EUREKA-899: POC - Application-scoped sidecars bootstrap

[OleksiiKuzminov]

Purpose

In multi-version environments, multiple versions of the same application can be entitled to different tenants. The sidecar bootstraps egress (module → required-module) routing by module id only, so an egress call can resolve to the wrong provider version for a given tenant. This change makes egress routing tenant-aware so each tenant reaches the provider version from its own entitled applications.

US: EUREKA-899

Approach

Summary: Behind a new feature flag (routing.tenant-scoped.enabled, default off — behavior is unchanged when disabled), ingress is loaded once at startup from the new GET /modules/{id}/bootstrap, while egress becomes a per-tenant route table. Each enabled tenant's egress table is built from its entitled application ids (GET /entitlements → POST /modules/{id}/bootstrap {applicationIds}), driven by the existing tenant-entitlement flow, and selected per request by the X-Okapi-Tenant header. Scope is limited to folio-module-sidecar; the mgr-applications bootstrap endpoints it consumes already exist.

Implementation details:

• Added routing.tenant-scoped.enabled (SIDECAR_TENANT_SCOPED_ROUTING_ENABLED, default false) and coupled routing.forward-to-gateway.enabled to default true when tenant-scoped routing is on, so unresolved egress falls through to the gateway instead of 404.
• Added ApplicationManagerClient.getIngressBootstrap (GET /modules/{id}/bootstrap) and getEgressBootstrap (POST /modules/{id}/bootstrap with body {"applicationIds":[…]}), both parsed into the existing ModuleBootstrap DTO (no new response type).
• Added ApplicationManagerService.getIngressBootstrap() and getEgressBootstrap(List<String>) wrappers over the existing retry/token helper.
• Introduced a per-tenant egress route table in EgressRoutingLookup: when tenant-scoped, lookupRoute resolves routes by X-Okapi-Tenant; when off, the existing global table is used unchanged.
• Introduced EgressBootstrapService, which builds and refreshes each tenant's egress table from its entitled applications, reconciles tenants on the EntitlementsEvent, and drops revoked tenants; a build failure leaves the previously built table intact.
• Changed RoutingService to load ingress-only at startup and refresh all tenants' egress on required-module discovery when tenant-scoped; the flag-off init and discovery paths are unchanged.
• Changed TenantEntitlementConsumer to refresh a tenant's egress on a Kafka UPGRADE event when tenant-scoped (entitle/revoke are already covered by the reconcile).

Pre-Review Checklist

• Self-reviewed Code — Reviewed code for issues, unnecessary parts, and overall quality.
• Change Notes — NEWS.md updated with clear description and issue key.
• Testing — Confirmed changes were tested locally or on dev environment.
• Dependent module build verification — Ran manually when library changes impact downstream modules.

  Actions → Verify Dependent Modules → Run workflow → select branch → Run.

• Breaking Changes (if any) — Handled if changes affect integration with other services.
• New Properties / Environment Variables — Updated README.md if new configs were added.
• Environment Recreation Test (if needed) — Verified that environment can be recreated successfully.

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
97.1% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud