From 29d169d5b379c6bad4b0a270f606dfffe1ca8f48 Mon Sep 17 00:00:00 2001
From: Nils Ove Tendenes <50194012+NilsOveTen@users.noreply.github.com>
Date: Fri, 6 Dec 2024 08:45:45 +0100
Subject: [PATCH] fix: escape special characters in mongodb password (#87)

* fix: escape special characters in mongodb password

* chore: add dockerfile recommendations

* Update docker-compose.yaml

Co-authored-by: Hege Aalvik <48259307+hegeaal@users.noreply.github.com>

* chore: configure mongodb via spring data props

* chore: move java tool input to standard env

---------

Co-authored-by: Hege Aalvik <48259307+hegeaal@users.noreply.github.com>
---
 Dockerfile                                    |  4 +--
 deploy/demo/env.yaml                          |  2 ++
 deploy/prod/env.yaml                          |  2 ++
 deploy/staging/env.yaml                       |  2 ++
 docker-compose.yaml                           | 28 ++++---------------
 .../configuration/MongoConfig.kt              | 22 +++++++++++++++
 src/main/resources/application.yaml           | 25 +++++++++++++++--
 .../servicecatalog/utils/ApiTestContext.kt    |  2 +-
 8 files changed, 59 insertions(+), 28 deletions(-)
 create mode 100644 src/main/kotlin/no/digdir/servicecatalog/configuration/MongoConfig.kt

diff --git a/Dockerfile b/Dockerfile
index 6778368..a2d8129 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
 FROM eclipse-temurin:21-jre-alpine
 
 ARG USER=default
-ENV HOME /home/$USER
+ENV HOME=/home/$USER
 
 ENV TZ=Europe/Oslo
 RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
@@ -18,4 +18,4 @@ WORKDIR $HOME
 
 COPY --chown=app:app /target/app.jar app.jar
 
-CMD java -jar -XX:+UseZGC $JAVA_OPTS app.jar
+CMD ["sh", "-c", "java -jar $JAVA_OPTS app.jar"]
diff --git a/deploy/demo/env.yaml b/deploy/demo/env.yaml
index 11d5bf5..7581ff5 100644
--- a/deploy/demo/env.yaml
+++ b/deploy/demo/env.yaml
@@ -11,6 +11,8 @@ spec:
       containers:
         - name: service-catalog
           env:
+            - name: JAVA_TOOL_OPTIONS
+              value: "-Xmx1g -XX:+UseZGC -XX:MaxRAMPercentage=80.0"
             - name: MONGO_USERNAME
               valueFrom:
                 secretKeyRef:
diff --git a/deploy/prod/env.yaml b/deploy/prod/env.yaml
index ff5506c..9853e5a 100644
--- a/deploy/prod/env.yaml
+++ b/deploy/prod/env.yaml
@@ -11,6 +11,8 @@ spec:
       containers:
         - name: service-catalog
           env:
+            - name: JAVA_TOOL_OPTIONS
+              value: "-Xmx1g -XX:+UseZGC -XX:MaxRAMPercentage=80.0"
             - name: MONGO_USERNAME
               valueFrom:
                 secretKeyRef:
diff --git a/deploy/staging/env.yaml b/deploy/staging/env.yaml
index c69ac76..ed6f702 100644
--- a/deploy/staging/env.yaml
+++ b/deploy/staging/env.yaml
@@ -11,6 +11,8 @@ spec:
       containers:
         - name: service-catalog
           env:
+            - name: JAVA_TOOL_OPTIONS
+              value: "-Xmx1g -XX:+UseZGC -XX:MaxRAMPercentage=80.0"
             - name: MONGO_USERNAME
               valueFrom:
                 secretKeyRef:
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 648edba..b580a9f 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,29 +1,11 @@
 version: "3"
 services:
 
-  app:
-    build: .
-    image: eu.gcr.io/digdir-fdk-infra/service-catalog
-    environment:
-      - MONGO_USERNAME=root
-      - MONGO_PASSWORD=admin
-      - MONGODB_HOST=mongodb:27017
-      - MONGODB_AUTH=admin
-      - MONGODB_REPLICASET=replicaset
-      - SSO_HOST=https://sso.staging.fellesdatakatalog.digdir.no
-      - SERVICE_CATALOG_URI=https://localhost:8080
-    ports:
-      - "9090:8080"
-    depends_on:
-      - mongodb
-
   mongodb:
-    image: bitnami/mongodb:latest
+    image: mongo:latest
     environment:
-      - MONGODB_ROOT_PASSWORD=admin
-      # Activate this if connecting from localhost
-      - MONGODB_ADVERTISED_HOSTNAME=localhost
-      - MONGODB_REPLICA_SET_MODE=primary
-      - MONGODB_REPLICA_SET_KEY=replicaset
+      - MONGO_INITDB_DATABASE=serviceCatalog
+      - MONGO_INITDB_ROOT_PASSWORD=adm?i=n
+      - MONGO_INITDB_ROOT_USERNAME=root
     ports:
-      - "27017:27017"
\ No newline at end of file
+      - "27017:27017"
diff --git a/src/main/kotlin/no/digdir/servicecatalog/configuration/MongoConfig.kt b/src/main/kotlin/no/digdir/servicecatalog/configuration/MongoConfig.kt
new file mode 100644
index 0000000..c7c5c66
--- /dev/null
+++ b/src/main/kotlin/no/digdir/servicecatalog/configuration/MongoConfig.kt
@@ -0,0 +1,22 @@
+package no.digdir.servicecatalog.configuration
+
+import com.mongodb.client.MongoClient
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.data.mongodb.core.MongoOperations
+import org.springframework.data.mongodb.core.MongoTemplate
+
+
+@Configuration
+open class MongoConfig(
+    @Value("\${spring.data.mongodb.database}")
+    private val database: String
+) {
+
+    @Bean
+    open fun mongoTemplate(mongoClient: MongoClient): MongoOperations {
+        return MongoTemplate(mongoClient, database)
+    }
+
+}
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index ce0d1c6..9e852c4 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -11,7 +11,15 @@ management:
     livenessState.enabled: true
     readinessState.enabled: true
 spring:
-  data.mongodb.uri: mongodb://${MONGO_USERNAME}:${MONGO_PASSWORD}@${MONGODB_HOST}/serviceCatalog?authSource=${MONGODB_AUTH}&replicaSet=${MONGODB_REPLICASET}
+  data.mongodb:
+      host: ${MONGODB_HOST}
+      username: ${MONGO_USERNAME}
+      password: ${MONGO_PASSWORD}
+      authentication-database: ${MONGODB_AUTH}
+      replica-set-name: ${MONGODB_REPLICASET}
+      port: 27017
+      database: serviceCatalog
+      auto-index-creation: true
   security:
     oauth2:
       resourceserver:
@@ -24,6 +32,13 @@ application:
 ---
 spring:
   config.activate.on-profile: test
+  data:
+    mongodb:
+      host: localhost
+      username: testuser
+      password: testpassword
+      authentication-database: admin
+      replica-set-name: null
   security:
     oauth2:
       resourceserver:
@@ -36,7 +51,13 @@ application:
 ---
 spring:
   config.activate.on-profile: dev
-  data.mongodb.uri: mongodb://root:admin@localhost:27017/serviceCatalog?authSource=admin&replicaSet=replicaset
+  data:
+    mongodb:
+      host: localhost
+      username: root
+      password: adm?i=n
+      authentication-database: admin
+      replica-set-name: null
   security:
     oauth2:
       resourceserver:
diff --git a/src/test/kotlin/no/digdir/servicecatalog/utils/ApiTestContext.kt b/src/test/kotlin/no/digdir/servicecatalog/utils/ApiTestContext.kt
index 73ac72e..2c1a64c 100644
--- a/src/test/kotlin/no/digdir/servicecatalog/utils/ApiTestContext.kt
+++ b/src/test/kotlin/no/digdir/servicecatalog/utils/ApiTestContext.kt
@@ -36,7 +36,7 @@ abstract class ApiTestContext {
     internal class Initializer : ApplicationContextInitializer<ConfigurableApplicationContext> {
         override fun initialize(configurableApplicationContext: ConfigurableApplicationContext) {
             TestPropertyValues.of(
-                "spring.data.mongodb.uri=mongodb://$MONGO_USER:$MONGO_PASSWORD@localhost:${mongoContainer.getMappedPort(MONGO_PORT)}/$MONGO_DB_NAME?authSource=admin",
+                "spring.data.mongodb.port=${mongoContainer.getMappedPort(MONGO_PORT)}"
             ).applyTo(configurableApplicationContext.environment)
         }
     }