From bd377b9e8c3dab09333b48e7648aeee33da26fea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Oliver=20S=C3=B8berg?= <sebastian.soberg@nav.no>
Date: Thu, 5 Dec 2024 10:07:24 +0100
Subject: [PATCH] Service discovery mot etterlatte-api

---
 apps/innsendt-soeknad/.nais/dev.yaml                     | 2 +-
 apps/innsendt-soeknad/.nais/prod.yaml                    | 3 ++-
 .../ktorclientauth/ClientCredentialAuthProvider.kt       | 9 +++++----
 apps/selvbetjening-backend/.nais/dev.yaml                | 4 +---
 apps/selvbetjening-backend/.nais/prod.yaml               | 4 +---
 5 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/apps/innsendt-soeknad/.nais/dev.yaml b/apps/innsendt-soeknad/.nais/dev.yaml
index aba79abf8..2250a37f1 100644
--- a/apps/innsendt-soeknad/.nais/dev.yaml
+++ b/apps/innsendt-soeknad/.nais/dev.yaml
@@ -79,7 +79,7 @@ spec:
     - name: NAV_CONSUMER_ID
       value: "srvbarnepensjon"
     - name: ETTERLATTE_API_URL
-      value: https://etterlatte-api.intern.dev.nav.no
+      value: http://etterlatte-api
     - name: ETTERLATTE_API_AZURE_SCOPE
       value: api://dev-gcp.etterlatte.etterlatte-api/.default
   accessPolicy:
diff --git a/apps/innsendt-soeknad/.nais/prod.yaml b/apps/innsendt-soeknad/.nais/prod.yaml
index 5d19c6434..7cc8153d1 100644
--- a/apps/innsendt-soeknad/.nais/prod.yaml
+++ b/apps/innsendt-soeknad/.nais/prod.yaml
@@ -92,12 +92,13 @@ spec:
     - name: NAV_CONSUMER_ID
       value: "srvbarnepensjon"
     - name: ETTERLATTE_API_URL
-      value: https://etterlatte-api.intern.nav.no
+      value: https://etterlatte-api
     - name: ETTERLATTE_API_AZURE_SCOPE
       value: api://prod-gcp.etterlatte.etterlatte-api/.default
   accessPolicy:
     outbound:
       rules:
+        - application: etterlatte-api
         - application: digdir-krr-proxy
           namespace: team-rocket
         - application: kodeverk-api
diff --git a/apps/innsendt-soeknad/src/main/kotlin/ktorclientauth/ClientCredentialAuthProvider.kt b/apps/innsendt-soeknad/src/main/kotlin/ktorclientauth/ClientCredentialAuthProvider.kt
index b8ecb6146..efc557ae5 100644
--- a/apps/innsendt-soeknad/src/main/kotlin/ktorclientauth/ClientCredentialAuthProvider.kt
+++ b/apps/innsendt-soeknad/src/main/kotlin/ktorclientauth/ClientCredentialAuthProvider.kt
@@ -6,6 +6,7 @@ import io.ktor.client.plugins.auth.AuthProvider
 import io.ktor.client.request.HttpRequestBuilder
 import io.ktor.http.HttpHeaders
 import io.ktor.http.auth.HttpAuthHeader
+import no.nav.etterlatte.AzureDefaultEnvVariables
 import no.nav.security.token.support.client.core.ClientAuthenticationProperties
 import no.nav.security.token.support.client.core.ClientProperties
 import no.nav.security.token.support.client.core.oauth2.ClientCredentialsTokenClient
@@ -21,15 +22,15 @@ class ClientCredentialAuthProvider(
     private val clientPropertiesConfig =
         ClientProperties(
             tokenEndpointUrl = null,
-            wellKnownUrl = config["AZURE_APP_WELL_KNOWN_URL"]?.let { URI(it) },
+            wellKnownUrl = config[AzureDefaultEnvVariables.AZURE_APP_WELL_KNOWN_URL.name]?.let { URI(it) },
             grantType = GrantType.CLIENT_CREDENTIALS,
-            scope = config["AZURE_APP_OUTBOUND_SCOPE"]?.split(",") ?: emptyList(),
+            scope = config[AzureDefaultEnvVariables.AZURE_APP_OUTBOUND_SCOPE.name]?.split(",") ?: emptyList(),
             authentication =
                 ClientAuthenticationProperties
                     .builder(
-                        clientId = config.getOrThrow("AZURE_APP_CLIENT_ID"),
+                        clientId = config.getOrThrow(AzureDefaultEnvVariables.AZURE_APP_CLIENT_ID.name),
                         clientAuthMethod = ClientAuthenticationMethod.PRIVATE_KEY_JWT,
-                    ).clientJwk(config.getOrThrow("AZURE_APP_JWK"))
+                    ).clientJwk(config.getOrThrow(AzureDefaultEnvVariables.AZURE_APP_JWK.name))
                     .build(),
             resourceUrl = null,
             tokenExchange = null,
diff --git a/apps/selvbetjening-backend/.nais/dev.yaml b/apps/selvbetjening-backend/.nais/dev.yaml
index f12d40d37..f447b0c81 100644
--- a/apps/selvbetjening-backend/.nais/dev.yaml
+++ b/apps/selvbetjening-backend/.nais/dev.yaml
@@ -61,7 +61,7 @@ spec:
     - name: PDL_AUDIENCE
       value: "dev-fss:pdl:pdl-api"
     - name: ETTERLATTE_API_URL
-      value: https://etterlatte-api.intern.dev.nav.no
+      value: http://etterlatte-api
     - name: ETTERLATTE_API_AZURE_SCOPE
       value: api://dev-gcp.etterlatte.etterlatte-api/.default
   envFrom:
@@ -70,8 +70,6 @@ spec:
     outbound:
       rules:
         - application: etterlatte-api
-          namespace: etterlatte
-          cluster: dev-gcp
       external:
         - host: pdl-api.dev-fss-pub.nais.io
         - host: etterlatte-unleash-api.nav.cloud.nais.io
diff --git a/apps/selvbetjening-backend/.nais/prod.yaml b/apps/selvbetjening-backend/.nais/prod.yaml
index 3173caeaf..b5a622f73 100644
--- a/apps/selvbetjening-backend/.nais/prod.yaml
+++ b/apps/selvbetjening-backend/.nais/prod.yaml
@@ -61,7 +61,7 @@ spec:
     - name: PDL_AUDIENCE
       value: "prod-fss:pdl:pdl-api"
     - name: ETTERLATTE_API_URL
-      value: https://etterlatte-api.intern.nav.no
+      value: https://etterlatte-api
     - name: ETTERLATTE_API_AZURE_SCOPE
       value: api://prod-gcp.etterlatte.etterlatte-api/.default
   envFrom:
@@ -70,8 +70,6 @@ spec:
     outbound:
       rules:
         - application: etterlatte-api
-          namespace: etterlatte
-          cluster: prod-gcp
       external:
         - host: pdl-api.prod-fss-pub.nais.io
         - host: etterlatte-unleash-api.nav.cloud.nais.io