api:
  version: 1

logging:
  config: classpath:logback.xml
  level:
    io:
      jaegertracing: DEBUG

# lets listen on all ports to ensure we can be invoked from the pod ip address
# contextPath: /api/v${api.version}/*
server:
  address: 0.0.0.0
  port: 8080

# =============================================
# spring configurations
# ---------------------------------------------
spring:
  application:
    name: ${OPENSHIFT_APP_NAME:product-api}
  jpa:
    # log generated sql
    database-platform: org.hibernate.dialect.H2Dialect
    properties:
      hibernate:
        show_sql: true
        use_sql_comments: true
        format_sql: true
        type: trace
    hibernate:
      ddl-auto: create-drop
  h2:
    # http://localhost:8080/h2-console
    # connection url: jdbc:h2:mem:testdb
    console:
      enabled: true
      path: /h2-console
      settings:
        trace: false
        web-allow-others: false
  jackson:
    # JACKSON (JacksonProperties)
    # Date format string or a fully-qualified date format class name
    #spring.jackson.date-format=yyyy-MM-dd'T'HH:mm:ss.SSSZ
    serialization:
      write_dates_as_timestamps: true

# =============================================
# spring security configurations
# ---------------------------------------------
rest:
  security:
    enabled: true
    api-matcher: /api/v1/**
    cors:
      allowed-origins: '*'
      allowed-headers: '*'
      allowed-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
      max-age: 3600
    issuer-uri: ${OPENSHIFT_REST_SECURITY_ISSUER_URI:https://sso73.apps.arekkusu.io/auth/realms/3scale-api}

security:
  oauth2:
    resource:
      # ----------------------------------------------------------------------------------------------------
      # This API is a microservice that does not handle login negotiation! It is a bear-only API
      # access-type: bear-only
      # (this is the API that will be registered on RHSSO)
      # ----------------------------------------------------------------------------------------------------
      id: ${OPENSHIFT_SECURITY_OAUTH2_RESOURCE:product_api}
      token-info-uri: ${rest.security.issuer-uri}/protocol/openid-connect/token/introspect
      user-info-uri: ${rest.security.issuer-uri}/protocol/openid-connect/userinfo
      jwt:
        key-value: ${OPENSHIFT_SECURITY_OAUTH2_PUBLIC_KEY:"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv18ZNpCtYUBFLaK/Ak1HLok1w3I+a/zm9qDyu903IRBd9FYzmZCGEKWJnhUAN8+T9OWqDHSkoe9MChP1dyTQi9gVp7IEv2MnEQTNCmBzGBN86XR2G1NDjELK0O8myuUdjimULAy2zNPX8ikF5Zzat47OtHSs2GLPxtqRqpS3QAmPaeI2R7NKxM7co8UmYbylpxZVO/PL05s3oJL2euKePbcUIXHPiH7b2epF5Ywe1ln8QpG3KnOjxSCFpobPDdBl82Rbby+XfTwzE+ixojspQJbdjEQKWCdgxrP/SUSLC6swva+Dq9ewelwyiSQQ1Y/ZkC2g833vNzp5goKGXkD0ywIDAQAB\n-----END PUBLIC KEY-----"}

      # ----------------------------------------------------------------------------------------------------
      # Uncomment the following com.microservices.apigateway.security.configuration if this API will consume another APIs (as a com.microservices.apigateway.security.service account)
      # To allow this, this microservice must handle login negotiation. Change its access-type:
      # access-type: confidential
      # The RHSSO will provide a client-secret, so use it here.
      # PS. Remember to provide the proper roles to this client in com.microservices.apigateway.security.service account tab.
      # ----------------------------------------------------------------------------------------------------
      # To access another secured micro-com.microservices.apigateway.security.service
      #client:
        #client-id: product_api
        #client-secret: 25c33006-e1b9-4fc2-a6b9-c43dbc41ecd0
        #user-authorization-uri: ${rest.security.issuer-uri}/protocol/openid-connect/auth
        #access-token-uri: ${rest.security.issuer-uri}/protocol/openid-connect/token
        #scope: openid
        #grant-type: client_credentials

# =============================================
# spring actuator configurations
# ---------------------------------------------
management:
  endpoint:
    metrics:
      enabled: true
    prometheus:
      enabled: true
      # if you want to change the default prometheus endpoint, just change the 'id' to another value.
      id: prometheus
  endpoints:
    web:
      exposure:
        include: ["*"]
  metrics:
    export:
      prometheus:
        enabled: true

# =============================================
# opentracing configurations
# ---------------------------------------------
opentracing:
  jaeger:
    enabled: true
    enable-b3-propagation: true
    log-spans: true
    const-sampler:
      decision: true
    http-sender:
      url: http://jaeger-collector:14268/api/traces

jaeger.tracer:
  host: ${OPENSHIFT_JAEGER_HOST:jaeger-agent.microservices.svc}
  port: 6831