319 lines
13 KiB
XML
319 lines
13 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
|
|
https://maven.apache.org/xsd/maven-4.0.0.xsd">
|
|
<modelVersion>4.0.0</modelVersion>
|
|
|
|
<!-- =========================================================
|
|
BD Core FHIR National Repository — HAPI Overlay Module
|
|
This module produces the fat JAR that runs in the container.
|
|
All runtime dependencies declared here.
|
|
========================================================= -->
|
|
|
|
<parent>
|
|
<groupId>bd.gov.dghs</groupId>
|
|
<artifactId>bd-fhir-national</artifactId>
|
|
<version>1.0.0-SNAPSHOT</version>
|
|
<relativePath>../pom.xml</relativePath>
|
|
</parent>
|
|
|
|
<artifactId>hapi-overlay</artifactId>
|
|
<packaging>jar</packaging>
|
|
<name>BD FHIR National — HAPI Overlay</name>
|
|
<description>
|
|
Custom HAPI FHIR overlay for the BD national FHIR repository.
|
|
Includes: Keycloak JWT interceptor, BD Core IG validation chain,
|
|
OCL terminology integration, cluster expression validator,
|
|
audit event emitter, and rejected submission sink.
|
|
</description>
|
|
|
|
<dependencies>
|
|
|
|
<!-- =======================================================
|
|
HAPI FHIR CORE — JPA server stack
|
|
Versions managed by hapi-fhir-bom in parent POM.
|
|
======================================================= -->
|
|
|
|
<!-- JPA server starter — brings in Spring Boot web, JPA,
|
|
Hibernate, Jackson, and HAPI servlet infrastructure -->
|
|
<dependency>
|
|
<groupId>ca.uhn.hapi.fhir</groupId>
|
|
<artifactId>hapi-fhir-jpaserver-starter</artifactId>
|
|
<!-- Version from BOM. Do NOT pin version here. -->
|
|
</dependency>
|
|
|
|
<!-- FHIR R4 model classes — Patient, Condition, AuditEvent, etc. -->
|
|
<dependency>
|
|
<groupId>ca.uhn.hapi.fhir</groupId>
|
|
<artifactId>hapi-fhir-structures-r4</artifactId>
|
|
</dependency>
|
|
|
|
<!-- Validation support framework — IValidationSupport chain -->
|
|
<dependency>
|
|
<groupId>ca.uhn.hapi.fhir</groupId>
|
|
<artifactId>hapi-fhir-validation</artifactId>
|
|
</dependency>
|
|
|
|
<!-- Validation resources — built-in FHIR R4 profiles and
|
|
code system content (LOINC, SNOMED stubs, etc.) -->
|
|
<dependency>
|
|
<groupId>ca.uhn.hapi.fhir</groupId>
|
|
<artifactId>hapi-fhir-validation-resources-r4</artifactId>
|
|
</dependency>
|
|
|
|
<!-- NPM package support — loads BD Core IG package.tgz
|
|
via NpmPackageValidationSupport -->
|
|
<dependency>
|
|
<groupId>ca.uhn.hapi.fhir</groupId>
|
|
<artifactId>hapi-fhir-npm-packages</artifactId>
|
|
</dependency>
|
|
|
|
<!-- Remote terminology service — base class for our custom
|
|
BdTerminologyValidationSupport. We extend this to force
|
|
$validate-code and suppress $expand. -->
|
|
<dependency>
|
|
<groupId>ca.uhn.hapi.fhir</groupId>
|
|
<artifactId>hapi-fhir-terminology</artifactId>
|
|
</dependency>
|
|
|
|
<!-- IInstanceValidator — used by FhirValidator to run
|
|
profile validation on submitted resources -->
|
|
<dependency>
|
|
<groupId>ca.uhn.hapi.fhir</groupId>
|
|
<artifactId>hapi-fhir-validation-resources-r4</artifactId>
|
|
</dependency>
|
|
|
|
<!-- =======================================================
|
|
SPRING BOOT STARTERS
|
|
Versions managed by spring-boot-dependencies in parent.
|
|
======================================================= -->
|
|
|
|
<!-- Web MVC — embedded Tomcat, DispatcherServlet -->
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-web</artifactId>
|
|
</dependency>
|
|
|
|
<!-- JPA / Hibernate — HAPI JPA persistence layer -->
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-jpa</artifactId>
|
|
</dependency>
|
|
|
|
<!-- Actuator — /actuator/health, /actuator/info, /actuator/metrics.
|
|
Health endpoints used by load balancer liveness/readiness probes.
|
|
Custom AuditDataSourceHealthIndicator registered here. -->
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-actuator</artifactId>
|
|
</dependency>
|
|
|
|
<!-- Validation (Bean Validation / Hibernate Validator) —
|
|
used for @Valid on REST controller inputs -->
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-validation</artifactId>
|
|
</dependency>
|
|
|
|
<!-- =======================================================
|
|
DATABASE
|
|
======================================================= -->
|
|
|
|
<!-- PostgreSQL JDBC driver — runtime only, not needed at compile -->
|
|
<dependency>
|
|
<groupId>org.postgresql</groupId>
|
|
<artifactId>postgresql</artifactId>
|
|
<scope>runtime</scope>
|
|
</dependency>
|
|
|
|
<!-- Flyway core — schema migration engine.
|
|
Runs V1__hapi_schema.sql and V2__audit_schema.sql on startup
|
|
before HAPI JPA initialises. -->
|
|
<dependency>
|
|
<groupId>org.flywaydb</groupId>
|
|
<artifactId>flyway-core</artifactId>
|
|
</dependency>
|
|
|
|
<!-- Flyway PostgreSQL dialect — required for Flyway 10+.
|
|
Without this artifact, Flyway silently skips migrations
|
|
against PostgreSQL datasources. -->
|
|
<dependency>
|
|
<groupId>org.flywaydb</groupId>
|
|
<artifactId>flyway-database-postgresql</artifactId>
|
|
</dependency>
|
|
|
|
<!-- HikariCP — connection pool.
|
|
Spring Boot auto-configures HikariCP when it is on classpath.
|
|
Explicit declaration ensures version alignment with parent BOM. -->
|
|
<dependency>
|
|
<groupId>com.zaxxer</groupId>
|
|
<artifactId>HikariCP</artifactId>
|
|
</dependency>
|
|
|
|
<!-- =======================================================
|
|
SECURITY — JWT VALIDATION
|
|
======================================================= -->
|
|
|
|
<!-- Nimbus JOSE+JWT — JWT parsing, signature verification,
|
|
and JWKS remote key set with cache.
|
|
Used by KeycloakJwtInterceptor.
|
|
RemoteJWKSet provides kid-based cache invalidation:
|
|
keys cached 1 hour, re-fetched on unknown kid. -->
|
|
<dependency>
|
|
<groupId>com.nimbusds</groupId>
|
|
<artifactId>nimbus-jose-jwt</artifactId>
|
|
</dependency>
|
|
|
|
<!-- =======================================================
|
|
HTTP CLIENT — OCL and cluster validator calls
|
|
======================================================= -->
|
|
|
|
<!-- Apache HttpClient 5 — used by BdTerminologyValidationSupport
|
|
for OCL $validate-code calls, and ClusterExpressionValidator
|
|
for https://icd11.dghs.gov.bd/cluster/validate calls.
|
|
Separate from the HttpClient that HAPI uses internally
|
|
(HAPI uses its own managed instance). -->
|
|
<dependency>
|
|
<groupId>org.apache.httpcomponents.client5</groupId>
|
|
<artifactId>httpclient5</artifactId>
|
|
</dependency>
|
|
|
|
<!-- =======================================================
|
|
OBSERVABILITY
|
|
======================================================= -->
|
|
|
|
<!-- Micrometer Prometheus registry — exposes /actuator/prometheus
|
|
for Prometheus scraping. Optional but included from day one
|
|
for national-scale observability readiness. -->
|
|
<dependency>
|
|
<groupId>io.micrometer</groupId>
|
|
<artifactId>micrometer-registry-prometheus</artifactId>
|
|
</dependency>
|
|
|
|
<!-- =======================================================
|
|
UTILITIES
|
|
======================================================= -->
|
|
|
|
<!-- Jackson — JSON serialisation for audit log payloads,
|
|
OCL API responses, cluster validator responses.
|
|
Managed by Spring Boot BOM. -->
|
|
<dependency>
|
|
<groupId>com.fasterxml.jackson.core</groupId>
|
|
<artifactId>jackson-databind</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>com.fasterxml.jackson.datatype</groupId>
|
|
<artifactId>jackson-datatype-jsr310</artifactId>
|
|
</dependency>
|
|
|
|
<!-- SLF4J / Logback — Spring Boot default logging.
|
|
Logback configured in application.yaml for structured JSON
|
|
output suitable for ELK ingestion. -->
|
|
<dependency>
|
|
<groupId>net.logstash.logback</groupId>
|
|
<artifactId>logstash-logback-encoder</artifactId>
|
|
<version>7.4</version>
|
|
</dependency>
|
|
|
|
<!-- =======================================================
|
|
TEST DEPENDENCIES
|
|
======================================================= -->
|
|
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-test</artifactId>
|
|
<scope>test</scope>
|
|
<!-- Excludes vintage JUnit 4 engine — JUnit 5 only -->
|
|
<exclusions>
|
|
<exclusion>
|
|
<groupId>org.junit.vintage</groupId>
|
|
<artifactId>junit-vintage-engine</artifactId>
|
|
</exclusion>
|
|
</exclusions>
|
|
</dependency>
|
|
|
|
<!-- TestContainers — PostgreSQL container for integration tests.
|
|
Tests spin up a real PostgreSQL 15 container, run Flyway
|
|
migrations, and validate the full persistence layer.
|
|
Never use H2 — not even in tests. -->
|
|
<dependency>
|
|
<groupId>org.testcontainers</groupId>
|
|
<artifactId>postgresql</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.testcontainers</groupId>
|
|
<artifactId>junit-jupiter</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
|
|
<!-- HAPI FHIR test utilities — FhirContext in tests -->
|
|
<dependency>
|
|
<groupId>ca.uhn.hapi.fhir</groupId>
|
|
<artifactId>hapi-fhir-test-utilities</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
|
|
<!-- WireMock — mock OCL and cluster validator in unit tests.
|
|
Allows testing 422 rejection paths without live OCL. -->
|
|
<dependency>
|
|
<groupId>org.wiremock</groupId>
|
|
<artifactId>wiremock-standalone</artifactId>
|
|
<version>3.5.4</version>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
|
|
</dependencies>
|
|
|
|
<build>
|
|
<plugins>
|
|
|
|
<!-- Spring Boot Maven plugin — repackages JAR as fat JAR
|
|
and embeds build-info.properties for /actuator/info.
|
|
Configured in parent pluginManagement. -->
|
|
<plugin>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-maven-plugin</artifactId>
|
|
<!-- Configuration inherited from parent pluginManagement -->
|
|
</plugin>
|
|
|
|
<!-- Compiler plugin — Java 17, inherited from parent -->
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-compiler-plugin</artifactId>
|
|
</plugin>
|
|
|
|
<!-- Surefire — JUnit 5, inherited from parent -->
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-surefire-plugin</artifactId>
|
|
</plugin>
|
|
|
|
<!-- Resources plugin — ensures packages/ directory with
|
|
bd.gov.dghs.core-0.2.1.tgz is included in the fat JAR
|
|
under classpath:packages/ -->
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-resources-plugin</artifactId>
|
|
<configuration>
|
|
<resources>
|
|
<resource>
|
|
<directory>src/main/resources</directory>
|
|
<filtering>false</filtering>
|
|
<!-- filtering=false is critical: the .tgz is binary.
|
|
Maven resource filtering on binary files corrupts them. -->
|
|
</resource>
|
|
</resources>
|
|
</configuration>
|
|
</plugin>
|
|
|
|
</plugins>
|
|
|
|
<!-- Ensure the fat JAR is named predictably for Docker COPY -->
|
|
<finalName>bd-fhir-hapi</finalName>
|
|
|
|
</build>
|
|
|
|
</project>
|