18452 Merge branch 'main' into 'feature-legal-name'

.github/workflows/business-auth-ci.yml

@@ -72,6 +72,10 @@ jobs:
       ACCOUNT_SVC_AUTH_URL: https://mock_account_svc_auth_url
       ACCOUNT_SVC_CLIENT_ID: account_svc_client_id
       ACCOUNT_SVC_CLIENT_SECRET: account_svc_client_secret
+      BUSINESS_SCHEMA_ID: test_business_schema_id
+      BUSINESS_CRED_DEF_ID: test_credential_definition_id
+      BUSINESS_SCHEMA_NAME: digital_business_card
+      BUSINESS_SCHEMA_VERSION: "1.0.0"
 
 
     runs-on: ubuntu-20.04

.github/workflows/business-filings-notebook-report-cd.yml

@@ -27,4 +27,4 @@ jobs:
       working_directory: "./jobs/filings-notebook-report"
     secrets:
       WORKLOAD_IDENTIFY_POOLS_PROVIDER: ${{ secrets.WORKLOAD_IDENTIFY_POOLS_PROVIDER }}
-      GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }}
+      GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }}

.github/workflows/business-sftp-icbc-report-cd.yml

@@ -27,4 +27,4 @@ jobs:
       working_directory: "./jobs/sftp-icbc-report"
     secrets:
       WORKLOAD_IDENTIFY_POOLS_PROVIDER: ${{ secrets.WORKLOAD_IDENTIFY_POOLS_PROVIDER }}
-      GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }}
+      GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }}

.github/workflows/entity-digital-credentials-cd.yml

@@ -0,0 +1,114 @@
+name: Entity Digital Credentials CD
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "queue_services/entity-digital-credentials/**"
+      - "queue_services/common/**"
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: "Environment (dev/test/prod)"
+        required: true
+        default: "dev"
+
+defaults:
+  run:
+    shell: bash
+    working-directory: ./queue_services/entity-digital-credentials
+
+env:
+  APP_NAME: "entity-digital-credentials"
+  TAG_NAME: "dev"
+
+jobs:
+  entity-digital-credentials-cd-by-push:
+    runs-on: ubuntu-20.04
+
+    if: github.event_name == 'push' && github.repository == 'bcgov/lear'
+    environment:
+      name: "dev"
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Login Openshift
+        shell: bash
+        run: |
+          oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}}
+
+      - name: CD Flow
+        shell: bash
+        env:
+          OPS_REPOSITORY: ${{ secrets.OPS_REPOSITORY }}
+          OPENSHIFT_DOCKER_REGISTRY: ${{ secrets.OPENSHIFT4_DOCKER_REGISTRY }}
+          OPENSHIFT_SA_NAME: ${{ secrets.OPENSHIFT4_SA_NAME }}
+          OPENSHIFT_SA_TOKEN: ${{ secrets.OPENSHIFT4_SA_TOKEN }}
+          OPENSHIFT_REPOSITORY: ${{ secrets.OPENSHIFT4_REPOSITORY }}
+          TAG_NAME: ${{ env.TAG_NAME }}
+        run: |
+          make cd
+
+      - name: Watch new rollout (trigger by image change in Openshift)
+        shell: bash
+        run: |
+          oc rollout status dc/${{ env.APP_NAME }}-${{ env.TAG_NAME }} -n ${{ secrets.OPENSHIFT4_REPOSITORY }}-${{ env.TAG_NAME }} -w
+
+      - name: Rocket.Chat Notification
+        uses: RocketChat/Rocket.Chat.GitHub.Action.Notification@master
+        if: failure()
+        with:
+          type: ${{ job.status }}
+          job_name: "*Entity Digital Credentials Built and Deployed to ${{env.TAG_NAME}}*"
+          channel: "#registries-bot"
+          url: ${{ secrets.ROCKETCHAT_WEBHOOK }}
+          commit: true
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+  entity-digital-credentials-cd-by-dispatch:
+    runs-on: ubuntu-20.04
+
+    if: github.event_name == 'workflow_dispatch' && github.repository == 'bcgov/lear'
+    environment:
+      name: "${{ github.event.inputs.environment }}"
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set env by input
+        run: |
+          echo "TAG_NAME=${{ github.event.inputs.environment }}" >> $GITHUB_ENV
+
+      - name: Login Openshift
+        shell: bash
+        run: |
+          oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}}
+
+      - name: CD Flow
+        shell: bash
+        env:
+          OPS_REPOSITORY: ${{ secrets.OPS_REPOSITORY }}
+          OPENSHIFT_DOCKER_REGISTRY: ${{ secrets.OPENSHIFT4_DOCKER_REGISTRY }}
+          OPENSHIFT_SA_NAME: ${{ secrets.OPENSHIFT4_SA_NAME }}
+          OPENSHIFT_SA_TOKEN: ${{ secrets.OPENSHIFT4_SA_TOKEN }}
+          OPENSHIFT_REPOSITORY: ${{ secrets.OPENSHIFT4_REPOSITORY }}
+          TAG_NAME: ${{ env.TAG_NAME }}
+        run: |
+          make cd
+
+      - name: Watch new rollout (trigger by image change in Openshift)
+        shell: bash
+        run: |
+          oc rollout status dc/${{ env.APP_NAME }}-${{ env.TAG_NAME }} -n ${{ secrets.OPENSHIFT4_REPOSITORY }}-${{ env.TAG_NAME }} -w
+
+      - name: Rocket.Chat Notification
+        uses: RocketChat/Rocket.Chat.GitHub.Action.Notification@master
+        if: failure()
+        with:
+          type: ${{ job.status }}
+          job_name: "*Entity Digital Credentials Built and Deployed to ${{env.TAG_NAME}}*"
+          channel: "#registries-bot"
+          url: ${{ secrets.ROCKETCHAT_WEBHOOK }}
+          commit: true
+          token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/entity-digital-credentials-ci.yml

@@ -0,0 +1,110 @@
+name: Entity Digital Credentials CI
+
+on:
+  pull_request:
+    types: [assigned, synchronize]
+    paths:
+      - "queue_services/entity-digital-credentials/**"
+      - "queue_services/common/**"
+
+defaults:
+  run:
+    shell: bash
+    working-directory: ./queue_services/entity-digital-credentials
+
+jobs:
+  setup-job:
+    runs-on: ubuntu-20.04
+
+    if: github.repository == 'bcgov/lear'
+
+    steps:
+      - uses: actions/checkout@v3
+      - run: "true"
+
+  linting:
+    needs: setup-job
+    runs-on: ubuntu-20.04
+
+    strategy:
+      matrix:
+        python-version: [3.8]
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v1
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          make setup
+      - name: Lint with pylint
+        id: pylint
+        run: |
+          make pylint
+      - name: Lint with flake8
+        id: flake8
+        run: |
+          make flake8
+
+  testing:
+    needs: setup-job
+    env:
+      DATABASE_TEST_USERNAME: postgres
+      DATABASE_TEST_PASSWORD: postgres
+      DATABASE_TEST_NAME: postgres
+      DATABASE_TEST_HOST: localhost
+      NATS_SERVERS: "nats://nats:4222"
+      NATS_CLIENT_NAME: entity.digital-credentials.tester
+      NATS_CLUSTER_ID: test-cluster
+      NATS_ENTITY_EVENT_SUBJECT: entity.events
+      NATS_QUEUE: entity-digital-credentials-worker
+      TEST_NATS_DOCKER: True
+      STAN_CLUSTER_NAME: test-cluster
+
+    runs-on: ubuntu-20.04
+
+    services:
+      postgres:
+        image: postgres:12
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: postgres
+        ports:
+          - 5432:5432
+        # needed because the postgres container does not provide a healthcheck
+        options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v1
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          make setup
+      - name: Test with pytest
+        id: test
+        run: |
+          make test
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v3
+        with:
+          file: ./queue_services/entity-digital-credentials/coverage.xml
+          flags: entity-digital-credentials
+          name: codecov-entity-digital-credentials
+          fail_ci_if_error: true
+
+  build-check:
+    needs: setup-job
+    runs-on: ubuntu-20.04
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: build to check strictness
+        id: build
+        run: |
+          make build-nc

colin-api/devops/vaults.json

@@ -4,7 +4,9 @@
         "application": [
             "colin-api",
             "test-oracle",
-            "sentry"
+            "sentry",
+            "jwt",
+            "launchdarkly"
         ]
     }
 ]

colin-api/flags.json

@@ -0,0 +1,3 @@
+{
+    "flagValues": {}
+}

colin-api/requirements.txt

@@ -1,31 +1,35 @@
-Flask-Moment==0.10.0
+
+Flask-Moment==0.11.0
 Flask-Script==2.0.6
 Flask==1.1.2
-Jinja2==2.11.2
+Jinja2==2.11.3
 MarkupSafe==1.1.1
 Werkzeug==1.0.1
-aniso8601==8.1.0
-attrs==20.3.0
+aniso8601==9.0.1
 blinker==1.4
 certifi==2020.12.5
-click==7.1.2
+click==8.1.3
 cx-Oracle==8.1.0
 debugpy
 ecdsa==0.14.1
-flask-jwt-oidc==0.1.5
+flask-jwt-oidc==0.3.0
 flask-restx==0.3.0
-gunicorn==20.0.4
+gunicorn==20.1.0
 itsdangerous==1.1.0
-jsonschema==3.2.0
+jsonschema==4.19.0
+launchdarkly-server-sdk==7.1.0
 psycopg2-binary==2.8.6
 pyasn1==0.4.8
 pycountry==20.7.3
 pyrsistent==0.17.3
-python-dotenv==0.15.0
+python-dotenv==0.17.1
 python-jose==3.2.0
-pytz==2020.4
-rsa==4.6
+pytz==2021.1
+requests==2.25.1
+rsa==4.7.2
+SQLAlchemy==1.4.44
 sentry-sdk==1.20.0
 six==1.15.0
 urllib3==1.26.11
+git+https://github.com/bcgov/lear.git#egg=legal_api&subdirectory=legal-api
 git+https://github.com/bcgov/business-schemas.git#egg=registry_schemas

colin-api/requirements/dev.txt

@@ -6,7 +6,7 @@ pytest-mock
 pytest-cov
 requests
 pyhamcrest
-sqlalchemy
+sqlalchemy<=1.4.44
 
 # Lint and code style
 flake8
@@ -19,7 +19,7 @@ pep8-naming
 autopep8
 coverage
 pydocstyle<4.0
-pylint<=2.3.1
+pylint
 pylint-flask
 isort<5,>=4.2.5
-sqlalchemy
+sqlalchemy<=1.4.44

colin-api/src/colin_api/__init__.py

@@ -16,23 +16,21 @@
 This module is the API for the Legal Entity system.
 """
 import os
-
 import sentry_sdk  # noqa: I001; pylint: disable=ungrouped-imports; conflicts with Flake8
-from sentry_sdk.integrations.flask import FlaskIntegration  # noqa: I001
+
 from flask import Flask
-from flask_jwt_oidc import JwtManager
+from legal_api.services import flags
+from sentry_sdk.integrations.flask import FlaskIntegration  # noqa: I001
 
-from colin_api import config
-from colin_api.resources import API_BLUEPRINT, OPS_BLUEPRINT
+from colin_api import config, errorhandlers
+from colin_api.resources import API, API_BLUEPRINT, OPS_BLUEPRINT
+from colin_api.utils.auth import jwt
 from colin_api.utils.logging import setup_logging
 from colin_api.utils.run_version import get_run_version
 # noqa: I003; the sentry import creates a bad line count in isort
 
 setup_logging(os.path.join(os.path.abspath(os.path.dirname(__file__)), 'logging.conf'))  # important to do this first
 
-# lower case name as used by convention in most Flask apps
-jwt = JwtManager()  # pylint: disable=invalid-name
-
 
 def create_app(run_mode=os.getenv('FLASK_ENV', 'production')):
     """Return a configured Flask App using the Factory method."""
@@ -44,9 +42,12 @@ def create_app(run_mode=os.getenv('FLASK_ENV', 'production')):
             dsn=app.config.get('SENTRY_DSN'),
             integrations=[FlaskIntegration()]
         )
+
+    flags.init_app(app)
+    errorhandlers.init_app(API)
     app.register_blueprint(API_BLUEPRINT)
     app.register_blueprint(OPS_BLUEPRINT)
-    # setup_jwt_manager(app, jwt)
+    setup_jwt_manager(app, jwt)
 
     @app.after_request
     def add_version(response):  # pylint: disable=unused-variable