generated from ministryofjustice/hmpps-template-kotlin
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CDPS-1054: Replaced template readme file and added in architectural d…
…ecision records. (#6)
- Loading branch information
Showing
7 changed files
with
258 additions
and
127 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
36 changes: 36 additions & 0 deletions
36
architecture-decision-record/0000-separate-domain-specific-code-by-package.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
[Contents](README.md), | ||
[Next >](0001-structure-packages-by-api-version.md) | ||
|
||
# 0. Separate domain specific code by package | ||
|
||
Date: 2024-11-21 | ||
|
||
## Status | ||
|
||
✅ Accepted | ||
|
||
## Context | ||
|
||
The HMPPS Person integration API provides an interface to access data from two different domains. | ||
The `Core Person Record` domain and the `Person Protected Characteristics` domain. These domains are | ||
related but may be separated out into separate services in the future. | ||
|
||
## Decision | ||
|
||
There will be a top level package for each domain, `corepersonrecord` and `personprotectedcharacteristics` which will keep | ||
any domain specific logic separate. A `common` package will be used for any shared code. | ||
|
||
``` | ||
project/ | ||
├── src/ | ||
│ ├── main/ | ||
│ │ ├── kotlin/ | ||
│ │ │ ├── common/ # Common code shared across domains | ||
│ │ │ ├── corepersonrecord/ # Core person record package | ||
│ │ │ ├── personprotectedcharacteristics/ # Person protected characteristics package | ||
│ │ └── resources/ | ||
``` | ||
|
||
## Consequences | ||
|
||
N/A |
40 changes: 40 additions & 0 deletions
40
architecture-decision-record/0001-structure-packages-by-api-version.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
[< Previous](0001-structure-packages-by-api-version.md), | ||
[Contents](README.md), | ||
[Next >](0002-include-username-in-client-credential-token.md) | ||
|
||
# 1. Structure packages by API version | ||
|
||
Date: 2024-11-21 | ||
|
||
## Status | ||
|
||
✅ Accepted | ||
|
||
## Context | ||
|
||
This API is likely to go through multiple iterations as data models change and expand. To ensure the | ||
API can evolve without causing friction to clients, we will version the API whenever there are breaking changes. | ||
As there may be multiple versions of the API live at a given time we need to code structured and easy to maintain and understand. | ||
|
||
## Decision | ||
|
||
Code specific to a specific API version will be stored in a separate package. | ||
|
||
``` | ||
project/ | ||
├── src/ | ||
│ ├── main/ | ||
│ │ ├── kotlin/ | ||
│ │ │ ├── common/ # Common code shared across modules or components | ||
│ │ │ ├── corepersonrecord/ # Core person record module | ||
│ │ │ │ ├── shared/ # Code common between versions | ||
│ │ │ │ ├── v1/ # Version 1 specific code | ||
│ │ │ │ ├── v2/ # Version 2 specific code | ||
│ │ └── resources/ | ||
``` | ||
|
||
## Consequences | ||
|
||
We will need to refactor the current package structure when we start introducing version 2 functionality. | ||
|
||
|
30 changes: 30 additions & 0 deletions
30
architecture-decision-record/0002-include-username-in-client-credential-token.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
[< Previous](0002-include-username-in-client-credential-token.md), | ||
[Contents](README.md), | ||
[Next >](9999-end.md) | ||
|
||
|
||
|
||
# 2. Include username in client credentials token | ||
|
||
Date: 2024-11-21 | ||
|
||
## Status | ||
|
||
✅ Accepted | ||
|
||
## Context | ||
|
||
The HMPPS Person Integration API will make calls to downstream services using the OAuth 2.0 client credentials grant for authorisation. | ||
The API will be authorised to make calls to downstream services however for audit purposes the username of the instigating user is required. | ||
The HMPPS Auth service provides functionality to include a username within an OAuth token obtained using client credentials which can then be | ||
verified and extracted by downstream services. | ||
|
||
## Decision | ||
|
||
The API will make use of the HMPPS Auth functionality to include a username within the token generated whe using a client credentials grant. | ||
|
||
## Consequences | ||
|
||
In order to the HMPPS Auth functionality to include the username in token when using the client credentials grant will require a non-standard | ||
OAuth token request query. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
No more records | ||
|
||
[Back to Contents](README.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# HMPPS Person Integration API Architecture Decisions | ||
|
||
This is a record of architectural decisions made during the development of the HMPPS Person Integration API project. | ||
|
||
## Table of contents | ||
|
||
* ✅ [Use separate packages for domain specific code](0000-separate-domain-specific-code-by-package.md) | ||
* ✅ [Structure packages be API version](0001-structure-packages-by-api-version.md) | ||
* ✅ [Include username in client credentials token](0002-include-username-in-client-credential-token.md) | ||
|
||
### Statuses: | ||
|
||
* Proposed: 🤔 | ||
* Accepted: ✅ | ||
* Rejected: ❌ | ||
* Superseded: ⌛️ | ||
* Amended: ♻️ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,128 @@ | ||
[< Back](../README.md) | ||
--- | ||
|
||
## Building | ||
|
||
To build the project without tests run: | ||
|
||
``` | ||
./gradlew clean build -x test | ||
``` | ||
|
||
## Testing | ||
|
||
To run the unit and integration tests: | ||
``` | ||
./gradlew test | ||
``` | ||
|
||
## Running Locally | ||
|
||
There are two variation for running the application locally. | ||
|
||
- [Running against containerised dependencies](#Running against containerised dependencies) | ||
- [Running against dependencies deployed in dev](#Running against dependencies deployed in dev) | ||
|
||
### Running against containerised dependencies | ||
|
||
The following command will build and run the application via docker compose along with containers for HMPPS Auth and Prison API. | ||
|
||
> NOTE: A client with the required roles will need to be added to the containerised version of HMPPS Auth in order to generate OAuth tokens. | ||
> The client id and secret can then be referenced in a .env file as the `SYSTEM_CLIENT_ID` and `SYSTEM_CLIENT_SECRET`. | ||
``` | ||
docker compose pull && docker compose up --build | ||
``` | ||
|
||
This will run the application on http://localhost:8080 and the swagger docs will be found at http://localhost:8080/swagger-ui/index.html# . | ||
|
||
#### Running through Gradle or IntelliJ | ||
|
||
If you want to run the application through IntelliJ or command line with gradle using the containerised dependencies then use: | ||
|
||
``` | ||
docker compose pull && docker compose up --scale hmpps-person-integration-api=0 | ||
``` | ||
|
||
Then start the application using Gradle or IntelliJ. | ||
|
||
> NOTE: The required client credentials environment variables (`SYSTEM_CLIENT_ID` and `SYSTEM_CLIENT_SECRET`) will need to set prior to starting the application. | ||
**IntelliJ:** | ||
|
||
Run or debug the main class with the spring active profile set to `dev`: | ||
|
||
**Gradle:** | ||
|
||
``` | ||
./gradlew bootRun --args='--spring.profiles.active=dev' | ||
``` | ||
|
||
### Running against dependencies deployed in dev | ||
|
||
In order to run against deployed dependencies in dev the | ||
|
||
<details> | ||
<summary>Environment variables required</summary> | ||
<br> | ||
Note, client credentials from the dev namespace (hmpps-person-integration-api-dev) kubernetes secrets. | ||
|
||
``` | ||
SYSTEM_CLIENT_ID=<Extract from k8s namespace> | ||
SYSTEM_CLIENT_SECRET=<Extract from k8s namespace> | ||
HMPPS_AUTH_URL=https://sign-in-dev.hmpps.service.justice.gov.uk/auth | ||
PRISON_API_BASE_URL=https://prison-api-dev.prison.service.justice.gov.uk | ||
``` | ||
</details> | ||
|
||
Once the environment variables have been set the application can be run via Gradle or IntelliJ using the commands in [this section](#running-through-gradle-or-intellij) | ||
|
||
## Common gradle tasks | ||
|
||
To list project dependencies, run: | ||
|
||
``` | ||
./gradlew dependencies | ||
``` | ||
|
||
To check for dependency updates, run: | ||
``` | ||
./gradlew dependencyUpdates --warning-mode all | ||
``` | ||
|
||
To run an OWASP dependency check, run: | ||
``` | ||
./gradlew clean dependencyCheckAnalyze --info | ||
``` | ||
|
||
To upgrade the gradle wrapper version, run: | ||
``` | ||
./gradlew wrapper --gradle-version=<VERSION> | ||
``` | ||
|
||
To automatically update project dependencies, run: | ||
``` | ||
./gradlew useLatestVersions | ||
``` | ||
|
||
#### Ktlint Gradle Tasks | ||
|
||
To run Ktlint check: | ||
``` | ||
./gradlew ktlintCheck | ||
``` | ||
|
||
To run Ktlint format: | ||
``` | ||
./gradlew ktlintFormat | ||
``` | ||
|
||
To register pre-commit check to run Ktlint format: | ||
``` | ||
./gradlew addKtlintFormatGitPreCommitHook | ||
``` | ||
|
||
...or to register pre-commit check to only run Ktlint check: | ||
``` | ||
./gradlew addKtlintCheckGitPreCommitHook | ||
``` |