Changes made for EHDS2

The EHDS2 project has initiated a use case for antibiotic resistance
under the control of the ECDC. This branch caters for the ECDC
requirements.

Specifically, it contains the ETL to transform the ECDC CSV format to
FHIR, plus additional configuration options that have been packaged into
the bbmri project.

bbmri/docker-compose.yml

@@ -1,6 +1,6 @@
 version: "3.7"
 
-# This includes only the shared persistence for BBMRI-ERIC and GBN. Federation components are included as modules, see vars.
+# This includes only the shared persistence for BBMRI-ERIC and GBN and EHDS2. Federation components are included as modules, see vars.
 
 services:
   blaze:

bbmri/modules/ehds2-compose.yml

@@ -0,0 +1,59 @@
+version: "3.7"
+
+services:
+  focus-ehds2:
+    image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}
+    container_name: bridgehead-focus-ehds2
+    environment:
+      API_KEY: ${EHDS2_FOCUS_BEAM_SECRET_SHORT}
+      BEAM_APP_ID_LONG: focus.${EHDS2_PROXY_ID}
+      PROXY_ID: ${EHDS2_PROXY_ID}
+      BLAZE_URL: "http://blaze:8080/fhir/"
+      BEAM_PROXY_URL: http://beam-proxy-ehds2:8081
+      RETRY_COUNT: ${FOCUS_RETRY_COUNT}
+    depends_on:
+      - "beam-proxy-ehds2"
+      - "blaze"
+
+  beam-proxy-ehds2:
+    image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
+    container_name: bridgehead-beam-proxy-ehds2
+    environment:
+      BROKER_URL: ${EHDS2_BROKER_URL}
+      PROXY_ID: ${EHDS2_PROXY_ID}
+      APP_focus_KEY: ${EHDS2_FOCUS_BEAM_SECRET_SHORT}
+      PRIVKEY_FILE: /run/secrets/proxy.pem
+      ALL_PROXY: http://forward_proxy:3128
+      TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
+      ROOTCERT_FILE: /conf/root.crt.pem
+    secrets:
+      - proxy.pem
+    depends_on:
+      - "forward_proxy"
+    volumes:
+      - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
+      - /srv/docker/bridgehead/bbmri/modules/${EHDS2_ROOT_CERT}.root.crt.pem:/conf/root.crt.pem:ro
+
+  # Convert ECDC CSV file into FHIR and push to Blaze
+  transfair:
+    container_name: transfair
+    image: samply/transfair
+    environment:
+      FHIR_INPUT_URL: "http://source_blaze:8080/fhir"
+      FHIR_OUTPUT_URL: "http://bridgehead-bbmri-blaze:8080/fhir"
+      PROFILE: "amr2fhir"
+      #WRITE_BUNDLES_TO_FILE: "true"
+      AMR_FILE_PATH: "/app/data"
+    restart: on-failure
+    command: sh -c "sleep 60 && rm -rf /app/test/* && java -jar transFAIR.jar && tail -f /dev/null"
+    #command: sh -c "rm -rf /app/test/* && java -jar transFAIR.jar"
+    volumes:
+      - /home/gerhard/Projects/EHDS2/PrototypeSpring2024/test/:/app/test/
+      - /home/gerhard/Projects/EHDS2/PrototypeSpring2024/Data/:/app/data/
+
+  # Report on the data pushed to Blaze by TransFAIR
+  blazectl:
+    container_name: blazectl
+    image: samply/blazectl
+    command: sh -c "sleep 300 && echo Source store && blazectl --server http://bridgehead-bbmri-blaze:8080/fhir count-resources && tail -f /dev/null"
+

bbmri/modules/ehds2-setup.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+if [ "${ENABLE_EHDS2}" == "true" ]; then
+	log INFO "EHDS2 setup detected -- will start services for German Biobank Node."
+	OVERRIDE+=" -f ./$PROJECT/modules/ehds2-compose.yml"
+
+	# The environment needs to be defined in /etc/bridgehead
+	case "$ENVIRONMENT" in
+		"production")
+			export EHDS2_BROKER_ID=broker.bbmri.samply.de
+			export EHDS2_ROOT_CERT=ehds2
+			;;
+		"test")
+			export EHDS2_BROKER_ID=broker.test.bbmri.samply.de
+			export EHDS2_ROOT_CERT=ehds2.test
+			;;
+		*)
+			report_error 6 "Environment \"$ENVIRONMENT\" is unknown. Assuming production. FIX THIS!"
+			export EHDS2_BROKER_ID=broker.bbmri.samply.de
+			export EHDS2_ROOT_CERT=ehds2
+			;;
+	esac
+	
+	EHDS2_BROKER_URL=https://${EHDS2_BROKER_ID}
+	EHDS2_PROXY_ID=${SITE_ID}.${EHDS2_BROKER_ID}
+	EHDS2_FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
+	EHDS2_SUPPORT_EMAIL=feedback@germanbiobanknode.de
+fi

bbmri/modules/ehds2.root.crt.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNTCCAh2gAwIBAgIUMy/n0zFRihhVR3aAD54LumzeYdwwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAxMLQnJva2VyLVJvb3QwHhcNMjIxMDI1MDczNTA4WhcNMzIx
+MDIyMDczNTM3WjAWMRQwEgYDVQQDEwtCcm9rZXItUm9vdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAL3qWliHIlIT1Qlsyq/NKJ1uj6/AF0STNg5NTNpb
+Xqe5rmUqs6jmQepputGStBVe5TthFw56whISv9FqD5s1PZUGyFikW1pJUnF7ZYRf
+MfrJHRi1vUnD3Gw36FCot+i6BAxfw/rdp9hoqFZ6erRkULLaYZ5S2cDHN0DWc18V
+3VgZ66ah8QXSx7ERRNa/eWRkHrPIYhyVSoKuyZfvbVgsYZADSlviCgIHPrGLerLr
+ylNUyuTxJ5RKStOwPn7A+Jp7nRT+MRh9BphA7s6NuK9h+eVe1DiLbIETWyCEfN3Y
+INpunatn3QDhqOIfNcuBArjsAj7mg8l5KNba8nUP4v0EJYECAwEAAaN7MHkwDgYD
+VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMvc5Fizz1vO
+MEG3MIsy7UY69ZNIMB8GA1UdIwQYMBaAFMvc5Fizz1vOMEG3MIsy7UY69ZNIMBYG
+A1UdEQQPMA2CC0Jyb2tlci1Sb290MA0GCSqGSIb3DQEBCwUAA4IBAQBb8a5su820
+h8JStJC+KpvXmDrGkwx9bHlEZMgQQejIrwPLEbA32KBvNxdoUxF9q1Y773MKdqbc
+cCJwzQXE/NPZ13hCGrEIXs8DgH52GhEB5592k5/bRNcAvUwbZSXPPiT0rgq/eUOt
+BYhgN0ov7h1MC5L6CYB/rQwqck7JPlmrXTkh2gix4/dEdBRzsHsn/xlo8ay5QYHG
+rx2Adit76eZu/MJoJNzl1r8MPxLqyAie3KcIU54A+UMozLrWEQP/TyOyWZdjUjJt
+cBYgkKJTjwdRhc+ehI3kFo7b/a/Z/jl9szKsAPHozMixSi8lGnsYwN80oqeRvT7h
+wcMUK+igv3/K
+-----END CERTIFICATE-----

bbmri/modules/ehds2.test.root.crt.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNTCCAh2gAwIBAgIUJ0g7k2vrdAwNTU38S1/mU8NO26MwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAxMLQnJva2VyLVJvb3QwHhcNMjMwNzEwMTIyMzQxWhcNMzMw
+NzA3MTIyNDExWjAWMRQwEgYDVQQDEwtCcm9rZXItUm9vdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALMvc/fApbsAl+/NXDszNgffNR5llAb9CfxzdnRn
+ryoBqZdPevBYZZfKBARRKjFbXRDdPWbE7erDeo1LiCM6PObXCuT9wmGWJtvfkmqW
+3Z/a75e4r360kceMEGVn4kWpi9dz8s7+oXVZURjW2r13h6pq6xQNZDNlXmpR8wHG
+58TSrQC4n1vzdSwMWdptgOA8Sw8adR7ZJI1yNZpmynB2QolKKNESI7FcSKC/+b+H
+LoPkseAwQG9yJo23qEw1GZS67B47iKIqX2wp9VLQobHw7ncrhKXQLSWq973k/Swp
+7lBdfOsTouf72flLiF1HbdOLcFDmWgIbf5scj2HaQe8b/UcCAwEAAaN7MHkwDgYD
+VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFHYxBJiJZieW
+e6G1vwn6Q36/crgNMB8GA1UdIwQYMBaAFHYxBJiJZieWe6G1vwn6Q36/crgNMBYG
+A1UdEQQPMA2CC0Jyb2tlci1Sb290MA0GCSqGSIb3DQEBCwUAA4IBAQCN6WVNYpWJ
+6Z1Ee+otLZYMXhjyR6NUQ5s0aHiug97gB8mTiNlgXiiTgipCbofEmENgh1inYrPC
+WfdXxqOaekSXCQW6nSO1KtBzEYtkN5LrN1cjKqt51P2DbkllinK37wwCS2Kfup1+
+yjhTRxrehSIfsMVK6bTUeSoc8etkgwErZpORhlpqZKWhmOwcMpgsYJJOLhUetqc1
+UNe/254bc0vqHEPT6VI/86c7qAmk1xR0RUfrnKAEqZtUeuoj2fe1L/6yOB16fxt5
+3V3oim7EO6eZCTjDo9fU5DaFiqSMe7WVdr03Na0cWet60XKRH/xaiC6gMWdHWcbh
+vZdXnV1qjlM2
+-----END CERTIFICATE-----

bbmri/vars

@@ -4,6 +4,9 @@
 # Makes only sense for German Biobanks
 : ${ENABLE_GBN:=false}
 
+# Makes only sense for EHDS2 project
+: ${ENABLE_EHDS2:=false}
+
 FOCUS_RETRY_COUNT=32
 PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
 
@@ -20,6 +23,10 @@ if [ -n "$GBN_SUPPORT_EMAIL" ]; then
     SUPPORT_EMAIL=$GBN_SUPPORT_EMAIL
 fi
 
+if [ -n "$EHDS2_SUPPORT_EMAIL" ]; then
+    SUPPORT_EMAIL=$EHDS2_SUPPORT_EMAIL
+fi
+
 function do_enroll {
     COUNT=0
     if [ "$ENABLE_ERIC" == "true" ]; then
@@ -30,6 +37,10 @@ function do_enroll {
         do_enroll_inner $GBN_PROXY_ID $GBN_SUPPORT_EMAIL
         COUNT=$((COUNT+1))
     fi
+    if [ "$ENABLE_EHDS2" == "true" ]; then
+        do_enroll_inner $EHDS2_PROXY_ID $EHDS2_SUPPORT_EMAIL
+        COUNT=$((COUNT+1))
+    fi
     if [ $COUNT -ge 2 ]; then
         echo
         echo "You just received $COUNT certificate signing requests (CSR). Please send $COUNT e-mails, with 1 CSR each, to the respective e-mail address."