Getting started
This page shows how to add the OpenAPI Specification Publisher to a Spring Boot service so that its OpenAPI specification is uploaded to the jEAP Architecture Repository Service (archrepo) on startup. For the upload flow see How it works.
1. Add the dependency
Add the starter to the Maven module that contains your Spring Boot application:
<dependency>
<groupId>ch.admin.bit.jeap</groupId>
<artifactId>jeap-open-api-publisher-starter</artifactId>
</dependency>
The version is managed by the jEAP Spring Boot parent. The starter pulls in
springdoc-openapi-starter-webmvc-ui, so the service exposes an OpenAPI document that the publisher can
read. The publisher only activates when an OpenApiResource bean is present (i.e. springdoc is on the
classpath and enabled).
2. Enable publishing
Publishing is activated by setting the archrepo URL. Without it, the starter stays inert and does nothing at startup.
jeap:
archrepo:
url: https://internal-csp.applicationplatform-{env}.mycompany.ch/applicationplatform-archrepo-service
See the Configuration reference for all jeap.archrepo.* properties and their
defaults.
3. Configure authentication
The archrepo API is protected by OAuth2 (client-credentials grant). Configure an OAuth2 client
registration named archrepo-client (the default) under spring.security.oauth2.client.registration:
spring:
security:
oauth2:
client:
registration:
archrepo-client:
client-id: ${your-keycloak-system-name}-archrepo-client
client-secret: ${your-secret}
scope: openid
authorization-grant-type: client_credentials
provider: archrepo-client
provider:
archrepo-client:
token-uri: https://internal.keycloak.mycompany.ch/realms/bazg-applicationplatform/protocol/openid-connect/token
The OAuth2 client must be granted the archrepo write role. See Authentication for the required role and per-environment token endpoints.
4. Start the service
That is all. On the next start, once the application is ready, the publisher reads the OpenAPI
specification and uploads it to the archrepo in the background. A successful upload logs
Published OpenAPI specification successfully; failures are logged but do not affect the running
application.
When configuring many microservices, place the shared
spring.security.oauth2.*andjeap.archrepo.urlconfiguration in a common location (for example theconf/aws-jeap-base/app-config-common.ymlAWS AppConfig file) to avoid duplication.