chore: cleanup deployment docker-compose.yaml and env-sample.env. added 'DNPM' prefix for better integration into productive environment.

README.md

@@ -43,7 +43,7 @@ als Patienten-Pseudonym verwendet.
 Wurde die Verwendung von gPAS konfiguriert, so sind weitere Angaben zu konfigurieren.
 
 * `APP_PSEUDONYMIZE_GPAS_URI`: URI der gPAS-Instanz inklusive Endpoint (
-  z.B. `http://localhost:8080/ttp-fhir/fhir/gpas/$pseudonymizeAllowCreate`)
+  z.B. `http://localhost:8080/ttp-fhir/fhir/gpas/$$pseudonymizeAllowCreate`) 
 * `APP_PSEUDONYMIZE_GPAS_TARGET`: gPas Domänenname
 * `APP_PSEUDONYMIZE_GPAS_USERNAME`: gPas Basic-Auth Benutzername
 * `APP_PSEUDONYMIZE_GPAS_PASSWORD`: gPas Basic-Auth Passwort
@@ -124,7 +124,7 @@ Diese Anwendung ist auch als Docker-Image verfügbar: https://github.com/CCC-MF/
 ### Images lokal bauen 
 
 ```bash
-docker build . -t "imageName"
+./gradlew bootBuildImage
 ```
 
 ## Deployment

deploy/docker-compose.yaml

@@ -4,42 +4,52 @@ services:
   dnpm-etl-processor:
     image: ghcr.io/ccc-mf/etl-processor:latest
     environment:
-      SPRING_KAFKA_SECURITY_PROTOCOL: ${SPRING_KAFKA_SECURITY_PROTOCOL}
-      SPRING_KAFKA_SSL_TRUST-STORE-TYPE: ${SPRING_KAFKA_SSL_TRUST_STORE_TYPE}
-      SPRING_KAFKA_SSL_TRUST-STORE-LOCATION: ${SPRING_KAFKA_SSL_TRUST_STORE_LOCATION}
-      SPRING_KAFKA_SSL_TRUST-STORE-PASSWORD: ${SPRING_KAFKA_SSL_TRUST_STORE_PASSWORD}
-      SPRING_KAFKA_SSL_KEY-STORE-TYPE: ${SPRING_KAFKA_SSL_KEY_STORE_TYPE}
-      SPRING_KAFKA_SSL_KEY-STORE-LOCATION: ${KAFKA_KEY_STORE_LOCATION}
+      LOGGING_LEVEL_DEV: ${DNPM_LOG_LEVEL:-INFO}
+      SPRING_KAFKA_SECURITY_PROTOCOL: ${DNPM_KAFKA_SECURITY_PROTOCOL:-SSL}
+      SPRING_KAFKA_SSL_TRUST-STORE-TYPE: PKCS12
+      SPRING_KAFKA_SSL_TRUST-STORE-LOCATION: /opt/dnpm-processor/ssl/truststore.jks
+      SPRING_KAFKA_SSL_TRUST-STORE-PASSWORD: ${KAFKA_TRUST_STORE_PASSWORD}
+      SPRING_KAFKA_SSL_KEY-STORE-TYPE: PKCS12
+      SPRING_KAFKA_SSL_KEY-STORE-LOCATION: /opt/dnpm-processor/ssl/keystore.jks
       SPRING_KAFKA_SSL_KEY-STORE-PASSWORD: ${DNPM_PROCESSOR_KEY_STORE_PASSWORD}
-      SPRING_KAFKA_PRODUCER_COMPRESSION-TYPE: ${SPRING_KAFKA_PRODUCER_COMPRESSION_TYPE}
-      APP_KAFKA_TOPIC: ${APP_KAFKA_TOPIC}
-      APP_KAFKA_SERVERS: ${APP_KAFKA_SERVERS}
-      APP_KAFKA_GROUP_ID: ${APP_KAFKA_GROUP_ID}
-      APP_KAFKA_RESPONSE_TOPIC: ${APP_KAFKA_RESPONSE_TOPIC}
-      APP_REST_URI: ${APP_REST_URI}
-      SPRING_DATASOURCE_URL: ${SPRING_DATASOURCE_URL}
-      SPRING_DATASOURCE_PASSWORD: ${SPRING_DATASOURCE_PASSWORD}
-      SPRING_DATASOURCE_USERNAME: ${SPRING_DATASOURCE_USERNAME}
-      APP_PSEUDONYMIZE_GPAS_SSLCALOCATION: ${APP_PSEUDONYMIZE_GPAS_SSLCALOCATION}
-      APP_PSEUDONYMIZE_GPAS_PASSWORD: ${APP_PSEUDONYMIZE_GPAS_PASSWORD}
-      APP_PSEUDONYMIZE_GPAS_USERNAME: ${APP_PSEUDONYMIZE_GPAS_USERNAME}
-      APP_PSEUDONYMIZE_GPAS_TARGET: ${APP_PSEUDONYMIZE_GPAS_TARGET}
-      APP_PSEUDONYMIZE_GPAS_URI: ${APP_PSEUDONYMIZE_GPAS_URI}
-      APP_PSEUDONYMIZE_PREFIX: ${APP_PSEUDONYMIZE_PREFIX}
-      APP_PSEUDONYMIZE_GENERATOR: ${APP_PSEUDONYMIZE_GENERATOR}
+      SPRING_KAFKA_PRODUCER_COMPRESSION-TYPE: gzip
+      APP_KAFKA_TOPIC: ${DNPM_KAFKA_TOPIC}
+      APP_KAFKA_SERVERS: ${KAFKA_BROKERS}
+      APP_KAFKA_GROUP_ID: ${DNPM_KAFKA_GROUP_ID}
+      APP_KAFKA_RESPONSE_TOPIC: ${DNPM_KAFKA_RESPONSE_TOPIC}
+      APP_REST_URI: ${DNPM_BWHC_REST_URI}
+      SPRING_DATASOURCE_URL: ${DNPM_DATASOURCE_URL}
+      SPRING_DATASOURCE_PASSWORD: ${DNPM_MARIADB_USER_PW}
+      SPRING_DATASOURCE_USERNAME: ${DNPM_MARIADB_DB}
+      APP_PSEUDONYMIZE_GPAS_SSLCALOCATION: /workspace/opt/dnpm-processor/ssl/mosaic.crt
+      APP_PSEUDONYMIZE_GPAS_PASSWORD: ${DNPM_PSEUDONYMIZE_GPAS_PASSWORD}
+      APP_PSEUDONYMIZE_GPAS_USERNAME: ${DNPM_PSEUDONYMIZE_GPAS_USERNAME}
+      APP_PSEUDONYMIZE_GPAS_TARGET: ${DNPM_PSEUDONYMIZE_GPAS_TARGET}
+      APP_PSEUDONYMIZE_GPAS_URI: ${DNPM_PSEUDONYMIZE_GPAS_URI}
+      APP_PSEUDONYMIZE_PREFIX: ${DNPM_APP_PSEUDONYMIZE_PREFIX}
+      APP_PSEUDONYMIZER: ${DNPM_PSEUDONYMIZE_GENERATOR}
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      #- ${DNPM_TO_SSL_KEYSTORE_LOCATION}:/workspace/opt/dnpm-processor/ssl/keystore.jks:ro
+      #- ${KAFKA_TRUST_STORE_LOCATION}:/workspace/opt/dnpm-processor/ssl/truststore.jks:ro
+      #- ${DNPM_PSEUDONYMIZE_GPAS_SSLCALOCATION}:/workspace/opt/dnpm-processor/ssl/mosaic.crt
 
     depends_on:
-      - db
+      - dnpm-monitor-db
     ports:
-      - "${MONITORING_HTTP_PORT:-8080}:8080"
+      - "${DNPM_MONITORING_HTTP_PORT:-8080}:8080"
 
-  db:
+  # todo add volume
+  dnpm-monitor-db:
     image: mariadb:10
     environment:
-      MARIADB_DATABASE: ${MARIADB_DB}
-      MARIADB_USER: ${MARIADB_USER}
-      MARIADB_PASSWORD: ${MARIADB_USER_PW}
-      MARIADB_ROOT_PASSWORD: ${MARIADB_ROOT_PW}
-    ports:
-      - "3306:3306"
+      MARIADB_DATABASE: ${DNPM_MARIADB_DB}
+      MARIADB_USER: ${DNPM_MARIADB_USER}
+      MARIADB_PASSWORD: ${DNPM_MARIADB_USER_PW}
+      MARIADB_ROOT_PASSWORD: ${DNPM_MARIADB_ROOT_PW}
+    expose:
+      - "3306"
+
+
 

deploy/env-sample.env

@@ -1,50 +1,40 @@
 # monitoring access port
-MONITORING_HTTP_PORT=8088
+DNPM_MONITORING_HTTP_PORT=8088
+DNPM_LOG_LEVEL=INFO
 
 # GPAS or BUILDIN
-APP_PSEUDONYMIZE_GENERATOR=BUILDIN
-APP_PSEUDONYMIZE_PREFIX=
-APP_PSEUDONYMIZE_GPAS_URI=
-APP_PSEUDONYMIZE_GPAS_TARGET=
-APP_PSEUDONYMIZE_GPAS_USERNAME=
-APP_PSEUDONYMIZE_GPAS_PASSWORD=
+DNPM_PSEUDONYMIZE_GENERATOR=BUILDIN
+DNPM_APP_PSEUDONYMIZE_PREFIX=ANONYM
+DNPM_PSEUDONYMIZE_GPAS_URI=
+DNPM_PSEUDONYMIZE_GPAS_TARGET=
+DNPM_PSEUDONYMIZE_GPAS_USERNAME=
+DNPM_PSEUDONYMIZE_GPAS_PASSWORD=
 
 # path to ca root cert if needed
-APP_PSEUDONYMIZE_GPAS_SSLCALOCATION=
+DNPM_PSEUDONYMIZE_GPAS_SSLCALOCATION=
 
-MARIADB_DB=dnpm_monitoring
-MARIADB_USER=$MARIADB_DB
-MARIADB_USER_PW=MySuperSecurePassword111
-MARIADB_ROOT_PW=MySuperDuperSecurePassword111
+DNPM_MARIADB_DB=dnpm_monitoring
+DNPM_MARIADB_USER=$DNPM_MARIADB_DB
+DNPM_MARIADB_USER_PW=MySuperSecurePassword111
+DNPM_MARIADB_ROOT_PW=MySuperDuperSecurePassword111
 
 # monitoring data db
-SPRING_DATASOURCE_URL=jdbc:mariadb://db:3306/$MARIADB_DB
-SPRING_DATASOURCE_PASSWORD=$MARIADB_USER_PW
-SPRING_DATASOURCE_USERNAME=dnpm_monitoring
+DNPM_DATASOURCE_URL=jdbc:mariadb://dnpm-monitor-db:3306/$DNPM_MARIADB_DB
 
 ## TARGET SYSTEMS CONFIG
-# DIRECT BWHC
 # in case of direct access to bwhc enter endpoint url here
-APP_REST_URI=
+DNPM_BWHC_REST_URI=
 
-## Apache KAFKA if APP_KAFKA_SERVERS and APP_KAFKA_TOPIC have value 'false' kafka support is disabled
-# list of broker instances
-APP_KAFKA_SERVERS=false
-
-# produce mtb files to this topic
-APP_KAFKA_TOPIC=false
+# produce mtb files to this topic - values 'false' disabling kafka processing
+DNPM_KAFKA_TOPIC=false
+KAFKA_BROKERS=false
+DNPM_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
 
 # here we receive responses from bwhc
-APP_KAFKA_RESPONSE_TOPIC=dnpm-response
-APP_KAFKA_GROUP_ID=dnpm
+DNPM_KAFKA_RESPONSE_TOPIC=dnpm-response
+DNPM_KAFKA_GROUP_ID=dnpm
 
 # SSL or PLAINTEXT
-SPRING_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
-SPRING_KAFKA_SSL_TRUST_STORE_TYPE=PKCS12
-SPRING_KAFKA_SSL_TRUST_STORE_LOCATION=file://opt/kafka-certs/ca.p12
-SPRING_KAFKA_SSL_TRUST_STORE_PASSWORD=
-SPRING_KAFKA_SSL_KEY_STORE_TYPE=PKCS12
-SPRING_KAFKA_SSL_KEY_STORE_LOCATION=file://opt/kafka-certs/user.p12
 DNPM_PROCESSOR_KEY_STORE_PASSWORD=
-SPRING_KAFKA_PRODUCER_COMPRESSION_TYPE=gzip
-KAFKA_KEY_STORE_LOCATION=file://opt/kafka-certs/user.p12
+DNPM_TO_SSL_KEYSTORE_LOCATION=
+