Merge pull request #130 from catenax-ng/R1.5.4

fix: Removal of openssh from orchestrator

CHANGELOG.md

@@ -13,6 +13,17 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 ### Changed
  - Refactor DT registry local use
 
+
+## [1.5.4] - 2023-11-01
+
+### Removed
+ - Removal of openssh dependency
+
+## [1.5.3] - 2023-10-30
+
+### Changed
+ - Refactor DT registry local use
+
 ## [1.5.2] - 2023-10-27
 
 ### Added

charts/orchestrator/Chart.yaml

@@ -38,13 +38,13 @@ sources:
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.5.3
+version: 1.5.4
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.5.3"
+appVersion: "1.5.4"
 
 dependencies:
   - condition: postgresql.enabled

charts/orchestrator/README.md

@@ -1,6 +1,6 @@
 # managed-service-orchestrator
 
-![Version: 1.5.0](https://img.shields.io/badge/Version-1.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.0](https://img.shields.io/badge/AppVersion-1.5.0-informational?style=flat-square)
+![Version: 1.5.4](https://img.shields.io/badge/Version-1.5.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.4](https://img.shields.io/badge/AppVersion-1.5.4-informational?style=flat-square)
 
 This service will help service provider to set up DFT/SDE with EDC and EDC as service in service provider environment.
 
@@ -24,13 +24,13 @@ This service will help service provider to set up DFT/SDE with EDC and EDC as se
 | affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].weight | int | `100` |  |
 | autoscaling.enabled | bool | `false` |  |
 | image.pullPolicy | string | `"Always"` | Set the Image Pull Policy |
-| image.repository | string | `"tractusx/managed-service-orchestrator"` | Image to use for deploying an application |
+| image.repository | string | `"ghcr.io/catenax-ng/tx-autosetup-backend/autosetup"` | Image to use for deploying an application |
 | image.tag | string | `""` | Image tage is defined in chart appVersion |
 | imagePullSecrets | list | `[]` |  |
-| ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod","nginx.ingress.kubernetes.io/affinity":"cookie","nginx.ingress.kubernetes.io/backend-protocol":"HTTP","nginx.ingress.kubernetes.io/session-cookie-max-age":"172800"}` | Annotations to add to the ingress |
+| ingress.annotations | object | `{}` | Annotations to add to the ingress |
 | ingress.className | string | `"nginx"` | a reference to an Ingress Class resource that contains additional configuration including the name of the controller that should implement the class |
 | ingress.enabled | bool | `false` | If you want to enable or disable the ingress |
-| ingress.host | string | `""` |  |
+| ingress.host | string | `""` | Host of the application on which application runs |
 | livenessProbe.failureThreshold | int | `3` |  |
 | livenessProbe.initialDelaySeconds | int | `60` |  |
 | livenessProbe.periodSeconds | int | `10` |  |
@@ -40,11 +40,11 @@ This service will help service provider to set up DFT/SDE with EDC and EDC as se
 | podAnnotations | object | `{}` |  |
 | podSecurityContext.fsGroup | int | `2000` |  |
 | portContainer | int | `9999` |  |
-| postgresql.auth.database | string | `"orchdb"` |  |
-| postgresql.auth.existingSecret | string | `"managed-service-orchestrator-int-secret"` |  |
-| postgresql.auth.secretKeys.adminPasswordKey | string | `"postgres-password"` |  |
-| postgresql.auth.secretKeys.userPasswordKey | string | `"password"` |  |
-| postgresql.auth.username | string | `"orchdbuser"` |  |
+| postgresql.auth.database | string | `""` |  |
+| postgresql.auth.existingSecret | string | `""` |  |
+| postgresql.auth.secretKeys.adminPasswordKey | string | `""` |  |
+| postgresql.auth.secretKeys.userPasswordKey | string | `""` |  |
+| postgresql.auth.username | string | `""` |  |
 | postgresql.enabled | bool | `true` | Enable the dependency postgres database |
 | postgresql.metrics.containerSecurityContext.enabled | bool | `false` |  |
 | probe.endpoint | string | `"/api/healthz"` |  |
@@ -58,7 +58,7 @@ This service will help service provider to set up DFT/SDE with EDC and EDC as se
 | resources.limits.memory | string | `"2Gi"` | set a maximum amount of allows memory utilization by specifying a limit on the container. |
 | resources.requests.cpu | string | `"400m"` | sets the minimum amount of CPU required for the container |
 | resources.requests.memory | string | `"2Gi"` | set a minimum amount of allows memory utilization by specifying a limit on the container. |
-| secretRef | string | `"managed-service-orchestrator-int-secret"` |  |
+| secretRef | string | `""` |  |
 | securityContext.allowPrivilegeEscalation | bool | `false` | Controls whether a process can gain more privilege |
 | securityContext.runAsNonRoot | bool | `true` |  |
 | securityContext.runAsUser | int | `1000` |  |
@@ -71,4 +71,4 @@ This service will help service provider to set up DFT/SDE with EDC and EDC as se
 | tolerations | list | `[]` |  |
 
 ----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
+Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3)

src/main/java/org/eclipse/tractusx/autosetup/manager/DTRegistryManager.java

@@ -84,12 +84,12 @@ public Map<String, String> managePackage(Customer customerDetails, AppActions ac
 				inputData.put("dtregistryUrl", localDTUrl);
 				inputData.put("dtregistryUrlWithURI", localDTUrl + dturi);
 			} else {
-				String dtregistryUrl = dnsNameURLProtocol + "://" + dnsName + "/"
-						+ sDEConfigurationProperty.getDtregistryUrlPrefix() + dturi;
+				String dtregistryUrl = dnsNameURLProtocol + "://" + dnsName + "/"+ sDEConfigurationProperty.getDtregistryUrlPrefix();
 				inputData.put("dtregistryUrl", dtregistryUrl);
 				inputData.put("dtregistryUrlWithURI", dtregistryUrl + dturi);
 			}
 
+			inputData.put("dtNeedExternalAccess", String.valueOf(!managedDTRegistryLocal));
 			inputData.put("rgdatabase", "registry");
 			inputData.put("rgdbpass", "admin@123");
 			inputData.put("rgusername", "catenax");
@@ -236,4 +236,4 @@ private void createContractDefination(Customer customerDetails, SelectedTools to
 		}
 	}
 
-}
+}

src/main/java/org/eclipse/tractusx/autosetup/manager/PortalIntegrationManager.java

@@ -112,12 +112,19 @@ public Map<String, String> postServiceInstanceResultAndGetTenantSpecs(Customer c
 				if (technicalUserInfo != null) {
 					inputData.put("keycloakAuthenticationClientId", technicalUserInfo.getTechnicalClientId());
 					inputData.put("keycloakAuthenticationClientSecret", technicalUserInfo.getTechnicalUserSecret());
+				} else {
+					log.warn("technicalUserInfo not recieved from portal");
 				}
 
 				ClientInfo clientInfo = serviceInstanceResultResponse.getClientInfo();
 				if (clientInfo != null) {
 					inputData.put("keycloakResourceClient", clientInfo.getClientId());
+				}else {
+					log.warn("clientInfo not recieved from portal");
 				}
+
+				autoSetupTriggerDetails.setRemark(serviceInstanceResultResponse.toJsonString());
+
 				log.info(LogUtil.encode(tenantName) + "-" + LogUtil.encode(packageName)
 						+ "-PostServiceInstanceResultAndGetTenantSpecs created");
 			} else {

src/main/java/org/eclipse/tractusx/autosetup/manager/VaultManager.java

@@ -58,7 +58,6 @@ public class VaultManager {
 	public static final String CERTIFICATE_PRIVATE_KEY = "certificate-private-key";
 	private final VaultAppManageProxy vaultManagerProxy;
 	private final AutoSetupTriggerManager autoSetupTriggerManager;
-	private final OpenSSLClientManager openSSLClientManager;
 
 	@Value("${vault.url}")
 	private String valutURL;
@@ -94,15 +93,13 @@ public Map<String, String> uploadKeyandValues(Customer customerDetails, Selected
 			tenantVaultSecret = new HashMap<>();
 			tenantVaultSecret.put(CONTENT, inputData.get("selfsigncertificateprivatekey"));
 			uploadSecrete(tenantNameNamespace, CERTIFICATE_PRIVATE_KEY, tenantVaultSecret);
-			
+
 			tenantVaultSecret = new HashMap<>();
 			tenantVaultSecret.put(CONTENT, inputData.get("keycloakAuthenticationClientSecret"));
 			uploadSecrete(tenantNameNamespace, CLIENT_SECRET, tenantVaultSecret);
 
-			String encryptionkeysalias = openSSLClientManager.executeCommand("openssl rand -base64 16");
-			encryptionkeysalias = encryptionkeysalias.replace("\n", "");
 			tenantVaultSecret = new HashMap<>();
-			tenantVaultSecret.put(CONTENT, encryptionkeysalias);
+			tenantVaultSecret.put(CONTENT, "c3RhbmRhcmRfZW5jX2tleQo=");
 			uploadSecrete(tenantNameNamespace, ENCRYPTIONKEYS, tenantVaultSecret);
 
 			inputData.put(DAPS_CERT, DAPS_CERT);

src/main/java/org/eclipse/tractusx/autosetup/service/AutoSetupOrchitestratorService.java

@@ -114,6 +114,9 @@ public class AutoSetupOrchitestratorService {
 
 	@Value("${managed.dt-registry:true}")
 	private boolean managedDtRegistry;
+
+	@Value("${managed.dt-registry.local:true}")
+	private boolean managedDTRegistryLocal;
 
 	public String getAllInstallPackages() {
 		return kubeAppManageProxy.getAllInstallPackages();
@@ -599,8 +602,10 @@ private List<Map<String, String>> extractDependantAppResult(Map<String, String>
 		List<Map<String, String>> processResult = new ArrayList<>();
 
 		//commentting this beause of dt is get localy managed
-		//Map<String, String> dt = extractDTResultMap(outputMap).get(0);
-		//processResult.add(dt);
+		if (managedDTRegistryLocal) {
+			Map<String, String> dt = extractDTResultMap(outputMap).get(0);
+			processResult.add(dt);
+		}
 
 		Map<String, String> edc = extractEDCResultMap(outputMap).get(0);
 		processResult.add(edc);

src/main/resources/flyway/V9__update_app_version.sql

@@ -220,15 +220,15 @@ update app_tbl set expected_input_data='{
 							
 							minio.bucket-name=$\{storage.media.bucket\}
 							
-							minio.location.tobeprocessed=ToBeProcessed
+							minio.location.tobeprocessed=
 							
-							minio.location.inprogress=InProgress
+							minio.location.inprogress=/InProgress
 							
-							minio.location.success=Success
+							minio.location.success=/Success
 							
-							minio.location.partialsucess=PartialSuccess
+							minio.location.partialsucess=/PartialSuccess
 							
-							minio.location.failed=Failed"
+							minio.location.failed=/Failed"
 			}			
 	},
 	"frontend": {
@@ -266,7 +266,7 @@ update app_tbl set expected_input_data='{
 							REACT_APP_FILESIZE=268435456"
 		   }
    }
-}',  package_identifier='tx-sde-charts/sde' ,package_version='1.0.0' where app_name='SDE';
+}',  package_identifier='tx-sde-charts/sde' ,package_version='1.0.1' where app_name='SDE';
 
 
 update app_tbl set expected_input_data= '{
@@ -294,9 +294,9 @@ update app_tbl set expected_input_data= '{
 		"idpClientId" : "$\{idpClientId\}",
 		"idpIssuerUri": "$\{idpIssuerUri\}",
 		"tenantId" : "$\{bpnNumber\}",
-		"authentication": false,
+		"authentication": $\{dtNeedExternalAccess\},
         "ingress": {
-                "enabled": false,
+                "enabled": $\{dtNeedExternalAccess\},
                 "hostname": "$\{dnsName\}",
                 "annotations": {
 				      "cert-manager.io/cluster-issuer": letsencrypt-prod,
@@ -308,9 +308,9 @@ update app_tbl set expected_input_data= '{
 				},
 				"urlPrefix": /$\{dtregistryUrlPrefix\},
                 "className": "nginx",
-                "tls": false
+                "tls": $\{dtNeedExternalAccess\}
             }
     }
 }', package_version='0.3.27' where app_name='DT_REGISTRY';
 
-update app_tbl set expected_input_data= replace(replace(expected_input_data,'\{','{'),'\}','}'), required_yaml_configuration=replace(replace(required_yaml_configuration,'\{','{'),'\}','}');
+update app_tbl set expected_input_data= replace(replace(expected_input_data,'\{','{'),'\}','}'), required_yaml_configuration=replace(replace(required_yaml_configuration,'\{','{'),'\}','}');