diff --git a/openshift/templates/issuer-agent/Dockerfile b/openshift/templates/issuer-agent/Dockerfile index 8551bbec..84828942 100644 --- a/openshift/templates/issuer-agent/Dockerfile +++ b/openshift/templates/issuer-agent/Dockerfile @@ -1,3 +1,4 @@ -FROM docker.io/bcgovimages/aries-cloudagent:py36-1.16-1_0.7.4 +FROM ghcr.io/hyperledger/aries-cloudagent-python:py3.9-0.12.2 -RUN echo "Just pulling the image from Docker Hub" +# Install DRP plugin in agent image +RUN pip install git+https://github.com/hyperledger/aries-acapy-plugins@0.12.2#subdirectory=rpc diff --git a/openshift/templates/issuer-agent/issuer-agent-build.param b/openshift/templates/issuer-agent/issuer-agent-build.param index 07b177f3..032c737e 100644 --- a/openshift/templates/issuer-agent/issuer-agent-build.param +++ b/openshift/templates/issuer-agent/issuer-agent-build.param @@ -10,11 +10,8 @@ GIT_REPO_URL=https://github.com/bcgov/trust-over-ip-configurations.git GIT_REF=main SOURCE_CONTEXT_DIR=. SOURCE_IMAGE_KIND=DockerImage -SOURCE_IMAGE_REGISTRY=artifacts.developer.gov.bc.ca/docker-remote/ -SOURCE_IMAGE_NAME=bcgovimages/aries-cloudagent -SOURCE_IMAGE_TAG=py36-1.16-1_0.7.4 -# SOURCE_IMAGE_REGISTRY=artifacts.developer.gov.bc.ca/github-docker-remote/ -# SOURCE_IMAGE_NAME=hyperledger/aries-cloudagent-python -# SOURCE_IMAGE_TAG=py3.9-indy-1.16.0-0.8.1 +SOURCE_IMAGE_REGISTRY=artifacts.developer.gov.bc.ca/github-docker-remote/ +SOURCE_IMAGE_NAME=hyperledger/aries-cloudagent-python +SOURCE_IMAGE_TAG=py3.9-0.12.2 DOCKER_FILE_PATH=openshift/templates/issuer-agent/Dockerfile OUTPUT_IMAGE_TAG=latest \ No newline at end of file diff --git a/openshift/templates/issuer-agent/issuer-agent-build.yaml b/openshift/templates/issuer-agent/issuer-agent-build.yaml index 6ed33dc7..2b835c13 100644 --- a/openshift/templates/issuer-agent/issuer-agent-build.yaml +++ b/openshift/templates/issuer-agent/issuer-agent-build.yaml @@ -35,9 +35,9 @@ objects: strategy: type: Docker dockerStrategy: - # from: - # kind: ${SOURCE_IMAGE_KIND} - # name: ${SOURCE_IMAGE_REGISTRY}${SOURCE_IMAGE_NAME}:${SOURCE_IMAGE_TAG} + from: + kind: ${SOURCE_IMAGE_KIND} + name: ${SOURCE_IMAGE_REGISTRY}${SOURCE_IMAGE_NAME}:${SOURCE_IMAGE_TAG} dockerfilePath: ${DOCKER_FILE_PATH} output: to: @@ -77,26 +77,26 @@ parameters: description: The source context directory. required: true value: . - # - name: SOURCE_IMAGE_KIND - # displayName: Source Image Kind - # description: The 'kind' (type) of the source image; typically ImageStreamTag, or DockerImage. - # required: true - # value: DockerImage - # - name: SOURCE_IMAGE_REGISTRY - # displayName: Source Image Registry - # description: The name of the Source Image Registry. - # required: false - # value: artifacts.developer.gov.bc.ca/github-docker-remote/ - # - name: SOURCE_IMAGE_NAME - # displayName: Source Image Name - # description: The name of the source image. - # required: true - # value: hyperledger/aries-cloudagent-python - # - name: SOURCE_IMAGE_TAG - # displayName: Source Image Tag - # description: The tag of the source image. - # required: true - # value: py3.9-indy-1.16.0-0.8.1 + - name: SOURCE_IMAGE_KIND + displayName: Source Image Kind + description: The 'kind' (type) of the source image; typically ImageStreamTag, or DockerImage. + required: true + value: DockerImage + - name: SOURCE_IMAGE_REGISTRY + displayName: Source Image Registry + description: The name of the Source Image Registry. + required: false + value: artifacts.developer.gov.bc.ca/github-docker-remote/ + - name: SOURCE_IMAGE_NAME + displayName: Source Image Name + description: The name of the source image. + required: true + value: hyperledger/aries-cloudagent-python + - name: SOURCE_IMAGE_TAG + displayName: Source Image Tag + description: The tag of the source image. + required: true + value: py3.9-indy-1.16.0-0.8.1 - name: DOCKER_FILE_PATH displayName: Docker File Path description: The path to the docker file defining the build. diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-preprod.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-preprod.param index 6c68d2a1..1abdd473 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-preprod.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-preprod.param @@ -48,6 +48,8 @@ ACAPY_ENDORSER_ALIAS=Endorser ACAPY_AUTO_REQUEST_ENDORSEMENT=true ACAPY_AUTO_WRITE_TRANSACTIONS=true ACAPY_CREATE_REVOCATION_TRANSACTIONS=true +ACAPY_PLUGIN= +ACAPY_PLUGIN_CONFIG= ACAPY_WALLET_TYPE=askar ACAPY_WALLET_STORAGE_TYPE=postgres_storage WALLET_HOST=wallet diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-qa.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-qa.param index 5e0106ca..5b5f40a6 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-qa.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-qa.param @@ -50,6 +50,8 @@ ACAPY_AUTO_WRITE_TRANSACTIONS=true ACAPY_CREATE_REVOCATION_TRANSACTIONS=true ACAPY_WALLET_TYPE=askar ACAPY_WALLET_STORAGE_TYPE=postgres_storage +ACAPY_PLUGIN= +ACAPY_PLUGIN_CONFIG= WALLET_HOST=wallet WALLET_HOST_PORT=5432 WALLET_STORAGE_CONFIG={\"url\":\"${POSTGRESQL_WALLET_HOST}:${POSTGRESQL_WALLET_PORT}\",\"max_connections\":5} diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-sit.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-sit.param index b5c75f6b..69d2f917 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-sit.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-sit.param @@ -48,6 +48,8 @@ ACAPY_ENDORSER_ALIAS=Endorser ACAPY_AUTO_REQUEST_ENDORSEMENT=true ACAPY_AUTO_WRITE_TRANSACTIONS=true ACAPY_CREATE_REVOCATION_TRANSACTIONS=true +ACAPY_PLUGIN= +ACAPY_PLUGIN_CONFIG= ACAPY_WALLET_TYPE=askar ACAPY_WALLET_STORAGE_TYPE=postgres_storage WALLET_HOST=wallet diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.dev.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.dev.param index ebd158b4..2039b0f7 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.dev.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.dev.param @@ -48,6 +48,8 @@ ACAPY_GENESIS_TRANSACTIONS_LIST=ledgers-candy.yaml # ACAPY_AUTO_REQUEST_ENDORSEMENT=true # ACAPY_AUTO_WRITE_TRANSACTIONS=true # ACAPY_CREATE_REVOCATION_TRANSACTIONS=true +ACAPY_PLUGIN=[rpc.v1_0] +# ACAPY_PLUGIN_CONFIG= # ACAPY_WALLET_TYPE=askar # ACAPY_WALLET_STORAGE_TYPE=postgres_storage # WALLET_HOST=wallet diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.param index 2433459c..7bf5e6b0 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.param @@ -48,6 +48,8 @@ ACAPY_ENDORSER_ALIAS=Endorser ACAPY_AUTO_REQUEST_ENDORSEMENT=true ACAPY_AUTO_WRITE_TRANSACTIONS=true ACAPY_CREATE_REVOCATION_TRANSACTIONS=true +ACAPY_PLUGIN= +ACAPY_PLUGIN_CONFIG= ACAPY_WALLET_TYPE=askar ACAPY_WALLET_STORAGE_TYPE=postgres_storage WALLET_HOST=wallet diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.prod.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.prod.param index d428f3a5..30911c6a 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.prod.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.prod.param @@ -48,6 +48,8 @@ ACAPY_GENESIS_TRANSACTIONS_LIST=ledgers-candy.yaml # ACAPY_AUTO_REQUEST_ENDORSEMENT=true # ACAPY_AUTO_WRITE_TRANSACTIONS=true # ACAPY_CREATE_REVOCATION_TRANSACTIONS=true +ACAPY_PLUGIN= +# ACAPY_PLUGIN_CONFIG= # ACAPY_WALLET_TYPE=askar # ACAPY_WALLET_STORAGE_TYPE=postgres_storage # WALLET_HOST=wallet diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.test.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.test.param index 7b2dce94..d4d6e6e4 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.test.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.test.param @@ -48,6 +48,8 @@ ACAPY_GENESIS_TRANSACTIONS_LIST=ledgers-candy.yaml # ACAPY_AUTO_REQUEST_ENDORSEMENT=true # ACAPY_AUTO_WRITE_TRANSACTIONS=true # ACAPY_CREATE_REVOCATION_TRANSACTIONS=true +ACAPY_PLUGIN= +# ACAPY_PLUGIN_CONFIG= # ACAPY_WALLET_TYPE=askar # ACAPY_WALLET_STORAGE_TYPE=postgres_storage # WALLET_HOST=wallet diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.yaml b/openshift/templates/issuer-agent/issuer-agent-deploy.yaml index d024218b..cdfc8c02 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.yaml +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.yaml @@ -336,6 +336,11 @@ objects: value: ${ACAPY_AUTO_WRITE_TRANSACTIONS} - name: ACAPY_CREATE_REVOCATION_TRANSACTIONS value: ${ACAPY_CREATE_REVOCATION_TRANSACTIONS} + + - name: ACAPY_PLUGIN + value: ${ACAPY_PLUGIN} + - name: ACAPY_PLUGIN_CONFIG + value: ${ACAPY_PLUGIN_CONFIG} - name: AGENT_WALLET_NAME value: ${NAME}${SUFFIX}-wallet @@ -718,6 +723,20 @@ parameters: value: 'false' # =============================================================================== + # =============================================================================== + # Plugin Configuration + #-------------------------------------------------------------------------------- + - name: ACAPY_PLUGIN + displayName: Plugin list + description: Plugin list + required: false + value: + - name: ACAPY_PLUGIN_CONFIG + displayName: Plugin configuration file + description: Plugin configuration file + required: false + value: + # =============================================================================== # Wallet Configuration #-------------------------------------------------------------------------------- diff --git a/openshift/templates/orgbook-issuer-controller/config/lcrb/dev/schemas.yml b/openshift/templates/orgbook-issuer-controller/config/lcrb/dev/schemas.yml new file mode 100644 index 00000000..26fa4aa9 --- /dev/null +++ b/openshift/templates/orgbook-issuer-controller/config/lcrb/dev/schemas.yml @@ -0,0 +1,107 @@ +# Documentation: https://github.com/bcgov/von-agent-template/tree/master/von-x-agent/config + +- name: cannabis-retail-store-licence.lcrb + version: '1.0.24' + description: Cannabis Retail Store Licence Issued by Liquor and Cannabis Regulation Branch + path: /cannabis-retail-store-licence + cardinality: + - licence_number + attributes: + registration_id: + description_en: Registration ID + data_type: text + required: true + licence_number: + label_en: Licence Number + description_en: Licence Number + data_type: text + required: true + issue_date: + label_en: Issue Date + description_en: Issue Date + data_type: date + required: true + effective_date: + label_en: Effective Date + description_en: Effective Date + data_type: date + required: true + expiry_date: + label_en: Expiry Date + description_en: Expiry Date + data_type: date + required: true + establishment_name: + label_en: Establishment Name + description_en: Establishment Name + data_type: text + required: true + civic_address: + label_en: Civic Address + description_en: Civic Address + data_type: text + required: false + city: + label_en: City + description_en: City + data_type: text + required: false + province: + label_en: Province + description_en: Province + data_type: text + required: false + postal_code: + label_en: Postal Code + description_en: Postal Code + data_type: text + required: false + country: + label_en: Country + description_en: Country + data_type: text + required: false + registered_urls: + label_en: Registered URLs + description_en: Registered URLs + data_type: text + required: false +- name: cannabis-marketing-licence.lcrb + version: '1.0.9' + description: Cannabis Marketing Licence Issued by Liquor and Cannabis Regulation Branch + path: /cannabis-marketing-licence + cardinality: + - licence_number + attributes: + registration_id: + description_en: Registration ID + data_type: text + required: true + licence_number: + label_en: Licence Number + description_en: Licence Number + data_type: text + required: true + issue_date: + label_en: Issue Date + description_en: Issue Date + data_type: date + required: true + effective_date: + label_en: Effective Date + description_en: Effective Date + data_type: date + required: true + expiry_date: + label_en: Expiry Date + description_en: Expiry Date + data_type: date + required: true + registered_urls: + label_en: Registered URLs + description_en: Registered URLs + data_type: text + required: false + +### eof ### + diff --git a/openshift/templates/orgbook-issuer-controller/config/lcrb/dev/services.yml b/openshift/templates/orgbook-issuer-controller/config/lcrb/dev/services.yml new file mode 100644 index 00000000..766c49fd --- /dev/null +++ b/openshift/templates/orgbook-issuer-controller/config/lcrb/dev/services.yml @@ -0,0 +1,249 @@ +# Documentation: https://github.com/bcgov/von-agent-template/tree/master/von-x-agent/config + +issuers: + lcrb: + name: Liquor and Cannabis Regulation Branch + abbreviation: LCRB + url: https://www2.gov.bc.ca/gov/content/employment-business/business/liquor-regulation-licensing + email: lclb.lclb@gov.bc.ca + logo_path: ../assets/img/lcrb-licensed.png + endpoint: $ENDPOINT_URL + + connection: + type: TheOrgBook + api_url: $TOB_API_URL + sign_target: false + + credential_types: + - schema: cannabis-retail-store-licence.lcrb + description: Cannabis Retail Store Licence + label_en: Cannabis Retail Store Licence + details: + label_en: Cannabis Retail Store Licence + issuer_url: $APPLICATION_URL/cannabis-retail-store-licence + depends_on: + - registration.registries.ca + credential: + effective_date: + input: effective_date + from: claim + + # topic identifies the id of the subject of the credential from the foundational credential + # in BC Gov deployment type is always "registration" as it is from BC Registries + topic: + label_en: Registration + source_id: + input: registration_id + from: claim + type: + input: registration.registries.ca + from: value + cardinality_fields: + - licence_number + mapping: + - model: attribute + fields: + type: + input: issue_date + from: value + format: + input: datetime + from: value + value: + input: issue_date + from: claim + - model: attribute + fields: + type: + input: licence_number + from: value + value: + input: licence_number + from: claim + - model: attribute + fields: + type: + input: expiry_date + from: value + format: + input: datetime + from: value + value: + input: expiry_date + from: claim + - model: attribute + fields: + type: + input: establishment_name + from: value + value: + input: establishment_name + from: claim + - model: attribute + fields: + type: + input: effective_date + from: value + format: + input: datetime + from: value + value: + input: effective_date + from: claim + - model: attribute + fields: + type: + input: civic_address + from: value + format: + input: text + from: value + value: + input: civic_address + from: claim + - model: attribute + fields: + type: + input: city + from: value + format: + input: text + from: value + value: + input: city + from: claim + - model: attribute + fields: + type: + input: province + from: value + format: + input: text + from: value + value: + input: province + from: claim + - model: attribute + fields: + type: + input: postal_code + from: value + format: + input: text + from: value + value: + input: postal_code + from: claim + - model: attribute + fields: + type: + input: country + from: value + format: + input: text + from: value + value: + input: country + from: claim + - model: attribute + fields: + type: + input: registered_urls + from: value + format: + input: text + from: value + value: + input: registered_urls + from: claim + - schema: cannabis-marketing-licence.lcrb + description: Cannabis Marketing Licence + label_en: Cannabis Marketing Licence + issuer_url: $APPLICATION_URL/cannabis-marketing-licence + details: + label_en: Cannabis Marketing Licence + depends_on: + - registration.registries.ca + credential: + effective_date: + input: effective_date + from: claim + topic: + label_en: Registration + source_id: + input: registration_id + from: claim + type: + input: registration.registries.ca + from: value + cardinality_fields: + - licence_number + mapping: + # "attribute" defines a generic field in the TOB model + # "value" identifies where to derive the data value (typically it comes from the claim) + # "type" - if "value" - is the name of the attribute + # "format" is an optional data format (default text) + - model: attribute + fields: + type: + input: issue_date + from: value + format: + input: datetime + from: value + value: + input: issue_date + from: claim + - model: attribute + fields: + type: + input: licence_number + from: value + value: + input: licence_number + from: claim + - model: attribute + fields: + type: + input: expiry_date + from: value + format: + input: datetime + from: value + value: + input: expiry_date + from: claim + - model: attribute + fields: + type: + input: effective_date + from: value + format: + input: datetime + from: value + value: + input: effective_date + from: claim + - model: attribute + fields: + type: + input: registered_urls + from: value + format: + input: text + from: value + value: + input: registered_urls + from: claim + +verifiers: + bctob: + name: BC OrgBook + alias: orgbook-bc + connection: + type: TheOrgBook + api_url: $TOB_API_URL + agent_admin_url: $TOB_AGENT_ADMIN_URL + + +### eof ### diff --git a/openshift/templates/orgbook-issuer-controller/config/lcrb/schemas.yml b/openshift/templates/orgbook-issuer-controller/config/lcrb/prod/schemas.yml similarity index 100% rename from openshift/templates/orgbook-issuer-controller/config/lcrb/schemas.yml rename to openshift/templates/orgbook-issuer-controller/config/lcrb/prod/schemas.yml diff --git a/openshift/templates/orgbook-issuer-controller/config/lcrb/services.yml b/openshift/templates/orgbook-issuer-controller/config/lcrb/prod/services.yml similarity index 100% rename from openshift/templates/orgbook-issuer-controller/config/lcrb/services.yml rename to openshift/templates/orgbook-issuer-controller/config/lcrb/prod/services.yml diff --git a/openshift/templates/orgbook-issuer-controller/config/lcrb/test/schemas.yml b/openshift/templates/orgbook-issuer-controller/config/lcrb/test/schemas.yml new file mode 100644 index 00000000..54d7e00f --- /dev/null +++ b/openshift/templates/orgbook-issuer-controller/config/lcrb/test/schemas.yml @@ -0,0 +1,97 @@ +# Documentation: https://github.com/bcgov/von-agent-template/tree/master/von-x-agent/config + +- name: cannabis-retail-store-licence.lcrb + version: '1.0.23' + description: Cannabis Retail Store Licence Issued by Liquor and Cannabis Regulation Branch + path: /cannabis-retail-store-licence + cardinality: + - licence_number + attributes: + registration_id: + description_en: Registration ID + data_type: text + required: true + licence_number: + label_en: Licence Number + description_en: Licence Number + data_type: text + required: true + issue_date: + label_en: Issue Date + description_en: Issue Date + data_type: date + required: true + effective_date: + label_en: Effective Date + description_en: Effective Date + data_type: date + required: true + expiry_date: + label_en: Expiry Date + description_en: Expiry Date + data_type: date + required: true + establishment_name: + label_en: Establishment Name + description_en: Establishment Name + data_type: text + required: true + civic_address: + label_en: Civic Address + description_en: Civic Address + data_type: text + required: false + city: + label_en: City + description_en: City + data_type: text + required: false + province: + label_en: Province + description_en: Province + data_type: text + required: false + postal_code: + label_en: Postal Code + description_en: Postal Code + data_type: text + required: false + country: + label_en: Country + description_en: Country + data_type: text + required: false +- name: cannabis-marketing-licence.lcrb + version: '1.0.8' + description: Cannabis Marketing Licence Issued by Liquor and Cannabis Regulation Branch + path: /cannabis-marketing-licence + cardinality: + - licence_number + attributes: + registration_id: + description_en: Registration ID + data_type: text + required: true + licence_number: + label_en: Licence Number + description_en: Licence Number + data_type: text + required: true + issue_date: + label_en: Issue Date + description_en: Issue Date + data_type: date + required: true + effective_date: + label_en: Effective Date + description_en: Effective Date + data_type: date + required: true + expiry_date: + label_en: Expiry Date + description_en: Expiry Date + data_type: date + required: true + +### eof ### + diff --git a/openshift/templates/orgbook-issuer-controller/config/lcrb/test/services.yml b/openshift/templates/orgbook-issuer-controller/config/lcrb/test/services.yml new file mode 100644 index 00000000..790ec0bf --- /dev/null +++ b/openshift/templates/orgbook-issuer-controller/config/lcrb/test/services.yml @@ -0,0 +1,227 @@ +# Documentation: https://github.com/bcgov/von-agent-template/tree/master/von-x-agent/config + +issuers: + lcrb: + name: Liquor and Cannabis Regulation Branch + abbreviation: LCRB + url: https://www2.gov.bc.ca/gov/content/employment-business/business/liquor-regulation-licensing + email: lclb.lclb@gov.bc.ca + logo_path: ../assets/img/lcrb-licensed.png + endpoint: $ENDPOINT_URL + + connection: + type: TheOrgBook + api_url: $TOB_API_URL + sign_target: false + + credential_types: + - schema: cannabis-retail-store-licence.lcrb + description: Cannabis Retail Store Licence + label_en: Cannabis Retail Store Licence + details: + label_en: Cannabis Retail Store Licence + issuer_url: $APPLICATION_URL/cannabis-retail-store-licence + depends_on: + - registration.registries.ca + credential: + effective_date: + input: effective_date + from: claim + + # topic identifies the id of the subject of the credential from the foundational credential + # in BC Gov deployment type is always "registration" as it is from BC Registries + topic: + label_en: Registration + source_id: + input: registration_id + from: claim + type: + input: registration.registries.ca + from: value + cardinality_fields: + - licence_number + mapping: + - model: attribute + fields: + type: + input: issue_date + from: value + format: + input: datetime + from: value + value: + input: issue_date + from: claim + - model: attribute + fields: + type: + input: licence_number + from: value + value: + input: licence_number + from: claim + - model: attribute + fields: + type: + input: expiry_date + from: value + format: + input: datetime + from: value + value: + input: expiry_date + from: claim + - model: attribute + fields: + type: + input: establishment_name + from: value + value: + input: establishment_name + from: claim + - model: attribute + fields: + type: + input: effective_date + from: value + format: + input: datetime + from: value + value: + input: effective_date + from: claim + - model: attribute + fields: + type: + input: civic_address + from: value + format: + input: text + from: value + value: + input: civic_address + from: claim + - model: attribute + fields: + type: + input: city + from: value + format: + input: text + from: value + value: + input: city + from: claim + - model: attribute + fields: + type: + input: province + from: value + format: + input: text + from: value + value: + input: province + from: claim + - model: attribute + fields: + type: + input: postal_code + from: value + format: + input: text + from: value + value: + input: postal_code + from: claim + - model: attribute + fields: + type: + input: country + from: value + format: + input: text + from: value + value: + input: country + from: claim + - schema: cannabis-marketing-licence.lcrb + description: Cannabis Marketing Licence + label_en: Cannabis Marketing Licence + issuer_url: $APPLICATION_URL/cannabis-marketing-licence + details: + label_en: Cannabis Marketing Licence + depends_on: + - registration.registries.ca + credential: + effective_date: + input: effective_date + from: claim + topic: + label_en: Registration + source_id: + input: registration_id + from: claim + type: + input: registration.registries.ca + from: value + cardinality_fields: + - licence_number + mapping: + # "attribute" defines a generic field in the TOB model + # "value" identifies where to derive the data value (typically it comes from the claim) + # "type" - if "value" - is the name of the attribute + # "format" is an optional data format (default text) + - model: attribute + fields: + type: + input: issue_date + from: value + format: + input: datetime + from: value + value: + input: issue_date + from: claim + - model: attribute + fields: + type: + input: licence_number + from: value + value: + input: licence_number + from: claim + - model: attribute + fields: + type: + input: expiry_date + from: value + format: + input: datetime + from: value + value: + input: expiry_date + from: claim + - model: attribute + fields: + type: + input: effective_date + from: value + format: + input: datetime + from: value + value: + input: effective_date + from: claim + +verifiers: + bctob: + name: BC OrgBook + alias: orgbook-bc + connection: + type: TheOrgBook + api_url: $TOB_API_URL + agent_admin_url: $TOB_AGENT_ADMIN_URL + + +### eof ### diff --git a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.param b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.param index d68c1c91..e340d0cc 100644 --- a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.param +++ b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.param @@ -33,6 +33,7 @@ SERVICES_FILE_NAME=services.yml SETTINGS_FILE_NAME=settings.yml CONTROLLER_API_KEY= OIDC_JWKS_URI= +ISSUE_CREDENTIAL_PROTOCOL=V10 MIN_REPLICAS=1 MAX_REPLICAS=1 CPU_REQUEST=10m diff --git a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.prod.param b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.prod.param index 26615c17..354aec84 100644 --- a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.prod.param +++ b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.prod.param @@ -32,7 +32,8 @@ TAG_NAME=prod # SERVICES_FILE_NAME=services.yml # SETTINGS_FILE_NAME=settings.yml # CONTROLLER_API_KEY= -OIDC_JWKS_URI=T.B.D. +# OIDC_JWKS_URI= +# ISSUE_CREDENTIAL_PROTOCOL=V10 # MIN_REPLICAS=1 # MAX_REPLICAS=1 # CPU_REQUEST=10m diff --git a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.test.param b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.test.param index 14280646..8d68760d 100644 --- a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.test.param +++ b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.lcrb.test.param @@ -32,7 +32,8 @@ TAG_NAME=test # SERVICES_FILE_NAME=services.yml # SETTINGS_FILE_NAME=settings.yml # CONTROLLER_API_KEY= -OIDC_JWKS_URI= +# OIDC_JWKS_URI= +# SSUE_CREDENTIAL_PROTOCOL=V10 # MIN_REPLICAS=1 # MAX_REPLICAS=1 # CPU_REQUEST=10m diff --git a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.overrides.sh b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.overrides.sh index 5a24c153..f2b2b09e 100644 --- a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.overrides.sh +++ b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.overrides.sh @@ -16,9 +16,11 @@ OUTPUT_FORMAT=json # Combine the profile's default config files with its environment specific config files before generating the config map ... profileRoot=$( dirname "$0" )/config/${PROFILE} +profileEnv=${profileRoot}/${DEPLOYMENT_ENV_NAME} profileTmp=$( dirname "$0" )/config/${PROFILE}/tmp mkdir -p ${profileTmp} cp -f ${profileRoot}/* ${profileTmp} 2>/dev/null +cp -f ${profileEnv}/* ${profileTmp} 2>/dev/null # Generate the config map ... CONFIG_SOURCE_PATH=${profileTmp} diff --git a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.yaml b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.yaml index eeb903ba..bff55824 100644 --- a/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.yaml +++ b/openshift/templates/orgbook-issuer-controller/orgbook-issuer-controller-deploy.yaml @@ -246,6 +246,8 @@ objects: value: ${MAX_CRED_RESPONSE_TIMEOUT} - name: OIDC_JWKS_URI value: ${OIDC_JWKS_URI} + - name: ISSUE_CRED_VERSION + value: ${ISSUE_CREDENTIAL_PROTOCOL} volumeMounts: - name: ${NAME}${SUFFIX}-routes-volume mountPath: ${CONFIG_MOUNT_PATH}${ROUTES_FILE_NAME} @@ -451,6 +453,11 @@ parameters: description: The URI pointing to a JWKS to be used for token validation. It is used to protect the /issue-credential endpoint. required: false value: "" + - name: ISSUE_CREDENTIAL_PROTOCOL + displayName: ISSUE CREDENTIAL PROTOCOL + description: The protocol version to use when issuing credentials. Supported values are V10 and V20. + required: true + value: "V10" - name: MIN_REPLICAS displayName: Minimum Replicas description: The minimum number of pods to have running. diff --git a/proof-configurations/csb-transcriber/dev/csb-transcriber.json b/proof-configurations/csb-transcriber/dev/csb-transcriber.json new file mode 100644 index 00000000..357a38e8 --- /dev/null +++ b/proof-configurations/csb-transcriber/dev/csb-transcriber.json @@ -0,0 +1,103 @@ +{ + "subject_identifier": "user_id", + "proof_request": { + "name": "CSB Transcriber (Dev)", + "version": "1.0", + "requested_attributes": [ + { + "names": [ + "user_id", + "company_name" + ], + "restrictions": [ + { + "cred_def_id": "RSDAVyaiUjFPCj245PoY3P:3:CL:34742:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "9defyjkM6MX5zh2D5Mwo1U" + }, + { + "cred_def_id": "QX5kJqzx6c98Qvi7DDNAb6:3:CL:213:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "BQu1v6o9Z9ttkdwbVqpyZB" + }, + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ] + } + ], + "requested_predicates": [ + { + "name": "contract_start_dateint", + "restrictions": [ + { + "cred_def_id": "RSDAVyaiUjFPCj245PoY3P:3:CL:34742:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "9defyjkM6MX5zh2D5Mwo1U" + }, + { + "cred_def_id": "QX5kJqzx6c98Qvi7DDNAb6:3:CL:213:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "BQu1v6o9Z9ttkdwbVqpyZB" + }, + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": "<=" + }, + { + "name": "contract_end_dateint", + "restrictions": [ + { + "cred_def_id": "RSDAVyaiUjFPCj245PoY3P:3:CL:34742:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "9defyjkM6MX5zh2D5Mwo1U" + }, + { + "cred_def_id": "QX5kJqzx6c98Qvi7DDNAb6:3:CL:213:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "BQu1v6o9Z9ttkdwbVqpyZB" + }, + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": ">" + }, + { + "name": "criminal_record_expiry_dateint", + "restrictions": [ + { + "cred_def_id": "RSDAVyaiUjFPCj245PoY3P:3:CL:34742:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "9defyjkM6MX5zh2D5Mwo1U" + }, + { + "cred_def_id": "QX5kJqzx6c98Qvi7DDNAb6:3:CL:213:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "BQu1v6o9Z9ttkdwbVqpyZB" + }, + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": ">" + } + ] + }, + "generate_consistent_identifier": false, + "include_v1_attributes": true, + "ver_config_id": "csb-transcriber" +} diff --git a/proof-configurations/csb-transcriber/prod/csb-transcriber.json b/proof-configurations/csb-transcriber/prod/csb-transcriber.json new file mode 100644 index 00000000..77028497 --- /dev/null +++ b/proof-configurations/csb-transcriber/prod/csb-transcriber.json @@ -0,0 +1,63 @@ +{ + "subject_identifier": "user_id", + "proof_request": { + "name": "CSB Transcriber", + "version": "1.0", + "requested_attributes": [ + { + "names": [ + "user_id", + "company_name" + ], + "restrictions": [ + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ] + } + ], + "requested_predicates": [ + { + "name": "contract_start_dateint", + "restrictions": [ + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": "<=" + }, + { + "name": "contract_end_dateint", + "restrictions": [ + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": ">" + }, + { + "name": "criminal_record_expiry_dateint", + "restrictions": [ + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": ">" + } + ] + }, + "generate_consistent_identifier": false, + "include_v1_attributes": true, + "ver_config_id": "csb-transcriber" +} diff --git a/proof-configurations/csb-transcriber/test/csb-transcriber.json b/proof-configurations/csb-transcriber/test/csb-transcriber.json new file mode 100644 index 00000000..93d0e45d --- /dev/null +++ b/proof-configurations/csb-transcriber/test/csb-transcriber.json @@ -0,0 +1,83 @@ +{ + "subject_identifier": "user_id", + "proof_request": { + "name": "CSB Transcriber (Test)", + "version": "1.0", + "requested_attributes": [ + { + "names": [ + "user_id", + "company_name" + ], + "restrictions": [ + { + "cred_def_id": "QX5kJqzx6c98Qvi7DDNAb6:3:CL:213:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "BQu1v6o9Z9ttkdwbVqpyZB" + }, + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ] + } + ], + "requested_predicates": [ + { + "name": "contract_start_dateint", + "restrictions": [ + { + "cred_def_id": "QX5kJqzx6c98Qvi7DDNAb6:3:CL:213:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "BQu1v6o9Z9ttkdwbVqpyZB" + }, + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": "<=" + }, + { + "name": "contract_end_dateint", + "restrictions": [ + { + "cred_def_id": "QX5kJqzx6c98Qvi7DDNAb6:3:CL:213:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "BQu1v6o9Z9ttkdwbVqpyZB" + }, + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": ">" + }, + { + "name": "criminal_record_expiry_dateint", + "restrictions": [ + { + "cred_def_id": "QX5kJqzx6c98Qvi7DDNAb6:3:CL:213:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "BQu1v6o9Z9ttkdwbVqpyZB" + }, + { + "cred_def_id": "EmX9iHJrL7R6MBLH38QYp:3:CL:1560:transcriber", + "schema_name": "contractor-credential", + "schema_issuer_did": "B8B9jho4L57A1f6MmXpAbu" + } + ], + "p_value": "$today_int", + "p_type": ">" + } + ] + }, + "generate_consistent_identifier": false, + "include_v1_attributes": true, + "ver_config_id": "csb-transcriber" +} diff --git a/services/vc-authn-oidc/charts/dev/Chart.yaml b/services/vc-authn-oidc/charts/dev/Chart.yaml index 44cacf4e..d9786025 100644 --- a/services/vc-authn-oidc/charts/dev/Chart.yaml +++ b/services/vc-authn-oidc/charts/dev/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: vc-authn-oidc description: vc-authn-oidc - dev type: application -version: 0.2.2 -appVersion: "2.1.0" +version: 0.2.4 +appVersion: "2.2.1" dependencies: - name: vc-authn-oidc - version: 0.2.2 + version: 0.2.4 repository: https://bcgov.github.io/vc-authn-oidc diff --git a/services/vc-authn-oidc/charts/dev/values.yaml b/services/vc-authn-oidc/charts/dev/values.yaml index f4adb68b..fe46d522 100644 --- a/services/vc-authn-oidc/charts/dev/values.yaml +++ b/services/vc-authn-oidc/charts/dev/values.yaml @@ -6,6 +6,7 @@ vc-authn-oidc: tag: sha-23676cc acapyTenancyMode: single setNonRevoked: true + invitationLabel: BC Gov SSO Service (Dev) useOobPresentProof: true useOobLocalDIDService: false useUrlDeepLink: true diff --git a/services/vc-authn-oidc/charts/prod/Chart.yaml b/services/vc-authn-oidc/charts/prod/Chart.yaml index 687f3e66..1082de2b 100644 --- a/services/vc-authn-oidc/charts/prod/Chart.yaml +++ b/services/vc-authn-oidc/charts/prod/Chart.yaml @@ -1,11 +1,10 @@ apiVersion: v2 name: vc-authn-oidc description: vc-authn-oidc - prod - type: application -version: 0.2.2 -appVersion: "2.1.0" +version: 0.2.4 +appVersion: "2.2.1" dependencies: - name: vc-authn-oidc - version: 0.2.2 + version: 0.2.4 repository: https://bcgov.github.io/vc-authn-oidc diff --git a/services/vc-authn-oidc/charts/prod/values.yaml b/services/vc-authn-oidc/charts/prod/values.yaml index d19cd58b..0788a200 100644 --- a/services/vc-authn-oidc/charts/prod/values.yaml +++ b/services/vc-authn-oidc/charts/prod/values.yaml @@ -7,6 +7,7 @@ vc-authn-oidc: acapyTenancyMode: single setNonRevoked: true + invitationLabel: BC Gov SSO Service useOobPresentProof: false useOobLocalDIDService: false controllerCameraRedirectUrl: wallet_howto diff --git a/services/vc-authn-oidc/charts/test/Chart.yaml b/services/vc-authn-oidc/charts/test/Chart.yaml index 6f20b0ee..db6886bf 100644 --- a/services/vc-authn-oidc/charts/test/Chart.yaml +++ b/services/vc-authn-oidc/charts/test/Chart.yaml @@ -1,11 +1,10 @@ apiVersion: v2 name: vc-authn-oidc description: vc-authn-oidc - test - type: application -version: 0.2.2 -appVersion: "2.1.0" +version: 0.2.4 +appVersion: "2.2.1" dependencies: - name: vc-authn-oidc - version: 0.2.2 + version: 0.2.4 repository: https://bcgov.github.io/vc-authn-oidc diff --git a/services/vc-authn-oidc/charts/test/values.yaml b/services/vc-authn-oidc/charts/test/values.yaml index 063c4c6c..d08e324e 100644 --- a/services/vc-authn-oidc/charts/test/values.yaml +++ b/services/vc-authn-oidc/charts/test/values.yaml @@ -7,6 +7,7 @@ vc-authn-oidc: acapyTenancyMode: single setNonRevoked: true + invitationLabel: BC Gov SSO Service (Test) useOobPresentProof: false useOobLocalDIDService: false controllerCameraRedirectUrl: wallet_howto