Merge remote-tracking branch 'origin/main'

.github/workflows/ci-api.build.and.test.yml

@@ -1,6 +1,7 @@
 name: API CI
 
 on:
+  workflow_dispatch:
   push:
     branches:
       - main
@@ -24,22 +25,23 @@ jobs:
         working-directory: api
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - uses: actions/setup-java@v1
+      - uses: actions/setup-java@v3
         with:
-          java-version: 11
-      - uses: actions/cache@v1
+          java-version: 17
+          distribution: oracle
+      - uses: actions/cache@v3
         with:
           path: ~/.m2/repository
-          key: ${{ runner.os }}-maven-5Jun-${{ hashFiles('**/pom.xml') }}
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
           restore-keys: |
-            ${{ runner.os }}-maven-5Jun-
+            ${{ runner.os }}-maven-
       - name: Run unit tests
         run: mvn -f pom.xml clean package
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.2.5
+        uses: aquasecurity/trivy-action@0.13.0
         with:
           scan-type: 'fs'
           ignore-unfixed: true
@@ -48,11 +50,11 @@ jobs:
           severity: 'CRITICAL'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: 'trivy-results.sarif'
       - name: Cache SonarCloud packages
-        uses: actions/cache@v1
+        uses: actions/cache@v3
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar

.github/workflows/deploy-to.openshift-dev.yml

@@ -33,7 +33,7 @@ env:
   TAG: "latest"
   TARGET_ENV: "dev"
   MIN_REPLICAS: "1"
-  MAX_REPLICAS: "1"
+  MAX_REPLICAS: "2"
   MIN_CPU: "75m"
   MAX_CPU: "150m"
   MIN_MEM: "400Mi"
@@ -47,7 +47,7 @@ jobs:
   openshift-ci-cd:
     name: Build and deploy to OpenShift DEV
     # ubuntu-20.04 can also be used.
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     environment: dev
 
     outputs:
@@ -56,7 +56,7 @@ jobs:
 
     steps:
       - name: Check for required secrets
-        uses: actions/github-script@v4
+        uses: actions/github-script@v6
         with:
           script: |
             const secrets = {
@@ -94,15 +94,15 @@ jobs:
             }
 
       - name: Check out repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Determine image tags
         if: env.IMAGE_TAGS == ''
         run: |
           echo "IMAGE_TAGS=latest ${GITHUB_SHA::12}" | tee -a $GITHUB_ENV
 
       - name: Login to Docker Hub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           registry: ${{ env.DOCKER_ARTIFACTORY_REPO }}
           username: ${{ secrets.DOCKER_HUB_USERNAME }}
@@ -141,7 +141,7 @@ jobs:
           oc: 4
 
         # https://github.com/redhat-actions/oc-login#readme
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Deploy API
         run: |
@@ -169,6 +169,6 @@ jobs:
           oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }}
 
       - name: ZAP Scan
-        uses: zaproxy/action-api-scan@v0.1.0
+        uses: zaproxy/action-api-scan@v0.5.0
         with:
-          target: 'https://${{ env.APP_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/v3/api-docs'
+          target: 'https://${{ env.APP_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/v3/api-docs'

.github/workflows/deploy-to.openshift-prod.yml

@@ -27,7 +27,7 @@ env:
   TAG: "latest"
   TARGET_ENV: "prod"
   MIN_REPLICAS: "3"
-  MAX_REPLICAS: "3"
+  MAX_REPLICAS: "5"
   MIN_CPU: "75m"
   MAX_CPU: "150m"
   MIN_MEM: "400Mi"
@@ -41,7 +41,7 @@ jobs:
   openshift-ci-cd:
     name: Deploy to OpenShift PROD
     # ubuntu-20.04 can also be used.
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     environment: production
 
     outputs:
@@ -50,7 +50,7 @@ jobs:
 
     steps:
       - name: Check for required secrets
-        uses: actions/github-script@v4
+        uses: actions/github-script@v6
         with:
           script: |
             const secrets = {
@@ -88,7 +88,7 @@ jobs:
             }
 
       - name: Check out repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Get latest tag
         uses: actions-ecosystem/action-get-latest-tag@v1
@@ -100,7 +100,7 @@ jobs:
           oc: 4
 
         # https://github.com/redhat-actions/oc-login#readme
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Deploy
         run: |
           set -eux
@@ -124,4 +124,4 @@ jobs:
           || true && echo "Rollout in progress"
           oc logs -f dc/${{ env.SPRING_BOOT_IMAGE_NAME }}
           # Get status, returns 0 if rollout is successful
-          oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }}
+          oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }}

.github/workflows/deploy-to.openshift-test.yml

@@ -27,7 +27,7 @@ env:
   TAG: "latest"
   TARGET_ENV: "test"
   MIN_REPLICAS: "3"
-  MAX_REPLICAS: "3"
+  MAX_REPLICAS: "5"
   MIN_CPU: "75m"
   MAX_CPU: "150m"
   MIN_MEM: "400Mi"
@@ -41,7 +41,7 @@ jobs:
   openshift-ci-cd:
     name: Deploy to OpenShift TEST
     # ubuntu-20.04 can also be used.
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     environment: test
 
     outputs:
@@ -50,7 +50,7 @@ jobs:
 
     steps:
       - name: Check for required secrets
-        uses: actions/github-script@v4
+        uses: actions/github-script@v6
         with:
           script: |
             const secrets = {
@@ -88,7 +88,7 @@ jobs:
             }
 
       - name: Check out repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Get latest tag
         uses: actions-ecosystem/action-get-latest-tag@v1
@@ -100,7 +100,7 @@ jobs:
           oc: 4
 
         # https://github.com/redhat-actions/oc-login#readme
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Deploy
         run: |
           set -eux
@@ -124,4 +124,4 @@ jobs:
           || true && echo "Rollout in progress"
           oc logs -f dc/${{ env.SPRING_BOOT_IMAGE_NAME }}
           # Get status, returns 0 if rollout is successful
-          oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }}
+          oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }}

.github/workflows/tag-create.git.and.imagestream.tag.yml

@@ -27,7 +27,7 @@ jobs:
   openshift-ci-cd:
     name: Tag Image
     # ubuntu-20.04 can also be used.
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     environment: dev
 
     outputs:
@@ -36,10 +36,10 @@ jobs:
 
     steps:
       - name: Check out repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Create tag
-        uses: actions/github-script@v5
+        uses: actions/github-script@v6
         with:
           script: |
             github.rest.git.createRef({
@@ -55,12 +55,12 @@ jobs:
           oc: 4
 
         # https://github.com/redhat-actions/oc-login#readme
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Tag in OpenShift
         run: |
           set -eux
           # Login to OpenShift and select project
           oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }}
           oc project ${{ env.OPENSHIFT_NAMESPACE }}
           
-          oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}-${{ env.BRANCH }}:latest ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}-${{ env.BRANCH }}:${{ github.event.inputs.version }}
+          oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}-${{ env.BRANCH }}:latest ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}-${{ env.BRANCH }}:${{ github.event.inputs.version }}

Dockerfile

@@ -1,4 +1,4 @@
-FROM artifacts.developer.gov.bc.ca/docker-remote/maven:3-jdk-11 as build
+FROM artifacts.developer.gov.bc.ca/docker-remote/maven:3.8.7-openjdk-18 AS build
 WORKDIR /workspace/app
 
 COPY api/pom.xml .
@@ -10,7 +10,7 @@ FROM build AS vulnscan
 COPY --from=artifacts.developer.gov.bc.ca/docker-remote/aquasec/trivy:latest /usr/local/bin/trivy /usr/local/bin/trivy
 RUN trivy filesystem --severity CRITICAL --exit-code 0 --no-progress /
 
-FROM artifacts.developer.gov.bc.ca/docker-remote/openjdk:11-jdk as pen-myed
+FROM artifacts.developer.gov.bc.ca/docker-remote/openjdk:18.0.2.1-jdk-oracle AS pen-myed
 RUN useradd -ms /bin/bash spring
 RUN mkdir -p /logs
 RUN chown -R spring:spring /logs

api/pom.xml

@@ -14,14 +14,15 @@
     <sonar.exclusions>
       src/main/resources/**,
     </sonar.exclusions>
-    <java.version>11</java.version>
+    <java.version>17</java.version>
 
     <maven.compiler.version>3.8.0</maven.compiler.version>
     <maven.compiler.source>${java.version}</maven.compiler.source>
     <maven.compiler.target>${java.version}</maven.compiler.target>
     <org.mapstruct.version>1.4.1.Final</org.mapstruct.version>
     <shedlock.version>4.20.0</shedlock.version>
     <springdoc.version>1.5.2</springdoc.version>
+    <lombok.version>1.18.30</lombok.version>
     <nats.version>2.11.0</nats.version>
     <ojdbc.version>12.2.0.1</ojdbc.version>
     <guava.version>30.1.1-jre</guava.version>

api/src/main/java/ca/bc/gov/educ/api/pen/myed/controller/v1/PenMyEdController.java

@@ -8,7 +8,7 @@
 import ca.bc.gov.educ.api.pen.myed.mappers.v1.PenRegBatchMapper;
 import ca.bc.gov.educ.api.pen.myed.service.v1.PenMyEdService;
 import ca.bc.gov.educ.api.pen.myed.struct.v1.*;
-import ca.bc.gov.educ.api.pen.myed.struct.v1.school.PenCoordinator;
+import ca.bc.gov.educ.api.pen.myed.struct.v1.school.StudentRegistrationContact;
 import ca.bc.gov.educ.api.pen.myed.validator.PenMyEdPayloadValidator;
 import lombok.extern.slf4j.Slf4j;
 import lombok.val;
@@ -81,8 +81,8 @@ public Mono<ResponseEntity<MyEdSubmissionResult>> batchSubmissionResult(final UU
   }
 
   @Override
-  public Mono<ResponseEntity<List<PenCoordinator>>> getPenCoordinators() {
-    return this.penMyEdService.getPenCoordinators();
+  public List<StudentRegistrationContact> getStudentRegistrationContacts() {
+    return this.penMyEdService.getStudentRegistrationContacts();
   }
 
   @Override

api/src/main/java/ca/bc/gov/educ/api/pen/myed/endpoint/v1/PenMyEdApiEndpoint.java

@@ -1,7 +1,7 @@
 package ca.bc.gov.educ.api.pen.myed.endpoint.v1;
 
 import ca.bc.gov.educ.api.pen.myed.struct.v1.*;
-import ca.bc.gov.educ.api.pen.myed.struct.v1.school.PenCoordinator;
+import ca.bc.gov.educ.api.pen.myed.struct.v1.school.StudentRegistrationContact;
 import io.swagger.v3.oas.annotations.OpenAPIDefinition;
 import io.swagger.v3.oas.annotations.info.Info;
 import io.swagger.v3.oas.annotations.media.ArraySchema;
@@ -65,10 +65,10 @@ public interface PenMyEdApiEndpoint {
    */
   @GetMapping("/pen-coordinators")
   @PreAuthorize("hasAuthority('SCOPE_MYED_READ_PEN_COORDINATOR')")
-  @ApiResponses(value = {@ApiResponse(responseCode = "200", description = "OK", content = @Content(array = @ArraySchema(schema = @Schema(name = "PenCoordinator", implementation = PenCoordinator.class)))),
+  @ApiResponses(value = {@ApiResponse(responseCode = "200", description = "OK", content = @Content(array = @ArraySchema(schema = @Schema(name = "StudentRegistrationContact", implementation = StudentRegistrationContact.class)))),
     @ApiResponse(responseCode = "404", description = "NOT FOUND")})
-  @Tag(name = "Endpoint to get all Pen Coordinators.", description = "Endpoint to get all Pen Coordinators.")
-  Mono<ResponseEntity<List<PenCoordinator>>> getPenCoordinators();
+  @Tag(name = "Endpoint to get all student registration contacts.", description = "Endpoint to get all student registration contacts.")
+  List<StudentRegistrationContact> getStudentRegistrationContacts();
 
 
   /**