Merge pull request #7 from DGTDept/add_signoff_on_commit

Add signoff on commit
mosip · Jan 15, 2024 · 125e16c · 125e16c
2 parents 8478942 + 9b775a6
commit 125e16c
Show file tree

Hide file tree

Showing 315 changed files with 74,638 additions and 1 deletion.
diff --git a/.github/keys/mosipgpgkey_pub.gpg b/.github/keys/mosipgpgkey_pub.gpg
diff --git a/.github/keys/mosipgpgkey_sec.gpg b/.github/keys/mosipgpgkey_sec.gpg
diff --git a/.github/workflows/chart-lint-publish.yml b/.github/workflows/chart-lint-publish.yml
@@ -0,0 +1,62 @@
+name: Validate / Publish helm charts
+
+on:
+  release:
+    types: [published]
+  pull_request:
+    types: [opened, reopened, synchronize]
+    paths:
+      - 'charts/**'
+  workflow_dispatch:
+    inputs:
+      IGNORE_CHARTS:
+        description: 'Provide list of charts to be ignored separated by pipe(|)'
+        required: false
+        default: ''
+        type: string
+      CHART_PUBLISH:
+        description: 'Chart publishing to gh-pages branch'
+        required: false
+        default: 'NO'
+        type: string
+        options:
+          - YES
+          - NO
+      INCLUDE_ALL_CHARTS:
+        description: 'Include all charts for Linting/Publishing (YES/NO)'
+        required: false
+        default: 'NO'
+        type: string
+        options:
+          - YES
+          - NO
+  push:
+    branches:
+      - '!release-branch'
+      - master
+      - 1.*
+      - 0.*
+      - develop
+      - MOSIP*
+      - release*
+    paths:
+      - 'charts/**'
+
+jobs:
+  chart-lint-publish:
+    uses: mosip/kattu/.github/workflows/chart-lint-publish.yml@master
+    with:
+      CHARTS_DIR: ./helm
+      CHARTS_URL: https://mosip.github.io/mosip-helm
+      REPOSITORY: mosip-helm
+      BRANCH: gh-pages
+      INCLUDE_ALL_CHARTS: "${{ inputs.INCLUDE_ALL_CHARTS || 'NO' }}"
+      IGNORE_CHARTS: "${{ inputs.IGNORE_CHARTS ||'redis' }}"
+      CHART_PUBLISH: "${{ inputs.CHART_PUBLISH || 'YES' }}"
+      LINTING_CHART_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-schema.yaml"
+      LINTING_LINTCONF_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/lintconf.yaml"
+      LINTING_CHART_TESTING_CONFIG_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-testing-config.yaml"
+      LINTING_HEALTH_CHECK_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/health-check-schema.yaml"
+    secrets:
+      TOKEN: ${{ secrets.ACTION_PAT }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,42 @@
+# # For most projects, this workflow file will not need changing; you simply need
+# # to commit it to your repository.
+# #
+# # You may wish to alter this file to override the set of languages analyzed,
+# # or to provide custom queries or build logic.
+# #
+# # ******** NOTE ********
+# # We have attempted to detect the languages in your repository. Please check
+# # the `language` matrix defined below to confirm you have the correct set of
+# # supported CodeQL languages.
+# #
+# name: "CodeQL"
+
+# permissions:
+#   actions: read
+#   security-events: write
+#   contents: read
+
+# on:
+#   release:
+#     types: [published]
+#   pull_request:
+#     types: [opened]
+#   workflow_dispatch:
+#     inputs:
+#       message:
+#         description: 'Message for manually triggering'
+#         required: false
+#         default: 'Triggered for Updates'
+#         type: string
+#   push:
+#     branches:
+#       - '!release-branch'
+#       - master
+#       - 1.*
+#       - develop
+#       - MOSIP*
+#       - release*
+
+# jobs:
+#   analyze:
+#     uses: mosip/kattu/.github/workflows/codeql-analysis.yml@master
diff --git a/.github/workflows/push-trigger.yml b/.github/workflows/push-trigger.yml
@@ -0,0 +1,89 @@
+name: Maven Package upon a push
+
+on:
+  release:
+    types: [published]
+  pull_request:
+    types: [opened, synchronize, reopened]
+  workflow_dispatch:
+    inputs:
+      message:
+        description: 'Message for manually triggering'
+        required: false
+        default: 'Triggered for Updates'
+        type: string
+  push:
+    branches:
+      - '!release-branch'
+      - master
+      - 1.*
+      - develop
+      - MOSIP*
+      - release*
+      - feature*
+
+jobs:
+  build-maven-signup-service:
+    uses: mosip/kattu/.github/workflows/maven-build.yml@master
+    with:
+      SERVICE_LOCATION: 'signup-service'
+      BUILD_ARTIFACT: signup-service
+    secrets:
+      OSSRH_USER: ${{ secrets.OSSRH_USER }}
+      OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
+      OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+      GPG_SECRET: ${{ secrets.GPG_SECRET }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  sonar_analysis:
+    needs: build-maven-signup-service
+    uses: mosip/kattu/.github/workflows/maven-sonar-analysis.yml@master
+    with:
+      SERVICE_LOCATION: 'signup-service'
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      ORG_KEY: ${{ secrets.ORG_KEY }}
+      OSSRH_USER: ${{ secrets.OSSRH_USER }}
+      OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
+      OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+      GPG_SECRET: ${{ secrets.GPG_SECRET }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  build-dockers:
+    needs: build-maven-signup-service
+    strategy:
+      matrix:
+        include:
+          - SERVICE_LOCATION: 'signup-service'
+            SERVICE_NAME: 'signup-service'
+            BUILD_ARTIFACT: 'signup-service'
+      fail-fast: false
+    name: ${{ matrix.SERVICE_NAME }}
+    uses: mosip/kattu/.github/workflows/docker-build.yml@master
+    with:
+      SERVICE_LOCATION: ${{ matrix.SERVICE_LOCATION }}
+      SERVICE_NAME: ${{ matrix.SERVICE_NAME }}
+      BUILD_ARTIFACT: ${{ matrix.BUILD_ARTIFACT }}
+    secrets:
+      DEV_NAMESPACE_DOCKER_HUB: ${{ secrets.DEV_NAMESPACE_DOCKER_HUB }}
+      ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
+      RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  build-dockers-signup-ui:
+    strategy:
+      matrix:
+        include:
+          - SERVICE_LOCATION: 'signup-ui'
+            SERVICE_NAME: 'signup-ui'
+      fail-fast: false
+    name: ${{ matrix.SERVICE_NAME }}
+    uses: mosip/kattu/.github/workflows/docker-build.yml@master
+    with:
+      SERVICE_LOCATION: ${{ matrix.SERVICE_LOCATION }}
+      SERVICE_NAME: ${{ matrix.SERVICE_NAME }}
+    secrets:
+      DEV_NAMESPACE_DOCKER_HUB: ${{ secrets.DEV_NAMESPACE_DOCKER_HUB }}
+      ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
+      RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/.github/workflows/release-changes.yml b/.github/workflows/release-changes.yml
@@ -0,0 +1,29 @@
+name: Release/pre-release Preparation.
+
+on:
+  workflow_dispatch:
+    inputs:
+      MESSAGE:
+        description: 'Triggered for release or pe-release'
+        required: false
+        default: 'Release Preparation'
+      RELEASE_TAG:
+        description: 'tag to update'
+        required: true
+      SNAPSHOT_TAG:
+        description: 'tag to be replaced'
+        required: true
+      BASE:
+        description: 'base branch for PR'
+        required: true
+jobs:
+  maven-release-preparation:
+    uses: mosip/kattu/.github/workflows/release-changes.yml@master
+    with:
+      MESSAGE: ${{ inputs.MESSAGE }}
+      RELEASE_TAG: ${{ inputs.RELEASE_TAG }}
+      SNAPSHOT_TAG: ${{ inputs.SNAPSHOT_TAG }}
+      BASE: ${{ inputs.BASE }}
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+      ACTION_PAT: ${{ secrets.ACTION_PAT }}
diff --git a/.github/workflows/tag.yaml b/.github/workflows/tag.yaml
@@ -0,0 +1,35 @@
+name: Tagging of repos
+
+on:
+  workflow_dispatch:
+    inputs:
+      TAG:
+        description: 'Tag to be published'
+        required: true
+        type: string
+      BODY:
+        description: 'Release body message'
+        required: true
+        default: 'Changes in this Release'
+        type: string
+      PRE_RELEASE:
+        description: 'Pre-release? True/False'
+        required: true
+        default: False
+        type: string
+      DRAFT:
+        description: 'Draft? True/False'
+        required: false
+        default: False
+        type: string
+
+jobs:
+  tag-branch:
+    uses: mosip/kattu/.github/workflows/tag.yml@master
+    with:
+      TAG: ${{ inputs.TAG }}
+      BODY: ${{ inputs.BODY }}
+      PRE_RELEASE: ${{ inputs.PRE_RELEASE }}
+      DRAFT: ${{ inputs.DRAFT }}
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}      
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,38 @@
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+replay_pid*
+
+# other directories
+target/
+.idea/
+*.p12
+*.iml
+.settings/
+.setting/
+.mvn/
+.project/
+helm/*/Chart.lock
+helm/*/charts/
+signup-service/target
+.idea/
diff --git a/README.md b/README.md
@@ -1 +1,72 @@
-# esignet-signup
+# esignet-signup
+
+signup-service is part of the esignet modules, but has a separate Helm chart so as to install and manage it in a completely independent namespace.
+
+## Build & run (for developers)
+The project requires JDK 11.
+1. Build and install:
+    ```
+    $ mvn clean install -Dgpg.skip=true
+    ```
+1. Build Docker for a service:
+    ```
+    $ docker build -f Dockerfile
+    ```
+
+## Installing in k8s cluster using helm
+### Pre-requisites
+1. Set the kube config file of the Mosip cluster having dependent services is set correctly in PC.
+1. Make sure [DB setup](db_scripts/README.md#install-in-existing-mosip-k8-cluster) is done.
+1. Add / merge below mentioned properties files into existing config branch:
+    * [signup-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/esignet-default.properties)
+    * [application-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/application-default.properties)
+1. Below are the dependent services required for signup service integrated with MOSIP IDA:
+   | Chart | Chart version |
+   |---|---|
+   |[Keycloak](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/iam) | 7.1.18 |
+   |[Keycloak-init](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/iam) | 12.0.1-B3 |
+   |[Postgres](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/postgres) | 10.16.2 |
+   |[Postgres Init](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/postgres) | 12.0.1-B3 |
+   |[Minio](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/object-store) | 10.1.6 |
+   |[Kafka](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/kafka) | 0.4.2 |
+   |[Config-server](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/config-server) | 12.0.1-B3 |
+   |[Websub](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/websub) | 12.0.1-B2 |
+   |[Artifactory server](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/artifactory) | 12.0.1-B3 |
+   |[Keymanager service](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/keymanager) | 12.0.1-B2 |
+   |[Kernel services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/kernel) | 12.0.1-B2 |
+   |[Biosdk service](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/biosdk) | 12.0.1-B3 |
+   |[Idrepo services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/idrepo) | 12.0.1-B2 |
+   |[Pms services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/pms) | 12.0.1-B3 |
+   |[IDA services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/ida) | 12.0.1-B3 |
+
+### Install
+* Install `kubectl` and `helm` utilities.
+* Run `install-all.sh` to deploy signup services.
+  ```
+  cd helm
+  ./install-all.sh
+  ```
+* During the execution of the `install-all.sh` script, a prompt appears requesting information regarding the presence of a public domain and a valid SSL certificate on the server.
+* If the server lacks a public domain and a valid SSL certificate, it is advisable to select the `n` option. Opting it will enable the `init-container` with an `emptyDir` volume and include it in the deployment process.
+* The init-container will proceed to download the server's self-signed SSL certificate and mount it to the specified location within the container's Java keystore (i.e., `cacerts`) file.
+* This particular functionality caters to scenarios where the script needs to be employed on a server utilizing self-signed SSL certificates.
+
+### Delete
+* Run `delete-all.sh` to remove signup services.
+  ```
+  cd helm
+  ./delete-all.sh
+  ```
+
+### Restart
+* Run `restart-all.sh` to restart signup services.
+  ```
+  cd helm
+  ./restart-all.sh
+  ```
+
+## APIs
+API documentation is available [here](https://mosip.stoplight.io/docs/identity-provider/branches/main/6f1syzijynu40-identity-provider).
+
+## License
+This project is licensed under the terms of [Mozilla Public License 2.0](LICENSE).