WebFuzzing
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/CODEOWNERS‎
Lines changed: 3 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/CODEOWNERS‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/Dockerfile‎
Lines changed: 3 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/Dockerfile‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/LICENSE.md‎
Lines changed: 21 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/LICENSE.md‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/README.md‎
Lines changed: 7 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/README.md‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/docker-compose.yml‎
Lines changed: 92 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/docker-compose.yml‎
Lines changed: 92 additions & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/import-vault-token.sh‎
Lines changed: 6 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/import-vault-token.sh‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/lombok.config‎
Lines changed: 1 addition & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/lombok.config‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/nais/alerterator.yaml‎
Lines changed: 41 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/nais/alerterator.yaml‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/nais/dev-fss.yaml‎
Lines changed: 77 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/nais/dev-fss.yaml‎
Lines changed: 77 additions & 0 deletions
diff --git a/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/nais/dev-gcp-labs.yaml‎
Lines changed: 51 additions & 0 deletions b/‎jdk_17_maven/cs/rest/tiltaksgjennomforing-api/nais/dev-gcp-labs.yaml‎
Lines changed: 51 additions & 0 deletions
@@ -0,0 +1,3 @@
+# DISABLED: Turned this off since it's currently generating very noisy notifications to the team and reviewers can't
+# tell the difference between being explicitly added as a reviewer versus by way of this group.
+# * @navikt/arbeidsgiver
@@ -0,0 +1,3 @@
+FROM ghcr.io/navikt/baseimages/temurin:17
+COPY import-vault-token.sh /init-scripts
+COPY /target/tiltaksgjennomforing-api-1.0.0-SNAPSHOT.jar app.jar
@@ -0,0 +1,21 @@
+# The MIT License
+
+Copyright 2018 NAV (Arbeids- og velferdsdirektoratet) - The Norwegian Labour and Welfare Administration
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the "Software"),
+to deal in the Software without restriction, including without limitation
+the rights to use, copy, modify, merge, publish, distribute, sublicense,
+and/or sell copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,7 @@
+Tiltaksgjennomføring API
+===================================
+
+For NAV-interne: Ta kontakt på Slack-kanal #arbeidsgiver-tiltak
+
+For utviklere:
+Bygges med Maven: `mvn install`
@@ -0,0 +1,92 @@
+version: "3"
+services:
+  zookeeper:
+    image: confluentinc/cp-zookeeper:5.4.0
+    hostname: zookeeper
+    container_name: zookeeper
+    ports:
+      - "2181:2181"
+    environment:
+      ZOOKEEPER_CLIENT_PORT: 2181
+      ZOOKEEPER_TICK_TIME: 2000
+  broker:
+    image: confluentinc/cp-server:5.4.0
+    hostname: broker
+    container_name: broker
+    depends_on:
+      - zookeeper
+    ports:
+      - "9092:9092"
+    environment:
+      KAFKA_BROKER_ID: 1
+      KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
+      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT
+      KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://broker:29092,PLAINTEXT_HOST://localhost:9092
+      KAFKA_METRIC_REPORTERS: io.confluent.metrics.reporter.ConfluentMetricsReporter
+      KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
+      KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
+      KAFKA_CONFLUENT_LICENSE_TOPIC_REPLICATION_FACTOR: 1
+      CONFLUENT_METRICS_REPORTER_BOOTSTRAP_SERVERS: broker:29092
+      CONFLUENT_METRICS_REPORTER_ZOOKEEPER_CONNECT: zookeeper:2181
+      CONFLUENT_METRICS_REPORTER_TOPIC_REPLICAS: 1
+      CONFLUENT_METRICS_ENABLE: "true"
+      CONFLUENT_SUPPORT_CUSTOMER_ID: "anonymous"
+
+  kafka-tools:
+    image: confluentinc/cp-kafka:5.4.0
+    hostname: kafka-tools
+    container_name: kafka-tools
+    command: [ "tail", "-f", "/dev/null" ]
+    network_mode: "host"
+
+  schema-registry:
+    image: confluentinc/cp-schema-registry:5.4.0
+    hostname: schema-registry
+    container_name: schema-registry
+    depends_on:
+      - zookeeper
+      - broker
+    ports:
+      - "8081:8081"
+    environment:
+      SCHEMA_REGISTRY_HOST_NAME: schema-registry
+      SCHEMA_REGISTRY_KAFKASTORE_CONNECTION_URL: "zookeeper:2181"
+
+  control-center:
+    image: confluentinc/cp-enterprise-control-center:5.4.0
+    hostname: control-center
+    container_name: control-center
+    depends_on:
+      - zookeeper
+      - broker
+      - schema-registry
+    ports:
+      - "9021:9021"
+    environment:
+      CONTROL_CENTER_BOOTSTRAP_SERVERS: 'broker:29092'
+      CONTROL_CENTER_ZOOKEEPER_CONNECT: 'zookeeper:2181'
+      CONTROL_CENTER_SCHEMA_REGISTRY_URL: "http://schema-registry:8081"
+      CONTROL_CENTER_REPLICATION_FACTOR: 1
+      CONTROL_CENTER_INTERNAL_TOPICS_PARTITIONS: 1
+      CONTROL_CENTER_MONITORING_INTERCEPTOR_TOPIC_PARTITIONS: 1
+      CONFLUENT_METRICS_TOPIC_REPLICATION: 1
+      PORT: 9021
+  postgres:
+    image: postgres:latest
+    environment:
+      POSTGRES_USER: sample
+      POSTGRES_PASSWORD: sample
+      POSTGRES_DB: sample
+#    volumes:
+#      - ./dbdata:/var/lib/postgresql/data
+    ports:
+      - 6432:5432
+  tiltak-dokgen:
+    build:
+      context: ../tiltak-dokgen
+    ports:
+      - 5913:8080
+    volumes:
+      - ../tiltak-dokgen/content:/app/content
+    environment:
+      SPRING_PROFILES_ACTIVE: dev
@@ -0,0 +1,6 @@
+#!/usr/bin/env sh
+
+if test /var/run/secrets/nais.io/vault/vault_token;
+then
+    export VAULT_TOKEN=$(cat /var/run/secrets/nais.io/vault/vault_token)
+fi
@@ -0,0 +1 @@
+lombok.anyConstructor.addConstructorProperties=true
@@ -0,0 +1,41 @@
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: tiltaksgjennomforing-api
+  namespace: arbeidsgiver
+  labels:
+    team: team-tiltak
+spec:
+  groups:
+    - name: tiltaksgjennomforing-api-alert
+      rules:
+        - alert: applikasjon nede
+          expr: sum(up{app="tiltaksgjennomforing-api", job="nais-system/monitoring-apps-tenant"}) == 0
+          for: 1s
+          annotations:
+            summary: Appen er nede
+            action: "`kubectl describe pod {{ $labels.kubernetes_pod_name }} -n {{ $labels.kubernetes_namespace }}` for events, og `kubectl logs {{ $labels.kubernetes_pod_name }} -n {{ $labels.kubernetes_namespace }}` for logger"
+          labels:
+            namespace: team-tiltak
+            severity: critical
+
+        - alert: last ned pdf feiler
+          expr: sum(increase(tiltaksgjennomforing_pdf_feil_total[15m])) > 0
+          for: 1s
+          annotations:
+            summary: tiltaksgjennomforing-api feiler med pdf-generering
+            action: "`kubectl describe pod {{ $labels.kubernetes_pod_name }} -n {{ $labels.kubernetes_namespace }}` for events, og `kubectl logs {{ $labels.kubernetes_pod_name }} -n {{ $labels.kubernetes_namespace }}` for logger"
+          labels:
+            namespace: team-tiltak
+            severity: critical
+
+        - alert: TILTAKSGJENNOMFORING-API ERROR!
+          expr: sum(increase(logback_events_total{app="tiltaksgjennomforing-api",level="error"}[10m])) > 0
+          for: 10s
+          annotations:
+            summary: |-
+              tiltaksgjennomforing-api har logget en feil :this-is-fine-fire: Sjekk loggene om noe bør gjøres!
+            action: "Sjekk logs.adeo.no for logger: https://logs.adeo.no/app/r/s/HT3Nd"
+          labels:
+            namespace: team-tiltak
+            severity: critical
@@ -0,0 +1,77 @@
+apiVersion: "nais.io/v1alpha1"
+kind: "Application"
+metadata:
+  name: tiltaksgjennomforing-api
+  namespace: arbeidsgiver
+  labels:
+    team: arbeidsgiver
+spec:
+  env:
+    - name: MILJO
+      value: dev-fss
+  azure:
+    application:
+      enabled: true
+      allowAllUsers: true
+      tenant: trygdeetaten.no
+      claims:
+        groups:
+          - id: fbfea82d-13da-43ad-a2f2-d7f21cb95f12
+        extra:
+          - "NAVident"
+  kafka:
+    pool: nav-dev
+  image: {{image}}
+  team: arbeidsgiver
+  port: 8080
+  liveness:
+    path: /tiltaksgjennomforing-api/internal/healthcheck
+    initialDelay: 30
+    timeout: 1
+    periodSeconds: 30
+    failureThreshold: 10
+  readiness:
+    path: /tiltaksgjennomforing-api/internal/healthcheck
+    initialDelay: 30
+    timeout: 1
+    periodSeconds: 30
+    failureThreshold: 10
+  resources:
+    limits:
+      cpu: 2000m
+      memory: 3000Mi
+    requests:
+      cpu: 500m
+      memory: 600Mi
+  ingresses:
+    - https://arbeidsgiver.nais.preprod.local/tiltaksgjennomforing-api/
+  leaderElection: true
+  vault:
+    enabled: true
+  webproxy: true
+  strategy:
+    type: RollingUpdate
+  tokenx:
+    enabled: true
+  prometheus:
+    enabled: true
+    path: /tiltaksgjennomforing-api/internal/actuator/prometheus
+  accessPolicy:
+    inbound:
+      rules:
+        - application: tiltak-proxy
+        - application: min-side-arbeidsgiver
+          namespace: fager
+          cluster: dev-gcp
+        - application: mulighetsrommet-api
+          namespace: team-mulighetsrommet
+          cluster: dev-gcp
+    outbound:
+      rules:
+        - application: poao-tilgang
+          namespace: poao
+      external:
+        - host: team-tiltak-unleash-api.nav.cloud.nais.io
+  envFrom:
+    - configmap: loginservice-idporten
+    - secret: tiltaksgjennomforing-api-unleash-api-token
@@ -0,0 +1,51 @@
+apiVersion: "nais.io/v1alpha1"
+kind: "Application"
+metadata:
+  name: tiltaksgjennomforing-api-labs
+  namespace: arbeidsgiver
+  labels:
+    team: arbeidsgiver
+spec:
+  env:
+    - name: MILJO
+      value: dev-gcp-labs
+  image: {{image}}
+  team: arbeidsgiver
+  port: 8080
+  replicas:
+    min: 1
+    max: 1
+  liveness:
+    path: /tiltaksgjennomforing-api/internal/healthcheck
+    initialDelay: 30
+    timeout: 1
+    periodSeconds: 30
+    failureThreshold: 10
+  readiness:
+    path: /tiltaksgjennomforing-api/internal/healthcheck
+    initialDelay: 30
+    timeout: 1
+    periodSeconds: 30
+    failureThreshold: 10
+  resources:
+    limits:
+      cpu: 2000m
+      memory: 3000Mi
+    requests:
+      cpu: 500m
+      memory: 600Mi
+  prometheus:
+    enabled: true
+    path: /tiltaksgjennomforing-api/internal/actuator/prometheus
+  accessPolicy:
+    inbound:
+      rules:
+        - application: tiltaksgjennomforing-labs
+    outbound:
+      rules:
+        - application: tiltak-fakelogin
+        - application: tiltaksgjennomforing-wiremock
+        - application: tiltak-refusjon-api-labs
+        - application: tiltak-dokgen
+  envFrom:
+    - configmap: loginservice-idporten
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# DISABLED: Turned this off since it's currently generating very noisy notifications to the team and reviewers can't`
	`2`	`+# tell the difference between being explicitly added as a reviewer versus by way of this group.`
	`3`	`+# * @navikt/arbeidsgiver`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+FROM ghcr.io/navikt/baseimages/temurin:17`
	`2`	`+COPY import-vault-token.sh /init-scripts`
	`3`	`+COPY /target/tiltaksgjennomforing-api-1.0.0-SNAPSHOT.jar app.jar`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+lombok.anyConstructor.addConstructorProperties=true`