Use test version of dktk-opal

README.md

@@ -254,8 +254,6 @@ sh bridgehead uninstall
 
 ## Site-specific configuration
 
-[How to Change Config Access Token](docs/update-access-token.md)
-
 ### HTTPS Access
 
 Even within your internal network, the Bridgehead enforces HTTPS for all services. During the installation, a self-signed, long-lived certificate was created for you. To increase security, you can simply replace the files under `/etc/bridgehead/traefik-tls` with ones from established certification authorities such as [Let's Encrypt](https://letsencrypt.org) or [DFN-AAI](https://www.aai.dfn.de).

bbmri/docker-compose.yml

@@ -4,7 +4,7 @@ version: "3.7"
 
 services:
   blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.31
+    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
     container_name: bridgehead-bbmri-blaze
     environment:
       BASE_URL: "http://bridgehead-bbmri-blaze:8080"

cce/docker-compose.yml

@@ -2,7 +2,7 @@ version: "3.7"
 
 services:
   blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.31
+    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
     container_name: bridgehead-cce-blaze
     environment:
       BASE_URL: "http://bridgehead-cce-blaze:8080"

ccp/docker-compose.yml

@@ -2,7 +2,7 @@ version: "3.7"
 
 services:
   blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.31
+    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
     container_name: bridgehead-ccp-blaze
     environment:
       BASE_URL: "http://bridgehead-ccp-blaze:8080"

ccp/modules/blaze-secondary-compose.yml

@@ -2,7 +2,7 @@ version: "3.7"
 
 services:
   blaze-secondary:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.31
+    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
     container_name: bridgehead-ccp-blaze-secondary
     environment:
       BASE_URL: "http://bridgehead-ccp-blaze-secondary:8080"

ccp/modules/datashield-compose.yml

@@ -22,7 +22,7 @@ services:
 
   opal:
     container_name: bridgehead-opal
-    image: docker.verbis.dkfz.de/ccp/dktk-opal:latest
+    image: docker.verbis.dkfz.de/ccp/dktk-opal:test
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.opal_ccp.rule=PathPrefix(`/opal`)"

ccp/modules/exporter-compose.yml

@@ -69,4 +69,4 @@ services:
   focus:
     environment:
       EXPORTER_URL: "http://exporter:8092"
-      EXPORTER_API_KEY: "${EXPORTER_API_KEY}"
+      AUTH_HEADER: "${EXPORTER_API_KEY}"

ccp/modules/id-management-compose.yml

@@ -102,11 +102,11 @@ services:
         condition: service_healthy
 
   ccp-patient-project-identificator:
-    image: docker.verbis.dkfz.de/cache/samply/ccp-patient-project-identificator
+    image: samply/ccp-patient-project-identificator
     container_name: bridgehead-ccp-patient-project-identificator
     environment:
       MAINZELLISTE_APIKEY: ${IDMANAGER_LOCAL_PATIENTLIST_APIKEY}
-      SITE_NAME: ${IDMANAGEMENT_FRIENDLY_ID}
+      SITE_NAME: ${SITE_NAME}
 
 volumes:
   patientlist-db-data:

ccp/modules/nngm-compose.yml

@@ -12,6 +12,7 @@ services:
       CTS_API_KEY: ${NNGM_CTS_APIKEY}
       CRYPT_KEY: ${NNGM_CRYPTKEY}
       #CTS_MAGICPL_SITE: ${SITE_ID}TODO
+    restart: always
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.connector.rule=PathPrefix(`/nngm-connector`)"

ccp/modules/obds2fhir-rest-compose.yml

@@ -10,6 +10,7 @@ services:
       SALT: ${LOCAL_SALT}
       KEEP_INTERNAL_ID: ${KEEP_INTERNAL_ID:-false}
       MAINZELLISTE_URL: ${PATIENTLIST_URL:-http://patientlist:8080/patientlist}
+    restart: always
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.obds2fhir-rest.rule=PathPrefix(`/obds2fhir-rest`) || PathPrefix(`/adt2fhir-rest`)"

dhki/docker-compose.yml

@@ -2,7 +2,7 @@ version: "3.7"
 
 services:
   blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.31
+    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
     container_name: bridgehead-dhki-blaze
     environment:
       BASE_URL: "http://bridgehead-dhki-blaze:8080"

dhki/vars

@@ -17,12 +17,4 @@ do
 done
 
 idManagementSetup
-obds2fhirRestSetup
+obds2fhirRestSetup
-
-for module in modules/*.sh
-do
-    log DEBUG "sourcing $module"
-    source $module
-done
-
-transfairSetup

docs/update-access-token.md

@@ -1,42 +0,0 @@
-## How to Change Config Access Token
-
-### 1. Generate a New Access Token
-
-1. Go to your Git configuration repository provider, it might be either [git.verbis.dkfz.de](https://git.verbis.dkfz.de) or [gitlab.bbmri-eric.eu](https://gitlab.bbmri-eric.eu).  
-2. Navigate to the configuration repository for your site.  
-3. Go to **Settings → Access Tokens** to check if your Access Token is valid or expired.  
-   - **If expired**, create a new Access Token.  
-4. Configure the new Access Token with the following settings:  
-   - **Expiration date**: One year from today, minus one day.  
-   - **Role**: Developer.  
-   - **Scope**: Only `read_repository`.  
-5. Save the newly generated Access Token in a secure location.  
-
----
-
-### 2. Replace the Old Access Token
-
-1. Navigate to `/etc/bridgehead` in your system.  
-2. Run the following command to retrieve the current Git remote URL:  
-   ```bash
-   git remote get-url origin
-   ```
-   Example output:  
-   ```
-   https://name40dkfz-heidelberg.de:<old_access_token>@git.verbis.dkfz.de/bbmri-bridgehead-configs/test.git
-   ```
-3. Replace `<old_access_token>` with your new Access Token in the URL.  
-4. Set the updated URL using the following command:  
-   ```bash
-   git remote set-url origin https://name40dkfz-heidelberg.de:<new_access_token>@git.verbis.dkfz.de/bbmri-bridgehead-configs/test.git
-   
-   ```
-
-5. Start the Bridgehead update service by running:  
-   ```bash
-   systemctl start bridgehead-update@<project>
-   ```
-6. View the output to ensure the update process is successful:  
-   ```bash
-   journalctl -u bridgehead-update@<project> -f
-   ```

itcc/docker-compose.yml

@@ -2,7 +2,7 @@ version: "3.7"
 
 services:
   blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.31
+    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
     container_name: bridgehead-itcc-blaze
     environment:
       BASE_URL: "http://bridgehead-itcc-blaze:8080"

kr/docker-compose.yml

@@ -6,7 +6,7 @@ services:
       replicas: 0 #deactivate landing page
 
   blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.31
+    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
     container_name: bridgehead-kr-blaze
     environment:
       BASE_URL: "http://bridgehead-kr-blaze:8080"

kr/modules/obds2fhir-rest-compose.yml

@@ -10,6 +10,7 @@ services:
       SALT: ${LOCAL_SALT}
       KEEP_INTERNAL_ID: ${KEEP_INTERNAL_ID:-false}
       MAINZELLISTE_URL: ${PATIENTLIST_URL:-http://patientlist:8080/patientlist}
+    restart: always
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.obds2fhir-rest.rule=PathPrefix(`/obds2fhir-rest`) || PathPrefix(`/adt2fhir-rest`)"

lib/update-bridgehead.sh

@@ -58,8 +58,7 @@ for DIR in /etc/bridgehead $(pwd); do
     OUT=$(retry 5 git -c http.proxy=$HTTPS_PROXY_FULL_URL -c https.proxy=$HTTPS_PROXY_FULL_URL -C $DIR fetch 2>&1 && retry 5 git -c http.proxy=$HTTPS_PROXY_FULL_URL -c https.proxy=$HTTPS_PROXY_FULL_URL -C $DIR pull 2>&1)
   fi
   if [ $? -ne 0 ]; then
-    OUT_SAN=$(echo $OUT | sed -E 's|://[^:]+:[^@]+@|://credentials@|g')
+    report_error log "Unable to update git $DIR: $OUT"
-    report_error log "Unable to update git $DIR: $OUT_SAN"
   fi
 
   new_git_hash="$(git -C $DIR rev-parse --verify HEAD)"

minimal/modules/nngm-compose.yml

@@ -11,6 +11,7 @@ services:
       CTS_API_KEY: ${NNGM_CTS_APIKEY}
       CRYPT_KEY: ${NNGM_CRYPTKEY}
       #CTS_MAGICPL_SITE: ${SITE_ID}TODO
+    restart: always
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.connector.rule=PathPrefix(`/nngm-connector`)"

modules/transfair-compose.yml

@@ -1,51 +0,0 @@
-
-services:
-  transfair:
-    image: docker.verbis.dkfz.de/cache/samply/transfair:latest
-    container_name: bridgehead-transfair
-    environment:
-      # NOTE: Those 3 variables need only to be passed if their set, otherwise transfair will complain about empty url values
-      - INSTITUTE_TTP_URL
-      - INSTITUTE_TTP_API_KEY
-      - PROJECT_ID_SYSTEM
-      - FHIR_REQUEST_URL=${FHIR_REQUEST_URL}
-      - FHIR_INPUT_URL=${FHIR_INPUT_URL}
-      - FHIR_OUTPUT_URL=${FHIR_OUTPUT_URL:-http://blaze:8080}
-      - FHIR_REQUEST_CREDENTIALS=${FHIR_REQUEST_CREDENTIALS}
-      - FHIR_INPUT_CREDENTIALS=${FHIR_INPUT_CREDENTIALS}
-      - FHIR_OUTPUT_CREDENTIALS=${FHIR_OUTPUT_CREDENTIALS}
-      - EXCHANGE_ID_SYSTEM=${EXCHANGE_ID_SYSTEM:-SESSION_ID}
-      - DATABASE_URL=sqlite://transfair/data_requests.sql?mode=rwc
-      - RUST_LOG=${RUST_LOG:-info}
-    volumes:
-      - /var/cache/bridgehead/${PROJECT}/transfair:/transfair
-
-  transfair-input-blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
-    container_name: bridgehead-transfair-input-blaze
-    environment:
-      BASE_URL: "http://bridgehead-transfair-input-blaze:8080"
-      JAVA_TOOL_OPTIONS: "-Xmx1024m"
-      DB_BLOCK_CACHE_SIZE: 1024
-      CQL_EXPR_CACHE_SIZE: 8
-      ENFORCE_REFERENTIAL_INTEGRITY: "false"
-    volumes:
-      - "transfair-input-blaze-data:/app/data"
-    profiles: ["transfair-input-blaze"]
-
-  transfair-request-blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
-    container_name: bridgehead-transfair-requests-blaze
-    environment:
-      BASE_URL: "http://bridgehead-transfair-requests-blaze:8080"
-      JAVA_TOOL_OPTIONS: "-Xmx1024m"
-      DB_BLOCK_CACHE_SIZE: 1024
-      CQL_EXPR_CACHE_SIZE: 8
-      ENFORCE_REFERENTIAL_INTEGRITY: "false"
-    volumes:
-      - "transfair-request-blaze-data:/app/data"
-    profiles: ["transfair-request-blaze"]
-
-volumes:
-  transfair-input-blaze-data:
-  transfair-request-blaze-data:

modules/transfair-setup.sh

@@ -1,22 +0,0 @@
-#!/bin/bash -e
-
-function transfairSetup() {
-    if [[ -n "$INSTITUTE_TTP_URL" || -n "$EXCHANGE_ID_SYSTEM" ]]; then
-        echo "Starting transfair."
-	    OVERRIDE+=" -f ./modules/transfair-compose.yml"
-	    if [ -n "$FHIR_INPUT_URL" ]; then
-		    log INFO "TransFAIR input fhir store set to external $FHIR_INPUT_URL"
-	    else
-		    log INFO "TransFAIR input fhir store not set writing to internal blaze"
-		    FHIR_INPUT_URL="http://transfair-input-blaze:8080"
-		    OVERRIDE+=" --profile transfair-input-blaze"
-	    fi
-	    if [ -n "$FHIR_REQUEST_URL" ]; then
-		    log INFO "TransFAIR request fhir store set to external $FHIR_REQUEST_URL"
-	    else
-		    log INFO "TransFAIR request fhir store not set writing to internal blaze"
-		    FHIR_REQUEST_URL="http://transfair-requests-blaze:8080"
-		    OVERRIDE+=" --profile transfair-request-blaze"
-	    fi
-    fi
-}