initial commit

.dockerignore

@@ -0,0 +1,25 @@
+**/.dockerignore
+**/.env
+**/.git
+**/.gitignore
+**/.project
+**/.settings
+**/.toolstarget
+**/.vs
+**/.vscode
+**/.idea
+**/*.*proj.user
+**/*.dbmdl
+**/*.jfm
+**/azds.yaml
+**/bin
+**/charts
+**/docker-compose*
+**/Dockerfile*
+**/node_modules
+**/npm-debug.log
+**/obj
+**/secrets.dev.yaml
+**/values.dev.yaml
+LICENSE
+README.md

.editorconfig

@@ -0,0 +1,99 @@
+[*]
+charset = utf-8
+end_of_line = lf
+trim_trailing_whitespace = false
+insert_final_newline = false
+indent_style = space
+indent_size = 4
+tab_width = 4
+
+# Microsoft .NET properties
+csharp_new_line_before_members_in_object_initializers = false
+csharp_preferred_modifier_order = public, private, protected, internal, new, static, abstract, virtual, sealed, readonly, override, extern, unsafe, volatile, async:suggestion
+# Above is the C#10 version, below is the C#11 version
+# csharp_preferred_modifier_order = public, private, protected, internal, file, new, static, abstract, virtual, sealed, readonly, override, extern, unsafe, volatile, async, required:suggestion
+# csharp_style_prefer_utf8_string_literals = true:suggestion
+csharp_style_var_elsewhere = true:suggestion
+csharp_style_var_for_built_in_types = true:suggestion
+csharp_style_var_when_type_is_apparent = true:suggestion
+dotnet_style_parentheses_in_arithmetic_binary_operators = never_if_unnecessary:none
+dotnet_style_parentheses_in_other_binary_operators = always_for_clarity:none
+dotnet_style_parentheses_in_relational_binary_operators = never_if_unnecessary:none
+dotnet_style_predefined_type_for_locals_parameters_members = true:suggestion
+dotnet_style_predefined_type_for_member_access = true:suggestion
+dotnet_style_qualification_for_event = false:suggestion
+dotnet_style_qualification_for_field = false:suggestion
+dotnet_style_qualification_for_method = false:suggestion
+dotnet_style_qualification_for_property = false:suggestion
+dotnet_style_require_accessibility_modifiers = for_non_interface_members:suggestion
+
+# Resharper config are for those using Visual Studio community, professional and enterprise with Jetbrains R#
+# Those rules are not applied on Jetbrains Rider, as they come by default there, nor do they apply in Visual Studio Code
+
+# ReSharper properties
+resharper_autodetect_indent_settings = true
+resharper_formatter_off_tag = @formatter:off
+resharper_formatter_on_tag = @formatter:on
+resharper_formatter_tags_enabled = true
+resharper_use_indent_from_vs = false
+
+# ReSharper inspection severities
+resharper_arrange_redundant_parentheses_highlighting = hint
+resharper_arrange_this_qualifier_highlighting = hint
+resharper_arrange_type_member_modifiers_highlighting = hint
+resharper_arrange_type_modifiers_highlighting = hint
+resharper_built_in_type_reference_style_for_member_access_highlighting = hint
+resharper_built_in_type_reference_style_highlighting = hint
+resharper_redundant_base_qualifier_highlighting = warning
+resharper_suggest_var_or_type_built_in_types_highlighting = hint
+resharper_suggest_var_or_type_elsewhere_highlighting = hint
+resharper_suggest_var_or_type_simple_types_highlighting = hint
+resharper_web_config_module_not_resolved_highlighting = warning
+resharper_web_config_type_not_resolved_highlighting = warning
+resharper_web_config_wrong_module_highlighting = warning
+
+[*.cs]
+# Newline settings
+csharp_new_line_before_open_brace = all
+csharp_new_line_before_else = true
+csharp_new_line_before_catch = true
+csharp_new_line_before_finally = true
+csharp_new_line_before_members_in_object_initializers = true
+csharp_new_line_before_members_in_anonymous_types = true
+
+# name all constant fields using PascalCase
+dotnet_naming_rule.constant_fields_should_be_pascal_case.severity = suggestion
+dotnet_naming_rule.constant_fields_should_be_pascal_case.symbols  = constant_fields
+dotnet_naming_rule.constant_fields_should_be_pascal_case.style    = pascal_case_style
+dotnet_naming_symbols.constant_fields.applicable_kinds   = field
+dotnet_naming_symbols.constant_fields.required_modifiers = const
+dotnet_naming_style.pascal_case_style.capitalization = pascal_case
+
+# static fields should have s_ prefix
+dotnet_naming_rule.static_fields_should_have_prefix.severity = suggestion
+dotnet_naming_rule.static_fields_should_have_prefix.symbols  = static_fields
+dotnet_naming_rule.static_fields_should_have_prefix.style    = static_prefix_style
+dotnet_naming_symbols.static_fields.applicable_kinds   = field
+dotnet_naming_symbols.static_fields.required_modifiers = static
+dotnet_naming_symbols.static_fields.applicable_accessibilities = private, internal, private_protected
+dotnet_naming_style.static_prefix_style.required_prefix = s_
+dotnet_naming_style.static_prefix_style.capitalization = camel_case
+
+# internal and private fields should be _camelCase
+dotnet_naming_rule.camel_case_for_private_internal_fields.severity = suggestion
+dotnet_naming_rule.camel_case_for_private_internal_fields.symbols  = private_internal_fields
+dotnet_naming_rule.camel_case_for_private_internal_fields.style    = camel_case_underscore_style
+dotnet_naming_symbols.private_internal_fields.applicable_kinds = field
+dotnet_naming_symbols.private_internal_fields.applicable_accessibilities = private, internal
+dotnet_naming_style.camel_case_underscore_style.required_prefix = _
+dotnet_naming_style.camel_case_underscore_style.capitalization = camel_case
+
+[*.{xml,config,*proj,nuspec,props,resx,targets,yml,tasks}]
+indent_size = 2
+
+# Xml config files
+[*.{props,targets,ruleset,config,nuspec,resx,vsixmanifest,vsct}]
+indent_size = 2
+
+[*.json]
+indent_size = 2

.github/example.dependabot.yml

@@ -0,0 +1,27 @@
+version: 2
+
+updates:
+  - package-ecosystem: nuget
+    directory: /
+    open-pull-requests-limit: 10
+
+    # Schedule run every Monday, local time
+    schedule:
+      interval: weekly
+      time: '10:30'
+      timezone: 'Europe/London'
+
+    versioning-strategy: increase
+
+    allow:
+      - dependency-type: direct
+
+  # Update GitHub Actions
+  - package-ecosystem: github-actions
+    directory: /
+
+    # Schedule run every Monday, local time
+    schedule:
+      interval: weekly
+      time: '10:30'
+      timezone: 'Europe/London'

.github/template/apply.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+repository=$1
+
+REPO_NAME=$(echo "${repository}" | awk -F '/' '{print $2}')
+REPO_NAME_PASCAL_CASE=$(echo "$REPO_NAME" | sed -r 's/(^|-)([a-z])/\U\2/g')
+
+echo "applying template..."
+
+echo "renaming cdp-dotnet-backend-template -> ${REPO_NAME}"
+find . -name .git -prune -o -name .github -prune -o -type f -exec sed -i "s/cdp-dotnet-backend-template/${REPO_NAME}/g" {} \;
+
+echo "Backend.Api -> ${REPO_NAME_PASCAL_CASE}"
+find . -name .git -prune -o -name .github -prune -o -type f -exec sed -i "s/Backend\.Api/${REPO_NAME_PASCAL_CASE}/g" {} \;
+
+echo "CDP C# ASP\.NET Backend Template -> ${REPO_NAME}"
+find . -name .git -prune -o -name .github -prune -o -type f -exec sed -i "s/CDP C# ASP\.NET Backend Template/${REPO_NAME}/g" {} \;
+
+echo "Moving Backend\.Api* -> ${REPO_NAME_PASCAL_CASE}"
+mv './Backend.Api/Backend.Api.csproj' "./Backend.Api/${REPO_NAME_PASCAL_CASE}.csproj"
+mv './Backend.Api.Test/Backend.Api.Test.csproj' "./Backend.Api.Test/${REPO_NAME_PASCAL_CASE}.Test.csproj"
+mv './Backend.Api' "${REPO_NAME_PASCAL_CASE}"
+mv './Backend.Api.Test' "${REPO_NAME_PASCAL_CASE}.Test"
+
+echo "Renaming CdpDotnetBackendTemplate.sln -> ${REPO_NAME_PASCAL_CASE}.sln"   
+mv CdpDotnetBackendTemplate.sln "${REPO_NAME_PASCAL_CASE}".sln  
+
+tree

.github/template/cleanup.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+rm .github/workflows/template.yml
+rm .github/workflows/validate-template.yml
+rm -rf .github/template/

.github/template/template-compose.yml

@@ -0,0 +1,32 @@
+services:
+  mongodb:
+    container_name: mongodb
+    networks:
+      - cdp-network
+    image: mongo:6.0.13
+    volumes:
+      - ./ssl:/etc/ssl:ro
+    command: [
+      "--tlsMode", "requireTLS",
+      "--tlsCertificateKeyFile", "etc/ssl/mongodb.pem"
+    ]
+  service:
+    build:
+      context: ../..
+    container_name: cdp-dotnet-backend-template
+    image: cdp-dotnet-backend-template
+    networks:
+      - cdp-network
+    ports:
+      - "8085:8085"
+    depends_on:
+      - mongodb
+    environment:
+      ASPNETCORE_URLS: "http://+:8085"
+      Mongo__DatabaseUri: "mongodb://mongodb:27017/?tls=true"
+      TRUSTSTORE_MONGO: ${MONGODB_TEST_CA_PEM}
+
+networks:
+  cdp-network:
+    driver: bridge
+

.github/template/validate.sh

@@ -0,0 +1,81 @@
+#!/bin/bash
+
+compose_file='.github/template/template-compose.yml'
+
+checkUrl() {
+    URL=$1
+
+    set +e
+    # Call the URL and get the HTTP status code
+    HTTP_STATUS=$(curl -o /dev/null -s -w "%{http_code}\n" "$URL")
+    set -e
+
+    # Check if the HTTP status code is 200
+    if [ "$HTTP_STATUS" -eq 200 ]; then
+        echo " ✔ $URL returned a 200 OK status."
+        return 0
+    else
+        echo " ❌ $URL returned a status of $HTTP_STATUS. Exiting with code 1."
+        return 1
+    fi
+}
+
+checkLogSchema() {
+    set +e
+    local log
+    log=$(docker compose -f "$compose_file" logs service -n 1 --no-color --no-log-prefix 2>/dev/null)
+
+    # Check if jq validation was successful
+    if echo "$log" | jq empty > /dev/null; then
+      echo " ✔ Log entry is valid JSON."
+      set -e
+      return 0
+    else
+      echo " ❌ Log entry is not valid JSON."
+      set -e
+      return 1
+    fi
+}
+
+setup() {
+  set -e
+  # Generate Self Signed Certs
+  mkdir -p .github/template/ssl
+  openssl req -newkey rsa:2048 -new -x509 -days 365 -nodes -out .github/template/ssl/mongodb-cert.crt -keyout .github/template/ssl/mongodb-cert.key \
+  -subj "/C=UK/ST=STATE/L=CITY/O=ORG_NAME/OU=OU_NAME/CN=mongodb" \
+  -addext "subjectAltName = DNS:localhost, DNS:mongodb"
+  cat .github/template/ssl/mongodb-cert.key .github/template/ssl/mongodb-cert.crt > .github/template/ssl/mongodb.pem
+  mongodbTestCaPem="$(cat .github/template/ssl/mongodb.pem | base64)"
+  export MONGODB_TEST_CA_PEM=$mongodbTestCaPem
+
+  # Start mongodb + templated service
+  docker compose -f "$compose_file" up --wait --wait-timeout 60 -d --quiet-pull
+  sleep 3
+}
+
+# Stop docker on exist and cleanup tmp files
+cleanup() {
+    rv=$?
+    echo "cleaning up $rv"
+    rm -f .github/template/ssl/*
+    docker compose -f "$compose_file" down
+    exit $rv
+}
+trap cleanup EXIT
+
+run_tests() {
+  # Run the tests
+  echo "-- Running template tests ---"
+
+  # Check endpoints respond
+  checkUrl "http://localhost:8085/health"
+  checkUrl "http://localhost:8085/example"
+
+  # Check its using ECS
+  checkLogSchema
+}
+
+# Start Docker
+setup
+run_tests
+

.github/workflows/check-pull-request.yml

@@ -0,0 +1,35 @@
+name: Check Pull Request
+
+on:
+  pull_request:
+    branches:
+      - main
+    types:
+      - opened
+      - edited
+      - reopened
+      - synchronize
+      - ready_for_review
+
+jobs:
+  pr-validator:
+    name: Run Pull Request Checks
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+      - name: Test
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: |
+            8.0
+      - run: dotnet test
+    ## SonarCloud
+    ## Uncomment to unable SonarCloud scan
+    ## Requires project to be set up in SonarCloud
+    ## and the SonarCloud token to be set in the repository secrets
+#   sonarcloud-scan:
+#     name: CDP SonarCloud Scan
+#     uses: ./.github/workflows/sonarcloud.yml
+#     needs: pr-validator
+#     secrets: inherit

.github/workflows/publish-hotfix.yml

@@ -0,0 +1,37 @@
+name: Publish Hot Fix
+
+on:
+  workflow_dispatch:
+
+permissions:
+  id-token: write
+  contents: write
+  pull-requests: write
+
+env:
+  AWS_REGION: eu-west-2
+  AWS_ACCOUNT_ID: "094954420758"
+
+jobs:
+  build:
+    if: github.run_number != 1
+    name: CDP-build-hotfix-workflow
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # Depth 0 required for branch-based versioning
+      - name: Publish Hot Fix
+        uses: DEFRA/cdp-build-action/build-hotfix@main
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+    ## SonarCloud
+    ## Uncomment to unable SonarCloud scan
+    ## Requires project to be set up in SonarCloud
+    ## and the SonarCloud token to be set in the repository secrets
+#   sonarcloud-scan:
+#     name: CDP SonarCloud Scan
+#     uses: ./.github/workflows/sonarcloud.yml
+#     needs: build
+#     secrets: inherit