From 07ef4dd7472c245d221837b2f7cb84ace0418dc8 Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 17 Jul 2024 09:24:58 +0200 Subject: [PATCH 01/10] chore(readme):[#822] update source layout to current state --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a7f26d7138..8706d9bc71 100644 --- a/README.md +++ b/README.md @@ -66,13 +66,14 @@ The IRS project consists of several different parts: | irs-policy-store | The IRS policy store, an API to store and retrieve accepted EDC policies. | | | irs-registry-client | Digital Twin Registry Client. | [Digital Twin Registry Client README](irs-registry-client/README.md) | | irs-report-aggregate | This Maven module aggregates the test coverage reports of all modules. | | +| irs-testdata-upload | This Maven module contains the Testdata Utilities | | | irs-testing | This module contains testing utilities for the IRS like [testcontainers](https://java.testcontainers.org/), [Wiremock](https://wiremock.org/) configurations and requests etc. | | | local | This folder contains resources for local development and demonstration. | | | local/demo | Showcases the IRS ESS top-down investigation use-case. | [ess-demo.py README](local/demo/README.md) | | local/deployment | [HELM](https://helm.sh/) charts for local deployment of the IRS. | | | local/development | This folder contains resources relevant for setting up the local development environment such as the [commit message check hook](CONTRIBUTING.md#commit-messages). | | +| local/testing/api-tests | [Tavern](https://tavern.readthedocs.io) API tests for the IRS. | [Tavern API Tests README](local/testing/api-tests/README.md) | | local/testing/request-collection | [REST Request Collection](local/testing/request-collection/IRS_Request_Collection.json) for [Insomnia](https://insomnia.rest/). | [REST Request Collection README](local/testing/request-collection/README.md) | -| local/testing/api-tests | [Tavern](https://tavern.readthedocs.io) API tests for the IRS. | [Tavern API Tests README](local/testing/api-tests/README.md) | | local/testing/testdata | Test data. | [Test data README](local/testing/testdata/README.md) | From b85f91e2a3834dd86e1681daba006f9288de1293 Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 17 Jul 2024 11:03:46 +0200 Subject: [PATCH 02/10] chore(REDME):[#817] fix typos --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8706d9bc71..2037a90cd9 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ The IRS project consists of several different parts: | .idea | Configuration for development via [IntelliJ](https://www.jetbrains.com/idea/). | | | .run | Run configurations for running the IRS in [IntelliJ](https://www.jetbrains.com/idea/). | | | charts | [HELM](https://helm.sh/) charts. | | -| charts/item-relationship-service | IRS [HELM](https://helm.sh/) chart for running the IRS with and its direct dependencies in [kubernetes](https://kubernetes.io/). | [IRS HELM charts documentation](charts/item-relationship-service/README.md) | +| charts/item-relationship-service | IRS [HELM](https://helm.sh/) chart for running the IRS with and its direct dependencies in [Kubernetes](https://kubernetes.io/). | [IRS HELM charts documentation](charts/item-relationship-service/README.md) | | docs | Concepts and documentation. | [Docs README](docs/README.md) | | irs-api | The IRS API. | | | irs-common | Common classes of the IRS. | | @@ -79,7 +79,7 @@ The IRS project consists of several different parts: ## Installation -This section describes both deployment on [kubernetes](https://kubernetes.io) via [Helm](https://helm.sh/) and local deployment for development. +This section describes both deployment on [Kubernetes](https://kubernetes.io) via [Helm](https://helm.sh/) and local deployment for development. ### Helm Deployment From d2ab742ee1391668d789d44d7a74481628926556 Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 17 Jul 2024 11:04:08 +0200 Subject: [PATCH 03/10] chore(REDME):[#817] complete authors list --- AUTHORS.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/AUTHORS.md b/AUTHORS.md index 642d714844..5dc08f07a0 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -19,4 +19,6 @@ The following people have contributed to this repository: - Pawel Sosnowski, doubleSlash Net-Business GmbH, https://github.com/ds-psosnowski - Matthias Fischer, doubleSlash Net-Business GmbH, https://github.com/dsmf - Sebastian Ceronik, doubleSlash Net-Business GmbH, https://github.com/ds-ext-sceronik -- Maximilian Wesener, doubleSlash Net-Business GmbH, https://github.com/ds-mwesener \ No newline at end of file +- Maximilian Wesener, doubleSlash Net-Business GmbH, https://github.com/ds-mwesener +- Kama Gassner, doubleSlash Net-Business GmbH, https://github.com/ds-kgassner +- Philipp Weick, doubleSlash Net-Business GmbH, https://github.com/ds-pweick \ No newline at end of file From 450898d1613f5a4bb79dae9b6684e65c1b72409c Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 17 Jul 2024 11:16:41 +0200 Subject: [PATCH 04/10] chore(REDME):[#817] update versions to current state --- INSTALL.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index 7f895c717b..258e17e333 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -44,10 +44,10 @@ Or create a new Helm chart and use the IRS as a dependency. dependencies: - name: item-relationship-service repository: https://eclipse-tractusx.github.io/item-relationship-service - version: 6.x.x + version: 7.x.x - name: tractusx-connector repository: https://eclipse-tractusx.github.io/tractusx-edc - version: 0.5.x + version: 0.7.x ``` Then provide your configuration as the values.yaml of that chart. From 6c0bd02eca4ccfe3846d84541f26e8a74e75d9d4 Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 17 Jul 2024 11:23:29 +0200 Subject: [PATCH 05/10] chore(USAGE):[#817] correct api call of POST /irs/jobs endpoint --- USAGE.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/USAGE.md b/USAGE.md index b81f8ee09d..4661aff048 100644 --- a/USAGE.md +++ b/USAGE.md @@ -18,10 +18,15 @@ curl -X 'POST' \ "aspects": [ "SerialPart" ], + "key": { + "globalAssetId": "urn:uuid:00000000-0000-0000-0000-000000000000", + "bpn": "BPNL000000000000" + } "bomLifecycle": "asBuilt", "depth": 1, "direction": "downward", - "globalAssetId": "urn:uuid:8a61c8db-561e-4db0-84ec-a693fc5ffdf6" + "collectAspects": true, + "callbackUrl": "https://hostname.com/callback?id={id}&state={state}" }' ``` From 8fd1f6b519d97d5be8ce3faa9820443f6ce56ea4 Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 17 Jul 2024 11:30:19 +0200 Subject: [PATCH 06/10] chore(USAGE):[#817] add Open a draft security advisory --- SECURITY.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/SECURITY.md b/SECURITY.md index 5c3c67ac4a..4af3de0ece 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -11,9 +11,13 @@ __How?__ Inside affected repository --> security tab for contributor: --> Report a vulnerability +Open a draft security advisory : https://github.com/eclipse-tractusx/sig-release/security/advisories/new + for committer: --> advisories --> New draft security advisory +Open a draft security advisory : https://github.com/eclipse-tractusx/sig-release/security/advisories/new + In severe cases, you can also report a found vulnerability via mail or eclipse issue here: https://www.eclipse.org/security/ See [Eclipse Foundation Vulnerability Reporting Policy](https://www.eclipse.org/projects/handbook/#vulnerability). From 76bb7431df8a9dd5fcfe56cec45c26c4bb6ee91f Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 17 Jul 2024 13:48:54 +0200 Subject: [PATCH 07/10] fix(action):[#817] fix typo --- .github/workflows/irs-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/irs-build.yml b/.github/workflows/irs-build.yml index e04ffd449e..e2b5e3e37f 100644 --- a/.github/workflows/irs-build.yml +++ b/.github/workflows/irs-build.yml @@ -110,7 +110,7 @@ jobs: - uses: actions/checkout@v4 # Needed to create multi-platform image - - name: Set up Docker Buildx + - name: Set up Docker Build uses: docker/setup-buildx-action@v3 # Needed to create multi-platform image From 3c8195b906cced03f6262afe3e70ba60501b607a Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 17 Jul 2024 14:31:03 +0200 Subject: [PATCH 08/10] fix(doc):[#817] correct copyright header --- .github/actions/import-gpg-key/action.yaml | 2 +- docs/src/docs/administration/administration-guide.adoc | 4 ++-- docs/src/docs/arc42/full.adoc | 4 ++-- docs/src/docs/index.adoc | 4 ++-- docs/src/docs/swagger-ui/index.adoc | 4 ++-- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/actions/import-gpg-key/action.yaml b/.github/actions/import-gpg-key/action.yaml index 858c3aecba..0696ce451e 100644 --- a/.github/actions/import-gpg-key/action.yaml +++ b/.github/actions/import-gpg-key/action.yaml @@ -1,5 +1,5 @@ # -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +# Copyright (c) 2021,2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) # Copyright (c) 2021,2024 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional diff --git a/docs/src/docs/administration/administration-guide.adoc b/docs/src/docs/administration/administration-guide.adoc index 18f6ab4890..2a8133b38a 100644 --- a/docs/src/docs/administration/administration-guide.adoc +++ b/docs/src/docs/administration/administration-guide.adoc @@ -12,9 +12,9 @@ include::troubleshooting.adoc[leveloffset=+1] This work is licensed under the https://www.apache.org/licenses/LICENSE-2.0[Apache-2.0]. - SPDX-License-Identifier: Apache-2.0 -- SPDX-FileCopyrightText: 2021, 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +- SPDX-FileCopyrightText: 2021, 2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) - SPDX-FileCopyrightText: 2022, 2023 BOSCH AG - SPDX-FileCopyrightText: 2021, 2022 ZF Friedrichshafen AG - SPDX-FileCopyrightText: 2022 ISTOS GmbH -- SPDX-FileCopyrightText: 2021, 2023 Contributors to the Eclipse Foundation +- SPDX-FileCopyrightText: 2021, 2024 Contributors to the Eclipse Foundation - Source URL: https://github.com/eclipse-tractusx/item-relationship-service \ No newline at end of file diff --git a/docs/src/docs/arc42/full.adoc b/docs/src/docs/arc42/full.adoc index db4a4f8ab9..850cc2cad9 100644 --- a/docs/src/docs/arc42/full.adoc +++ b/docs/src/docs/arc42/full.adoc @@ -17,9 +17,9 @@ include::glossary.adoc[leveloffset=+1] This work is licensed under the https://www.apache.org/licenses/LICENSE-2.0[Apache-2.0]. - SPDX-License-Identifier: Apache-2.0 -- SPDX-FileCopyrightText: 2021, 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +- SPDX-FileCopyrightText: 2021, 2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) - SPDX-FileCopyrightText: 2022, 2023 BOSCH AG - SPDX-FileCopyrightText: 2021, 2022 ZF Friedrichshafen AG - SPDX-FileCopyrightText: 2022 ISTOS GmbH -- SPDX-FileCopyrightText: 2021, 2023 Contributors to the Eclipse Foundation +- SPDX-FileCopyrightText: 2021, 2024 Contributors to the Eclipse Foundation - Source URL: https://github.com/eclipse-tractusx/item-relationship-service diff --git a/docs/src/docs/index.adoc b/docs/src/docs/index.adoc index 787214f3f2..1587ddca13 100644 --- a/docs/src/docs/index.adoc +++ b/docs/src/docs/index.adoc @@ -15,9 +15,9 @@ xref:swagger-ui/index.adoc[Swagger-UI] This work is licensed under the https://www.apache.org/licenses/LICENSE-2.0[Apache-2.0]. - SPDX-License-Identifier: Apache-2.0 -- SPDX-FileCopyrightText: 2021, 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +- SPDX-FileCopyrightText: 2021, 2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) - SPDX-FileCopyrightText: 2022, 2023 BOSCH AG - SPDX-FileCopyrightText: 2021, 2022 ZF Friedrichshafen AG - SPDX-FileCopyrightText: 2022 ISTOS GmbH -- SPDX-FileCopyrightText: 2021, 2023 Contributors to the Eclipse Foundation +- SPDX-FileCopyrightText: 2021, 2024 Contributors to the Eclipse Foundation - Source URL: https://github.com/eclipse-tractusx/item-relationship-service \ No newline at end of file diff --git a/docs/src/docs/swagger-ui/index.adoc b/docs/src/docs/swagger-ui/index.adoc index dd7fc44618..2cddb25762 100644 --- a/docs/src/docs/swagger-ui/index.adoc +++ b/docs/src/docs/swagger-ui/index.adoc @@ -5,9 +5,9 @@ This work is licensed under the https://www.apache.org/licenses/LICENSE-2.0[Apache-2.0]. - SPDX-License-Identifier: Apache-2.0 -- SPDX-FileCopyrightText: 2021, 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +- SPDX-FileCopyrightText: 2021, 2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) - SPDX-FileCopyrightText: 2022, 2023 BOSCH AG - SPDX-FileCopyrightText: 2021, 2022 ZF Friedrichshafen AG - SPDX-FileCopyrightText: 2022 ISTOS GmbH -- SPDX-FileCopyrightText: 2021, 2023 Contributors to the Eclipse Foundation +- SPDX-FileCopyrightText: 2021, 2024 Contributors to the Eclipse Foundation - Source URL: https://github.com/eclipse-tractusx/item-relationship-service \ No newline at end of file From 138018b8526f484d401983ef523a3e649267dac7 Mon Sep 17 00:00:00 2001 From: ds-mkanal <100209308+mkanal@users.noreply.github.com> Date: Thu, 18 Jul 2024 10:09:11 +0200 Subject: [PATCH 09/10] Update .github/workflows/irs-build.yml Co-authored-by: Jaro Hartmann <57985712+ds-jhartmann@users.noreply.github.com> --- .github/workflows/irs-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/irs-build.yml b/.github/workflows/irs-build.yml index e2b5e3e37f..e04ffd449e 100644 --- a/.github/workflows/irs-build.yml +++ b/.github/workflows/irs-build.yml @@ -110,7 +110,7 @@ jobs: - uses: actions/checkout@v4 # Needed to create multi-platform image - - name: Set up Docker Build + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 # Needed to create multi-platform image From 73eb268135987531fdf81ee0162d199e831b85ad Mon Sep 17 00:00:00 2001 From: mk Date: Thu, 18 Jul 2024 13:23:56 +0200 Subject: [PATCH 10/10] fix(doc):[#817] removed the links to report security advisories --- SECURITY.md | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 4af3de0ece..e2e84fbb25 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,23 +1,17 @@ -# Security Policy - ## Reporting a Vulnerability Please do **not** report security vulnerabilities through public GitHub issues. Please report vulnerabilities to this repository via **GitHub security advisories** instead. -__How?__ Inside affected repository --> security tab +How? Inside affected repository --> security tab for contributor: --> Report a vulnerability -Open a draft security advisory : https://github.com/eclipse-tractusx/sig-release/security/advisories/new - for committer: --> advisories --> New draft security advisory -Open a draft security advisory : https://github.com/eclipse-tractusx/sig-release/security/advisories/new - In severe cases, you can also report a found vulnerability via mail or eclipse issue here: https://www.eclipse.org/security/ -See [Eclipse Foundation Vulnerability Reporting Policy](https://www.eclipse.org/projects/handbook/#vulnerability). +See [Eclipse Foundation Vulnerability Reporting Policy](https://www.eclipse.org/projects/handbook/#vulnerability) \ No newline at end of file