Skip to content
This repository has been archived by the owner on Mar 12, 2024. It is now read-only.

Commit

Permalink
Merge pull request #26 from catenax-ng/drs-2.0.0
Browse files Browse the repository at this point in the history
daps-reg-svc 2.0.0
  • Loading branch information
wjost authored Mar 9, 2023
2 parents d619d23 + cece65e commit d33d2b0
Show file tree
Hide file tree
Showing 34 changed files with 318 additions and 255 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/chart-release.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/dapsreg-pipeline.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down Expand Up @@ -81,5 +81,4 @@ jobs:
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}



7 changes: 4 additions & 3 deletions .github/workflows/kics.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down Expand Up @@ -30,7 +30,8 @@ on:
- "**/*.txt"
schedule:
- cron: "0 0 * * *"

workflow_dispatch:

jobs:
analyze:
name: Analyze
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/trivy.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 Catena-X
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand All @@ -16,7 +16,7 @@
# under the License.
#
# SPDX-License-Identifier: Apache-2.0
#################################################################################
################################################################################

name: "Trivy"
on:
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/veracode.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down Expand Up @@ -57,3 +57,4 @@ jobs:
filepath: "./target/*.jar"
vid: "${{ secrets.VERACODE_API_ID }}"
vkey: "${{ secrets.VERACODE_API_KEY }}"

23 changes: 11 additions & 12 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,27 +6,30 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),

## [Unreleased]

- sprint boot upgrade
- keycloak upgrade
NA

## [1.0.7] - 2023-03-03
## [2.0.0] - 2023-03-07

### Changed
- upgrade Spring Boot to 3.0.3
- upgrade Snakeyaml to 2.0 as 1.33 has security issue
- New application.properties changes
- sprint boot upgrade, keycloak upgrade

### Added
- This Version of DAPS-Registration Service faces several Security Issues. Those were evaluated at time of Release and will be fixed in the next version.
- Recommended mitigation action for Operating Companies is to enforce appropriate firewall rules so that the service cannot be accessed externally. (note: within the intended purpose, autosetup shall only be called from Portal)

## [1.0.6] - 2023-02-27
## [1.0.6] - 2023-02-22

### Added
- Added AUTHORS.md, INSTALL.md file
- Added service port to values.yaml
- Added comments in values.yaml
- Created README.md inside charts/dapsreg-svc/


### Changed
- Upgrade the springboot Library
- Modified .helmignore file
- Referring the tag from values.yaml to deployment.yaml
- Make referringConnector parameter (which contains BPN number in suffix) be mandatory


## [1.0.5] - 2023-02-05
Expand All @@ -51,7 +54,3 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),

### Removed
- Controller has been removed

### Known knowns
- Cross side scripting (XSS) shall be mitigated (low risk)
- Improving the validation of the input parameters (low risk)
7 changes: 4 additions & 3 deletions INSTALL.md
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
## Installation Steps
## Installation Steps:-

Helm charts are provided inside https://github.com/eclipse-tractusx/daps-registration-service

1.) Using helm commands <br />
1.) Using helm commands:- <br />

How to install application using helm:-
helm install ReleaseName ChartName
Expand All @@ -15,7 +15,7 @@ How to install application using helm:-
helm install daps-reg-service tractusx-dev/daps-reg-service


2.) Local installation
2.) Local installation:

a.) git clone https://github.com/eclipse-tractusx/daps-registration-service.git <br />
b.) Modify values file according to your requirement. <br />
Expand All @@ -32,3 +32,4 @@ How to install application using helm:-
d.) These secrets should be defined in Hashicorp vault. <br />
e.) Deploy in a kubernetes cluster <br />
helm install daps-reg-svc charts/daps-reg-service/ -n NameSpace <br />

9 changes: 5 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ of the DAPS are not disclosed to the requester.

### Software Version
```shell
Helm version is v1.0.7
Application version is v1.0.5
Helm version is v2.0.0
Application version is v2.0.0
```

# Solution Strategy
Expand Down Expand Up @@ -129,9 +129,10 @@ java -jar target/dapsreg-2.0.0.jar
Please note the name of jar-file as it may differ if version is changed.



## Installation Steps

https://github.com/eclipse-tractusx/daps-registration-service/blob/main/INSTALL.md

[INSTALL.md](INSTALL.md)


- - -
19 changes: 7 additions & 12 deletions charts/daps-reg-service/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand All @@ -20,7 +20,7 @@

apiVersion: v2
name: daps-reg-service
description: A Helm chart for Kubernetes
description: Daps regisgter service is used to register the EDC connector into DAPS

# A chart can be either an 'application' or a 'library' chart.
#
Expand All @@ -33,21 +33,16 @@ description: A Helm chart for Kubernetes
type: application

sources:
- https://github.com/eclipse-tractusx/daps-registration-service
- https://github.com/eclipse-tractusx/daps-registration-service

# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.0.7

version: 2.0.0

sources:
- https://github.com/eclipse-tractusx/daps-registration-service


# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.0.5"

appVersion: 2.0.0
7 changes: 4 additions & 3 deletions charts/daps-reg-service/README.md
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# daps-reg-service

![Version: 1.0.6](https://img.shields.io/badge/Version-1.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.4](https://img.shields.io/badge/AppVersion-1.0.4-informational?style=flat-square)
![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square)

A Helm chart for Kubernetes
Daps regisgter service is used to register the EDC connector into DAPS

## Source Code

Expand All @@ -21,13 +21,14 @@ A Helm chart for Kubernetes
| drs.secret.authServerUrl | string | `""` | Auth URL for keycloak |
| drs.secret.clientId | string | `""` | Client id for DAPS |
| drs.secret.clientSecret | string | `""` | Client Secret for DAPS |
| drs.secret.jwkSetUri | string | `""` | JWK Set URI |
| drs.secret.realm | string | `""` | Realm for portal keycloak |
| drs.secret.resource | string | `""` | Resource for portal keycloak |
| drs.secret.tokenUri | string | `""` | DAPS token URL |
| fullnameOverride | string | `""` | |
| image.pullPolicy | string | `"Always"` | Set the Image Pull Policy |
| image.repository | string | `"ghcr.io/catenax-ng/tx-daps-registration-service/dapsreg"` | Image to use for deploying an application |
| image.tag | string | `"1.0.4"` | Image tage is defined in chart appVersion. |
| image.tag | string | `""` | Image tage is defined in chart appVersion. |
| imagePullSecrets | list | `[]` | |
| ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt-prod"` | |
| ingress.annotations."nginx.ingress.kubernetes.io/use-regex" | string | `"true"` | |
Expand Down
9 changes: 8 additions & 1 deletion charts/daps-reg-service/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: 80
containerPort: {{ .Values.service.targetPort }}
protocol: TCP
env:
- name: APP_DAPS_CLIENTID
Expand Down Expand Up @@ -73,6 +73,13 @@ spec:
secretKeyRef:
name: {{ include "daps-reg-service.applicationSecret.name" . }}
key: tokenUri
- name: SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK-SET-URI
valueFrom:
secretKeyRef:
name: {{ include "daps-reg-service.applicationSecret.name" . }}
key: jwkSetUri


#livenessProbe:
# httpGet:
# path: /
Expand Down
5 changes: 3 additions & 2 deletions charts/daps-reg-service/templates/secret.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down Expand Up @@ -31,3 +31,4 @@ stringData:
resource: {{ .Values.drs.secret.resource | default (printf "%s-%s" "resource" (randAlpha 5)) }}
apiUri: {{ .Values.drs.secret.apiUri | default "https://apiUri" }}
tokenUri: {{ .Values.drs.secret.tokenUri | default "https://tokenUri" }}
jwkSetUri: {{ .Values.drs.secret.jwkSetUri | default "https://jwk-set-uri" }}
4 changes: 2 additions & 2 deletions charts/daps-reg-service/templates/service.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down
4 changes: 2 additions & 2 deletions charts/daps-reg-service/templates/serviceaccount.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
{{- if .Values.serviceAccount.create -}}

#################################################################################
# Copyright (c) 2021,2022 Catena-X
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 Catena-X
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down
5 changes: 3 additions & 2 deletions charts/daps-reg-service/values-beta.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down Expand Up @@ -60,5 +60,6 @@ drs:
resource: "<path:essential-services/data/daps-reg-svc-beta#resource>"
apiUri: "<path:essential-services/data/daps-reg-svc-beta#apiUri>"
tokenUri: "<path:essential-services/data/daps-reg-svc-beta#tokenUri>"
jwkSetUri: "<path:essential-services/data/daps-register-svc-beta#jwk-set-uri>"


14 changes: 5 additions & 9 deletions charts/daps-reg-service/values-dev.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand All @@ -25,20 +25,18 @@ ingress:
nginx.ingress.kubernetes.io/use-regex: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
className: "nginx"
host: "drs-pen.int.demo.catena-x.net"
host: "drs.dev.demo.catena-x.net"
hosts:
- host: drs.dev.demo.catena-x.net
paths:
- path: /
pathType: ImplementationSpecific


tls:
enabled: true
secretName: tls-secret
host: "drs.dev.demo.catena-x.net"



# -- Pod resources requests and limits configuration
resources:
limits:
Expand All @@ -48,7 +46,6 @@ resources:
cpu: 200m
memory: 300Mi


drs:
secret:
clientId: "<path:essential-services/data/daps#clientId>"
Expand All @@ -58,5 +55,4 @@ drs:
resource: "<path:essential-services/data/daps-register-svc#resource>"
apiUri: "<path:essential-services/data/daps-register-svc#apiUri>"
tokenUri: "<path:essential-services/data/daps-register-svc#tokenUri>"


jwkSetUri: "<path:essential-services/data/daps-register-svc#jwk-set-uri>"
5 changes: 3 additions & 2 deletions charts/daps-reg-service/values-int.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down Expand Up @@ -56,4 +56,5 @@ drs:
resource: "<path:essential-services/data/daps-register-svc#resource>"
apiUri: "<path:essential-services/data/daps-register-svc#apiUri>"
tokenUri: "<path:essential-services/data/daps-register-svc#tokenUri>"
jwkSetUri: "<path:essential-services/data/daps-register-svc#jwk-set-uri>"

5 changes: 3 additions & 2 deletions charts/daps-reg-service/values-pen.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#################################################################################
# Copyright (c) 2021,2022 T-Systems International GmbH
# Copyright (c) 2021,2022 Contributors to the Eclipse Foundation
# Copyright (c) 2022,2023 T-Systems International GmbH
# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
Expand Down Expand Up @@ -58,5 +58,6 @@ drs:
resource: "<path:essential-services/data/daps-register-svc-pen#resource>"
apiUri: "<path:essential-services/data/daps-register-svc-pen#apiUri>"
tokenUri: "<path:essential-services/data/daps-register-svc-pen#tokenUri>"
jwkSetUri: "<path:essential-services/data/daps-register-svc-pen#jwk-set-uri>"


Loading

0 comments on commit d33d2b0

Please sign in to comment.