Adds a new NaisRuntimeEnvironmentConnector supporting dynamically set environment variables from pod when running locally.

Author: rfc3092

libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java

@@ -3,9 +3,9 @@
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.ApplicationContextInitializer;
 import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.core.env.ConfigurableEnvironment;
 import org.springframework.lang.NonNull;
 
-import java.util.Map;
 import java.util.stream.Stream;
 
 @Slf4j
@@ -21,17 +21,27 @@ public void initialize(@NonNull ConfigurableApplicationContext context) {
                 .of(environment.getActiveProfiles())
                 .forEach(profile -> {
                     switch (profile) {
-                        case "local", "localdb" -> configureForLocalProfile(environment.getSystemProperties());
-                        case "test" -> configureForTestProfile(environment.getSystemProperties());
-                        default -> configureForOtherProfiles(environment.getSystemProperties());
+                        case "local", "localdb" -> configureForLocalProfile(environment);
+                        case "test" -> configureForTestProfile(environment);
+                        default -> configureForOtherProfiles(environment);
                     }
                 });
 
     }
 
-    private static void configureForLocalProfile(Map<String, Object> properties) {
+    private static void configureForLocalProfile(ConfigurableEnvironment environment) {
 
         log.info("Configuring environment for local profile using Secret Manager");
+        var properties = environment.getSystemProperties();
+
+        // Dynamically load any configured environment variables from NAIS pod.
+        try {
+            new NaisRuntimeEnvironmentConnector(environment)
+                    .getEnvironmentVariables()
+                    .forEach(properties::putIfAbsent);
+        } catch (NaisEnvironmentException e) {
+            log.warn("Failed to dynamically load environment variables using {}", NaisRuntimeEnvironmentConnector.class.getSimpleName(), e);
+        }
 
         // Emulating NAIS provided environment variables.
         properties.putIfAbsent("AZURE_APP_CLIENT_ID", "${sm\\://azure-app-client-id}");
@@ -53,9 +63,10 @@ private static void configureForLocalProfile(Map<String, Object> properties) {
 
     }
 
-    private static void configureForTestProfile(Map<String, Object> properties) {
+    private static void configureForTestProfile(ConfigurableEnvironment environment) {
 
         log.info("Configuring environment for test profile using dummy values");
+        var properties = environment.getSystemProperties();
 
         // Disabling Secret Manager (not available when running builds on GitHub).
         properties.putIfAbsent("spring.cloud.gcp.secretmanager.enabled", "false");
@@ -80,9 +91,10 @@ private static void configureForTestProfile(Map<String, Object> properties) {
 
     }
 
-    private static void configureForOtherProfiles(Map<String, Object> properties) {
+    private static void configureForOtherProfiles(ConfigurableEnvironment environment) {
 
         log.info("Configuring environment for non-test, non-local profiles");
+        var properties = environment.getSystemProperties();
 
         properties.putIfAbsent("spring.main.banner-mode", "off");
         properties.putIfAbsent("spring.cloud.gcp.secretmanager.enabled", "false"); // Unless we actually start using Secret Manager in deployment.

libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentException.java

@@ -0,0 +1,13 @@
+package no.nav.dolly.libs.nais;
+
+class NaisEnvironmentException extends Exception {
+
+    NaisEnvironmentException(String message) {
+        super(message);
+    }
+
+    NaisEnvironmentException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+}

libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisRuntimeEnvironmentConnector.java

@@ -0,0 +1,154 @@
+package no.nav.dolly.libs.nais;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.env.ConfigurableEnvironment;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+@RequiredArgsConstructor
+@Slf4j
+class NaisRuntimeEnvironmentConnector {
+
+    private final ConfigurableEnvironment environment;
+
+    Map<String, String> getEnvironmentVariables()
+            throws NaisEnvironmentException {
+
+        if (!environment.matchesProfiles("local")) {
+            throw new NaisEnvironmentException("Attempted to load environment variables from pod in non-local profile");
+        }
+        try {
+            var applicationName = resolveApplicationName();
+            var requestedKeys = resolveRequestedKeys();
+            if (applicationName == null || requestedKeys.isEmpty()) {
+                log.info("Application is not configured for dynamic environment variables from NAIS");
+                return Map.of();
+            }
+            var cluster = resolveCluster();
+            var pod = resolvePod(cluster, applicationName);
+            return getVariables(cluster, pod, requestedKeys);
+        } catch (NaisEnvironmentException e) {
+            throw e;
+        } catch (Exception e) {
+            throw new NaisEnvironmentException("Unexpected failure", e);
+        }
+
+    }
+
+    private List<String> resolveRequestedKeys() {
+
+        var keys = new ArrayList<String>();
+        for (int i = 0; ; i++) {
+            var key = "dolly.nais.variables[%d]".formatted(i);
+            if (!environment.containsProperty(key)) {
+                break;
+            }
+            keys.add(environment.getProperty(key));
+        }
+        return keys;
+
+    }
+
+    private String resolveApplicationName() {
+
+        return Optional
+                .ofNullable(environment.getProperty("dolly.nais.name"))
+                .map(Object::toString)
+                .orElse(null);
+
+    }
+
+    private String resolveCluster() {
+
+        return Optional
+                .ofNullable(environment.getProperty("dolly.nais.cluster"))
+                .map(Object::toString)
+                .orElseGet(() -> {
+                    log.info("Cannot determine cluster from dolly.nais.cluster, guessing on dev-gcp");
+                    return "dev-gcp";
+                });
+
+    }
+
+    private String resolvePod(String cluster, String applicationName)
+            throws NaisEnvironmentException {
+
+        var pods = getAllPodsInClusterWithName(cluster, applicationName);
+        if (pods.isEmpty()) {
+            throw new NaisEnvironmentException("No pods found for %s in %s".formatted(applicationName, cluster));
+        }
+        if (pods.size() > 1) {
+            log.warn("Multiple pods found for {} in {}, picking {}", applicationName, cluster, pods.getFirst());
+        }
+        return pods.getFirst();
+
+    }
+
+    private Map<String, String> getVariables(String cluster, String pod, List<String> requestedKeys)
+            throws NaisEnvironmentException {
+
+        var command = "kubectl exec --cluster=%s --namespace=dolly %s -- env"
+                .formatted(cluster, pod);
+        var output = execute(command);
+        var variables = output
+                .stream()
+                .map(line -> line.split("="))
+                .filter(elements -> requestedKeys.contains(elements[0]))
+                .collect(Collectors.toMap(
+                        elements -> elements[0],
+                        elements -> elements[1],
+                        (a, b) -> a));
+        log.info("Retrieved {}/{} keys from pod {}:{}", variables.size(), requestedKeys.size(), cluster, pod);
+        return variables;
+
+    }
+
+    private List<String> getAllPodsInClusterWithName(String cluster, String name)
+            throws NaisEnvironmentException {
+
+        var command = "kubectl get pods --cluster=%s --namespace=dolly -l app=%s -o name"
+                .formatted(cluster, name);
+        return execute(command)
+                .stream()
+                .map(pod -> pod.substring(pod.lastIndexOf("/") + 1).trim())
+                .sorted()
+                .toList();
+
+    }
+
+    private List<String> execute(String command)
+            throws NaisEnvironmentException {
+
+        var processBuilder = new ProcessBuilder(command.split(" "));
+        try {
+            var process = processBuilder.start();
+            var reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
+            var output = new ArrayList<String>();
+            String line;
+            while ((line = reader.readLine()) != null) {
+                output.add(line);
+            }
+            var status = process.waitFor();
+            if (status != 0) {
+                log.warn("Command terminated with status {}: {}", status, command);
+            }
+            return output;
+        } catch (InterruptedException e) {
+            log.warn("Interrupted while waiting for command: {}", command, e);
+            Thread.currentThread().interrupt();
+            return List.of();
+        }
+        catch (Exception e) {
+            throw new NaisEnvironmentException("Failed to execute command: " + command, e);
+        }
+
+    }
+
+}

libs/testing/src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -0,0 +1,20 @@
+{
+  "properties": [
+    {
+      "name": "dolly.nais.cluster",
+      "type": "java.lang.String",
+      "defaultValue": "dev-gcp",
+      "description": "The cluster where the application is running.. Defaults to dev-gcp if not set."
+    },
+    {
+      "name": "dolly.nais.name",
+      "type": "java.lang.String",
+      "description": "Application name, as defined in the NAIS manifest (which is not necessarily the same as in Spring config)."
+    },
+    {
+      "name": "dolly.nais.variables",
+      "type": "java.util.List",
+      "description": "List of environment variables to be read from the NAIS environment, and set as system properties when running in local profile."
+    }
+  ]
+}