fix: add Trusted Issuers to helm template

charts/bdrs-server-memory/templates/deployment.yaml

@@ -145,8 +145,8 @@ spec:
             #######
             # API #
             #######
-            - name: "EDC_API_AUTH_KEY"
-              value: {{ .Values.server.endpoints.management.authKey | required ".Values.runtime.endpoints.management.authKey is required" | quote }}
+            - name: "EDC_API_AUTH_KEY_ALIAS"
+              value: {{ .Values.server.endpoints.management.authKeyAlias | required ".Values.runtime.endpoints.management.authKeyAlias is required" | quote }}
             - name: "WEB_HTTP_PORT"
               value: {{ .Values.server.endpoints.default.port | quote }}
             - name: "WEB_HTTP_PATH"
@@ -160,6 +160,14 @@ spec:
             - name: "WEB_HTTP_DIRECTORY_PATH"
               value: {{ .Values.server.endpoints.directory.path | quote }}
 
+            #############################
+            ## TRUSTED ISSUER CONFIG
+            #############################
+            {{- range $index, $issuer := .Values.server.trustedIssuers }}
+            - name: "EDC_IAM_TRUSTED-ISSUER_{{$index}}-ISSUER_ID"
+              value: {{ $issuer | quote }}
+            {{- end }}
+
             ######################################
             ## Additional environment variables ##
             ######################################

charts/bdrs-server-memory/values.yaml

@@ -84,7 +84,7 @@ server:
       # -- path for incoming api calls
       path: /api/management
       # -- authentication key, must be attached to each 'X-Api-Key' request header
-      authKey: "password"
+      authKeyAlias: "mgmt-api-key"
     # -- directory API
     directory:
       # -- port for incoming api calls
@@ -93,6 +93,9 @@ server:
       path: /api/directory
     # -- dsp api, used for inter connector communication and must be internet facing
 
+  # -- Configures the trusted issuers for this runtime
+  trustedIssuers: []
+
   service:
     # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service.
     type: ClusterIP

charts/bdrs-server/templates/deployment.yaml

@@ -192,6 +192,14 @@ spec:
               value: {{ .Values.vault.hashicorp.paths.health | quote }}
 
 
+            #############################
+            ## TRUSTED ISSUER CONFIG
+            #############################
+            {{- range $index, $issuer := .Values.server.trustedIssuers }}
+            - name: "EDC_IAM_TRUSTED-ISSUER_{{$index}}-ISSUER_ID"
+              value: {{ $issuer | quote }}
+            {{- end }}
+
             ######################################
             ## Additional environment variables ##
             ######################################

charts/bdrs-server/values.yaml

@@ -98,6 +98,9 @@ server:
       path: /api/directory
     # -- dsp api, used for inter connector communication and must be internet facing
 
+  # -- Configures the trusted issuers for this runtime
+  trustedIssuers: []
+
   service:
     # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service.
     type: ClusterIP

system-tests/helm/values-test.yaml

@@ -22,6 +22,11 @@
 install:
   vault: false
 server:
+  trustedIssuers:
+    # these must be the DIDs of the dataspace credential issuer
+    - "did:web:tractusx-issuer1"
+    - "did:web:tractusx-issuer2"
+
   ingresses:
     - enabled: true
       hostname: "localhost"