From 6f9e93558a09a84dacc134f5c9fc4852640a849d Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Fri, 9 Jun 2023 16:39:52 +0200 Subject: [PATCH 01/11] chore: updated header licenses and removed duplicated values --- deployment/helm/edc-consumer/Chart.yaml | 53 +- deployment/helm/edc-consumer/README.md.gotmpl | 26 - deployment/helm/edc-consumer/values-beta.yaml | 474 +----------------- deployment/helm/edc-consumer/values-int.yaml | 474 +----------------- deployment/helm/edc-consumer/values.yaml | 36 +- deployment/helm/edc-provider/Chart.yaml | 52 +- deployment/helm/edc-provider/README.md.gotmpl | 26 - deployment/helm/edc-provider/values-beta.yaml | 460 +---------------- deployment/helm/edc-provider/values-int.yaml | 460 +---------------- deployment/helm/edc-provider/values.yaml | 35 +- 10 files changed, 160 insertions(+), 1936 deletions(-) delete mode 100644 deployment/helm/edc-consumer/README.md.gotmpl delete mode 100644 deployment/helm/edc-provider/README.md.gotmpl diff --git a/deployment/helm/edc-consumer/Chart.yaml b/deployment/helm/edc-consumer/Chart.yaml index 5290350fd..97126ceb6 100644 --- a/deployment/helm/edc-consumer/Chart.yaml +++ b/deployment/helm/edc-consumer/Chart.yaml @@ -1,50 +1,31 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application # -# Copyright (c) 2023 ZF Friedrichshafen AG -# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA # -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. # -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. # -# SPDX-License-Identifier: Apache-2.0 -# - +# SPDX-License-Identifier: Apache-2.0 +################################################################################# --- apiVersion: v2 name: tractusx-connector description: | - A Helm chart for Tractus-X Eclipse Data Space Connector. The connector deployment consists of two runtime consists of a - Control Plane and a Data Plane. Note that _no_ external dependencies such as a PostgreSQL database and HashiCorp Vault are included. - - This chart is intended for use with an _existing_ PostgreSQL database and an _existing_ HashiCorp Vault. -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. + A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mock that can be used as edc consumer for the DPP applicatiton. type: application -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) version: 0.3.3 -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. appVersion: "0.4.1" home: https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector sources: diff --git a/deployment/helm/edc-consumer/README.md.gotmpl b/deployment/helm/edc-consumer/README.md.gotmpl deleted file mode 100644 index b1671f5a2..000000000 --- a/deployment/helm/edc-consumer/README.md.gotmpl +++ /dev/null @@ -1,26 +0,0 @@ -{{ template "chart.header" . }} - -{{ template "chart.deprecationWarning" . }} - -{{ template "chart.badgesSection" . }} - -{{ template "chart.description" . }} - -{{ template "chart.homepageLine" . }} - -## TL;DR - -```shell -helm repo add tractusx-edc https://eclipse-tractusx.github.io/charts/dev -helm install my-release tractusx-edc/tractusx-connector --version {{ .Version }} -``` - -{{ template "chart.maintainersSection" . }} - -{{ template "chart.sourcesSection" . }} - -{{ template "chart.requirementsSection" . }} - -{{ template "chart.valuesSection" . }} - -{{ template "helm-docs.versionFooter" . }} diff --git a/deployment/helm/edc-consumer/values-beta.yaml b/deployment/helm/edc-consumer/values-beta.yaml index 2bb607f51..a95db3259 100644 --- a/deployment/helm/edc-consumer/values-beta.yaml +++ b/deployment/helm/edc-consumer/values-beta.yaml @@ -1,104 +1,41 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application # -# Copyright (c) 2023 ZF Friedrichshafen AG -# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA # -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. # -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. # +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + +### The fully configuration is available in https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector + + --- # Default values for eclipse-dataspace-connector. # This is a YAML-formatted file. # Declare variables to be passed into your templates. -mockbackend: - enabled: true - fullnameOverride: "dpp-edc-consumer-backend" - service: - type: NodePort - frontend: - port: 80 - backend: - port: 8081 - tractusx-connector: - install: - daps: false - postgresql: false - vault: false - fullnameOverride: "dpp-edc-consumer" - nameOverride: "" - # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - imagePullSecrets: [] - customLabels: {} - - participant: id: &bpnNumber "" controlplane: enabled: true - image: - # -- Which derivate of the control plane to use. when left empty the deployment will select the correct image automatically - repository: "tractusx/edc-controlplane-postgresql-hashicorp-vault" - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion - tag: "0.4.1" - initContainers: [] - debug: - enabled: false - port: 1044 - suspendOnStart: false - internationalDataSpaces: - id: TXDC - description: Tractus-X Eclipse IDS Data Space Connector - title: "" - maintainer: "" - curator: "" - catalogId: TXDC-Catalog - livenessProbe: - # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first liveness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - readinessProbe: - # -- Whether to enable kubernetes [readiness-probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first readiness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a readiness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - # -- endpoints of the control plane endpoints: # -- default api for health checks, should not be added to any ingress default: @@ -140,216 +77,16 @@ tractusx-connector: path: /consumer/observability # -- allow or disallow insecure access, i.e. access without authentication insecure: true - businessPartnerValidation: - log: - agreementValidation: true - service: - # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. - type: ClusterIP - annotations: {} - # -- additional labels for the pod - podLabels: {} - # -- additional annotations for the pod - podAnnotations: {} - # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment - podSecurityContext: - seccompProfile: - # -- Restrict a Container's Syscalls with seccomp - type: RuntimeDefault - # -- Runs all processes within a pod with a special uid - runAsUser: 10001 - # -- Processes within a pod will belong to this guid - runAsGroup: 10001 - # -- The owner for volumes and any files created within volumes will belong to this guid - fsGroup: 10001 - # The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod - securityContext: - capabilities: - # -- Specifies which capabilities to drop to reduce syscall attack surface - drop: - - ALL - # -- Specifies which capabilities to add to issue specialized syscalls - add: [] - # -- Whether the root filesystem is mounted in read-only mode - readOnlyRootFilesystem: true - # -- Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID - allowPrivilegeEscalation: false - # -- Requires the container to run without root privileges - runAsNonRoot: true - # -- The container's process will run with the specified uid - runAsUser: 10001 - # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value - - # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - # secretKeyRef: - # name: secret-name - # key: value_key - - # [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) names to load environment variables from - envSecretNames: [] - # - first-secret - # - second-secret - - # [Kubernetes ConfigMap Resource](https://kubernetes.io/docs/concepts/configuration/configmap/) names to load environment variables from - envConfigMapNames: [] - # - first-config-map - # - second-config-map - + ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" - # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - default - - management - - control - - protocol - - metrics - - observability - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - ## Private / Intranet facing Ingress - - enabled: false - # -- The hostname to be used to precisely map incoming traffic onto the underlying network service - hostname: "edc-control.intranet" - # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - management - - control - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - # -- declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container - volumeMounts: [] - # -- [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories - volumes: [] - # -- [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the container - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - replicaCount: 1 - autoscaling: - # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) - enabled: false - # -- Minimal replicas if resource consumption falls below resource threshholds - minReplicas: 1 - # -- Maximum replicas if resource consumption exceeds resource threshholds - maxReplicas: 100 - # -- targetAverageUtilization of cpu provided to a pod - targetCPUUtilizationPercentage: 80 - # -- targetAverageUtilization of memory provided to a pod - targetMemoryUtilizationPercentage: 80 - # -- configuration of the [Open Telemetry Agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) to collect and expose metrics - opentelemetry: |- - otel.javaagent.enabled=false - otel.javaagent.debug=false - # -- configuration of the [Java Util Logging Facade](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html) - logging: |- - .level=INFO - org.eclipse.edc.level=ALL - handlers=java.util.logging.ConsoleHandler - java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter - java.util.logging.ConsoleHandler.level=ALL - java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n - # [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain pods to nodes - nodeSelector: {} - # [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) to configure preferred nodes - tolerations: [] - # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on - affinity: {} - url: - # -- Explicitly declared url for reaching the ids api (e.g. if ingresses not used) - ids: "" + dataplane: enabled: true - image: - # -- Which derivate of the data plane to use. when left empty the deployment will select the correct image automatically - repository: "tractusx/edc-dataplane-hashicorp-vault" - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion - tag: "0.4.1" - initContainers: [] - debug: - enabled: false - port: 1044 - suspendOnStart: false - livenessProbe: - # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first liveness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - readinessProbe: - # -- Whether to enable kubernetes [readiness-probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first readiness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - service: - # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. - type: ClusterIP - port: 80 endpoints: default: port: 8080 @@ -373,66 +110,7 @@ tractusx-connector: metrics: port: 9090 path: /consumer/metrics - aws: - endpointOverride: "" - accessKeyId: "" - secretAccessKey: "" - # -- additional labels for the pod - podLabels: {} - # -- additional annotations for the pod - podAnnotations: {} - # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment - podSecurityContext: - seccompProfile: - # -- Restrict a Container's Syscalls with seccomp - type: RuntimeDefault - # -- Runs all processes within a pod with a special uid - runAsUser: 10001 - # -- Processes within a pod will belong to this guid - runAsGroup: 10001 - # -- The owner for volumes and any files created within volumes will belong to this guid - fsGroup: 10001 - # The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod - securityContext: - capabilities: - # -- Specifies which capabilities to drop to reduce syscall attack surface - drop: - - ALL - # -- Specifies which capabilities to add to issue specialized syscalls - add: [] - # -- Whether the root filesystem is mounted in read-only mode - readOnlyRootFilesystem: true - # -- Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID - allowPrivilegeEscalation: false - # -- Requires the container to run without root privileges - runAsNonRoot: true - # -- The container's process will run with the specified uid - runAsUser: 10001 - # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value - - # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - # secretKeyRef: - # name: secret-name - # key: value_key - - # [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) names to load environment variables from - envSecretNames: [] - # - first-secret - # - second-secret - - # [Kubernetes ConfigMap Resource](https://kubernetes.io/docs/concepts/configuration/configmap/) names to load environment variables from - envConfigMapNames: [] - # - first-config-map - # - second-config-map - + ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress @@ -440,101 +118,19 @@ tractusx-connector: # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - public - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - # -- declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container - volumeMounts: [] - # -- [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories - volumes: [] - # -- [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the container - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - replicaCount: 1 - autoscaling: - # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) - enabled: false - # -- Minimal replicas if resource consumption falls below resource threshholds - minReplicas: 1 - # -- Maximum replicas if resource consumption exceeds resource threshholds - maxReplicas: 100 - # -- targetAverageUtilization of cpu provided to a pod - targetCPUUtilizationPercentage: 80 - # -- targetAverageUtilization of memory provided to a pod - targetMemoryUtilizationPercentage: 80 - # -- configuration of the [Open Telemetry Agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) to collect and expose metrics - opentelemetry: |- - otel.javaagent.enabled=false - otel.javaagent.debug=false - # -- configuration of the [Java Util Logging Facade](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html) - logging: |- - .level=INFO - org.eclipse.edc.level=ALL - handlers=java.util.logging.ConsoleHandler - java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter - java.util.logging.ConsoleHandler.level=ALL - java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n - # [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain pods to nodes - nodeSelector: {} - # [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) to configure preferred nodes - tolerations: [] - # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on - affinity: {} - url: - # -- Explicitly declared url for reaching the public api (e.g. if ingresses not used) - public: "" - + postgresql: - jdbcUrl: "jdbc:postgresql://postgresql:5432/edc" - fullnameOverride: "postgresql" username: password: auth: - database: "edc" username: password: vault: - fullnameOverride: "vault" - injector: - enabled: false - server: - dev: - enabled: true - devRootToken: "root" - # Must be the same certificate that is configured in section 'daps' - postStart: # must be set externally! + hashicorp: url: token: - timeout: 30 - healthCheck: - enabled: true - standbyOk: true paths: secret: health: /v1/sys/health @@ -562,32 +158,12 @@ tractusx-connector: backendService: httpProxyTokenReceiverUrl: "https://materialpass.beta.demo.catena-x.net/endpoint" - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - # -- Existing image pull secret bound to the service account to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - imagePullSecrets: [] idsdaps: connectors: - certificate: postgresql: - jdbcUrl: "jdbc:postgresql://postgresql:5432/edc" - fullnameOverride: "postgresql" - primary: - persistence: - enabled: true - readReplicas: - persistence: - enabled: true auth: - database: "edc" username: password: \ No newline at end of file diff --git a/deployment/helm/edc-consumer/values-int.yaml b/deployment/helm/edc-consumer/values-int.yaml index 63bb791fd..d314ea29a 100644 --- a/deployment/helm/edc-consumer/values-int.yaml +++ b/deployment/helm/edc-consumer/values-int.yaml @@ -1,104 +1,41 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application # -# Copyright (c) 2023 ZF Friedrichshafen AG -# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA # -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. # -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. # +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + +### The fully configuration is available in https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector + + --- # Default values for eclipse-dataspace-connector. # This is a YAML-formatted file. # Declare variables to be passed into your templates. -mockbackend: - enabled: true - fullnameOverride: "dpp-edc-consumer-backend" - service: - type: NodePort - frontend: - port: 80 - backend: - port: 8081 - tractusx-connector: - install: - daps: false - postgresql: false - vault: false - fullnameOverride: "dpp-edc-consumer" - nameOverride: "" - # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - imagePullSecrets: [] - customLabels: {} - - participant: id: &bpnNumber "" controlplane: enabled: true - image: - # -- Which derivate of the control plane to use. when left empty the deployment will select the correct image automatically - repository: "tractusx/edc-controlplane-postgresql-hashicorp-vault" - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion - tag: "0.4.1" - initContainers: [] - debug: - enabled: false - port: 1044 - suspendOnStart: false - internationalDataSpaces: - id: TXDC - description: Tractus-X Eclipse IDS Data Space Connector - title: "" - maintainer: "" - curator: "" - catalogId: TXDC-Catalog - livenessProbe: - # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first liveness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - readinessProbe: - # -- Whether to enable kubernetes [readiness-probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first readiness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a readiness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - # -- endpoints of the control plane endpoints: # -- default api for health checks, should not be added to any ingress default: @@ -140,216 +77,16 @@ tractusx-connector: path: /consumer/observability # -- allow or disallow insecure access, i.e. access without authentication insecure: true - businessPartnerValidation: - log: - agreementValidation: true - service: - # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. - type: ClusterIP - annotations: {} - # -- additional labels for the pod - podLabels: {} - # -- additional annotations for the pod - podAnnotations: {} - # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment - podSecurityContext: - seccompProfile: - # -- Restrict a Container's Syscalls with seccomp - type: RuntimeDefault - # -- Runs all processes within a pod with a special uid - runAsUser: 10001 - # -- Processes within a pod will belong to this guid - runAsGroup: 10001 - # -- The owner for volumes and any files created within volumes will belong to this guid - fsGroup: 10001 - # The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod - securityContext: - capabilities: - # -- Specifies which capabilities to drop to reduce syscall attack surface - drop: - - ALL - # -- Specifies which capabilities to add to issue specialized syscalls - add: [] - # -- Whether the root filesystem is mounted in read-only mode - readOnlyRootFilesystem: true - # -- Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID - allowPrivilegeEscalation: false - # -- Requires the container to run without root privileges - runAsNonRoot: true - # -- The container's process will run with the specified uid - runAsUser: 10001 - # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value - - # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - # secretKeyRef: - # name: secret-name - # key: value_key - - # [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) names to load environment variables from - envSecretNames: [] - # - first-secret - # - second-secret - - # [Kubernetes ConfigMap Resource](https://kubernetes.io/docs/concepts/configuration/configmap/) names to load environment variables from - envConfigMapNames: [] - # - first-config-map - # - second-config-map - + ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" - # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - default - - management - - control - - protocol - - metrics - - observability - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - ## Private / Intranet facing Ingress - - enabled: false - # -- The hostname to be used to precisely map incoming traffic onto the underlying network service - hostname: "edc-control.intranet" - # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - management - - control - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - # -- declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container - volumeMounts: [] - # -- [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories - volumes: [] - # -- [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the container - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - replicaCount: 1 - autoscaling: - # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) - enabled: false - # -- Minimal replicas if resource consumption falls below resource threshholds - minReplicas: 1 - # -- Maximum replicas if resource consumption exceeds resource threshholds - maxReplicas: 100 - # -- targetAverageUtilization of cpu provided to a pod - targetCPUUtilizationPercentage: 80 - # -- targetAverageUtilization of memory provided to a pod - targetMemoryUtilizationPercentage: 80 - # -- configuration of the [Open Telemetry Agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) to collect and expose metrics - opentelemetry: |- - otel.javaagent.enabled=false - otel.javaagent.debug=false - # -- configuration of the [Java Util Logging Facade](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html) - logging: |- - .level=INFO - org.eclipse.edc.level=ALL - handlers=java.util.logging.ConsoleHandler - java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter - java.util.logging.ConsoleHandler.level=ALL - java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n - # [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain pods to nodes - nodeSelector: {} - # [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) to configure preferred nodes - tolerations: [] - # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on - affinity: {} - url: - # -- Explicitly declared url for reaching the ids api (e.g. if ingresses not used) - ids: "" + dataplane: enabled: true - image: - # -- Which derivate of the data plane to use. when left empty the deployment will select the correct image automatically - repository: "tractusx/edc-dataplane-hashicorp-vault" - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion - tag: "0.4.1" - initContainers: [] - debug: - enabled: false - port: 1044 - suspendOnStart: false - livenessProbe: - # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first liveness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - readinessProbe: - # -- Whether to enable kubernetes [readiness-probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first readiness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - service: - # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. - type: ClusterIP - port: 80 endpoints: default: port: 8080 @@ -373,66 +110,7 @@ tractusx-connector: metrics: port: 9090 path: /consumer/metrics - aws: - endpointOverride: "" - accessKeyId: "" - secretAccessKey: "" - # -- additional labels for the pod - podLabels: {} - # -- additional annotations for the pod - podAnnotations: {} - # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment - podSecurityContext: - seccompProfile: - # -- Restrict a Container's Syscalls with seccomp - type: RuntimeDefault - # -- Runs all processes within a pod with a special uid - runAsUser: 10001 - # -- Processes within a pod will belong to this guid - runAsGroup: 10001 - # -- The owner for volumes and any files created within volumes will belong to this guid - fsGroup: 10001 - # The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod - securityContext: - capabilities: - # -- Specifies which capabilities to drop to reduce syscall attack surface - drop: - - ALL - # -- Specifies which capabilities to add to issue specialized syscalls - add: [] - # -- Whether the root filesystem is mounted in read-only mode - readOnlyRootFilesystem: true - # -- Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID - allowPrivilegeEscalation: false - # -- Requires the container to run without root privileges - runAsNonRoot: true - # -- The container's process will run with the specified uid - runAsUser: 10001 - # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value - - # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - # secretKeyRef: - # name: secret-name - # key: value_key - - # [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) names to load environment variables from - envSecretNames: [] - # - first-secret - # - second-secret - - # [Kubernetes ConfigMap Resource](https://kubernetes.io/docs/concepts/configuration/configmap/) names to load environment variables from - envConfigMapNames: [] - # - first-config-map - # - second-config-map - + ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress @@ -440,101 +118,19 @@ tractusx-connector: # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - public - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - # -- declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container - volumeMounts: [] - # -- [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories - volumes: [] - # -- [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the container - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - replicaCount: 1 - autoscaling: - # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) - enabled: false - # -- Minimal replicas if resource consumption falls below resource threshholds - minReplicas: 1 - # -- Maximum replicas if resource consumption exceeds resource threshholds - maxReplicas: 100 - # -- targetAverageUtilization of cpu provided to a pod - targetCPUUtilizationPercentage: 80 - # -- targetAverageUtilization of memory provided to a pod - targetMemoryUtilizationPercentage: 80 - # -- configuration of the [Open Telemetry Agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) to collect and expose metrics - opentelemetry: |- - otel.javaagent.enabled=false - otel.javaagent.debug=false - # -- configuration of the [Java Util Logging Facade](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html) - logging: |- - .level=INFO - org.eclipse.edc.level=ALL - handlers=java.util.logging.ConsoleHandler - java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter - java.util.logging.ConsoleHandler.level=ALL - java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n - # [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain pods to nodes - nodeSelector: {} - # [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) to configure preferred nodes - tolerations: [] - # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on - affinity: {} - url: - # -- Explicitly declared url for reaching the public api (e.g. if ingresses not used) - public: "" - + postgresql: - jdbcUrl: "jdbc:postgresql://postgresql:5432/edc" - fullnameOverride: "postgresql" username: password: auth: - database: "edc" username: password: vault: - fullnameOverride: "vault" - injector: - enabled: false - server: - dev: - enabled: true - devRootToken: "root" - # Must be the same certificate that is configured in section 'daps' - postStart: # must be set externally! + hashicorp: url: token: - timeout: 30 - healthCheck: - enabled: true - standbyOk: true paths: secret: health: /v1/sys/health @@ -562,32 +158,12 @@ tractusx-connector: backendService: httpProxyTokenReceiverUrl: "https://materialpass.int.demo.catena-x.net/endpoint" - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - # -- Existing image pull secret bound to the service account to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - imagePullSecrets: [] idsdaps: connectors: - certificate: postgresql: - jdbcUrl: "jdbc:postgresql://postgresql:5432/edc" - fullnameOverride: "postgresql" - primary: - persistence: - enabled: true - readReplicas: - persistence: - enabled: true auth: - database: "edc" username: password: \ No newline at end of file diff --git a/deployment/helm/edc-consumer/values.yaml b/deployment/helm/edc-consumer/values.yaml index 0e85cc7cc..404347414 100644 --- a/deployment/helm/edc-consumer/values.yaml +++ b/deployment/helm/edc-consumer/values.yaml @@ -1,24 +1,28 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application # -# Copyright (c) 2023 ZF Friedrichshafen AG -# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA # -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. # -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. # +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + +### The fully configuration is available in https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector + + --- diff --git a/deployment/helm/edc-provider/Chart.yaml b/deployment/helm/edc-provider/Chart.yaml index 202bc868c..231f99b9b 100644 --- a/deployment/helm/edc-provider/Chart.yaml +++ b/deployment/helm/edc-provider/Chart.yaml @@ -1,50 +1,32 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application # -# Copyright (c) 2023 ZF Friedrichshafen AG -# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA # -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. # -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. # +# SPDX-License-Identifier: Apache-2.0 +################################################################################# --- apiVersion: v2 name: tractusx-connector description: | - A Helm chart for Tractus-X Eclipse Data Space Connector. The connector deployment consists of two runtime consists of a - Control Plane and a Data Plane. Note that _no_ external dependencies such as a PostgreSQL database and HashiCorp Vault are included. - - This chart is intended for use with an _existing_ PostgreSQL database and an _existing_ HashiCorp Vault. -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. + A Helm chart for Tractus-X Eclipse Data Space Connector. This chart is a test mock that can be used as edc provider for the DPP applicatiton. type: application -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) version: 0.3.3 -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. appVersion: "0.4.1" home: https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector sources: diff --git a/deployment/helm/edc-provider/README.md.gotmpl b/deployment/helm/edc-provider/README.md.gotmpl deleted file mode 100644 index b1671f5a2..000000000 --- a/deployment/helm/edc-provider/README.md.gotmpl +++ /dev/null @@ -1,26 +0,0 @@ -{{ template "chart.header" . }} - -{{ template "chart.deprecationWarning" . }} - -{{ template "chart.badgesSection" . }} - -{{ template "chart.description" . }} - -{{ template "chart.homepageLine" . }} - -## TL;DR - -```shell -helm repo add tractusx-edc https://eclipse-tractusx.github.io/charts/dev -helm install my-release tractusx-edc/tractusx-connector --version {{ .Version }} -``` - -{{ template "chart.maintainersSection" . }} - -{{ template "chart.sourcesSection" . }} - -{{ template "chart.requirementsSection" . }} - -{{ template "chart.valuesSection" . }} - -{{ template "helm-docs.versionFooter" . }} diff --git a/deployment/helm/edc-provider/values-beta.yaml b/deployment/helm/edc-provider/values-beta.yaml index 83f3c44b4..6fb40f27e 100644 --- a/deployment/helm/edc-provider/values-beta.yaml +++ b/deployment/helm/edc-provider/values-beta.yaml @@ -1,92 +1,37 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application # -# Copyright (c) 2023 ZF Friedrichshafen AG -# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA # -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. # -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. # +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + +### The fully configuration is available in https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector --- tractusx-connector: - install: - daps: false - postgresql: false - vault: false - fullnameOverride: "dpp-edc-provider" - nameOverride: "" - # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - imagePullSecrets: [] - customLabels: {} - - participant: id: &bpnNumber "" controlplane: enabled: true - image: - # -- Which derivate of the control plane to use. when left empty the deployment will select the correct image automatically - repository: "tractusx/edc-controlplane-postgresql-hashicorp-vault" - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion - tag: "0.4.1" - initContainers: [] - debug: - enabled: false - port: 1044 - suspendOnStart: false - internationalDataSpaces: - id: TXDC - description: Tractus-X Eclipse IDS Data Space Connector - title: "" - maintainer: "" - curator: "" - catalogId: TXDC-Catalog - livenessProbe: - # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first liveness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - readinessProbe: - # -- Whether to enable kubernetes [readiness-probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first readiness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a readiness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - # -- endpoints of the control plane endpoints: # -- default api for health checks, should not be added to any ingress default: @@ -128,68 +73,6 @@ tractusx-connector: path: /BPNL000000000000/observability # -- allow or disallow insecure access, i.e. access without authentication insecure: true - businessPartnerValidation: - log: - agreementValidation: true - service: - # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. - type: ClusterIP - annotations: {} - # -- additional labels for the pod - podLabels: {} - # -- additional annotations for the pod - podAnnotations: {} - # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment - podSecurityContext: - seccompProfile: - # -- Restrict a Container's Syscalls with seccomp - type: RuntimeDefault - # -- Runs all processes within a pod with a special uid - runAsUser: 10001 - # -- Processes within a pod will belong to this guid - runAsGroup: 10001 - # -- The owner for volumes and any files created within volumes will belong to this guid - fsGroup: 10001 - # The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod - securityContext: - capabilities: - # -- Specifies which capabilities to drop to reduce syscall attack surface - drop: - - ALL - # -- Specifies which capabilities to add to issue specialized syscalls - add: [] - # -- Whether the root filesystem is mounted in read-only mode - readOnlyRootFilesystem: true - # -- Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID - allowPrivilegeEscalation: false - # -- Requires the container to run without root privileges - runAsNonRoot: true - # -- The container's process will run with the specified uid - runAsUser: 10001 - # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value - - # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - # secretKeyRef: - # name: secret-name - # key: value_key - - # [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) names to load environment variables from - envSecretNames: [] - # - first-secret - # - second-secret - - # [Kubernetes ConfigMap Resource](https://kubernetes.io/docs/concepts/configuration/configmap/) names to load environment variables from - envConfigMapNames: [] - # - first-config-map - # - second-config-map ## Ingress declaration to expose the network service. ingresses: @@ -197,147 +80,8 @@ tractusx-connector: - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" - # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - default - - management - - control - - protocol - - metrics - - observability - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - ## Private / Intranet facing Ingress - - enabled: false - # -- The hostname to be used to precisely map incoming traffic onto the underlying network service - hostname: "edc-control.intranet" - # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - management - - control - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - # -- declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container - volumeMounts: [] - # -- [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories - volumes: [] - # -- [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the container - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - replicaCount: 1 - autoscaling: - # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) - enabled: false - # -- Minimal replicas if resource consumption falls below resource threshholds - minReplicas: 1 - # -- Maximum replicas if resource consumption exceeds resource threshholds - maxReplicas: 100 - # -- targetAverageUtilization of cpu provided to a pod - targetCPUUtilizationPercentage: 80 - # -- targetAverageUtilization of memory provided to a pod - targetMemoryUtilizationPercentage: 80 - # -- configuration of the [Open Telemetry Agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) to collect and expose metrics - opentelemetry: |- - otel.javaagent.enabled=false - otel.javaagent.debug=false - # -- configuration of the [Java Util Logging Facade](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html) - logging: |- - .level=INFO - org.eclipse.edc.level=ALL - handlers=java.util.logging.ConsoleHandler - java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter - java.util.logging.ConsoleHandler.level=ALL - java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n - # [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain pods to nodes - nodeSelector: {} - # [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) to configure preferred nodes - tolerations: [] - # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on - affinity: {} - url: - # -- Explicitly declared url for reaching the ids api (e.g. if ingresses not used) - ids: "" dataplane: enabled: true - image: - # -- Which derivate of the data plane to use. when left empty the deployment will select the correct image automatically - repository: "tractusx/edc-dataplane-hashicorp-vault" - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion - tag: "0.4.1" - initContainers: [] - debug: - enabled: false - port: 1044 - suspendOnStart: false - livenessProbe: - # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first liveness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - readinessProbe: - # -- Whether to enable kubernetes [readiness-probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first readiness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - service: - # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. - type: ClusterIP - port: 80 endpoints: default: port: 8080 @@ -361,66 +105,6 @@ tractusx-connector: metrics: port: 9090 path: /BPNL000000000000/metrics - aws: - endpointOverride: "" - accessKeyId: "" - secretAccessKey: "" - # -- additional labels for the pod - podLabels: {} - # -- additional annotations for the pod - podAnnotations: {} - # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment - podSecurityContext: - seccompProfile: - # -- Restrict a Container's Syscalls with seccomp - type: RuntimeDefault - # -- Runs all processes within a pod with a special uid - runAsUser: 10001 - # -- Processes within a pod will belong to this guid - runAsGroup: 10001 - # -- The owner for volumes and any files created within volumes will belong to this guid - fsGroup: 10001 - # The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod - securityContext: - capabilities: - # -- Specifies which capabilities to drop to reduce syscall attack surface - drop: - - ALL - # -- Specifies which capabilities to add to issue specialized syscalls - add: [] - # -- Whether the root filesystem is mounted in read-only mode - readOnlyRootFilesystem: true - # -- Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID - allowPrivilegeEscalation: false - # -- Requires the container to run without root privileges - runAsNonRoot: true - # -- The container's process will run with the specified uid - runAsUser: 10001 - # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value - - # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - # secretKeyRef: - # name: secret-name - # key: value_key - - # [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) names to load environment variables from - envSecretNames: [] - # - first-secret - # - second-secret - - # [Kubernetes ConfigMap Resource](https://kubernetes.io/docs/concepts/configuration/configmap/) names to load environment variables from - envConfigMapNames: [] - # - first-config-map - # - second-config-map - ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress @@ -428,101 +112,19 @@ tractusx-connector: # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - public - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - # -- declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container - volumeMounts: [] - # -- [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories - volumes: [] - # -- [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the container - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - replicaCount: 1 - autoscaling: - # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) - enabled: false - # -- Minimal replicas if resource consumption falls below resource threshholds - minReplicas: 1 - # -- Maximum replicas if resource consumption exceeds resource threshholds - maxReplicas: 100 - # -- targetAverageUtilization of cpu provided to a pod - targetCPUUtilizationPercentage: 80 - # -- targetAverageUtilization of memory provided to a pod - targetMemoryUtilizationPercentage: 80 - # -- configuration of the [Open Telemetry Agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) to collect and expose metrics - opentelemetry: |- - otel.javaagent.enabled=false - otel.javaagent.debug=false - # -- configuration of the [Java Util Logging Facade](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html) - logging: |- - .level=INFO - org.eclipse.edc.level=ALL - handlers=java.util.logging.ConsoleHandler - java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter - java.util.logging.ConsoleHandler.level=ALL - java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n - # [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain pods to nodes - nodeSelector: {} - # [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) to configure preferred nodes - tolerations: [] - # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on - affinity: {} - url: - # -- Explicitly declared url for reaching the public api (e.g. if ingresses not used) - public: "" - + postgresql: - jdbcUrl: "jdbc:postgresql://postgresqlprovider:5432/edc" - fullnameOverride: "postgresql" username: password: auth: - database: "edc" username: password: vault: fullnameOverride: "vault" - injector: - enabled: false - server: - dev: - enabled: true - devRootToken: "root" - # Must be the same certificate that is configured in section 'daps' - postStart: # must be set externally! hashicorp: url: token: - timeout: 30 - healthCheck: - enabled: true - standbyOk: true paths: secret: health: /v1/sys/health @@ -534,12 +136,8 @@ tractusx-connector: dapsPublicKey: ids-daps_crt daps: - fullnameOverride: "daps" url: "https://daps.beta.demo.catena-x.net" clientId: - paths: - jwks: /.well-known/jwks.json - token: /token connectors: - id: name: edcconector @@ -549,32 +147,12 @@ tractusx-connector: backendService: httpProxyTokenReceiverUrl: "https://materialpass.beta.demo.catena-x.net/endpoint" - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - # -- Existing image pull secret bound to the service account to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - imagePullSecrets: [] idsdaps: connectors: - certificate: postgresql: - jdbcUrl: "jdbc:postgresql://postgresqlprovider:5432/edc" - fullnameOverride: "postgresqlprovider" - primary: - persistence: - enabled: true - readReplicas: - persistence: - enabled: true auth: - database: "edc" username: password: \ No newline at end of file diff --git a/deployment/helm/edc-provider/values-int.yaml b/deployment/helm/edc-provider/values-int.yaml index b5bd76152..adf0dd373 100644 --- a/deployment/helm/edc-provider/values-int.yaml +++ b/deployment/helm/edc-provider/values-int.yaml @@ -1,92 +1,37 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application # -# Copyright (c) 2023 ZF Friedrichshafen AG -# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA # -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. # -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. # +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + +### The fully configuration is available in https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector --- tractusx-connector: - install: - daps: false - postgresql: false - vault: false - fullnameOverride: "dpp-edc-provider" - nameOverride: "" - # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - imagePullSecrets: [] - customLabels: {} - - participant: id: &bpnNumber "" controlplane: enabled: true - image: - # -- Which derivate of the control plane to use. when left empty the deployment will select the correct image automatically - repository: "tractusx/edc-controlplane-postgresql-hashicorp-vault" - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion - tag: "0.4.1" - initContainers: [] - debug: - enabled: false - port: 1044 - suspendOnStart: false - internationalDataSpaces: - id: TXDC - description: Tractus-X Eclipse IDS Data Space Connector - title: "" - maintainer: "" - curator: "" - catalogId: TXDC-Catalog - livenessProbe: - # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first liveness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - readinessProbe: - # -- Whether to enable kubernetes [readiness-probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first readiness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a readiness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - # -- endpoints of the control plane endpoints: # -- default api for health checks, should not be added to any ingress default: @@ -128,68 +73,6 @@ tractusx-connector: path: /BPNL000000000000/observability # -- allow or disallow insecure access, i.e. access without authentication insecure: true - businessPartnerValidation: - log: - agreementValidation: true - service: - # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. - type: ClusterIP - annotations: {} - # -- additional labels for the pod - podLabels: {} - # -- additional annotations for the pod - podAnnotations: {} - # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment - podSecurityContext: - seccompProfile: - # -- Restrict a Container's Syscalls with seccomp - type: RuntimeDefault - # -- Runs all processes within a pod with a special uid - runAsUser: 10001 - # -- Processes within a pod will belong to this guid - runAsGroup: 10001 - # -- The owner for volumes and any files created within volumes will belong to this guid - fsGroup: 10001 - # The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod - securityContext: - capabilities: - # -- Specifies which capabilities to drop to reduce syscall attack surface - drop: - - ALL - # -- Specifies which capabilities to add to issue specialized syscalls - add: [] - # -- Whether the root filesystem is mounted in read-only mode - readOnlyRootFilesystem: true - # -- Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID - allowPrivilegeEscalation: false - # -- Requires the container to run without root privileges - runAsNonRoot: true - # -- The container's process will run with the specified uid - runAsUser: 10001 - # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value - - # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - # secretKeyRef: - # name: secret-name - # key: value_key - - # [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) names to load environment variables from - envSecretNames: [] - # - first-secret - # - second-secret - - # [Kubernetes ConfigMap Resource](https://kubernetes.io/docs/concepts/configuration/configmap/) names to load environment variables from - envConfigMapNames: [] - # - first-config-map - # - second-config-map ## Ingress declaration to expose the network service. ingresses: @@ -197,147 +80,8 @@ tractusx-connector: - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" - # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - default - - management - - control - - protocol - - metrics - - observability - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - ## Private / Intranet facing Ingress - - enabled: false - # -- The hostname to be used to precisely map incoming traffic onto the underlying network service - hostname: "edc-control.intranet" - # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - management - - control - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - # -- declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container - volumeMounts: [] - # -- [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories - volumes: [] - # -- [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the container - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - replicaCount: 1 - autoscaling: - # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) - enabled: false - # -- Minimal replicas if resource consumption falls below resource threshholds - minReplicas: 1 - # -- Maximum replicas if resource consumption exceeds resource threshholds - maxReplicas: 100 - # -- targetAverageUtilization of cpu provided to a pod - targetCPUUtilizationPercentage: 80 - # -- targetAverageUtilization of memory provided to a pod - targetMemoryUtilizationPercentage: 80 - # -- configuration of the [Open Telemetry Agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) to collect and expose metrics - opentelemetry: |- - otel.javaagent.enabled=false - otel.javaagent.debug=false - # -- configuration of the [Java Util Logging Facade](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html) - logging: |- - .level=INFO - org.eclipse.edc.level=ALL - handlers=java.util.logging.ConsoleHandler - java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter - java.util.logging.ConsoleHandler.level=ALL - java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n - # [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain pods to nodes - nodeSelector: {} - # [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) to configure preferred nodes - tolerations: [] - # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on - affinity: {} - url: - # -- Explicitly declared url for reaching the ids api (e.g. if ingresses not used) - ids: "" dataplane: enabled: true - image: - # -- Which derivate of the data plane to use. when left empty the deployment will select the correct image automatically - repository: "tractusx/edc-dataplane-hashicorp-vault" - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion - tag: "0.4.1" - initContainers: [] - debug: - enabled: false - port: 1044 - suspendOnStart: false - livenessProbe: - # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first liveness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - readinessProbe: - # -- Whether to enable kubernetes [readiness-probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) - enabled: true - # -- seconds to wait before performing the first readiness check - initialDelaySeconds: 30 - # -- this fields specifies that kubernetes should perform a liveness check every 10 seconds - periodSeconds: 10 - # -- number of seconds after which the probe times out - timeoutSeconds: 5 - # -- when a probe fails kubernetes will try 6 times before giving up - failureThreshold: 6 - # -- number of consecutive successes for the probe to be considered successful after having failed - successThreshold: 1 - service: - # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. - type: ClusterIP - port: 80 endpoints: default: port: 8080 @@ -361,66 +105,6 @@ tractusx-connector: metrics: port: 9090 path: /BPNL000000000000/metrics - aws: - endpointOverride: "" - accessKeyId: "" - secretAccessKey: "" - # -- additional labels for the pod - podLabels: {} - # -- additional annotations for the pod - podAnnotations: {} - # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment - podSecurityContext: - seccompProfile: - # -- Restrict a Container's Syscalls with seccomp - type: RuntimeDefault - # -- Runs all processes within a pod with a special uid - runAsUser: 10001 - # -- Processes within a pod will belong to this guid - runAsGroup: 10001 - # -- The owner for volumes and any files created within volumes will belong to this guid - fsGroup: 10001 - # The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod - securityContext: - capabilities: - # -- Specifies which capabilities to drop to reduce syscall attack surface - drop: - - ALL - # -- Specifies which capabilities to add to issue specialized syscalls - add: [] - # -- Whether the root filesystem is mounted in read-only mode - readOnlyRootFilesystem: true - # -- Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID - allowPrivilegeEscalation: false - # -- Requires the container to run without root privileges - runAsNonRoot: true - # -- The container's process will run with the specified uid - runAsUser: 10001 - # Extra environment variables that will be pass onto deployment pods - env: {} - # ENV_NAME: value - - # "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - # ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - # secretKeyRef: - # name: secret-name - # key: value_key - - # [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) names to load environment variables from - envSecretNames: [] - # - first-secret - # - second-secret - - # [Kubernetes ConfigMap Resource](https://kubernetes.io/docs/concepts/configuration/configmap/) names to load environment variables from - envConfigMapNames: [] - # - first-config-map - # - second-config-map - ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress @@ -428,101 +112,19 @@ tractusx-connector: # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" # -- Additional ingress annotations to add - annotations: {} - # -- EDC endpoints exposed by this ingress resource - endpoints: - - public - # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use - className: "nginx" - # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource - tls: - # -- Enables TLS on the ingress resource - enabled: true - # -- If present overwrites the default secret name - secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - # -- declare where to mount [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) into the container - volumeMounts: [] - # -- [volume](https://kubernetes.io/docs/concepts/storage/volumes/) directories - volumes: [] - # -- [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the container - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - replicaCount: 1 - autoscaling: - # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) - enabled: false - # -- Minimal replicas if resource consumption falls below resource threshholds - minReplicas: 1 - # -- Maximum replicas if resource consumption exceeds resource threshholds - maxReplicas: 100 - # -- targetAverageUtilization of cpu provided to a pod - targetCPUUtilizationPercentage: 80 - # -- targetAverageUtilization of memory provided to a pod - targetMemoryUtilizationPercentage: 80 - # -- configuration of the [Open Telemetry Agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) to collect and expose metrics - opentelemetry: |- - otel.javaagent.enabled=false - otel.javaagent.debug=false - # -- configuration of the [Java Util Logging Facade](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html) - logging: |- - .level=INFO - org.eclipse.edc.level=ALL - handlers=java.util.logging.ConsoleHandler - java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter - java.util.logging.ConsoleHandler.level=ALL - java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n - # [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain pods to nodes - nodeSelector: {} - # [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) to configure preferred nodes - tolerations: [] - # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on - affinity: {} - url: - # -- Explicitly declared url for reaching the public api (e.g. if ingresses not used) - public: "" - + postgresql: - jdbcUrl: "jdbc:postgresql://postgresqlprovider:5432/edc" - fullnameOverride: "postgresql" username: password: auth: - database: "edc" username: password: vault: fullnameOverride: "vault" - injector: - enabled: false - server: - dev: - enabled: true - devRootToken: "root" - # Must be the same certificate that is configured in section 'daps' - postStart: # must be set externally! hashicorp: url: token: - timeout: 30 - healthCheck: - enabled: true - standbyOk: true paths: secret: health: /v1/sys/health @@ -534,12 +136,8 @@ tractusx-connector: dapsPublicKey: ids-daps_crt daps: - fullnameOverride: "daps" url: "https://daps1.int.demo.catena-x.net" clientId: - paths: - jwks: /.well-known/jwks.json - token: /token connectors: - id: name: edcconector @@ -549,32 +147,12 @@ tractusx-connector: backendService: httpProxyTokenReceiverUrl: "https://materialpass.int.demo.catena-x.net/endpoint" - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - # -- Existing image pull secret bound to the service account to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - imagePullSecrets: [] idsdaps: connectors: - certificate: postgresql: - jdbcUrl: "jdbc:postgresql://postgresqlprovider:5432/edc" - fullnameOverride: "postgresqlprovider" - primary: - persistence: - enabled: true - readReplicas: - persistence: - enabled: true auth: - database: "edc" username: password: \ No newline at end of file diff --git a/deployment/helm/edc-provider/values.yaml b/deployment/helm/edc-provider/values.yaml index 3cd551429..a8d5953e1 100644 --- a/deployment/helm/edc-provider/values.yaml +++ b/deployment/helm/edc-provider/values.yaml @@ -1,24 +1,26 @@ +################################################################################# +# Catena-X - Product Passport Consumer Application # -# Copyright (c) 2023 ZF Friedrichshafen AG -# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH -# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022, 2023 BASF SE, BMW AG, Henkel AG & Co. KGaA # -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. # -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +# either express or implied. See the +# License for the specific language govern in permissions and limitations +# under the License. # +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + +### The fully configuration is available in https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector --- @@ -31,7 +33,6 @@ tractusx-connector: vault: false fullnameOverride: "dpp-edc-provider" nameOverride: "" - # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) imagePullSecrets: [] customLabels: {} From f6f560c63b4804e15d52c3f351a7c16145560ff0 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Fri, 9 Jun 2023 16:57:06 +0200 Subject: [PATCH 02/11] chore: added enabled attributes in the charts --- deployment/helm/edc-consumer/values-beta.yaml | 1 + deployment/helm/edc-consumer/values-int.yaml | 1 + deployment/helm/edc-consumer/values.yaml | 1 + deployment/helm/edc-provider/values-beta.yaml | 1 + deployment/helm/edc-provider/values-int.yaml | 1 + deployment/helm/edc-provider/values.yaml | 1 + 6 files changed, 6 insertions(+) diff --git a/deployment/helm/edc-consumer/values-beta.yaml b/deployment/helm/edc-consumer/values-beta.yaml index a95db3259..b3ebfa2bf 100644 --- a/deployment/helm/edc-consumer/values-beta.yaml +++ b/deployment/helm/edc-consumer/values-beta.yaml @@ -31,6 +31,7 @@ # Declare variables to be passed into your templates. tractusx-connector: + enabled: true participant: id: &bpnNumber "" diff --git a/deployment/helm/edc-consumer/values-int.yaml b/deployment/helm/edc-consumer/values-int.yaml index d314ea29a..98dc6ac5e 100644 --- a/deployment/helm/edc-consumer/values-int.yaml +++ b/deployment/helm/edc-consumer/values-int.yaml @@ -31,6 +31,7 @@ # Declare variables to be passed into your templates. tractusx-connector: + enabled: true participant: id: &bpnNumber "" diff --git a/deployment/helm/edc-consumer/values.yaml b/deployment/helm/edc-consumer/values.yaml index 404347414..b84060cef 100644 --- a/deployment/helm/edc-consumer/values.yaml +++ b/deployment/helm/edc-consumer/values.yaml @@ -30,6 +30,7 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. tractusx-connector: + enabled: true install: daps: false postgresql: false diff --git a/deployment/helm/edc-provider/values-beta.yaml b/deployment/helm/edc-provider/values-beta.yaml index 6fb40f27e..8a1f03fb6 100644 --- a/deployment/helm/edc-provider/values-beta.yaml +++ b/deployment/helm/edc-provider/values-beta.yaml @@ -27,6 +27,7 @@ tractusx-connector: + enabled: true participant: id: &bpnNumber "" diff --git a/deployment/helm/edc-provider/values-int.yaml b/deployment/helm/edc-provider/values-int.yaml index adf0dd373..795ec31e4 100644 --- a/deployment/helm/edc-provider/values-int.yaml +++ b/deployment/helm/edc-provider/values-int.yaml @@ -27,6 +27,7 @@ tractusx-connector: + enabled: true participant: id: &bpnNumber "" diff --git a/deployment/helm/edc-provider/values.yaml b/deployment/helm/edc-provider/values.yaml index a8d5953e1..fc41f301d 100644 --- a/deployment/helm/edc-provider/values.yaml +++ b/deployment/helm/edc-provider/values.yaml @@ -27,6 +27,7 @@ tractusx-connector: + enabled: true install: daps: false postgresql: false From 470e7670263238897d5bed9da8eab2ce8c5457b7 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Fri, 9 Jun 2023 17:03:46 +0200 Subject: [PATCH 03/11] chore: updated version in helm and changelogs --- CHANGELOG.md | 13 +++++++++++++ charts/digital-product-pass/Chart.yaml | 4 ++-- docs/RELEASE_USER.md | 10 ++++++++++ package-lock.json | 4 ++-- package.json | 2 +- 5 files changed, 28 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 26a9a7996..6657d0c6c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,19 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [in preparation] +## [0.9.0] - xxxx-xx-xx + +## Updated +- EDC consumer updated from version `v0.1.6` to version `v0.4.1` +- EDC provider updated from version `v0.1.6` to version `v0.4.1` + +## Added +- Added the EDC connectors as dependencies. +- Added new values files to the comply with the EDC configuration + +## Deleted +- Deleted the CX-Backend-Service from the dependencies and the local subchart ## [released] ## [0.8.1] - 2023-06-09 diff --git a/charts/digital-product-pass/Chart.yaml b/charts/digital-product-pass/Chart.yaml index 8342e9808..0fa0f5170 100644 --- a/charts/digital-product-pass/Chart.yaml +++ b/charts/digital-product-pass/Chart.yaml @@ -37,10 +37,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.4 +version: 0.3.6 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.8.1" +appVersion: "0.9.0" diff --git a/docs/RELEASE_USER.md b/docs/RELEASE_USER.md index c9aa4975a..92f447f43 100644 --- a/docs/RELEASE_USER.md +++ b/docs/RELEASE_USER.md @@ -23,6 +23,16 @@ # Release Notes Digital Product Pass Application User friendly relase notes without especific technical details. +**XXXX XX XXXX (Version 0.9.0)** +*xx.xx.xxxx* + + +### Updated + +#### Updated EDC Provider and Consumer Versions to `v0.4.1` +Now the test EDC consusumer and provider contained in `deployment/helm/edc-provider` and `deployment/helm/edc-consumer` are updated to the latest version at the moment available the `v0.4.1` + + **June 09 2023 (Version 0.8.1)** *09.06.2023* diff --git a/package-lock.json b/package-lock.json index a05163d22..c8fb9f3f5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "productpass-consumer-ui", - "version": "0.8.1", + "version": "0.9.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "productpass-consumer-ui", - "version": "0.8.1", + "version": "0.9.0", "dependencies": { "@mdi/font": "5.9.55", "@popperjs/core": "^2.11.2", diff --git a/package.json b/package.json index 88f2d154d..7bc33ad74 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "productpass-consumer-ui", - "version": "0.8.1", + "version": "0.9.0", "private": true, "scripts": { "serve": "vite --host localhost", From fa9d7e5c4d7f22d0d237c3fcb85214832b390b6c Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Fri, 9 Jun 2023 17:24:09 +0200 Subject: [PATCH 04/11] fix: fixed deployment bug --- deployment/helm/edc-consumer/values-beta.yaml | 41 +++++++++++++++++-- deployment/helm/edc-consumer/values-int.yaml | 41 +++++++++++++++++-- deployment/helm/edc-provider/values-beta.yaml | 38 +++++++++++++++++ deployment/helm/edc-provider/values-int.yaml | 40 +++++++++++++++++- 4 files changed, 153 insertions(+), 7 deletions(-) diff --git a/deployment/helm/edc-consumer/values-beta.yaml b/deployment/helm/edc-consumer/values-beta.yaml index b3ebfa2bf..3a2e0f704 100644 --- a/deployment/helm/edc-consumer/values-beta.yaml +++ b/deployment/helm/edc-consumer/values-beta.yaml @@ -78,14 +78,31 @@ tractusx-connector: path: /consumer/observability # -- allow or disallow insecure access, i.e. access without authentication insecure: true - + ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" - + # -- Additional ingress annotations to add + annotations: {} + # -- EDC endpoints exposed by this ingress resource + endpoints: + - default + - management + - control + - protocol + - metrics + - observability + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use + className: "nginx" + # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource + tls: + # -- Enables TLS on the ingress resource + enabled: true + # -- If present overwrites the default secret name + secretName: "tls-secret" dataplane: enabled: true endpoints: @@ -119,7 +136,25 @@ tractusx-connector: # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" # -- Additional ingress annotations to add - + annotations: {} + # -- EDC endpoints exposed by this ingress resource + endpoints: + - public + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use + className: "nginx" + # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource + tls: + # -- Enables TLS on the ingress resource + enabled: true + # -- If present overwrites the default secret name + secretName: "tls-secret" + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource + certManager: + # -- If preset enables certificate generation via cert-manager namespace scoped issuer + issuer: "" + # -- If preset enables certificate generation via cert-manager cluster-wide issuer + clusterIssuer: "" + postgresql: username: password: diff --git a/deployment/helm/edc-consumer/values-int.yaml b/deployment/helm/edc-consumer/values-int.yaml index 98dc6ac5e..4d5f20c94 100644 --- a/deployment/helm/edc-consumer/values-int.yaml +++ b/deployment/helm/edc-consumer/values-int.yaml @@ -78,14 +78,31 @@ tractusx-connector: path: /consumer/observability # -- allow or disallow insecure access, i.e. access without authentication insecure: true - + ## Ingress declaration to expose the network service. ingresses: ## Public / Internet facing Ingress - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" - + # -- Additional ingress annotations to add + annotations: {} + # -- EDC endpoints exposed by this ingress resource + endpoints: + - default + - management + - control + - protocol + - metrics + - observability + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use + className: "nginx" + # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource + tls: + # -- Enables TLS on the ingress resource + enabled: true + # -- If present overwrites the default secret name + secretName: "tls-secret" dataplane: enabled: true endpoints: @@ -119,7 +136,25 @@ tractusx-connector: # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" # -- Additional ingress annotations to add - + annotations: {} + # -- EDC endpoints exposed by this ingress resource + endpoints: + - public + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use + className: "nginx" + # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource + tls: + # -- Enables TLS on the ingress resource + enabled: true + # -- If present overwrites the default secret name + secretName: "tls-secret" + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource + certManager: + # -- If preset enables certificate generation via cert-manager namespace scoped issuer + issuer: "" + # -- If preset enables certificate generation via cert-manager cluster-wide issuer + clusterIssuer: "" + postgresql: username: password: diff --git a/deployment/helm/edc-provider/values-beta.yaml b/deployment/helm/edc-provider/values-beta.yaml index 8a1f03fb6..d4a221d76 100644 --- a/deployment/helm/edc-provider/values-beta.yaml +++ b/deployment/helm/edc-provider/values-beta.yaml @@ -81,6 +81,25 @@ tractusx-connector: - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" + # -- Additional ingress annotations to add + annotations: {} + # -- EDC endpoints exposed by this ingress resource + endpoints: + - public + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use + className: "nginx" + # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource + tls: + # -- Enables TLS on the ingress resource + enabled: true + # -- If present overwrites the default secret name + secretName: "tls-secret" + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource + certManager: + # -- If preset enables certificate generation via cert-manager namespace scoped issuer + issuer: "" + # -- If preset enables certificate generation via cert-manager cluster-wide issuer + clusterIssuer: "" dataplane: enabled: true endpoints: @@ -113,6 +132,25 @@ tractusx-connector: # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" # -- Additional ingress annotations to add + # -- Additional ingress annotations to add + annotations: {} + # -- EDC endpoints exposed by this ingress resource + endpoints: + - public + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use + className: "nginx" + # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource + tls: + # -- Enables TLS on the ingress resource + enabled: true + # -- If present overwrites the default secret name + secretName: "tls-secret" + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource + certManager: + # -- If preset enables certificate generation via cert-manager namespace scoped issuer + issuer: "" + # -- If preset enables certificate generation via cert-manager cluster-wide issuer + clusterIssuer: "" postgresql: username: diff --git a/deployment/helm/edc-provider/values-int.yaml b/deployment/helm/edc-provider/values-int.yaml index 795ec31e4..e776e1b2e 100644 --- a/deployment/helm/edc-provider/values-int.yaml +++ b/deployment/helm/edc-provider/values-int.yaml @@ -81,6 +81,26 @@ tractusx-connector: - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" + # -- Additional ingress annotations to add + annotations: {} + # -- EDC endpoints exposed by this ingress resource + endpoints: + - public + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use + className: "nginx" + # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource + tls: + # -- Enables TLS on the ingress resource + enabled: true + # -- If present overwrites the default secret name + secretName: "tls-secret" + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource + certManager: + # -- If preset enables certificate generation via cert-manager namespace scoped issuer + issuer: "" + # -- If preset enables certificate generation via cert-manager cluster-wide issuer + clusterIssuer: "" + dataplane: enabled: true endpoints: @@ -113,7 +133,25 @@ tractusx-connector: # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" # -- Additional ingress annotations to add - + # -- Additional ingress annotations to add + annotations: {} + # -- EDC endpoints exposed by this ingress resource + endpoints: + - public + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use + className: "nginx" + # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource + tls: + # -- Enables TLS on the ingress resource + enabled: true + # -- If present overwrites the default secret name + secretName: "tls-secret" + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource + certManager: + # -- If preset enables certificate generation via cert-manager namespace scoped issuer + issuer: "" + # -- If preset enables certificate generation via cert-manager cluster-wide issuer + clusterIssuer: "" postgresql: username: password: From 8acee692de5e558a187289232028ea695ff88388 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Fri, 9 Jun 2023 17:33:27 +0200 Subject: [PATCH 05/11] fix: fixed deployment bug --- deployment/helm/edc-provider/values-beta.yaml | 16 ++++++++-------- deployment/helm/edc-provider/values-int.yaml | 16 +++++++--------- 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/deployment/helm/edc-provider/values-beta.yaml b/deployment/helm/edc-provider/values-beta.yaml index d4a221d76..4849dcccb 100644 --- a/deployment/helm/edc-provider/values-beta.yaml +++ b/deployment/helm/edc-provider/values-beta.yaml @@ -81,11 +81,17 @@ tractusx-connector: - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.beta.demo.catena-x.net" - # -- Additional ingress annotations to add + # -- Additional ingress annotations to add + # -- Additional ingress annotations to add annotations: {} # -- EDC endpoints exposed by this ingress resource endpoints: - - public + - default + - management + - control + - protocol + - metrics + - observability # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use className: "nginx" # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource @@ -94,12 +100,6 @@ tractusx-connector: enabled: true # -- If present overwrites the default secret name secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" dataplane: enabled: true endpoints: diff --git a/deployment/helm/edc-provider/values-int.yaml b/deployment/helm/edc-provider/values-int.yaml index e776e1b2e..c111e59f7 100644 --- a/deployment/helm/edc-provider/values-int.yaml +++ b/deployment/helm/edc-provider/values-int.yaml @@ -81,11 +81,16 @@ tractusx-connector: - enabled: true # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "materialpass.int.demo.catena-x.net" - # -- Additional ingress annotations to add + # -- Additional ingress annotations to add annotations: {} # -- EDC endpoints exposed by this ingress resource endpoints: - - public + - default + - management + - control + - protocol + - metrics + - observability # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use className: "nginx" # -- TLS [tls class](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) applied to the ingress resource @@ -94,13 +99,6 @@ tractusx-connector: enabled: true # -- If present overwrites the default secret name secretName: "tls-secret" - ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource - certManager: - # -- If preset enables certificate generation via cert-manager namespace scoped issuer - issuer: "" - # -- If preset enables certificate generation via cert-manager cluster-wide issuer - clusterIssuer: "" - dataplane: enabled: true endpoints: From a51165f11482cae125d1a6fff6a060236a96f39b Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 28 Jun 2023 16:20:07 +0200 Subject: [PATCH 06/11] fix: fixed deployment values --- deployment/helm/edc-consumer/values-int.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/deployment/helm/edc-consumer/values-int.yaml b/deployment/helm/edc-consumer/values-int.yaml index 4d5f20c94..d6161c4b8 100644 --- a/deployment/helm/edc-consumer/values-int.yaml +++ b/deployment/helm/edc-consumer/values-int.yaml @@ -158,9 +158,6 @@ tractusx-connector: postgresql: username: password: - auth: - username: - password: vault: From 579f02806621fca2d896e0c381365d455b7ac3e4 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 3 Jul 2023 18:07:09 +0200 Subject: [PATCH 07/11] chore: updated changelog and versions --- CHANGELOG.md | 36 ++++++++++++++------------ DEPENDENCIES_FRONTEND | 4 +-- charts/digital-product-pass/Chart.yaml | 2 +- consumer-backend/productpass/pom.xml | 2 +- consumer-backend/productpass/readme.md | 2 +- docs/RELEASE_USER.md | 20 ++++++++++++-- package-lock.json | 4 +-- package.json | 2 +- 8 files changed, 45 insertions(+), 27 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9704f2288..f7e3ef63e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -25,18 +25,15 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## [in preparation] +## [pre-released] - [1.0.0-alpha] - 2023-07-03 ## [1.0.0] - xxxx-xx-xx -## Updated -- EDC consumer updated from version `v0.1.6` to version `v0.4.1` -- EDC provider updated from version `v0.1.6` to version `v0.4.1` -- Updated charts configurations related to the backend. -- Updated the EDC test charts to remote the cx-backend-service configurations - +## Deleted +- Deleted the cx-backend-service from the EDC Consumer and Provider deployments +- Removed inrelevant infrastructure files +- Remove not necesarry logs that affected the performance + ## Added -- Added the EDC connectors as dependencies. -- Added new values files to the comply with the EDC configuration - Added new `/endpoint` api to store the payload incomming from the EDC data plane - Added the encryption and decryption in AES from passport payload. - Added AES unit tests @@ -57,6 +54,13 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/e - Added `.tractusx` metafile - Align chart version with app version. - Added file system logging of the negotiation and transfer. +- Added new contract attributes from response. +- Optimized the retrieval time to ~4 seconds. +- Refactored git workflows to add the dpp frontend and backend container images onto Docker Hub registry in order to have public access to the images. +- Added docker.io in digital-product-pass helm chart. +- Commit ID and Repo URL added in frontend image +- Frontend component to display legal information +- Added components to display more contract information. ## Updated - Updated charts configurations related to the backend. @@ -65,19 +69,17 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/e - Update the backend chart configuration - Refactor secrets structure - Updated postman collection - +- Updated veracode workflow +- Updated the backend service in the frontend to call the async backend apis. +- Updated footer of the application to add the legal information dialog. +- Updated the Mock payloads in the frontend component. +- Updated pom.xml file adding a resource tag to include files into /META-INF folder inside JAR. + ## Security Improvements - Added logic to create and authenticate with unique session tokens the sign and other methods. - Added Encryption of passport payload when coming from Data Plane endpoint, until it is retrieved to the user which is authenticated and is using the unique session token as decryption key. - Added unique signKey to backend, which is used to the unique session key. -## Deleted -- Deleted the cx-backend-service from the EDC Consumer and Provider deployments -- Removed inrelevant infrastructure files -- Remove not necesarry logs that affected the performance -- Deleted the CX-Backend-Service from the dependencies and the local subchart -- Deleted the cx-backend-service from the EDC Consumer and Provider deployments - ## [released] ## [0.9.0] - 2023-06-20 diff --git a/DEPENDENCIES_FRONTEND b/DEPENDENCIES_FRONTEND index 682d0cdbe..674284d31 100644 --- a/DEPENDENCIES_FRONTEND +++ b/DEPENDENCIES_FRONTEND @@ -71,7 +71,7 @@ npm/npmjs/-/csstype/2.6.21, MIT, approved, clearlydefined npm/npmjs/-/cypress-keycloak/1.9.0, MIT, approved, #6952 npm/npmjs/-/cypress/12.5.1, MIT AND OFL-1.1 AND BSD-3-Clause AND Apache-2.0 AND ISC AND (BSD-2-Clause AND MIT), approved, #7095 npm/npmjs/-/dashdash/1.14.1, MIT, approved, clearlydefined -npm/npmjs/-/dayjs/1.11.7, MIT, approved, clearlydefined +npm/npmjs/-/dayjs/1.11.7, MIT, approved, #9149 npm/npmjs/-/de-indent/1.0.2, MIT, approved, clearlydefined npm/npmjs/-/debug/3.2.7, MIT, approved, clearlydefined npm/npmjs/-/debug/4.3.4, MIT, approved, clearlydefined @@ -231,7 +231,7 @@ npm/npmjs/-/object-inspect/1.12.3, MIT, approved, clearlydefined npm/npmjs/-/once/1.4.0, ISC, approved, clearlydefined npm/npmjs/-/onetime/5.1.2, MIT, approved, clearlydefined npm/npmjs/-/open/8.4.1, MIT, approved, #7102 -npm/npmjs/-/optionator/0.9.1, MIT, approved, clearlydefined +npm/npmjs/-/optionator/0.9.1, MIT, approved, #9208 npm/npmjs/-/ospath/1.2.2, MIT, approved, clearlydefined npm/npmjs/-/p-limit/2.3.0, MIT, approved, clearlydefined npm/npmjs/-/p-locate/4.1.0, MIT, approved, clearlydefined diff --git a/charts/digital-product-pass/Chart.yaml b/charts/digital-product-pass/Chart.yaml index 827ebbb8e..0ffd37b88 100644 --- a/charts/digital-product-pass/Chart.yaml +++ b/charts/digital-product-pass/Chart.yaml @@ -45,4 +45,4 @@ version: 1.0.0 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.0.0" +appVersion: "1.0.0-alpha" diff --git a/consumer-backend/productpass/pom.xml b/consumer-backend/productpass/pom.xml index d41dc4460..5d314bb04 100644 --- a/consumer-backend/productpass/pom.xml +++ b/consumer-backend/productpass/pom.xml @@ -33,7 +33,7 @@ org.eclipse.tractusx productpass - 1.0.0-SNAPSHOT + 1.0.0-alpha-SNAPSHOT jar Catena-X Digital Product Passport Backend Product Passport Consumer Backend System for Product Passport Consumer Frontend Application diff --git a/consumer-backend/productpass/readme.md b/consumer-backend/productpass/readme.md index e4c4febad..07a1d8d78 100644 --- a/consumer-backend/productpass/readme.md +++ b/consumer-backend/productpass/readme.md @@ -23,7 +23,7 @@

  Digital Product Pass Backend

-

Version: 1.0.0-SNAPSHOT

+

Version: 1.0.0-alpha-SNAPSHOT


diff --git a/docs/RELEASE_USER.md b/docs/RELEASE_USER.md index dd83dc1a2..9c70ed0e8 100644 --- a/docs/RELEASE_USER.md +++ b/docs/RELEASE_USER.md @@ -23,17 +23,33 @@ # Release Notes Digital Product Pass Application User friendly relase notes without especific technical details. -**xxxx xx xxxx (Version 1.0.0)** +**xxxx xx xxxx (Version 1.0.0)** - **July 03 2023 (Pre-release 1.0.0-alpha)** *xx.xx.xxxx* ### Added +#### Added legal notice in frontend UI +Now the user is able to see the legal notice inclusing the license, the notice and the Commit Id from the source repository. + +#### Added legal files into the backend compiled JAR +When the images are generated, and the backend is compiled the LICENSE, NOTICE and DEPENCENCIES_BACKEND are moved inside the JAR file, +into the META-INF folder. + +#### Added Official Container Images to Docker Hub +Now the container images are available publicly on the Docker Hub Registry Platform through automated workflows. +They are released in the following URLs: + - https://hub.docker.com/r/tractusx/digital-product-pass-frontend + - https://hub.docker.com/r/tractusx/digital-product-pass-backend + + +#### Integration from frontend and new asynchronous backend +The frontend is now making the negotiation with the backend component in a asynchronous way. + #### Made backend asynchronous. By creating a asynchronous backend we are improving the control that the user has over the contract negotiation. Now the user can decline, cancel and sign the contract requests and visualize the status of the negotiation. Now the backend is also negotiating faster with the EDC `v0.4.1` so that is quicker and optimized - #### Added file system negotiation logs. Each process stores in the container file system (non persistent) the contract negotiation files as well the information for the transfer process. diff --git a/package-lock.json b/package-lock.json index 28767830c..d8aa75a4d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "productpass-consumer-ui", - "version": "1.0.0", + "version": "1.0.0-alpha", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "productpass-consumer-ui", - "version": "1.0.0", + "version": "1.0.0-alpha", "dependencies": { "@mdi/font": "5.9.55", "@popperjs/core": "^2.11.2", diff --git a/package.json b/package.json index a8525cdde..94bca4122 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "productpass-consumer-ui", - "version": "1.0.0", + "version": "1.0.0-alpha", "private": true, "scripts": { "serve": "vite --host localhost", From 061da488acce9e9d3db3900c051091f48e4f21a9 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Tue, 4 Jul 2023 15:24:28 +0200 Subject: [PATCH 08/11] fix: fixed infinite loop related to get status bug --- CHANGELOG.md | 1 + src/components/general/Footer.vue | 4 ++-- src/services/BackendService.js | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f7e3ef63e..12d2a59fc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -61,6 +61,7 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/e - Commit ID and Repo URL added in frontend image - Frontend component to display legal information - Added components to display more contract information. +- Fixed bug related to backend get status, where it looped over the status received. ## Updated - Updated charts configurations related to the backend. diff --git a/src/components/general/Footer.vue b/src/components/general/Footer.vue index 3dcad77b0..693d3e1a6 100644 --- a/src/components/general/Footer.vue +++ b/src/components/general/Footer.vue @@ -162,9 +162,9 @@ export default { computed: { tagRepoUrl() { if (VERSION == null || VERSION === "" || VERSION === "VERSION") { - return this.repoUrl; + return REPO_ENDPOINT; } - return this.repoUrl + "/releases/tag/v" + VERSION; + return REPO_ENDPOINT + "/releases/tag/v" + VERSION; }, }, setup() { diff --git a/src/services/BackendService.js b/src/services/BackendService.js index da1f061d3..d09a850f2 100644 --- a/src/services/BackendService.js +++ b/src/services/BackendService.js @@ -91,14 +91,14 @@ export default class BackendService { while (retries < maxRetries) { statusResponse = await this.getStatus(processId, authentication) status = jsonUtil.get("data.status", statusResponse); - if (loopBreakStatus.includes(status) || status == null) { + if (loopBreakStatus.includes(status) || status == null || (jsonUtil.exists("history", status) && jsonUtil.exists("transfer-completed",status["history"]))) { break; } await threadUtil.sleep(waitingTime); retries++; } - if (status == "COMPLETED") { + if (status == "COMPLETED" || (jsonUtil.exists("history", status) && jsonUtil.exists("transfer-completed",status["history"]))) { return await this.retrievePassport(negotiation, authentication); } From 629a275dd554a25e5622fae18162bec9575eb037 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Tue, 4 Jul 2023 15:24:28 +0200 Subject: [PATCH 09/11] fix: fixed infinite loop related to get status bug --- CHANGELOG.md | 1 + charts/digital-product-pass/templates/service-frontend.yaml | 1 + src/components/general/Footer.vue | 4 ++-- src/services/BackendService.js | 4 ++-- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f7e3ef63e..12d2a59fc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -61,6 +61,7 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/e - Commit ID and Repo URL added in frontend image - Frontend component to display legal information - Added components to display more contract information. +- Fixed bug related to backend get status, where it looped over the status received. ## Updated - Updated charts configurations related to the backend. diff --git a/charts/digital-product-pass/templates/service-frontend.yaml b/charts/digital-product-pass/templates/service-frontend.yaml index 1e8d351d5..33696d638 100644 --- a/charts/digital-product-pass/templates/service-frontend.yaml +++ b/charts/digital-product-pass/templates/service-frontend.yaml @@ -36,3 +36,4 @@ spec: name: http selector: {{- include "chart.selectorLabels" . | nindent 4 }} + diff --git a/src/components/general/Footer.vue b/src/components/general/Footer.vue index 3dcad77b0..693d3e1a6 100644 --- a/src/components/general/Footer.vue +++ b/src/components/general/Footer.vue @@ -162,9 +162,9 @@ export default { computed: { tagRepoUrl() { if (VERSION == null || VERSION === "" || VERSION === "VERSION") { - return this.repoUrl; + return REPO_ENDPOINT; } - return this.repoUrl + "/releases/tag/v" + VERSION; + return REPO_ENDPOINT + "/releases/tag/v" + VERSION; }, }, setup() { diff --git a/src/services/BackendService.js b/src/services/BackendService.js index da1f061d3..d09a850f2 100644 --- a/src/services/BackendService.js +++ b/src/services/BackendService.js @@ -91,14 +91,14 @@ export default class BackendService { while (retries < maxRetries) { statusResponse = await this.getStatus(processId, authentication) status = jsonUtil.get("data.status", statusResponse); - if (loopBreakStatus.includes(status) || status == null) { + if (loopBreakStatus.includes(status) || status == null || (jsonUtil.exists("history", status) && jsonUtil.exists("transfer-completed",status["history"]))) { break; } await threadUtil.sleep(waitingTime); retries++; } - if (status == "COMPLETED") { + if (status == "COMPLETED" || (jsonUtil.exists("history", status) && jsonUtil.exists("transfer-completed",status["history"]))) { return await this.retrievePassport(negotiation, authentication); } From 520da5364a052cf135ca8f01adf75040619abac0 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Tue, 4 Jul 2023 16:03:19 +0200 Subject: [PATCH 10/11] fix: refixed the bug related to the infinite loop --- src/services/BackendService.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/services/BackendService.js b/src/services/BackendService.js index d09a850f2..c69b3b1be 100644 --- a/src/services/BackendService.js +++ b/src/services/BackendService.js @@ -82,7 +82,7 @@ export default class BackendService { ) } - let loopBreakStatus = ["COMPLETED", "FAILED", "DECLINED"] + let loopBreakStatus = ["COMPLETED", "FAILED", "DECLINED", "RECEIVED"] let maxRetries = API_MAX_RETRIES; let waitingTime = API_DELAY; let retries = 0; @@ -91,14 +91,14 @@ export default class BackendService { while (retries < maxRetries) { statusResponse = await this.getStatus(processId, authentication) status = jsonUtil.get("data.status", statusResponse); - if (loopBreakStatus.includes(status) || status == null || (jsonUtil.exists("history", status) && jsonUtil.exists("transfer-completed",status["history"]))) { + if (loopBreakStatus.includes(status) || status == null) { break; } await threadUtil.sleep(waitingTime); retries++; } - if (status == "COMPLETED" || (jsonUtil.exists("history", status) && jsonUtil.exists("transfer-completed",status["history"]))) { + if (status === "COMPLETED" || status === "RECEIVED" ) { return await this.retrievePassport(negotiation, authentication); } From fd6271c4d77df4a63d3f78562927129d74789cb0 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Tue, 4 Jul 2023 16:03:19 +0200 Subject: [PATCH 11/11] fix: refixed the bug related to the infinite loop --- .../productpass/http/controllers/api/ApiController.java | 5 ----- src/services/BackendService.js | 6 +++--- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/consumer-backend/productpass/src/main/java/org/eclipse/tractusx/productpass/http/controllers/api/ApiController.java b/consumer-backend/productpass/src/main/java/org/eclipse/tractusx/productpass/http/controllers/api/ApiController.java index 135e34c0c..9ce588e3e 100644 --- a/consumer-backend/productpass/src/main/java/org/eclipse/tractusx/productpass/http/controllers/api/ApiController.java +++ b/consumer-backend/productpass/src/main/java/org/eclipse/tractusx/productpass/http/controllers/api/ApiController.java @@ -161,11 +161,6 @@ public Response getPassport(@Valid @RequestBody TokenRequest tokenRequestBody) { return httpUtil.buildResponse(response, httpResponse); } - if (!status.historyExists("transfer-completed")) { - response = httpUtil.getNotFound("The passport transfer was not completed!"); - return httpUtil.buildResponse(response, httpResponse); - } - if (!status.historyExists("passport-received")) { response = httpUtil.getNotFound("The passport is not available!"); return httpUtil.buildResponse(response, httpResponse); diff --git a/src/services/BackendService.js b/src/services/BackendService.js index d09a850f2..c69b3b1be 100644 --- a/src/services/BackendService.js +++ b/src/services/BackendService.js @@ -82,7 +82,7 @@ export default class BackendService { ) } - let loopBreakStatus = ["COMPLETED", "FAILED", "DECLINED"] + let loopBreakStatus = ["COMPLETED", "FAILED", "DECLINED", "RECEIVED"] let maxRetries = API_MAX_RETRIES; let waitingTime = API_DELAY; let retries = 0; @@ -91,14 +91,14 @@ export default class BackendService { while (retries < maxRetries) { statusResponse = await this.getStatus(processId, authentication) status = jsonUtil.get("data.status", statusResponse); - if (loopBreakStatus.includes(status) || status == null || (jsonUtil.exists("history", status) && jsonUtil.exists("transfer-completed",status["history"]))) { + if (loopBreakStatus.includes(status) || status == null) { break; } await threadUtil.sleep(waitingTime); retries++; } - if (status == "COMPLETED" || (jsonUtil.exists("history", status) && jsonUtil.exists("transfer-completed",status["history"]))) { + if (status === "COMPLETED" || status === "RECEIVED" ) { return await this.retrievePassport(negotiation, authentication); }