Sync 6.1.0 (#38)

* Bump dep version * Remove javamail and replace with simple-java-mail * WIP * Remove print * Remove bean override * Bump version * Add broken test * Update for new style of container bean * Bump for new version * Update to 5.6.0-PRE7_NIH-SNAPSHOT and activate advanced index * Disable default flyway processing * Add local_base_urls configuration to feed DaoConfig.setTreatBaseUrlsAsLocal() * Added OpenAPI / Swagger option * Upgraded to 5.6.0 Subscription tests fail ... * Bumped version of Spring Boot in order to fix same issue as jmix-projects/jmix-security#90 * Update application.yaml See hapifhir#292 * documented use of Values.extraEnv * added options for specifying a PodDisruptionBudget * simplified chart release workflow the Ubuntu runner base image already includes Helm 3.7.0 * Support HTTPS * Use default application.yaml * registering ValueSetOperationProvider * Upgrade to 5.7.0-PRE4-SNAPSHOT for testing * Share elasticsearch configuration * Fixed compile issues * Fix misconfiguration modelConfig is part of DaoConfig and should not have a separate lifecycle. * Bump to 5.7.0-PRE8-SNAPSHOT * Typo fix in README * Add configuration flag to enable storing of resources in lucene index (hapifhir#304) * Add configuration flag to enable storing of resources in lucene index * Fix build issue * Fix code review suggestions Co-authored-by: Jaison B <jaison.baskaran@smilecdr.com> * Add ES native aggregation builder for lastN * Revert "Add ES native aggregation builder for lastN" This reverts commit 5312f78. * bump version * Update for 5.7.x changes * Fix h2 dialect, replace mail dep * Bump postgresql from 42.2.23 to 42.2.25 Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.2.23 to 42.2.25. - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.2.23...REL42.2.25) --- updated-dependencies: - dependency-name: org.postgresql:postgresql dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * bump Hapi PRE version * Bump to Hapi 6.0-SNAPSHOT and register the ValueSet provider. * Version bump to 5.7.0 and a few other components now draw the version from parent * Update application.yaml Momentarily added `allow-circular-references: true` * bump to real version * Bump version * Remove search coord thread pool * Added instructions about removing Hibernate dialect To fix the problem raised in [this](hapifhir#318) issue. * Bump HAPI-FHIR version * Move to newlines * fix to work with latest hapi-fhir * Feature/update docker support (hapifhir#319) * Updated docker image according to discussion on hapifhir#305 * Added doc * Added corrections according to comments * Update Dockerfile * Update build-images.yaml Updated to default to distroless * add dao_scheduling_enabled configuration property (hapifhir#324) * added reindexProvider to Config (hapifhir#326) * Update application.yaml * Update application.yaml Roll back - mistake from my side * Bump hapi-fhir version to 'PRE5' (hapifhir#329) * Add actuator * Bump to PRE8 * disable springboot actuator endpoints other than 'health' for security reasons (hapifhir#338) Co-authored-by: Craig McClendon <craig.mcclendon@accenture.com> * Bump to PRE9 * Update application.yaml (hapifhir#345) * add support for ms sql server (hapifhir#347) * Fix comments in Demo that lead to 404 (hapifhir#348) Co-authored-by: dotasek <david.otasek@smilecdr.com> * updated helm chart to use v5.7.0 and latest PostgreSQL sub-chart (hapifhir#346) * Update application.yaml Reverted to sane defaults * Bump to PRE10 * Updated to HAPI FHIR version 5.7.2 (hapifhir#349) * Revert accidental default activation of experimental lucene indexing * Add disclaimer for advanced_lucene_indexing added warning to advanced_lucene_indexing: false property * Bump to hapi PRE11 * Expose Prometheus metrics (hapifhir#355) * Add: of-type modifier option in application.yaml (hapifhir#363) Co-authored-by: Alejandro Medina <amedina@cens.cl> * Fix applying supported_resource_types option with list that already includes SearchParameter (hapifhir#365) * Bump pom and minimum java version * Bump ES version * hibernate search application properties updates. * make lastN test pass * Remove value set provider as it causes a boot failure without lucene * Fix reindex provider * Bump java version for test * Bump to pre-01 * fix build * Re-add valuesetoperation provider * Disable lucene by default * Re-add valueset operation provider * adding smoke test files * adding base documentation * wip * Update src/test/smoketest/SMOKE_TEST.md Co-authored-by: Ken Stevens <khstevens@gmail.com> * Update src/test/smoketest/SMOKE_TEST.md Co-authored-by: Ken Stevens <khstevens@gmail.com> * Update src/test/smoketest/SMOKE_TEST.md Co-authored-by: Ken Stevens <khstevens@gmail.com> * bumping to non-snapshot version (hapifhir#377) * updated helm chart to use latest v6.0.1 version of the image (hapifhir#382) * updated helm chart to use latest v6.0.1 version of the image * updated workflow to run against multiple k8s versions * Tracking branch for 6.1 pre-releases. * add BinaryAccessProvider to BaseJpaRestfulServer * Update to 6.1.0-PRE3-SNAPSHOT * Update src/main/java/ca/uhn/fhir/jpa/starter/BaseJpaRestfulServer.java Co-authored-by: Kevin Dougan SmileCDR <72025369+KevinDougan-SmileCDR@users.noreply.github.com> * Adjust for hapi-fhir namespace changes and version * Adjust version to include new hapi-fhir HSearch fast path feature * Bump hapi PRE * Update to PRE16 * Adjust configuration class name to HAPI-FHIR HSearch namespace consolidation. Add commented out sample properties for lucene and elastic. Move batch.job.enabled property under spring: prefix to have it considered. * Bump to release * Add missing bean * Added custom property file * SAP-1596 Updated custom property file to read values from env * SAP-1687 Updated code to allow metadata request for server healthcheck (#7) Co-authored-by: Shubham Parikh * DEV-769: Update from upstream branch (#9) * Adding environment variables to override hapi properties file settings * Only override existing hapi properties with env ones * Start Release branch for 5.1.0 * Add property for multitenancy * Get test passing * Add repo * Bump to current release * Rework the JPA server class a bit * Updating Dockerfile to use context code instead of re-cloning the hapi-fhir-jpaserver-starter project. Still re-builds the base hapi libraries, though. * Adding .dockerignore file to improve the efficiency of docker builds * Added support for configurable client ID strategy * Bump mysql-connector-java from 8.0.11 to 8.0.16 Bumps [mysql-connector-java](https://github.com/mysql/mysql-connector-j) from 8.0.11 to 8.0.16. - [Release notes](https://github.com/mysql/mysql-connector-j/releases) - [Changelog](https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES) - [Commits](mysql/mysql-connector-j@8.0.11...8.0.16) Signed-off-by: dependabot[bot] <support@github.com> * Resolve some compile errors * Fix EMPI rules json * Have EmpiSettings actually return an EmpiSettings bean * Update readme * Remove dead space * Update property * Update README to include Docker info * Prepare for release * Merge master * Removing commands from Dockerfile that clone and build the core hapi-fhir libraries since it is not required for building hapi-fhir-jpaserver-starter; it pulls the core libraries from the maven repo regardless. * Combining base Dockerfile with main dockerfile so that there is a single image related to hapi-jpaserver-starter * Update Dockerfile Added caching of maven dependency resolving * Fix hapifhir#122 - EMPI error on startup when EMPI not enabled Co-authored-by: Peter Micuch <peter.micuch@siemens-healthineers.com> Co-authored-by: Vladimir Nemergut <vladimir.nemergut@siemens-healthineers.com> Co-authored-by: jamesagnew <jamesagnew@gmail.com> Co-authored-by: Sean McIlvenna <sean.mcilvenna@lantanagroup.com> Co-authored-by: jvi <jvi@trifork.com> Co-authored-by: Sean McIlvenna <seanmcilvenna@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tadgh <garygrantgraham@gmail.com> Co-authored-by: Tadgh <tadgh@cs.toronto.edu> Co-authored-by: Ken Stevens <khstevens@gmail.com> Co-authored-by: Jens Kristian Villadsen <46567685+jvitrifork@users.noreply.github.com> * BT-80 Updated code to allow header x-api-key * Updated docker compose file with required env variables * SAP-1656 Added enabled parameter for webservlet to enable/disable webapp (#4) Co-authored-by: Shubham Parikh <sparikh@heaptrace.com> * DEV-769: Update from upstream branch (#9) * Adding environment variables to override hapi properties file settings * Only override existing hapi properties with env ones * Start Release branch for 5.1.0 * Add property for multitenancy * Get test passing * Add repo * Bump to current release * Rework the JPA server class a bit * Updating Dockerfile to use context code instead of re-cloning the hapi-fhir-jpaserver-starter project. Still re-builds the base hapi libraries, though. * Adding .dockerignore file to improve the efficiency of docker builds * Added support for configurable client ID strategy * Bump mysql-connector-java from 8.0.11 to 8.0.16 Bumps [mysql-connector-java](https://github.com/mysql/mysql-connector-j) from 8.0.11 to 8.0.16. - [Release notes](https://github.com/mysql/mysql-connector-j/releases) - [Changelog](https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES) - [Commits](mysql/mysql-connector-j@8.0.11...8.0.16) Signed-off-by: dependabot[bot] <support@github.com> * Resolve some compile errors * Fix EMPI rules json * Have EmpiSettings actually return an EmpiSettings bean * Update readme * Remove dead space * Update property * Update README to include Docker info * Prepare for release * Merge master * Removing commands from Dockerfile that clone and build the core hapi-fhir libraries since it is not required for building hapi-fhir-jpaserver-starter; it pulls the core libraries from the maven repo regardless. * Combining base Dockerfile with main dockerfile so that there is a single image related to hapi-jpaserver-starter * Update Dockerfile Added caching of maven dependency resolving * Fix hapifhir#122 - EMPI error on startup when EMPI not enabled Co-authored-by: Peter Micuch <peter.micuch@siemens-healthineers.com> Co-authored-by: Vladimir Nemergut <vladimir.nemergut@siemens-healthineers.com> Co-authored-by: jamesagnew <jamesagnew@gmail.com> Co-authored-by: Sean McIlvenna <sean.mcilvenna@lantanagroup.com> Co-authored-by: jvi <jvi@trifork.com> Co-authored-by: Sean McIlvenna <seanmcilvenna@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tadgh <garygrantgraham@gmail.com> Co-authored-by: Tadgh <tadgh@cs.toronto.edu> Co-authored-by: Ken Stevens <khstevens@gmail.com> Co-authored-by: Jens Kristian Villadsen <46567685+jvitrifork@users.noreply.github.com> * Updated code to read url pattern from environment. (#10) * BT-140 set legacy sql builder based on hibernate to true * BT-96 Added OAuth support * BT-96 Fixed indentation * BT-96 Fixed spacing * BT-96 Removed unwanted filed * Changes in code as per PR suggestions * added rest security extension in metadata * code refactor * Updated PR as per suggestions * Updated README.md file to run the app with custom property file & env variables * Updated PR as per suggestions * Added user role validation in Oauth * code refactor * Updated code for using single oauth user role * Updated code as per PR suggestions * Updated code as pr PR siggestions * Added suppoet of delete operation to admin only * Refactored code * Added custom search narrowing filter * Updated code to work with oauth disabled * Updated code to get claim name from environment * change claim name env varible to proper name * Updated code to use hard-coded claim name * Changed custom mapper claim name to patient from subject * Added rule builder to filter resources * code refactor * Update CustomAuthorizationInterceptor.java * updated code to support operations on bundle resources * Added consent rule to allow patch request * Added oauth support for task resource * Updated code to make refrence check generic method * Updated method names * Updated code as per PR suggestions * Update code as per PR suggestion * Updated code as per PR * Added verification of clientId from token * Added basic authentication * Code refactor * Added username/password check while checking is basic auth enabled * Added custom property file * DEV-769: Update from upstream branch (#9) * Adding environment variables to override hapi properties file settings * Only override existing hapi properties with env ones * Start Release branch for 5.1.0 * Add property for multitenancy * Get test passing * Add repo * Bump to current release * Rework the JPA server class a bit * Updating Dockerfile to use context code instead of re-cloning the hapi-fhir-jpaserver-starter project. Still re-builds the base hapi libraries, though. * Adding .dockerignore file to improve the efficiency of docker builds * Added support for configurable client ID strategy * Bump mysql-connector-java from 8.0.11 to 8.0.16 Bumps [mysql-connector-java](https://github.com/mysql/mysql-connector-j) from 8.0.11 to 8.0.16. - [Release notes](https://github.com/mysql/mysql-connector-j/releases) - [Changelog](https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES) - [Commits](mysql/mysql-connector-j@8.0.11...8.0.16) Signed-off-by: dependabot[bot] <support@github.com> * Resolve some compile errors * Fix EMPI rules json * Have EmpiSettings actually return an EmpiSettings bean * Update readme * Remove dead space * Update property * Update README to include Docker info * Prepare for release * Merge master * Removing commands from Dockerfile that clone and build the core hapi-fhir libraries since it is not required for building hapi-fhir-jpaserver-starter; it pulls the core libraries from the maven repo regardless. * Combining base Dockerfile with main dockerfile so that there is a single image related to hapi-jpaserver-starter * Update Dockerfile Added caching of maven dependency resolving * Fix hapifhir#122 - EMPI error on startup when EMPI not enabled Co-authored-by: Peter Micuch <peter.micuch@siemens-healthineers.com> Co-authored-by: Vladimir Nemergut <vladimir.nemergut@siemens-healthineers.com> Co-authored-by: jamesagnew <jamesagnew@gmail.com> Co-authored-by: Sean McIlvenna <sean.mcilvenna@lantanagroup.com> Co-authored-by: jvi <jvi@trifork.com> Co-authored-by: Sean McIlvenna <seanmcilvenna@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tadgh <garygrantgraham@gmail.com> Co-authored-by: Tadgh <tadgh@cs.toronto.edu> Co-authored-by: Ken Stevens <khstevens@gmail.com> Co-authored-by: Jens Kristian Villadsen <46567685+jvitrifork@users.noreply.github.com> * Updated docker compose file with required env variables * Update docker-compose.yml Updated file as per suggestions * Added custom property file * SAP-1596 Updated custom property file to read values from env * SAP-1667 Added interceptor for authorization (#5) * SAP-1667 Added interceptor for authorization * SAP-1667 Removed unused space. * SAP-1667 Added newline at the end of the file. Co-authored-by: Shubham Parikh <> * DEV-769: Update from upstream branch (#9) * Adding environment variables to override hapi properties file settings * Only override existing hapi properties with env ones * Start Release branch for 5.1.0 * Add property for multitenancy * Get test passing * Add repo * Bump to current release * Rework the JPA server class a bit * Updating Dockerfile to use context code instead of re-cloning the hapi-fhir-jpaserver-starter project. Still re-builds the base hapi libraries, though. * Adding .dockerignore file to improve the efficiency of docker builds * Added support for configurable client ID strategy * Bump mysql-connector-java from 8.0.11 to 8.0.16 Bumps [mysql-connector-java](https://github.com/mysql/mysql-connector-j) from 8.0.11 to 8.0.16. - [Release notes](https://github.com/mysql/mysql-connector-j/releases) - [Changelog](https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES) - [Commits](mysql/mysql-connector-j@8.0.11...8.0.16) Signed-off-by: dependabot[bot] <support@github.com> * Resolve some compile errors * Fix EMPI rules json * Have EmpiSettings actually return an EmpiSettings bean * Update readme * Remove dead space * Update property * Update README to include Docker info * Prepare for release * Merge master * Removing commands from Dockerfile that clone and build the core hapi-fhir libraries since it is not required for building hapi-fhir-jpaserver-starter; it pulls the core libraries from the maven repo regardless. * Combining base Dockerfile with main dockerfile so that there is a single image related to hapi-jpaserver-starter * Update Dockerfile Added caching of maven dependency resolving * Fix hapifhir#122 - EMPI error on startup when EMPI not enabled Co-authored-by: Peter Micuch <peter.micuch@siemens-healthineers.com> Co-authored-by: Vladimir Nemergut <vladimir.nemergut@siemens-healthineers.com> Co-authored-by: jamesagnew <jamesagnew@gmail.com> Co-authored-by: Sean McIlvenna <sean.mcilvenna@lantanagroup.com> Co-authored-by: jvi <jvi@trifork.com> Co-authored-by: Sean McIlvenna <seanmcilvenna@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tadgh <garygrantgraham@gmail.com> Co-authored-by: Tadgh <tadgh@cs.toronto.edu> Co-authored-by: Ken Stevens <khstevens@gmail.com> Co-authored-by: Jens Kristian Villadsen <46567685+jvitrifork@users.noreply.github.com> * BT-96 Fixed spacing * BT-96 Removed unwanted filed * added rest security extension in metadata * code refactor * Update JpaRestfulServer.java * Updated PR as per suggestions * Added user role validation in Oauth * code refactor * Updated code for using single oauth user role * Updated code as per PR suggestions * Updated code as pr PR siggestions * Added custom search narrowing filter * Updated code to get claim name from environment * Added rule builder to filter resources * code refactor * Added oauth support for task resource * Added verification of clientId from token * Added hibernate physical_naming_strategy to use proper table names. * updated code to use url mapping from environment * Removed client id validation from oauth token * fixed indentation * Updated fork with upstream * Removed unwanted files * removed unwanted imports and files merged during rebase 6.1.0 * removed unwanted imports and files merged during rebase 6.1.0 * removed unwanted imports and files merged during rebase 6.1.0 * removed unwanted imports and files merged during rebase 6.1.0 * Updated application-custom.yaml * commented allow-bean-definition-overriding * Sync application-custom.yaml * commented unused hibernate settings Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Tadgh <garygrantgraham@gmail.com> Co-authored-by: Michael Buckley <michael.buckley@smilecdr.com> Co-authored-by: jkv <jenskristianvilladsen@gmail.com> Co-authored-by: chgl <chgl@users.noreply.github.com> Co-authored-by: ppalacin <patrick.palacin@i-atros.com> Co-authored-by: Ally Shaban <allyshaban5@gmail.com> Co-authored-by: Vadim Peretokin <vperetokin@hey.com> Co-authored-by: Jaison B <jaisonb@gmail.com> Co-authored-by: Jaison B <jaison.baskaran@smilecdr.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Werner <pa.f.werner@gmail.com> Co-authored-by: Håkan MacLean <hakan@maclean.se> Co-authored-by: Ken Stevens <khstevens@gmail.com> Co-authored-by: Joel Schneider (NMDP) <jschneid@nmdp.org> Co-authored-by: craig mcclendon <XcrigX@users.noreply.github.com> Co-authored-by: Craig McClendon <craig.mcclendon@accenture.com> Co-authored-by: dotasek <dotasek.dev@gmail.com> Co-authored-by: dotasek <david.otasek@smilecdr.com> Co-authored-by: michaelabuckley <michaelabuckley@gmail.com> Co-authored-by: Alejandro Medina <janol77@users.noreply.github.com> Co-authored-by: Alejandro Medina <amedina@cens.cl> Co-authored-by: Dennis Verspuij <6680484+dennisverspuij@users.noreply.github.com> Co-authored-by: markiantorno <markiantorno@gmail.com> Co-authored-by: Ibrohim Kholilul Islam <ibrohimislam@gmail.com> Co-authored-by: Ibrohim Kholilul Islam <ibrohimislam@users.noreply.github.com> Co-authored-by: Kevin Dougan SmileCDR <72025369+KevinDougan-SmileCDR@users.noreply.github.com> Co-authored-by: juan.marchionatto <juan.marchionatto@smilecdr.com> Co-authored-by: jmarchionatto <60409882+jmarchionatto@users.noreply.github.com> Co-authored-by: Shubham Parikh <sparikh@heaptrace.com> Co-authored-by: Hank Wallace <hwallace@elimu.io> Co-authored-by: Peter Micuch <peter.micuch@siemens-healthineers.com> Co-authored-by: Vladimir Nemergut <vladimir.nemergut@siemens-healthineers.com> Co-authored-by: jamesagnew <jamesagnew@gmail.com> Co-authored-by: Sean McIlvenna <sean.mcilvenna@lantanagroup.com> Co-authored-by: jvi <jvi@trifork.com> Co-authored-by: Sean McIlvenna <seanmcilvenna@users.noreply.github.com> Co-authored-by: Tadgh <tadgh@cs.toronto.edu> Co-authored-by: Jens Kristian Villadsen <46567685+jvitrifork@users.noreply.github.com> Co-authored-by: Shubham Parikh <sparikh@elimu.io> Co-authored-by: vpanhale <vsingh@elimu.io>
elimuinformatics · Dec 2, 2022 · 8790a8f · 8790a8f
1 parent 6cea37d
commit 8790a8f
Show file tree

Hide file tree

Showing 55 changed files with 1,740 additions and 851 deletions.
diff --git a/.github/workflows/build-images.yaml b/.github/workflows/build-images.yaml
@@ -19,25 +19,24 @@ jobs:
     name: Build
     runs-on: ubuntu-20.04
     steps:
-      - name: Docker meta
+      - name: Container meta for default (distroless) image
         id: docker_meta
         uses: docker/metadata-action@v3
         with:
           images: ${{ env.IMAGES }}
           tags: |
             type=match,pattern=image-(.*),group=1,enable=${{github.event_name != 'pull_request'}}
-            type=sha
+           
 
-      - name: Docker distroless meta
-        id: docker_distroless_meta
+      - name: Container meta for tomcat image
+        id: docker_tomcat_meta
         uses: docker/metadata-action@v3
         with:
           images: ${{ env.IMAGES }}
           tags: |
             type=match,pattern=image-(.*),group=1,enable=${{github.event_name != 'pull_request'}}
-            type=sha
           flavor: |
-            suffix=-distroless,onlatest=true
+            suffix=-tomcat,onlatest=true
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
@@ -60,7 +59,7 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-buildx-
 
-      - name: Build and push
+      - name: Build and push default (distroless) image
         id: docker_build
         uses: docker/build-push-action@v2
         with:
@@ -70,15 +69,16 @@ jobs:
           tags: ${{ steps.docker_meta.outputs.tags }}
           labels: ${{ steps.docker_meta.outputs.labels }}
           platforms: ${{ env.PLATFORMS }}
+          target: default
 
-      - name: Build and push distroless
-        id: docker_build_distroless
+      - name: Build and push tomcat image
+        id: docker_build_tomcat
         uses: docker/build-push-action@v2
         with:
           cache-from: type=local,src=/tmp/.buildx-cache
           cache-to: type=local,dest=/tmp/.buildx-cache
           push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.docker_distroless_meta.outputs.tags }}
-          labels: ${{ steps.docker_distroless_meta.outputs.labels }}
+          tags: ${{ steps.docker_tomcat_meta.outputs.tags }}
+          labels: ${{ steps.docker_tomcat_meta.outputs.labels }}
           platforms: ${{ env.PLATFORMS }}
-          target: release-distroless
+          target: tomcat
diff --git a/.github/workflows/chart-release.yaml b/.github/workflows/chart-release.yaml
@@ -21,11 +21,6 @@ jobs:
           git config user.name "$GITHUB_ACTOR"
           git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
 
-      - name: Install Helm
-        uses: azure/setup-helm@v1
-        with:
-          version: v3.7.0
-
       - name: Add bitnami repo
         run: helm repo add bitnami https://charts.bitnami.com/bitnami
 

diff --git a/.github/workflows/chart-test.yaml b/.github/workflows/chart-test.yaml
@@ -15,7 +15,7 @@ jobs:
       - name: Install helm-docs
         working-directory: /tmp
         env:
-          HELM_DOCS_URL: https://github.com/norwoodj/helm-docs/releases/download/v1.5.0/helm-docs_1.5.0_Linux_x86_64.tar.gz
+          HELM_DOCS_URL: https://github.com/norwoodj/helm-docs/releases/download/v1.9.1/helm-docs_1.9.1_Linux_x86_64.tar.gz
         run: |
           curl -LSs $HELM_DOCS_URL | tar xz && \
           mv ./helm-docs /usr/local/bin/helm-docs && \
@@ -35,21 +35,19 @@ jobs:
 
   test:
     runs-on: ubuntu-20.04
+    strategy:
+      matrix:
+        k8s-version: [1.22.9, 1.23.6, 1.24.1]
     needs:
       - lint
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
-      - name: Set up Helm
-        uses: azure/setup-helm@v1
-        with:
-          version: v3.7.0
-
       - name: Set up chart-testing
-        uses: helm/chart-testing-action@v2.1.0
+        uses: helm/chart-testing-action@v2.2.1
 
       - name: Run chart-testing (list-changed)
         id: list-changed
@@ -62,6 +60,10 @@ jobs:
       - name: Create k8s Kind Cluster
         uses: helm/kind-action@v1.2.0
         if: steps.list-changed.outputs.changed == 'true'
+        with:
+          version: v0.14.0
+          cluster_name: kind-cluster-k8s-${{ matrix.k8s-version }}
+          node_image: kindest/node:v${{ matrix.k8s-version }}
 
       - name: Run chart-testing (install)
         run: ct install --config .github/ct/config.yaml

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
@@ -17,9 +17,9 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
-    - name: Set up JDK 11
+    - name: Set up JDK 17
       uses: actions/setup-java@v1
       with:
-        java-version: 11
+        java-version: 17
     - name: Build with Maven
       run: mvn -B package --file pom.xml
diff --git a/Dockerfile b/Dockerfile
@@ -1,33 +1,43 @@
-FROM maven:3.8.2-jdk-11-slim as build-hapi
-WORKDIR /usr/src/app/hapi-fhir-jpaserver-starter
+FROM maven:3.8-openjdk-17-slim as build-hapi
+WORKDIR /tmp/hapi-fhir-jpaserver-starter
 
 COPY pom.xml .
 COPY server.xml .
 RUN mvn -ntp dependency:go-offline
 
-COPY src/ /usr/src/app/hapi-fhir-jpaserver-starter/src/
-RUN mvn clean install -DskipTests
+COPY src/ /tmp/hapi-fhir-jpaserver-starter/src/
+RUN mvn clean install -DskipTests -Djdk.lang.Process.launchMechanism=vfork
 
 FROM build-hapi AS build-distroless
 RUN mvn package spring-boot:repackage -Pboot
-RUN mkdir /app && \
-    cp /usr/src/app/hapi-fhir-jpaserver-starter/target/ROOT.war /app/main.war
+RUN mkdir /app && cp /tmp/hapi-fhir-jpaserver-starter/target/ROOT.war /app/main.war
 
-FROM gcr.io/distroless/java-debian11:11 AS release-distroless
+
+########### bitnami tomcat version is suitable for debugging and comes with a shell
+########### it can be built using eg. `docker build --target tomcat .`
+FROM bitnami/tomcat:9.0 as tomcat
+
+RUN rm -rf /opt/bitnami/tomcat/webapps/ROOT && \
+    rm -rf /opt/bitnami/tomcat/webapps_default/ROOT && \
+    mkdir -p /opt/bitnami/hapi/data/hapi/lucenefiles && \
+    chmod 775 /opt/bitnami/hapi/data/hapi/lucenefiles
+
+USER root
+RUN mkdir -p /target && chown -R 1001:1001 target
+USER 1001
+
+COPY --chown=1001:1001 catalina.properties /opt/bitnami/tomcat/conf/catalina.properties
+COPY --chown=1001:1001 server.xml /opt/bitnami/tomcat/conf/server.xml
+COPY --from=build-hapi --chown=1001:1001 /tmp/hapi-fhir-jpaserver-starter/target/ROOT.war /opt/bitnami/tomcat/webapps_default/ROOT.war
+
+ENV ALLOW_EMPTY_PASSWORD=yes
+
+########### distroless brings focus on security and runs on plain spring boot - this is the default image
+FROM gcr.io/distroless/java17:nonroot as default
 COPY --chown=nonroot:nonroot --from=build-distroless /app /app
 # 65532 is the nonroot user's uid
 # used here instead of the name to allow Kubernetes to easily detect that the container
 # is running as a non-root (uid != 0) user.
 USER 65532:65532
 WORKDIR /app
 CMD ["/app/main.war"]
-
-FROM tomcat:9.0.53-jdk11-openjdk-slim-bullseye
-
-RUN mkdir -p /data/hapi/lucenefiles && chmod 775 /data/hapi/lucenefiles
-COPY --from=build-hapi /usr/src/app/hapi-fhir-jpaserver-starter/target/*.war /usr/local/tomcat/webapps/
-
-COPY catalina.properties /usr/local/tomcat/conf/catalina.properties
-COPY server.xml /usr/local/tomcat/conf/server.xml
-
-CMD ["catalina.sh", "run"]
diff --git a/README.md b/README.md
@@ -291,7 +291,7 @@ You can use a custom property file that utilizes environment variables for many
 -e OAUTH_ENABLED=<true/false> \
 -e OAUTH_URL=<oauth_server_url> \
 -e reuse_cached_search_results_millis=<milliseconds_value_to_reuse_cached_search_results> \
--e spring.config.location='</usr/local/tomcat/webapps/ROOT/WEB-INF/classes/application-custom.yaml>' \
+-e spring.config.location='<classpath:/application-custom.yaml>' \
 -e subscription.resthook.enabled=<true/false> \
 -e subscription.websocket.enabled=<true/false> \
 -e url_pattern=</fhir/*> \
@@ -316,6 +316,13 @@ spring:
     password: admin
     driverClassName: com.mysql.jdbc.Driver
 ```
+
+Also, make sure you are not setting the Hibernate dialect explicitly, in other words remove any lines similar to:
+
+```
+hibernate.dialect: {some none MySQL dialect}
+```
+
 On some systems, it might be necessary to override hibernate's default naming strategy. The naming strategy must be set using spring.jpa.hibernate.physical_naming_strategy. 
 
 ```yaml
@@ -342,6 +349,26 @@ spring:
 
 Because the integration tests within the project rely on the default H2 database configuration, it is important to either explicity skip the integration tests during the build process, i.e., `mvn install -DskipTests`, or delete the tests altogether. Failure to skip or delete the tests once you've configured PostgreSQL for the datasource.driver, datasource.url, and hibernate.dialect as outlined above will result in build errors and compilation failure.
 
+### Microsoft SQL Server configuration
+
+To configure the starter app to use MS SQL Server, instead of the default H2, update the application.yaml file to have the following:
+
+```yaml
+spring:
+  datasource:
+    url: 'jdbc:sqlserver://<server>:<port>;databaseName=<databasename>'
+    username: admin
+    password: admin
+    driverClassName: com.microsoft.sqlserver.jdbc.SQLServerDriver
+```
+
+
+Because the integration tests within the project rely on the default H2 database configuration, it is important to either explicity skip the integration tests during the build process, i.e., `mvn install -DskipTests`, or delete the tests altogether. Failure to skip or delete the tests once you've configured PostgreSQL for the datasource.driver, datasource.url, and hibernate.dialect as outlined above will result in build errors and compilation failure.
+
+
+NOTE: MS SQL Server by default uses a case-insensitive codepage. This will cause errors with some operations - such as when expanding case-sensitive valuesets (UCUM) as there are unique indexes defined on the terminology tables for codes. 
+It is recommended to deploy a case-sensitive database prior to running HAPI FHIR when using MS SQL Server to avoid these and potentially other issues. 
+
 ## Customizing The Web Testpage UI
 
 The UI that comes with this server is an exact clone of the server available at [http://hapi.fhir.org](http://hapi.fhir.org). You may skin this UI if you'd like. For example, you might change the introductory text or replace the logo with your own.
@@ -406,6 +433,8 @@ spring:
     driverClassName: com.mysql.jdbc.Driver
 ```
 
+Also, make sure you are not setting the Hibernate Dialect explicitly, see more details in the section about MySQL.
+
 ## Running hapi-fhir-jpaserver directly from IntelliJ as Spring Boot
 Make sure you run with the maven profile called ```boot``` and NOT also ```jetty```. Then you are ready to press debug the project directly without any extra Application Servers.
 
@@ -465,6 +494,7 @@ Set `hapi.fhir.mdm_enabled=true` in the [application.yaml](https://github.com/ha
 
 Set `empi.enabled=true` in the [hapi.properties](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/hapi.properties) file to enable EMPI on this server.  The EMPI matching rules are configured in [empi-rules.json](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/empi-rules.json).  The rules in this example file should be replaced with actual matching rules appropriate to your data. Note that EMPI relies on subscriptions, so for EMPI to work, subscriptions must be enabled. 
 
+
 ## Enabling EMPI
 
 Set `empi.enabled=true` in the [hapi.properties](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/hapi.properties) file to enable EMPI on this server.  The EMPI matching rules are configured in [empi-rules.json](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/empi-rules.json).  The rules in this example file should be replaced with actual matching rules appropriate to your data. Note that EMPI relies on subscriptions, so for EMPI to work, subscriptions must be enabled. 
@@ -489,10 +519,14 @@ elasticsearch.schema_management_strategy=CREATE
 
 Set `hapi.fhir.lastn_enabled=true` in the [application.yaml](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/application.yaml) file to enable the $lastn operation on this server.  Note that the $lastn operation relies on Elasticsearch, so for $lastn to work, indexing must be enabled using Elasticsearch.
 
+## Enabling Resource to be stored in Lucene Index
+
+Set `hapi.fhir.store_resource_in_lucene_index_enabled` in the [application.yaml](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/application.yaml) file to enable storing of resource json along with Lucene/Elasticsearch index mappings.
+
 ## Changing cached search results time
 
-It is possible to change the cached search results time. The option `reuse_cached_search_results_millis` in the [application.yaml] is 6000 miliseconds by default.
-Set `reuse_cached_search_results_millis: -1` in the [application.yaml] file to ignore the cache time every search. 
+It is possible to change the cached search results time. The option `reuse_cached_search_results_millis` in the [application.yaml](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/application.yaml) is 6000 miliseconds by default.
+Set `reuse_cached_search_results_millis: -1` in the [application.yaml](https://github.com/hapifhir/hapi-fhir-jpaserver-starter/blob/master/src/main/resources/application.yaml) file to ignore the cache time every search. 
 
 ## Build the distroless variant of the image (for lower footprint and improved security)
 
@@ -503,7 +537,7 @@ using the `gcr.io/distroless/java-debian10:11` base image:
 docker build --target=release-distroless -t hapi-fhir:distroless .
 ```
 
-Note that distroless images are also automatically build and pushed to the container registry,
+Note that distroless images are also automatically built and pushed to the container registry,
 see the `-distroless` suffix in the image tags.
 
 ## Adding custom operations

diff --git a/charts/hapi-fhir-jpaserver/Chart.lock b/charts/hapi-fhir-jpaserver/Chart.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: postgresql
   repository: https://charts.bitnami.com/bitnami
-  version: 10.12.2
-digest: sha256:38ee315eae1af3e3f6eb20e1dd8ffd60d4ab7ee0c51bf26941b56c8bcb376c11
-generated: "2021-10-07T00:19:18.9743522+02:00"
+  version: 11.6.2
+digest: sha256:1b96efc47b5dbe28bf34bcb694697325f3d2755a39ce2f1c371b2c9de9fac9d3
+generated: "2022-06-03T11:48:19.1684784+02:00"
diff --git a/charts/hapi-fhir-jpaserver/Chart.yaml b/charts/hapi-fhir-jpaserver/Chart.yaml
@@ -7,17 +7,39 @@ sources:
   - https://github.com/hapifhir/hapi-fhir-jpaserver-starter
 dependencies:
   - name: postgresql
-    version: 10.12.2
+    version: 11.6.2
     repository: https://charts.bitnami.com/bitnami
     condition: postgresql.enabled
+appVersion: v6.0.1
+version: 0.9.0
 annotations:
   artifacthub.io/license: Apache-2.0
-  artifacthub.io/prerelease: "true"
   artifacthub.io/changes: |
     # When using the list of objects option the valid supported kinds are
     # added, changed, deprecated, removed, fixed, and security.
     - kind: changed
       description: |
-        updated HAPI FHIR starter image to 5.5.1
-appVersion: v5.5.1
-version: 0.6.0
+        BREAKING CHANGE: updated HAPI FHIR starter image to v6.0.1.
+        See <https://github.com/hapifhir/hapi-fhir/releases/tag/v6.0.0> for all application changes.
+    - kind: changed
+      description: |
+        updated included PostgreSQL-subchart to v11.6.2
+    - kind: fixed
+      description: |
+        use a fixed image for the wait-for-database container (docker.io/bitnami/postgresql:14.3.0-debian-10-r20)
+        instead of relying on the PostgreSQL sub-chart values
+    - kind: changed
+      description: |
+        expose actuator/metrics endpoint on a separate port (8081)
+    - kind: added
+      description: |
+        support for monitoring metrics using ServiceMonitor CRDs
+    - kind: changed
+      description: |
+        switched liveness and readiness probes to Spring Boot actuator endpoints
+    - kind: changed
+      description: |
+        BREAKING CHANGE: removed included `NetworkPolicy`, which is subject to more thorough rework
+    - kind: added
+      description: |
+        allow configuring `topologySpreadConstraints` for the deployment