -141,20 +141,27 @@ test - - org.jsoup - jsoup - 1.17.2 - test - - ${project.artifactId} - org.apache.maven.plugins + maven-dependency-plugin + + + package + + copy-dependencies + + + compile + ${project.build.directory}/lib + + + + + maven-assembly-plugin diff --git a/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/App.java b/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/App.java index 26bd0bc..b44df79 100644 --- a/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/App.java +++ b/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/App.java @@ -44,7 +44,8 @@ public Set getSingletons() { new AuthEndpoint( config.baseUri(), config.relyingParty(), sessionRepo, tokenIssuer, authenticationFlow), new OpenIdEndpoint(config.baseUri(), config.relyingParty(), keyStore), - new JacksonJsonProvider(configureObjectMapper())); + new JacksonJsonProvider(configureObjectMapper()), + new HealthEndpoint()); } @Override diff --git a/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/HealthEndpoint.java b/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/HealthEndpoint.java new file mode 100644 index 0000000..f5ec37e --- /dev/null +++ b/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/HealthEndpoint.java @@ -0,0 +1,19 @@ +package com.oviva.ehealthid.relyingparty.ws; + +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; + +@Path("/health") +public class HealthEndpoint { + + private static final String STATUS_UP = "{\"status\":\"UP\"}"; + + @GET + public Response get() { + // For now if this endpoint is reachable then the service is up. There is no hard dependency + // that could be down. + return Response.ok(STATUS_UP).type(MediaType.APPLICATION_JSON_TYPE).build(); + } +} diff --git a/ehealthid-rp/src/test/java/com/oviva/ehealthid/relyingparty/ws/HealthEndpointTest.java b/ehealthid-rp/src/test/java/com/oviva/ehealthid/relyingparty/ws/HealthEndpointTest.java new file mode 100644 index 0000000..f7e0601 --- /dev/null +++ b/ehealthid-rp/src/test/java/com/oviva/ehealthid/relyingparty/ws/HealthEndpointTest.java @@ -0,0 +1,20 @@ +package com.oviva.ehealthid.relyingparty.ws; + +import static org.junit.jupiter.api.Assertions.*; + +import jakarta.ws.rs.core.Response.Status; +import org.junit.jupiter.api.Test; + +class HealthEndpointTest { + + @Test + void get() { + var sut = new HealthEndpoint(); + + // when + var res = sut.get(); + + // then + assertEquals(Status.OK.getStatusCode(), res.getStatus()); + } +} diff --git a/pom.xml b/pom.xml index ad50872..5a42c7a 100644 --- a/pom.xml +++ b/pom.xml @@ -72,6 +72,12 @@ com.github.spotbugs spotbugs-annotations 4.8.3 + + + com.google.code.findbugs + jsr305 + + jakarta.platform @@ -305,6 +311,10 @@ maven-site-plugin 3.12.1 + + maven-dependency-plugin + 3.6.1 + @@ -330,6 +340,11 @@ + + + com.google.code.findbugs:jsr305 + +