Exchange configuration overhaul.

.github/workflows/build-push.yml

@@ -7,8 +7,9 @@ on:
   push:
     branches:
       - master
-      - v2.87
+      - v2.122
       - v2.110
+      - v2.87
 
 # Variables available to all jobs
 env:
@@ -23,7 +24,7 @@ jobs:
   # This job will build and then push to docker hub
   build-push:
     # The type of runner the job will run on
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
 
     steps:
       # Ensure that the repo variables and secrets are set before running any other steps

.github/workflows/dependency-graph.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - master
+      - v2.122
       - v2.110
       - v2.87
 jobs:

.github/workflows/run-tests.yml

@@ -4,8 +4,9 @@ on:
   pull_request:
     branches:
       - master
-      - v2.87
+      - v2.122
       - v2.110
+      - v2.87
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
@@ -14,34 +15,40 @@ jobs:
     # The type of runner that the job will run on
     runs-on: ubuntu-latest
     env:
-      GOPATH: /home/runner/work/anax/anax/go
       DEBIAN_FRONTEND: noninteractive
       DOCKER_NETWORK: exchange-api-network
       DOCKER_REGISTRY: openhorizon
-      EXCHANGE_FE_HEADER: issuer
-      EXCHANGE_ROOTPW: ci-password
-      POSTGRES_DB_NAME: exchange
-      POSTGRES_DB_PORT: 5432
-      POSTGRES_DB_USER: admin
+      EXCHANGE_DB_NAME: exchange
+      # ((Core Count * 2) + Spindle Count); Default is 20
+      EXCHANGE_DB_NUMTHREADS: 9
+      EXCHANGE_DB_PORT: 5432
+      EXCHANGE_DB_USER: admin
+      EXCHANGE_PEKKO_LOGLEVEL: debug
+      EXCHANGE_ROOT_PW: ci-password
+      GOPATH: /home/runner/work/anax/anax/go
+
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       - uses: actions/checkout@v3
+      - uses: coursier/cache-action@v6
 
       # Setup Scala
       # Comes from open source action: https://github.com/coursier/setup-action
       - name: Setup Scala
         uses: coursier/setup-action@v1
+        with:
+          jvm: adoptium:1.17
 
       - name: Create Docker Env
         run: |
           pwd
           java -version
           make docker-network
-          docker run -d -e POSTGRES_HOST_AUTH_METHOD=trust -e POSTGRES_DB=$POSTGRES_DB_NAME -e POSTGRES_USER=$POSTGRES_DB_USER --network $DOCKER_NETWORK --name postgres postgres
+          docker run -d -e POSTGRES_HOST_AUTH_METHOD=trust -e POSTGRES_DB=$EXCHANGE_DB_NAME -e POSTGRES_USER=$EXCHANGE_DB_USER --network $DOCKER_NETWORK --name postgres postgres
           export POSTGRES_CONTAINER_ADDRESS=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' postgres)
+          export EXCHANGE_DB_HOST=$POSTGRES_CONTAINER_ADDRESS
           make run-docker
-          cat /etc/horizon/exchange/config-http.json
           docker ps -a
           docker network ls
-          make test
+          make test

.travis.yml

@@ -1,9 +1,9 @@
 services: docker
 language: scala
 dist: focal
-jdk: openjdk11
+jdk: openjdk17
 scala:
-  - 2.13.5
+  - 2.13.14
 notifications:
   slack:
     secure: nPoYZ8FqRziV5+rQAc9GXFWtNsThBbOdxYOY8HpPwNWsWHtC2ZyPJBnNE6XIkmzR7+D5U8yOYqlk2CiqYLlSwa1+bqKuAyOBBhz51pDi8z+YXsjvgTpkxVmKv8N6jntAqo5eBFbVUW+/FPhKBD6qZIkbfRyThZSNZTSTv9oZ02Ynfb4NKuXgZeuinSotOaICiCvzfY4kYoe7EKss/XY6ON8qHUOcIQBsckDHrFEYwF270qNEIccZIkrOr3PKg3mXz2n+65T5i/UDNw3Z8RKDc32Y+TCfyAc3kyuQQYhKhL6/TLwAW/IPNGaFkUfR+2FH+C1VlLJpm1/mBj6uDvHBVRHSEL3ZofYFd5TTzUqkQRINATRQNpFNfjlMT3ifJrSyopKXyMsiea2y3EvM4/D3I5pHRvX2/BqidjJV3b5UIllirq/jk4PrCKshkKEZtC0CBNj4T8ewa9Qr3IxlKTFVHwnW1RWQmAXgFDFpbDzJ4vuLbUDhAKDXukWqoiwxTC3egMPQVnEFvxHVDAqdQUztsUjtg3LVXagLLl6+tYTwY53124aUXSkQMbANL+2ISZuRmg4dheTtaK/bE8L4dCQyyy7HFh03IbZGnGz3bhpDGxTBFAhnEQ4XWzYNpz8rEr0unvQTfBt2dUq4AH5bh1QseFh77lpBYWj9jxndZMbP9Pw=
@@ -17,6 +17,7 @@ env:
   DOCKER_NETWORK=exchange-api-network
   DOCKER_REGISTRY=openhorizon
   EXCHANGE_FE_HEADER=issuer
+  EXCHANGE_PEKKO_LOGLEVEL=debug
   EXCHANGE_ROOTPW=ci-password
   POSTGRES_DB=exchange
   POSTGRES_PORT=5432
@@ -37,7 +38,6 @@ before_script:
 - 'sudo bash -c "echo ''{ \"api\": { \"db\": { \"jdbcUrl\": \"jdbc:postgresql://$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB\",
   \"user\": \"$POSTGRES_USER\" }, \"root\": { \"password\": \"$EXCHANGE_ROOTPW\",
   \"frontEndHeader\": \"$EXCHANGE_FE_HEADER\" } } }'' > /etc/horizon/exchange/config.json"'
-- cat /etc/horizon/exchange/config.json
 - unset SBT_OPTS
 - make travis-test
 

CHANGELOG.md

@@ -2,6 +2,14 @@
 
 All notable changes to this project will be documented in this file.
 
+## [2.124.0] - 2024-09-14
+- Application configuration overhaul.
+  - Some database configuration changes are not backwards compatible. 
+- GET methods for Node resources no longer return passwords for admin user types, unless directly owned.
+- Added new rest paths for deployment patterns and policies aligning and clarifying these resources.
+  - `.../v1/orgs/<organization>/deployment/patterns/...`
+  - `.../v1/orgs/<organization>/deployment/policies/...`
+
 ## [2.123.0] - 2024-04-19
 - pekko-http-xml 1.0.0 -> 1.0.1
 - Reorganized class references in the Swagger documentation generator.

Makefile

@@ -56,6 +56,8 @@ EXCHANGE_HOST_TRUST_DIR ?= $(PROJECT_DIRECTORY)/target/etc/horizon/exchange/trus
 EXCHANGE_ICP_CERT_FILE ?= /etc/horizon/exchange/icp/ca.crt
 # Set to "DEBUG" to turn on debugging
 EXCHANGE_LOG_LEVEL ?= DEBUG#INFO
+EXCHANGE_PEKKO_LOG_LEVEL ?= $(EXCHANGE_LOG_LEVEL)
+EXCHANGE_ROOT_PW ?=
 # Number of days the SSL certificate is valid for
 EXCHANGE_TRUST_DUR ?= 1
 EXCHANGE_TRUST_PW ?=
@@ -64,11 +66,14 @@ JAVA_OPTS ?=#-Xmx1G
 POSTGRES_CONTAINER_ADDRESS ?= $(shell docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $(POSTGRES_CONTAINER_NAME))
 POSTGRES_CONTAINER_NAME ?= postgres
 POSTGRES_DB_NAME ?= exchange
+EXCHANGE_DB_NAME ?= $(POSTGRES_DB_NAME)
 POSTGRES_DB_PORT ?= 5432
+EXCHANGE_DB_PORT ?= $(POSTGRES_DB_PORT)
 POSTGRES_DB_USER ?= admin
+EXCHANGE_DB_USER ?= $(POSTGRES_DB_USER)
 PROJECT_DIRECTORY ?= $(shell pwd)
 # Try to sync this version with the version of scala you have installed on your dev machine, and with what is specified in build.sbt
-SCALA_VERSION ?= 2.13.10
+SCALA_VERSION ?= 2.13.14
 SCALA_VERSION_SHORT ?= 2.13
 
 
@@ -175,58 +180,6 @@ run-docker-db-postgres-https: target/docker/.run-docker-db-postgres-https
 /etc/horizon/exchange:
 	sudo mkdir -p /etc/horizon/exchange
 
-/etc/horizon/exchange/config-http.json: /etc/horizon/exchange
-	: $${EXCHANGE_ROOTPW:?}
-	sudo -- bash -c "printf \
-'{\n'\
-'  \"api\": {\n'\
-'    \"db\": {\n'\
-'      \"jdbcUrl\": \"jdbc:postgresql://$(POSTGRES_CONTAINER_ADDRESS):$(POSTGRES_DB_PORT)/$(POSTGRES_DB_NAME)\",\n'\
-'      \"user\": \"$(POSTGRES_DB_USER)\"\n'\
-'    },\n'\
-'    \"logging\": {\n'\
-'      \"level\": \"$(EXCHANGE_LOG_LEVEL)\"\n'\
-'    },\n'\
-'    \"root\": {\n'\
-'      \"password\": \"$(EXCHANGE_ROOTPW)\",\n'\
-'      \"frontEndHeader\": \"$(EXCHANGE_FE_HEADER)\"\n'\
-'    },\n'\
-'    \"service\": {\n'\
-'      \"port\": $(EXCHANGE_CONTAINER_PORT_HTTP),\n'\
-'      \"portEncrypted\": null\n'\
-'    }\n'\
-'  }\n'\
-'}' > /etc/horizon/exchange/config-http.json"
-	sudo chmod o+r /etc/horizon/exchange/config-http.json
-
-/etc/horizon/exchange/config-https.json: /etc/horizon/exchange target/docker/.run-docker-db-postgres-https
-	: $${EXCHANGE_ROOTPW:?}
-	sudo -- bash -c "printf \
-'{\n'\
-'  \"api\": {\n'\
-'    \"db\": {\n'\
-'      \"jdbcUrl\": \"jdbc:postgresql://$(POSTGRES_CONTAINER_ADDRESS):$(POSTGRES_DB_PORT)/$(POSTGRES_DB_NAME)\",\n'\
-'      \"user\": \"$(POSTGRES_DB_USER)\"\n'\
-'    },\n'\
-'    \"logging\": {\n'\
-'      \"level\": \"$(EXCHANGE_LOG_LEVEL)\"\n'\
-'    },\n'\
-'    \"root\": {\n'\
-'      \"password\": \"$(EXCHANGE_ROOTPW)\",\n'\
-'      \"frontEndHeader\": \"$(EXCHANGE_FE_HEADER)\"\n'\
-'    },\n'\
-'    \"service\": {\n'\
-'      \"port\": $(EXCHANGE_CONTAINER_PORT_HTTP),\n'\
-'      \"portEncrypted\": $(EXCHANGE_CONTAINER_PORT_HTTPS)\n'\
-'    },\n'\
-'    \"tls\": {\n'\
-'      \"password\": \"$(EXCHANGE_TRUST_PW)\",\n'\
-'      \"truststore\": \"/etc/horizon/exchange/localhost.p12\"\n'\
-'    }\n'\
-'  }\n'\
-'}' > /etc/horizon/exchange/config-https.json"
-	sudo chmod o+r /etc/horizon/exchange/config-https.json
-
 ## Pre-Run - TLS Truststore -----------
 ## Only do this once to create the exchange truststore for https (which includes the private key, and cert with multiple names).
 $(EXCHANGE_HOST_TRUST_DIR): /etc/horizon/exchange
@@ -253,34 +206,50 @@ truststore: /etc/horizon/exchange/localhost.p12
 # Run -------------------------------------------------------------------------
 ## Run - Docker -----------------------
 ## For Continuous Integration testing
-target/docker/.run-docker: /etc/horizon/exchange/config-http.json target/docker/.docker-network
-	sudo -- bash -c "cp /etc/horizon/exchange/config-http.json /etc/horizon/exchange/config.json"
+#-e EXCHANGE_DB_HOST=$(POSTGRES_CONTAINER_ADDRESS) \
+#-e EXCHANGE_DB_NAME=$(POSTGRES_DB_NAME) \
+#-e EXCHANGE_DB_USER=$(POSTGRES_DB_USER)
+target/docker/.run-docker: target/docker/.docker-network
 	docker run \
       --name $(DOCKER_NAME) \
       --network $(DOCKER_NETWORK) \
       -d -t \
       -p $(EXCHANGE_HOST_PORT_HTTP):$(EXCHANGE_CONTAINER_PORT_HTTP) \
-      -v /etc/horizon/exchange/config.json:/etc/horizon/exchange/exchange-api.tmpl:ro \
+      -e EXCHANGE_DB_HOST=$(POSTGRES_CONTAINER_ADDRESS) \
+      -e EXCHANGE_DB_NAME=$(EXCHANGE_DB_NAME) \
+      -e EXCHANGE_DB_PORT=$(EXCHANGE_DB_PORT) \
+      -e EXCHANGE_DB_USER=$(EXCHANGE_DB_USER) \
+      -e EXCHANGE_PEKKO_HTTP_PORT=$(EXCHANGE_CONTAINER_PORT_HTTP) \
+      -e EXCHANGE_PEKKO_LOGLEVEL=$(EXCHANGE_PEKKO_LOGLEVEL) \
+      -e EXCHANGE_ROOT_PW=$(EXCHANGE_ROOT_PW) \
       $(IMAGE_STRING):$(DOCKER_TAG)
 	@touch $@
 
 .PHONY: run-docker
 run-docker: target/docker/.run-docker
 
 ## config.json is renamed to exchange-api.tmpl to overwrite the provided file of the same name in the Docker image. Prevents the container from attempting to overwrite a bind-mounted config.json with read-only permissions.
-target/docker/.run-docker-icp-https: /etc/horizon/exchange/config-https.json target/docker/.docker-network /etc/horizon/exchange/localhost.p12 target/docker/.run-docker-db-postgres-https
-	sudo -- bash -c "cp /etc/horizon/exchange/config-https.json /etc/horizon/exchange/config.json"
+target/docker/.run-docker-icp-https: target/docker/.docker-network /etc/horizon/exchange/localhost.p12 target/docker/.run-docker-db-postgres-https
 	docker run \
       --name $(DOCKER_NAME) \
       --network $(DOCKER_NETWORK) \
       -d -t \
       -p $(EXCHANGE_HOST_PORT_HTTP):$(EXCHANGE_CONTAINER_PORT_HTTP) \
       -p $(EXCHANGE_HOST_PORT_HTTPS):$(EXCHANGE_CONTAINER_PORT_HTTPS) \
+      -e EXCHANGE_DB_HOST=$(POSTGRES_CONTAINER_ADDRESS) \
+      -e EXCHANGE_DB_NAME=$(EXCHANGE_DB_NAME) \
+      -e EXCHANGE_DB_PORT=$(EXCHANGE_DB_PORT) \
+      -e EXCHANGE_DB_USER=$(EXCHANGE_DB_USER) \
+      -e EXCHANGE_PEKKO_HTTP_PORT=$(EXCHANGE_CONTAINER_PORT_HTTP) \
+      -e EXCHANGE_PEKKO_HTTPS_PORT=$(EXCHANGE_CONTAINER_PORT_HTTPS) \
+      -e EXCHANGE_PEKKO_LOGLEVEL=$(EXCHANGE_PEKKO_LOGLEVEL) \
+      -e EXCHANGE_ROOT_PW=$(EXCHANGE_ROOT_PW) \
+      -e EXCHANGE_TLS_PASSWORD=$(EXCHANGE_TRUST_PW) \
+      -e EXCHANGE_TLS_TRUSTSTORE=/etc/horizon/exchange/localhost.p12 \
       -e "JAVA_OPTS=$(JAVA_OPTS)" \
       -e "ICP_EXTERNAL_MGMT_INGRESS=$$ICP_EXTERNAL_MGMT_INGRESS" \
-      -v /etc/horizon/exchange/config.json:/etc/horizon/exchange/exchange-api.tmpl:ro \
       -v $(EXCHANGE_HOST_ICP_CERT_FILE):$(EXCHANGE_ICP_CERT_FILE) \
-      -v $(EXCHANGE_HOST_TRUST_DIR)/localhost.p12:$(EXCHANGE_CONTAINER_TRUST_DIR)/localhost.p12:ro \
+      -v /etc/horizon/exchange/localhost.p12:$(EXCHANGE_CONTAINER_TRUST_DIR)/localhost.p12:ro \
       -v $(EXCHANGE_HOST_POSTGRES_CERT_FILE):$(EXCHANGE_CONTAINER_POSTGRES_CERT_FILE) \
       $(IMAGE_STRING):$(DOCKER_TAG)
 	@touch $@
@@ -290,16 +259,19 @@ run-docker-icp-https: target/docker/.run-docker-icp-https
 
 ## config.json is mounted into the container as exchange-api.tmpl to overwrite the provided file of the same name in the Docker image. Bind-mounting it with read-only permissions prevents the container from attempting to overwrite it.
 #
-target/docker/.run-docker-icp: /etc/horizon/exchange/config-http.json target/docker/.docker-network
-	sudo -- bash -c "cp /etc/horizon/exchange/config-http.json /etc/horizon/exchange/config.json"
+target/docker/.run-docker-icp: target/docker/.docker-network
 	docker run \
       --name $(DOCKER_NAME) \
       --network $(DOCKER_NETWORK) \
       -d -t \
       -p $(EXCHANGE_HOST_PORT_HTTP):$(EXCHANGE_CONTAINER_PORT_HTTP) \
+      -e EXCHANGE_DB_NAME=$(EXCHANGE_DB_NAME) \
+      -e EXCHANGE_DB_PORT=$(EXCHANGE_DB_PORT) \
+      -e EXCHANGE_DB_USER=$(EXCHANGE_DB_USER) \
+      -e EXCHANGE_PEKKO_LOGLEVEL=$(EXCHANGE_LOG_LEVEL) \
+      -e EXCHANGE_ROOT_PW=$(EXCHANGE_ROOT_PW) \
       -e "JAVA_OPTS=$(JAVA_OPTS)" \
       -e "ICP_EXTERNAL_MGMT_INGRESS=$$ICP_EXTERNAL_MGMT_INGRESS" \
-      -v /etc/horizon/exchange/config.json:/etc/horizon/exchange/exchange-api.tmpl:ro \
       $(IMAGE_STRING):$(DOCKER_TAG)
 	@touch $@
 
@@ -340,7 +312,7 @@ docker-push-version-only:
 # Must an Exchange instance running locally or in docker
 .PHONY: test
 test:
-	: $${EXCHANGE_ROOTPW:?}   # this verifies these env vars are set
+	: $${EXCHANGE_ROOT_PW:?}   # this verifies these env vars are set
 	sbt test
 
 
@@ -382,7 +354,6 @@ clean: clean-docker clean-truststore
 
 .PHONY: cleaner
 cleaner: clean cleaner-docker cleaner-truststore
-	sudo rm -fr /etc/horizon/exchange/config*.json
 
 .PHONY: cleanest
 cleanest: cleaner cleanest-docker cleanest-truststore