fix(openapi)!: add health endpoint to openapi

rest/resource-server/src/main/java/org/eclipse/sw360/rest/resourceserver/Sw360ResourceServer.java

@@ -10,10 +10,17 @@
 
 package org.eclipse.sw360.rest.resourceserver;
 
+import io.swagger.v3.oas.models.Operation;
+import io.swagger.v3.oas.models.PathItem;
 import io.swagger.v3.oas.models.info.Info;
 import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
 import io.swagger.v3.oas.models.info.License;
+import io.swagger.v3.oas.models.media.Content;
+import io.swagger.v3.oas.models.media.MediaType;
+import io.swagger.v3.oas.models.media.Schema;
+import io.swagger.v3.oas.models.responses.ApiResponse;
+import io.swagger.v3.oas.models.responses.ApiResponses;
 import io.swagger.v3.oas.models.security.SecurityScheme;
 import io.swagger.v3.oas.models.servers.Server;
 import org.eclipse.sw360.datahandler.common.CommonUtils;
@@ -25,6 +32,7 @@
 import org.eclipse.sw360.rest.resourceserver.security.apiToken.ApiTokenAuthenticationFilter;
 import org.springdoc.core.utils.SpringDocUtils;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.actuate.health.Health;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.builder.SpringApplicationBuilder;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
@@ -45,7 +53,7 @@
 @Import(Sw360CORSFilter.class)
 public class Sw360ResourceServer extends SpringBootServletInitializer {
 
-    private static final String REST_BASE_PATH = "/api";
+    public static final String REST_BASE_PATH = "/api";
 
     @Value("${spring.data.rest.default-page-size:10}")
     private int defaultPageSize;
@@ -168,6 +176,36 @@ public OpenAPI customOpenAPI() {
                 .info(new Info().title("SW360 API").license(new License().name("EPL-2.0")
                                 .url("https://github.com/eclipse-sw360/sw360/blob/main/LICENSE"))
                         .version(restVersionString))
-                .servers(List.of(server));
+                .servers(List.of(server))
+                .path("/health", new PathItem().get(
+                        new Operation().tags(Collections.singletonList("Health"))
+                                .summary("Health endpoint").operationId("health")
+                                .responses(new ApiResponses().addApiResponse("200",
+                                        new ApiResponse().description("OK")
+                                                .content(new Content()
+                                                        .addMediaType("application/json", new MediaType()
+                                                                .example("""
+                                                                        {
+                                                                          "status": "UP",
+                                                                          "components": {
+                                                                            "SW360Rest": {
+                                                                              "status": "UP",
+                                                                              "details": {
+                                                                                "Rest State": {
+                                                                                  "isDbReachable": true,
+                                                                                  "isThriftReachable": true
+                                                                                }
+                                                                              }
+                                                                            },
+                                                                            "ping": {
+                                                                              "status": "UP"
+                                                                            }
+                                                                          }
+                                                                        }
+                                                                        """)
+                                                                .schema(new Schema<Health>())
+                                                ))
+                                ))
+                ));
     }
-}
+}

rest/resource-server/src/main/java/org/eclipse/sw360/rest/resourceserver/project/ProjectController.java

@@ -3264,7 +3264,7 @@ public ResponseEntity<?> createDuplicateProjectWithDependencyNetwork(
         if (reqBodyMap.get("dependencyNetwork") != null) {
             try {
                 addOrPatchDependencyNetworkToProject(duplicatedProject, reqBodyMap, ProjectOperation.CREATE);
-            } catch (JsonProcessingException | NoSuchElementException | InvalidPropertiesFormatException e) {
+            } catch (JsonProcessingException | NoSuchElementException e) {
                 log.error(e.getMessage());
                 return ResponseEntity.badRequest().body(e.getMessage());
             }

rest/resource-server/src/main/java/org/eclipse/sw360/rest/resourceserver/security/ResourceServerConfiguration.java

@@ -60,7 +60,9 @@ public class ResourceServerConfiguration {
 
     @Bean
     public WebSecurityCustomizer webSecurityCustomizer() {
-        return (web) -> web.ignoring().requestMatchers("/", "/*/*.html", "/*/*.css", "/*/*.js", "/*.js", "/*.json", "/*/*.json", "/*/*.png", "/*/*.gif", "/*/*.ico", "/*/*.woff/*", "/*/*.ttf", "/*/*.html", "/*/*/*.html", "/*/*.yaml", "/v3/api-docs/**");
+        return (web) -> web.ignoring().requestMatchers("/", "/*/*.html", "/*/*.css", "/*/*.js", "/*.js", "/*.json",
+                "/*/*.json", "/*/*.png", "/*/*.gif", "/*/*.ico", "/*/*.woff/*", "/*/*.ttf", "/*/*.html", "/*/*/*.html",
+                "/*/*.yaml", "/v3/api-docs/**", "/api/health", "/api/info");
     }
 
     @Bean
@@ -80,8 +82,8 @@ public SecurityFilterChain securityFilterChainRS1(HttpSecurity http) throws Exce
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         SimpleAuthenticationEntryPoint saep = new SimpleAuthenticationEntryPoint();
         return http.addFilterBefore(filter, BasicAuthenticationFilter.class).authorizeHttpRequests(auth -> {
-            auth.requestMatchers(HttpMethod.GET, "/health").permitAll();
-            auth.requestMatchers(HttpMethod.GET, "/info").hasAuthority("WRITE");
+            auth.requestMatchers(HttpMethod.GET, "/api/health").permitAll();
+            auth.requestMatchers(HttpMethod.GET, "/api/info").hasAuthority("WRITE");
             auth.requestMatchers(HttpMethod.GET, "/api").permitAll();
             auth.requestMatchers(HttpMethod.GET, "/api/reports/download").permitAll();
             auth.requestMatchers(HttpMethod.GET, "/api/**").hasAuthority("READ");

rest/resource-server/src/main/resources/application.yml

@@ -20,6 +20,9 @@ management:
       base-path: /
       exposure:
         include: health,info
+      path-mapping:
+        health: /api/health
+        info: /api/info
   endpoint:
     health:
       show-details: always
@@ -28,6 +31,11 @@ management:
       enabled: true
   security:
     enabled: true
+  health:
+    diskspace:
+      enabled: true    # Disable to hide sensitive system information
+    ping:
+      enabled: true
 
 spring:
   application:
@@ -83,4 +91,4 @@ springdoc:
         enabled: true
   default-consumes-media-type: application/json
   default-produces-media-type: application/hal+json
-  paths-to-exclude: /api/**
+  paths-to-exclude: /api/**

rest/resource-server/src/test/java/org/eclipse/sw360/rest/resourceserver/SW360RestHealthIndicatorTest.java

@@ -71,7 +71,7 @@ public class SW360RestHealthIndicatorTest {
      */
     private ResponseEntity<Map> getMapResponseEntityForHealthEndpointRequest(String endpoint) {
         return this.testRestTemplate.getForEntity(
-                "http://localhost:" + this.port + endpoint, Map.class);
+                "http://localhost:" + this.port + Sw360ResourceServer.REST_BASE_PATH + endpoint, Map.class);
     }
 
     @Test

rest/resource-server/src/test/java/org/eclipse/sw360/rest/resourceserver/configuration/security/Sw360AuthorizationServerConfiguration.java

@@ -40,8 +40,8 @@ public SecurityFilterChain appSecurtiy(HttpSecurity httpSecurity) throws Excepti
 		SimpleAuthenticationEntryPoint saep = new SimpleAuthenticationEntryPoint();
 		httpSecurity.authorizeHttpRequests(
 				authz -> authz
-				         .requestMatchers(HttpMethod.GET, "/health").permitAll()
-						.requestMatchers(HttpMethod.GET, "/info").permitAll()
+						.requestMatchers(HttpMethod.GET, "/api/health").permitAll()
+						.requestMatchers(HttpMethod.GET, "/api/info").permitAll()
 						.anyRequest().authenticated()
 		).httpBasic(Customizer.withDefaults()).formLogin(Customizer.withDefaults())
 				.exceptionHandling(x -> x.authenticationEntryPoint(saep));

rest/resource-server/src/test/java/org/eclipse/sw360/rest/resourceserver/restdocs/HealthSpecTest.java

@@ -43,7 +43,7 @@ public void should_document_get_health() throws Exception {
         given(this.restHealthIndicatorMock.health()).willReturn(spring_health);
 
 
-        mockMvc.perform(get("/health")
+        mockMvc.perform(get("/api/health")
                     .accept(MediaType.APPLICATION_JSON))
                 .andExpect(status().isOk())
                 .andDo(this.documentationHandler.document(
@@ -72,7 +72,7 @@ public void should_document_get_health_unhealthy() throws Exception {
                 .build();
         given(this.restHealthIndicatorMock.health()).willReturn(spring_health_down);
 
-        mockMvc.perform(get("/health")
+        mockMvc.perform(get("/api/health")
                     .accept(MediaType.APPLICATION_JSON))
                 .andExpect(status().is2xxSuccessful())
                 .andDo(this.documentationHandler.document(

rest/resource-server/src/test/resources/application.yml

@@ -1,28 +1,19 @@
 #SPDX-FileCopyrightText: © 2024 Siemens AG
 #SPDX-License-Identifier: EPL-2.0
 
-spring:
-  profiles:
-    active: SECURITY_MOCK
-  security:
-    oauth2:
-      resourceserver:
-        jwt:
-          issuer-uri: http://localhost:8080/authorization/oauth2/jwks
-          jwk-set-uri: http://localhost:8080/authorization/oauth2/jwks
-  application:
-    name: resource
+server:
   servlet:
-    multipart:
-      max-file-size: 500MB
-      max-request-size: 600MB
+    context-path: /
 
 management:
   endpoints:
     web:
       base-path: /
       exposure:
         include: health,info
+      path-mapping:
+        health: /api/health
+        info: /api/info
   endpoint:
     health:
       show-details: always
@@ -31,9 +22,27 @@ management:
       enabled: true
   security:
     enabled: true
-server:
+  health:
+    diskspace:
+      enabled: true    # Disable to hide sensitive system information
+    ping:
+      enabled: true
+
+spring:
+  profiles:
+    active: SECURITY_MOCK
+  application:
+    name: resource
   servlet:
-    context-path: /
+    multipart:
+      max-file-size: 500MB
+      max-request-size: 600MB
+  security:
+    oauth2:
+      resourceserver:
+        jwt:
+          issuer-uri: http://localhost:8080/authorization/oauth2/jwks
+          jwk-set-uri: http://localhost:8080/authorization/oauth2/jwks
 
 #logging:
 #  level: