diff --git a/.github/workflows/helm-test.yaml b/.github/workflows/helm-test.yaml index 18b85aecc..83c23ffab 100644 --- a/.github/workflows/helm-test.yaml +++ b/.github/workflows/helm-test.yaml @@ -122,10 +122,10 @@ jobs: - name: Run chart-testing (install) run: | - cp deployment/helm/local/storage/pv-data.yaml charts/digital-product-pass/templates/pv-data.yaml + cp deployment/local/storage/pv-data.yaml charts/digital-product-pass/templates/pv-data.yaml rm charts/digital-product-pass/templates/pvc-data.yaml - cp deployment/helm/local/storage/pvc-data.yaml charts/digital-product-pass/templates/pvc-data.yaml + cp deployment/local/storage/pvc-data.yaml charts/digital-product-pass/templates/pvc-data.yaml helm repo add bitnami https://charts.bitnami.com/bitnami helm repo add tractusx https://eclipse-tractusx.github.io/charts/dev ct install --charts charts/digital-product-pass --helm-extra-set-args "--set=frontend.image.tag=${{ env.TAG }} --set=frontend.image.repository=${{ env.REGISTRY }}/${{ env.FRONTEND_IMAGE}} --set=backend.image.tag=${{ env.TAG }} --set=backend.image.repository=${{ env.REGISTRY }}/${{ env.BACKEND_IMAGE}}" - if: steps.list-changed.outputs.changed == 'true' \ No newline at end of file + if: steps.list-changed.outputs.changed == 'true' diff --git a/CHANGELOG.md b/CHANGELOG.md index 96c5e8e9c..e970792e3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -25,6 +25,91 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [released] +## [v2.0.3] - 02-02-2024 +## Added +- Added Frameagreement conditions to the provider configuration +- Added Unit Tests for Managers and for Services +- Added changes from version `v1.0.0` to version `v2.0.0` for every component involved +- Added iconMapping for all components involved in DPP `v2.0.0` +- Added multi-language feature that supports currently `EN` and `DE` +- Added back button in the welcome page +- Added `timeToLive` attribute to discovery service model in the dpp-backed +- Added `readOnlyRootFilesystem` to the container security context in helm charts +- Added Serial Part aspect in the drill down components +- Added `notice.md` to include **Notice for docker images** section to be only part of DockerHub description + +## Updated +- Cleaned up necessary scripts +-Refactored the DPP and IRS postman collections +- Updated the deployment and testing directory structure and their references in relevant documentation +- Updated license header and deployment directory references in the following readme files: + - Admin guide + - Arc42 + - Getting-Started guide +- Updated test directory stricture in dpp-backend +- Updated the app url from [https://materialpass.int.demo.catena-x.net](https://materialpass.int.demo.catena-x.net) to [https://dpp.int.demo.catena-x.net](https://dpp.int.demo.catena-x.net) +- Updated the payloads of asset, policies, contract definition, digital twin and its aspects to align with the DPPTriangle document v1.1.0 +- Updated the following frontend content: + - Condition for "commercial.warranty" in General Cards + - Mocked passports + - Loading page translation + - Translation files + - Characteristics component + - Identification component + - Sustainability component + - Typology component +- Updated helm template to provide security context values from helm vaules file +- Updated kics workflow +- Updated user manual, deployment guide +- Updated year 2024 to the license headers +- Updated diagrams to an editable version in `.svg` in business statement readme +- Updated `README.md` and `UNIT_TESTS.md` for the dpp-backend +- Updated versions in docker workflows and setup-java action +- Refactor docker workflows +- Updated **Notice for docker images** section in a main `README.md` + + +## [released] +## [v2.0.2] - 02-02-2024 +## Added +- Added Frameagreement conditions to the provider configuration +- Added Unit Tests for Managers and for Services +- Added changes from version `v1.0.0` to version `v2.0.0` for every component involved +- Added iconMapping for all components involved in DPP `v2.0.0` +- Added multi-language feature that supports currently `EN` and `DE` +- Added back button in the welcome page +- Added `timeToLive` attribute to discovery service model in the dpp-backed +- Added `readOnlyRootFilesystem` to the container security context in helm charts + + +## Updated +- Cleaned up necessary scripts +-Refactored the DPP and IRS postman collections +- Updated the deployment and testing directory structure and their references in relevant documentation +- Updated license header and deployment directory references in the following readme files: + - Admin guide + - Arc42 + - Getting-Started guide +- Updated test directory stricture in dpp-backend +- Updated the app url from [https://materialpass.int.demo.catena-x.net](https://materialpass.int.demo.catena-x.net) to [https://dpp.int.demo.catena-x.net](https://dpp.int.demo.catena-x.net) +- Updated the payloads of asset, policies, contract definition, digital twin and its aspects to align with the DPPTriangle document `v1.1.0` +- Updated the following frontend content: + - Condition for "commercial.warranty" in General Cards + - Mocked passports + - Loading page translation + - Translation files + - Characteristics component + - Identification component + - Sustainability component + - Typology component +- Updated helm template to provide security context values from helm vaules file + + +## Deleted +- Filtered out unnecessary nnecessary/unused files + + ## [released] ## [v2.0.1] - 03-01-2024 ## Added diff --git a/README.md b/README.md index 92b029927..57fe72f57 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ In particular, the appliction is used to access the battery passport data provid ### Software Version #### Helm Chart Version -
2.0.1
+
2.1.0
#### Application Version
v2.1.0
diff --git a/deployment/README.md b/deployment/README.md index 3140ebf9d..d80956ce8 100644 --- a/deployment/README.md +++ b/deployment/README.md @@ -50,7 +50,7 @@ Fill out the following required fields. - **Project:** project-material-pass - **Source:** Git repository where the application artifacts are stored (https://github.com/eclipse-tractusx/digital-product-pass) - **Revision:** select branch or a tag -- **Path:** The path to the deployment (possible values: deployment/helm/edc-consumer, deployment/helm/edc-provider, charts/digital-product-pass) +- **Path:** The path to the deployment (possible values: deployment/infrastructure/edc-consumer, deployment/infrastructure/edc-provider, charts/digital-product-pass) - **Cluster URL:** https://kubernetes.default.svc - **Namespace:** product-material-pass - **Plugin:** argocd-vault-plugin-helm-args diff --git a/deployment/infrastructure/edc-consumer/README.md b/deployment/infrastructure/edc-consumer/README.md index cb9e3251c..0e376aa91 100644 --- a/deployment/infrastructure/edc-consumer/README.md +++ b/deployment/infrastructure/edc-consumer/README.md @@ -1,28 +1,6 @@ - - # tractusx-connector -![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.4.1](https://img.shields.io/badge/AppVersion-0.4.1-informational?style=flat-square) +![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.0](https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square) A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mock that can be used as edc consumer for the DPP applicatiton. @@ -37,15 +15,53 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | Repository | Name | Version | |------------|------|---------| | https://charts.bitnami.com/bitnami | postgresql(postgresql) | 12.1.6 | -| https://eclipse-tractusx.github.io/charts/dev | tractusx-connector | 0.4.1 | +| https://eclipse-tractusx.github.io/charts/dev | tractusx-connector | 0.5.0 | +| https://eclipse-tractusx.github.io/item-relationship-service | irs-helm | 6.11.0 | ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| +| irs-helm.bpdm.bpnEndpoint | string | `"{{- if .Values.bpdm.url }} {{- tpl (.Values.bpdm.url | default \"\") . }}/api/catena/legal-entities/{partnerId}?idType={idType} {{- end }}"` | | +| irs-helm.bpdm.url | string | `"https://partners-pool.dev.demo.catena-x.net"` | | +| irs-helm.bpn | string | `""` | | +| irs-helm.digitalTwinRegistry.discoveryFinderUrl | string | `"https://semantics.dev.demo.catena-x.net/discoveryfinder/api/v1.0/administration/connectors/discovery/search"` | | +| irs-helm.digitalTwinRegistry.type | string | `"decentral"` | | +| irs-helm.digitalTwinRegistry.url | string | `"https://materialpass.dev.demo.catena-x.net/semantics/registry/api/v3.0"` | | +| irs-helm.edc.catalog.acceptedPolicies[0].leftOperand | string | `"FrameworkAgreement.sustainability"` | | +| irs-helm.edc.catalog.acceptedPolicies[0].operator | string | `"eq"` | | +| irs-helm.edc.catalog.acceptedPolicies[0].rightOperand | string | `"active"` | | +| irs-helm.edc.catalog.acceptedPolicies[1].leftOperand | string | `"Membership"` | | +| irs-helm.edc.catalog.acceptedPolicies[1].operator | string | `"eq"` | | +| irs-helm.edc.catalog.acceptedPolicies[1].rightOperand | string | `"active"` | | +| irs-helm.edc.controlplane.apikey.secret | string | `""` | | +| irs-helm.edc.controlplane.endpoint.data | string | `"https://materialpass.dev.demo.catena-x.net/consumer/management"` | | +| irs-helm.enabled | bool | `true` | | +| irs-helm.ingress.annotations."nginx.ingress.kubernetes.io/backend-protocol" | string | `"HTTP"` | | +| irs-helm.ingress.annotations."nginx.ingress.kubernetes.io/force-ssl-redirect" | string | `"true"` | | +| irs-helm.ingress.annotations."nginx.ingress.kubernetes.io/ssl-passthrough" | string | `"false"` | | +| irs-helm.ingress.annotations.ingressClassName | string | `"nginx"` | | +| irs-helm.ingress.enabled | bool | `true` | | +| irs-helm.ingress.hosts[0].host | string | `"materialpass-irs.dev.demo.catena-x.net"` | | +| irs-helm.ingress.hosts[0].paths[0].path | string | `"/"` | | +| irs-helm.ingress.hosts[0].paths[0].pathType | string | `"Prefix"` | | +| irs-helm.ingress.tls[0].hosts[0] | string | `"materialpass-irs.dev.demo.catena-x.net"` | | +| irs-helm.ingress.tls[0].secretName | string | `"tls-secret"` | | +| irs-helm.irsUrl | string | `"https://materialpass-irs.dev.demo.catena-x.net"` | | +| irs-helm.minio.rootPassword | string | `""` | | +| irs-helm.minio.rootUser | string | `""` | | +| irs-helm.minio.serviceAccount.create | bool | `false` | | +| irs-helm.minioPassword | string | `""` | | +| irs-helm.minioUrl | string | `"http://{{ .Release.Name }}-minio:9000"` | | +| irs-helm.minioUser | string | `""` | | +| irs-helm.oauth2.clientId | string | `""` | | +| irs-helm.oauth2.clientSecret | string | `""` | | +| irs-helm.oauth2.clientTokenUri | string | `"https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token"` | | +| irs-helm.oauth2.jwkSetUri | string | `"https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs"` | | +| irs-helm.semanticshub.url | string | `"https://semantics.dev.demo.catena-x.net/hub/api/v1/models"` | | | postgresql.auth.database | string | `"edc"` | | -| postgresql.auth.password | string | `""` | | -| postgresql.auth.username | string | `""` | | +| postgresql.auth.password | string | `""` | | +| postgresql.auth.username | string | `""` | | | postgresql.fullnameOverride | string | `"postgresql"` | | | postgresql.jdbcUrl | string | `"jdbc:postgresql://postgresql:5432/edc"` | | | postgresql.primary.persistence.enabled | bool | `true` | | @@ -89,7 +105,7 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.controlplane.envValueFrom | object | `{}` | | | tractusx-connector.controlplane.image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | | tractusx-connector.controlplane.image.repository | string | `"tractusx/edc-controlplane-postgresql-hashicorp-vault"` | Which derivate of the control plane to use. when left empty the deployment will select the correct image automatically | -| tractusx-connector.controlplane.image.tag | string | `"0.4.1"` | Overrides the image tag whose default is the chart appVersion | +| tractusx-connector.controlplane.image.tag | string | `"0.5.0"` | Overrides the image tag whose default is the chart appVersion | | tractusx-connector.controlplane.ingresses[0].annotations | object | `{}` | Additional ingress annotations to add | | tractusx-connector.controlplane.ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | | tractusx-connector.controlplane.ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | @@ -149,20 +165,17 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.controlplane.securityContext.runAsUser | int | `10001` | The container's process will run with the specified uid | | tractusx-connector.controlplane.service.annotations | object | `{}` | | | tractusx-connector.controlplane.service.type | string | `"ClusterIP"` | [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. | +| tractusx-connector.controlplane.ssi.endpoint.audience | string | `"https://materialpass.dev.demo.catena-x.net/consumer"` | | +| tractusx-connector.controlplane.ssi.miw.authorityId | string | `""` | | +| tractusx-connector.controlplane.ssi.miw.url | string | `""` | | +| tractusx-connector.controlplane.ssi.oauth.client.id | string | `""` | | +| tractusx-connector.controlplane.ssi.oauth.client.secretAlias | string | `"dev-client-secret"` | | +| tractusx-connector.controlplane.ssi.oauth.tokenurl | string | `"https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token"` | | | tractusx-connector.controlplane.tolerations | list | `[]` | | | tractusx-connector.controlplane.url.ids | string | `""` | Explicitly declared url for reaching the ids api (e.g. if ingresses not used) | | tractusx-connector.controlplane.volumeMounts | list | `[]` | declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container | | tractusx-connector.controlplane.volumes | list | `[]` | [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories | | tractusx-connector.customLabels | object | `{}` | | -| tractusx-connector.daps.clientId | string | `""` | | -| tractusx-connector.daps.connectors[0].attributes.referringConnector | string | `"https://materialpass.dev.demo.catena-x.net/consumer/"` | | -| tractusx-connector.daps.connectors[0].certificate | string | `""` | | -| tractusx-connector.daps.connectors[0].id | string | `""` | | -| tractusx-connector.daps.connectors[0].name | string | `"edcconector"` | | -| tractusx-connector.daps.fullnameOverride | string | `"daps"` | | -| tractusx-connector.daps.paths.jwks | string | `"/.well-known/jwks.json"` | | -| tractusx-connector.daps.paths.token | string | `"/token"` | | -| tractusx-connector.daps.url | string | `"https://daps1.int.demo.catena-x.net"` | | | tractusx-connector.dataplane.affinity | object | `{}` | | | tractusx-connector.dataplane.autoscaling.enabled | bool | `false` | Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | | tractusx-connector.dataplane.autoscaling.maxReplicas | int | `100` | Maximum replicas if resource consumption exceeds resource threshholds | @@ -195,7 +208,7 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.dataplane.envValueFrom | object | `{}` | | | tractusx-connector.dataplane.image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | | tractusx-connector.dataplane.image.repository | string | `"tractusx/edc-dataplane-hashicorp-vault"` | Which derivate of the data plane to use. when left empty the deployment will select the correct image automatically | -| tractusx-connector.dataplane.image.tag | string | `"0.4.1"` | Overrides the image tag whose default is the chart appVersion | +| tractusx-connector.dataplane.image.tag | string | `"0.5.0"` | Overrides the image tag whose default is the chart appVersion | | tractusx-connector.dataplane.ingresses[0].annotations | object | `{}` | Additional ingress annotations to add | | tractusx-connector.dataplane.ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | | tractusx-connector.dataplane.ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | @@ -245,12 +258,16 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.dataplane.volumes | list | `[]` | [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories | | tractusx-connector.enabled | bool | `true` | | | tractusx-connector.fullnameOverride | string | `"dpp-edc-consumer"` | | -| tractusx-connector.idsdaps.connectors[0].certificate | string | `""` | | | tractusx-connector.imagePullSecrets | list | `[]` | Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) | | tractusx-connector.install.daps | bool | `false` | | | tractusx-connector.install.postgresql | bool | `false` | | | tractusx-connector.install.vault | bool | `false` | | | tractusx-connector.nameOverride | string | `""` | | +| tractusx-connector.networkPolicy.controlplane | object | `{"from":[{"namespaceSelector":{}}]}` | Configuration of the controlplane component | +| tractusx-connector.networkPolicy.controlplane.from | list | `[{"namespaceSelector":{}}]` | Specify from rule network policy for cp (defaults to all namespaces) | +| tractusx-connector.networkPolicy.dataplane | object | `{"from":[{"namespaceSelector":{}}]}` | Configuration of the dataplane component | +| tractusx-connector.networkPolicy.dataplane.from | list | `[{"namespaceSelector":{}}]` | Specify from rule network policy for dp (defaults to all namespaces) | +| tractusx-connector.networkPolicy.enabled | bool | `false` | If `true` network policy will be created to restrict access to control- and dataplane | | tractusx-connector.participant.id | string | `""` | | | tractusx-connector.postgresql.auth.database | string | `"edc"` | | | tractusx-connector.postgresql.auth.password | string | `""` | | @@ -263,6 +280,8 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.serviceAccount.create | bool | `true` | | | tractusx-connector.serviceAccount.imagePullSecrets | list | `[]` | Existing image pull secret bound to the service account to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) | | tractusx-connector.serviceAccount.name | string | `""` | | +| tractusx-connector.tests | object | `{"hookDeletePolicy":"before-hook-creation,hook-succeeded"}` | Configurations for Helm tests | +| tractusx-connector.tests.hookDeletePolicy | string | `"before-hook-creation,hook-succeeded"` | Configure the hook-delete-policy for Helm tests | | tractusx-connector.vault.fullnameOverride | string | `"vault"` | | | tractusx-connector.vault.hashicorp.healthCheck.enabled | bool | `true` | | | tractusx-connector.vault.hashicorp.healthCheck.standbyOk | bool | `true` | | @@ -272,8 +291,6 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.vault.hashicorp.token | string | `""` | | | tractusx-connector.vault.hashicorp.url | string | `""` | | | tractusx-connector.vault.injector.enabled | bool | `false` | | -| tractusx-connector.vault.secretNames.dapsPrivateKey | string | `"daps-key-dev"` | | -| tractusx-connector.vault.secretNames.dapsPublicKey | string | `"daps-crt-dev"` | | | tractusx-connector.vault.secretNames.transferProxyTokenEncryptionAesKey | string | `"edc-encryption-key"` | | | tractusx-connector.vault.secretNames.transferProxyTokenSignerPrivateKey | string | `"daps-key-dev"` | | | tractusx-connector.vault.secretNames.transferProxyTokenSignerPublicKey | string | `"daps-crt-dev"` | | diff --git a/deployment/infrastructure/edc-provider/README.md b/deployment/infrastructure/edc-provider/README.md index c4874cf46..e57db6b02 100644 --- a/deployment/infrastructure/edc-provider/README.md +++ b/deployment/infrastructure/edc-provider/README.md @@ -1,28 +1,6 @@ - - # tractusx-connector -![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.4.1](https://img.shields.io/badge/AppVersion-0.4.1-informational?style=flat-square) +![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.0](https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square) A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mock that can be used as edc provider for the DPP applicatiton. @@ -37,7 +15,7 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | Repository | Name | Version | |------------|------|---------| | https://charts.bitnami.com/bitnami | postgresql(postgresql) | 12.1.6 | -| https://eclipse-tractusx.github.io/charts/dev | tractusx-connector | 0.4.1 | +| https://eclipse-tractusx.github.io/charts/dev | tractusx-connector | 0.5.0 | ## Values @@ -89,7 +67,7 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.controlplane.envValueFrom | object | `{}` | | | tractusx-connector.controlplane.image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | | tractusx-connector.controlplane.image.repository | string | `"tractusx/edc-controlplane-postgresql-hashicorp-vault"` | Which derivate of the control plane to use. when left empty the deployment will select the correct image automatically | -| tractusx-connector.controlplane.image.tag | string | `"0.4.1"` | Overrides the image tag whose default is the chart appVersion | +| tractusx-connector.controlplane.image.tag | string | `"0.5.0"` | Overrides the image tag whose default is the chart appVersion | | tractusx-connector.controlplane.ingresses[0].annotations | object | `{}` | Additional ingress annotations to add | | tractusx-connector.controlplane.ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | | tractusx-connector.controlplane.ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | @@ -149,20 +127,17 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.controlplane.securityContext.runAsUser | int | `10001` | The container's process will run with the specified uid | | tractusx-connector.controlplane.service.annotations | object | `{}` | | | tractusx-connector.controlplane.service.type | string | `"ClusterIP"` | [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. | +| tractusx-connector.controlplane.ssi.endpoint.audience | string | `"https://materialpass.dev.demo.catena-x.net/consumer"` | | +| tractusx-connector.controlplane.ssi.miw.authorityId | string | `""` | | +| tractusx-connector.controlplane.ssi.miw.url | string | `""` | | +| tractusx-connector.controlplane.ssi.oauth.client.id | string | `""` | | +| tractusx-connector.controlplane.ssi.oauth.client.secretAlias | string | `"dev-client-secret"` | | +| tractusx-connector.controlplane.ssi.oauth.tokenurl | string | `"https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token"` | | | tractusx-connector.controlplane.tolerations | list | `[]` | | | tractusx-connector.controlplane.url.ids | string | `""` | Explicitly declared url for reaching the ids api (e.g. if ingresses not used) | | tractusx-connector.controlplane.volumeMounts | list | `[]` | declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container | | tractusx-connector.controlplane.volumes | list | `[]` | [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories | | tractusx-connector.customLabels | object | `{}` | | -| tractusx-connector.daps.clientId | string | `""` | | -| tractusx-connector.daps.connectors[0].attributes.referringConnector | string | `"https://materialpass.dev.demo.catena-x.net/consumer/"` | | -| tractusx-connector.daps.connectors[0].certificate | string | `""` | | -| tractusx-connector.daps.connectors[0].id | string | `""` | | -| tractusx-connector.daps.connectors[0].name | string | `"edcconector"` | | -| tractusx-connector.daps.fullnameOverride | string | `"daps"` | | -| tractusx-connector.daps.paths.jwks | string | `"/.well-known/jwks.json"` | | -| tractusx-connector.daps.paths.token | string | `"/token"` | | -| tractusx-connector.daps.url | string | `"https://daps1.int.demo.catena-x.net"` | | | tractusx-connector.dataplane.affinity | object | `{}` | | | tractusx-connector.dataplane.autoscaling.enabled | bool | `false` | Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | | tractusx-connector.dataplane.autoscaling.maxReplicas | int | `100` | Maximum replicas if resource consumption exceeds resource threshholds | @@ -195,7 +170,7 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.dataplane.envValueFrom | object | `{}` | | | tractusx-connector.dataplane.image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | | tractusx-connector.dataplane.image.repository | string | `"tractusx/edc-dataplane-hashicorp-vault"` | Which derivate of the data plane to use. when left empty the deployment will select the correct image automatically | -| tractusx-connector.dataplane.image.tag | string | `"0.4.1"` | Overrides the image tag whose default is the chart appVersion | +| tractusx-connector.dataplane.image.tag | string | `"0.5.0"` | Overrides the image tag whose default is the chart appVersion | | tractusx-connector.dataplane.ingresses[0].annotations | object | `{}` | Additional ingress annotations to add | | tractusx-connector.dataplane.ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | | tractusx-connector.dataplane.ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | @@ -245,7 +220,6 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.dataplane.volumes | list | `[]` | [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories | | tractusx-connector.enabled | bool | `true` | | | tractusx-connector.fullnameOverride | string | `"dpp-edc-provider"` | | -| tractusx-connector.idsdaps.connectors[0].certificate | string | `""` | | | tractusx-connector.imagePullSecrets | list | `[]` | | | tractusx-connector.install.daps | bool | `false` | | | tractusx-connector.install.postgresql | bool | `false` | | @@ -272,8 +246,6 @@ A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mo | tractusx-connector.vault.hashicorp.token | string | `""` | | | tractusx-connector.vault.hashicorp.url | string | `""` | | | tractusx-connector.vault.injector.enabled | bool | `false` | | -| tractusx-connector.vault.secretNames.dapsPrivateKey | string | `"daps-key-dev"` | | -| tractusx-connector.vault.secretNames.dapsPublicKey | string | `"daps-crt-dev"` | | | tractusx-connector.vault.secretNames.transferProxyTokenEncryptionAesKey | string | `"edc-encryption-key"` | | | tractusx-connector.vault.secretNames.transferProxyTokenSignerPrivateKey | string | `"daps-key-dev"` | | | tractusx-connector.vault.secretNames.transferProxyTokenSignerPublicKey | string | `"daps-crt-dev"` | | diff --git a/deployment/infrastructure/edc-provider/data-service/README.md b/deployment/infrastructure/edc-provider/data-service/README.md index 608495219..62bf08db2 100644 --- a/deployment/infrastructure/edc-provider/data-service/README.md +++ b/deployment/infrastructure/edc-provider/data-service/README.md @@ -1,25 +1,3 @@ - - # data-service ![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) @@ -30,8 +8,10 @@ The Eclipse Dataspace Connector requires the Backend Application to transfer dat | Key | Type | Default | Description | |-----|------|---------|-------------| +| affinity | object | `{}` | | | container.port | int | `80` | | | fullnameOverride | string | `"data-service"` | Overrides the releases full name | +| image.command | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | | image.repository | string | `"ghcr.io/catenax-ng/catenax-at-home/provider-backend-service"` | Which container image to use | | image.tag | string | `"0.0.1"` | Overrides the image tag whose default is the chart appVersion | @@ -47,10 +27,25 @@ The Eclipse Dataspace Connector requires the Backend Application to transfer dat | ingress.hosts[0].paths[0].pathType | string | `"Prefix"` | | | ingress.tls[0].hosts[0] | string | `"materialpass.int.demo.catena-x.net"` | | | ingress.tls[0].secretName | string | `"tls-secret"` | | +| livenessProbe | object | `{}` | | | nameOverride | string | `""` | Overrides the charts name | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | additional annotations for the pod | +| podSecurityContext.fsGroup | int | `10001` | The owner for volumes and any files created within volumes will belong to this guid | +| podSecurityContext.runAsGroup | int | `10001` | Processes within a pod will belong to this guid | +| podSecurityContext.runAsUser | int | `10001` | Runs all processes within a pod with a special uid | +| podSecurityContext.seccompProfile.type | string | `"RuntimeDefault"` | Restrict a Container's Syscalls with seccomp | +| readinessProbe | object | `{}` | | | replicaCount | int | `1` | | +| securityContext.allowPrivilegeEscalation | bool | `false` | Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID | +| securityContext.capabilities.add | list | `[]` | Specifies which capabilities to add to issue specialized syscalls | +| securityContext.capabilities.drop | list | `["ALL"]` | Specifies which capabilities to drop to reduce syscall attack surface | +| securityContext.readOnlyRootFilesystem | bool | `true` | Whether the root filesystem is mounted in read-only mode | +| securityContext.runAsNonRoot | bool | `true` | Requires the container to run without root privileges | +| securityContext.runAsUser | int | `10001` | The container's process will run with the specified uid | | service.port | int | `8080` | [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service) to expose the running application on a set of Pods as a network service. | | service.type | string | `"ClusterIP"` | [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. | +| tolerations | list | `[]` | | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/deployment/infrastructure/registry/README.md b/deployment/infrastructure/registry/README.md new file mode 100644 index 000000000..bce427388 --- /dev/null +++ b/deployment/infrastructure/registry/README.md @@ -0,0 +1,44 @@ +# registry + +![Version: 0.3.23](https://img.shields.io/badge/Version-0.3.23-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Tractus-X Digital Twin Registry Helm Chart + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://eclipse-tractusx.github.io/sldt-digital-twin-registry | provider-dtr(registry) | 0.3.23 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| provider-dtr.postgresql.auth.database | string | `"default-database"` | | +| provider-dtr.postgresql.auth.password | string | `""` | | +| provider-dtr.postgresql.auth.username | string | `""` | | +| provider-dtr.registry.authentication | bool | `false` | | +| provider-dtr.registry.dataSource.driverClassName | string | `"org.postgresql.Driver"` | | +| provider-dtr.registry.dataSource.password | string | `""` | | +| provider-dtr.registry.dataSource.sqlInitPlatform | string | `"pg"` | | +| provider-dtr.registry.dataSource.url | string | `"jdbc:postgresql://registry:5432"` | | +| provider-dtr.registry.dataSource.user | string | `""` | | +| provider-dtr.registry.enableKeycloak | bool | `false` | | +| provider-dtr.registry.enablePostgres | bool | `true` | | +| provider-dtr.registry.host | string | `"materialpass.int.demo.catena-x.net"` | | +| provider-dtr.registry.idpClientId | string | `"Cl13-CX-Battery"` | | +| provider-dtr.registry.idpIssuerUri | string | `"https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central"` | | +| provider-dtr.registry.ingress.annotations."cert-manager.io/cluster-issuer" | string | `"selfsigned-cluster-issuer"` | | +| provider-dtr.registry.ingress.annotations."nginx.ingress.kubernetes.io/cors-allow-credentials" | string | `"true"` | | +| provider-dtr.registry.ingress.annotations."nginx.ingress.kubernetes.io/enable-cors" | string | `"true"` | | +| provider-dtr.registry.ingress.annotations."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/$2"` | | +| provider-dtr.registry.ingress.annotations."nginx.ingress.kubernetes.io/use-regex" | string | `"true"` | | +| provider-dtr.registry.ingress.annotations."nginx.ingress.kubernetes.io/x-forwarded-prefix" | string | `"/semantics/registry"` | | +| provider-dtr.registry.ingress.className | string | `"nginx"` | | +| provider-dtr.registry.ingress.enabled | bool | `true` | | +| provider-dtr.registry.ingress.tls | bool | `true` | | +| provider-dtr.registry.ingress.urlPrefix | string | `"/semantics/registry"` | | +| provider-dtr.registry.tenantId | string | `"default-tenant"` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/deployment/local/storage/pv-data.yaml b/deployment/local/storage/pv-data.yaml new file mode 100644 index 000000000..f1194a47f --- /dev/null +++ b/deployment/local/storage/pv-data.yaml @@ -0,0 +1,39 @@ +################################################################################# +# Catena-X - Digital Product Passport Application +# +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA +# Copyright (c) 2023, 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv-data + namespace: default +spec: + capacity: + storage: 5Gi + accessModes: + - ReadWriteOnce + storageClassName: standard + claimRef: + name: pvc-data + namespace: default + hostPath: + path: "/mnt" diff --git a/deployment/local/storage/pvc-data.yaml b/deployment/local/storage/pvc-data.yaml new file mode 100644 index 000000000..32cd20643 --- /dev/null +++ b/deployment/local/storage/pvc-data.yaml @@ -0,0 +1,36 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application +# +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: pvc-data + labels: + {{- include "chart.labels" . | nindent 4 }} + namespace: {{ .Values.namespace }} +spec: + storageClassName: standard + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi diff --git a/docs/RELEASE.md b/docs/RELEASE.md index c961b1a62..63271850f 100644 --- a/docs/RELEASE.md +++ b/docs/RELEASE.md @@ -37,7 +37,7 @@ The changelog must also be updated from [CHANGELOG.md](../CHANGELOG.md) file, sh Helm chart released: - [digital-product-pass](../charts/digital-product-pass/Chart.yaml) -Aditional Helm charts of below components can be found in *deployment/helm* folder. +Aditional Helm charts of below components can be found in *deployment/infrastructure* folder. - [edc-consumer](../deployment/infrastructure/edc-consumer/Chart.yaml) - [edc-provider](../deployment/infrastructure/edc-provider/Chart.yaml) diff --git a/docs/RELEASE_USER.md b/docs/RELEASE_USER.md index fdefcc0b7..e2c5d0f19 100644 --- a/docs/RELEASE_USER.md +++ b/docs/RELEASE_USER.md @@ -1,5 +1,5 @@