Merge pull request #68 from oracle-quickstart/assets_micronaut

Assets service - replaced Node with Micronaut implementation

.github/workflows/java-ci.yml

@@ -23,7 +23,8 @@ jobs:
             'functions/newsletter-subscription',
             'orders',
             'payment',
-            'user'
+            'user',
+            'assets'
         ]
     steps:
       - uses: actions/checkout@v2
@@ -62,7 +63,8 @@ jobs:
             'fulfillment',
             'orders',
             'payment',
-            'user'
+            'user',
+            'assets'
         ]
     steps:
       - uses: actions/checkout@v2
@@ -158,7 +160,8 @@ jobs:
             'functions/newsletter-subscription',
             'orders',
             'payment',
-            'user'
+            'user',
+            'assets'
         ]
     steps:
       - uses: AutoModality/action-clean@v1
@@ -212,4 +215,4 @@ jobs:
 
       - name: Cleanup images
         if: ${{ always() }}
-        run: docker image prune -f
+        run: docker image prune -a -f

deploy/complete/aws-cloudformation/mushop-entrypoint.yaml

@@ -108,6 +108,10 @@ Metadata:
           - QSS3BucketName
           - QSS3KeyPrefix
           - QSS3BucketRegion
+      - Label:
+          default: MuShop services configuration
+        Parameters:
+          - AssetsS3BucketName
     ParameterLabels:
       # Default
       CloudFormationVersion:
@@ -186,6 +190,10 @@ Metadata:
       DocDbMasterUser:
         default: Admin username
 
+      # MuShop stack labels
+      AssetsS3BucketName:
+        default: S3 bucket for MuShop Assets service
+
 Parameters:
   CloudFormationVersion:
     Type: String
@@ -236,6 +244,16 @@ Parameters:
     Description: Mushop CloudFormation configuration region
     Type: String
     Default: 'us-west-2'
+  AssetsS3BucketName:
+    AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$
+    ConstraintDescription: MuShop Assets bucket name can include numbers, lowercase
+      letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen
+      (-).
+    Default: mushop-assets
+    Description: S3 bucket name for the MuShop Assets service. This string can include
+      numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start
+      or end with a hyphen (-).
+    Type: String
   RemoteAccessCIDR:
     AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
     ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x
@@ -514,6 +532,7 @@ Resources:
         RandomStringLambdaFunctionArn: !GetAtt MushopUtilitiesStack.Outputs.RandomStringLambdaArn
 
         # MuShop
+        AssetsS3BucketName: !Ref AssetsS3BucketName
         HelmRepository: !Sub
           - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${Version}/charts'
           - S3Region: !Ref MMSS3BucketRegion

deploy/complete/aws-cloudformation/mushop.yml

@@ -54,8 +54,18 @@ Parameters:
     Type: String
   MSKClusterBootstrapServerBrokers:
     Type: String
+  AssetsS3BucketName:
+    Type: String
 Resources:
 
+  # This creates S3 bucket for mushop assets
+  MuShopAssetsBucket:
+    Type: AWS::S3::Bucket
+    Properties:
+      BucketName: !Ref AssetsS3BucketName
+      PublicAccessBlockConfiguration:
+        RestrictPublicBuckets: true
+
   # This creates policy and role for the ServiceAccount the MuShop services will run with.
   MuShopServiceIamRole:
     Type: AWS::IAM::Role
@@ -109,6 +119,17 @@ Resources:
                   - "kafka-cluster:*"
                   - "kafka:DescribeCluster"
                 Resource: !Ref MSKClusterArn
+              - Effect: Allow
+                Action:
+                  - "s3:ListBucket"
+                Resource: !GetAtt MuShopAssetsBucket.Arn
+              - Effect: Allow
+                Action:
+                  - "s3:PutObject"
+                  - "s3:PutObjectAcl"
+                  - "s3:GetObject"
+                  - "s3:DeleteObject"
+                Resource: !Join [ '', [ !GetAtt MuShopAssetsBucket.Arn, '/*' ] ]
 
 
   # This creates namespace for MuShop deployment
@@ -420,6 +441,15 @@ Resources:
       Value: !Ref MSKClusterBootstrapServerBrokers
       Description: Events service Kafka cluster bootstrap servers
 
+  # This creates parameter that holds the S3 bucket name used by the assets service
+  MuShopAssetsBucketNameParam:
+    Type: AWS::SSM::Parameter
+    Properties:
+      Name: /config/assets/micronaut/object-storage/aws/default/bucket
+      Type: String
+      Value: !Ref MuShopAssetsBucket
+      Description: Assets service S3 bucket name
+
   # MuShop utilities
   MushopUtilitiesNamespaceKubernetesResource:
     Type: "AWSQS::Kubernetes::Resource"
@@ -463,7 +493,9 @@ Resources:
   # This deploys helm chart
   MushopHelmChart:
     Type: "AWSQS::Kubernetes::Helm"
-    DependsOn: MushopNamespaceKubernetesResource
+    DependsOn:
+      - MushopNamespaceKubernetesResource
+      - MuShopAssetsBucket
     Properties:
       ClusterID: !Ref KubeClusterName
       Namespace: !Ref MushopNamespace

deploy/complete/docker-compose/docker-compose.yml

@@ -32,22 +32,25 @@ services:
       - MICRONAUT_HTTP_SERVICES_MUSHOP-CARTS_URL=http://carts:8080
       - MICRONAUT_HTTP_SERVICES_MUSHOP-ORDERS_URL=http://orders:8082
       - MICRONAUT_HTTP_SERVICES_MUSHOP-USER_URL=http://user:8080
+      - MICRONAUT_HTTP_SERVICES_MUSHOP-ASSETS_URL=http://assets:8080
       - REDIS_URI=redis://session-db:6379
 
   # Static media assets
   assets:
-    image: phx.ocir.io/oraclelabs/micronaut-showcase/mushop/assets:1.1.3
+    image: phx.ocir.io/oraclelabs/micronaut-showcase/mushop/assets-app-graalvm:2.0.0-SNAPSHOT
     restart: always
     cap_drop:
       - ALL
     cap_add:
       - NET_BIND_SERVICE
     read_only: true
     environment:
-      - reschedule=on-node-failure
-      - PORT=3000
-      - BUCKET_PAR
-      - REGION
+      - MICRONAUT_ENV_DEDUCTION=false
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "200k"
+        max-file: "5"
 
   # Redis session DB
   session-db:

deploy/complete/helm-chart/mushop/charts/api/values.yaml

@@ -8,7 +8,6 @@ image:
 
 env:
   trackingEnabled: false
-  mediaUrl: /assets
 
 hpa:
   enabled: true

deploy/complete/helm-chart/mushop/charts/assets/templates/_helpers.tpl

@@ -44,30 +44,47 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
 
-{{/* OOS BUCKET PAR */}}
-{{- define "assets.env.par" -}}
-{{- $globalOsb := index (.Values.global | default .) "osb" -}}
-{{- $usesOsbBucket := (index .Values.global "osb").objectstorage  -}}
-{{- $bindingSecret := printf "%s-bucket-par-binding" ($globalOsb.instanceName | default "mushop") -}}
+{{/* OAPM Connection url */}}
+{{- define "assets.oapm.connection" -}}
+{{- $oapmConnection := .Values.oapmConnectionSecret | default (.Values.global.oapmConnectionSecret | default (printf "%s-oapm-connection" .Release.Name)) -}}
+- name: ORACLECLOUD_TRACING_ZIPKIN_HTTP_URL
+  valueFrom:
+    secretKeyRef:
+      name: {{ $oapmConnection }}
+      key: zipkin_url
+- name: ORACLECLOUD_TRACING_ZIPKIN_HTTP_PATH
+  valueFrom:
+    secretKeyRef:
+      name: {{ $oapmConnection }}
+      key: zipkin_path
+- name: TRACING_ZIPKIN_ENABLED
+  valueFrom:
+    secretKeyRef:
+      name: {{ $oapmConnection }}
+      key: zipkin_enabled
+{{- end -}}
+
+{{/* OIMS configuration */}}
+{{- define "assets.oims.config" -}}
+{{- $ociDeployment := .Values.ociDeploymentConfigMap | default (.Values.global.ociDeploymentConfigMap | default (printf "%s-oci-deployment" .Chart.Name)) -}}
+- name: ORACLECLOUD_METRICS_COMPARTMENT_ID
+  valueFrom:
+    configMapKeyRef:
+      name: {{ $ociDeployment }}
+      key: compartment_id
+{{- end -}}
+
+{{/* OOS BUCKET */}}
+{{- define "assets.oos.config" -}}
 {{- $bucketSecret := .Values.global.oosBucketSecret | default (printf "%s-bucket" .Release.Name) -}}
-{{- $credentialSecret := .Values.ociAuthSecret | default .Values.global.ociAuthSecret }}
-{{- if $credentialSecret -}}
-- name: REGION
+- name: ASSETS_BUCKET_NAME
   valueFrom:
     secretKeyRef:
-      name: {{ $credentialSecret }}
-      key: region
-      optional: true
-{{ end }}
-- name: BUCKET_PAR
+      name: {{ $bucketSecret }}
+      key: name
+- name: ASSETS_BUCKET_NAMESPACE
   valueFrom:
     secretKeyRef:
-      {{- if $usesOsbBucket }}
-      name: {{ $bindingSecret }}
-      key: preAuthAccessUri
-      {{- else }}
       name: {{ $bucketSecret }}
-      key: parUrl
-      optional: true
-      {{- end -}}
-{{- end -}}
+      key: namespace
+{{- end -}}

deploy/complete/helm-chart/mushop/charts/assets/templates/assets-delete-job.yaml

@@ -0,0 +1,26 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "assets.fullname" . }}-delete
+  labels: {{ include "assets.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": pre-delete
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+  ttlSecondsAfterFinished: 60
+  backoffLimit: 1
+  template:
+    metadata:
+      annotations:
+        sidecar.istio.io/inject: "false"
+      labels:
+        app.kubernetes.io/name: {{ include "assets.name" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+    spec:
+      restartPolicy: Never
+      containers:
+        - name: curl
+          image: "curlimages/curl:7.86.0"
+          imagePullPolicy: "IfNotPresent"
+          command: [ "curl"]
+          args: ["-X", "DELETE", "http://mushop-assets/assets"]

deploy/complete/helm-chart/mushop/charts/assets/templates/assets-deployment.yaml

@@ -20,23 +20,35 @@ spec:
         app.kubernetes.io/instance: {{ .Release.Name }}
       annotations:
         sidecar.istio.io/rewriteAppHTTPProbers: "true"
+        prometheus.io/scrape: "true"
+        prometheus.io/path: /prometheus
+        prometheus.io/port: "8080"
     spec:
+      serviceAccountName: {{ .Values.global.serviceAccount | default .Values.serviceAccount | default (printf "default") }}
       containers:
         - name: {{ .Chart.Name }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          image: "{{ .Values.image.repository }}-{{ .Values.global.cloud }}-{{ .Values.global.imageSuffix | default .Values.image.suffix }}:{{ .Values.image.tag }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           ports:
-            - name: http
-              containerPort: 3000
+            - containerPort: 8080
           livenessProbe:
             httpGet:
-              path: /health
-              port: http
+              path: /health/liveness
+              port: 8080
+            initialDelaySeconds: 10
+            periodSeconds: 5
           readinessProbe:
             httpGet:
-              path: /health
-              port: http
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
+              path: /health/readiness
+              port: 8080
+            initialDelaySeconds: 10
+            periodSeconds: 5
+          env:
+          {{- $cloud := .Values.cloud | default (.Values.global.cloud | default (printf "oci")) }}
+          {{- if eq "oci" $cloud }}
+            {{- include "assets.oapm.connection" . | nindent 12 }}
+            {{- include "assets.oims.config" . | nindent 12 }}
+            {{- include "assets.oos.config" . | nindent 12 }}
+          {{- end }}
+      nodeSelector:
+        beta.kubernetes.io/os: linux

deploy/complete/helm-chart/mushop/charts/assets/templates/assets-svc.yaml

@@ -2,13 +2,11 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ include "assets.fullname" . }}
-  labels:
-{{ include "assets.labels" . | indent 4 }}
+  labels: {{ include "assets.labels" . | nindent 4 }}
 spec:
   selector:
     app.kubernetes.io/name: {{ include "assets.name" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
   ports:
     - port: {{ .Values.service.port }}
-      name: http
-      targetPort: 3000
+      targetPort: 8080