From a3d6fdb52a8363deadcc39602da965e1dc9eb135 Mon Sep 17 00:00:00 2001 From: Michele Adduci Date: Tue, 20 Jan 2026 07:59:11 +0100 Subject: [PATCH 1/2] Updated Libraries, fixed Docker Compose (#908) * Updated SpringBoot, HAPI FHIR, Docker * Fixed docker compose * Fixed Chart README * Replaced Tomcat image * Replaced Tomcat image * Fixing Tomcat image * Corrected Helm Chart value --- .github/workflows/build-images.yaml | 2 +- .github/workflows/chart-test.yaml | 6 +- Dockerfile | 32 ++++---- charts/hapi-fhir-jpaserver/Chart.yaml | 4 +- charts/hapi-fhir-jpaserver/README.md | 4 +- charts/hapi-fhir-jpaserver/values.yaml | 2 +- docker-build.bat | 2 +- docker-compose.yml | 16 +++- pom.xml | 101 ++++++++----------------- 9 files changed, 68 insertions(+), 101 deletions(-) diff --git a/.github/workflows/build-images.yaml b/.github/workflows/build-images.yaml index 542bd64..2c8b422 100644 --- a/.github/workflows/build-images.yaml +++ b/.github/workflows/build-images.yaml @@ -17,7 +17,7 @@ env: jobs: build: name: Build - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - name: Container meta for default (distroless) image id: docker_meta diff --git a/.github/workflows/chart-test.yaml b/.github/workflows/chart-test.yaml index ef83c32..f1316a3 100644 --- a/.github/workflows/chart-test.yaml +++ b/.github/workflows/chart-test.yaml @@ -9,7 +9,7 @@ on: jobs: lint: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 container: quay.io/helmpack/chart-testing:v3.11.0@sha256:f2fd21d30b64411105c7eafb1862783236a219d29f2292219a09fe94ca78ad2a steps: - name: Install helm-docs @@ -38,10 +38,10 @@ jobs: run: ct lint --config .github/ct/config.yaml test: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 strategy: matrix: - k8s-version: [1.30.8, 1.31.4, 1.32.0] + k8s-version: [1.32.0, 1.33.0, 1.34.0, 1.35.0] needs: - lint steps: diff --git a/Dockerfile b/Dockerfile index 542354d..a8bbd9a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ -FROM docker.io/library/maven:3.9.9-eclipse-temurin-17 AS build-hapi +FROM docker.io/library/maven:3.9.12-eclipse-temurin-17 AS build-hapi WORKDIR /tmp/hapi-fhir-jpaserver-starter -ARG OPENTELEMETRY_JAVA_AGENT_VERSION=2.13.1 +ARG OPENTELEMETRY_JAVA_AGENT_VERSION=2.24.0 RUN curl -LSsO https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/download/v${OPENTELEMETRY_JAVA_AGENT_VERSION}/opentelemetry-javaagent.jar COPY pom.xml . @@ -16,28 +16,26 @@ RUN mvn package -DskipTests spring-boot:repackage -Pboot RUN mkdir /app && cp /tmp/hapi-fhir-jpaserver-starter/target/ROOT.war /app/main.war -########### bitnami tomcat version is suitable for debugging and comes with a shell +########### Use the official Tomcat image as base image for the Tomcat variant ########### it can be built using eg. `docker build --target tomcat .` -FROM docker.io/bitnamilegacy/tomcat:10.1.43-debian-12-r0 AS tomcat +FROM docker.io/library/tomcat:10-jre21-temurin-noble AS tomcat USER root -RUN rm -rf /opt/bitnami/tomcat/webapps/ROOT && \ - mkdir -p /opt/bitnami/hapi/data/hapi/lucenefiles && \ - chown -R 1001:1001 /opt/bitnami/hapi/data/hapi/lucenefiles && \ - chmod 775 /opt/bitnami/hapi/data/hapi/lucenefiles +RUN rm -rf /usr/local/tomcat/webapps/ROOT && \ + mkdir -p /usr/local/tomcat/data/hapi/lucenefiles && \ + chown -R 65532:65532 /usr/local/tomcat/data/hapi/lucenefiles && \ + chmod 775 /usr/local/tomcat/data/hapi/lucenefiles -RUN mkdir -p /target && chown -R 1001:1001 target -USER 1001 +RUN mkdir -p /target && chown -R 65532:65532 /target +USER 65532 -COPY --chown=1001:1001 catalina.properties /opt/bitnami/tomcat/conf/catalina.properties -COPY --chown=1001:1001 server.xml /opt/bitnami/tomcat/conf/server.xml -COPY --from=build-hapi --chown=1001:1001 /tmp/hapi-fhir-jpaserver-starter/target/ROOT.war /opt/bitnami/tomcat/webapps/ROOT.war -COPY --from=build-hapi --chown=1001:1001 /tmp/hapi-fhir-jpaserver-starter/opentelemetry-javaagent.jar /app - -ENV ALLOW_EMPTY_PASSWORD=yes +COPY --chown=65532:65532 catalina.properties /usr/local/tomcat/conf/catalina.properties +COPY --chown=65532:65532 server.xml /usr/local/tomcat/conf/server.xml +COPY --from=build-hapi --chown=65532:65532 /tmp/hapi-fhir-jpaserver-starter/target/ROOT.war /usr/local/tomcat/webapps/ROOT.war +COPY --from=build-hapi --chown=65532:65532 /tmp/hapi-fhir-jpaserver-starter/opentelemetry-javaagent.jar /app ########### distroless brings focus on security and runs on plain spring boot - this is the default image -FROM gcr.io/distroless/java17-debian12:nonroot AS default +FROM gcr.io/distroless/java21-debian13:nonroot AS default # 65532 is the nonroot user's uid # used here instead of the name to allow Kubernetes to easily detect that the container # is running as a non-root (uid != 0) user. diff --git a/charts/hapi-fhir-jpaserver/Chart.yaml b/charts/hapi-fhir-jpaserver/Chart.yaml index e324b40..c62394e 100644 --- a/charts/hapi-fhir-jpaserver/Chart.yaml +++ b/charts/hapi-fhir-jpaserver/Chart.yaml @@ -13,8 +13,8 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.31.3 -appVersion: 8.2.0 -version: 0.21.0 +appVersion: 8.6.0 +version: 0.22.0 annotations: artifacthub.io/license: Apache-2.0 artifacthub.io/containsSecurityUpdates: "false" diff --git a/charts/hapi-fhir-jpaserver/README.md b/charts/hapi-fhir-jpaserver/README.md index 1f2d42a..e7c7e14 100644 --- a/charts/hapi-fhir-jpaserver/README.md +++ b/charts/hapi-fhir-jpaserver/README.md @@ -1,6 +1,6 @@ # HAPI FHIR JPA Server Starter Helm Chart -![Version: 0.21.0](https://img.shields.io/badge/Version-0.21.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 8.2.0](https://img.shields.io/badge/AppVersion-8.2.0-informational?style=flat-square) +![Version: 0.22.0](https://img.shields.io/badge/Version-0.22.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 8.6.0](https://img.shields.io/badge/AppVersion-8.6.0-informational?style=flat-square) This helm chart will help you install the HAPI FHIR JPA Server in a Kubernetes environment. @@ -39,7 +39,7 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver | image.pullPolicy | string | `"IfNotPresent"` | image pullPolicy to use | | image.registry | string | `"docker.io"` | registry where the HAPI FHIR server image is hosted | | image.repository | string | `"hapiproject/hapi"` | the path inside the repository | -| image.tag | string | `"v8.2.0-1@sha256:e85ded02f60e25a66e6d9423ea71f3ebc9494e3a69bdd7d7dbfa31b8aa5b2fe9"` | the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. | +| image.tag | string | `"v8.6.0-1@sha256:7611e4d6601f35dd8c223ed2ed47a2807be06976f71b2e5990e6541bbc90c16f"` | the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. | | imagePullSecrets | list | `[]` | image pull secrets to use when pulling the image | | ingress.annotations | object | `{}` | provide any additional annotations which may be required. Evaluated as a template. | | ingress.enabled | bool | `false` | whether to create an Ingress to expose the FHIR server HTTP endpoint | diff --git a/charts/hapi-fhir-jpaserver/values.yaml b/charts/hapi-fhir-jpaserver/values.yaml index a189bca..19f0e26 100644 --- a/charts/hapi-fhir-jpaserver/values.yaml +++ b/charts/hapi-fhir-jpaserver/values.yaml @@ -7,7 +7,7 @@ image: # -- the path inside the repository repository: hapiproject/hapi # -- the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. - tag: "v8.2.0-1@sha256:e85ded02f60e25a66e6d9423ea71f3ebc9494e3a69bdd7d7dbfa31b8aa5b2fe9" + tag: "v8.6.0-1@sha256:7611e4d6601f35dd8c223ed2ed47a2807be06976f71b2e5990e6541bbc90c16f" # -- image pullPolicy to use pullPolicy: IfNotPresent diff --git a/docker-build.bat b/docker-build.bat index fab0cec..294ba80 100644 --- a/docker-build.bat +++ b/docker-build.bat @@ -1 +1 @@ -docker build --tag hapiproject/hapi:latest --tag hapiproject/hapi:4.1 -m 4g . \ No newline at end of file +docker build --tag hapiproject/hapi:latest --tag hapiproject/hapi:8.6.1 -m 4g . \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 9c970b4..543ef4b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,4 +1,3 @@ -version: "3" services: hapi-fhir-jpaserver-start: build: . @@ -8,18 +7,29 @@ services: SPRING_DATASOURCE_URL: "jdbc:postgresql://hapi-fhir-postgres:5432/hapi" SPRING_DATASOURCE_USERNAME: "admin" SPRING_DATASOURCE_PASSWORD: "admin" - SPRING_DATASOURCE_DRIVERCLASSNAME: "org.postgresql.Driver" + SPRING_DATASOURCE_DRIVER_CLASS_NAME: "org.postgresql.Driver" + SPRING_JPA_PROPERTIES_HIBERNATE_DIALECT: ca.uhn.fhir.jpa.model.dialect.HapiFhirPostgresDialect ports: - "8080:8080" + depends_on: + hapi-fhir-postgres: + condition: service_healthy hapi-fhir-postgres: - image: postgres:15-alpine + image: postgres:16-alpine container_name: hapi-fhir-postgres restart: always environment: POSTGRES_DB: "hapi" POSTGRES_USER: "admin" POSTGRES_PASSWORD: "admin" + healthcheck: + test: ["CMD-SHELL", "sh -c 'pg_isready -U admin -d hapi' || exit 1"] + interval: 10s + timeout: 5s + start_period: 5s + retries: 5 volumes: - hapi-fhir-postgres:/var/lib/postgresql/data + volumes: hapi-fhir-postgres: diff --git a/pom.xml b/pom.xml index e3af415..e4f1cf7 100644 --- a/pom.xml +++ b/pom.xml @@ -7,6 +7,20 @@ 17 1 4.0.0 + + + 3.5.4 + ${maven.failsafe.version} + 3.9.0 + 3.14.1 + + + 1.1.2 + 4.3.0 + 1.16.2 + 1.3.5 + 3.5.9 + 42.7.9 @@ -20,7 +34,7 @@ ca.uhn.hapi.fhir hapi-fhir - 8.6.0 + 8.6.1 hapi-fhir-jpaserver-starter @@ -73,6 +87,7 @@ org.postgresql postgresql + ${postgresql.version} com.microsoft.sqlserver @@ -222,7 +237,7 @@ commons-logging commons-logging - 1.2 + ${commons.logging.version} provided @@ -344,7 +359,7 @@ org.awaitility awaitility - 4.2.0 + ${awaitility.version} test @@ -364,41 +379,41 @@ io.micrometer micrometer-core - 1.13.3 + ${micrometer.version} io.micrometer micrometer-registry-prometheus - 1.13.3 + ${micrometer.version} io.micrometer micrometer-registry-prometheus-simpleclient - 1.13.3 + ${micrometer.version} com.zaxxer HikariCP - 5.0.1 + 5.1.0 org.springframework.ai spring-ai-mcp - 1.1.0-M2 + ${spring.ai.version} org.springframework.ai spring-ai-starter-mcp-server - 1.1.0-M2 + ${spring.ai.version} @@ -433,12 +448,12 @@ org.apache.maven.plugins maven-dependency-plugin - 3.6.0 + ${maven.dependency.version} org.apache.maven.plugins - maven-surefire-plugin - 3.4.0 + maven-fire-plugin + ${maven.fire.version} @@ -474,7 +489,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.13.0 + ${maven.compiler.version} ${java.version} @@ -505,7 +520,7 @@ org.apache.maven.plugins maven-failsafe-plugin - 3.4.0 + ${maven.failsafe.version} true @@ -677,62 +692,6 @@ - - ossrh-repo - - false - - deployToSonatype - - - - - ossrh - https://oss.sonatype.org/content/repositories/snapshots - - - ossrh - https://oss.sonatype.org/service/local/staging/deploy/maven2/ - - - - - - org.sonatype.plugins - nexus-staging-maven-plugin - 1.6.13 - true - - ossrh - https://oss.sonatype.org/ - true - - - - org.apache.maven.plugins - maven-gpg-plugin - 1.6 - - - sign-artifacts - verify - - sign - - - ${gpg.keyname} - ${gpg.keyname} - - --pinentry-mode - loopback - - - - - - - - @@ -742,7 +701,7 @@ com.google.cloud.sql postgres-socket-factory - 1.17.0 + 1.28.0 From bf7f6a3b6a31286623fca8ed3f098fde2a975e97 Mon Sep 17 00:00:00 2001 From: Simon Ringuette Date: Tue, 20 Jan 2026 02:12:19 -0500 Subject: [PATCH 2/2] Restore the testers in the default configuration (fixes #896) (#907) --- src/main/resources/application.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index 0b96494..73e6240 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -434,3 +434,13 @@ hapi: # R. LastN (analytics) # ------------------------------------------------------------------------------- # lastn_enabled: true + + # ------------------------------------------------------------------------------- + # S. Testers (webui) + # ------------------------------------------------------------------------------- + tester: + home: + name: Local Tester + server_address: 'http://localhost:8080/fhir' + refuse_to_fetch_third_party_urls: false + fhir_version: R4 \ No newline at end of file