change/common_testing_internal (#3768)

Changes liveness/readiness endpoints to match default Spring Boot Actuator endpoints.

.github/workflows/integration-tests.yml

@@ -14,6 +14,6 @@ jobs:
     uses: ./.github/workflows/common.integration-test.yml
     with:
       working-directory: "apps/bruker-service/"
-      healthcheck: "http://localhost:8002/internal/isAlive"
+      healthcheck: "http://localhost:8002/internal/health/liveness"
     secrets:
       NAV_TOKEN: ${{ secrets.NAV_TOKEN }}

apps/adresse-service/config.yml

@@ -18,7 +18,7 @@ spec:
   ingresses:
     - "https://testnav-adresse-service.intern.dev.nav.no"
   liveness:
-    path: /internal/isAlive
+    path: /internal/health/liveness
     periodSeconds: 30
     initialDelay: 30
   observability:
@@ -29,7 +29,7 @@ spec:
       enabled: true
       runtime: java
   readiness:
-    path: /internal/isReady
+    path: /internal/health/readiness
     initialDelay: 30
   prometheus:
     enabled: true

apps/adresse-service/src/main/java/no/nav/testnav/apps/adresseservice/AdresseServiceApplicationStarter.java

@@ -3,7 +3,9 @@
 import no.nav.dolly.libs.nais.NaisEnvironmentApplicationContextInitializer;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
+@EnableWebSecurity
 @SpringBootApplication
 public class AdresseServiceApplicationStarter {
 

apps/adresse-service/src/main/java/no/nav/testnav/apps/adresseservice/config/SecurityConfig.java

@@ -1,39 +1,25 @@
 package no.nav.testnav.apps.adresseservice.config;
 
+import no.nav.dolly.libs.security.config.DollyHttpSecurity;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
-import org.springframework.core.annotation.Order;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
-@EnableWebSecurity
 @Configuration
-@Profile({ "prod", "local" })
-@Order(1)
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
-    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
-
-        httpSecurity.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+    SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
+        return httpSecurity
+                .sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .csrf(AbstractHttpConfigurer::disable)
-                .authorizeHttpRequests(authorizeConfig -> authorizeConfig.requestMatchers(
-                        "/internal/**",
-                        "/webjars/**",
-                        "/swagger-resources/**",
-                        "/v3/api-docs/**",
-                        "/swagger-ui/**",
-                        "/swagger",
-                        "/error",
-                        "/swagger-ui.html"
-                ).permitAll().requestMatchers("/api/**").fullyAuthenticated())
-                .oauth2ResourceServer(oauth2RSConfig -> oauth2RSConfig.jwt(Customizer.withDefaults()));
-
-        return httpSecurity.build();
+                .authorizeHttpRequests(DollyHttpSecurity.withDefaultHttpRequests())
+                .oauth2ResourceServer(oauth2RSConfig -> oauth2RSConfig.jwt(Customizer.withDefaults()))
+                .build();
     }
+
 }

apps/adresse-service/src/main/resources/application.yml

@@ -1,6 +1,8 @@
 spring:
   application:
     name: adresse-service
+  config:
+    import: "classpath:dolly-application.yml"
   flyway:
     enabled: false
   security:
@@ -13,35 +15,9 @@ spring:
           issuer-uri: ${TOKEN_X_ISSUER}
           accepted-audience: ${TOKEN_X_CLIENT_ID}
 
-springdoc:
-  swagger-ui:
-    disable-swagger-default-url: true
-    url: /v3/api-docs
-
 consumers:
   pdl-services:
     url: https://testnav-pdl-proxy.dev-fss-pub.nais.io
     cluster: dev-fss
     namespace: dolly
-    name: testnav-pdl-proxy
-
-management:
-  endpoints:
-    access:
-      default: read_only
-    web:
-      base-path: /internal
-      exposure:
-        include: prometheus,health
-      path-mapping:
-        prometheus: metrics
-  prometheus:
-    metrics:
-      export:
-        enabled: true
-server:
-  servlet:
-    encoding:
-      charset: UTF-8
-  error:
-    include-message: always
+    name: testnav-pdl-proxy

apps/adresse-service/src/test/java/no/nav/testnav/apps/adresseservice/ApplicationContextTest.java

@@ -1,16 +1,8 @@
 package no.nav.testnav.apps.adresseservice;
 
-import no.nav.dolly.libs.nais.DollySpringBootTest;
-import org.junit.jupiter.api.Test;
-
-import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+import no.nav.dolly.libs.test.DollySpringBootTest;
+import no.nav.dolly.libs.test.DollyApplicationContextTest;
 
 @DollySpringBootTest
-class ApplicationContextTest {
-
-    @Test
-    void load_app_context() {
-        assertThat(true).isTrue();
-    }
-
-}
+class ApplicationContextTest extends DollyApplicationContextTest {
+}

apps/altinn3-tilgang-service/config.dev.yml

@@ -38,7 +38,7 @@ spec:
         - host: platform.tt02.altinn.no
         - host: data.brreg.no
   liveness:
-    path: /internal/isAlive
+    path: /internal/health/liveness
     initialDelay: 10
     periodSeconds: 5
     failureThreshold: 500
@@ -50,7 +50,7 @@ spec:
       enabled: true
       runtime: java
   readiness:
-    path: /internal/isReady
+    path: /internal/health/readiness
     initialDelay: 10
     periodSeconds: 5
     failureThreshold: 500

apps/altinn3-tilgang-service/config.prod.yml

@@ -42,7 +42,7 @@ spec:
         - host: platform.altinn.no
         - host: data.brreg.no
   liveness:
-    path: /internal/isAlive
+    path: /internal/health/liveness
     initialDelay: 10
     periodSeconds: 5
     failureThreshold: 500
@@ -54,7 +54,7 @@ spec:
       enabled: true
       runtime: java
   readiness:
-    path: /internal/isReady
+    path: /internal/health/readiness
     initialDelay: 10
     periodSeconds: 5
     failureThreshold: 500

apps/altinn3-tilgang-service/src/main/resources/application.yml

@@ -2,6 +2,8 @@ spring:
   application:
     name: testnav-altinn3-tilgang-service
     description: Tjeneste for å hente og sette tilganger for orgnisasjoner
+  config:
+    import: "classpath:dolly-application.yml"
   security:
     oauth2:
       resourceserver:
@@ -15,37 +17,13 @@ spring:
     serialization:
       write_dates_as_timestamps: false
 
-springdoc:
-  swagger-ui:
-    disable-swagger-default-url: true
-    url: /v3/api-docs
-
 altinn:
   api:
     url: ${ALTINN_URL}
   resource:
     owner: nav
     identifier: godkjente-dolly-tilganger
 
-management:
-  endpoints:
-    access:
-      default: read_only
-    web:
-      base-path: /internal
-      exposure:
-        include: prometheus,health
-      path-mapping:
-        prometheus: metrics
-  prometheus:
-    metrics:
-      export:
-        enabled: true
-
 server:
-  servlet:
-    encoding:
-      charset: UTF-8
   error:
-    include-message: always
     include-stacktrace: never

apps/altinn3-tilgang-service/src/test/java/no/nav/testnav/altinn3tilgangservice/ApplicationContextTest.java

@@ -1,16 +1,8 @@
 package no.nav.testnav.altinn3tilgangservice;
 
-import no.nav.dolly.libs.nais.DollySpringBootTest;
-import org.junit.jupiter.api.Test;
-
-import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+import no.nav.dolly.libs.test.DollySpringBootTest;
+import no.nav.dolly.libs.test.DollyApplicationContextTest;
 
 @DollySpringBootTest
-class ApplicationContextTest {
-
-    @Test
-    void load_app_context() {
-        assertThat(true).isTrue();
-    }
-
+class ApplicationContextTest extends DollyApplicationContextTest {
 }

apps/amelding-service/config.yml

@@ -29,7 +29,7 @@ spec:
       enabled: true
       tenant: nav.no
   liveness:
-    path: /internal/isAlive
+    path: /internal/health/liveness
     initialDelay: 4
     periodSeconds: 5
     failureThreshold: 500
@@ -41,7 +41,7 @@ spec:
       enabled: true
       runtime: java
   readiness:
-    path: /internal/isReady
+    path: /internal/health/readiness
     initialDelay: 4
     periodSeconds: 5
     failureThreshold: 500

apps/amelding-service/src/main/resources/application.yml

@@ -3,44 +3,18 @@ spring:
     name: testnav-amelding-service
     version: application.version.todo
     description: Tjeneste for å sende inn amelding
+  config:
+    import: "classpath:dolly-application.yml"
   security:
     oauth2:
       resourceserver:
         aad:
           issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER}
           accepted-audience:  ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID}
 
-springdoc:
-  swagger-ui:
-    disable-swagger-default-url: true
-    url: /v3/api-docs
-
 consumers:
   oppsummeringsdokument-service:
     cluster: dev-gcp
     namespace: dolly
     name: testnav-oppsummeringsdokument-service
-    url: http://testnav-oppsummeringsdokument-service.dolly.svc.cluster.local
-
-management:
-  endpoints:
-    enabled-by-default: true
-    web:
-      base-path: /internal
-      exposure:
-        include: prometheus,health
-      path-mapping:
-        prometheus: metrics
-  endpoint:
-    prometheus:
-      enabled: true
-  prometheus:
-    metrics:
-      export:
-        enabled: true
-server:
-  servlet:
-    encoding:
-      charset: UTF-8
-  error:
-    include-message: always
+    url: http://testnav-oppsummeringsdokument-service.dolly.svc.cluster.local

apps/amelding-service/src/test/java/no/nav/registre/testnav/ameldingservice/ApplicationContextTest.java

@@ -1,16 +1,8 @@
 package no.nav.registre.testnav.ameldingservice;
 
-import no.nav.dolly.libs.nais.DollySpringBootTest;
-import org.junit.jupiter.api.Test;
-
-import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+import no.nav.dolly.libs.test.DollySpringBootTest;
+import no.nav.dolly.libs.test.DollyApplicationContextTest;
 
 @DollySpringBootTest
-class ApplicationContextTest {
-
-    @Test
-    void load_app_context() {
-        assertThat(true).isTrue();
-    }
-
+class ApplicationContextTest extends DollyApplicationContextTest {
 }

apps/app-tilgang-analyse-service/config.yml

@@ -30,7 +30,7 @@ spec:
         databases:
           - name: testnav-app-tilgang-analyse-service-db
   liveness:
-    path: /internal/isAlive
+    path: /internal/health/liveness
     initialDelay: 4
     periodSeconds: 5
     failureThreshold: 500
@@ -42,7 +42,7 @@ spec:
       enabled: true
       runtime: java
   readiness:
-    path: /internal/isReady
+    path: /internal/health/readiness
     initialDelay: 4
     periodSeconds: 5
     failureThreshold: 500