DT-732 Markups

* Add note to Readme
* Update comment in build.gradle.kts
* Move LDAP bind inside LdapServiceUserBind span

auth-service/README.md

@@ -6,7 +6,7 @@
 * Forward localhost:2636 to port 636 of the test environment Active Directory,
   see the delta-common-infrastructure repository for details of the bastion host,
   and delta for port forwarding commands
-* Copy `.env.template` to `.env` and fill it in as instructed in that file
+* Copy `.env.template` to `.env` and fill in the uncommented variables as instructed in that file
 * Postgres, by default on port 5438, use `docker compose up -d`
 * Add LDAPS CA certificate to your certificate store (we have to use LDAPS for password resets)
     * Run this on your local machine. The `keytool` command will need to be run as admin (Windows) or with sudo (MacOS).
@@ -35,7 +35,7 @@ below image for an example)
 Set the `io.ktor.development` property to `true` (`-Dio.ktor.development=true` JVM arg) to enable development mode (
 faster restarts, reloading of templates).
 
-## Tests
+### Tests
 
 * `./gradlew test`
 * Postgres must be running
@@ -55,7 +55,7 @@ or in PowerShell
 Note that Gradle will still say "EXECUTING", but the logs say "Application started" the app will be running on port 8088.
 The `io.ktor.development` property is automatically set when using gradle run.
 
-### With metrics
+### Metrics
 
 To run locally with AWS metrics set the `AUTH_METRICS_NAMESPACE` and start the app with AWS credentials.
 For example:
@@ -64,6 +64,15 @@ For example:
 AUTH_METRICS_NAMESPACE="localYourName/AuthService" aws-vault exec <profile> -- ./gradlew run
 ```
 
+### Tracing
+
+Tracing is disabled locally by default, to enable it uncomment and fill in the values in .env.template,
+then start the collector.
+
+```shell
+docker compose --profile tracing up
+```
+
 ### Migrations
 
 Database migrations are run automatically when the database connection is first initialised by the app.

auth-service/build.gradle.kts

@@ -87,7 +87,7 @@ dependencies {
     testImplementation("io.ktor:ktor-client-mock:$ktorVersion")
     testImplementation("io.mockk:mockk:1.13.11")
 
-    // OpenTelemetry
+    // Tracing - sending traces to AWS X-Ray via OpenTelemetry
     api(platform("io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha:2.4.0-alpha"))
     implementation("io.opentelemetry:opentelemetry-api")
     implementation("io.opentelemetry:opentelemetry-sdk")

auth-service/src/main/kotlin/uk/gov/communities/delta/auth/Routing.kt

@@ -4,6 +4,7 @@ import io.ktor.http.*
 import io.ktor.server.application.*
 import io.ktor.server.auth.*
 import io.ktor.server.http.content.*
+import io.ktor.server.plugins.cors.routing.*
 import io.ktor.server.plugins.ratelimit.*
 import io.ktor.server.response.*
 import io.ktor.server.routing.*

auth-service/src/main/kotlin/uk/gov/communities/delta/auth/services/LdapServiceUserBind.kt

@@ -21,17 +21,20 @@ class LdapServiceUserBind(
             callsInPlace(block, InvocationKind.AT_MOST_ONCE)
         }
         return withContext(Dispatchers.IO) {
-            val ctx = ldapRepository.bind(
-                ldapConfig.authServiceUserDn,
-                ldapConfig.authServiceUserPassword,
-                poolConnection = true
-            )
             val span = ldapSpanFactory("AD-ldap-service-user").startSpan()
             val scope = span.makeCurrent()
             try {
-                block(ctx)
+                val ctx = ldapRepository.bind(
+                    ldapConfig.authServiceUserDn,
+                    ldapConfig.authServiceUserPassword,
+                    poolConnection = true
+                )
+                try {
+                    block(ctx)
+                } finally {
+                    ctx.close()
+                }
             } finally {
-                ctx.close()
                 scope.close()
                 span.end()
             }