From f47ddf10f9483e8a8ae84b1a78cd962d9d780f3f Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Mon, 15 Apr 2024 13:53:35 +0200 Subject: [PATCH 01/12] chore: updated provider edc version to v0.7.0-rc1 --- .../data-provider/edc-provider/Chart.yaml | 6 +- .../edc-provider/values-int.yaml | 30 ++++++++ .../data-provider/edc-provider/values.yaml | 71 ++++++++++++------- 3 files changed, 80 insertions(+), 27 deletions(-) diff --git a/deployment/infrastructure/data-provider/edc-provider/Chart.yaml b/deployment/infrastructure/data-provider/edc-provider/Chart.yaml index 1319e4292..a58db14a9 100644 --- a/deployment/infrastructure/data-provider/edc-provider/Chart.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/Chart.yaml @@ -28,17 +28,17 @@ description: | A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mock that can be used as edc provider for the DPP applicatiton. type: application version: 0.3.3 -appVersion: "0.6.0" +appVersion: "0.7.0-rc1" home: https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector sources: - https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector dependencies: - name: tractusx-connector - version: "0.6.0" + version: "0.7.0-rc1" repository: https://eclipse-tractusx.github.io/charts/dev condition: enabled - name: postgresql alias: postgresql - version: 12.1.6 + version: 15.2.1 repository: https://charts.bitnami.com/bitnami condition: postgresql.enabled diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index baaa91b75..57598b4b9 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -31,6 +31,18 @@ tractusx-connector: participant: id: "" + iatp: + # Decentralized IDentifier + id: "did:web:changeme" + sts: + dim: + url: https://materialpass.int.demo.catena-x.net/consumer + oauth: + token_url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: "" + secret_alias: "int-client-secret" + controlplane: enabled: true endpoints: @@ -120,12 +132,16 @@ tractusx-connector: public: port: 8081 path: /BPNL000000000000/api/public + signaling: + port: 8083 + path: /api/signaling control: port: 8083 path: /BPNL000000000000/api/dataplane/control proxy: port: 8186 path: /BPNL000000000000/proxy + authKey: observability: # -- port for incoming API calls port: 8085 @@ -136,6 +152,20 @@ tractusx-connector: metrics: port: 9090 path: /BPNL000000000000/metrics + + token: + refresh: + expiry_seconds: 300 + expiry_tolerance_seconds: 10 + # optional URL that can be provided where clients go to refresh tokens. + refresh_endpoint: + signer: + # alias under which the private key is stored in the vault (JWK or PEM format) + privatekey_alias: ids-daps_key + verifier: + # alias under which the public key is stored in the vault, that belongs to the private key ("privatekey_alias", JWK or PEM format) + publickey_alias: ids-daps_crt + ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress diff --git a/deployment/infrastructure/data-provider/edc-provider/values.yaml b/deployment/infrastructure/data-provider/edc-provider/values.yaml index 2bb71b46a..ad8d174fa 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values.yaml @@ -42,6 +42,18 @@ tractusx-connector: participant: id: "" + iatp: + # Decentralized IDentifier + id: "did:web:changeme" + sts: + dim: + url: https://materialpass.dev.demo.catena-x.net/consumer + oauth: + token_url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: "" + secret_alias: "dev-client-secret" + controlplane: enabled: true image: @@ -125,18 +137,24 @@ tractusx-connector: businessPartnerValidation: log: agreementValidation: true + bdrs: + # time that a cached BPN/DID resolution map is valid in seconds, default is 10 min + cache_validity_seconds: 600 + server: + # URL of the BPN/DID Resolution Service - required: + url: https://semantics.int.demo.catena-x.net/bpndiscovery/api/v1.0/administration/connectors/bpnDiscovery/search - ssi: - miw: - url: "" - authorityId: "" - oauth: - tokenurl: "https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token" - client: - id: "" - secretAlias: "dev-client-secret" - endpoint: - audience: https://materialpass.dev.demo.catena-x.net/consumer + # ssi: + # miw: + # url: "" + # authorityId: "" + # oauth: + # tokenurl: "https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token" + # client: + # id: "" + # secretAlias: "dev-client-secret" + # endpoint: + # audience: https://materialpass.dev.demo.catena-x.net/consumer service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. @@ -350,12 +368,16 @@ tractusx-connector: public: port: 8081 path: /BPNL000000000000/api/public + signaling: + port: 8083 + path: /api/signaling control: port: 8083 path: /BPNL000000000000/api/dataplane/control proxy: port: 8186 path: /BPNL000000000000/proxy + authKey: observability: # -- port for incoming API calls port: 8085 @@ -366,6 +388,20 @@ tractusx-connector: metrics: port: 9090 path: /BPNL000000000000/metrics + + token: + refresh: + expiry_seconds: 300 + expiry_tolerance_seconds: 10 + # optional URL that can be provided where clients go to refresh tokens. + refresh_endpoint: + signer: + # alias under which the private key is stored in the vault (JWK or PEM format) + privatekey_alias: daps-key-dev + verifier: + # alias under which the public key is stored in the vault, that belongs to the private key ("privatekey_alias", JWK or PEM format) + publickey_alias: daps-crt-dev + aws: endpointOverride: "" accessKeyId: "" @@ -501,19 +537,6 @@ tractusx-connector: # -- Explicitly declared url for reaching the public api (e.g. if ingresses not used) public: "" - # postgresql: - # jdbcUrl: "jdbc:postgresql://postgresqlprovider:5432/edc" - # primary: - # persistence: - # enabled: false - # readReplicas: - # persistence: - # enabled: false - # auth: - # database: "edc" - # username: - # password: - postgresql: jdbcUrl: "jdbc:postgresql://{{ .Release.Name }}-postgresql:5432/edc" fullnameOverride: "" From 2654d71fe0c8af338d190808df31fc48f6c65162 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Mon, 15 Apr 2024 15:12:49 +0200 Subject: [PATCH 02/12] chore: downgrade the postgres version to v12.1.6 edc provider --- deployment/infrastructure/data-provider/edc-provider/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/infrastructure/data-provider/edc-provider/Chart.yaml b/deployment/infrastructure/data-provider/edc-provider/Chart.yaml index a58db14a9..d042a55c9 100644 --- a/deployment/infrastructure/data-provider/edc-provider/Chart.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/Chart.yaml @@ -39,6 +39,6 @@ dependencies: condition: enabled - name: postgresql alias: postgresql - version: 15.2.1 + version: 12.1.6 repository: https://charts.bitnami.com/bitnami condition: postgresql.enabled From 2739f052b6f27e5ede1e68b8420c9fd49c828768 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Tue, 16 Apr 2024 11:03:30 +0200 Subject: [PATCH 03/12] chore: updated edc chart version to v0.7.0-rc1 and values file for edc consumer --- .../data-consumer/edc-consumer/Chart.yaml | 6 +- .../edc-consumer/values-int.yaml | 29 ++++++++ .../data-consumer/edc-consumer/values.yaml | 71 ++++++++++++++----- 3 files changed, 86 insertions(+), 20 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml index 0627c2fe2..d1eb0050a 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml @@ -27,15 +27,15 @@ description: | A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mock that can be used as edc consumer for the DPP applicatiton. type: application version: 0.3.3 -appVersion: "0.6.0" +appVersion: "0.7.0-rc1" home: https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector sources: - https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector urls: - - https://github.com/eclipse-tractusx/tractusx-edc/releases/download/tractusx-connector-0.5.0/tractusx-connector-0.5.0.tgz + - https://github.com/eclipse-tractusx/tractusx-edc/releases/download/tractusx-connector-0.7.0-rc1/tractusx-connector-0.7.0-rc1.tgz dependencies: - name: tractusx-connector - version: "0.6.0" + version: "0.7.0-rc1" repository: https://eclipse-tractusx.github.io/charts/dev condition: enabled - name: postgresql diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 4b0b99ad9..f386f1fbf 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -36,6 +36,18 @@ tractusx-connector: participant: id: "" + iatp: + # Decentralized IDentifier + id: "did:web:changeme" + sts: + dim: + url: https://materialpass.int.demo.catena-x.net/consumer + oauth: + token_url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: "" + secret_alias: "int-client-secret" + controlplane: enabled: true endpoints: @@ -125,12 +137,16 @@ tractusx-connector: public: port: 8081 path: /consumer/api/public + signaling: + port: 8083 + path: /api/signaling control: port: 8083 path: /consumer/api/dataplane/control proxy: port: 8186 path: /consumer/proxy + authKey: observability: # -- port for incoming API calls port: 8085 @@ -142,6 +158,19 @@ tractusx-connector: port: 9090 path: /consumer/metrics + token: + refresh: + expiry_seconds: 300 + expiry_tolerance_seconds: 10 + # optional URL that can be provided where clients go to refresh tokens. + refresh_endpoint: + signer: + # alias under which the private key is stored in the vault (JWK or PEM format) + privatekey_alias: ids-daps_key + verifier: + # alias under which the public key is stored in the vault, that belongs to the private key ("privatekey_alias", JWK or PEM format) + publickey_alias: ids-daps_crt + ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index 1c0ed5f3a..420a76eb1 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -46,6 +46,18 @@ tractusx-connector: participant: id: "" + iatp: + # Decentralized IDentifier + id: "did:web:changeme" + sts: + dim: + url: https://materialpass.dev.demo.catena-x.net/consumer + oauth: + token_url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: "" + secret_alias: "dev-client-secret" + controlplane: enabled: true image: @@ -129,18 +141,25 @@ tractusx-connector: businessPartnerValidation: log: agreementValidation: true + bdrs: + # time that a cached BPN/DID resolution map is valid in seconds, default is 10 min + cache_validity_seconds: 600 + server: + # URL of the BPN/DID Resolution Service - required: + url: https://semantics.int.demo.catena-x.net/bpndiscovery/api/v1.0/administration/connectors/bpnDiscovery/search + # SSI configuration - ssi: - miw: - url: "" - authorityId: "" - oauth: - tokenurl: "https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token" - client: - id: "" - secretAlias: "dev-client-secret" - endpoint: - audience: https://materialpass.dev.demo.catena-x.net/consumer + # ssi: + # miw: + # url: "" + # authorityId: "" + # oauth: + # tokenurl: "https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token" + # client: + # id: "" + # secretAlias: "dev-client-secret" + # endpoint: + # audience: https://materialpass.dev.demo.catena-x.net/consumer service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. @@ -354,12 +373,16 @@ tractusx-connector: public: port: 8081 path: /consumer/api/public + signaling: + port: 8083 + path: /api/signaling control: port: 8083 path: /consumer/api/dataplane/control proxy: port: 8186 path: /consumer/proxy + authKey: observability: # -- port for incoming API calls port: 8085 @@ -370,6 +393,20 @@ tractusx-connector: metrics: port: 9090 path: /consumer/metrics + + token: + refresh: + expiry_seconds: 300 + expiry_tolerance_seconds: 10 + # optional URL that can be provided where clients go to refresh tokens. + refresh_endpoint: + signer: + # alias under which the private key is stored in the vault (JWK or PEM format) + privatekey_alias: daps-key-dev + verifier: + # alias under which the public key is stored in the vault, that belongs to the private key ("privatekey_alias", JWK or PEM format) + publickey_alias: daps-crt-dev + aws: endpointOverride: "" accessKeyId: "" @@ -465,12 +502,12 @@ tractusx-connector: # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 1.5 + memory: 1024Mi + requests: + cpu: 500m + memory: 128Mi replicaCount: 1 autoscaling: # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) From df5e8733b2a7d846ca341b9732709f3c682b9dd3 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Tue, 16 Apr 2024 14:45:03 +0200 Subject: [PATCH 04/12] chore(update): updated edc helm charts to v0.7.0 --- .../data-consumer/edc-consumer/Chart.yaml | 6 ++-- .../edc-consumer/values-int.yaml | 26 +------------- .../data-consumer/edc-consumer/values.yaml | 35 +++--------------- .../data-provider/edc-provider/Chart.yaml | 4 +-- .../edc-provider/values-int.yaml | 29 +-------------- .../data-provider/edc-provider/values.yaml | 36 +++---------------- 6 files changed, 16 insertions(+), 120 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml index d1eb0050a..c9ab2a97e 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml @@ -27,15 +27,15 @@ description: | A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mock that can be used as edc consumer for the DPP applicatiton. type: application version: 0.3.3 -appVersion: "0.7.0-rc1" +appVersion: "0.7.0" home: https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector sources: - https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector urls: - - https://github.com/eclipse-tractusx/tractusx-edc/releases/download/tractusx-connector-0.7.0-rc1/tractusx-connector-0.7.0-rc1.tgz + - https://github.com/eclipse-tractusx/tractusx-edc/releases/download/tractusx-connector-0.7.0/tractusx-connector-0.7.0.tgz dependencies: - name: tractusx-connector - version: "0.7.0-rc1" + version: "0.7.0" repository: https://eclipse-tractusx.github.io/charts/dev condition: enabled - name: postgresql diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index f386f1fbf..8989bb66b 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -41,7 +41,7 @@ tractusx-connector: id: "did:web:changeme" sts: dim: - url: https://materialpass.int.demo.catena-x.net/consumer + url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token oauth: token_url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token client: @@ -83,26 +83,6 @@ tractusx-connector: port: 9090 # -- path for incoming api calls path: /consumer/metrics - # -- observability api with unsecured access, must not be internet facing - observability: - # -- port for incoming API calls - port: 8099 - # -- observability api, provides /health /readiness and /liveness endpoints - path: /consumer/observability - # -- allow or disallow insecure access, i.e. access without authentication - insecure: true - - ssi: - miw: - url: "" - authorityId: "" - oauth: - tokenurl: "https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token" - client: - id: "" - secretAlias: "int-client-secret" - endpoint: - audience: https://materialpass.int.demo.catena-x.net/consumer ## Ingress declaration to expose the network service. ingresses: @@ -150,10 +130,6 @@ tractusx-connector: observability: # -- port for incoming API calls port: 8085 - # -- observability api, provides /health /readiness and /liveness endpoints - path: /consumer/observability - # -- allow or disallow insecure access, i.e. access without authentication - insecure: true metrics: port: 9090 path: /consumer/metrics diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index 420a76eb1..a73f95331 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -51,7 +51,7 @@ tractusx-connector: id: "did:web:changeme" sts: dim: - url: https://materialpass.dev.demo.catena-x.net/consumer + url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token oauth: token_url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token client: @@ -130,14 +130,7 @@ tractusx-connector: port: 9090 # -- path for incoming api calls path: /consumer/metrics - # -- observability api with unsecured access, must not be internet facing - observability: - # -- port for incoming API calls - port: 8085 - # -- observability api, provides /health /readiness and /liveness endpoints - path: /consumer/observability - # -- allow or disallow insecure access, i.e. access without authentication - insecure: true + businessPartnerValidation: log: agreementValidation: true @@ -146,20 +139,7 @@ tractusx-connector: cache_validity_seconds: 600 server: # URL of the BPN/DID Resolution Service - required: - url: https://semantics.int.demo.catena-x.net/bpndiscovery/api/v1.0/administration/connectors/bpnDiscovery/search - - # SSI configuration - # ssi: - # miw: - # url: "" - # authorityId: "" - # oauth: - # tokenurl: "https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token" - # client: - # id: "" - # secretAlias: "dev-client-secret" - # endpoint: - # audience: https://materialpass.dev.demo.catena-x.net/consumer + url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. @@ -323,7 +303,7 @@ tractusx-connector: affinity: {} url: # -- Explicitly declared url for reaching the ids api (e.g. if ingresses not used) - ids: "" + protocol: "" dataplane: enabled: true image: @@ -383,13 +363,6 @@ tractusx-connector: port: 8186 path: /consumer/proxy authKey: - observability: - # -- port for incoming API calls - port: 8085 - # -- observability api, provides /health /readiness and /liveness endpoints - path: /consumer/observability - # -- allow or disallow insecure access, i.e. access without authentication - insecure: true metrics: port: 9090 path: /consumer/metrics diff --git a/deployment/infrastructure/data-provider/edc-provider/Chart.yaml b/deployment/infrastructure/data-provider/edc-provider/Chart.yaml index d042a55c9..df237e7d0 100644 --- a/deployment/infrastructure/data-provider/edc-provider/Chart.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/Chart.yaml @@ -28,13 +28,13 @@ description: | A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mock that can be used as edc provider for the DPP applicatiton. type: application version: 0.3.3 -appVersion: "0.7.0-rc1" +appVersion: "0.7.0" home: https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector sources: - https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector dependencies: - name: tractusx-connector - version: "0.7.0-rc1" + version: "0.7.0" repository: https://eclipse-tractusx.github.io/charts/dev condition: enabled - name: postgresql diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 57598b4b9..28011fa9d 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -36,7 +36,7 @@ tractusx-connector: id: "did:web:changeme" sts: dim: - url: https://materialpass.int.demo.catena-x.net/consumer + url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token oauth: token_url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token client: @@ -78,26 +78,6 @@ tractusx-connector: port: 9090 # -- path for incoming api calls path: /BPNL000000000000/metrics - # -- observability api with unsecured access, must not be internet facing - observability: - # -- port for incoming API calls - port: 8085 - # -- observability api, provides /health /readiness and /liveness endpoints - path: /BPNL000000000000/observability - # -- allow or disallow insecure access, i.e. access without authentication - insecure: true - - ssi: - miw: - url: "" - authorityId: "" - oauth: - tokenurl: "https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token" - client: - id: "" - secretAlias: "int-client-secret" - endpoint: - audience: https://materialpass.int.demo.catena-x.net/BPNL000000000000 ## Ingress declaration to expose the network service. ingresses: @@ -142,13 +122,6 @@ tractusx-connector: port: 8186 path: /BPNL000000000000/proxy authKey: - observability: - # -- port for incoming API calls - port: 8085 - # -- observability api, provides /health /readiness and /liveness endpoints - path: /BPNL000000000000/observability - # -- allow or disallow insecure access, i.e. access without authentication - insecure: true metrics: port: 9090 path: /BPNL000000000000/metrics diff --git a/deployment/infrastructure/data-provider/edc-provider/values.yaml b/deployment/infrastructure/data-provider/edc-provider/values.yaml index ad8d174fa..27df89079 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values.yaml @@ -47,7 +47,7 @@ tractusx-connector: id: "did:web:changeme" sts: dim: - url: https://materialpass.dev.demo.catena-x.net/consumer + url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token oauth: token_url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token client: @@ -126,14 +126,7 @@ tractusx-connector: port: 9090 # -- path for incoming api calls path: /BPNL000000000000/metrics - # -- observability api with unsecured access, must not be internet facing - observability: - # -- port for incoming API calls - port: 8085 - # -- observability api, provides /health /readiness and /liveness endpoints - path: /BPNL000000000000/observability - # -- allow or disallow insecure access, i.e. access without authentication - insecure: true + businessPartnerValidation: log: agreementValidation: true @@ -142,20 +135,8 @@ tractusx-connector: cache_validity_seconds: 600 server: # URL of the BPN/DID Resolution Service - required: - url: https://semantics.int.demo.catena-x.net/bpndiscovery/api/v1.0/administration/connectors/bpnDiscovery/search - - # ssi: - # miw: - # url: "" - # authorityId: "" - # oauth: - # tokenurl: "https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token" - # client: - # id: "" - # secretAlias: "dev-client-secret" - # endpoint: - # audience: https://materialpass.dev.demo.catena-x.net/consumer - + url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. type: ClusterIP @@ -318,7 +299,7 @@ tractusx-connector: affinity: {} url: # -- Explicitly declared url for reaching the ids api (e.g. if ingresses not used) - ids: "" + protocol: "" dataplane: enabled: true image: @@ -378,13 +359,6 @@ tractusx-connector: port: 8186 path: /BPNL000000000000/proxy authKey: - observability: - # -- port for incoming API calls - port: 8085 - # -- observability api, provides /health /readiness and /liveness endpoints - path: /BPNL000000000000/observability - # -- allow or disallow insecure access, i.e. access without authentication - insecure: true metrics: port: 9090 path: /BPNL000000000000/metrics From 55a9f19627b637a980a1953c0b0a60ec12978eee Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Mon, 29 Apr 2024 11:33:57 +0200 Subject: [PATCH 05/12] chore(configuration): updated dim and bdrs configurations to edc helm chart --- .../data-consumer/edc-consumer/values-int.yaml | 8 +++++--- .../data-consumer/edc-consumer/values.yaml | 10 ++++++---- .../data-provider/edc-provider/values-int.yaml | 8 +++++--- .../data-provider/edc-provider/values.yaml | 10 ++++++---- 4 files changed, 22 insertions(+), 14 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 8989bb66b..f7b75b4bf 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -38,12 +38,14 @@ tractusx-connector: iatp: # Decentralized IDentifier - id: "did:web:changeme" + id: "did:web:portal-backend.int.demo.catena-x.net:api:administration:staticdata:did:BPNL0073928UJ879" + trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) + - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" sts: dim: - url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" oauth: - token_url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + token_url: "https://bpnl0073928uj879-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" secret_alias: "int-client-secret" diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index a73f95331..257ba69e8 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -48,12 +48,14 @@ tractusx-connector: iatp: # Decentralized IDentifier - id: "did:web:changeme" + id: "did:web:portal-backend.int.demo.catena-x.net:api:administration:staticdata:did:BPNL0073928UJ879" + trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) + - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" sts: dim: - url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" oauth: - token_url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + token_url: "https://bpnl0073928uj879-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" secret_alias: "dev-client-secret" @@ -139,7 +141,7 @@ tractusx-connector: cache_validity_seconds: 600 server: # URL of the BPN/DID Resolution Service - required: - url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/management/bpn-directory" service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 28011fa9d..5ffaed8c6 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -33,12 +33,14 @@ tractusx-connector: iatp: # Decentralized IDentifier - id: "did:web:changeme" + id: "did:web:portal-backend.int.demo.catena-x.net:api:administration:staticdata:did:BPNL0073928UJ879" + trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) + - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" sts: dim: - url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" oauth: - token_url: https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + token_url: "https://bpnl0073928uj879-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" secret_alias: "int-client-secret" diff --git a/deployment/infrastructure/data-provider/edc-provider/values.yaml b/deployment/infrastructure/data-provider/edc-provider/values.yaml index 27df89079..d4f4581ed 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values.yaml @@ -44,12 +44,14 @@ tractusx-connector: iatp: # Decentralized IDentifier - id: "did:web:changeme" + id: "did:web:portal-backend.int.demo.catena-x.net:api:administration:staticdata:did:BPNL0073928UJ879" + trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) + - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" sts: dim: - url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" oauth: - token_url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + token_url: "https://bpnl0073928uj879-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" secret_alias: "dev-client-secret" @@ -135,7 +137,7 @@ tractusx-connector: cache_validity_seconds: 600 server: # URL of the BPN/DID Resolution Service - required: - url: https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token + url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/management/bpn-directory" service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. From db9c47a8119b35d5e4f488975951321cb90ea56f Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Mon, 29 Apr 2024 14:06:36 +0200 Subject: [PATCH 06/12] chore(configuration): fixed bdrs url --- .../infrastructure/data-consumer/edc-consumer/values.yaml | 2 +- .../infrastructure/data-provider/edc-provider/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index 257ba69e8..471f6ccac 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -141,7 +141,7 @@ tractusx-connector: cache_validity_seconds: 600 server: # URL of the BPN/DID Resolution Service - required: - url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/management/bpn-directory" + url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/directory" service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. diff --git a/deployment/infrastructure/data-provider/edc-provider/values.yaml b/deployment/infrastructure/data-provider/edc-provider/values.yaml index d4f4581ed..acdfc4c74 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values.yaml @@ -137,7 +137,7 @@ tractusx-connector: cache_validity_seconds: 600 server: # URL of the BPN/DID Resolution Service - required: - url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/management/bpn-directory" + url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/directory" service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. From 570ffe2a357519bb7430da17e32ea5261bcfad1b Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Mon, 29 Apr 2024 15:59:20 +0200 Subject: [PATCH 07/12] chore(configuration): fixed did configuration --- .../data-consumer/edc-consumer/values.yaml | 16 +++++++++++----- .../data-provider/edc-provider/values.yaml | 17 +++++++++++------ 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index 471f6ccac..a11009059 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -142,7 +142,7 @@ tractusx-connector: server: # URL of the BPN/DID Resolution Service - required: url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/directory" - + service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. type: ClusterIP @@ -179,8 +179,11 @@ tractusx-connector: # -- The container's process will run with the specified uid runAsUser: 10001 # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value + env: + # ENV_NAME: value + # workaround till 0.7.1 chart + EDC_IAM_TRUSTED-ISSUER_ISSUER1_ID: did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp + # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core @@ -418,8 +421,11 @@ tractusx-connector: # -- The container's process will run with the specified uid runAsUser: 10001 # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value + env: + # ENV_NAME: value + # workaround till 0.7.1 chart + EDC_IAM_TRUSTED-ISSUER_ISSUER1_ID: did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp + # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core diff --git a/deployment/infrastructure/data-provider/edc-provider/values.yaml b/deployment/infrastructure/data-provider/edc-provider/values.yaml index acdfc4c74..37ea57003 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values.yaml @@ -137,8 +137,8 @@ tractusx-connector: cache_validity_seconds: 600 server: # URL of the BPN/DID Resolution Service - required: - url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/directory" - + url: "https://bpn-did-resolution-service.int.demo.catena-x.net/api/directory" + service: # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. type: ClusterIP @@ -175,8 +175,10 @@ tractusx-connector: # -- The container's process will run with the specified uid runAsUser: 10001 # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value + env: + # ENV_NAME: value + # workaround till 0.7.1 chart + EDC_IAM_TRUSTED-ISSUER_ISSUER1_ID: did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core @@ -414,8 +416,11 @@ tractusx-connector: # -- The container's process will run with the specified uid runAsUser: 10001 # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value + env: + # ENV_NAME: value + # workaround till 0.7.1 chart + EDC_IAM_TRUSTED-ISSUER_ISSUER1_ID: did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp + # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core From 47f99a281b8afc9f1f467332d8762119aa96170c Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Thu, 16 May 2024 11:10:50 +0200 Subject: [PATCH 08/12] chore: upgrade irs version --- .../infrastructure/data-consumer/edc-consumer/Chart.yaml | 6 +++--- .../data-consumer/edc-consumer/values-int.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml index 7af02b301..6fb2ab01d 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml @@ -44,7 +44,7 @@ dependencies: version: 12.1.6 repository: https://charts.bitnami.com/bitnami condition: postgresql.enabled - - name: irs-helm + - name: item-relationship-service repository: https://eclipse-tractusx.github.io/item-relationship-service - version: 6.14.0 - condition: irs-helm.enabled + version: 7.1.2 + condition: item-relationship-service.enabled diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index ca327cb5b..5c746b1dc 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -204,7 +204,7 @@ irs-helm: enabled: true bpn: - irsUrl: "https://materialpass-irs.int.demo.catena-x.net" + irsUrl: "https://dpp-irs.int.demo.catena-x.net" apiKeyAdmin: apiKeyRegular: @@ -216,13 +216,13 @@ irs-helm: nginx.ingress.kubernetes.io/force-ssl-redirect: 'true' nginx.ingress.kubernetes.io/ssl-passthrough: 'false' hosts: - - host: "materialpass-irs.int.demo.catena-x.net" + - host: "dpp-irs.int.demo.catena-x.net" paths: - path: / pathType: Prefix tls: - hosts: - - "materialpass-irs.int.demo.catena-x.net" + - "dpp-irs.int.demo.catena-x.net" secretName: tls-secret digitalTwinRegistry: From c8e12cfd63db79ea00e52dba251523ffef85068f Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Wed, 22 May 2024 10:28:01 +0200 Subject: [PATCH 09/12] chore(irs): update irs helm version --- .../infrastructure/data-consumer/edc-consumer/Chart.yaml | 2 +- .../data-consumer/edc-consumer/values-int.yaml | 8 ++++---- .../infrastructure/data-consumer/edc-consumer/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml index 6fb2ab01d..17bd0bdf2 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml @@ -46,5 +46,5 @@ dependencies: condition: postgresql.enabled - name: item-relationship-service repository: https://eclipse-tractusx.github.io/item-relationship-service - version: 7.1.2 + version: 7.1.3 condition: item-relationship-service.enabled diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 5c746b1dc..87d9311e8 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -92,7 +92,7 @@ tractusx-connector: ## Public / Internet facing Ingress - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service - hostname: "materialpass.int.demo.catena-x.net" + hostname: "dpp.int.demo.catena-x.net" # -- Additional ingress annotations to add annotations: {} # -- EDC endpoints exposed by this ingress resource @@ -200,7 +200,7 @@ postgresql: username: password: -irs-helm: +item-relationship-service: enabled: true bpn: @@ -227,7 +227,7 @@ irs-helm: digitalTwinRegistry: type: decentral - url: https://materialpass.int.demo.catena-x.net/semantics/registry/api/v3.0 + url: https://dpp.int.demo.catena-x.net/semantics/registry/api/v3.0 discovery: oAuthClientId: discovery # ID of the OAuth2 client registration to use, see config spring.security.oauth2.client @@ -271,7 +271,7 @@ irs-helm: rightOperand: "active" controlplane: endpoint: - data: https://materialpass.int.demo.catena-x.net/consumer/management + data: https://dpp.int.demo.catena-x.net/consumer/management apikey: header: "X-Api-Key" secret: diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index 956c8fdef..2b64835a4 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -608,7 +608,7 @@ postgresql: username: password: -irs-helm: +item-relationship-service: enabled: true bpn: From 55bf6f333e4b2d101e3854782d2cb32016681f54 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Fri, 24 May 2024 12:41:21 +0200 Subject: [PATCH 10/12] chore(irs): updated default policies in irs configuration --- .../data-consumer/edc-consumer/values-int.yaml | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 87d9311e8..9850fdeea 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -227,7 +227,7 @@ item-relationship-service: digitalTwinRegistry: type: decentral - url: https://dpp.int.demo.catena-x.net/semantics/registry/api/v3.0 + url: https://dpp-registry.int.demo.catena-x.net/semantics/registry/api/v3.0 discovery: oAuthClientId: discovery # ID of the OAuth2 client registration to use, see config spring.security.oauth2.client @@ -263,12 +263,18 @@ item-relationship-service: edc: catalog: acceptedPolicies: - - leftOperand: "FrameworkAgreement.sustainability" - operator: "eq" - rightOperand: "active" - - leftOperand: "Membership" + - leftOperand: "cx-policy:FrameworkAgreement" + operator: "eq" + rightOperand: "CircularEconomy:1.0" + - leftOperand: "cx-policy:Membership" operator: "eq" rightOperand: "active" + - leftOperand: "cx-policy:UsagePurpose" + operator: "eq" + rightOperand: "cx.circular.dpp:1" + - leftOperand: "cx-policy:UsagePurpose" + operator: "eq" + rightOperand: "cx.core.digitalTwinRegistry:1" controlplane: endpoint: data: https://dpp.int.demo.catena-x.net/consumer/management From 351d67513569420ba497ba87a7f2ee4bbe5ffdd4 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Tue, 4 Jun 2024 16:21:28 +0200 Subject: [PATCH 11/12] chore(vault): enable vault configuration to edc --- .../data-consumer/edc-consumer/values-int.yaml | 4 ++-- .../infrastructure/data-consumer/edc-consumer/values.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 9850fdeea..eacb5c9e5 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -182,10 +182,10 @@ tractusx-connector: vault: hashicorp: - url: + url: "http://{{ .Release.Name }}-vault:8200" token: paths: - secret: + secret: /v1/secret health: /v1/sys/health secretNames: transferProxyTokenSignerPrivateKey: ids-daps_key diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index 2b64835a4..8bb5176f3 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -36,7 +36,7 @@ tractusx-connector: install: daps: false postgresql: false - vault: false + vault: true fullnameOverride: "dpp-edc-consumer" nameOverride: "" # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) @@ -546,14 +546,14 @@ tractusx-connector: # Must be the same certificate that is configured in section 'daps' postStart: # must be set externally! hashicorp: - url: - token: + url: "http://{{ .Release.Name }}-vault:8200" + token: root timeout: 30 healthCheck: enabled: true standbyOk: true paths: - secret: + secret: /v1/secret health: /v1/sys/health secretNames: transferProxyTokenSignerPrivateKey: daps-key-dev From a931ddc35cca5fbb931986b88fc4d056951b3f99 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Wed, 5 Jun 2024 10:40:02 +0200 Subject: [PATCH 12/12] chore(vault): revert changes to the original vault configuration --- .../data-consumer/edc-consumer/values-int.yaml | 4 ++-- .../infrastructure/data-consumer/edc-consumer/values.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index eacb5c9e5..9850fdeea 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -182,10 +182,10 @@ tractusx-connector: vault: hashicorp: - url: "http://{{ .Release.Name }}-vault:8200" + url: token: paths: - secret: /v1/secret + secret: health: /v1/sys/health secretNames: transferProxyTokenSignerPrivateKey: ids-daps_key diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index 8bb5176f3..2b64835a4 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -36,7 +36,7 @@ tractusx-connector: install: daps: false postgresql: false - vault: true + vault: false fullnameOverride: "dpp-edc-consumer" nameOverride: "" # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) @@ -546,14 +546,14 @@ tractusx-connector: # Must be the same certificate that is configured in section 'daps' postStart: # must be set externally! hashicorp: - url: "http://{{ .Release.Name }}-vault:8200" - token: root + url: + token: timeout: 30 healthCheck: enabled: true standbyOk: true paths: - secret: /v1/secret + secret: health: /v1/sys/health secretNames: transferProxyTokenSignerPrivateKey: daps-key-dev