diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 944449d5..24d038ca 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,6 @@ jobs: if: ${{ github.ref == 'refs/heads/main' || startswith(github.ref, 'refs/tags/') }} run: ./gradlew pushDockerImage env: - XENIT_DOCKER_REGISTRY_URL: ${{ secrets.XENIT_DOCKER_REGISTRY_URL }} - XENIT_DOCKER_REGISTRY_USERNAME: ${{ secrets.XENIT_DOCKER_REGISTRY_USERNAME }} - XENIT_DOCKER_REGISTRY_PASSWORD: ${{ secrets.XENIT_DOCKER_REGISTRY_PASSWORD }} + XENIT_DOCKER_REGISTRY_USERNAME: ${{ secrets.CLOUDSMITH_USER }} + XENIT_DOCKER_REGISTRY_PASSWORD: ${{ secrets.CLOUDSMITH_APIKEY }} diff --git a/README.md b/README.md index 73a430bf..70cb59d6 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Content Cloud Gateway -An API Gateway based on [Spring Cloud Gateway](https://spring.io/projects/spring-cloud-gateway) with integration with [Open Policy Agent](https://www.openpolicyagent.org) for Content Cloud projects. You can find a prebuilt image at [content-cloud/gateway](https://hub.xenit.eu/harbor/projects/49/repositories/gateway) +An API Gateway based on [Spring Cloud Gateway](https://spring.io/projects/spring-cloud-gateway) with integration with [Open Policy Agent](https://www.openpolicyagent.org) for Content Cloud projects. ## Local development diff --git a/build.gradle b/build.gradle index db37b8fa..ff3cd2e0 100644 --- a/build.gradle +++ b/build.gradle @@ -16,8 +16,7 @@ repositories { maven { url 'https://oss.sonatype.org/content/repositories/snapshots' content { - includeGroup 'eu.xenit.contentcloud' - includeGroup 'eu.xenit.contentcloud.thunx' + includeGroup 'com.contentgrid.thunx' } } } @@ -29,7 +28,7 @@ reckon { ext { springCloudVersion = '2021.0.4' - thunxVersion = '0.3.3' + thunxVersion = '0.4.2' } bootRun { @@ -46,7 +45,7 @@ tasks.register("keycloakBootRun", org.springframework.boot.gradle.tasks.run.Boo } tasks.register("consoleBootRun", org.springframework.boot.gradle.tasks.run.BootRun.class) { - description = "Runs the Spring Boot application with routing config for Content Cloud Console development" + description = "Runs the Spring Boot application with routing config for ContentGrid Console development" group = ApplicationPlugin.APPLICATION_GROUP classpath = tasks.bootRun.classpath mainClass = tasks.bootRun.mainClass @@ -61,8 +60,9 @@ dependencies { implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'org.springframework.boot:spring-boot-starter-actuator' - implementation "eu.xenit.contentcloud.thunx:thunx-spring:${thunxVersion}" - implementation "eu.xenit.contentcloud.thunx:thunx-pdp-opa:${thunxVersion}" + implementation platform("com.contentgrid.thunx:thunx-bom:${thunxVersion}") + implementation "com.contentgrid.thunx:thunx-spring" + implementation "com.contentgrid.thunx:thunx-pdp-opa" compileOnly 'org.projectlombok:lombok' annotationProcessor 'org.projectlombok:lombok' @@ -102,7 +102,7 @@ task writeDockerImageCoords { pushDockerImage { dependsOn(writeDockerImageCoords) registryCredentials { - url = System.getenv('XENIT_DOCKER_REGISTRY_URL') + url = 'docker.xenit.eu' username = System.getenv('XENIT_DOCKER_REGISTRY_USERNAME') password = System.getenv('XENIT_DOCKER_REGISTRY_PASSWORD') } @@ -116,7 +116,7 @@ createDockerFile { } dockerBuild { - repositories = ["hub.xenit.eu/content-cloud/gateway"] + repositories = ["docker.xenit.eu/contentgrid/gateway"] tags = imageTags(version) } diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml index c9bd1a22..062bed0e 100644 --- a/docker-compose/docker-compose.yml +++ b/docker-compose/docker-compose.yml @@ -20,7 +20,7 @@ services: - "./example-rego/example.rego:/config/example.rego" gateway: - image: ${CONTENT_CLOUD_GATEWAY_DOCKER_IMAGE:-hub.xenit.eu/content-cloud/gateway:local} + image: ${CONTENTGRID_GATEWAY_DOCKER_IMAGE:-docker.xenit.eu/contentgrid/gateway:local} environment: - "OPA_SERVICE_URL=http://opa:8181" - "OPA_QUERY=data.gateway.example.allow == true" diff --git a/src/main/java/eu/xenit/alfred/content/gateway/GatewayApplication.java b/src/main/java/eu/xenit/alfred/content/gateway/GatewayApplication.java index a6b69b8a..4b741e5e 100644 --- a/src/main/java/eu/xenit/alfred/content/gateway/GatewayApplication.java +++ b/src/main/java/eu/xenit/alfred/content/gateway/GatewayApplication.java @@ -5,13 +5,13 @@ import eu.xenit.alfred.content.gateway.cors.CorsConfigurationResolver; import eu.xenit.alfred.content.gateway.cors.CorsResolverProperties; import eu.xenit.alfred.content.gateway.error.ProxyUpstreamUnavailableWebFilter; -import eu.xenit.contentcloud.opa.client.OpaClient; -import eu.xenit.contentcloud.opa.client.rest.RestClientConfiguration.LogSpecification; -import eu.xenit.contentcloud.thunx.pdp.PolicyDecisionComponentImpl; -import eu.xenit.contentcloud.thunx.pdp.PolicyDecisionPointClient; -import eu.xenit.contentcloud.thunx.pdp.opa.OpenPolicyAgentPDPClient; -import eu.xenit.contentcloud.thunx.spring.gateway.filter.AbacGatewayFilterFactory; -import eu.xenit.contentcloud.thunx.spring.security.ReactivePolicyAuthorizationManager; +import com.contentgrid.opa.client.OpaClient; +import com.contentgrid.opa.client.rest.RestClientConfiguration.LogSpecification; +import com.contentgrid.thunx.pdp.PolicyDecisionComponentImpl; +import com.contentgrid.thunx.pdp.PolicyDecisionPointClient; +import com.contentgrid.thunx.pdp.opa.OpenPolicyAgentPDPClient; +import com.contentgrid.thunx.spring.gateway.filter.AbacGatewayFilterFactory; +import com.contentgrid.thunx.spring.security.ReactivePolicyAuthorizationManager; import java.io.IOException; import java.io.UncheckedIOException; import java.util.Collections; diff --git a/src/main/java/eu/xenit/alfred/content/gateway/UserProfileService.java b/src/main/java/eu/xenit/alfred/content/gateway/UserProfileService.java index 674c80be..4be8f553 100644 --- a/src/main/java/eu/xenit/alfred/content/gateway/UserProfileService.java +++ b/src/main/java/eu/xenit/alfred/content/gateway/UserProfileService.java @@ -1,6 +1,6 @@ package eu.xenit.alfred.content.gateway; -import eu.xenit.contentcloud.thunx.spring.security.AuthenticationContextMapper; +import com.contentgrid.thunx.spring.security.AuthenticationContextMapper; import java.util.Arrays; import java.util.HashMap; import java.util.Map; diff --git a/src/main/java/eu/xenit/alfred/content/gateway/cors/CorsResolverProperties.java b/src/main/java/eu/xenit/alfred/content/gateway/cors/CorsResolverProperties.java index 3d89e6ec..c5b0d79f 100644 --- a/src/main/java/eu/xenit/alfred/content/gateway/cors/CorsResolverProperties.java +++ b/src/main/java/eu/xenit/alfred/content/gateway/cors/CorsResolverProperties.java @@ -6,7 +6,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.web.cors.CorsConfiguration; -@ConfigurationProperties("contentcloud.gateway.cors") +@ConfigurationProperties("contentgrid.gateway.cors") public class CorsResolverProperties { @Getter diff --git a/src/main/resources/application-console.yml b/src/main/resources/application-console.yml index a05cf800..da4391f6 100644 --- a/src/main/resources/application-console.yml +++ b/src/main/resources/application-console.yml @@ -7,9 +7,9 @@ management: opa: service: url: http://localhost:8081 - query: "data.contentcloud.api.allow == true" + query: "data.contentgrid.api.allow == true" -contentcloud: +contentgrid: gateway: cors: configurations: @@ -17,8 +17,8 @@ contentcloud: allowedOrigins: - 'http://${DOCKER_HOST_IP:172.17.0.1}:8085' - 'http://${DOCKER_HOST_IP:172.17.0.1}:9085' - '[api.content-cloud.eu]': - allowedOrigins: 'https://console.content-cloud.eu' + '[api.contentgrid.com]': + allowedOrigins: 'https://console.contentgrid.com' spring: cloud: diff --git a/src/test/java/eu/xenit/alfred/content/gateway/cors/CorsConfigurationResolverTest.java b/src/test/java/eu/xenit/alfred/content/gateway/cors/CorsConfigurationResolverTest.java index 229e57de..4ce73c9b 100644 --- a/src/test/java/eu/xenit/alfred/content/gateway/cors/CorsConfigurationResolverTest.java +++ b/src/test/java/eu/xenit/alfred/content/gateway/cors/CorsConfigurationResolverTest.java @@ -14,20 +14,20 @@ class CorsConfigurationResolverTest { @Test void loadCorsFromHostHeader_hasAppliedDefaults() { var config = new CorsConfiguration(); - config.setAllowedOrigins(List.of("console.content-cloud.eu")); + config.setAllowedOrigins(List.of("console.contentgrid.com")); var properties = new CorsResolverProperties(); - properties.getConfigurations().put("api.content-cloud.eu", config); + properties.getConfigurations().put("api.contentgrid.com", config); var resolver = new CorsConfigurationResolver(properties); var request = MockServerHttpRequest .get("/me") - .header("Host", "api.content-cloud.eu"); + .header("Host", "api.contentgrid.com"); var cors = resolver.getCorsConfiguration(MockServerWebExchange.from(request)); assertThat(cors).isNotNull(); - assertThat(cors.getAllowedOrigins()).singleElement().isEqualTo("console.content-cloud.eu"); + assertThat(cors.getAllowedOrigins()).singleElement().isEqualTo("console.contentgrid.com"); assertThat(cors.getAllowedHeaders()).contains("Authorization", "Content-Type"); assertThat(cors.getAllowedMethods()).singleElement().isEqualTo("*"); assertThat(cors.getMaxAge()).isEqualTo(1800L); diff --git a/src/test/java/eu/xenit/alfred/content/gateway/cors/CorsIntegrationTest.java b/src/test/java/eu/xenit/alfred/content/gateway/cors/CorsIntegrationTest.java index 56f7be3d..5ce0de5d 100644 --- a/src/test/java/eu/xenit/alfred/content/gateway/cors/CorsIntegrationTest.java +++ b/src/test/java/eu/xenit/alfred/content/gateway/cors/CorsIntegrationTest.java @@ -12,8 +12,8 @@ @Slf4j @SpringBootTest(properties = { - "content-cloud.gateway.cors.configurations.'[api.content-cloud.eu]'.allowedOrigins=https://console.content-cloud.eu", - "content-cloud.gateway.cors.configurations.default.allowedOrigins=https://other-app.example" + "contentgrid.gateway.cors.configurations.'[api.contentgrid.com]'.allowedOrigins=https://console.contentgrid.com", + "contentgrid.gateway.cors.configurations.default.allowedOrigins=https://other-app.example" }) class CorsIntegrationTest { @@ -34,12 +34,12 @@ public void setup() { @Test public void corsPreflight_allowedOrigin() { - var result = this.preflight("api.content-cloud.eu") - .header("Origin", "https://console.content-cloud.eu") + var result = this.preflight("api.contentgrid.com") + .header("Origin", "https://console.contentgrid.com") .exchange() .expectHeader().valueEquals("Access-Control-Allow-Headers", "authorization") .expectHeader().valueEquals("Access-Control-Allow-Methods", "GET") - .expectHeader().valueEquals("Access-Control-Allow-Origin", "https://console.content-cloud.eu") + .expectHeader().valueEquals("Access-Control-Allow-Origin", "https://console.contentgrid.com") .expectHeader().doesNotExist("Access-Control-Allow-Credentials") .expectBody().isEmpty(); @@ -48,7 +48,7 @@ public void corsPreflight_allowedOrigin() { @Test public void corsPreflight_fallback() { - var result = this.preflight("other-service.content-cloud.eu") + var result = this.preflight("other-service.contentgrid.com") .header("Origin", "https://other-app.example") .exchange() .expectHeader().valueEquals("Access-Control-Allow-Headers", "authorization") @@ -62,7 +62,7 @@ public void corsPreflight_fallback() { @Test public void corsPreflight_forbiddenOrigin() { - this.preflight("api.content-cloud.eu") + this.preflight("api.contentgrid.com") .header("Origin", "https://evil.overlord.example") .exchange() .expectStatus().isForbidden(); @@ -71,12 +71,12 @@ public void corsPreflight_forbiddenOrigin() { @Test public void corsPreflight_forbiddenSubdomain() { - this.preflight("api.content-cloud.eu") - .header("Origin", "https://evil.console.content-cloud.eu") + this.preflight("api.contentgrid.com") + .header("Origin", "https://evil.console.contentgrid.com") .exchange().expectStatus().isForbidden(); - this.preflight("api.content-cloud.eu") - .header("Origin", "https://evil.content-cloud.eu") + this.preflight("api.contentgrid.com") + .header("Origin", "https://evil.contentgrid.com") .exchange().expectStatus().isForbidden(); }