Upgrade auth to dotnet 8 in parallel (#67)

Deploy a new dotnet 8 lambda function for the check token in parallel to the existing one.

Author: adamtry

.circleci/config.yml

@@ -1,19 +1,19 @@
 version: 2.1
 
 orbs:
-  aws-cli: circleci/[email protected]
   aws_assume_role: lbh-hackit/[email protected]
+  node: circleci/[email protected]
 
 executors:
   docker-python:
     docker:
-      - image: circleci/python:3.7
+      - image: cimg/python:3.12
   docker-terraform:
     docker:
       - image: "hashicorp/terraform:0.12.29"
   docker-dotnet:
     docker:
-      - image: mcr.microsoft.com/dotnet/core/sdk:3.1
+      - image: mcr.microsoft.com/dotnet/sdk:8.0
 
 references:
   workspace_root: &workspace_root "~"
@@ -61,29 +61,25 @@ commands:
     parameters:
       stage:
         type: string
+      path:
+        type: string
+        default: "./ApiAuthVerifyToken/"
     steps:
       - *attach_workspace
       - checkout
       - setup_remote_docker
-      - run:
-          name: Install Node.js
-          command: |
-            curl -sL https://deb.nodesource.com/setup_13.x | bash -
-            apt-get update && apt-get install -y nodejs
-      - run:
-          name: Install serverless CLI
-          command: npm i -g serverless
+      - node/install
       - run:
           name: Build lambda
           command: |
-            cd ./ApiAuthVerifyToken/
+            cd <<parameters.path>>
             chmod +x ./build.sh
             ./build.sh
       - run:
           name: Deploy lambda
           command: |
-            cd ./ApiAuthVerifyToken/
-            sls deploy --stage <<parameters.stage>> --conceal
+            cd <<parameters.path>>
+            npx --yes --debug serverless deploy --stage <<parameters.stage>> --conceal
 jobs:
   check-code-formatting:
     executor: docker-dotnet
@@ -102,10 +98,10 @@ jobs:
       - setup_remote_docker
       - run:
           name: build
-          command: docker-compose build api-auth-verify-token-test
+          command: docker compose build api-auth-verify-token-test
       - run:
           name: Run tests
-          command: docker-compose run api-auth-verify-token-test
+          command: docker compose run api-auth-verify-token-test
   terraform-init-and-apply-to-development:
     executor: docker-terraform
     steps:
@@ -153,10 +149,31 @@ jobs:
           stage: "production"
 
 workflows:
+  check:
+    jobs:
+      - check-code-formatting:
+          filters:
+            branches:
+              ignore:
+                - master
+                - development
+      - build-and-test:
+          filters:
+            branches:
+              ignore:
+                - master
+                - development
+
   check-and-deploy-development:
     jobs:
-      - check-code-formatting
-      - build-and-test
+      - check-code-formatting:
+          filters:
+            branches:
+              only: development
+      - build-and-test:
+          filters:
+            branches:
+              only: development
       - assume-role-development:
           context: api-assume-role-development-context
           requires:
@@ -176,6 +193,7 @@ workflows:
           filters:
             branches:
               only: development
+
   check-and-deploy-staging-and-production:
     jobs:
       - build-and-test:
@@ -185,10 +203,10 @@ workflows:
       - assume-role-staging:
           context: api-assume-role-staging-context
           requires:
-              - build-and-test
+            - build-and-test
           filters:
-             branches:
-               only: master
+            branches:
+              only: master
       - terraform-init-and-apply-to-staging:
           requires:
             - assume-role-staging

ApiAuthVerifyToken.Tests/ApiAuthVerifyToken.Tests.csproj

@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
   <PropertyGroup>
-    <TargetFramework>netcoreapp3.1</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
 
     <IsPackable>false</IsPackable>
     <IsTestProject>true</IsTestProject>
@@ -14,17 +14,17 @@
     <PackageReference Include="FluentAssertions" Version="5.10.3" />
     <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="3.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="3.1.4" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="3.1.7">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="8.0.12">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="3.1.3" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.12" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.9.0" />
     <PackageReference Include="NUnit3TestAdapter" Version="3.12.0" />
     <PackageReference Include="Bogus" Version="25.0.4" />
     <PackageReference Include="Moq" Version="4.10.1" />
     <PackageReference Include="nunit" Version="3.11.0" />
-    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="3.1.3" />
+    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="8.0.11" />
   </ItemGroup>
 
   <ItemGroup>

ApiAuthVerifyToken.Tests/DatabaseTests.cs

@@ -1,3 +1,4 @@
+using System;
 using ApiAuthVerifyToken.V1.Infrastructure;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Storage;
@@ -14,6 +15,7 @@ public class DatabaseTests
         [SetUp]
         public void RunBeforeAnyTests()
         {
+            AppContext.SetSwitch("Npgsql.EnableLegacyTimestampBehavior", true);
             var builder = new DbContextOptionsBuilder();
             builder.UseNpgsql(ConnectionString.TestDatabase());
             DatabaseContext = new TokenDatabaseContext(builder.Options);

ApiAuthVerifyToken.Tests/Dockerfile

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/core/sdk:3.1
+FROM mcr.microsoft.com/dotnet/sdk:8.0
 
 # disable microsoft telematry
 ENV DOTNET_CLI_TELEMETRY_OPTOUT='true'
@@ -10,12 +10,11 @@ COPY ./ApiAuthVerifyToken.sln ./
 COPY ./ApiAuthVerifyToken/ApiAuthVerifyToken.csproj ./ApiAuthVerifyToken/
 COPY ./ApiAuthVerifyToken.Tests/ApiAuthVerifyToken.Tests.csproj ./ApiAuthVerifyToken.Tests/
 
-RUN dotnet restore ./ApiAuthVerifyToken/ApiAuthVerifyToken.csproj
-RUN dotnet restore ./ApiAuthVerifyToken.Tests/ApiAuthVerifyToken.Tests.csproj
+RUN dotnet restore ApiAuthVerifyToken
+RUN dotnet restore ApiAuthVerifyToken.Tests
 
 # Copy everything else and build
-COPY . .
+COPY . ./
 
 RUN dotnet build -c debug -o out ApiAuthVerifyToken.Tests/ApiAuthVerifyToken.Tests.csproj
-
-CMD dotnet test
+CMD dotnet test ApiAuthVerifyToken.Tests/ApiAuthVerifyToken.Tests.csproj

ApiAuthVerifyToken.Tests/V1/AcceptanceTests/VerifyTokenAcceptanceTests.cs

@@ -40,8 +40,8 @@ public void Setup()
             _mockAwsStsGateway = new Mock<IAwsStsGateway>();
             _mockDynamoDbGateway = new Mock<IDynamoDbGateway>();
             //set up env vars
-            Environment.SetEnvironmentVariable("jwtSecret", _fixture.Create<string>());
-            Environment.SetEnvironmentVariable("hackneyUserAuthTokenJwtSecret", _faker.Random.AlphaNumeric(25));
+            Environment.SetEnvironmentVariable("jwtSecret", _faker.Random.AlphaNumeric(50));
+            Environment.SetEnvironmentVariable("hackneyUserAuthTokenJwtSecret", _faker.Random.AlphaNumeric(50));
             //set up JWT tokens
             _allowedGroups = new List<string> { _faker.Random.Word(), _faker.Random.Word() };
             _jwtServiceFlow = GenerateJwtHelper.GenerateJwtToken();
@@ -91,7 +91,7 @@ public void FunctionShouldReturnAPIGatewayCustomAuthorizerPolicyWithDenyEffectWh
             var lambdaRequest = _fixture.Build<APIGatewayCustomAuthorizerRequest>().Create();
             lambdaRequest.Headers["Authorization"] = _jwtServiceFlow;
             //change jwt secret to simulate failure of validating token
-            Environment.SetEnvironmentVariable("jwtSecret", _fixture.Create<string>());
+            Environment.SetEnvironmentVariable("jwtSecret", _faker.Random.AlphaNumeric(50));
             var result = _classUnderTest.VerifyToken(lambdaRequest);
 
             result.Should().BeOfType<APIGatewayCustomAuthorizerResponse>();

ApiAuthVerifyToken.Tests/V1/UseCase/VerifyAccessUseCaseTests.cs

@@ -32,8 +32,8 @@ public void Setup()
             _mockAwsStsGateway = new Mock<IAwsStsGateway>();
             _mockDynamoDbGateway = new Mock<IDynamoDbGateway>();
             _classUnderTest = new VerifyAccessUseCase(_mockDatabaseGateway.Object, _mockAwsApiGateway.Object, _mockAwsStsGateway.Object, _mockDynamoDbGateway.Object);
-            Environment.SetEnvironmentVariable("jwtSecret", _faker.Random.AlphaNumeric(25));
-            Environment.SetEnvironmentVariable("hackneyUserAuthTokenJwtSecret", _faker.Random.AlphaNumeric(25));
+            Environment.SetEnvironmentVariable("jwtSecret", _faker.Random.AlphaNumeric(50));
+            Environment.SetEnvironmentVariable("hackneyUserAuthTokenJwtSecret", _faker.Random.AlphaNumeric(50));
         }
         #region Service Auth Flow
 
@@ -54,7 +54,7 @@ public void ShouldReturnFalseIfTokenIsNotValid()
         {
             var request = GenerateAuthorizerRequest(GenerateJwtHelper.GenerateJwtToken());
             //change key to simulate failed validation
-            Environment.SetEnvironmentVariable("jwtSecret", _faker.Random.AlphaNumeric(16));
+            Environment.SetEnvironmentVariable("jwtSecret", _faker.Random.AlphaNumeric(50));
             var result = _classUnderTest.ExecuteServiceAuth(request);
             result.Allow.Should().BeFalse();
             result.User.Should().Be("user");

ApiAuthVerifyToken.sln

@@ -1,9 +1,11 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio 2012
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ApiAuthVerifyToken", "ApiAuthVerifyToken\ApiAuthVerifyToken.csproj", "{6F482163-3F51-487F-8F7D-37A1D4DAEA8B}"
+# Visual Studio Version 17
+VisualStudioVersion = 17.9.34723.18
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ApiAuthVerifyToken", "ApiAuthVerifyToken\ApiAuthVerifyToken.csproj", "{6F482163-3F51-487F-8F7D-37A1D4DAEA8B}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ApiAuthVerifyToken.Tests", "ApiAuthVerifyToken.Tests\ApiAuthVerifyToken.Tests.csproj", "{DE8E4E61-EB76-416B-8417-E8F2F6A0C0D3}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ApiAuthVerifyToken.Tests", "ApiAuthVerifyToken.Tests\ApiAuthVerifyToken.Tests.csproj", "{DE8E4E61-EB76-416B-8417-E8F2F6A0C0D3}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -19,5 +21,19 @@ Global
 		{DE8E4E61-EB76-416B-8417-E8F2F6A0C0D3}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{DE8E4E61-EB76-416B-8417-E8F2F6A0C0D3}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{DE8E4E61-EB76-416B-8417-E8F2F6A0C0D3}.Release|Any CPU.Build.0 = Release|Any CPU
+		{310A6722-973C-4CAF-952B-EA7CBF4FEC88}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{310A6722-973C-4CAF-952B-EA7CBF4FEC88}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{310A6722-973C-4CAF-952B-EA7CBF4FEC88}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{310A6722-973C-4CAF-952B-EA7CBF4FEC88}.Release|Any CPU.Build.0 = Release|Any CPU
+		{466564FF-AD08-447B-ADAB-BB8A9395D9E0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{466564FF-AD08-447B-ADAB-BB8A9395D9E0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{466564FF-AD08-447B-ADAB-BB8A9395D9E0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{466564FF-AD08-447B-ADAB-BB8A9395D9E0}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {041ABF76-4241-466B-9034-59E4C0520DCC}
 	EndGlobalSection
 EndGlobal

ApiAuthVerifyToken/ApiAuthVerifyToken.csproj

@@ -1,13 +1,13 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netcoreapp3.1</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
     <PropertyGroup>
         <GenerateDocumentationFile>true</GenerateDocumentationFile>
         <NoWarn>$(NoWarn);1591</NoWarn>
         <CodeAnalysisTreatWarningsAsErrors>true</CodeAnalysisTreatWarningsAsErrors>
-        <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
+        <TreatWarningsAsErrors>false</TreatWarningsAsErrors>
         <RunAnalyzersDuringBuild>true</RunAnalyzersDuringBuild>
     </PropertyGroup>
 
@@ -18,21 +18,22 @@
     <PackageReference Include="AWSSDK.DynamoDBv2" Version="3.7.0.12" />
     <PackageReference Include="AWSSDK.Extensions.NETCore.Setup" Version="3.7.0.1" />
     <PackageReference Include="AWSSDK.SecurityToken" Version="3.7.0.9" />
+    <PackageReference Include="JWT" Version="11.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.HealthChecks" Version="1.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.Versioning" Version="4.1.1" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.Versioning.ApiExplorer" Version="4.1.1" />
     <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="3.0.0" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="3.1.7">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="8.0.12">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="3.1.3" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.12" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="5.4.1" />
     <PackageReference Include="Swashbuckle.AspNetCore.Swagger" Version="5.4.1" />
     <PackageReference Include="Swashbuckle.AspNetCore.SwaggerGen" Version="5.4.1" />
-    <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="5.4.1" />
-    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="3.1.3" />
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.7.1" />
+    <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="7.2.0" />
+    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="8.0.11" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.6.1" />
   </ItemGroup>
 
 </Project>

ApiAuthVerifyToken/ConfigureServices.cs

@@ -17,6 +17,8 @@ public static void Configure(this IServiceCollection services)
 
             var connectionString = Environment.GetEnvironmentVariable("CONNECTION_STRING");
 
+            AppContext.SetSwitch("Npgsql.EnableLegacyTimestampBehavior", true);
+
             services.AddDbContext<TokenDatabaseContext>(
                 opt => opt.UseNpgsql(connectionString));
 

ApiAuthVerifyToken/Dockerfile

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/core/sdk:3.1
+FROM mcr.microsoft.com/dotnet/sdk:8.0
 
 WORKDIR /app