diff --git a/.azure/modules/redis/main.bicep b/.azure/modules/redis/main.bicep index d6e873b18..80aa92885 100644 --- a/.azure/modules/redis/main.bicep +++ b/.azure/modules/redis/main.bicep @@ -97,9 +97,6 @@ module privateDnsZone '../privateDnsZone/main.bicep' = { module privateDnsZoneGroup '../privateDnsZoneGroup/main.bicep' = { name: '${namePrefix}-redis-privateDnsZoneGroup' - dependsOn: [ - privateDnsZone - ] params: { name: 'default' dnsZoneGroupName: 'privatelink-redis-cache-windows-net' diff --git a/.azure/modules/serviceBus/main.bicep b/.azure/modules/serviceBus/main.bicep index 4c34d3a56..50ad8883b 100644 --- a/.azure/modules/serviceBus/main.bicep +++ b/.azure/modules/serviceBus/main.bicep @@ -83,9 +83,6 @@ module privateDnsZone '../privateDnsZone/main.bicep' = { module privateDnsZoneGroup '../privateDnsZoneGroup/main.bicep' = { name: '${namePrefix}-service-bus-privateDnsZoneGroup' - dependsOn: [ - privateDnsZone - ] params: { name: 'default' dnsZoneGroupName: 'privatelink-servicebus-windows-net' diff --git a/.env b/.env index cbd2e3101..8300930d6 100644 --- a/.env +++ b/.env @@ -1,7 +1,7 @@ # ENV variables for docker-compose POSTGRES_USER=postgres POSTGRES_PASSWORD=supersecret -POSTGRES_DB=Dialogporten +POSTGRES_DB=dialogporten DB_CONNECTION_STRING=Server=dialogporten-postgres;Port=5432;Database=${POSTGRES_DB};User ID=${POSTGRES_USER};Password=${POSTGRES_PASSWORD}; COMPOSE_PROJECT_NAME=digdir diff --git a/.github/actions/azure-login/action.yml b/.github/actions/azure-login/action.yml new file mode 100644 index 000000000..5b8772979 --- /dev/null +++ b/.github/actions/azure-login/action.yml @@ -0,0 +1,28 @@ +name: 'Azure Login with Bicep Upgrade' +description: 'Login to Azure and upgrade Bicep CLI' + +inputs: + client-id: + description: 'Azure Client ID' + required: true + tenant-id: + description: 'Azure Tenant ID' + required: true + subscription-id: + description: 'Azure Subscription ID' + required: true +env: + AZ_CLI_VERSION: 2.67.0 +runs: + using: "composite" + steps: + - name: OIDC Login to Azure Public Cloud + uses: azure/login@v2 + with: + client-id: ${{ inputs.client-id }} + tenant-id: ${{ inputs.tenant-id }} + subscription-id: ${{ inputs.subscription-id }} + + - name: Upgrade Azure Bicep + shell: bash + run: az bicep upgrade \ No newline at end of file diff --git a/.github/workflows/workflow-deploy-apps.yml b/.github/workflows/workflow-deploy-apps.yml index a45653ef2..26d66c2e8 100644 --- a/.github/workflows/workflow-deploy-apps.yml +++ b/.github/workflows/workflow-deploy-apps.yml @@ -1,6 +1,4 @@ name: Deploy apps -env: - AZ_CLI_VERSION: 2.67.0 on: workflow_call: outputs: @@ -67,8 +65,8 @@ jobs: - name: "Checkout GitHub Action" uses: actions/checkout@v4 - - name: OIDC Login to Azure Public Cloud - uses: azure/login@v2 + - name: Azure Login + uses: ./.github/actions/azure-login with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} @@ -119,7 +117,6 @@ jobs: uses: azure/CLI@v2 if: ${{!inputs.dryRun}} with: - azcliversion: ${{ env.AZ_CLI_VERSION }} inlineScript: | az containerapp job start -n ${{ steps.deploy.outputs.name }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} @@ -129,7 +126,6 @@ jobs: id: verify-migration timeout-minutes: 3 with: - azcliversion: ${{ env.AZ_CLI_VERSION }} inlineScript: | ./.github/tools/containerAppJobVerifier.sh ${{ steps.deploy.outputs.name }} ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} ${{ inputs.version }} @@ -162,12 +158,13 @@ jobs: - name: "Checkout GitHub Action" uses: actions/checkout@v4 - - name: OIDC Login to Azure Public Cloud - uses: azure/login@v2 + - name: Azure Login + uses: ./.github/actions/azure-login with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + - name: Dryrun Deploy app ${{ matrix.name }}(${{ inputs.environment }}) uses: azure/arm-deploy@v2 if: ${{ inputs.dryRun }} @@ -223,7 +220,6 @@ jobs: id: verify-deployment timeout-minutes: 3 with: - azcliversion: ${{ env.AZ_CLI_VERSION }} inlineScript: | ./.github/tools/revisionVerifier.sh ${{ steps.deploy.outputs.revisionName }} ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} @@ -252,8 +248,8 @@ jobs: - name: "Checkout GitHub Action" uses: actions/checkout@v4 - - name: OIDC Login to Azure Public Cloud - uses: azure/login@v2 + - name: Azure Login + uses: ./.github/actions/azure-login with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} diff --git a/.github/workflows/workflow-deploy-infra.yml b/.github/workflows/workflow-deploy-infra.yml index cbc7ebca3..014a0db79 100644 --- a/.github/workflows/workflow-deploy-infra.yml +++ b/.github/workflows/workflow-deploy-infra.yml @@ -1,8 +1,4 @@ name: Deploy infrastructure - -env: - AZ_CLI_VERSION: 2.67.0 - on: workflow_call: secrets: @@ -63,8 +59,8 @@ jobs: with: ref: ${{ inputs.ref }} - - name: OIDC Login to Azure Public Cloud - uses: azure/login@v2 + - name: Azure Login + uses: ./.github/actions/azure-login with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} @@ -74,7 +70,6 @@ jobs: uses: azure/CLI@v2 id: keyvault-keys with: - azcliversion: ${{ env.AZ_CLI_VERSION }} inlineScript: | KEY_VAULT_KEYS=$(az keyvault secret list --vault-name ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }} --subscription ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }} --query "[].name" -o json | tr -d '\n') echo "::set-output name=key-vault-keys::$KEY_VAULT_KEYS" diff --git a/docker-compose.yml b/docker-compose.yml index f8b605880..f2a7ec59f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,7 +4,7 @@ include: services: dialogporten-webapi-ingress: - image: nginx:1.27.2 + image: nginx:1.27.3 ports: - "7214:80" volumes: @@ -38,7 +38,7 @@ services: - ./.aspnet/https:/https dialogporten-graphql-ingress: - image: nginx:1.27.2 + image: nginx:1.27.3 ports: - "7215:80" volumes: diff --git a/docs/schema/V1/swagger.verified.json b/docs/schema/V1/swagger.verified.json index 0a0592d18..e617e216e 100644 --- a/docs/schema/V1/swagger.verified.json +++ b/docs/schema/V1/swagger.verified.json @@ -4683,7 +4683,7 @@ "JWTBearerAuth": { "bearerFormat": "JWT", "description": "Enter a JWT token to authorize the requests...", - "scheme": "Bearer", + "scheme": "bearer", "type": "http" } } @@ -5853,6 +5853,9 @@ }, "description": "The UUID of the created the dialog aggregate. A relative URL to the newly created activity is set in the \u0022Location\u0022 header." }, + "204": { + "description": "No Content" + }, "400": { "content": { "application/problem\u002Bjson": { @@ -6468,6 +6471,9 @@ }, "description": "The UUID of the created the dialog activity. A relative URL to the newly created activity is set in the \u0022Location\u0022 header." }, + "204": { + "description": "No Content" + }, "400": { "content": { "application/problem\u002Bjson": { @@ -6741,7 +6747,10 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/V1ServiceOwnerDialogTransmissionsQueriesSearch_Transmission" + "items": { + "$ref": "#/components/schemas/V1ServiceOwnerDialogTransmissionsQueriesSearch_Transmission" + }, + "type": "array" } } }, @@ -6825,6 +6834,9 @@ }, "description": "The UUID of the created the dialog transmission. A relative URL to the newly created activity is set in the \u0022Location\u0022 header." }, + "204": { + "description": "No Content" + }, "400": { "content": { "application/problem\u002Bjson": { diff --git a/src/Digdir.Domain.Dialogporten.WebApi/Digdir.Domain.Dialogporten.WebApi.csproj b/src/Digdir.Domain.Dialogporten.WebApi/Digdir.Domain.Dialogporten.WebApi.csproj index 6216ac381..2641131ac 100644 --- a/src/Digdir.Domain.Dialogporten.WebApi/Digdir.Domain.Dialogporten.WebApi.csproj +++ b/src/Digdir.Domain.Dialogporten.WebApi/Digdir.Domain.Dialogporten.WebApi.csproj @@ -8,7 +8,7 @@ - + diff --git a/src/Digdir.Domain.Dialogporten.WebApi/Endpoints/V1/ServiceOwner/DialogTransmissions/Search/SearchDialogTransmissionEndpoint.cs b/src/Digdir.Domain.Dialogporten.WebApi/Endpoints/V1/ServiceOwner/DialogTransmissions/Search/SearchDialogTransmissionEndpoint.cs index 06fb1aede..5af04f663 100644 --- a/src/Digdir.Domain.Dialogporten.WebApi/Endpoints/V1/ServiceOwner/DialogTransmissions/Search/SearchDialogTransmissionEndpoint.cs +++ b/src/Digdir.Domain.Dialogporten.WebApi/Endpoints/V1/ServiceOwner/DialogTransmissions/Search/SearchDialogTransmissionEndpoint.cs @@ -22,7 +22,7 @@ public override void Configure() Policies(AuthorizationPolicy.ServiceProvider); Group(); - Description(b => b.ProducesOneOf( + Description(b => b.ProducesOneOf>( StatusCodes.Status200OK, StatusCodes.Status404NotFound, StatusCodes.Status410Gone)); diff --git a/src/Digdir.Domain.Dialogporten.WebApi/OpenApiDocumentExtensions.cs b/src/Digdir.Domain.Dialogporten.WebApi/OpenApiDocumentExtensions.cs index 384199f89..9dc187e41 100644 --- a/src/Digdir.Domain.Dialogporten.WebApi/OpenApiDocumentExtensions.cs +++ b/src/Digdir.Domain.Dialogporten.WebApi/OpenApiDocumentExtensions.cs @@ -6,6 +6,24 @@ namespace Digdir.Domain.Dialogporten.WebApi; public static class OpenApiDocumentExtensions { + /// + /// To have this be validated in BlackDuck, we need to lower case the bearer scheme name. + /// From editor.swagger.io: + /// Structural error at components.securitySchemes.JWTBearerAuth + /// should NOT have a `bearerFormat` property without `scheme: bearer` being set + /// + /// + public static void FixJwtBearerCasing(this OpenApiDocument openApiDocument) + { + foreach (var securityScheme in openApiDocument.Components.SecuritySchemes.Values) + { + if (securityScheme.Scheme.Equals("Bearer", StringComparison.Ordinal)) + { + securityScheme.Scheme = "bearer"; + } + } + } + /// /// When generating ProblemDetails and ProblemDetails_Error, there is a bug/weird behavior in NSwag or FastEndpoints /// which results in certain 'Description' properties being generated when running on f.ex. MacOS, diff --git a/src/Digdir.Domain.Dialogporten.WebApi/Program.cs b/src/Digdir.Domain.Dialogporten.WebApi/Program.cs index 5185cc8cf..21433a66e 100644 --- a/src/Digdir.Domain.Dialogporten.WebApi/Program.cs +++ b/src/Digdir.Domain.Dialogporten.WebApi/Program.cs @@ -201,6 +201,7 @@ static void BuildAndRun(string[] args, TelemetryConfiguration telemetryConfigura document.Generator = null; document.ReplaceProblemDetailsDescriptions(); document.MakeCollectionsNullable(); + document.FixJwtBearerCasing(); }; }, uiConfig => { diff --git a/src/Digdir.Tool.Dialogporten.Benchmarks/Digdir.Tool.Dialogporten.Benchmarks.csproj b/src/Digdir.Tool.Dialogporten.Benchmarks/Digdir.Tool.Dialogporten.Benchmarks.csproj index 7a3ea8bd5..291f1a9dc 100644 --- a/src/Digdir.Tool.Dialogporten.Benchmarks/Digdir.Tool.Dialogporten.Benchmarks.csproj +++ b/src/Digdir.Tool.Dialogporten.Benchmarks/Digdir.Tool.Dialogporten.Benchmarks.csproj @@ -6,7 +6,7 @@ - + diff --git a/tests/Digdir.Domain.Dialogporten.Application.Integration.Tests/Digdir.Domain.Dialogporten.Application.Integration.Tests.csproj b/tests/Digdir.Domain.Dialogporten.Application.Integration.Tests/Digdir.Domain.Dialogporten.Application.Integration.Tests.csproj index 8907b1cf5..06df06b6c 100644 --- a/tests/Digdir.Domain.Dialogporten.Application.Integration.Tests/Digdir.Domain.Dialogporten.Application.Integration.Tests.csproj +++ b/tests/Digdir.Domain.Dialogporten.Application.Integration.Tests/Digdir.Domain.Dialogporten.Application.Integration.Tests.csproj @@ -11,7 +11,7 @@ - + diff --git a/tests/Digdir.Domain.Dialogporten.Application.Unit.Tests/Digdir.Domain.Dialogporten.Application.Unit.Tests.csproj b/tests/Digdir.Domain.Dialogporten.Application.Unit.Tests/Digdir.Domain.Dialogporten.Application.Unit.Tests.csproj index f01c3c17c..002f7ea39 100644 --- a/tests/Digdir.Domain.Dialogporten.Application.Unit.Tests/Digdir.Domain.Dialogporten.Application.Unit.Tests.csproj +++ b/tests/Digdir.Domain.Dialogporten.Application.Unit.Tests/Digdir.Domain.Dialogporten.Application.Unit.Tests.csproj @@ -10,7 +10,7 @@ all runtime; build; native; contentfiles; analyzers; buildtransitive - + diff --git a/tests/Digdir.Domain.Dialogporten.Architecture.Tests/Digdir.Domain.Dialogporten.Architecture.Tests.csproj b/tests/Digdir.Domain.Dialogporten.Architecture.Tests/Digdir.Domain.Dialogporten.Architecture.Tests.csproj index d400b3da9..c7b365548 100644 --- a/tests/Digdir.Domain.Dialogporten.Architecture.Tests/Digdir.Domain.Dialogporten.Architecture.Tests.csproj +++ b/tests/Digdir.Domain.Dialogporten.Architecture.Tests/Digdir.Domain.Dialogporten.Architecture.Tests.csproj @@ -7,7 +7,7 @@ - +