diff --git a/docs/deploy-nbs7/keycloak/keycloak-installation.md b/docs/deploy-nbs7/keycloak/keycloak-installation.md index 86453c7..3d9e423 100644 --- a/docs/deploy-nbs7/keycloak/keycloak-installation.md +++ b/docs/deploy-nbs7/keycloak/keycloak-installation.md @@ -31,7 +31,7 @@ The Keycloak Helm chart provides authentication for `modernization-api`, `nbs-ga - **Username** – `admin` - **Password** – `database_admin_password` -1. Run the script below (from [`charts/keycloak/nbs_keycloak.sql`][nedss-helm-keycloak-sql] in the NEDSS-Helm repository) to create the Keycloak database and database user. Replace `'EXAMPLE_KCDB_PASS8675309'` with a complex password that meets your organization's standards. Store this password securely — you will need it in the `values.yaml` file in the next section. +1. Run the script below (from [nbs_keycloak.sql][nedss-helm-keycloak-sql] in the NEDSS-Helm repository) to create the Keycloak database and database user. Replace `'EXAMPLE_KCDB_PASS8675309'` with a complex password that meets your organization's standards. Store this password securely — you will need it in the `values.yaml` file in the next section. ```bash use master @@ -56,7 +56,7 @@ The Keycloak Helm chart provides authentication for `modernization-api`, `nbs-ga ## Configure the Helm chart -1. In [`charts/keycloak/values.yml`][nedss-helm-keycloak-values], update the following parameters: +1. In [values.yml][nedss-helm-keycloak-values], update the following parameters: | **Parameter** | **Template Value** | **Example / Description** | |---|---|---| @@ -118,7 +118,7 @@ The Keycloak Helm chart provides authentication for `modernization-api`, `nbs-ga ![nbs-create-new-realm](images/create-new-nbs-realm-with-di-client.png) -1. Upload [`charts/keycloak/extra/01-NBS-realm-with-DI-client.json`][nedss-helm-keycloak-di-client] and click **Create**. This imports the NBS realm and clients. +1. Upload [01-NBS-realm-with-DI-client.json][nedss-helm-keycloak-di-client] and click **Create**. This imports the NBS realm and clients. ![nbs-create-new-realm-2](images/create-new-nbs-realm-with-di-client-2.png) ![nbs-create-new-realm-3](images/create-new-nbs-realm-with-di-client-3.png) @@ -148,7 +148,7 @@ The imported configuration seeds a random client secret for each service client. ![nnd-realm](images/nnd-realm.png) ![nnd-realm-partial-import](images/nnd-realm-partial-import.png) -1. Upload [`charts/keycloak/extra/05-nbs-users-nnd-client.json`][nedss-helm-keycloak-nnd-client] and click **Create**. +1. Upload [05-nbs-users-nnd-client.json][nedss-helm-keycloak-nnd-client] and click **Create**. 1. Navigate to the **NBS Realm** in the left menu and click **Clients**. 1. Select `nnd-keycloak-client` and open the **Credentials** tab. 1. Click the eye icon to reveal the secret and copy it. @@ -160,15 +160,25 @@ The imported configuration seeds a random client secret for each service client. ### SRTE client 1. In the **NBS Realm**, open **Realm settings**, click the **Action** dropdown, and select **Partial Import**. -1. Upload [`charts/keycloak/extra/06-nbs-users-srte-data-client.json`][nedss-helm-keycloak-srte-client] and click **Create**. +1. Upload [06-nbs-users-srte-data-client.json][nedss-helm-keycloak-srte-client] and click **Create**. 1. Navigate to the **NBS Realm** in the left menu and click **Clients**. 1. Select `srte-data-keycloak-client` and open the **Credentials** tab. 1. Click the eye icon to reveal the secret and copy it. 1. Store the secret (for example, in AWS Secrets Manager at `keycloak/client/secret/srte`). +### XML-HL7 parser client + +1. In the **NBS Realm**, open **Realm settings**, click the **Action** dropdown, and select **Partial Import**. +1. Upload [10-nbs-users-xml-hl7-parser-service.json][nedss-helm-keycloak-hl7-parser] and click **Create**. +1. Navigate to the **NBS Realm** in the left menu and click **Clients**. +1. Select `xml-hl7-parser-keycloak-client` and open the **Credentials** tab. +1. Click the eye icon to reveal the secret and copy it. +1. Store the secret (for example, in AWS Secrets Manager at `keycloak/client/secret/xml-hl7-parser`). + [nedss-helm-keycloak-chart]: [nedss-helm-keycloak-sql]: [nedss-helm-keycloak-values]: [nedss-helm-keycloak-di-client]: [nedss-helm-keycloak-nnd-client]: [nedss-helm-keycloak-srte-client]: +[nedss-helm-keycloak-hl7-parser]: diff --git a/docs/deploy-nbs7/microservices-deployment/case-notification.md b/docs/deploy-nbs7/microservices-deployment/case-notification.md index d0c00d7..c5b0fd1 100644 --- a/docs/deploy-nbs7/microservices-deployment/case-notification.md +++ b/docs/deploy-nbs7/microservices-deployment/case-notification.md @@ -22,13 +22,14 @@ This section sets out the detailed steps to installing NBS 7 Case Notification, ## Overview -Case notifications comprise three services and should be deployed in the following order: +Case notification services should be deployed in the following order: 1. [Debezium](../../deploy-nbs7/microservices-deployment/case-notification/debezium.html) + 1. [XML HL7 parser service](../../deploy-nbs7/microservices-deployment/case-notification/xml-hl7-parser.html) 1. [Data extraction service](../../deploy-nbs7/microservices-deployment/case-notification/data-extraction.html) 1. [Notification service](../../deploy-nbs7/microservices-deployment/case-notification/case-notification-service.html) -Services 2 and 3 require you to first set up [Keycloak configuration](#keycloak-configuration). After you deploy all required services for case notifications, validate with [API testing](../../deploy-nbs7/microservices-deployment/case-notification/api-testing.html). +All services except Debezium require you to first set up [Keycloak configuration](#keycloak-configuration). After you deploy all required services for case notifications, validate with [API testing](../../deploy-nbs7/microservices-deployment/case-notification/api-testing.html). ## Considerations @@ -43,7 +44,7 @@ Case notifications require [NND Sync](../../deploy-nbs7/microservices-deployment ## Keycloak configuration -The data extraction and notification services require Keycloak. Complete this configuration before deploying them. +The XML HL7 parser, data extraction, and notification services require Keycloak. Complete this configuration before deploying them. 1. In each service's `values.yaml`, confirm the Keycloak auth URI. In the default configuration this value should not need to change unless the name or namespace of the Keycloak pod is modified. @@ -53,6 +54,7 @@ The data extraction and notification services require Keycloak. Complete this co 1. For each of the three services, import the corresponding Keycloak profile from [`NEDSS-Helm/charts/keycloak/extra`][nedss-helm-keycloak-extra]. +> The Notification service also requires the Keycloak client ID and secret for the XML HL7 Parser service. These are configured with the `api.clientId` and `api.secret` fields in its `values.yaml`. See [Notification service](../../deploy-nbs7/microservices-deployment/case-notification/case-notification-service.html) for more information. {: .note } [nedss-helm-keycloak-extra]: diff --git a/docs/deploy-nbs7/microservices-deployment/case-notification/api-testing.md b/docs/deploy-nbs7/microservices-deployment/case-notification/api-testing.md index 9a65aef..7d8f19d 100644 --- a/docs/deploy-nbs7/microservices-deployment/case-notification/api-testing.md +++ b/docs/deploy-nbs7/microservices-deployment/case-notification/api-testing.md @@ -25,6 +25,8 @@ Use this page to validate ingress, PHIMNS property configuration, and supporting - **Case Notification**: [NEDSS-Helm/charts/dataingestion-service/templates/ingress.yaml at 10623c0d9788a6513bd51f4b6ed4eb0f79b30a2f · CDCgov/NEDSS-Helm](https://github.com/CDCgov/NEDSS-Helm/blob/10623c0d9788a6513bd51f4b6ed4eb0f79b30a2f/charts/dataingestion-service/templates/ingress.yaml) + - **HL7 Parser**: [NEDSS-Helm/charts/dataingestion-service/templates/ingress.yaml at 10623c0d9788a6513bd51f4b6ed4eb0f79b30a2f · CDCgov/NEDSS-Helm](https://github.com/CDCgov/NEDSS-Helm/blob/10623c0d9788a6513bd51f4b6ed4eb0f79b30a2f/charts/dataingestion-service/templates/ingress.yaml) + ## PHIMNS properties - For services to be fully functional, STLT partners must provide CDC their PHIMS properties. This ensures data in the `TransportQ_Out` table is updated correctly when processed by CDC Case Notification. These values can be pulled from the existing NND Rhapsody route Variable Manager at the STLT level. @@ -77,6 +79,10 @@ Use this page to validate ingress, PHIMNS property configuration, and supporting - [NEDSS-NNDSS-Case-Notifications/README.md at {{ site.version_latest_tag }} · CDCgov/NEDSS-NNDSS-Case-Notifications][nndss-case-notifications-readme] - [NEDSS-Helm/charts/data-extraction-service/templates/deployment.yaml at {{ site.version_latest_tag }} · CDCgov/NEDSS-Helm][nedss-helm-data-extraction-deployment] +- **Xml-Hl7-Parser-Service** + - [NEDSS-NNDSS-Case-Notifications/README.md at main · CDCgov/NEDSS-NNDSS-Case-Notifications][nndss-case-notifications-readme] + - [NEDSS-Helm/charts/xml-hl7-parser-service/templates/deployment.yaml at main · CDCgov/NEDSS-Helm][nedss-helm-data-extraction-deployment] + ### Case notification Liquibase - Case Notification includes a built-in Liquibase integration that automatically applies database changes during deployment. diff --git a/docs/deploy-nbs7/microservices-deployment/case-notification/case-notification-service.md b/docs/deploy-nbs7/microservices-deployment/case-notification/case-notification-service.md index ab48130..da16052 100644 --- a/docs/deploy-nbs7/microservices-deployment/case-notification/case-notification-service.md +++ b/docs/deploy-nbs7/microservices-deployment/case-notification/case-notification-service.md @@ -36,8 +36,14 @@ This page walks through deploying the Case Notification Service for case notific kafka: cluster: "EXAMPLE_MSK_KAFKA_ENDPOINT" + + api: + host: "https:///hl7-parser" + clientId: "EXAMPLE_XML-HL7-Parser_CLIENT_ID" + secret: "EXAMPLE_XML-HL7-Parser_CLIENT_SECRET" ``` + The `api.clientId` and `api.secret` fields must match the Keycloak client credentials for the XML HL7 Parser service, not this service. Retrieve them from the `xml-hl7-parser-keycloak-client` credentials in the NBS realm. {: .note } 1. Install the service: diff --git a/docs/deploy-nbs7/microservices-deployment/case-notification/xml-hl7-parser.md b/docs/deploy-nbs7/microservices-deployment/case-notification/xml-hl7-parser.md new file mode 100644 index 0000000..cfa826c --- /dev/null +++ b/docs/deploy-nbs7/microservices-deployment/case-notification/xml-hl7-parser.md @@ -0,0 +1,55 @@ +--- +title: XML HL7 parser +layout: page +parent: Case notifications +nav_order: 3 +redirect_from: + - /docs/6_microservices_deployment/9c_xml_hl7_parser.html + - /docs/6_microservices_deployment/9c_xml_hl7_parser/ +--- + +# Deploy XML HL7 Parser Service for NBS 7 case notifications + +This page walks through deploying the XML HL7 Parser Service used by case notification workflows. + +1. Locate the Helm chart at `charts/xml-hl7-parser-service`. +1. Set the image repository and tag: + + ```yaml + image: + repository: "quay.io/us-cdcgov/cdc-nbs-modernization/nnd-case-notification-service/xml-hl7-parser-service" + pullPolicy: IfNotPresent + tag: # for example, v1.0.1 + ``` + +1. Update JDBC and service configuration values: + + ```yaml + ingressHost: "data.EXAMPLE_DOMAIN" + + jdbc: + dbserver: "EXAMPLE_DB_ENDPOINT" + username: "EXAMPLE_ODSE_DB_USER" + password: "EXAMPLE_ODSE_DB_USER_PASSWORD" + + authUri: "http://keycloak.default.svc.cluster.local/auth/realms/NBS" + ``` + +1. Install the service: + + ```bash + helm install xml-hl7-parser-service -f ./xml-hl7-parser-service/values.yaml xml-hl7-parser-service + ``` + +1. Verify the pod is running: + + ```bash + kubectl get pods + ``` + +1. Validate the service: + + ```text + https:///hl7-parser/actuator/info + https:///hl7-parser/actuator/health + ```