feat: register gateway to additional discovery service (#3068)

* chore: move babel to dev, modify webpack config, spring security

Signed-off-by: achmelo <[email protected]>

* fix: Integration tests for new Cloud Gateway routing (#3044)

* Added routing integration tests, and some fixes

Signed-off-by: Elena Kubantseva <[email protected]>

* More integration tests and fixes

Signed-off-by: Elena Kubantseva <[email protected]>

* Addressed review comments

Signed-off-by: Elena Kubantseva <[email protected]>

---------

Signed-off-by: Elena Kubantseva <[email protected]>
Signed-off-by: achmelo <[email protected]>

* chore: update dependencies (#3048)

* chore: move babel to dev, modify webpack config, spring security

Signed-off-by: achmelo <[email protected]>

* update npm lock

Signed-off-by: achmelo <[email protected]>

* old component update

Signed-off-by: achmelo <[email protected]>

---------

Signed-off-by: achmelo <[email protected]>

* remove dependency from spring enabler (#3052)

Signed-off-by: Pablo Hernán Carle <[email protected]>
Co-authored-by: Pablo Hernán Carle <[email protected]>
Signed-off-by: achmelo <[email protected]>

* [skip ci] Update version

Signed-off-by: achmelo <[email protected]>

* [Gradle Release plugin] [skip ci] Before tag commit 'v2.10.15'.

Signed-off-by: achmelo <[email protected]>

* [Gradle Release plugin] Create new version: 'v2.11.0-SNAPSHOT'.

Signed-off-by: achmelo <[email protected]>

* [skip ci] Update version

Signed-off-by: achmelo <[email protected]>

* [Gradle Release plugin] [skip ci] Before tag commit 'v2.11.0'.

Signed-off-by: achmelo <[email protected]>

* [Gradle Release plugin] Create new version: 'v2.11.1-SNAPSHOT'.

Signed-off-by: achmelo <[email protected]>

* chore: Update UI per suggestions from UX + add keyboard shortcuts - Mike (#3053)

* chore[ui]: Update UI per suggestions from UX (#3047)

* chore[ui]: Update UI per suggestions from UX

Update screens to closer align to figma.

Signed-off-by: Mike Simpson <[email protected]>

* style inputs and focus and hover

---------

Signed-off-by: Mike Simpson <[email protected]>
Co-authored-by: Andrea Tabone <[email protected]>

* wip

Signed-off-by: at670475 <[email protected]>

* fix zowe ui

Signed-off-by: at670475 <[email protected]>

* address sonar complains

Signed-off-by: at670475 <[email protected]>

* add tests

Signed-off-by: at670475 <[email protected]>

* add test

Signed-off-by: at670475 <[email protected]>

* add test

Signed-off-by: at670475 <[email protected]>

* fix dev mode and navbar

Signed-off-by: at670475 <[email protected]>

---------

Signed-off-by: Mike Simpson <[email protected]>
Signed-off-by: at670475 <[email protected]>
Co-authored-by: ms895784 <[email protected]>
Signed-off-by: achmelo <[email protected]>

* GH2883 Move ServicesInfoService to the apiml-common (#3056)

Signed-off-by: alexandr cumarav <[email protected]>
Co-authored-by: alexandr cumarav <[email protected]>
Signed-off-by: achmelo <[email protected]>

* feat: verify service SSO support from API ML (#3054)

* feat(gateway): Reformatted and changed messages a little bit, also changed the container to use sets instead of a list

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): Work on SSO verification

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): Fixed style problems

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): Fixed tests

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): Coverage

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): fixed warnings

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): fixed integration tests

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): small refactoring

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): removed some files from PR

Signed-off-by: matejpopda <[email protected]>

* feat(gateway): addressed some comments

Signed-off-by: matejpopda <[email protected]>

---------

Signed-off-by: matejpopda <[email protected]>
Signed-off-by: achmelo <[email protected]>

* register GW into 2 DS with one being primary for auth, service info,..

Signed-off-by: achmelo <[email protected]>

* wrapper for discovery clients

Signed-off-by: achmelo <[email protected]>

* feat: Forward client certificate from central gateway to domain gateway in request header (#3046)

* Add new filter for re-sending auth source.

Signed-off-by: Petr Weinfurt <[email protected]>

* add license text

Signed-off-by: Petr Weinfurt <[email protected]>

* Read certificate from request header

Signed-off-by: at670475 <[email protected]>

* add integration test

Signed-off-by: at670475 <[email protected]>

* add header to test

Signed-off-by: at670475 <[email protected]>

* add unit test

Signed-off-by: at670475 <[email protected]>

* add error to the log

Signed-off-by: at670475 <[email protected]>

* optmize code and check for certificate in the attibute

Signed-off-by: at670475 <[email protected]>

* Add certificate signature to the additional header

Signed-off-by: Petr Weinfurt <[email protected]>

* Add public rest endpoint to provide JWK set.

Signed-off-by: Petr Weinfurt <[email protected]>

* WellKnownRestController and tests

Signed-off-by: Petr Weinfurt <[email protected]>

* add licenses

Signed-off-by: Petr Weinfurt <[email protected]>

* Add simple integration test

Signed-off-by: Petr Weinfurt <[email protected]>

* Add integration tests for well-known endpoint.

Signed-off-by: Petr Weinfurt <[email protected]>

* Add some javadoc.

Signed-off-by: Petr Weinfurt <[email protected]>

* Fix integration test

Signed-off-by: Petr Weinfurt <[email protected]>

* validate cert

Signed-off-by: at670475 <[email protected]>

* Simplify retrieving the public key.

Signed-off-by: Petr Weinfurt <[email protected]>

* Fix for integration tests

Signed-off-by: Petr Weinfurt <[email protected]>

* Cloud gateway provides certificate chain on public endpoint (instead of public key). Certificate is sent in Client-Cert header.

Signed-off-by: Petr Weinfurt <[email protected]>

* Cloud gateway implementation fixes

Signed-off-by: Petr Weinfurt <[email protected]>

* Categorize certs filter WIP

Signed-off-by: Petr Weinfurt <[email protected]>

* Merge with master branch

Signed-off-by: Petr Weinfurt <[email protected]>

* Fix casting exception

Signed-off-by: Petr Weinfurt <[email protected]>

* Cleanup. Add log messages.

Signed-off-by: Petr Weinfurt <[email protected]>

* Fixes

Signed-off-by: Petr Weinfurt <[email protected]>

* Add tests for CategorizeCertsFilter

Signed-off-by: Petr Weinfurt <[email protected]>

* Add CertificateValidatorTest

Signed-off-by: Petr Weinfurt <[email protected]>

* Add caching trusted certificates

Signed-off-by: Petr Weinfurt <[email protected]>

* Fix message types

Signed-off-by: Petr Weinfurt <[email protected]>

* Add javadoc

Signed-off-by: Petr Weinfurt <[email protected]>

* remove unnecessary dependency

Signed-off-by: Petr Weinfurt <[email protected]>

* Prepare SSL Auth for integration test.

Signed-off-by: Petr Weinfurt <[email protected]>

* Remove obsolete test

Signed-off-by: Petr Weinfurt <[email protected]>

* Add new runtime variables to start.sh files.

Signed-off-by: Petr Weinfurt <[email protected]>

* Add new options to manifest.yaml files

Signed-off-by: Petr Weinfurt <[email protected]>

* fix integration test

Signed-off-by: Petr Weinfurt <[email protected]>

* Update IT

Signed-off-by: Petr Weinfurt <[email protected]>

* Update keystore for IT

Signed-off-by: Petr Weinfurt <[email protected]>

* Update error messages

Signed-off-by: Petr Weinfurt <[email protected]>

* Update common name in the certificate

Signed-off-by: Petr Weinfurt <[email protected]>

* Update common name in the certificate

Signed-off-by: Petr Weinfurt <[email protected]>

* Update common name in the certificate

Signed-off-by: Petr Weinfurt <[email protected]>

* Update common name in the certificate

Signed-off-by: Petr Weinfurt <[email protected]>

* Add tests for CategorizeCertsFilter

Signed-off-by: Petr Weinfurt <[email protected]>

* Add CA certificate to keystore

Signed-off-by: Petr Weinfurt <[email protected]>

* Add unit tests

Signed-off-by: Petr Weinfurt <[email protected]>

* disable forwarded cert in gateway on localhost

Signed-off-by: Petr Weinfurt <[email protected]>

* Resolve code review

Signed-off-by: Petr Weinfurt <[email protected]>

* Increase coverage

Signed-off-by: Petr Weinfurt <[email protected]>

* Externalize the update public keys function to the CategorizeCertsFilter. Update tests.

Signed-off-by: Petr Weinfurt <[email protected]>

* Increase coverage.

Signed-off-by: Petr Weinfurt <[email protected]>

---------

Signed-off-by: Petr Weinfurt <[email protected]>
Signed-off-by: at670475 <[email protected]>
Co-authored-by: Andrea Tabone <[email protected]>
Co-authored-by: achmelo <[email protected]>
Signed-off-by: achmelo <[email protected]>

* chore: add media icon and change link color (#3057)

---------

Signed-off-by: at670475 <[email protected]>
Signed-off-by: Pablo Hernán Carle <[email protected]>
Co-authored-by: Pablo Hernán Carle <[email protected]>
Co-authored-by: Pablo Carle <[email protected]>
Signed-off-by: achmelo <[email protected]>

* fix unregistering

Signed-off-by: achmelo <[email protected]>

* cleanup

Signed-off-by: achmelo <[email protected]>

* IT for multiple registration

Signed-off-by: achmelo <[email protected]>

* revert reading of DC list to original version

Signed-off-by: achmelo <[email protected]>

* revert checkstyle

Signed-off-by: achmelo <[email protected]>

* REMOVE! hardcode DS url for test

Signed-off-by: achmelo <[email protected]>

* run new job only

Signed-off-by: achmelo <[email protected]>

* skip tests

Signed-off-by: achmelo <[email protected]>

* styles

Signed-off-by: achmelo <[email protected]>

* align with original CITests

Signed-off-by: achmelo <[email protected]>

* add metrics service test

Signed-off-by: achmelo <[email protected]>

* Revert "run new job only"

This reverts commit 530047e.

Signed-off-by: achmelo <[email protected]>

* fix: Fixes for API Catalog standalone mode (#3050)

---------

Signed-off-by: Pablo Hernán Carle <[email protected]>
Co-authored-by: Pablo Hernán Carle <[email protected]>
Signed-off-by: achmelo <[email protected]>

* fix: header in api portal (#3059)

Signed-off-by: Pablo Hernán Carle <[email protected]>
Co-authored-by: Pablo Hernán Carle <[email protected]>
Signed-off-by: achmelo <[email protected]>

* verify registration with second DS

Signed-off-by: achmelo <[email protected]>

* hardcode discovery host

Signed-off-by: achmelo <[email protected]>

* revert local auth provider

Signed-off-by: achmelo <[email protected]>

* getting the list of discovery services from configuration

Signed-off-by: sj895092 <[email protected]>
Signed-off-by: achmelo <[email protected]>

* create bean conditionally

Signed-off-by: achmelo <[email protected]>

* changed the name from discoveryServiceUrlsList to centralRegistryUrls

Signed-off-by: sj895092 <[email protected]>
Signed-off-by: achmelo <[email protected]>

* Changed name of  a variable to url

Signed-off-by: sj895092 <[email protected]>
Signed-off-by: achmelo <[email protected]>

* enable second registration in CITests

Signed-off-by: achmelo <[email protected]>

* default value must be empty

Signed-off-by: achmelo <[email protected]>

* revert logging level

Signed-off-by: achmelo <[email protected]>

* fix styles

Signed-off-by: achmelo <[email protected]>

* code review, store unit test reports

Signed-off-by: achmelo <[email protected]>

* increase test coverage

Signed-off-by: achmelo <[email protected]>

* add licenses

Signed-off-by: achmelo <[email protected]>

* AOP check is done also inside getTargetObject

Signed-off-by: achmelo <[email protected]>

* remove empty test

Signed-off-by: achmelo <[email protected]>

* code review

Signed-off-by: achmelo <[email protected]>

* Revert "code review"

This reverts commit 5cad7ed.

* shutdown discoveryclient in test

Signed-off-by: achmelo <[email protected]>

* Revert "Revert "code review""

This reverts commit 956dbd6

Signed-off-by: achmelo <[email protected]>

* skip test

Signed-off-by: achmelo <[email protected]>

* debug system exit

Signed-off-by: achmelo <[email protected]>

* return test

Signed-off-by: achmelo <[email protected]>

* remove debugging

Signed-off-by: achmelo <[email protected]>

* remove system exit

Signed-off-by: achmelo <[email protected]>

* separate startup check from build

Signed-off-by: achmelo <[email protected]>

---------

Signed-off-by: achmelo <[email protected]>
Signed-off-by: Elena Kubantseva <[email protected]>
Signed-off-by: Pablo Hernán Carle <[email protected]>
Signed-off-by: Mike Simpson <[email protected]>
Signed-off-by: at670475 <[email protected]>
Signed-off-by: alexandr cumarav <[email protected]>
Signed-off-by: matejpopda <[email protected]>
Signed-off-by: Petr Weinfurt <[email protected]>
Signed-off-by: sj895092 <[email protected]>
Co-authored-by: Elena Kubantseva <[email protected]>
Co-authored-by: Pablo Carle <[email protected]>
Co-authored-by: Pablo Hernán Carle <[email protected]>
Co-authored-by: Zowe Robot <[email protected]>
Co-authored-by: Andrea Tabone <[email protected]>
Co-authored-by: ms895784 <[email protected]>
Co-authored-by: cumarav <[email protected]>
Co-authored-by: alexandr cumarav <[email protected]>
Co-authored-by: matejpopda <[email protected]>
Co-authored-by: Petr Weinfurt <[email protected]>
Co-authored-by: Andrea Tabone <[email protected]>
Co-authored-by: sj895092 <[email protected]>

.github/workflows/ci-tests.yml

@@ -28,13 +28,22 @@ jobs:
 
             -   name: Build with Gradle
                 run: >
-                    ./gradlew clean build runStartUpCheck --info --scan -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }}
+                    ./gradlew clean build --info --scan
+            -   name: Run startup check
+                run: >
+                    ./gradlew runStartUpCheck --info --scan
             -   name: Store results
                 uses: actions/upload-artifact@v2
                 if: always()
                 with:
                     name: CITests-${{ env.JOB_ID }}
                     path: |
                         integration-tests/build/reports/**
+                        gateway-service/build/reports/**
+                        api-catalog-services/build/reports/**
+                        caching-service/build/reports/**
+                        cloud-gateway-service/build/reports/**
+                        discovery-service/build/reports/**
+                        metrics-service/build/reports/**
 
             -   uses: ./.github/actions/teardown

.github/workflows/containers.yml

@@ -55,12 +55,19 @@ jobs:
                 image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }}
                 volumes:
                     - /api-defs:/api-defs
+            discovery-service-2:
+                image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }}
+                volumes:
+                    - /api-defs:/api-defs
+                env:
+                    APIML_SERVICE_HOSTNAME: discovery-service-2
             gateway-service:
                 image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }}
                 env:
                     APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader
                     APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader
                     APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader
+                    APIML_SERVICE_CENTRALREGISTRYURLS: https://discovery-service-2:10011/eureka
             mock-services:
                 image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }}
             metrics-service:

.run/GatewayApplication.run.xml

@@ -8,7 +8,6 @@
       </param>
     </additionalParameters>
     <option name="ALTERNATIVE_JRE_PATH" value="1.8 (2)" />
-    <option name="ALTERNATIVE_JRE_PATH_ENABLED" value="true" />
     <module name="api-layer.gateway-service.main" />
     <option name="SHORTEN_COMMAND_LINE" value="MANIFEST" />
     <option name="SPRING_BOOT_MAIN_CLASS" value="org.zowe.apiml.gateway.GatewayApplication" />

apiml-common/src/main/java/org/zowe/apiml/product/web/HttpConfig.java

@@ -299,5 +299,9 @@ public EurekaJerseyClient eurekaJerseyClient() {
         return eurekaJerseyClientBuilder.build();
     }
 
+    @Bean
+    public EurekaJerseyClientBuilder eurekaJerseyClientBuilder() {
+        return eurekaJerseyClientBuilder;
+    }
 
 }

config/local/gateway-service.yml

@@ -5,7 +5,9 @@ apiml:
         hostname: localhost
         ipAddress: 127.0.0.1
         port: 10010
+        centralRegistryUrls: https://localhost:10021/eureka/,https://localhost:10031/eureka/
         discoveryServiceUrls: https://localhost:10011/eureka/
+
     security:
         allowTokenRefresh: true
         webfinger:

gateway-package/src/main/resources/bin/start.sh

@@ -207,6 +207,7 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${GATEWAY_CODE} java \
     -Dapiml.service.hostname=${ZWE_haInstance_hostname:-localhost} \
     -Dapiml.service.port=${ZWE_configs_port:-7554} \
     -Dapiml.service.discoveryServiceUrls=${ZWE_DISCOVERY_SERVICES_LIST:-"https://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_discovery_port:-7553}/eureka/"} \
+    -Dapiml.service.centralRegistryUrls=${ZWE_configs_apiml_service_centralRegistryUrls:-} \
     -Dapiml.service.allowEncodedSlashes=${ZWE_configs_apiml_service_allowEncodedSlashes:-true} \
     -Dapiml.service.corsEnabled=${ZWE_configs_apiml_service_corsEnabled:-false} \
     -Dapiml.service.externalUrl="${httpProtocol}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \

gateway-service/src/main/java/org/zowe/apiml/gateway/config/DiscoveryClientConfig.java

@@ -14,46 +14,86 @@
 import com.netflix.appinfo.HealthCheckHandler;
 import com.netflix.discovery.AbstractDiscoveryClientOptionalArgs;
 import com.netflix.discovery.EurekaClientConfig;
+import com.netflix.discovery.shared.transport.jersey.EurekaJerseyClientImpl;
 import lombok.RequiredArgsConstructor;
-import org.springframework.aop.support.AopUtils;
+import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.cloud.context.config.annotation.RefreshScope;
+import org.springframework.cloud.netflix.eureka.EurekaClientConfigBean;
+import org.springframework.cloud.netflix.eureka.MutableDiscoveryClientOptionalArgs;
 import org.springframework.cloud.util.ProxyUtils;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.zowe.apiml.gateway.discovery.ApimlDiscoveryClient;
 
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
 /**
  * This configuration override bean EurekaClient with custom ApimlDiscoveryClient. This bean offer additional method
  * fetchRegistry. User can call this method to asynchronously fetch new data from discovery service. There is no time
  * to fetching.
  * <p>
- * Configuration also add listeners to call other beans waiting for fetch new registry. It speed up distribution of
+ * Configuration also add listeners to call other beans waiting for fetch new registry. It speeds up distribution of
  * changes in whole gateway.
  */
 @Configuration
 @RequiredArgsConstructor
 public class DiscoveryClientConfig {
     private final ApplicationContext context;
     private final AbstractDiscoveryClientOptionalArgs<?> optionalArgs;
+    private final EurekaJerseyClientImpl.EurekaJerseyClientBuilder eurekaJerseyClientBuilder;
+
+    @Value("${apiml.service.centralRegistryUrls:-}")
+    private String[] centralRegistryUrls;
 
     @Bean(destroyMethod = "shutdown")
     @RefreshScope
-    public ApimlDiscoveryClient eurekaClient(ApplicationInfoManager manager,
-                                             EurekaClientConfig config,
-                                             @Autowired(required = false) HealthCheckHandler healthCheckHandler
+    public ApimlDiscoveryClient primaryApimlEurekaClient(ApplicationInfoManager manager,
+                                                         EurekaClientConfig config,
+                                                         @Autowired(required = false) HealthCheckHandler healthCheckHandler
     ) {
-        ApplicationInfoManager appManager;
-        if (AopUtils.isAopProxy(manager)) {
-            appManager = ProxyUtils.getTargetObject(manager);
-        } else {
-            appManager = manager;
-        }
+        ApplicationInfoManager appManager = ProxyUtils.getTargetObject(manager);
+
         final ApimlDiscoveryClient discoveryClientClient = new ApimlDiscoveryClient(appManager, config, this.optionalArgs, this.context);
         discoveryClientClient.registerHealthCheck(healthCheckHandler);
 
         return discoveryClientClient;
     }
 
+    @Bean(destroyMethod = "shutdown")
+    @ConditionalOnProperty(name = "apiml.service.centralRegistryUrls")
+    @RefreshScope
+    public DiscoveryClientWrapper additionalDiscoveryClientWrapper(ApplicationInfoManager manager,
+                                                                   EurekaClientConfig config,
+                                                                   @Autowired(required = false) HealthCheckHandler healthCheckHandler
+    ) {
+        ApplicationInfoManager appManager = ProxyUtils.getTargetObject(manager);
+        List<ApimlDiscoveryClient> discoveryClientsList = new ArrayList<>();
+
+        for (String url : centralRegistryUrls) {
+
+            EurekaClientConfigBean configBean = new EurekaClientConfigBean();
+            BeanUtils.copyProperties(config, configBean);
+
+            Map<String, String> urls = new HashMap<>();
+            urls.put("defaultZone", url);
+
+            configBean.setServiceUrl(urls);
+
+            MutableDiscoveryClientOptionalArgs args = new MutableDiscoveryClientOptionalArgs();
+            args.setEurekaJerseyClient(eurekaJerseyClientBuilder.build());
+
+            final ApimlDiscoveryClient discoveryClientClient = new ApimlDiscoveryClient(appManager, configBean, args, this.context);
+            discoveryClientClient.registerHealthCheck(healthCheckHandler);
+            discoveryClientsList.add(discoveryClientClient);
+        }
+
+        return new DiscoveryClientWrapper(discoveryClientsList);
+    }
 }

gateway-service/src/main/java/org/zowe/apiml/gateway/config/DiscoveryClientWrapper.java

@@ -0,0 +1,29 @@
+/*
+ * This program and the accompanying materials are made available under the terms of the
+ * Eclipse Public License v2.0 which accompanies this distribution, and is available at
+ * https://www.eclipse.org/legal/epl-v20.html
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Copyright Contributors to the Zowe Project.
+ */
+
+package org.zowe.apiml.gateway.config;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import org.zowe.apiml.gateway.discovery.ApimlDiscoveryClient;
+
+import java.util.List;
+
+@AllArgsConstructor
+@Getter
+public class DiscoveryClientWrapper {
+    private List<ApimlDiscoveryClient> discoveryClients;
+
+    public void shutdown() {
+        if (discoveryClients != null) {
+            discoveryClients.forEach(ApimlDiscoveryClient::shutdown);
+        }
+    }
+}

gateway-service/src/main/java/org/zowe/apiml/gateway/controllers/CacheServiceController.java

@@ -23,7 +23,7 @@
 
 /**
  * This controller allows control the caches about services. The main purpose is to evict cached data
- * about services when a update happened in discovery service. Discovery service notifies about any
+ * about services when an update happened in discovery service. Discovery service notifies about any
  * change to be sure that cache on gateway is still valid.
  */
 @AllArgsConstructor

gateway-service/src/main/java/org/zowe/apiml/gateway/discovery/ApimlDiscoveryClient.java

@@ -26,7 +26,7 @@
 import java.util.concurrent.TimeUnit;
 
 /**
- * Custom implementation of Eureka client. It support additional feature:
+ * Custom implementation of Eureka client. It supports additional feature:
  * - fetchRegistry - invoke asynchronous task to update registry from discovery client immediatelly
  */
 public class ApimlDiscoveryClient extends CloudEurekaClient {

gateway-service/src/main/java/org/zowe/apiml/gateway/security/service/JwtSecurity.java

@@ -258,7 +258,6 @@ public Optional<JWK> getJwkPublicKey() {
      */
     private void validateInitializationWhenZosmfIsAvailable() {
         zosmfListener.register();
-
         new Thread(() -> {
             try {
                 events.add("Started waiting for z/OSMF instance " + zosmfServiceId + " to be registered and known by the discovery service");
@@ -273,7 +272,6 @@ private void validateInitializationWhenZosmfIsAvailable() {
                     apimlLog.log("org.zowe.apiml.gateway.jwtProducerConfigError", StringUtils.join(events, "\n"));
                 }
                 apimlLog.log("org.zowe.apiml.security.zosmfInstanceNotFound", zosmfServiceId);
-                System.exit(1);
             }
         }).start();
     }
@@ -317,7 +315,7 @@ public void onEvent(EurekaEvent event) {
                         synchronized (events) {
                             apimlLog.log("org.zowe.apiml.gateway.jwtProducerConfigError", StringUtils.join(events, "\n"));
                         }
-                        System.exit(1);
+                        System.exit(1); // TODO remove
                     }
                 } else {
                     events.add("z/OSMF instance " + zosmfServiceId + " is not available and online yet.");

gateway-service/src/main/java/org/zowe/apiml/gateway/security/service/zosmf/AbstractZosmfService.java

@@ -12,16 +12,12 @@
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.netflix.discovery.DiscoveryClient;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.Authentication;
-import org.springframework.web.client.HttpClientErrorException;
-import org.springframework.web.client.ResourceAccessException;
-import org.springframework.web.client.RestClientException;
-import org.springframework.web.client.RestClientResponseException;
-import org.springframework.web.client.RestTemplate;
+import org.springframework.web.client.*;
 import org.zowe.apiml.message.log.ApimlLogger;
 import org.zowe.apiml.product.logging.annotations.InjectApimlLogger;
 import org.zowe.apiml.security.common.config.AuthConfigurationProperties;
@@ -30,14 +26,14 @@
 import org.zowe.apiml.util.EurekaUtils;
 
 import javax.net.ssl.SSLHandshakeException;
-
 import java.net.ConnectException;
 import java.nio.charset.StandardCharsets;
 import java.util.*;
 import java.util.function.Supplier;
 
 import static org.zowe.apiml.security.SecurityUtils.readPassword;
 
+@RequiredArgsConstructor
 @Slf4j
 public abstract class AbstractZosmfService {
 
@@ -54,18 +50,6 @@ public abstract class AbstractZosmfService {
     protected final RestTemplate restTemplateWithoutKeystore;
     protected final ObjectMapper securityObjectMapper;
 
-    protected AbstractZosmfService(
-        AuthConfigurationProperties authConfigurationProperties,
-        DiscoveryClient discovery,
-        @Qualifier("restTemplateWithoutKeystore") RestTemplate restTemplateWithoutKeystore,
-        ObjectMapper securityObjectMapper
-    ) {
-        this.authConfigurationProperties = authConfigurationProperties;
-        this.discovery = discovery;
-        this.restTemplateWithoutKeystore = restTemplateWithoutKeystore;
-        this.securityObjectMapper = securityObjectMapper;
-    }
-
     /**
      * @return serviceId of z/OSMF service from configuration, which is used
      */
@@ -121,7 +105,6 @@ protected String getAuthenticationValue(Authentication authentication) {
      *
      * @param zosmf the z/OSMF service id
      * @return the uri
-     *
      * @throws ServiceNotAccessibleException if z/OSMF is not available in discovery service
      */
     protected String getURI(String zosmf) {

gateway-service/src/main/resources/application.yml

@@ -101,6 +101,9 @@ spring:
     application:
         name: ${apiml.service.id}
     cloud:
+        discovery:
+            reactive:
+                enabled: false
         compatibilityVerifier:
             enabled: false # Should be removed when upgrade to Spring Cloud 3.x
         client:

gateway-service/src/test/java/org/zowe/apiml/gateway/config/DiscoveryClientBeanTest.java

@@ -0,0 +1,51 @@
+/*
+ * This program and the accompanying materials are made available under the terms of the
+ * Eclipse Public License v2.0 which accompanies this distribution, and is available at
+ * https://www.eclipse.org/legal/epl-v20.html
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Copyright Contributors to the Zowe Project.
+ */
+
+package org.zowe.apiml.gateway.config;
+
+import com.netflix.appinfo.*;
+import com.netflix.discovery.shared.transport.jersey.EurekaJerseyClientImpl;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.springframework.cloud.netflix.eureka.EurekaClientConfigBean;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.util.ReflectionTestUtils;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+class DiscoveryClientBeanTest {
+    DiscoveryClientConfig dcConfig;
+
+    @BeforeEach
+    void setup() {
+        ApplicationContext context = mock(ApplicationContext.class);
+        EurekaJerseyClientImpl.EurekaJerseyClientBuilder builder = mock(EurekaJerseyClientImpl.EurekaJerseyClientBuilder.class);
+        dcConfig = new DiscoveryClientConfig(context, null, builder);
+    }
+
+    @Test
+    void givenListOfCentralRegistryURLs_thenCreateNewDiscoveryClientForEach() {
+        String[] centralRegistryUrls = {"https://host:10021/eureka", "https://host:10011/eureka"};
+        ReflectionTestUtils.setField(dcConfig, "centralRegistryUrls", centralRegistryUrls);
+        ApplicationInfoManager manager = mock(ApplicationInfoManager.class);
+        InstanceInfo info = mock(InstanceInfo.class);
+        when(manager.getInfo()).thenReturn(info);
+        when(info.getIPAddr()).thenReturn("127.0.0.1");
+        when(info.getDataCenterInfo()).thenReturn(new MyDataCenterInfo(DataCenterInfo.Name.MyOwn));
+        LeaseInfo leaseInfo = mock(LeaseInfo.class);
+        when(info.getLeaseInfo()).thenReturn(leaseInfo);
+        EurekaClientConfigBean bean = new EurekaClientConfigBean();
+        DiscoveryClientWrapper wrapper = dcConfig.additionalDiscoveryClientWrapper(manager, bean, null);
+        wrapper.shutdown();
+        assertEquals(2, wrapper.getDiscoveryClients().size());
+    }
+}