chores/migrate: access management (#114)

.github/workflows/_deploy-app.yml

@@ -89,27 +89,27 @@ jobs:
           echo "Image: ${IMAGE}"
           echo "Tag: ${TAG}"
 
-  deploy-terraform:
-    name: Run terraform deployment
-
-    if: inputs.terraform
-
-    strategy:
-      fail-fast: false
-      matrix:
-        environment: [at21, at22]
-
-    needs:
-      - build-push
-
-    uses: ./.github/workflows/_deploy-app-terraform.yml
-    with:
-      environment: ${{ matrix.environment }}
-      working_dir: ${{ inputs.path }}/deploy
-      tf_state: ${{ inputs.terraformStateFile }}
-      tf_args: "-var image=${{ needs.build-push.outputs.image }}"
-
-      databaseBootstrap: ${{ inputs.databaseBootstrap }}
-      databaseName: ${{ inputs.databaseName }}
-      databaseRoleprefix: ${{ inputs.databaseRoleprefix }}
-      databaseSchema: ${{ inputs.databaseSchema }}
+  # deploy-terraform:
+  #   name: Run terraform deployment
+
+  #   if: inputs.terraform
+
+  #   strategy:
+  #     fail-fast: false
+  #     matrix:
+  #       environment: [at21, at22]
+
+  #   needs:
+  #     - build-push
+
+  #   uses: ./.github/workflows/_deploy-app-terraform.yml
+  #   with:
+  #     environment: ${{ matrix.environment }}
+  #     working_dir: ${{ inputs.path }}/deploy
+  #     tf_state: ${{ inputs.terraformStateFile }}
+  #     tf_args: "-var image=${{ needs.build-push.outputs.image }}"
+
+  #     databaseBootstrap: ${{ inputs.databaseBootstrap }}
+  #     databaseName: ${{ inputs.databaseName }}
+  #     databaseRoleprefix: ${{ inputs.databaseRoleprefix }}
+  #     databaseSchema: ${{ inputs.databaseSchema }}

.justfile

@@ -5,22 +5,22 @@
 # Install node packages required to run scripts - uses pnpm to install the packages
 [private]
 @install-script-packages:
-  #!pwsh
+  #!/usr/bin/env pwsh
   pushd .github/scripts
   pnpm install
 
 [private]
 @install-script-packages-frozen:
-  #!pwsh
+  #!/usr/bin/env pwsh
   pushd .github/scripts
   pnpm install --frozen-lockfile
 
 # Run the script to update solution files
 @update-sln-files: install-script-packages-frozen
-  #!pwsh
+  #!/usr/bin/env pwsh
   ./.github/scripts/node_modules/.bin/tsx ./.github/scripts/update-sln-files.mts
 
 # Print all projects metadata
 @get-metadata: install-script-packages-frozen
-  #!pwsh
+  #!/usr/bin/env pwsh
   ./.github/scripts/node_modules/.bin/tsx ./.github/scripts/get-metadata.mts

global.json

@@ -1,6 +1,6 @@
 {
   "sdk": {
-    "version": "8.0.100",
+    "version": "9.0.100",
     "rollForward": "latestFeature"
   }
 }

src/Directory.Build.props

@@ -1,7 +1,8 @@
 <Project>
 
     <PropertyGroup>
-        <TargetFramework>net8.0</TargetFramework>
+        <UserSecretsId>Altinn.Authorization</UserSecretsId>
+        <TargetFramework>net9.0</TargetFramework>
         <ImplicitUsings>enable</ImplicitUsings>
         <LangVersion>12.0</LangVersion>
         <!-- <Nullable>enable</Nullable> -->

src/Directory.Packages.props

@@ -1,54 +1,96 @@
 <Project>
-  <PropertyGroup>
-    <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
-  </PropertyGroup>
-  <ItemGroup>
-    <PackageVersion Include="Altinn.Authorization.ServiceDefaults.Npgsql.Yuniql" Version="2.2.2" />
-    <PackageVersion Include="Altinn.Authorization.ServiceDefaults" Version="2.2.2" />
-    <PackageVersion Include="Azure.Identity" Version="1.12.1" />
-    <PackageVersion Include="Azure.Monitor.OpenTelemetry.AspNetCore" Version=" 1.3.0-beta.1" />
-    <PackageVersion Include="Azure.ResourceManager.KeyVault" Version="1.3.0" />
-    <PackageVersion Include="Azure.ResourceManager.PostgreSql" Version="1.1.3" />
-    <PackageVersion Include="Azure.Security.KeyVault.Secrets" Version="4.6.0" />
-    <PackageVersion Include="coverlet.collector" Version=" 6.0.2" />
-    <PackageVersion Include="MassTransit.Azure.ServiceBus.Core" Version=" 8.2.6-develop.1998" />
-    <PackageVersion Include="MassTransit.Extensions.DependencyInjection" Version=" 7.3.1" />
-    <PackageVersion Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.8" />
-    <PackageVersion Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="8.0.8" />
-    <PackageVersion Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.2.0" />
-    <PackageVersion Include="Microsoft.AspNetCore.Hosting" Version="2.2.7" />
-    <PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="8.0.7" />
-    <PackageVersion Include="Microsoft.Azure.AppConfiguration.AspNetCore" Version=" 8.0.0-preview.3" />
-    <PackageVersion Include="Microsoft.Extensions.Azure" Version=" 1.7.4" />
-    <PackageVersion Include="Microsoft.Extensions.Caching.Abstractions" Version="8.0.0" />
-    <PackageVersion Include="Microsoft.Extensions.Configuration.AzureKeyVault" Version="3.1.24" />
-    <PackageVersion Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
-    <PackageVersion Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
-    <PackageVersion Include="Microsoft.Extensions.Diagnostics.HealthChecks.Abstractions" Version="8.0.8" />
-    <PackageVersion Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="8.0.8" />
-    <PackageVersion Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.0" />
-    <PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.1" />
-    <PackageVersion Include="Microsoft.Extensions.Logging.ApplicationInsights" Version="2.22.0" />
-    <PackageVersion Include="Microsoft.Extensions.Options" Version="8.0.2" />
-    <PackageVersion Include="Microsoft.Extensions.Telemetry.Abstractions" Version="8.7.0" />
-    <PackageVersion Include="Microsoft.FeatureManagement.AspNetCore" Version="3.5.0" />
-    <PackageVersion Include="Microsoft.NET.Test.Sdk" Version=" 17.10.0" />
-    <PackageVersion Include="Moq" Version=" 4.20.70" />
-    <PackageVersion Include="Nerdbank.Streams" Version="2.11.79" />
-    <PackageVersion Include="Npgsql.OpenTelemetry" Version=" 8.0.3" />
-    <PackageVersion Include="Npgsql" Version="8.0.4" />
-    <PackageVersion Include="OpenTelemetry.Exporter.Console" Version=" 1.9.0" />
-    <PackageVersion Include="OpenTelemetry.Extensions.Hosting" Version=" 1.9.0" />
-    <PackageVersion Include="OpenTelemetry.Instrumentation.AspNetCore" Version=" 1.9.0" />
-    <PackageVersion Include="OpenTelemetry.Instrumentation.Http" Version=" 1.9.0" />
-    <PackageVersion Include="OpenTelemetry" Version=" 1.9.0" />
-    <PackageVersion Include="Spectre.Console" Version="0.49.1" />
-    <PackageVersion Include="StyleCop.Analyzers" Version=" 1.2.0-beta.556" />
-    <PackageVersion Include="Swashbuckle.AspNetCore" Version="6.4.0" />
-    <PackageVersion Include="xunit.runner.visualstudio" Version=" 2.8.2" />
-    <PackageVersion Include="xunit" Version=" 2.9.0" />
-    <PackageVersion Include="Yuniql.AspNetCore" Version=" 1.2.25" />
-    <PackageVersion Include="Yuniql.Core" Version=" 1.3.15" />
-    <PackageVersion Include="Yuniql.PostgreSql" Version=" 1.3.15" />
-  </ItemGroup>
-</Project>
+    <ItemGroup>
+        <PackageVersion Include="Altinn.Authorization.ABAC" Version="0.0.8" />
+        <PackageVersion Include="Altinn.Authorization.ProblemDetails" Version="3.0.1" />
+        <PackageVersion Include="Altinn.Authorization.ProblemDetails.Abstractions"
+            Version="3.0.1" />
+        <PackageVersion Include="Altinn.Authorization.ServiceDefaults" Version="2.7.0" />
+        <PackageVersion Include="Altinn.Authorization.ServiceDefaults.Npgsql.Yuniql"
+            Version="2.7.0" />
+        <PackageVersion Include="Altinn.Common.AccessToken" Version="4.5.4" />
+        <PackageVersion Include="Altinn.Common.AccessTokenClient" Version="3.0.10" />
+        <PackageVersion Include="Altinn.Common.PEP" Version="4.1.2" />
+        <PackageVersion Include="Altinn.Platform.Models" Version="1.6.1" />
+        <PackageVersion Include="Altinn.Platform.Storage.Interface" Version="4.0.4" />
+        <PackageVersion Include="Altinn.Swashbuckle.Abstractions" Version="2.1.1" />
+        <PackageVersion Include="Altinn.Urn" Version="2.5.1" />
+        <PackageVersion Include="Altinn.Urn.Swashbuckle" Version="2.5.1" />
+        <PackageVersion Include="AutoMapper.Extensions.Microsoft.DependencyInjection"
+            Version="12.0.1" />
+        <PackageVersion Include="Azure.Extensions.AspNetCore.Configuration.Secrets"
+            Version="1.3.2" />
+        <PackageVersion Include="Azure.Identity" Version="1.13.1" />
+        <PackageVersion Include="Azure.Monitor.OpenTelemetry.AspNetCore" Version="1.3.0-beta.2" />
+        <PackageVersion Include="Azure.Monitor.OpenTelemetry.Exporter" Version="1.3.0" />
+        <PackageVersion Include="Azure.ResourceManager.KeyVault" Version="1.3.0" />
+        <PackageVersion Include="Azure.ResourceManager.PostgreSql" Version="1.2.0" />
+        <PackageVersion Include="Azure.Security.KeyVault.Certificates" Version="4.7.0" />
+        <PackageVersion Include="Azure.Security.KeyVault.Secrets" Version="4.7.0" />
+        <PackageVersion Include="Azure.Storage.Blobs" Version="12.23.0" />
+        <PackageVersion Include="Azure.Storage.Queues" Version="12.21.0" />
+        <PackageVersion Include="coverlet.collector" Version=" 6.0.2" />
+        <PackageVersion Include="Dapper" Version="2.1.35" />
+        <PackageVersion Include="JWTCookieAuthentication" Version="4.0.1" />
+        <PackageVersion Include="MassTransit.Azure.ServiceBus.Core"
+            Version=" 8.2.6-develop.1998" />
+        <PackageVersion Include="MassTransit.Extensions.DependencyInjection" Version=" 7.3.1" />
+        <PackageVersion Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.22.0" />
+        <PackageVersion Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.AspNetCore.Authentication.OpenIdConnect"
+            Version="9.0.0" />
+        <PackageVersion Include="Microsoft.AspNetCore.Hosting" Version="2.2.7" />
+        <PackageVersion Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.2.0" />
+        <PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.Azure.AppConfiguration.AspNetCore"
+            Version="8.1.0-preview" />
+        <PackageVersion Include="Microsoft.Extensions.Azure" Version="1.9.0" />
+        <PackageVersion Include="Microsoft.Extensions.Caching.Abstractions" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
+        <PackageVersion Include="Microsoft.Extensions.Configuration.AzureKeyVault"
+            Version="3.1.24" />
+        <PackageVersion Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
+        <PackageVersion Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
+        <PackageVersion Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="8.0.8" />
+        <PackageVersion Include="Microsoft.Extensions.Diagnostics.HealthChecks.Abstractions"
+            Version="8.0.8" />
+        <PackageVersion Include="Microsoft.Extensions.FileProviders.Embedded" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.Extensions.Hosting.Abstractions" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.Extensions.Logging.ApplicationInsights"
+            Version="2.22.0" />
+        <PackageVersion Include="Microsoft.Extensions.Logging.Debug" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.Extensions.Options" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.Extensions.Telemetry.Abstractions" Version="9.0.0" />
+        <PackageVersion Include="Microsoft.FeatureManagement.AspNetCore" Version="4.0.0" />
+        <PackageVersion Include="Microsoft.IdentityModel.Logging" Version="8.2.1" />
+        <PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
+        <PackageVersion Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets"
+            Version="1.21.0" />
+        <PackageVersion Include="Moq" Version="4.20.72" />
+        <PackageVersion Include="Nerdbank.Streams" Version="2.11.79" />
+        <PackageVersion Include="Npgsql" Version="8.0.5" />
+        <PackageVersion Include="Npgsql.OpenTelemetry" Version="8.0.5" />
+        <PackageVersion Include="OpenTelemetry" Version="1.10.0" />
+        <PackageVersion Include="OpenTelemetry.Exporter.Console" Version="1.10.0" />
+        <PackageVersion Include="OpenTelemetry.Extensions.Hosting" Version="1.10.0" />
+        <PackageVersion Include="OpenTelemetry.Instrumentation.AspNetCore" Version=" 1.9.0" />
+        <PackageVersion Include="OpenTelemetry.Instrumentation.Http" Version="1.10.0" />
+        <PackageVersion Include="Spectre.Console" Version="0.49.1" />
+        <PackageVersion Include="StyleCop.Analyzers" Version="1.2.0-beta.556" />
+        <PackageVersion Include="Swashbuckle.AspNetCore" Version="7.1.0" />
+        <PackageVersion Include="Swashbuckle.AspNetCore.Annotations" Version="7.1.0" />
+        <PackageVersion Include="Swashbuckle.AspNetCore.Filters" Version="8.0.2" />
+        <PackageVersion Include="System.Linq.Async" Version="6.0.1" />
+        <PackageVersion Include="System.Text.Json" Version="9.0.0" />
+        <PackageVersion Include="Testcontainers.PostgreSql" Version="4.0.0" />
+        <PackageVersion Include="xunit" Version="2.9.2" />
+        <PackageVersion Include="xunit.runner.visualstudio" Version="2.8.2" />
+        <PackageVersion Include="Yuniql.AspNetCore" Version=" 1.2.25" />
+        <PackageVersion Include="Yuniql.Core" Version=" 1.3.15" />
+        <PackageVersion Include="Yuniql.PostgreSql" Version=" 1.3.15" />
+    </ItemGroup>
+    <PropertyGroup>
+        <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
+    </PropertyGroup>
+</Project>

src/apps/Altinn.AccessManagement/Altinn.AccessManagement.sln

@@ -0,0 +1,57 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.0.31903.59
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{960E20A2-19CD-4579-9E93-D2E7C02D3629}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Altinn.AccessManagement", "src\Altinn.AccessManagement\Altinn.AccessManagement.csproj", "{A3F09A0C-0978-4F23-9F35-A7343DC76D03}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "test", "test", "{7EBD92A3-BEBF-4608-9535-F419BF22EE83}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Altinn.AccessManagement.Tests", "test\Altinn.AccessManagement.Tests\Altinn.AccessManagement.Tests.csproj", "{DC83D8C7-BE67-451D-AD00-172CE364468C}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Altinn.AccessManagement.Integration", "src\Altinn.AccessManagement.Integration\Altinn.AccessManagement.Integration.csproj", "{F6682422-0B31-4E83-8B03-BE21267A95C4}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Altinn.AccessManagement.Core", "src\Altinn.AccessManagement.Core\Altinn.AccessManagement.Core.csproj", "{601CE177-6CC3-4D7B-8CC5-5B173598ECAE}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Altinn.AccessManagement.Persistence", "src\Altinn.AccessManagement.Persistence\Altinn.AccessManagement.Persistence.csproj", "{8482BD82-0121-4B24-B7E9-4688E41584F8}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{A3F09A0C-0978-4F23-9F35-A7343DC76D03}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{A3F09A0C-0978-4F23-9F35-A7343DC76D03}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{A3F09A0C-0978-4F23-9F35-A7343DC76D03}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{A3F09A0C-0978-4F23-9F35-A7343DC76D03}.Release|Any CPU.Build.0 = Release|Any CPU
+		{DC83D8C7-BE67-451D-AD00-172CE364468C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{DC83D8C7-BE67-451D-AD00-172CE364468C}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{DC83D8C7-BE67-451D-AD00-172CE364468C}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{DC83D8C7-BE67-451D-AD00-172CE364468C}.Release|Any CPU.Build.0 = Release|Any CPU
+		{F6682422-0B31-4E83-8B03-BE21267A95C4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{F6682422-0B31-4E83-8B03-BE21267A95C4}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{F6682422-0B31-4E83-8B03-BE21267A95C4}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{F6682422-0B31-4E83-8B03-BE21267A95C4}.Release|Any CPU.Build.0 = Release|Any CPU
+		{601CE177-6CC3-4D7B-8CC5-5B173598ECAE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{601CE177-6CC3-4D7B-8CC5-5B173598ECAE}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{601CE177-6CC3-4D7B-8CC5-5B173598ECAE}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{601CE177-6CC3-4D7B-8CC5-5B173598ECAE}.Release|Any CPU.Build.0 = Release|Any CPU
+		{8482BD82-0121-4B24-B7E9-4688E41584F8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{8482BD82-0121-4B24-B7E9-4688E41584F8}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{8482BD82-0121-4B24-B7E9-4688E41584F8}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{8482BD82-0121-4B24-B7E9-4688E41584F8}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{A3F09A0C-0978-4F23-9F35-A7343DC76D03} = {960E20A2-19CD-4579-9E93-D2E7C02D3629}
+		{DC83D8C7-BE67-451D-AD00-172CE364468C} = {7EBD92A3-BEBF-4608-9535-F419BF22EE83}
+		{F6682422-0B31-4E83-8B03-BE21267A95C4} = {960E20A2-19CD-4579-9E93-D2E7C02D3629}
+		{601CE177-6CC3-4D7B-8CC5-5B173598ECAE} = {960E20A2-19CD-4579-9E93-D2E7C02D3629}
+		{8482BD82-0121-4B24-B7E9-4688E41584F8} = {960E20A2-19CD-4579-9E93-D2E7C02D3629}
+	EndGlobalSection
+EndGlobal

src/apps/Altinn.AccessManagement/Dockerfile

@@ -0,0 +1,23 @@
+FROM mcr.microsoft.com/dotnet/sdk:9.0-alpine AS build
+WORKDIR /app
+
+# Copy everything and build
+COPY . .
+RUN dotnet restore
+
+# Copy everything else and build
+RUN dotnet publish -c Release -o out ./src/Altinn.AccessManagement/Altinn.AccessManagement.csproj
+
+# Build runtime image
+FROM mcr.microsoft.com/dotnet/aspnet:9.0-alpine AS final
+EXPOSE 5110
+WORKDIR /app
+COPY --from=build /app/out .
+
+# setup the user and group
+# the user will have no password, using shell /bin/false and using the group dotnet
+RUN addgroup -g 3000 dotnet && adduser -u 1000 -G dotnet -D -s /bin/false dotnet
+# update permissions of files if neccessary before becoming dotnet user
+USER dotnet
+RUN mkdir /tmp/logtelemetry
+ENTRYPOINT ["dotnet", "Altinn.AccessManagement.dll"]