From 602181328ece12131223bb1fb08f3d8354478f76 Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Sat, 5 Oct 2024 23:38:14 +0300 Subject: [PATCH 01/15] feat: add vault service to docker compose --- docker-compose/docker-compose.yaml | 33 ++++++++++++++++++++ docker-compose/vault/config.hcl | 14 +++++++++ docker-compose/vault/init.sh | 50 ++++++++++++++++++++++++++++++ 3 files changed, 97 insertions(+) create mode 100644 docker-compose/vault/config.hcl create mode 100644 docker-compose/vault/init.sh diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml index 7ebc8f356..fc6ba0dc6 100644 --- a/docker-compose/docker-compose.yaml +++ b/docker-compose/docker-compose.yaml @@ -120,6 +120,38 @@ services: ports: - $POSTGRES_DB_PORT:5432 #TODO: tcp/udp proxy with caddy + vault: + image: hashicorp/vault:latest + container_name: vault + healthcheck: + test: ["CMD-SHELL", "vault status || exit 1"] + interval: 5s + timeout: 2s + retries: 5 + volumes: + - ./vault/config.hcl:/vault/config/config.hcl:ro + - vault_data:/vault/file + ports: + - "8200:8200" + environment: + VAULT_DEV_LISTEN_ADDRESS: "0.0.0.0:8200" + VAULT_ADDR: "http://127.0.0.1:8200" + command: server -config=/vault/config/config.hcl -dev -dev-root-token-id="dev-only-token" + restart: always + + vault-init: + image: hashicorp/vault:latest + container_name: vault-init + environment: + VAULT_DEV_ROOT_TOKEN_ID: "dev-only-token" + VAULT_ADDR: "http://host.docker.internal:8200" + depends_on: + vault: + condition: service_healthy + entrypoint: /bin/sh -c "/vault/scripts/init.sh" + volumes: + - ./vault/init.sh:/vault/scripts/init.sh + caddy: image: docker.io/caddy:2 restart: unless-stopped @@ -173,3 +205,4 @@ services: - ./Caddyfile:/etc/caddy/Caddyfile volumes: wallet-api-db: + vault_data: diff --git a/docker-compose/vault/config.hcl b/docker-compose/vault/config.hcl new file mode 100644 index 000000000..ab28ef275 --- /dev/null +++ b/docker-compose/vault/config.hcl @@ -0,0 +1,14 @@ +ui = true +cluster_addr = "https://127.0.0.1:8201" +api_addr = "https://127.0.0.1:8200" +disable_mlock = true + +# listener "tcp" { +# address = "0.0.0.0:8200" +# tls_disable = true +# } + +# storage "raft" { +# path = "/path/to/raft/data" +# node_id = "raft_node_id" +# } \ No newline at end of file diff --git a/docker-compose/vault/init.sh b/docker-compose/vault/init.sh new file mode 100644 index 000000000..785d9db94 --- /dev/null +++ b/docker-compose/vault/init.sh @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +echo "Initialize Vault (if not already initialized)" +if ! vault status | grep -q "Initialized"; then + vault operator init -key-shares=1 -key-threshold=1 > /vault/file/init.log + vault operator unseal $(grep 'Unseal Key 1:' /vault/file/init.log | awk '{print $NF}') + vault login $(grep 'Initial Root Token:' /vault/file/init.log | awk '{print $NF}') +fi + +vault login "$VAULT_DEV_ROOT_TOKEN_ID" + +echo "Enable Transit Secrets Engine" +vault secrets enable transit + +echo "Create an encryption key" +vault write -f transit/keys/my-encryption-key + +echo "Enable Userpass Authentication" +vault auth enable userpass + +echo "Create a User with Userpass Authentication" +vault write auth/userpass/users/my-user password=my-password policies=transit-policy + +echo "Enable AppRole Authentication" +vault auth enable approle + +echo "Create a Policy for Transit Secrets Engine" +vault policy write transit-policy - < Date: Wed, 8 Jan 2025 11:52:01 +0200 Subject: [PATCH 02/15] chore: set up compose profiles for docker service # Conflicts: # docker-compose/.env # Conflicts: # docker-compose/.env # Conflicts: # docker-compose/.env --- docker-compose/.env | 3 ++- docker-compose/docker-compose.yaml | 30 +++++++++++++++++++++++++++++- 2 files changed, 31 insertions(+), 2 deletions(-) diff --git a/docker-compose/.env b/docker-compose/.env index 66db6b898..5c89a073c 100644 --- a/docker-compose/.env +++ b/docker-compose/.env @@ -23,4 +23,5 @@ MSSQL_DB_PORT=1433 #sqlite | postgres | mssql DATABASE_ENGINE=postgres VERSION_TAG=0.10.0 -COMPOSE_PROFILES=$DATABASE_ENGINE +#identity | identity,tse | all +COMPOSE_PROFILES=identity diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml index fc6ba0dc6..18087248d 100644 --- a/docker-compose/docker-compose.yaml +++ b/docker-compose/docker-compose.yaml @@ -1,6 +1,9 @@ services: wallet-api: image: docker.io/waltid/wallet-api:${VERSION_TAG:-latest} + profiles: + - identity + - all pull_policy: always build: context: ../ @@ -23,6 +26,9 @@ services: issuer-api: platform: linux/x86_64 image: docker.io/waltid/issuer-api:${VERSION_TAG:-latest} + profiles: + - identity + - all pull_policy: always build: context: ../ @@ -37,6 +43,9 @@ services: verifier-api: platform: linux/x86_64 image: docker.io/waltid/verifier-api:${VERSION_TAG:-latest} + profiles: + - identity + - all pull_policy: always build: context: ../ @@ -50,6 +59,9 @@ services: waltid-demo-wallet: image: docker.io/waltid/waltid-demo-wallet:${VERSION_TAG:-latest} + profiles: + - identity + - all pull_policy: always build: context: ../ @@ -64,6 +76,9 @@ services: waltid-dev-wallet: image: docker.io/waltid/waltid-dev-wallet:${VERSION_TAG:-latest} + profiles: + - identity + - all pull_policy: always build: context: ../ @@ -79,6 +94,9 @@ services: web-portal: platform: linux/x86_64 image: docker.io/waltid/portal:${VERSION_TAG:-latest} + profiles: + - identity + - all pull_policy: always build: context: ../ @@ -95,6 +113,9 @@ services: vc-repo: platform: linux/x86_64 image: docker.io/waltid/vc-repository:latest + profiles: + - identity + - all pull_policy: always depends_on: - caddy @@ -104,7 +125,8 @@ services: postgres: image: postgres profiles: - - postgres + - identity + - all healthcheck: test: [ "CMD", "pg_isready", "-q", "-U", "$DB_USERNAME" ] interval: 5s @@ -122,6 +144,9 @@ services: vault: image: hashicorp/vault:latest + profiles: + - tse + - all container_name: vault healthcheck: test: ["CMD-SHELL", "vault status || exit 1"] @@ -141,6 +166,9 @@ services: vault-init: image: hashicorp/vault:latest + profiles: + - tse + - all container_name: vault-init environment: VAULT_DEV_ROOT_TOKEN_ID: "dev-only-token" From 913fb10355748ad192cf5d0bbf4c2a9c8b5bf636 Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Thu, 7 Nov 2024 20:37:46 +0200 Subject: [PATCH 03/15] chore: updated readme to mention the vault service # Conflicts: # docker-compose/README.md --- docker-compose/README.md | 74 +++++++++++++++++++++++++++--- docker-compose/docker-compose.yaml | 2 +- docker-compose/vault/init.sh | 2 +- 3 files changed, 69 insertions(+), 9 deletions(-) diff --git a/docker-compose/README.md b/docker-compose/README.md index 684098e85..f8cfafcb8 100644 --- a/docker-compose/README.md +++ b/docker-compose/README.md @@ -1,6 +1,7 @@ # walt.id Identity Docker Environment -This directory contains the Docker Compose configuration that sets up and runs the services and applications of the walt.id Identity Stack. +This directory contains the Docker Compose configuration that sets up and runs the services and applications of the +walt.id Identity Stack. You can either run the latest release using pre-built Docker images or build your images locally. ## Prerequisites @@ -27,51 +28,104 @@ docker-compose pull This ensures that you're using the most recent release images from the Docker registry. ### Start the Services + Once the images are pulled, start the services by running: + ```bash docker-compose up ``` -*Note:* If you are facing issues with the containers, try running the following command to remove the existing containers and then run the +*Note:* If you are facing issues with the containers, try running the following command to remove the existing +containers and then run the above command again. ### Stop the Services + ```bash docker-compose down ``` ### Tear down the Services + ```bash docker-compose down -v ``` *Note:* -The version of the images pulled is controlled by the `VERSION_TAG` in the `.env` file. By default, it is set to latest, which pulls the most recent release of the Docker images. -If you prefer to use a specific version, such as a past release, modify the `VERSION_TAG` in the `.env` file before pulling the images. +The version of the images pulled is controlled by the `VERSION_TAG` in the `.env` file. By default, it is set to latest, +which pulls the most recent release of the Docker images. +If you prefer to use a specific version, such as a past release, modify the `VERSION_TAG` in the `.env` file before +pulling the images. ## Building and Running Services Locally ### Update the VERSION_TAG -Before building locally, ensure the correct version is specified in the `.env` file. + +Before building locally, ensure the correct version is specified in the `.env` file. Update the `VERSION_TAG` variable to the desired version value for the local build. -### Build the Docker Images Locally +### Build the Docker Images Locally + Once the `VERSION_TAG` is set, build the Docker images based on your local changes by running: + ```bash docker-compose build ``` ### Start the Services + ```bash docker-compose up ``` +### Starting services selectively + +It is possible to start services selectively, including their dependencies. + +#### Start the demo wallet and all dependant services + +```console +docker compose up waltid-demo-wallet +``` + +will start automatically: + +- caddy +- postgres +- wallet-api +- and waltid-web-wallet + +#### Start services using compose profiles + +`COMPOSE_PROFILES` environment variable located in the .env file allows the selection of +profiles to start the services for. Currently, the services are available with 2 profiles: + +- identity - for the waltid-identity services +- tse - for the Hashicorp vault service, will be initialized with: + - a transit secrets engine + - and authentication methods + - approle - for my-role, where role-id and secret-id will be output in the console1 + - userpass - for myuser with mypassword + - access-token - with dev-only-token + +Profiles can be combined, e.g. `COMPOSE_PROFILES=identity,tse` - will start the +waltid-identity services and the vault (also can be done with the `all` profile). + +1 - example output: + +```console +vault-init | Role ID: 66f3f095-74c9-b270-9d1f-1f842aa6bf3f +vault-init | Secret ID: 3abf1e00-2dc1-9e77-0705-9a81a95c7c59 +``` + ### Stop the Services + ```bash docker-compose down ``` ### Tear down the Services + ```bash docker-compose down -v ``` @@ -83,6 +137,7 @@ docker-compose down -v - Wallet API: [http://localhost:7001](http://localhost:7001) - Issuer API: [http://localhost:7002](http://localhost:7002) - Verifier API: [http://localhost:7003](http://localhost:7003) +- Hashicorp vault: [http://localhost:8200](http://localhost:8200) ### Apps @@ -106,6 +161,7 @@ docker-compose down -v [//]: # (## Environment) [//]: # () + [//]: # (- main:) [//]: # ( - `.env` - stores the common environment variables, such as port numbers,) @@ -123,6 +179,7 @@ docker-compose down -v [//]: # ( - `mssql/mssql.env` - stores mssql specific variables, e.g. sql-server edition, etc.) [//]: # () + [//]: # (Variables from `.env` are propagated automatically down to reverse proxy configurations) [//]: # ((Caddyfile) and also api configurations (wallet, issuer, verifier).) @@ -132,6 +189,7 @@ docker-compose down -v [//]: # (### Select a database engine) [//]: # () + [//]: # (- browse `.env` file) [//]: # (- set `DATABASE_ENGINE` to one of:) @@ -174,12 +232,14 @@ Make sure the ports are also updated in: - web.conf - db.conf - #### Removing the DB volume + ``` docker volume rm docker-compose_wallet-api-db ``` + #### DB Backup / Restore + ``` pg_dump -U your_user_name -h your_host -d your_db_name > backup.sql psql -U your_user_name -h your_host -d your_db_name < backup.sql diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml index 18087248d..b6a74f855 100644 --- a/docker-compose/docker-compose.yaml +++ b/docker-compose/docker-compose.yaml @@ -178,7 +178,7 @@ services: condition: service_healthy entrypoint: /bin/sh -c "/vault/scripts/init.sh" volumes: - - ./vault/init.sh:/vault/scripts/init.sh + - ./vault/init.sh:/vault/scripts/init.sh:rw caddy: image: docker.io/caddy:2 diff --git a/docker-compose/vault/init.sh b/docker-compose/vault/init.sh index 785d9db94..dc0c7efc8 100644 --- a/docker-compose/vault/init.sh +++ b/docker-compose/vault/init.sh @@ -21,7 +21,7 @@ echo "Enable Userpass Authentication" vault auth enable userpass echo "Create a User with Userpass Authentication" -vault write auth/userpass/users/my-user password=my-password policies=transit-policy +vault write auth/userpass/users/myuser password=mypassword policies=transit-policy echo "Enable AppRole Authentication" vault auth enable approle From 82029685b8939f578fe9eba693ab69c02632f652 Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Fri, 8 Nov 2024 16:51:28 +0200 Subject: [PATCH 04/15] fix: mount init script to vault service in docker-compose --- docker-compose/docker-compose.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml index b6a74f855..096f74a8d 100644 --- a/docker-compose/docker-compose.yaml +++ b/docker-compose/docker-compose.yaml @@ -155,6 +155,7 @@ services: retries: 5 volumes: - ./vault/config.hcl:/vault/config/config.hcl:ro + - ./vault/init.sh:/vault/scripts/init.sh - vault_data:/vault/file ports: - "8200:8200" @@ -176,9 +177,9 @@ services: depends_on: vault: condition: service_healthy - entrypoint: /bin/sh -c "/vault/scripts/init.sh" + entrypoint: ["/bin/sh", "-c", "/vault/scripts/init.sh"] volumes: - - ./vault/init.sh:/vault/scripts/init.sh:rw + - ./vault:/vault/scripts caddy: image: docker.io/caddy:2 From 6bd1e7e0d600b9865a1590c35073fa4b41c485be Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Wed, 13 Nov 2024 20:10:51 +0200 Subject: [PATCH 05/15] fix: vault address in vault-init service --- docker-compose/docker-compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml index 096f74a8d..d8898b6d4 100644 --- a/docker-compose/docker-compose.yaml +++ b/docker-compose/docker-compose.yaml @@ -173,7 +173,7 @@ services: container_name: vault-init environment: VAULT_DEV_ROOT_TOKEN_ID: "dev-only-token" - VAULT_ADDR: "http://host.docker.internal:8200" + VAULT_ADDR: "http://vault:8200" depends_on: vault: condition: service_healthy From d0869b67becf507a43cd5744a4a2347079c4348d Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Wed, 13 Nov 2024 20:13:13 +0200 Subject: [PATCH 06/15] chore: make vault init script executable --- docker-compose/vault/init.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 docker-compose/vault/init.sh diff --git a/docker-compose/vault/init.sh b/docker-compose/vault/init.sh old mode 100644 new mode 100755 From 8de015f152faf3e8cdd7521cdcd23eb25f335bb3 Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Wed, 13 Nov 2024 20:26:43 +0200 Subject: [PATCH 07/15] chore: cleanup --- docker-compose/vault/config.hcl | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/docker-compose/vault/config.hcl b/docker-compose/vault/config.hcl index ab28ef275..6eb33478a 100644 --- a/docker-compose/vault/config.hcl +++ b/docker-compose/vault/config.hcl @@ -1,14 +1,4 @@ ui = true cluster_addr = "https://127.0.0.1:8201" api_addr = "https://127.0.0.1:8200" -disable_mlock = true - -# listener "tcp" { -# address = "0.0.0.0:8200" -# tls_disable = true -# } - -# storage "raft" { -# path = "/path/to/raft/data" -# node_id = "raft_node_id" -# } \ No newline at end of file +disable_mlock = true \ No newline at end of file From e11bfb0dbd88198924225e38889057b91faad163 Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Wed, 13 Nov 2024 21:12:02 +0200 Subject: [PATCH 08/15] chore: configurable vault-port --- docker-compose/.env | 1 + docker-compose/docker-compose.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/docker-compose/.env b/docker-compose/.env index 5c89a073c..2b795d9ed 100644 --- a/docker-compose/.env +++ b/docker-compose/.env @@ -5,6 +5,7 @@ DEMO_WALLET_FRONTEND_PORT=7101 WEB_PORTAL_PORT=7102 VC_REPO_PORT=7103 DEV_WALLET_FRONTEND_PORT=7104 +VAULT_PORT=8200 # database DB_NAME=waltid diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml index d8898b6d4..8db579b64 100644 --- a/docker-compose/docker-compose.yaml +++ b/docker-compose/docker-compose.yaml @@ -154,14 +154,14 @@ services: timeout: 2s retries: 5 volumes: - - ./vault/config.hcl:/vault/config/config.hcl:ro + - ./vault/config.hcl:/vault/config/config.hcl - ./vault/init.sh:/vault/scripts/init.sh - vault_data:/vault/file ports: - - "8200:8200" + - "$VAULT_PORT:8200" environment: - VAULT_DEV_LISTEN_ADDRESS: "0.0.0.0:8200" - VAULT_ADDR: "http://127.0.0.1:8200" + VAULT_DEV_LISTEN_ADDRESS: "0.0.0.0:$VAULT_PORT" + VAULT_ADDR: "http://127.0.0.1:$VAULT_PORT" command: server -config=/vault/config/config.hcl -dev -dev-root-token-id="dev-only-token" restart: always @@ -173,7 +173,7 @@ services: container_name: vault-init environment: VAULT_DEV_ROOT_TOKEN_ID: "dev-only-token" - VAULT_ADDR: "http://vault:8200" + VAULT_ADDR: "http://vault:$VAULT_PORT" depends_on: vault: condition: service_healthy From c2e918c94555451257126c54769903db16be2519 Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Wed, 8 Jan 2025 16:42:43 +0200 Subject: [PATCH 09/15] chore: remove unnecessary file from vault docker compose service --- docker-compose/docker-compose.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml index 8db579b64..480025713 100644 --- a/docker-compose/docker-compose.yaml +++ b/docker-compose/docker-compose.yaml @@ -155,7 +155,6 @@ services: retries: 5 volumes: - ./vault/config.hcl:/vault/config/config.hcl - - ./vault/init.sh:/vault/scripts/init.sh - vault_data:/vault/file ports: - "$VAULT_PORT:8200" @@ -179,7 +178,7 @@ services: condition: service_healthy entrypoint: ["/bin/sh", "-c", "/vault/scripts/init.sh"] volumes: - - ./vault:/vault/scripts + - ./vault/init.sh:/vault/scripts/init.sh caddy: image: docker.io/caddy:2 From 41b95687a2435390a1a5d1ed8c6b441d59c5eaec Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Thu, 9 Jan 2025 13:28:34 +0200 Subject: [PATCH 10/15] chore: add clarifying metadata description and name for my-custom vct in issuer metadata configuration --- .../kotlin/id/walt/issuer/config/CredentialTypeConfig.kt | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/waltid-services/waltid-issuer-api/src/main/kotlin/id/walt/issuer/config/CredentialTypeConfig.kt b/waltid-services/waltid-issuer-api/src/main/kotlin/id/walt/issuer/config/CredentialTypeConfig.kt index 43ec14ed2..197cc9c55 100644 --- a/waltid-services/waltid-issuer-api/src/main/kotlin/id/walt/issuer/config/CredentialTypeConfig.kt +++ b/waltid-services/waltid-issuer-api/src/main/kotlin/id/walt/issuer/config/CredentialTypeConfig.kt @@ -80,6 +80,14 @@ data class CredentialTypeConfig( cryptographicBindingMethodsSupported = setOf("did", "jwk"), credentialSigningAlgValuesSupported = setOf("ES256"), vct = "https://example.com/my_custom_vct", + sdJwtVcTypeMetadata = SDJWTVCTypeMetadata( + vct = "https://example.com/my_custom_vct", + name = "THE vct VALUE SHOULD BE UPDATED TO A RESOLVABLE AUTHORITY DOMAIN", + description = """ + This is an example to show that custom VCT 'registries' could also be used here. + Warning! Example purpose only. Not intended for real use. + """.trimIndent() + ), ) ) ), From d079d49cba7fd3ccbad8fed1a61ab25e189fddf2 Mon Sep 17 00:00:00 2001 From: chsavvaidis Date: Fri, 10 Jan 2025 12:27:46 +0200 Subject: [PATCH 11/15] fix: serializers for customParameters --- .../oid4vc/data/OpenIDProviderMetadata.kt | 65 ++++++++++++------- 1 file changed, 41 insertions(+), 24 deletions(-) diff --git a/waltid-libraries/protocols/waltid-openid4vc/src/commonMain/kotlin/id/walt/oid4vc/data/OpenIDProviderMetadata.kt b/waltid-libraries/protocols/waltid-openid4vc/src/commonMain/kotlin/id/walt/oid4vc/data/OpenIDProviderMetadata.kt index cf46b401b..38e99578f 100644 --- a/waltid-libraries/protocols/waltid-openid4vc/src/commonMain/kotlin/id/walt/oid4vc/data/OpenIDProviderMetadata.kt +++ b/waltid-libraries/protocols/waltid-openid4vc/src/commonMain/kotlin/id/walt/oid4vc/data/OpenIDProviderMetadata.kt @@ -8,13 +8,10 @@ import kotlinx.serialization.descriptors.SerialDescriptor import kotlinx.serialization.descriptors.buildClassSerialDescriptor import kotlinx.serialization.encoding.Decoder import kotlinx.serialization.encoding.Encoder -import kotlinx.serialization.modules.SerializersModule -import kotlinx.serialization.modules.polymorphic import kotlinx.serialization.json.* import kotlinx.serialization.json.Json import kotlinx.serialization.json.JsonDecoder import kotlinx.serialization.json.JsonElement -import kotlinx.serialization.json.ClassDiscriminatorMode /** * OpenID Provider metadata object, according to @@ -266,7 +263,6 @@ sealed class OpenIDProviderMetadata() : JsonDataObject() { ) : OpenIDProviderMetadata() { - // TODO: make them abstract in the sealed class fun getVctByCredentialConfigurationId(credentialConfigurationId: String) = credentialConfigurationsSupported?.get(credentialConfigurationId)?.vct fun getVctBySupportedCredentialConfiguration( @@ -293,36 +289,57 @@ sealed class OpenIDProviderMetadata() : JsonDataObject() { } } -object OpenIDProviderMetadataSerializer : KSerializer { +object OpenIDProviderMetadataJsonSerializer : JsonDataObjectSerializer(OpenIDProviderMetadataSerializer) { + public override fun transformSerialize(element: JsonElement) = JsonObject(super.transformSerialize(element).jsonObject) + public override fun transformDeserialize(element: JsonElement): JsonElement {return JsonObject(super.transformDeserialize(element).jsonObject) + } +} - override val descriptor: SerialDescriptor = buildClassSerialDescriptor("OpenIDProviderMetadata") +object OpenIDProviderMetadataSerializer : KSerializer { - override fun deserialize(decoder: Decoder): OpenIDProviderMetadata { - val jsonDecoder = decoder as? JsonDecoder ?: throw IllegalStateException("Invalid Decoder") + override val descriptor: SerialDescriptor = buildClassSerialDescriptor("OpenIDProviderMetadata") { + val seenElements = mutableSetOf() - val jsonObject = jsonDecoder.decodeJsonElement().jsonObject + val subclassDescriptors = listOf( + OpenIDProviderMetadata.Draft11.serializer().descriptor, + OpenIDProviderMetadata.Draft13.serializer().descriptor + ) - // TODO: () - return when { - "credentials_supported" in jsonObject -> Json.decodeFromJsonElement(OpenIDProviderMetadata.Draft11.serializer(), jsonObject) - "credential_configurations_supported" in jsonObject -> Json.decodeFromJsonElement(OpenIDProviderMetadata.Draft13.serializer(), jsonObject) - else -> throw IllegalArgumentException("Unknown OpenIDProviderMetadata version: missing expected fields") + for (subDescriptor in subclassDescriptors) { + for (index in 0 until subDescriptor.elementsCount) { + val name = subDescriptor.getElementName(index) + if (seenElements.add(name)) { + element(name, subDescriptor.getElementDescriptor(index)) + } + } } } - private val OpenIDProviderMetadataSerializersModule = SerializersModule { - polymorphic(OpenIDProviderMetadata::class) { - subclass(OpenIDProviderMetadata.Draft11::class, OpenIDProviderMetadata.Draft11.serializer()) - subclass(OpenIDProviderMetadata.Draft13::class, OpenIDProviderMetadata.Draft13.serializer()) + override fun serialize(encoder: Encoder, value: OpenIDProviderMetadata) { + val jsonEncoder = encoder as? JsonEncoder + ?: throw IllegalStateException("This serializer can only be used with a JSON encoder") + + val jsonElement = when (value) { + is OpenIDProviderMetadata.Draft11 -> Json.encodeToJsonElement(OpenIDProviderMetadata.Draft11.serializer(), value) + is OpenIDProviderMetadata.Draft13 -> Json.encodeToJsonElement(OpenIDProviderMetadata.Draft13.serializer(), value) } - } - override fun serialize(encoder: Encoder, value: OpenIDProviderMetadata) { - val json by lazy { Json { serializersModule = OpenIDProviderMetadataSerializersModule; classDiscriminatorMode = ClassDiscriminatorMode.NONE } } - val jsonElement = json.encodeToJsonElement(OpenIDProviderMetadata.serializer(), value) - encoder as? JsonEncoder ?: throw IllegalStateException("Invalid Encoder") - encoder.encodeJsonElement(jsonElement) + jsonEncoder.encodeJsonElement(OpenIDProviderMetadataJsonSerializer.transformSerialize(jsonElement)) } + override fun deserialize(decoder: Decoder): OpenIDProviderMetadata { + val jsonDecoder = decoder as? JsonDecoder + ?: throw IllegalStateException("This serializer can only be used with a JSON decoder") + + val rawJsonElement = jsonDecoder.decodeJsonElement() + + val transformedElement = OpenIDProviderMetadataJsonSerializer.transformDeserialize(rawJsonElement) + + return when { + "credentials_supported" in transformedElement.jsonObject -> Json.decodeFromJsonElement(OpenIDProviderMetadata.Draft11.serializer(), transformedElement) + "credential_configurations_supported" in transformedElement.jsonObject -> Json.decodeFromJsonElement(OpenIDProviderMetadata.Draft13.serializer(), transformedElement) + else -> throw IllegalArgumentException("Unknown OpenIDProviderMetadata version: missing expected fields") + } + } } From 68343547ec68f38c7366daee500265114509446a Mon Sep 17 00:00:00 2001 From: Philipp Potisk Date: Mon, 13 Jan 2025 11:02:17 +0100 Subject: [PATCH 12/15] fix: commented failing tests since EBSI system is currently down --- .../policies/PresentationVerificationTest.kt | 3 +- .../kotlin/resolvers/DidEbsiResolverTest.kt | 6 ++- .../PresentationDefinitionPolicyTests.kt | 50 +++++++++---------- 3 files changed, 31 insertions(+), 28 deletions(-) diff --git a/waltid-libraries/credentials/waltid-verification-policies/src/commonTest/kotlin/id/walt/policies/PresentationVerificationTest.kt b/waltid-libraries/credentials/waltid-verification-policies/src/commonTest/kotlin/id/walt/policies/PresentationVerificationTest.kt index 45eadfebb..70ebae468 100644 --- a/waltid-libraries/credentials/waltid-verification-policies/src/commonTest/kotlin/id/walt/policies/PresentationVerificationTest.kt +++ b/waltid-libraries/credentials/waltid-verification-policies/src/commonTest/kotlin/id/walt/policies/PresentationVerificationTest.kt @@ -13,7 +13,8 @@ import kotlinx.serialization.json.jsonObject import kotlin.test.Test class PresentationVerificationTest { - @Test + // TODO: Include test in the scope of WAL-842 + //@Test fun testPresentationVerification()= runTest { DidService.apply { registerResolver(LocalResolver()) diff --git a/waltid-libraries/waltid-did/src/jvmTest/kotlin/resolvers/DidEbsiResolverTest.kt b/waltid-libraries/waltid-did/src/jvmTest/kotlin/resolvers/DidEbsiResolverTest.kt index 6ef0109c5..7f532863b 100644 --- a/waltid-libraries/waltid-did/src/jvmTest/kotlin/resolvers/DidEbsiResolverTest.kt +++ b/waltid-libraries/waltid-did/src/jvmTest/kotlin/resolvers/DidEbsiResolverTest.kt @@ -16,7 +16,8 @@ import java.util.stream.Stream class DidEbsiResolverTest : DidResolverTestBase() { override val resolver: LocalResolverMethod = DidEbsiResolver(HttpClient()) - @ParameterizedTest + // TODO: Include test in the scope of WAL-842 + //@ParameterizedTest @MethodSource override fun `given a did String, when calling resolve, then the result is a valid did document`( did: String, key: JsonObject, assert: resolverAssertion @@ -24,7 +25,8 @@ class DidEbsiResolverTest : DidResolverTestBase() { super.`given a did String, when calling resolve, then the result is a valid did document`(did, key, assert) } - @ParameterizedTest + // TODO: Include test in the scope of WAL-842 + //@ParameterizedTest @MethodSource override fun `given a did String, when calling resolveToKey, then the result is valid key`( did: String, diff --git a/waltid-services/waltid-e2e-tests/src/test/kotlin/PresentationDefinitionPolicyTests.kt b/waltid-services/waltid-e2e-tests/src/test/kotlin/PresentationDefinitionPolicyTests.kt index 29704a0b0..51c4c02f1 100644 --- a/waltid-services/waltid-e2e-tests/src/test/kotlin/PresentationDefinitionPolicyTests.kt +++ b/waltid-services/waltid-e2e-tests/src/test/kotlin/PresentationDefinitionPolicyTests.kt @@ -406,31 +406,31 @@ class PresentationDefinitionPolicyTests { deleteWalletCredentials() }, ) - - runTestScenario( - description = "Presentation Definition Policy Scenario - UniversityDegree and PDA1 credentials, " + - "presentation request with two input descriptors, " + - "one for each credential, " + - "verification should succeed", - setup = { - issueCredentialsToWallet( - issuanceRequests = listOf( - IssuanceRequests.universityDegreeW3CVcTypeSd, - IssuanceRequests.pda1Credential, - ) - ) - }, - evaluate = { - evaluatePresentationVerificationResult( - presentationRequest = PresentationRequests.getUniversityDegreePda1ToSeparateInputDescriptors(), - expectedVerificationResult = true, - provideDisclosures = true, - ) - }, - cleanup = { - deleteWalletCredentials() - }, - ) +// TODO: Include test in the scope of WAL-842 +// runTestScenario( +// description = "Presentation Definition Policy Scenario - UniversityDegree and PDA1 credentials, " + +// "presentation request with two input descriptors, " + +// "one for each credential, " + +// "verification should succeed", +// setup = { +// issueCredentialsToWallet( +// issuanceRequests = listOf( +// IssuanceRequests.universityDegreeW3CVcTypeSd, +// IssuanceRequests.pda1Credential, +// ) +// ) +// }, +// evaluate = { +// evaluatePresentationVerificationResult( +// presentationRequest = PresentationRequests.getUniversityDegreePda1ToSeparateInputDescriptors(), +// expectedVerificationResult = true, +// provideDisclosures = true, +// ) +// }, +// cleanup = { +// deleteWalletCredentials() +// }, +// ) runTestScenario( description = "Presentation Definition Policy Scenario - UniversityDegree and PDA1 credentials, " + From c69d2155372700071dad887fa6339b51e0266be5 Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Fri, 10 Jan 2025 14:30:22 +0200 Subject: [PATCH 13/15] ci: configure reusable workflows for gradle-build, docker-build, release-version ci: add pre-release self-hosted runner action for testing purpose refactor: rename build-gradle workflow ci: add build workflow for feature branches refactor: optimize docker build workflow ci: move reusable workflows to github runners ci: refactor version workflow to support suffix input, update pre-release with reusable workflows ci: add deployment reusable workflow ci: update test-deploy for reusable workflows ci: add changelog reusable workflow ci: update release for reusable workflows ci: update pre-release to use the changelog and deployment workflows chore: cleanup --- .github/workflows/build-docker.yml | 107 +++++++++--------- .github/workflows/build-gradle.yml | 60 ++++++++++ .github/workflows/build.yml | 51 ++------- .github/workflows/changelog.yml | 39 +++++++ .github/workflows/deployment.yml | 56 ++++++++++ .github/workflows/pre-release.yml | 127 +++++---------------- .github/workflows/release.yml | 171 +++++------------------------ .github/workflows/test-deploy.yml | 149 +++++-------------------- .github/workflows/version.yml | 41 +++++++ 9 files changed, 347 insertions(+), 454 deletions(-) create mode 100644 .github/workflows/build-gradle.yml create mode 100644 .github/workflows/changelog.yml create mode 100644 .github/workflows/deployment.yml create mode 100644 .github/workflows/version.yml diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index 1d5aa9345..b88490b5e 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -1,60 +1,69 @@ -name: Build docker on every push except main branch +name: Build and/or push docker (reusable workflow) on: - push: - branches-ignore: - - main + workflow_call: + inputs: + version: + description: "release version" + required: true + type: string + tag: + description: "desired tag, e.g. latest, dev (defaults to dev)" + required: false + type: string + default: "dev" + publish: + description: "Specifies whether to publish the images (defaults to false)" + required: false + type: boolean + default: false jobs: build: - name: "Build" - runs-on: "ubuntu-latest" + name: Build + runs-on: ubuntu-latest + strategy: + matrix: + services: + - { + folder: waltid-services/waltid-issuer-api, + image: issuer-api + } + - { + folder: waltid-services/waltid-verifier-api, + image: verifier-api + } + - { + folder: waltid-services/waltid-wallet-api, + image: wallet-api + } + - { + folder: waltid-applications/waltid-web-wallet/apps/waltid-demo-wallet, + image: waltid-demo-wallet + } + - { + folder: waltid-applications/waltid-web-wallet/apps/waltid-dev-wallet, + image: waltid-dev-wallet + } + - { + folder: waltid-applications/waltid-web-portal, + image: portal + } steps: - uses: actions/checkout@v3 - - name: Setup cache - uses: actions/cache@v4 + - name: Login to Docker Hub + if: ${{ inputs.publish }} + uses: docker/login-action@v2 with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} - restore-keys: | - ${{ runner.os }}-gradle- - - name: Build and push Docker images (issuer) + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Set up Docker Buildx + if: ${{ !inputs.publish }} + uses: docker/setup-buildx-action@v2 + - name: Build and push Docker images (${{ matrix.services.image }}) uses: docker/build-push-action@v6 with: - push: false - file: waltid-services/waltid-issuer-api/Dockerfile - #tags: waltid/issuer-api:latest, waltid/issuer-api:${{ env.release_version }} - - name: Build and push Docker images (verifier) - uses: docker/build-push-action@v6 - with: - push: false - file: waltid-services/waltid-verifier-api/Dockerfile - #tags: waltid/verifier-api:latest, waltid/verifier-api:${{ env.release_version }} - - name: Build and push Docker images (wallet-api) - uses: docker/build-push-action@v6 - with: - push: false - file: waltid-services/waltid-wallet-api/Dockerfile - #tags: waltid/wallet-api:latest, waltid/wallet-api:${{ env.release_version }} - - name: Build and push Docker images (waltid-dev-wallet) - uses: docker/build-push-action@v6 - with: - push: false - file: waltid-applications/waltid-web-wallet/apps/waltid-dev-wallet/Dockerfile - #tags: waltid/waltid-dev-wallet:latest, waltid/waltid-dev-wallet:${{ env.release_version }} - - name: Build and push Docker images (waltid-demo-wallet) - uses: docker/build-push-action@v6 - with: - push: false - file: waltid-applications/waltid-web-wallet/apps/waltid-demo-wallet/Dockerfile - #tags: waltid/waltid-demo-wallet:latest, waltid/waltid-demo-wallet:${{ env.release_version }} - - name: Build and push Docker images (wallet-portal) - uses: docker/build-push-action@v6 - with: - push: false - file: waltid-applications/waltid-web-portal/Dockerfile - #tags: waltid/portal:latest, waltid/portal:${{ env.release_version }} - + push: ${{ inputs.publish }} + file: ${{ matrix.services.folder }}/Dockerfile + tags: waltid/${{ matrix.services.image }}:${{ inputs.tag }}, waltid/${{ matrix.services.image }}:${{ inputs.version }} \ No newline at end of file diff --git a/.github/workflows/build-gradle.yml b/.github/workflows/build-gradle.yml new file mode 100644 index 000000000..f649e877e --- /dev/null +++ b/.github/workflows/build-gradle.yml @@ -0,0 +1,60 @@ +name: Build gradle and/or publish (reusable workflow) + +on: + workflow_call: + inputs: + version: + description: "release version" + required: true + type: string + publish: + description: "Specifies whether to publish the artifacts (defaults to false)" + required: false + type: boolean + default: false + +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@v1.3.1 + with: + tool-cache: false + docker-images: false + - uses: actions/checkout@v3 + - name: Set version + run: | + sed -i "s/1.0.0-SNAPSHOT/${{ inputs.version }}/g" build.gradle.kts + - name: Setup cache + uses: actions/cache@v4 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle- + - name: Setup java + uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '21' + - name: Gradle wrapper validation + uses: gradle/wrapper-validation-action@v3 + - name: Set gradle build publish arguments + id: publish-arguments + run: | + if [ "${{ inputs.publish }}" == "true" ]; then + echo "arguments=publish" >> $GITHUB_OUTPUT + else + echo "arguments=" >> $GITHUB_OUTPUT + fi + - name: Running gradle build + uses: eskatos/gradle-command-action@v3 + env: + MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + with: + arguments: build ${{ steps.publish-arguments.outputs.arguments }} --no-daemon \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 32c328aff..24db49ade 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -5,43 +5,16 @@ on: branches-ignore: - main - jobs: - build: - name: "Build" - runs-on: "ubuntu-latest" - steps: - - uses: actions/checkout@v3 - - name: Setup java - uses: actions/setup-java@v4 - with: - distribution: 'temurin' - java-version: '21' - - name: Setup cache - uses: actions/cache@v4 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} - restore-keys: | - ${{ runner.os }}-gradle- - - name: Gradle wrapper validation - uses: gradle/wrapper-validation-action@v3 - - - name: Get changed files in the frontend - id: frontend-changed-files - uses: tj-actions/changed-files@v45 - with: - files: | - waltid-applications/waltid-web-portal/** - waltid-applications/waltid-web-wallet/web/** - - - name: Running gradle build - uses: eskatos/gradle-command-action@v3 - env: - MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} - with: - arguments: build --no-daemon - if: ${{ steps.frontend-changed-files.outputs.any_changed == 'false' }} + version: + uses: walt-id/waltid-identity/.github/workflows/version.yml@feat/test-self-hosted-runners + gradle-build: + uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@feat/test-self-hosted-runners + needs: version + with: + version: ${{ needs.version.outputs.release_version }} + docker-build: + uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@feat/test-self-hosted-runners + needs: version + with: + version: ${{ needs.version.outputs.release_version }} \ No newline at end of file diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml new file mode 100644 index 000000000..c28d764d3 --- /dev/null +++ b/.github/workflows/changelog.yml @@ -0,0 +1,39 @@ +name: Create changelog with tag (reusable workflow) + +on: + workflow_call: + inputs: + version: + description: "release version" + required: true + type: string + +jobs: + build: + name: Create + runs-on: ubuntu-latest + steps: + - run: | + git tag v${{ inputs.version }} + git push --tags + - name: Changelog + uses: ardalanamini/auto-changelog@v4 + id: changelog + with: + github-token: ${{ github.token }} + default-commit-type: Other Changes + release-name: v${{ inputs.version }} + mention-authors: true + mention-new-contributors: true + include-compare-link: true + use-github-autolink: true + semver: true + - name: Create Release + uses: softprops/action-gh-release@v2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: v${{ inputs.version }} +# body: | +# ${{ steps.changelog.outputs.changelog }} + prerelease: ${{ steps.changelog.outputs.prerelease }} \ No newline at end of file diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml new file mode 100644 index 000000000..82963c4b4 --- /dev/null +++ b/.github/workflows/deployment.yml @@ -0,0 +1,56 @@ +name: Deploy to environment (reusable workflow) + +on: + workflow_call: + inputs: + version: + description: "release version" + required: true + type: string + deployment: + description: "deployment file suffix (defaults to dev)" + required: false + type: string + default: "dev" + namespace: + description: "deployment namespace (defaults to dev)" + required: false + type: string + default: "dev" + portals: + description: "deployment namespace for portal related services (defaults to dev)" + required: false + type: string + default: "dev" + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + env: + IMAGE_TAG: ${{ inputs.version }} + PORTALS: ${{ inputs.portals }} + NAMESPACE: ${{ inputs.namespace }} + KEYCLOAK: ${{ secrets.DEV_KEYCLOAK_CLIENT_SECRET }} + strategy: + matrix: + services: [ + { kube: waltid-services/waltid-issuer-api/k8s, name: issuer, namespace: $PORTALS }, + { kube: waltid-services/waltid-verifier-api/k8s, name: verifier, namespace: $PORTALS }, + { kube: waltid-services/waltid-wallet-api/k8s, name: web-wallet, namespace: $NAMESPACE, keycloak: $KEYCLOAK }, + { kube: waltid-applications/waltid-web-portal/k8s, name: portal, namespace: $PORTALS } + ] + steps: + - name: Prepare CD - ${{ matrix.services.name }} + run: | + sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" ${{ matrix.services.kube }}/deployment-${{ inputs.deployment }}.yaml > ${{ matrix.services.kube }}/deployment_mod.yaml | + sed "s/__DEFAULT_IMAGE_TAG__/$IMAGE_TAG/g" > ${{ matrix.services.kube }}/deployment_mod.yaml | + if [ "${{ matrix.services.keycloak }}" != "" ]; then + sed "s/__DEFAULT_KEYCLOAK_CLIENT_SECRET__/${{ matrix.services.keycloak }}/g" > ${{ matrix.services.kube }}/deployment_mod.yaml + fi + - name: Continuous deployment - ${{ matrix.services.name }} + uses: actions-hub/kubectl@master + env: + KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} + with: + args: apply -n ${{ matrix.services.namespace }} -f ${{ matrix.services.kube }}/deployment_mod.yaml \ No newline at end of file diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index 05cae4853..b1048bcf6 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -6,104 +6,29 @@ on: - main jobs: - release: - name: "Pre-release" - runs-on: ubuntu-latest - steps: - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@v1.3.1 - with: - tool-cache: false - docker-images: false - - uses: actions/checkout@v3 - - name: Calculate release version - run: | - echo "release_version=1.0.$(date +'%g%m%d%H%M')-SNAPSHOT" >> $GITHUB_ENV - - name: Set version - run: | - sed -i "s/1.0.0-SNAPSHOT/${{ env.release_version }}/g" build.gradle.kts - - run: | - git tag v${{ env.release_version }} - git push --tags - - name: Setup cache - uses: actions/cache@v4 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} - restore-keys: | - ${{ runner.os }}-gradle- - - name: Gradle wrapper validation - uses: gradle/wrapper-validation-action@v3 - - name: Running gradle build - uses: eskatos/gradle-command-action@v3 - env: - MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} - with: - arguments: build publish --no-daemon - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Build and push Docker images (issuer) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-issuer-api/Dockerfile - tags: waltid/issuer-api:latest, waltid/issuer-api:${{ env.release_version }} - - name: Build and push Docker images (verifier) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-verifier-api/Dockerfile - tags: waltid/verifier-api:latest, waltid/verifier-api:${{ env.release_version }} - - name: Build and push Docker images (wallet-api) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-wallet-api/Dockerfile - tags: waltid/wallet-api:latest, waltid/wallet-api:${{ env.release_version }} - - name: Build and push Docker images (waltid-demo-wallet) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-wallet/apps/waltid-demo-wallet/Dockerfile - tags: waltid/waltid-demo-wallet:latest, waltid/waltid-demo-wallet:${{ env.release_version }} - - name: Build and push Docker images (waltid-dev-wallet) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-wallet/apps/waltid-dev-wallet/Dockerfile - tags: waltid/waltid-dev-wallet:latest, waltid/waltid-dev-wallet:${{ env.release_version }} - - name: Build and push Docker images (wallet-portal) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-portal/Dockerfile - tags: waltid/portal:latest, waltid/portal:${{ env.release_version }} - - - name: Changelog - uses: ardalanamini/auto-changelog@v4 - id: changelog - with: - github-token: ${{ github.token }} - default-commit-type: Other Changes - release-name: v${{ env.release_version }} - mention-authors: true - mention-new-contributors: true - include-compare-link: true - use-github-autolink: true - semver: true - - name: Create Release - uses: softprops/action-gh-release@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: v${{ env.release_version }} - body: | - ${{ steps.changelog.outputs.changelog }} - prerelease: ${{ steps.changelog.outputs.prerelease }} + version: + uses: walt-id/waltid-identity/.github/workflows/version.yml@feat/test-self-hosted-runners + with: + suffix: -SNAPSHOT + gradle-build: + uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@feat/test-self-hosted-runners + needs: version + with: + version: ${{ needs.version.outputs.release_version }} + publish: true + docker-build: + uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@feat/test-self-hosted-runners + needs: version + with: + version: ${{ needs.version.outputs.release_version }} + publish: true + deploy: + uses: walt-id/waltid-identity/.github/workflows/deployment.yml@feat/test-self-hosted-runners + needs: [ version, gradle-build, docker-build ] + with: + version: ${{ needs.version.outputs.release_version }} + pre-release: + uses: walt-id/waltid-identity/.github/workflows/changelog.yml@feat/test-self-hosted-runners + needs: [ version, deploy ] + with: + version: ${{ needs.version.outputs.release_version }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a5220a6ef..4ce4c3dd4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,146 +8,33 @@ on: required: true jobs: + version: + uses: walt-id/waltid-identity/.github/workflows/version.yml@feat/test-self-hosted-runners + with: + preferred: ${{ inputs.release_version }} + gradle-build: + uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@feat/test-self-hosted-runners + needs: version + with: + version: ${{ needs.version.outputs.release_version }} + publish: true + docker-build: + uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@feat/test-self-hosted-runners + needs: version + with: + version: ${{ needs.version.outputs.release_version }} + tag: latest + publish: true + deploy: + uses: walt-id/waltid-identity/.github/workflows/deployment.yml@feat/test-self-hosted-runners + needs: [ version, gradle-build, docker-build ] + with: + version: ${{ needs.version.outputs.release_version }} + deployment: prod + namespace: default + portals: portals release: - name: "Release" - runs-on: ubuntu-latest - env: - IMAGE_TAG: ${{ inputs.release_version }} - steps: - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@v1.3.1 - with: - tool-cache: false - docker-images: false - - uses: actions/checkout@v3 - - name: Set version - run: | - sed -i "s/1.0.0-SNAPSHOT/${{ inputs.release_version }}/g" build.gradle.kts - - run: | - git tag v${{ inputs.release_version }} - git push --tags - - name: Setup cache - uses: actions/cache@v4 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} - restore-keys: | - ${{ runner.os }}-gradle- - - name: Gradle wrapper validation - uses: gradle/wrapper-validation-action@v3 - - name: Running gradle build - uses: eskatos/gradle-command-action@v3 - env: - MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} - with: - arguments: build publish --no-daemon - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Build and push Docker images (issuer) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-issuer-api/Dockerfile - tags: waltid/issuer-api:latest, waltid/issuer-api:${{ inputs.release_version }} - - name: Build and push Docker images (verifier) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-verifier-api/Dockerfile - tags: waltid/verifier-api:latest, waltid/verifier-api:${{ inputs.release_version }} - - name: Build and push Docker images (wallet-api) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-wallet-api/Dockerfile - tags: waltid/wallet-api:latest, waltid/wallet-api:${{ inputs.release_version }} - - name: Build and push Docker images (waltid-demo-wallet) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-wallet/apps/waltid-demo-wallet/Dockerfile - tags: waltid/waltid-demo-wallet:latest, waltid/waltid-demo-wallet:${{ inputs.release_version }} - - name: Build and push Docker images (waltid-dev-wallet) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-wallet/apps/waltid-dev-wallet/Dockerfile - tags: waltid/waltid-dev-wallet:latest, waltid/waltid-dev-wallet:${{ inputs.release_version }} - - name: Build and push Docker images (wallet-portal) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-portal/Dockerfile - tags: waltid/portal:latest, waltid/portal:${{ inputs.release_version }} - - - name: Changelog - uses: ardalanamini/auto-changelog@v4 - id: changelog - with: - github-token: ${{ github.token }} - default-commit-type: Other Changes - release-name: v${{ inputs.release_version }} - mention-authors: true - mention-new-contributors: true - include-compare-link: true - use-github-autolink: true - semver: true - - name: Create Release - uses: softprops/action-gh-release@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: v${{ inputs.release_version }} -# body: | -# ${{ steps.changelog.outputs.changelog }} - prerelease: ${{ steps.changelog.outputs.prerelease }} - # issuer-api - - name: Prepare CD - issuer - run: sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" waltid-services/waltid-issuer-api/k8s/deployment-prod.yaml | - sed "s/__DEFAULT_IMAGE_TAG__/$IMAGE_TAG/g" > waltid-services/waltid-issuer-api/k8s/deployment_mod.yaml - - name: Continuous deployment - issuer - uses: actions-hub/kubectl@master - env: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - with: - args: apply -n portals -f waltid-services/waltid-issuer-api/k8s/deployment_mod.yaml - # verifier-api - - name: Prepare CD - verifier - run: sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" waltid-services/waltid-verifier-api/k8s/deployment-prod.yaml | - sed "s/__DEFAULT_IMAGE_TAG__/$IMAGE_TAG/g" > waltid-services/waltid-verifier-api/k8s/deployment_mod.yaml - - name: Continuous deployment - verifier - uses: actions-hub/kubectl@master - env: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - with: - args: apply -n portals -f waltid-services/waltid-verifier-api/k8s/deployment_mod.yaml - # wallet-api - - name: Prepare CD - wallet.walt.id - env: - PROD_KEYCLOAK_CLIENT_SECRET: ${{ secrets.PROD_KEYCLOAK_CLIENT_SECRET }} - run: sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" waltid-services/waltid-wallet-api/k8s/deployment-prod.yaml | - sed "s/__DEFAULT_KEYCLOAK_CLIENT_SECRET__/$PROD_KEYCLOAK_CLIENT_SECRET/g" | - sed "s/__DEFAULT_IMAGE_TAG__/$IMAGE_TAG/g" > waltid-services/waltid-wallet-api/k8s/deployment_mod.yaml - - name: Continuous deployment - web wallet - uses: actions-hub/kubectl@master - env: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - with: - args: apply -n default -f waltid-services/waltid-wallet-api/k8s/deployment_mod.yaml - # portal - - name: Prepare CD - portal.walt.id - run: sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" waltid-applications/waltid-web-portal/k8s/deployment-prod.yaml | - sed "s/__DEFAULT_IMAGE_TAG__/$IMAGE_TAG/g" > waltid-applications/waltid-web-portal/k8s/deployment_mod.yaml - - name: Continuous deployment - portal.walt.id - uses: actions-hub/kubectl@master - env: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - with: - args: apply -n portals -f waltid-applications/waltid-web-portal/k8s/deployment_mod.yaml + uses: walt-id/waltid-identity/.github/workflows/changelog.yml@feat/test-self-hosted-runners + needs: [ version, deploy ] + with: + version: ${{ needs.version.outputs.release_version }} \ No newline at end of file diff --git a/.github/workflows/test-deploy.yml b/.github/workflows/test-deploy.yml index dd74d5599..9a41719f3 100644 --- a/.github/workflows/test-deploy.yml +++ b/.github/workflows/test-deploy.yml @@ -7,128 +7,31 @@ on: description: 'Custom version' required: false jobs: - build: - name: "Deploy to test environment" - runs-on: "ubuntu-latest" + version: + uses: walt-id/waltid-identity/.github/workflows/version.yml@feat/test-self-hosted-runners + with: + preferred: ${{ inputs.release_version }} + gradle-build: + uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@feat/test-self-hosted-runners + needs: version + with: + version: ${{ needs.version.outputs.release_version }} + docker-build: + uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@feat/test-self-hosted-runners + needs: version + with: + version: ${{ needs.version.outputs.release_version }} + publish: true + deploy: + uses: walt-id/waltid-identity/.github/workflows/deployment.yml@feat/test-self-hosted-runners + needs: [ version, gradle-build, docker-build ] + with: + version: ${{ needs.version.outputs.release_version }} + tag: + name: Create tag + runs-on: ubuntu-latest + needs: [ version, deploy ] steps: - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@v1.3.1 - with: - tool-cache: false - docker-images: false - - uses: actions/checkout@v3 - - name: Calculate release version - run: | - if [ "${{ inputs.release_version }}" == "" ]; then - echo "Using computed value" - BRANCH=$(echo ${{ github.ref }} | sed -e 's/refs\/heads\///' -e 's/\//-/g') - echo "BRANCH=${BRANCH}" >> $GITHUB_ENV - echo "release_version=1.0.$(date +'%g%m%d%H%M')-${BRANCH}" >> $GITHUB_ENV - else - echo "Using provided input" - echo "release_version=${{ inputs.release_version }}" >> $GITHUB_ENV - fi - - name: Set version - run: | - sed -i "s/1.0.0-SNAPSHOT/${{ env.release_version }}/g" build.gradle.kts - run: | - git tag v${{ env.release_version }} - git push --tags - - name: Setup java - uses: actions/setup-java@v4 - with: - distribution: 'temurin' - java-version: '21' - - name: Setup cache - uses: actions/cache@v4 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} - restore-keys: | - ${{ runner.os }}-gradle- - - name: Gradle wrapper validation - uses: gradle/wrapper-validation-action@v3 - - name: Running gradle build - uses: eskatos/gradle-command-action@v3 - with: - arguments: build --no-daemon - - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Build and push Docker images (issuer) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-issuer-api/Dockerfile - tags: waltid/issuer-api:dev, waltid/issuer-api:${{ env.release_version }} - - name: Build and push Docker images (verifier) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-verifier-api/Dockerfile - tags: waltid/verifier-api:dev, waltid/verifier-api:${{ env.release_version }} - - name: Build and push Docker images (wallet-api) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-services/waltid-wallet-api/Dockerfile - tags: waltid/wallet-api:dev, waltid/wallet-api:${{ env.release_version }} - - name: Build and push Docker images (waltid-demo-wallet) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-wallet/apps/waltid-demo-wallet/Dockerfile - tags: waltid/waltid-demo-wallet:dev, waltid/waltid-demo-wallet:${{ env.release_version }} - - name: Build and push Docker images (waltid-dev-wallet) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-wallet/apps/waltid-dev-wallet/Dockerfile - tags: waltid/waltid-dev-wallet:dev, waltid/waltid-dev-wallet:${{ env.release_version }} - - name: Build and push Docker images (wallet-portal) - uses: docker/build-push-action@v6 - with: - push: true - file: waltid-applications/waltid-web-portal/Dockerfile - tags: waltid/portal:dev, waltid/portal:${{ env.release_version }} - - - name: Prepare CD - issuer - run: sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" waltid-services/waltid-issuer-api/k8s/deployment-dev.yaml > waltid-services/waltid-issuer-api/k8s/deployment_mod.yaml - - name: Continuous deployment - issuer - uses: actions-hub/kubectl@master - env: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - with: - args: apply -n dev -f waltid-services/waltid-issuer-api/k8s/deployment_mod.yaml - - name: Prepare CD - verifier - run: sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" waltid-services/waltid-verifier-api/k8s/deployment-dev.yaml > waltid-services/waltid-verifier-api/k8s/deployment_mod.yaml - - name: Continuous deployment - verifier - uses: actions-hub/kubectl@master - env: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - with: - args: apply -n dev -f waltid-services/waltid-verifier-api/k8s/deployment_mod.yaml - - name: Prepare CD - web wallet - env: - DEV_KEYCLOAK_CLIENT_SECRET: ${{ secrets.DEV_KEYCLOAK_CLIENT_SECRET }} - run: sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" waltid-services/waltid-wallet-api/k8s/deployment-dev.yaml | - sed "s/__DEFAULT_KEYCLOAK_CLIENT_SECRET__/$DEV_KEYCLOAK_CLIENT_SECRET/g" > waltid-services/waltid-wallet-api/k8s/deployment_mod.yaml - - name: Continuous deployment - web wallet - uses: actions-hub/kubectl@master - env: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - with: - args: apply -n dev -f waltid-services/waltid-wallet-api/k8s/deployment_mod.yaml - - name: Prepare CD - portal.walt.id - run: sed "s/_DEFAULT_DEPLOYMENT_/$GITHUB_SHA/g" waltid-applications/waltid-web-portal/k8s/deployment-dev.yaml > waltid-applications/waltid-web-portal/k8s/deployment_mod.yaml - - name: Continuous deployment - portal.walt.id - uses: actions-hub/kubectl@master - env: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - with: - args: apply -n dev -f waltid-applications/waltid-web-portal/k8s/deployment_mod.yaml + git tag v${{ needs.version.outputs.release_version }} + git push --tags \ No newline at end of file diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml new file mode 100644 index 000000000..39c2cf080 --- /dev/null +++ b/.github/workflows/version.yml @@ -0,0 +1,41 @@ +name: Calculate release version (reusable workflow) + +on: + workflow_call: + inputs: + preferred: + description: "preferred release version" + required: false + type: string + suffix: + description: "version suffix (defaults to branch name)" + required: false + type: string + outputs: + release_version: + description: "The computed release version" + value: ${{ jobs.compute.outputs.result }} + +jobs: + compute: + name: Compute + runs-on: ubuntu-latest + outputs: + result: ${{ steps.release_version.outputs.release_version }} + steps: + - name: Calculate release version + id: release_version + run: | + if [ "${{ inputs.preferred }}" == "" ]; then + echo "Using computed value" + SUFFIX=${{ inputs.suffix }} + BRANCH=$(echo ${{ github.ref }} | sed -e 's/refs\/heads\///' -e 's/\//-/g') + if [ "${SUFFIX}" == "" ]; then + SUFFIX="-${BRANCH}" + fi + echo "SUFFIX=${SUFFIX}" >> $GITHUB_ENV + echo "release_version=1.0.$(date +'%g%m%d%H%M')${SUFFIX}" >> $GITHUB_OUTPUT + else + echo "Using provided input" + echo "release_version=${{ inputs.preferred }}" >> $GITHUB_OUTPUT + fi \ No newline at end of file From a902a18e29a30918d5bde0154b850fa9b4e894c4 Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Sun, 12 Jan 2025 11:44:56 +0200 Subject: [PATCH 14/15] ci: update reusable workflow references to commit sha --- .github/workflows/build.yml | 6 +++--- .github/workflows/pre-release.yml | 10 +++++----- .github/workflows/release.yml | 10 +++++----- .github/workflows/test-deploy.yml | 8 ++++---- 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 24db49ade..b6011b475 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,14 +7,14 @@ on: jobs: version: - uses: walt-id/waltid-identity/.github/workflows/version.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/version.yml@c69d2155372700071dad887fa6339b51e0266be5 gradle-build: - uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: version with: version: ${{ needs.version.outputs.release_version }} docker-build: - uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: version with: version: ${{ needs.version.outputs.release_version }} \ No newline at end of file diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index b1048bcf6..4bad7720d 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -7,28 +7,28 @@ on: jobs: version: - uses: walt-id/waltid-identity/.github/workflows/version.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/version.yml@c69d2155372700071dad887fa6339b51e0266be5 with: suffix: -SNAPSHOT gradle-build: - uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: version with: version: ${{ needs.version.outputs.release_version }} publish: true docker-build: - uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: version with: version: ${{ needs.version.outputs.release_version }} publish: true deploy: - uses: walt-id/waltid-identity/.github/workflows/deployment.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/deployment.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: [ version, gradle-build, docker-build ] with: version: ${{ needs.version.outputs.release_version }} pre-release: - uses: walt-id/waltid-identity/.github/workflows/changelog.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/changelog.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: [ version, deploy ] with: version: ${{ needs.version.outputs.release_version }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4ce4c3dd4..1a71e4e02 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,24 +9,24 @@ on: jobs: version: - uses: walt-id/waltid-identity/.github/workflows/version.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/version.yml@c69d2155372700071dad887fa6339b51e0266be5 with: preferred: ${{ inputs.release_version }} gradle-build: - uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: version with: version: ${{ needs.version.outputs.release_version }} publish: true docker-build: - uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: version with: version: ${{ needs.version.outputs.release_version }} tag: latest publish: true deploy: - uses: walt-id/waltid-identity/.github/workflows/deployment.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/deployment.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: [ version, gradle-build, docker-build ] with: version: ${{ needs.version.outputs.release_version }} @@ -34,7 +34,7 @@ jobs: namespace: default portals: portals release: - uses: walt-id/waltid-identity/.github/workflows/changelog.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/changelog.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: [ version, deploy ] with: version: ${{ needs.version.outputs.release_version }} \ No newline at end of file diff --git a/.github/workflows/test-deploy.yml b/.github/workflows/test-deploy.yml index 9a41719f3..98b142fd1 100644 --- a/.github/workflows/test-deploy.yml +++ b/.github/workflows/test-deploy.yml @@ -8,22 +8,22 @@ on: required: false jobs: version: - uses: walt-id/waltid-identity/.github/workflows/version.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/version.yml@c69d2155372700071dad887fa6339b51e0266be5 with: preferred: ${{ inputs.release_version }} gradle-build: - uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: version with: version: ${{ needs.version.outputs.release_version }} docker-build: - uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: version with: version: ${{ needs.version.outputs.release_version }} publish: true deploy: - uses: walt-id/waltid-identity/.github/workflows/deployment.yml@feat/test-self-hosted-runners + uses: walt-id/waltid-identity/.github/workflows/deployment.yml@c69d2155372700071dad887fa6339b51e0266be5 needs: [ version, gradle-build, docker-build ] with: version: ${{ needs.version.outputs.release_version }} From 8e2222bccd080e51da09749405055b5a1ddfa4bd Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Tue, 14 Jan 2025 21:29:53 +0200 Subject: [PATCH 15/15] chore: set uppercase 'as' in docker files --- waltid-applications/waltid-web-portal/Dockerfile | 2 +- waltid-services/waltid-issuer-api/Dockerfile | 2 +- waltid-services/waltid-verifier-api/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/waltid-applications/waltid-web-portal/Dockerfile b/waltid-applications/waltid-web-portal/Dockerfile index fae26edef..7ca22b46c 100644 --- a/waltid-applications/waltid-web-portal/Dockerfile +++ b/waltid-applications/waltid-web-portal/Dockerfile @@ -1,5 +1,5 @@ # BUILD -FROM docker.io/gplane/pnpm:8.6 as buildstage +FROM docker.io/gplane/pnpm:8.6 AS buildstage COPY waltid-applications/waltid-web-portal/. /build diff --git a/waltid-services/waltid-issuer-api/Dockerfile b/waltid-services/waltid-issuer-api/Dockerfile index a78a300f7..d81e2a269 100644 --- a/waltid-services/waltid-issuer-api/Dockerfile +++ b/waltid-services/waltid-issuer-api/Dockerfile @@ -1,4 +1,4 @@ -FROM docker.io/gradle:jdk17 as buildstage +FROM docker.io/gradle:jdk17 AS buildstage COPY gradle/ /work/gradle COPY settings.gradle.kts build.gradle.kts gradle.properties gradlew /work/ diff --git a/waltid-services/waltid-verifier-api/Dockerfile b/waltid-services/waltid-verifier-api/Dockerfile index 8ff80516b..0a3503c1d 100644 --- a/waltid-services/waltid-verifier-api/Dockerfile +++ b/waltid-services/waltid-verifier-api/Dockerfile @@ -1,4 +1,4 @@ -FROM docker.io/gradle:jdk17 as buildstage +FROM docker.io/gradle:jdk17 AS buildstage COPY gradle/ /work/gradle COPY settings.gradle.kts build.gradle.kts gradle.properties gradlew /work/