o-code
/
emulator-smev.service
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial
continuous-integration/drone/push Build is failing Details

This commit is contained in:
Данияр Буракаев 2025-10-28 15:19:11 +03:00
commit a76a93bd0f
15 changed files with 1013 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

204
.drone.yml Normal file
View File

@ -0,0 +1,204 @@
kind: pipeline
name: default
type: docker
steps:
- name: restore-cache
image: drillster/drone-volume-cache
volumes:
- name: cache
path: /cache
settings:
restore: true
mount:
- /cache
- name: build
image: plugins/docker
environment:
DOCKER_BUILDKIT: 1
settings:
registry: nexus.essocode.ru:5001
repo: nexus.essocode.ru:5001/ess/emulator-smev
insecure: true
cache: true
tags:
- latest
- ${DRONE_SOURCE_BRANCH/\//-}
- ${DRONE_SOURCE_BRANCH/\//-}-${DRONE_COMMIT}
cache_from:
- nexus.essocode.ru:5001/ess/emulator-smev:master
- nexus.essocode.ru:5001/ess/emulator-smev:${DRONE_SOURCE_BRANCH/\//-}
dockerfile: ./build/Dockerfile
username:
from_secret: docker_login
password:
from_secret: docker_pass
config:
from_secret: dockerconfig
build_args:
from_secret: build_args_nexus
volumes:
- name: dockersock
path: /var/run/docker.sock
- name: cache
path: /cache
depends_on:
- restore-cache
- name: rebuild-cache
image: drillster/drone-volume-cache
volumes:
- name: cache
path: /cache
settings:
rebuild: true
mount:
- /cache
depends_on:
- build
- name: create-dev-config
image: alpine/helm:3.12.3
commands:
- helm template emulator-smev ./deploy/helm --namespace dev --values ./deploy/helm/ocode-dev-values.yaml --set image.tag=${DRONE_SOURCE_BRANCH/\//-}-${DRONE_COMMIT} > ./deploy/helm/k8s-emulator-smev.yaml
depends_on:
- rebuild-cache
when:
branch:
- develop
- name: deploy-dev
image: alpine/k8s:1.32.2
environment:
KUBECONFIG_CONTENT:
from_secret: kubeconfig
commands:
- export KUBE_TMP_DIR=$(mktemp -d)
- echo "$KUBECONFIG_CONTENT" > $KUBE_TMP_DIR/config
- chmod 600 $KUBE_TMP_DIR/config
- echo "File permissions:"
- ls -la $KUBE_TMP_DIR/
- echo "Kubectl version:"
- kubectl version --client
- cat ./deploy/helm/k8s-emulator-smev.yaml
- kubectl --kubeconfig=$KUBE_TMP_DIR/config apply -f ./deploy/helm/k8s-emulator-smev.yaml
depends_on:
- create-dev-config
when:
branch:
- develop
- name: create-rel-config
image: alpine/helm:3.12.3
commands:
- helm template emulator-smev ./deploy/helm --namespace dev --values ./deploy/helm/ocode-rel-ok-values.yaml --set image.tag=${DRONE_SOURCE_BRANCH/\//-}-${DRONE_COMMIT} > ./deploy/helm/k8s-emulator-smev.yaml
depends_on:
- rebuild-cache
when:
branch:
- rel
- name: deploy-rel
image: alpine/k8s:1.32.2
environment:
KUBECONFIG_CONTENT:
from_secret: kubeconfig
commands:
- export KUBE_TMP_DIR=$(mktemp -d)
- echo "$KUBECONFIG_CONTENT" > $KUBE_TMP_DIR/config
- chmod 600 $KUBE_TMP_DIR/config
- echo "File permissions:"
- ls -la $KUBE_TMP_DIR/
- echo "Kubectl version:"
- kubectl version --client
- cat ./deploy/helm/k8s-emulator-smev.yaml
- kubectl --kubeconfig=$KUBE_TMP_DIR/config apply -f ./deploy/helm/k8s-emulator-smev.yaml
depends_on:
- create-rel-config
when:
branch:
- rel
- name: notify-deploy-success
image: appleboy/drone-telegram
settings:
token:
from_secret: telegram_bot_token
to:
from_secret: telegram_chat_id
message: |
🚀 Деплой успешно отправлен!
Сборка #{{build.number}}
Репозиторий: {{repo.name}}
Ветка: {{commit.branch}}
Подробнее: [Ссылка на сборку]({{build.link}})
when:
status: [ success ]
depends_on:
- deploy-dev
- deploy-rel
- name: notify-deploy-failure
image: appleboy/drone-telegram
settings:
token:
from_secret: telegram_bot_token
to:
from_secret: telegram_chat_id
message: |
❌ Деплой не отправлен!
Сборка #{{build.number}}
Репозиторий: {{repo.name}}
Ветка: {{commit.branch}}
Подробнее: [Ссылка на сборку]({{build.link}})
when:
status: [ failure ]
depends_on:
- deploy-dev
- deploy-rel
- name: notify-build-status
image: appleboy/drone-telegram
settings:
token:
from_secret: telegram_bot_token
to:
from_secret: telegram_chat_id
message: |
{{#eq build.status "success"}}📣 Сборка #{{build.number}} завершилась со статусом: {{build.status}}!{{/eq}}
{{#eq build.status "failure"}}🧱 Сборка #{{build.number}} завершилась со статусом: {{build.status}}!{{/eq}}
Репозиторий: {{repo.name}}
Ветка: {{commit.branch}}
Автор: {{commit.author}}
Сообщение: {{commit.message}}
Подробнее: [Ссылка на сборку]({{build.link}})
when:
status: [ success, failure ]
depends_on:
- notify-deploy-success
- notify-deploy-failure
image_pull_secrets:
- dockerconfig
node:
node: 149.154.64.5
trigger:
event:
include:
- push
- tag
- pull_request
- rollback
volumes:
- name: out
temp: {}
- name: dockersock
host:
path: /var/run/docker.sock
- name: cache
host:
path: /tmp/.buildx-cache

32
.gitignore vendored Normal file
View File

@ -0,0 +1,32 @@
target/
!.mvn/wrapper/maven-wrapper.jar
!**/src/main/**/target/
!**/src/test/**/target/
### IntelliJ IDEA ###
.idea/
### Eclipse ###
.apt_generated
.classpath
.factorypath
.project
.settings
.springBeans
.sts4-cache
### NetBeans ###
/nbproject/private/
/nbbuild/
/dist/
/nbdist/
/.nb-gradle/
build/
!**/src/main/**/build/
!**/src/test/**/build/
### VS Code ###
.vscode/
### Mac OS ###
.DS_Store

48
README.md Normal file
View File

@ -0,0 +1,48 @@
# Адаптер СМЭВ (эмулятор)
Эмулятор СМЭВ для тестовых сред и разработки.
**Требования**
- Простота локального развёртывания (для разработчиков).
- Использование в автоматическом интеграционном тестировании.
- Использование в ручном тестировании, через ПВВ (реальный или эмулятор).
- Использование в нагрузочном тестировании ПВВ, ПЭП или их эмуляторов.
**Сценарии использования**
TODO
1. Загрузка образцовых данных из Архива реального ПВВ.
2. Инициализация массового обмена.
3. Мониторинг
# Локальная настройка emulator-smev
TODO: разработать один или несколько сценариев для запуска и отладки приложений.
# Продакшн-настройка emulator-smev
Не рекомендуется включать в окружении, где уже присутствует реальный ПВВ (rel, Песок, Стенд, ПАК и прочие).
В остальном требуется совместимость emulator-smev и ПВВ (настоящего или эмулятора). Если используется настоящий ПВВ, то необходимо
зарегистрировать эмулятор как отдельный клиент (команда РПД) и разрешить обмен между необходимыми компонентами (команда ПВВ).
# Авторизация
TODO: авторизация клиента emulator-smev в РПД или кейклоак.
# База дынных
PostgreSQL.
TODO: Создание базы данных:
Создайте базу данных для микросервиса с именем указанным в values хелмов, например pvv_fk_adapter_db.
# Требования
- Java 11 Bellsoft Liberica Full
- Maven
- Postgres 16
- Доступ к системе ПВВ (эмулятора или реальной)

52
compose/docker-compose.yml Normal file
View File

@ -0,0 +1,52 @@
# TODO: keycloak
# TODO: kafka & zookeeper
version: "3.8"
services:
app:
container_name: emulator-smev
image: emulator-smev:latest
environment:
APPLICATION_NAME: smev-emulator
APPLICATION_VERSION: 2.11
SERVER_PORT: 8059
SPRING_DATASOURCE_URL: jdbc:postgresql://localhost:5432/test_emulator_smev
SPRING_DATASOURCE_USERNAME: postgres
SPRING_DATASOURCE_PASSWORD: postgres
SWAGGER_URL: https://smev-emulator.dev.essocode.ru
AUDIT_URL: http://log-service.dev.svc.cluster.local:8055/api/v1/audit/external
WHITE_LIST: /**
ACTUATOR_ENDPOINTS: '*'
LOG_SERVICE_BASE_URI: http://log-service.dev.svc.cluster.local:8055
volumes:
- /var/log/pep:/var/log/pep
build:
context: ../
dockerfile: build/Dockerfile
ports:
- 8080:8059
depends_on:
postgres-test:
condition: service_healthy
# entrypoint: ['java', '-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005', "-Dspring.profiles.active=local", '-jar', 'synapi-0.0.1-SNAPSHOT.jar']
postgres-test:
container_name: postgres-test
image: postgres:14
environment:
# POSTGRES_USER: root
POSTGRES_USER: postgres
# POSTGRES_PASSWORD: root
POSTGRES_PASSWORD: postgres
POSTGRES_DB: test_emulator_smev
volumes:
- ./pgdata:/var/lib/emulator/data
healthcheck:
test: "exit 0"
interval: 10s
timeout: 3s
retries: 5
ports:
- "5432:5432"

23
deploy/helm/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

5
deploy/helm/Chart.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: v2
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: emulator-smev
version: 0.1.0

112
deploy/helm/ocode-dev-values.yaml Normal file
View File

@ -0,0 +1,112 @@
namespace: dev
image:
repository: nexus.essocode.ru/ess/emulator-smev
tag: "{{.tag}}"
libericaImage:
repository: nexus.essocode.ru/bellsoft/liberica-openjdk-debian
tag: "11"
pullPolicy: Always
service:
type: ClusterIP
port: 8059
targetPort: 8059
portJMX: 9010
targetPortJMX: 9010
replicaCount: 1
ingress:
enabled: true
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/issue-temporary-certificate: "true"
acme.cert-manager.io/http01-edit-in-place: "true"
ingress.kubernetes.io/ssl-redirect: "true"
tlsEnabled: true # New parameter to control TLS
hosts:
- host: smev-emulator.dev.essocode.ru
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: emulator-dev-tls
hosts:
- smev-emulator.dev.essocode.ru
secret:
enabled: true
name: dev-smev-emulator-back-cred
data:
# smev-emulator
APPLICATION_NAME: c21ldi1lbXVsYXRvcg==
# 2.11
APPLICATION_VERSION: Mi4xMQ==
# 8059
SERVER_PORT: ODA1OQ==
# jdbc:postgresql://217.79.22.46:5432/dev_emul_smev
SPRING_DATASOURCE_URL: amRiYzpwb3N0Z3Jlc3FsOi8vMjE3Ljc5LjIyLjQ2OjU0MzIvZGV2X2VtdWxfc21ldg==
# root
SPRING_DATASOURCE_USERNAME: cm9vdA==
# root
SPRING_DATASOURCE_PASSWORD: cm9vdA==
# https://smev-emulator.dev.essocode.ru
SWAGGER_URL: aHR0cHM6Ly9zbWV2LWVtdWxhdG9yLmRldi5lc3NvY29kZS5ydQ==
# http://log-service.dev.svc.cluster.local:8055/api/v1/audit/external
AUDIT_URL: aHR0cDovL2xvZy1zZXJ2aWNlLmRldi5zdmMuY2x1c3Rlci5sb2NhbDo4MDU1L2FwaS92MS9hdWRpdC9leHRlcm5hbA==
# /v3/api-docs/**,/configuration/ui,/swagger-resources/**,/configuration/security,/swagger-ui.html,/swagger-ui/**,/v3/api-docs.yaml,/webjars/**,/.well-known/acme-challenge/**,/ws/**,/user/**,/favicon.ico,/api/v1/certificate-data/archive,/api/v1/trusted_certificate/archive,/api/v1/revoked_certificate,/api/v1/revoked_certificate/archive,/api/v1/revoked_certificate/{id:\d+},/api/v1/revoked_certificate/content/{id:\d+},/api/v1/verify/sign,/api/v1/certificate-data/xml,/api/v1/ca-ref-book,/api/v1/ca-ref-book/{id:\d+},/api/v1/ca-certificate/archive,/api/v1/ca-certificate/archive,/api/v1/trusted-certificate/archive,/api/v1/crl,/api/v1/crl/{id:\d+},/api/v1/crl/archive,/api/v1/user-certificate/,/api/v1/user-certificate/me,/api/v1/audit/,/api/v1/order-fk/{id:\d+}/cert/save,/api/v1/order-fk/{id:\d+}/cert/reset-status-issue,/api/v1/archive/**,/api/v1/change-mode/**,/api/v1/health,/actuator,/actuator/health,/actuator/info,/actuator/env,/actuator/beans,/actuator/metrics,/actuator/loggers,/actuator/mappings,/api/v1/notifications/send,/api/v1/order-fk/ucfk-response/**
WHITE_LIST: L3YzL2FwaS1kb2NzLyoqLC9jb25maWd1cmF0aW9uL3VpLC9zd2FnZ2VyLXJlc291cmNlcy8qKiwvY29uZmlndXJhdGlvbi9zZWN1cml0eSwvc3dhZ2dlci11aS5odG1sLC9zd2FnZ2VyLXVpLyoqLC92My9hcGktZG9jcy55YW1sLC93ZWJqYXJzLyoqLC8ud2VsbC1rbm93bi9hY21lLWNoYWxsZW5nZS8qKiwvd3MvKiosL3VzZXIvKiosL2Zhdmljb24uaWNvLC9hcGkvdjEvY2VydGlmaWNhdGUtZGF0YS9hcmNoaXZlLC9hcGkvdjEvdHJ1c3RlZF9jZXJ0aWZpY2F0ZS9hcmNoaXZlLC9hcGkvdjEvcmV2b2tlZF9jZXJ0aWZpY2F0ZSwvYXBpL3YxL3Jldm9rZWRfY2VydGlmaWNhdGUvYXJjaGl2ZSwvYXBpL3YxL3Jldm9rZWRfY2VydGlmaWNhdGUve2lkOlxkK30sL2FwaS92MS9yZXZva2VkX2NlcnRpZmljYXRlL2NvbnRlbnQve2lkOlxkK30sL2FwaS92MS92ZXJpZnkvc2lnbiwvYXBpL3YxL2NlcnRpZmljYXRlLWRhdGEveG1sLC9hcGkvdjEvY2EtcmVmLWJvb2ssL2FwaS92MS9jYS1yZWYtYm9vay97aWQ6XGQrfSwvYXBpL3YxL2NhLWNlcnRpZmljYXRlL2FyY2hpdmUsL2FwaS92MS9jYS1jZXJ0aWZpY2F0ZS9hcmNoaXZlLC9hcGkvdjEvdHJ1c3RlZC1jZXJ0aWZpY2F0ZS9hcmNoaXZlLC9hcGkvdjEvY3JsLC9hcGkvdjEvY3JsL3tpZDpcZCt9LC9hcGkvdjEvY3JsL2FyY2hpdmUsL2FwaS92MS91c2VyLWNlcnRpZmljYXRlLywvYXBpL3YxL3VzZXItY2VydGlmaWNhdGUvbWUsL2FwaS92MS9hdWRpdC8sL2FwaS92MS9vcmRlci1may97aWQ6XGQrfS9jZXJ0L3NhdmUsL2FwaS92MS9vcmRlci1may97aWQ6XGQrfS9jZXJ0L3Jlc2V0LXN0YXR1cy1pc3N1ZSwvYXBpL3YxL2FyY2hpdmUvKiosL2FwaS92MS9jaGFuZ2UtbW9kZS8qKiwvYXBpL3YxL2hlYWx0aCwvYWN0dWF0b3IsL2FjdHVhdG9yL2hlYWx0aCwvYWN0dWF0b3IvaW5mbywvYWN0dWF0b3IvZW52LC9hY3R1YXRvci9iZWFucywvYWN0dWF0b3IvbWV0cmljcywvYWN0dWF0b3IvbG9nZ2VycywvYWN0dWF0b3IvbWFwcGluZ3MsL2FwaS92MS9ub3RpZmljYXRpb25zL3NlbmQsL2FwaS92MS9vcmRlci1may91Y2ZrLXJlc3BvbnNlLyoqLC9hcGkvdjEvZmlsZS1zdG9yYWdlLyoq
# *
ACTUATOR_ENDPOINTS: Kg==
# http://log-service.dev.svc.cluster.local:8055
LOG_SERVICE_BASE_URI: aHR0cDovL2xvZy1zZXJ2aWNlLmRldi5zdmMuY2x1c3Rlci5sb2NhbDo4MDU1
jvmOptions:
xms: 1G
xmx: 1536m
gc: "-XX:+UseG1GC"
minHeapFreeRatio: 10
maxHeapFreeRatio: 30
portJMX: 9010
authenticateJMX: false
sslJMX: false
hostnameJMX: localhost
localOnlyJMX: false
timezone: UTC
encoding: UTF-8
logFilePath: /var/log/pep
logFileName: emulator-smev.log
deployment:
container:
requests:
cpu: 250m
memory: 1Gi
limits:
cpu: 600m
memory: 2Gi
jarFile: emulator-smev-0.0.1-SNAPSHOT.jar
env:
APPLICATION_NAME: APPLICATION_NAME
APPLICATION_VERSION: APPLICATION_VERSION
SERVER_PORT: SERVER_PORT
SPRING_DATASOURCE_URL: SPRING_DATASOURCE_URL
SPRING_DATASOURCE_USERNAME: SPRING_DATASOURCE_USERNAME
SPRING_DATASOURCE_PASSWORD: SPRING_DATASOURCE_PASSWORD
SWAGGER_URL: SWAGGER_URL
AUDIT_URL: AUDIT_URL
WHITE_LIST: WHITE_LIST
ACTUATOR_ENDPOINTS: ACTUATOR_ENDPOINTS
LOG_SERVICE_BASE_URI: LOG_SERVICE_BASE_URI
appName: smev-emulator
imagePullSecrets:
- registrypullsecret
resources: {}

213
deploy/helm/templates/deployment.yaml Normal file
View File

@ -0,0 +1,213 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.appName }}-deployment
namespace: {{ .Values.namespace }}
labels:
app: {{ .Values.appName }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ .Values.appName }}
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
minReadySeconds: 60
template:
metadata:
labels:
app: {{ .Values.appName }}
spec:
{{- if .Values.hostAliases }}
hostAliases:
{{- range .Values.hostAliases }}
- ip: "{{ .ip }}"
hostnames:
{{- range .hostnames }}
- "{{ . }}"
{{- end }}
{{- end }}
{{- end }}
terminationGracePeriodSeconds: 30
containers:
- name: {{ .Values.appName }}-dev
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
resources:
limits:
cpu: {{ .Values.deployment.container.limits.cpu }}
memory: {{ .Values.deployment.container.limits.memory }}
requests:
cpu: {{ .Values.deployment.container.requests.cpu }}
memory: {{ .Values.deployment.container.requests.memory }}
command:
- java
- "-Xms{{ .Values.jvmOptions.xms }}"
- "-Xmx{{ .Values.jvmOptions.xmx }}"
- "{{ .Values.jvmOptions.gc }}"
- "-Duser.timezone={{ .Values.jvmOptions.timezone }}"
- "-Dfile.encoding={{ .Values.jvmOptions.encoding }}"
- "-Dcom.sun.management.jmxremote"
- "-Dcom.sun.management.jmxremote.port={{ .Values.jvmOptions.portJMX }}"
- "-Dcom.sun.management.jmxremote.authenticate={{ .Values.jvmOptions.authenticateJMX }}"
- "-Dcom.sun.management.jmxremote.ssl={{ .Values.jvmOptions.sslJMX }}"
- "-Djava.rmi.server.hostname={{ .Values.jvmOptions.hostnameJMX }}"
- "-Dcom.sun.management.jmxremote.local.only={{ .Values.jvmOptions.localOnlyJMX }}"
- "-DLOGGING_FILE_PATH={{ .Values.jvmOptions.logFilePath }}"
- "-DLOGGING_FILE_NAME={{ .Values.jvmOptions.logFileName }}"
- "-XX:MinHeapFreeRatio={{ .Values.jvmOptions.minHeapFreeRatio }}"
- "-XX:MaxHeapFreeRatio={{ .Values.jvmOptions.maxHeapFreeRatio }}"
- -jar
- "{{ .Values.jarFile }}"
volumeMounts:
- name: emulator-smev-logs
mountPath: {{ .Values.jvmOptions.logFilePath }}
ports:
- containerPort: {{ .Values.service.port }}
- containerPort: {{ .Values.service.portJMX }}
env:
{{- if .Values.secret.data.APPLICATION_NAME }}
- name: APPLICATION_NAME
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.APPLICATION_NAME }}
{{- end }}
{{- if .Values.secret.data.APPLICATION_VERSION }}
- name: APPLICATION_VERSION
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.APPLICATION_VERSION }}
{{- end }}
{{- if .Values.secret.data.SERVER_PORT }}
- name: SERVER_PORT
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.SERVER_PORT }}
{{- end }}
{{- if .Values.secret.data.SPRING_DATASOURCE_URL }}
- name: SPRING_DATASOURCE_URL
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.SPRING_DATASOURCE_URL }}
{{- end }}
{{- if .Values.secret.data.SPRING_DATASOURCE_USERNAME }}
- name: SPRING_DATASOURCE_USERNAME
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.SPRING_DATASOURCE_USERNAME }}
{{- end }}
{{- if .Values.secret.data.SPRING_DATASOURCE_PASSWORD }}
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.SPRING_DATASOURCE_PASSWORD }}
{{- end }}
{{- if .Values.secret.data.SWAGGER_URL }}
- name: SWAGGER_URL
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.SWAGGER_URL }}
{{- end }}
{{- if .Values.secret.data.AUDIT_URL }}
- name: AUDIT_URL
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.AUDIT_URL }}
{{- end }}
{{- if .Values.secret.data.WHITE_LIST }}
- name: WHITE_LIST
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.WHITE_LIST }}
{{- end }}
{{- if .Values.secret.data.ACTUATOR_ENDPOINTS }}
- name: ACTUATOR_ENDPOINTS
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ACTUATOR_ENDPOINTS }}
{{- end }}
{{- if .Values.secret.data.LOG_SERVICE_BASE_URI }}
- name: LOG_SERVICE_BASE_URI
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.LOG_SERVICE_BASE_URI }}
{{- end }}
{{- if .Values.secret.data.ASYNC_REST_EXECUTOR_TARGET_CPU_UTILIZATION }}
- name: ASYNC_REST_EXECUTOR_TARGET_CPU_UTILIZATION
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ASYNC_REST_EXECUTOR_TARGET_CPU_UTILIZATION }}
{{- end }}
{{- if .Values.secret.data.ASYNC_REST_EXECUTOR_IO_TIME_MS }}
- name: ASYNC_REST_EXECUTOR_IO_TIME_MS
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ASYNC_REST_EXECUTOR_IO_TIME_MS }}
{{- end }}
{{- if .Values.secret.data.ASYNC_REST_EXECUTOR_CPU_TIME_MS }}
- name: ASYNC_REST_EXECUTOR_CPU_TIME_MS
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ASYNC_REST_EXECUTOR_CPU_TIME_MS }}
{{- end }}
{{- if .Values.secret.data.ASYNC_REST_QUEUE_CAPACITY }}
- name: ASYNC_REST_QUEUE_CAPACITY
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ASYNC_REST_QUEUE_CAPACITY }}
{{- end }}
{{- if .Values.secret.data.ASYNC_WS_EXECUTOR_TARGET_CPU_UTILIZATION }}
- name: ASYNC_WS_EXECUTOR_TARGET_CPU_UTILIZATION
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ASYNC_WS_EXECUTOR_TARGET_CPU_UTILIZATION }}
{{- end }}
{{- if .Values.secret.data.ASYNC_WS_EXECUTOR_IO_TIME_MS }}
- name: ASYNC_WS_EXECUTOR_IO_TIME_MS
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ASYNC_WS_EXECUTOR_IO_TIME_MS }}
{{- end }}
{{- if .Values.secret.data.ASYNC_WS_EXECUTOR_CPU_TIME_MS }}
- name: ASYNC_WS_EXECUTOR_CPU_TIME_MS
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ASYNC_WS_EXECUTOR_CPU_TIME_MS }}
{{- end }}
{{- if .Values.secret.data.ASYNC_WS_QUEUE_CAPACITY }}
- name: ASYNC_WS_QUEUE_CAPACITY
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.env.ASYNC_WS_QUEUE_CAPACITY }}
{{- end }}
volumes:
- name: emulator-smev-logs
hostPath:
path: {{ .Values.jvmOptions.logFilePath }}
type: DirectoryOrCreate
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}

35
deploy/helm/templates/ingress.yaml Normal file
View File

@ -0,0 +1,35 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Values.appName }}-ingress
namespace: {{ .Values.namespace }}
annotations:
{{- toYaml .Values.ingress.annotations | nindent 4 }}
spec:
ingressClassName: nginx
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: emulator-smev-service
port:
number: {{ $.Values.service.port }}
{{- end }}
{{- end }}
{{- if .Values.ingress.tlsEnabled }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}

26
deploy/helm/templates/secret.yaml Normal file
View File

@ -0,0 +1,26 @@
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ .Values.secret.name }}
namespace: {{ .Values.namespace }}
data:
APPLICATION_NAME: {{ .Values.secret.data.APPLICATION_NAME }}
APPLICATION_VERSION: {{ .Values.secret.data.APPLICATION_VERSION }}
SERVER_PORT: {{ .Values.secret.data.SERVER_PORT }}
SPRING_DATASOURCE_URL: {{ .Values.secret.data.SPRING_DATASOURCE_URL }}
SPRING_DATASOURCE_USERNAME: {{ .Values.secret.data.SPRING_DATASOURCE_USERNAME }}
SPRING_DATASOURCE_PASSWORD: {{ .Values.secret.data.SPRING_DATASOURCE_PASSWORD }}
SWAGGER_URL: {{ .Values.secret.data.SWAGGER_URL }}
AUDIT_URL: {{ .Values.secret.data.AUDIT_URL }}
WHITE_LIST: {{ .Values.secret.data.WHITE_LIST }}
ACTUATOR_ENDPOINTS: {{ .Values.secret.data.ACTUATOR_ENDPOINTS }}
LOG_SERVICE_BASE_URI: {{ .Values.secret.data.LOG_SERVICE_BASE_URI }}
ASYNC_REST_EXECUTOR_TARGET_CPU_UTILIZATION: {{ .Values.secret.data.ASYNC_REST_EXECUTOR_TARGET_CPU_UTILIZATION }}
ASYNC_REST_EXECUTOR_IO_TIME_MS: {{ .Values.secret.data.ASYNC_REST_EXECUTOR_IO_TIME_MS }}
ASYNC_REST_EXECUTOR_CPU_TIME_MS: {{ .Values.secret.data.ASYNC_REST_EXECUTOR_CPU_TIME_MS }}
ASYNC_REST_QUEUE_CAPACITY: {{ .Values.secret.data.ASYNC_REST_QUEUE_CAPACITY }}
ASYNC_WS_EXECUTOR_TARGET_CPU_UTILIZATION: {{ .Values.secret.data.ASYNC_WS_EXECUTOR_TARGET_CPU_UTILIZATION }}
ASYNC_WS_EXECUTOR_IO_TIME_MS: {{ .Values.secret.data.ASYNC_WS_EXECUTOR_IO_TIME_MS }}
ASYNC_WS_EXECUTOR_CPU_TIME_MS: {{ .Values.secret.data.ASYNC_WS_EXECUTOR_CPU_TIME_MS }}
ASYNC_WS_QUEUE_CAPACITY: {{ .Values.secret.data.ASYNC_WS_QUEUE_CAPACITY }}

16
deploy/helm/templates/service.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.appName }}-service
namespace: {{ .Values.namespace }}
spec:
selector:
app: {{ .Values.appName }}
ports:
- name: http
port: {{ .Values.service.port }}
targetPort: {{ .Values.service.targetPort }}
- name: tcp
port: {{ .Values.service.portJMX }}
targetPort: {{ .Values.service.targetPortJMX }}

72
pom.xml Normal file
View File

@ -0,0 +1,72 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>su.opencode.digsigcik</groupId>
<artifactId>emulator-smev</artifactId>
<version>1.0-SNAPSHOT</version>
<name>Smev Emulator</name>
<packaging>jar</packaging>
<description>Эмулятор СМЭВ для тестовых сред и разработки</description>
<properties>
<java.version>11</java.version>
<maven.compiler.source>11</maven.compiler.source>
<maven.compiler.target>11</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<jackson-version>2.18.1</jackson-version>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.18</version>
<relativePath/>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<mainClass>su.opencode.digsigcik.emulator.smev.SmevEmulatorApplication</mainClass>
<!-- <excludes>-->
<!-- <exclude>-->
<!-- <groupId>org.projectlombok</groupId>-->
<!-- <artifactId>lombok</artifactId>-->
<!-- </exclude>-->
<!-- </excludes>-->
</configuration>
</plugin>
</plugins>
</build>
</project>

12
src/main/java/su/opencode/digsigcik/emulator/smev/SmevEmulatorApplication.java Normal file
View File

@ -0,0 +1,12 @@
package su.opencode.digsigcik.emulator.smev;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class SmevEmulatorApplication {
public static void main(String[] args) {
SpringApplication.run(SmevEmulatorApplication.class, args);
}
}

30
src/main/java/su/opencode/digsigcik/emulator/smev/config/RegularSchedulerConfig.java Normal file
View File

@ -0,0 +1,30 @@
package su.opencode.digsigcik.emulator.smev.config;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.scheduling.annotation.Scheduled;
import java.util.concurrent.TimeUnit;
@Configuration
@EnableScheduling
public class RegularSchedulerConfig {
@Bean
public SmevEmulatorJobs smevEmulatorJobs() {
return new SmevEmulatorJobs();
}
@Slf4j
@RequiredArgsConstructor
public static class SmevEmulatorJobs {
@Scheduled(fixedDelay = 1L, timeUnit = TimeUnit.MINUTES)
public void manageAllSubscribedMessages() {
log.debug("Checking inbox messages...");
}
}
}

133
src/main/resources/application.yml Normal file
View File

@ -0,0 +1,133 @@
server:
port: ${SERVER_PORT:8059}
app:
version: ${APPLICATION_VERSION:2.11}
logging:
file:
name: ${LOGGING_FILE_NAME:emulator-smev.log}
path: ${LOGGING_FILE_PATH:log/emulator-smev}
level:
su.opencode.digsigcik.emulator.smev: DEBUG
org.springframework.web: DEBUG
org.springframework.web.client: WARN
org.springframework.web.servlet.mvc.method.annotation: WARN
su.opencode.digsigcik.specification: DEBUG # pagination
spring:
application:
name: ${APPLICATION_NAME:emulator-smev}
datasource:
driver-class-name: org.postgresql.Driver
url: ${SPRING_DATASOURCE_URL:jdbc:postgresql://localhost:5432/smev-emulator}
username: ${SPRING_DATASOURCE_USERNAME:postgres}
password: ${SPRING_DATASOURCE_PASSWORD:postgres}
batch.jdbc.initialize-schema: ALWAYS
jpa:
hibernate:
ddl-auto: none
database: postgresql
database-platform: org.hibernate.dialect.PostgreSQLDialect
show-sql: false
properties:
hibernate:
default_schema: se
format_sql: true
liquibase:
enabled: true
user: ${SPRING_DATASOURCE_USERNAME:postgres}
password: ${SPRING_DATASOURCE_PASSWORD:postgres}
database-change-log-table: 'db_changeset_log'
database-change-log-lock-table: 'db_changeset_lock'
change-log: 'classpath:/db/changelog/changelog.xml'
security:
oauth2:
client:
provider:
rpd:
authorization-uri: ${RPD_AUTHORIZATION_URI:https://sso.dev.essocode.ru/auth/realms/pep/protocol/openid-connect/auth}
resourceserver:
jwt:
issuer-uri: ${OAUTH2_ISSUER_URL:https://sso.dev.essocode.ru/auth/realms/pep}
web:
cors:
allow-origin: "*"
allow-methods: OPTIONS, HEAD, POST, PUT, GET, DELETE, PATCH
allow-headers: "*"
max-age: 5
security:
resource-access: ${RESOURCE_ACCESS:sep}
lifespan-cache: ${RPD_LIFESPAN_CACHE:1440}
refresh-time-cache: ${RPD_REFRESH_TIME_CACHE:1350}
connection-timeout: ${RPD_CONNECTION_TIMEOUT:10000}
read-timeout: ${RPD_READ_TIMEOUT:10000}
white-list-all-methods: ${WHITE_LIST:/**}
trust-all: ${DISABLE_TLS_CHECK:true}
---
# hotfix for running swagger in spring boot 2
spring:
mvc:
pathmatch:
matching-strategy: ant_path_matcher
servlet:
multipart:
max-file-size: 50MB
max-request-size: 50MB
features:
always-reply: false
xml-validation: true
springdoc:
api-docs:
# It should be off for PROD
enabled: true
server:
url: ${SWAGGER_URL:http://localhost:${server.port}}
token-uri: ${RPD_SWAGGER_TOKEN_URI:https://sso.rpd.zk.test.st/realms/test/protocol/openid-connect/token}
show-actuator: true
audit:
# url: ${AUDIT_URL:https://log.dev.essocode.ru/api/v1/audit/external}
url: ${AUDIT_URL:http://localhost:8055/api/v1/audit/external}
default-user: 'EMULATOR SMEV'
pvv:
ignore-exceptions: ${PVV_IGNORE_EXCEPTIONS:true}
use-gost: ${PVV_USE_GOST:true}
ping-tsl: ${PVV_ADAPTER_TSL_PING_URI:https://pvv-adapter-zk.dev.essocode.ru/api/v1/tsl}
fk-send-certificate-request-uri: ${FK_SEND_REQUEST_CERTIFICATE_URI:http://localhost:8042/api/v1/order-fk}
fk-send-certificate-reissue-step1-uri: ${FK_SEND_REISSUE_CERTIFICATE_STEP1_URI:http://localhost:8042/api/v1/order-fk/reissue/step-1}
fk-send-certificate-reissue-step2-uri: ${FK_SEND_REISSUE_CERTIFICATE_STEP2_URI:http://localhost:8042/api/v1/order-fk/reissue/step-2}
fk-send-certificate-revocation-uri: ${FK_SEND_REVOCATION_CERTIFICATE_URI:http://localhost:8042/api/v1/order-fk/revoke}
#actuator
management:
endpoint:
health:
show-details: always
endpoints:
web:
exposure:
include: ${ACTUATOR_ENDPOINTS:*}
async:
enabled-executors: true
executors:
taskExecutorWS:
target-cpu-utilization: ${ASYNC_WS_EXECUTOR_TARGET_CPU_UTILIZATION:0.7}
io-time-ms: ${ASYNC_WS_EXECUTOR_IO_TIME_MS:50}
cpu-time-ms: ${ASYNC_WS_EXECUTOR_CPU_TIME_MS:5}
queue-capacity: ${ASYNC_WS_QUEUE_CAPACITY:1000}
taskExecutorRest:
target-cpu-utilization: ${ASYNC_REST_EXECUTOR_TARGET_CPU_UTILIZATION:0.4}
io-time-ms: ${ASYNC_REST_EXECUTOR_IO_TIME_MS:315}
cpu-time-ms: ${ASYNC_REST_EXECUTOR_CPU_TIME_MS:10}
queue-capacity: ${ASYNC_REST_QUEUE_CAPACITY:50}