diff --git a/development/docker-compose/.env b/development/docker-compose/.env index 2847dfb..8c74771 100644 --- a/development/docker-compose/.env +++ b/development/docker-compose/.env @@ -1,2 +1,3 @@ -BB_VERSION=2025.08 -BOOTSTRAP_JOB_VERSION=2025.04 \ No newline at end of file +BB_VERSION=2025.09-LTS +BOOTSTRAP_JOB_VERSION=2025.04 +EXTRA_JAVA_OPTS="-XX:UseSVE=0" \ No newline at end of file diff --git a/development/docker-compose/docker-compose.yaml b/development/docker-compose/docker-compose.yaml index 3ec4538..5f42229 100644 --- a/development/docker-compose/docker-compose.yaml +++ b/development/docker-compose/docker-compose.yaml @@ -1,7 +1,8 @@ # https://docs.docker.com/compose/compose-file/ x-common-variables: &common-variables - JAVA_TOOL_OPTIONS: -XX:MaxRAMPercentage=60.0 + JAVA_TOOL_OPTIONS: -XX:MaxRAMPercentage=60.0 ${EXTRA_JAVA_OPTS} + JAVA_OPTS: ${EXTRA_JAVA_OPTS} USERCTX_KEY: JWTSecretKeyDontUseInProduction! sso.jwt.internal.signature.key.type: VALUE sso.jwt.internal.signature.key.value: JWTSecretKeyDontUseInProduction! @@ -25,7 +26,7 @@ x-common-variables: &common-variables spring.main.banner-mode: off spring.cloud.config.enabled: false spring.cloud.kubernetes.enabled: false - backbase.audit.enabled: false + backbase.audit.enabled: true backbase.security.public.paths: /integration-api/** backbase.security.mtls.enabled: false backbase.http.request-logging-filter.max-payload-length: 5000 @@ -41,6 +42,12 @@ x-common-variables: &common-variables spring.autoconfigure.exclude: org.springframework.boot.actuate.autoconfigure.tracing.zipkin.ZipkinAutoConfiguration management.otlp.tracing.endpoint: http://otel-collector:4318/v1/traces +# Silicon specific variables for services which do not use common variables and still need to run on M4 chips +x-silicon-specific-variables: &silicon-specific-variables + JAVA_OPTS: ${EXTRA_JAVA_OPTS} + JAVA_OPTS_APPEND: ${EXTRA_JAVA_OPTS} + JAVA_TOOL_OPTIONS: ${EXTRA_JAVA_OPTS} + x-database-variables: &database-variables logging.level.liquibase: INFO spring.liquibase.enabled: true @@ -83,6 +90,31 @@ x-gc-credentials: &gc-credentials backbase.gc.loan-base-url: "http://caboose:8080" backbase.gc.subscriptionKey: "" +x-mambu-creds: &mambu-creds + mambu.basePath: "http://caboose:8080/api/mambu/v2" + mambu.baseUrl: "http://caboose:8080/api/mambu/v2" + mambu.branchId: "" + mambu.branchKey: "" + mambu.username: "mock" + mambu.password: "mock" + mambu.ghostAccountId: "ZQGS770" + mambu.ghostAccountIds.USD: "ZQGS770" + mambu.ghostAccountIds.EUR: "ZQGS771" + mambu.pocketProductKey: "8a19d8937a753ef9017a76d183eb3a6c" + mambu.transactionsBeneficiaryAccountKey: "ZQGS770" + mambu.transactionsBeneficiaryAccountKeys.USD: "ZQGS770" + mambu.transactionsBeneficiaryAccountKeys.EUR: "ZQGS771" + mambu.currentAccountProductKeys.USD: "pr-current-account-usd" + mambu.currentAccountProductKeys.EUR: "pr-current-account-eur" + mambu.savingsAccountProductKeys.USD: "pr-saving-account-usd" + mambu.savingsAccountProductKeys.EUR: "pr-saving-account-eur" + mambu.line-of-credit-product-keys.USD: "pr-saving-account-usd" + mambu.line-of-credit-product-keys.EUR: "pr-saving-account-eur" + mambu.term-loan-product-keys.USD: "pr-term-loan-usd" + mambu.term-loan-product-keys.EUR: "pr-term-loan-eur" + mambu.mortgage-product-keys.USD: "pr-mortgage-usd" + mambu.mortgage-product-keys.EUR: "pr-mortgage-eur" + name: backbase volumes: @@ -147,6 +179,7 @@ services: ports: - "8761:8080" environment: + <<: *silicon-specific-variables management.tracing.enabled: false volumes: - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar @@ -199,6 +232,7 @@ services: ports: - '8180:8080' environment: + <<: [ *common-variables, *message-broker-variables, *gc-credentials, *gc-api-config, *gc-http-config, *silicon-specific-variables] KEYCLOAK_ADMIN: "admin" KEYCLOAK_ADMIN_PASSWORD: "admin" BACKBASE_HTTP_CORS: "true" @@ -210,14 +244,21 @@ services: KC_DB_PASSWORD: "root" KC_TRANSACTION_XA_ENABLED: "true" KC_LOG_LEVEL: "INFO" + backbase.audit.enabled: true KC_LOG_CONSOLE_FORMAT: "%d{yyy:MM:dd HH:mm:ss.SSS} %-5p [%X{traceId},%X{spanId},%X{sampled}] %i --- [%t] %c{2.} : %m%n" KC_HOSTNAME_URL: "http://localhost:8180/auth/" KC_SPI_SERVICE_TOKEN_DEFAULT_URL: "http://token-converter:8080" KC_SPI_USER_MANAGER_CLIENT_DEFAULT_URL: "http://user-manager:8080" KC_SPI_CONNECTIONS_JPA_LEGACY_INITIALIZE_EMPTY: "true" KC_SPI_CONNECTIONS_JPA_LEGACY_MIGRATION_STRATEGY: "update" + keycloak.backbase.event-listeners.audit.endpoint: "http://audit-service:8080" + KC_SPI_EVENTS_LISTENER_AUDIT_INTEGRATION_SERVICE_URL: "http://audit-service:8080" + KC_SPI_EVENTS_LISTENER_EVENT_BRIDGE_AUDIT_NO_AUTH_LOCALHOST: "false" + KC_SPI_EVENTS_LISTENER_EVENT_BRIDGE_AUDIT_URL: "http://event-bridge:8090" + # KC_SPI_MOBILE_AUTHENTICATION_CLIENT_DEFAULT_URL: "http://mobile-authentication:8080" JAVA_TOOL_OPTIONS: "-Dquarkus.log.category.'\"com.backbase\"'.level=DEBUG \ - -Dquarkus.log.category.'\"org.keycloak.protocol.oidc\"'.level=TRACE" + -Dquarkus.log.category.'\"org.keycloak.protocol.oidc\"'.level=TRACE \ + ${EXTRA_JAVA_OPTS}" volumes: - ./identity:/opt/keycloak/data/import - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar @@ -229,7 +270,7 @@ services: condition: service_healthy access-control: - image: repo.backbase.com/backbase-docker-releases/access-control:${BB_VERSION} + image: repo.backbase.com/backbase-docker-releases/access-control:2025.09-LTS ports: - "8040:8080" environment: @@ -311,12 +352,80 @@ services: - activemq - registry + loan-integration-outbound-mock: + image: repo.backbase.com/backbase-docker-releases/loan-integration-outbound-mock:${BB_VERSION} + ports: + - "9055:8080" + environment: + <<: [ *common-variables, *message-broker-variables, *gc-credentials, *gc-api-config, *gc-http-config ] + eureka.instance.appname: loan-integration-outbound-mock + logging.level.root: INFO + logging.level.org.springframework.web.client.RestTemplate: INFO + volumes: + - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar + healthcheck: + <<: *healthcheck-defaults + test: [ "CMD", "java", "-jar", "-Xms5M", "-Xmx10M", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] + depends_on: + mysql: + condition: service_healthy + links: + - activemq + - registry + +# loan-integration: +# image: repo.backbase.com/backbase-docker-releases/loan-integration:${BB_VERSION} +# ports: +# - "9054:8080" +# environment: +# <<: [ *common-variables, *message-broker-variables, *gc-credentials, *gc-api-config, *gc-http-config] +# eureka.instance.appname: loan-integration +# logging.level.root: INFO +# logging.level.org.springframework.web.client.RestTemplate: INFO +# volumes: +# - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar +# healthcheck: +# <<: *healthcheck-defaults +# test: [ "CMD", "java", "-jar", "-Xms5M", "-Xmx10M", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] +# depends_on: +# mysql: +# condition: service_healthy +# links: +# - activemq +# - registry + + loan: + image: repo.backbase.com/backbase-docker-releases/loan:${BB_VERSION} + ports: + - "8054:8080" + environment: + <<: [*common-variables, *message-broker-variables, *database-variables] + # backbase.arrangement.arrangement-views.views: arrangement-views + backbase.communication.services.dbs.loan.integration.outbound.service-id: "loan-integration-outbound-mock" + spring.application.name: "loan" + spring.datasource.url: jdbc:mysql://mysql:3306/loan?useSSL=false&allowPublicKeyRetrieval=true&cacheServerConfiguration=true&createDatabaseIfNotExist=true + backbase.arrangement.alias.journey: "USER_ALIAS" + spring.cloud.azure.eventhubs.kafka.enabled: "false" + backbase.loan.payments.payment-option-validation-on-core-banking: "false" + volumes: + - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar + healthcheck: + <<: *healthcheck-defaults + test: [ "CMD", "java", "-jar", "-Xms5M", "-Xmx10M", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] + depends_on: + mysql: + condition: service_healthy + links: + - activemq + - registry + transaction-manager: - image: repo.backbase.com/backbase-docker-releases/transaction-manager:5.5.0 + image: repo.backbase.com/backbase-docker-releases/transaction-manager:2025.08.5 ports: - "8052:8080" environment: - <<: [ *common-variables, *message-broker-variables, *database-variables ] + <<: [ *common-variables, *message-broker-variables, *database-variables, *mambu-creds ] + spring.application.name: "transaction-manager" spring.datasource.url: jdbc:mysql://mysql:3306/transaction-manager?useSSL=false&allowPublicKeyRetrieval=true&cacheServerConfiguration=true&createDatabaseIfNotExist=true "backbase.communication.http.autowire-object-mapper": "true" "backbase.security.csrf.enabled": "false" @@ -335,6 +444,24 @@ services: "backbase.transaction.domain.types": "PAY" "backbase.transaction.domain.typeGroups": "PAY" "backbase.transaction.domain.typeGroupMapping.PAY": "PAY" + "backbase.communication.services.transaction.enrichment.version": "v1" + "backbase.lifecycle.delayed-shutdown.delay": "15s" + "backbase.lifecycle.delayed-shutdown.enabled": "true" + "backbase.tailored-value-proposition.enabled": "true" + "backbase.transaction.domain.typeGroupMapping.Fees": "Fee, Cheques" + "backbase.transaction.domain.typeGroupMapping.Loans": "Deposit, ACH" + "backbase.transaction.domain.typeGroupMapping.Other": "Other" + "backbase.transaction.domain.typeGroupMapping.Payment": "Credit/Debit Card, Bill Payment" + "backbase.transaction.domain.typeGroupMapping.Withdrawal": "ATM, Cash, POS, Withdrawal" + "backbase.transaction.export.csv.dateFormat": "MM/dd/YYYY" + "backbase.transaction.export.csv.fields": "BBAN,name,counterPartyAccountNumber,counterPartyName,currency,amount,creditDebitIndicator,bookingDate,type,typeGroup,reference,instructedCurrency,currencyExchangeRate,instructedAmount,description,category,checkSerialNumber" + "backbase.transaction.export.csv.headers": "Account number(BBAN),Account name,Counter party account number,Counter party name,Currency,Amount,Credit/debit indicator,Book date,Transaction type,Transaction group,Transaction reference,Instructed currency,currency exchange rate,Instructed amount,Description,Category,Check number" + "backbase.transaction.export.ofx.supportedProductTypes": "current-account,savings-account,loan,debit-card,credit-card" + "backbase.transaction.export.pdf.maxItems": "10000" + "backbase.transaction.export.qbo.supportedProductTypes": "current-account,savings-account,loan,debit-card,credit-card" + "backbase.transaction.export.qfx.supportedProductTypes": "current-account,savings-account,loan,debit-card,credit-card" + "backbase.transaction.partition.bookingDateSearchMaxDateRange": "91" + volumes: - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar healthcheck: @@ -348,7 +475,7 @@ services: - registry transaction-integration: - image: repo.backbase.com/backbase-docker-releases/transaction-integration:${BB_VERSION} + image: repo.backbase.com/backbase-docker-releases/transaction-integration:2025.08.5 ports: - "9051:8080" environment: @@ -424,7 +551,6 @@ services: backbase.users.identity-endpoints-enabled: true backbase.users.identity-integration-enabled: true backbase.users.sync-primary-to-identity-enabled: true - spring.cloud.discovery.client.simple.instances.user-integration-outbound-service[0].uri: http://wiremock:8080 backbase.users.realms[0].realm-name: "employee" backbase.users.realms[1].realm-name: "retail" backbase.users.realms[2].realm-name: "business" @@ -460,7 +586,7 @@ services: - registry bootstrap-job: - image: crreference914.azurecr.io/development/bootstrap-job:3.2.0-SNAPSHOT-20250904064858 + image: crreference914.azurecr.io/development/bootstrap-job:4.0.0-SNAPSHOT-20251104192143 profiles: - bootstrap environment: @@ -511,6 +637,16 @@ services: backbase.bootstrap.ingestions.plugins.caboose.enabled: true backbase.stream.audiences.segmentation.user-kind.defaultCustomerCategory: RETAIL logging.level.com.backbase.bootstrap: DEBUG + caboose.currentAccountProductKeys.USD: pr-current-account-usd + caboose.currentAccountProductKeys.EUR: pr-current-account-eur + caboose.savingsAccountProductKeys.USD: pr-saving-account-usd + caboose.savingsAccountProductKeys.EUR: pr-saving-account-eur + caboose.line-of-credit-product-keys.USD: pr-saving-account-usd + caboose.line-of-credit-product-keys.EUR: pr-saving-account-eur + caboose.term-loan-product-keys.USD: pr-term-loan-usd + caboose.term-loan-product-keys.EUR: pr-term-loan-eur + caboose.mortgage-product-keys.USD: pr-mortgage-usd + caboose.mortgage-product-keys.EUR: pr-mortgage-eur # volumes: # # example where you can test your own files # - ./test-data/products-jh.json:/app/resources/modelbank/core-data/base/product-catalog/products-jh.json @@ -531,19 +667,151 @@ services: condition: service_healthy caboose: - image: crreference914.azurecr.io/staging/caboose-spring:2.1.0-SNAPSHOT-20250902073935 + image: crreference914.azurecr.io/development/caboose-spring:2.1.0-SNAPSHOT-20251104164312 ports: - "9001:8080" + #- "5005:5005" environment: <<: [*common-variables] SPRING_PROFILES_ACTIVE: local server.port: 8080 + #JAVA_TOOL_OPTIONS: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005" volumes: - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar healthcheck: <<: *healthcheck-defaults test: [ "CMD", "java", "-jar", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] + # Newly added minimal mobile-authentication service (converted from K8s deployment) +# mobile-authentication: +# image: repo.backbase.com/backbase-docker-releases/mobile-authentication:2025.08.5 +# ports: +# - "9080:8080" +# environment: +# <<: *common-variables +# BACKBASE_SECURITY_CSRF_ENABLED: "false" +# BUILDINGBLOCKS_SECURITY_CSRF_ENABLED: "false" +# EUREKA_CLIENT_ENABLED: "false" +# SPRING_LIQUIBASE_ENABLED: "false" +# SPRING_PROFILES_INCLUDE: json-logging +# SERVER_SHUTDOWN: graceful +# LOGGING_LEVEL_ROOT: INFO +# LOGGING_LEVEL_COM_BACKBASE: INFO +# JAVA_TOOL_OPTIONS: "-XX:MaxRAMPercentage=60.0 -Djava.security.egd=file:/dev/urandom" + + event-listener-service: + image: crreference914.azurecr.io/event-listener-service:1.10.0 + ports: + - "9082:8080" + - "5005:5005" + environment: + <<: [ *common-variables, *message-broker-variables, *database-variables ] + BACKBASE_SECURITY_CSRF_ENABLED: "false" + BUILDINGBLOCKS_SECURITY_CSRF_ENABLED: "false" + LOGGING_LEVEL_COM_BACKBASE: "DEBUG" + LOGGING_LEVEL_ORG_SPRINGFRAMEWORK: "WARN" + LOGGING_LEVEL_ROOT: "WARN" + SERVER_SHUTDOWN: "graceful" + SPRING_PROFILES_INCLUDE: "json-logging" + backbase.events.enabled: "true" + logging.level.com.backbase.buildingblocks.backend.security.auth.config.MtlsAuthenticationFilter: "WARN" + JAVA_TOOL_OPTIONS: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005" + volumes: + - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar + healthcheck: + <<: *healthcheck-defaults + test: [ "CMD", "java", "-jar", "-Xms5M", "-Xmx10M", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] + depends_on: + mysql: + condition: service_healthy + links: + - activemq + - registry + + audit-service: + image: repo.backbase.com/backbase-docker-releases/audit-service:${BB_VERSION} + ports: + - "9081:8080" + environment: + <<: [ *common-variables, *message-broker-variables, *database-variables ] + BACKBASE_SECURITY_CSRF_ENABLED: "false" + BUILDINGBLOCKS_SECURITY_CSRF_ENABLED: "false" + LOGGING_LEVEL_COM_BACKBASE: "DEBUG" + LOGGING_LEVEL_ORG_SPRINGFRAMEWORK: "WARN" + LOGGING_LEVEL_ROOT: "WARN" + SERVER_SHUTDOWN: "graceful" + backbase.audit.emitting-events-enabled: "true" + backbase.audit.indexedMetadata.userId: "User ID,External User ID,User,Username,Sender User ID,Recipient ID,Owner ID" + backbase.audit.timeline.eventCategories.no-read: "Identity and Access,Device Management,Message Center,Employee Actions,Comments,Payments,Employee,Push,Email,RTC,SMS,Card Management,Personal Finance Management,Identity User Management" + spring.datasource.url: "jdbc:mysql://mysql:3306/audit?useSSL=false&allowPublicKeyRetrieval=true&cacheServerConfiguration=true&createDatabaseIfNotExist=true" + volumes: + - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar + healthcheck: + <<: *healthcheck-defaults + test: [ "CMD", "java", "-jar", "-Xms5M", "-Xmx10M", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] + depends_on: + mysql: + condition: service_healthy + links: + - activemq + - registry + + arrangement-pull-integration: + image: crreference914.azurecr.io/arrangement-pull-integration-service:2.6.0 + ports: + - "9052:8080" + environment: + <<: [ *common-variables, *message-broker-variables, *gc-credentials, *gc-api-config, *gc-http-config, *database-variables, *mambu-creds ] + spring.application.name: "arrangement-pull-integration" + spring.datasource.url: jdbc:mysql://mysql:3306/arrangement-pull-integration-service?useSSL=false&allowPublicKeyRetrieval=true&cacheServerConfiguration=true&createDatabaseIfNotExist=true + eureka.instance.appname: arrangement-pull-integration + logging.level.root: INFO + logging.level.org.springframework.web.client.RestTemplate: INFO + "backbase.communication.http.client-id": "bb-client" + "backbase.communication.http.client-secret": "bb-secret" + "enableExperimentalUniversalSupport": "true" + "SPRING_PROFILES_INCLUDE": "" + "backbase.stream.legalentity.sink.serviceAgreementPurposes": "FAMILY_BANKING" + volumes: + - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar + healthcheck: + <<: *healthcheck-defaults + test: [ "CMD", "java", "-jar", "-Xms5M", "-Xmx10M", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] + depends_on: + mysql: + condition: service_healthy + links: + - activemq + - registry + + transaction-pull-integration: + image: crreference914.azurecr.io/transaction-pull-integration-service:1.9.0 + ports: + - "9053:8080" + environment: + <<: [ *common-variables, *message-broker-variables, *gc-credentials, *gc-api-config, *gc-http-config, *database-variables, *mambu-creds ] + spring.application.name: "transaction-pull-integration" + spring.datasource.url: jdbc:mysql://mysql:3306/transaction-pull-integration-service?useSSL=false&allowPublicKeyRetrieval=true&cacheServerConfiguration=true&createDatabaseIfNotExist=true + eureka.instance.appname: transaction-pull-integration + logging.level.root: INFO + logging.level.org.springframework.web.client.RestTemplate: INFO + "backbase.communication.http.client-id": "bb-client" + "backbase.communication.http.client-secret": "bb-secret" + "enableExperimentalUniversalSupport": "true" + "SPRING_PROFILES_INCLUDE": "" + "backbase.stream.legalentity.sink.serviceAgreementPurposes": "FAMILY_BANKING" + volumes: + - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar + healthcheck: + <<: *healthcheck-defaults + test: [ "CMD", "java", "-jar", "-Xms5M", "-Xmx10M", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] + depends_on: + mysql: + condition: service_healthy + links: + - activemq + - registry + wiremock: image: wiremock/wiremock:2.32.0 profiles: @@ -610,21 +878,25 @@ services: - edge - backbase-identity - # : - # image: /: - # ports: - # - "8090:8080" - # environment: - # <<: *common-variables - # spring.application.name: "" - # eureka.client.enabled: 'true' - # volumes: - # - ./scripts/HealthCheck.jar:/tmp/HealthCheck.jar - # healthcheck: - # <<: *healthcheck-defaults - # test: [ "CMD", "java", "-jar", "-Xms5M", "-Xmx10M", "/tmp/HealthCheck.jar", "http://localhost:8080/actuator/serviceregistry" ] - # links: - # - registry + event-bridge: + image: repo.backbase.com/backbase-docker-releases/event-bridge:2025.09.7-LTS + ports: + - "8090:8090" + environment: + <<: [ *common-variables, *message-broker-variables, *gc-credentials, *gc-api-config, *gc-http-config] + backbase.enable-no-auth-localhost-endpoints: false + "BACKBASE_EVENTS_ENABLED": "true" + SERVER_PORT: 8090 + BUILDINGBLOCKS_SECURITY_CSRF_ENABLED: "false" + "backbase.security.csrf.enabled": "false" + "backbase.security.mtls.enabled": "false" + + volumes: + - ./exe/HealthCheck.jar:/tmp/HealthCheck.jar + # - ./jwt/keystore_pub.p12:/jwt/public/keystore_pub.p12:ro # Uncomment if needed + links: + - activemq + - registry prometheus: image: prom/prometheus