diff --git a/charts/digital-product-pass/Chart.yaml b/charts/digital-product-pass/Chart.yaml index 837a43c37..36015a71c 100644 --- a/charts/digital-product-pass/Chart.yaml +++ b/charts/digital-product-pass/Chart.yaml @@ -40,10 +40,10 @@ type: application # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.3.1 +version: 1.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.3.1" +appVersion: "1.4.0" diff --git a/charts/digital-product-pass/templates/configmap-backend.yaml b/charts/digital-product-pass/templates/configmap-backend.yaml index 30ea64fe3..3dac8a6b2 100644 --- a/charts/digital-product-pass/templates/configmap-backend.yaml +++ b/charts/digital-product-pass/templates/configmap-backend.yaml @@ -26,5 +26,119 @@ metadata: name: backend-config namespace: {{ .Values.namespace }} data: - application.yml: |- - {{ .Values.backend.application.yml | nindent 4 }} + application.yaml: |- + spring: + name: "Digital Product Passport Consumer Backend" + main: + allow-bean-definition-overriding: true + devtools: + add-properties: false + jackson: + serialization: + indent_output: true + logging: + level: + # -- general logging level + root: {{ tpl (.Values.backend.logging.level.root | default "INFO") . | quote }} + # -- logging for the util components + utils: {{ tpl (.Values.backend.logging.level.utils | default "INFO") . | quote }} + + configuration: + # -- max retries for the backend services + maxRetries: {{ .Values.backend.maxRetries }} + # -- keycloak configuration + keycloak: + realm: {{ .Values.oauth.realm }} + resource: {{ .Values.oauth.appId }} + tokenUri: "https://{{ tpl (.Values.oauth.hostname | default "http://localhost") . }}/auth/realms/{{ .Values.oauth.realm }}/protocol/openid-connect/token" + userInfoUri: "https://{{ tpl (.Values.oauth.hostname | default "http://localhost") . }}/auth/realms/{{ .Values.oauth.realm }}/protocol/openid-connect/userinfo" + # -- edc consumer connection configuration + edc: + endpoint: "https://{{ .Values.backend.edc.endpoint }}" + management: {{ .Values.backend.edc.apis.management }} + catalog: {{ .Values.backend.edc.apis.catalog }} + negotiation: {{ .Values.backend.edc.apis.negotiation }} + transfer: {{ .Values.backend.edc.apis.transfer }} + receiverEndpoint: "https://{{ .Values.backend.hostname }}/endpoint" + delay: {{ .Values.backend.edc.delay }} # -- Negotiation status Delay in milliseconds in between async requests [<= 500] + # -- security configuration + security: + check: + enabled: {{ .Values.backend.securityCheck.enabled }} + bpn: {{ .Values.backend.securityCheck.bpn }} + edc: {{ .Values.backend.securityCheck.edc }} + # -- irs configuration + irs: + enabled: {{ .Values.backend.irs.enabled }} # -- Enable search for children in the requests + endpoint: "https://{{ .Values.backend.irs.hostname }}" # -- IRS endpoint + paths: + job: "/irs/jobs" # -- API path for calling in the IRS endpoints and staring/getting jobs + tree: + fileName: "treeDataModel" # -- Tree dataModel filename created in the processId directory + indent: true # -- Indent tree file + callbackUrl: "https://{{ .Values.backend.hostname }}/api/irs" # -- Backend call back base url for the irs controller + # -- digital twin registry configuration + dtr: + # -- asset type to search for the registry in the edc + assetType: 'data.core.digitalTwinRegistry' + # -- submodel endpoint interface to search + endpointInterface: 'SUBMODEL-3.0' + # -- dsp endpoint key inside submodel body + dspEndpointKey: 'dspEndpoint' + # -- decentral digital twin apis + decentralApis: + search: {{ .Values.backend.digitalTwinRegistry.endpoints.search }} + digitalTwin: {{ .Values.backend.digitalTwinRegistry.endpoints.digitalTwin }} + subModel: {{ .Values.backend.digitalTwinRegistry.endpoints.subModel }} + # -- timeouts for the digital twin registry async negotiation + timeouts: + search: {{ .Values.backend.digitalTwinRegistry.timeouts.search }} + negotiation: {{ .Values.backend.digitalTwinRegistry.timeouts.negotiation }} + transfer: {{ .Values.backend.digitalTwinRegistry.timeouts.transfer }} + digitalTwin: {{ .Values.backend.digitalTwinRegistry.timeouts.digitalTwin }} + # -- temporary storage of dDTRs for optimization + temporaryStorage: {{ .Values.backend.digitalTwinRegistry.temporaryStorage.enabled }} + # -- discovery configuration + discovery: + # -- discovery finder configuration + endpoint: "https://{{ tpl (.Values.backend.discovery.hostname | default "") . }}/api/v1.0/administration/connectors/discovery/search" + # -- bpn discovery configuration + bpn: + key: {{ tpl (.Values.backend.discovery.bpnDiscovery.key | default "manufacturerPartId") . | quote }} + searchPath: {{ tpl (.Values.backend.discovery.bpnDiscovery.path | default "") . | quote }} + # -- edc discovery configuration + edc: + key: {{ tpl (.Values.backend.discovery.edcDiscovery.key | default "bpn") . | quote }} + # -- process configuration + process: + # -- directory for storing the contract negotiation files + dir: "process" + # -- indent the process negotiation files + indent: true + # -- unique sha512 hash key used for the passport encryption + signKey: {{ tpl (.Values.backend.process.encryptionKey | default "") . | quote }} + # -- passport data transfer configuration + passport: + # -- configure the data transfer + dataTransfer: + # -- encrypt the passport when he arrives from the edc data plane + encrypt: true + # -- the indent from the passport + indent: true + # -- directory to store the passport when is not linked to a process + dir: "data/transfer" + # -- passport versions and aspects allowed + aspects: {{- toYaml .Values.backend.passport.aspects | nindent 10 }} + # -- configuration of the spring boot server + server: + # -- configuration of backend errors + error: + include-message: ALWAYS + include-binding-errors: ALWAYS + include-stacktrace: ON_PARAM + include-exception: false + # -- listening port for the backend + port: {{ .Values.backend.serverPort }} + # -- maximum allowed connections + tomcat: + max-connections: 10000 diff --git a/charts/digital-product-pass/templates/deployment-frontend.yaml b/charts/digital-product-pass/templates/deployment-frontend.yaml index b395f094c..3e09753dd 100644 --- a/charts/digital-product-pass/templates/deployment-frontend.yaml +++ b/charts/digital-product-pass/templates/deployment-frontend.yaml @@ -61,34 +61,34 @@ spec: {{- end }} - name: "KEYCLOAK_CLIENTID" - value: "{{ .Values.frontend.productpass.keycloak.clientId }}" + value: "{{ .Values.oauth.appId }}" - name: "KEYCLOAK_REALM" - value: "{{ .Values.frontend.productpass.keycloak.realm }}" + value: "{{ .Values.oauth.realm }}" - name: "KEYCLOAK_ONLOAD" - value: "{{ .Values.frontend.productpass.keycloak.onLoad }}" + value: "{{ .Values.oauth.onLoad }}" - name: "BACKEND_URL" - value: "https://{{ .Values.frontend.productpass.backend_url }}" + value: "https://{{ .Values.frontend.backend.hostname }}" - name: "IDP_URL" - value: "https://{{ .Values.frontend.productpass.idp_url }}" + value: "https://{{ .Values.oauth.hostname }}" - name: "API_TIMEOUT" - value: "{{ .Values.frontend.productpass.api.timeout }}" + value: "{{ .Values.frontend.api.timeout }}" - name: "API_MAX_RETRIES" - value: "{{ .Values.frontend.productpass.api.max_retries }}" + value: "{{ .Values.frontend.api.max_retries }}" - name: "IRS_DELAY" - value: "{{ .Values.frontend.productpass.irs.requestDelay }}" + value: "{{ .Values.frontend.irs.requestDelay }}" - name: "IRS_MAX_WAITING_TIME" - value: "{{ .Values.frontend.productpass.irs.maxWaitingTime }}" + value: "{{ .Values.frontend.irs.maxWaitingTime }}" - name: "API_DELAY" - value: "{{ .Values.frontend.productpass.api.delay }}" + value: "{{ .Values.frontend.api.delay }}" - name: "VERSION" value: "{{ .Chart.AppVersion }}" diff --git a/charts/digital-product-pass/templates/secret-backend.yaml b/charts/digital-product-pass/templates/secret-backend.yaml index 6ddbe0e2a..5d2159e61 100644 --- a/charts/digital-product-pass/templates/secret-backend.yaml +++ b/charts/digital-product-pass/templates/secret-backend.yaml @@ -29,8 +29,8 @@ metadata: namespace: {{ .Values.namespace }} type: Opaque stringData: - clientId: {{ .Values.backend.edc.clientId }} - clientSecret: {{ .Values.backend.edc.clientSecret }} + clientId: {{ .Values.oauth.techUser.clientId }} + clientSecret: {{ .Values.oauth.techUser.clientSecret }} --- apiVersion: v1 diff --git a/charts/digital-product-pass/values-beta.yaml b/charts/digital-product-pass/values-beta.yaml index 9d8affa6f..a4617a433 100644 --- a/charts/digital-product-pass/values-beta.yaml +++ b/charts/digital-product-pass/values-beta.yaml @@ -20,183 +20,80 @@ # SPDX-License-Identifier: Apache-2.0 ################################################################################# -frontend: +backend: ingress: enabled: true - #className: "" + # className: "nginx" annotations: ingressClassName: nginx # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "false" - nginx.ingress.kubernetes.io/rewrite-target: /$2 nginx.ingress.kubernetes.io/backend-protocol: "HTTP" - nginx.ingress.kubernetes.io/service-upstream: "true" hosts: - - host: materialpass.beta.demo.catena-x.net + - host: &hostname "materialpass.beta.demo.catena-x.net" paths: - - path: /passport(/|$)(.*) + - path: / pathType: Prefix tls: - secretName: tls-secret hosts: - - materialpass.beta.demo.catena-x.net + - *hostname edc: - clientId: - clientSecret: xApiKey: + participantId: + endpoint: "materialpass.beta.demo.catena-x.net/consumer" - # Product Passport UI Configuration - productpass: - backend_url: "materialpass.beta.demo.catena-x.net" - idp_url: "centralidp.beta.demo.catena-x.net/auth/" - keycloak: - clientId: "Cl13-CX-Battery" - realm: "CX-Central" - onLoad: "login-required" - irsDelay: "" - irsMaxWaitingTime: "" + hostname: *hostname + securityCheck: + enabled: true + bpn: true + edc: true -backend: + irs: + enabled: true + hostnam: "materialpass-irs.beta.demo.catena-x.net" + + process: + encryptionKey: "" + + discovery: + hostname: "semantics.beta.demo.catena-x.net/discoveryfinder" + +frontend: ingress: enabled: true - # className: "nginx" + #className: "" annotations: ingressClassName: nginx # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "false" + nginx.ingress.kubernetes.io/rewrite-target: /$2 nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/service-upstream: "true" hosts: - host: materialpass.beta.demo.catena-x.net paths: - - path: / + - path: /passport(/|$)(.*) pathType: Prefix tls: - secretName: tls-secret hosts: - materialpass.beta.demo.catena-x.net - avp: - helm: - clientId: - clientSecret: - xApiKey: - participantId: + edc: + xApiKey: + + # Product Passport UI Configuration + backend: + hostname: "materialpass.beta.demo.catena-x.net" - application: - yml: |- - spring: - name: 'Catena-X Product Passport Consumer Backend' - main: - allow-bean-definition-overriding: true - devtools: - add-properties: false - jackson: - serialization: - indent_output: true - - logging: - level: - root: INFO - utils: INFO - - configuration: - maxRetries: 5 - - keycloak: - realm: CX-Central - resource: Cl13-CX-Battery - tokenUri: 'https://centralidp.beta.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token' - userInfoUri: 'https://centralidp.beta.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/userinfo' - - edc: - endpoint: 'https://materialpass.beta.demo.catena-x.net/consumer' - management: '/management/v2' - catalog: '/catalog/request' - negotiation: '/contractnegotiations' - transfer: '/transferprocesses' - receiverEndpoint: 'https://materialpass.beta.demo.catena-x.net/endpoint' - delay: 100 # -- Negotiation status Delay in milliseconds in between async requests [<= 500] - - security: - check: - enabled: true - bpn: true - edc: true - - irs: - enabled: true - endpoint: "https://materialpass-irs.beta.demo.catena-x.net" - paths: - job: "/irs/jobs" - tree: - fileName: "treeDataModel" - indent: true - callbackUrl: "https://materialpass.beta.demo.catena-x.net/api/irs" - - dtr: - central: false - centralUrl: 'https://semantics.beta.demo.catena-x.net/registry' - assetType: 'data.core.digitalTwinRegistry' - endpointInterface: 'SUBMODEL-3.0' - dspEndpointKey: 'dspEndpoint' - decentralApis: - search: "/lookup/shells/query" - digitalTwin: "/shell-descriptors" - subModel: "/submodel-descriptors" - timeouts: - search: 10 - negotiation: 40 - transfer: 10 - digitalTwin: 20 - temporaryStorage: true - - discovery: - endpoint: "https://semantics.beta.demo.catena-x.net/discoveryfinder/api/v1.0/administration/connectors/discovery/search" - bpn: - key: "manufacturerPartId" - searchPath: "/api/v1.0/administration/connectors/bpnDiscovery/search" - timeout: 1500 - edc: - key: "bpn" - timeout: 1500 - - process: - store: true - dir: 'process' - indent: true - signKey: '' - - passport: - dataTransfer: - encrypt: true - indent: true - dir: "data/transfer" - aspects: - - "urn:bamm:io.catenax.generic.digital_product_passport:1.0.0#DigitalProductPassport" - - "urn:bamm:io.catenax.battery.battery_pass:3.0.1#BatteryPass" - - vault: - type: 'local' - file: 'vault.token.yml' - pathSep: "." - prettyPrint: true - indent: 2 - defaultValue: '' - attributes: - - "client.id" - - "client.secret" - - "edc.apiKey" - - "edc.participantId" - - server: - error: - include-message: ALWAYS - include-binding-errors: ALWAYS - include-stacktrace: ON_PARAM - include-exception: false - port: 8888 - tomcat: - max-connections: 10000 +oauth: + hostname: "centralidp.int.demo.catena-x.net" + techUser: + clientId: + clientSecret: + realm: + appId: diff --git a/charts/digital-product-pass/values-dev.yaml b/charts/digital-product-pass/values-dev.yaml index 3a1f8e186..55fdc43f1 100644 --- a/charts/digital-product-pass/values-dev.yaml +++ b/charts/digital-product-pass/values-dev.yaml @@ -20,183 +20,81 @@ # SPDX-License-Identifier: Apache-2.0 ################################################################################# -frontend: +backend: ingress: enabled: true - #className: "" + # className: "nginx" annotations: ingressClassName: nginx # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "false" - nginx.ingress.kubernetes.io/rewrite-target: /$2 - nginx.ingress.kubernetes.io/service-upstream: "true" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" hosts: - - host: materialpass.dev.demo.catena-x.net + - host: &hostname "materialpass.dev.demo.catena-x.net" paths: - - path: /passport(/|$)(.*) + - path: / pathType: Prefix tls: - secretName: tls-secret hosts: - - materialpass.dev.demo.catena-x.net + - *hostname edc: - clientId: - clientSecret: xApiKey: + participantId: + endpoint: "materialpass.dev.demo.catena-x.net/consumer" - # Product Passport UI Configuration - productpass: - backend_url: "materialpass.dev.demo.catena-x.net" - idp_url: "centralidp.dev.demo.catena-x.net/auth/" - keycloak: - clientId: "Cl13-CX-Battery" - realm: "CX-Central" - onLoad: "login-required" - irsDelay: "" - irsMaxWaitingTime: "" - -backend: + hostname: *hostname + + securityCheck: + enabled: true + bpn: true + edc: true + + irs: + enabled: true + hostname: "materialpass-irs.dev.demo.catena-x.net" + + process: + encryptionKey: "" + + discovery: + hostname: "semantics.dev.demo.catena-x.net/discoveryfinder" + +frontend: ingress: enabled: true - # className: "nginx" + #className: "" annotations: ingressClassName: nginx # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "false" + nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.ingress.kubernetes.io/service-upstream: "true" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" hosts: - host: materialpass.dev.demo.catena-x.net paths: - - path: / + - path: /passport(/|$)(.*) pathType: Prefix tls: - secretName: tls-secret hosts: - materialpass.dev.demo.catena-x.net - avp: - helm: - clientId: - clientSecret: - xApiKey: - participantId: + edc: + xApiKey: + + # Product Passport UI Configuration + backend: + hostname: *hostname - application: - yml: |- - spring: - name: 'Catena-X Product Passport Consumer Backend' - main: - allow-bean-definition-overriding: true - devtools: - add-properties: false - jackson: - serialization: - indent_output: true - - logging: - level: - root: INFO - utils: INFO - - configuration: - maxRetries: 5 - - keycloak: - realm: CX-Central - resource: Cl13-CX-Battery - tokenUri: 'https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token' - userInfoUri: 'https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/userinfo' - - edc: - endpoint: 'https://materialpass.dev.demo.catena-x.net/consumer' - management: '/management/v2' - catalog: '/catalog/request' - negotiation: '/contractnegotiations' - transfer: '/transferprocesses' - receiverEndpoint: 'https://materialpass.dev.demo.catena-x.net/endpoint' - delay: 100 # -- Negotiation status Delay in milliseconds in between async requests [<= 500] - - security: - check: - enabled: true - bpn: false - edc: true - - irs: - enabled: true - endpoint: "https://materialpass-irs.dev.demo.catena-x.net" - paths: - job: "/irs/jobs" - tree: - fileName: "treeDataModel" - indent: true - callbackUrl: "https://materialpass.dev.demo.catena-x.net/api/irs" - - dtr: - central: false - centralUrl: 'https://semantics.dev.demo.catena-x.net/registry' - assetType: 'data.core.digitalTwinRegistry' - dspEndpointKey: 'dspEndpoint' - endpointInterface: 'SUBMODEL-3.0' - decentralApis: - search: "/lookup/shells" - digitalTwin: "/shell-descriptors" - subModel: "/submodel-descriptors" - timeouts: - search: 10 - negotiation: 40 - transfer: 10 - digitalTwin: 20 - temporaryStorage: true - - discovery: - endpoint: "https://semantics.dev.demo.catena-x.net/discoveryfinder/api/v1.0/administration/connectors/discovery/search" - bpn: - key: "manufacturerPartId" - searchPath: "/api/v1.0/administration/connectors/bpnDiscovery/search" - timeout: 1500 - edc: - key: "bpn" - timeout: 1500 - - process: - store: true - dir: 'process' - indent: true - signKey: '' - - passport: - dataTransfer: - encrypt: true - indent: true - dir: "data/transfer" - aspects: - - "urn:bamm:io.catenax.generic.digital_product_passport:1.0.0#DigitalProductPassport" - - "urn:bamm:io.catenax.battery.battery_pass:3.0.1#BatteryPass" - - vault: - type: 'local' - file: 'vault.token.yml' - pathSep: "." - prettyPrint: true - indent: 2 - defaultValue: '' - attributes: - - "client.id" - - "client.secret" - - "edc.apiKey" - - "edc.participantId" - - server: - error: - include-message: ALWAYS - include-binding-errors: ALWAYS - include-stacktrace: ON_PARAM - include-exception: false - port: 8888 - tomcat: - max-connections: 10000 +oauth: + hostname: "centralidp.dev.demo.catena-x.net" + techUser: + clientId: + clientSecret: + realm: + appId: diff --git a/charts/digital-product-pass/values-int.yaml b/charts/digital-product-pass/values-int.yaml index 3ecb014ad..e82db3bb6 100644 --- a/charts/digital-product-pass/values-int.yaml +++ b/charts/digital-product-pass/values-int.yaml @@ -20,185 +20,78 @@ # SPDX-License-Identifier: Apache-2.0 ################################################################################# -frontend: +backend: ingress: enabled: true - #className: "" + # className: "nginx" annotations: ingressClassName: nginx # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "false" - nginx.ingress.kubernetes.io/rewrite-target: /$2 nginx.ingress.kubernetes.io/backend-protocol: "HTTP" - nginx.ingress.kubernetes.io/service-upstream: "true" hosts: - - host: materialpass.int.demo.catena-x.net + - host: &hostname "materialpass.int.demo.catena-x.net" paths: - - path: /passport(/|$)(.*) + - path: / pathType: Prefix tls: - secretName: tls-secret hosts: - - materialpass.int.demo.catena-x.net - + - *hostname edc: - clientId: - clientSecret: xApiKey: + participantId: + endpoint: "materialpass.int.demo.catena-x.net/consumer" - productpass: - backend_url: "materialpass.int.demo.catena-x.net" - idp_url: "centralidp.int.demo.catena-x.net/auth/" - keycloak: - clientId: "Cl13-CX-Battery" - realm: "CX-Central" - onLoad: "login-required" - irsDelay: "" - irsMaxWaitingTime: "" + hostname: *hostname + securityCheck: + enabled: true + bpn: true + edc: true -backend: + irs: + enabled: true + hostname: "materialpass-irs.int.demo.catena-x.net" + + process: + encryptionKey: "" + + discovery: + hostname: "semantics.int.demo.catena-x.net/discoveryfinder" + +frontend: ingress: enabled: true - # className: "nginx" + #className: "" annotations: ingressClassName: nginx # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "false" + nginx.ingress.kubernetes.io/rewrite-target: /$2 nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/service-upstream: "true" hosts: - host: materialpass.int.demo.catena-x.net paths: - - path: / + - path: /passport(/|$)(.*) pathType: Prefix tls: - secretName: tls-secret hosts: - materialpass.int.demo.catena-x.net - avp: - helm: - clientId: - clientSecret: - xApiKey: - participantId: - - application: - yml: |- - spring: - name: 'Catena-X Product Passport Consumer Backend' - main: - allow-bean-definition-overriding: true - devtools: - add-properties: false - jackson: - serialization: - indent_output: true - - logging: - level: - root: INFO - utils: INFO - - configuration: - maxRetries: 5 - - keycloak: - realm: CX-Central - resource: Cl13-CX-Battery - tokenUri: 'https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token' - userInfoUri: 'https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/userinfo' - - edc: - endpoint: 'https://materialpass.int.demo.catena-x.net/consumer' - management: '/management/v2' - catalog: '/catalog/request' - negotiation: '/contractnegotiations' - transfer: '/transferprocesses' - receiverEndpoint: 'https://materialpass.int.demo.catena-x.net/endpoint' - delay: 100 # -- Negotiation status Delay in milliseconds in between async requests [<= 500] - - security: - check: - enabled: true - bpn: true - edc: true - - irs: - enabled: true - endpoint: "https://materialpass-irs.int.demo.catena-x.net" - paths: - job: "/irs/jobs" - tree: - fileName: "treeDataModel" - indent: true - callbackUrl: "https://materialpass.int.demo.catena-x.net/api/irs" - - dtr: - central: false - centralUrl: 'https://semantics.int.demo.catena-x.net/registry' - assetType: 'data.core.digitalTwinRegistry' - dspEndpointKey: 'dspEndpoint' - endpointInterface: 'SUBMODEL-3.0' - decentralApis: - search: "/lookup/shells" - digitalTwin: "/shell-descriptors" - subModel: "/submodel-descriptors" - timeouts: - search: 10 - negotiation: 40 - transfer: 10 - digitalTwin: 20 - temporaryStorage: true - - discovery: - endpoint: "https://semantics.int.demo.catena-x.net/discoveryfinder/api/v1.0/administration/connectors/discovery/search" - bpn: - key: "manufacturerPartId" - searchPath: "/api/v1.0/administration/connectors/bpnDiscovery/search" - timeout: 1500 - edc: - key: "bpn" - timeout: 1500 - - - process: - store: true - dir: 'process' - indent: true - signKey: '' - - passport: - dataTransfer: - encrypt: true - indent: true - dir: "data/transfer" - aspects: - - "urn:bamm:io.catenax.generic.digital_product_passport:1.0.0#DigitalProductPassport" - - "urn:bamm:io.catenax.battery.battery_pass:3.0.1#BatteryPass" - - vault: - type: 'local' - file: 'vault.token.yml' - pathSep: "." - prettyPrint: true - indent: 2 - defaultValue: '' - attributes: - - "client.id" - - "client.secret" - - "edc.apiKey" - - "edc.participantId" - - server: - error: - include-message: ALWAYS - include-binding-errors: ALWAYS - include-stacktrace: ON_PARAM - include-exception: false - port: 8888 - tomcat: - max-connections: 10000 + edc: + xApiKey: + backend: + hostname: *hostname +oauth: + hostname: "centralidp.int.demo.catena-x.net" + techUser: + clientId: + clientSecret: + realm: + appId: diff --git a/charts/digital-product-pass/values.yaml b/charts/digital-product-pass/values.yaml index 274a8a32c..751c7ddb6 100644 --- a/charts/digital-product-pass/values.yaml +++ b/charts/digital-product-pass/values.yaml @@ -47,33 +47,39 @@ frontend: hosts: [] # -- product passport UI configuration - productpass: - # -- url of the digital product pass backend service - backend_url: "" - # -- url of the identity provider service - idp_url: "" - - # -- api timeouts - api: - # -- max retries for getting status - max_retries: 30 - # -- default timeout - 90 seconds in milliseconds - timeout: 90000 - # -- delay from getting status - delay: 1000 - - # -- irs api timeouts - irs: - # -- request timeout delay - requestDelay: 30000 - # -- maximum waiting time to get the irs job status - maxWaitingTime: 30 - - # -- keycloak specific configuration for frontend authentication - keycloak: - clientId: "" - realm: "" - onLoad: "login-required" + + # -- url of the digital product pass backend service + backend: + hostname: "" + + # -- api timeouts + api: + # -- max retries for getting status + max_retries: 30 + # -- default timeout - 90 seconds in milliseconds + timeout: 90000 + # -- delay from getting status + delay: 1000 + + # -- irs api timeouts + irs: + # -- request timeout delay + requestDelay: 30000 + # -- maximum waiting time to get the irs job status + maxWaitingTime: 30 + +# -- oauth configuration +oauth: + # -- url of the identity provider service + hostname: "" + # -- technical user keycloak central id credentials + # -- note: this credentials need to have access to the Discovery Finder, BPN Discovery and EDC Discovery + techUser: + clientId: "" + clientSecret: "" + realm: "" + appId: "" + onLoad: "login-required" # -- Backend configuration backend: @@ -93,143 +99,93 @@ backend: # -- ingress declaration to expose the dpp-backend service ingress: enabled: false + hosts: + - host: &hostname "localhost" + paths: + - path: / + pathType: Prefix # -- in this section we configure the values that are inserted as secrets in the backend edc: - # -- technical user keycloak central id credentials - # -- note: this credentials need to have access to the Discovery Finder, BPN Discovery and EDC Discovery - clientId: "" - clientSecret: "" # -- the secret for assesing the edc management API xApiKey: "" # -- BPN Number participantId: "" + # -- edc consumer connection configuration + endpoint: "" + apis: + management: '/management/v2' + catalog: '/catalog/request' + negotiation: '/contractnegotiations' + transfer: '/transferprocesses' + delay: 100 # -- Negotiation status Delay in milliseconds in between async requests [<= 500] + + # -- backend hostname (without protocol prefix [DEFAULT HTTPS] for security ) + hostname: *hostname + # -- configuration of the spring boot server + serverPort: 8888 + + logging: + level: + # -- general logging level + root: INFO + # -- logging for the util components + utils: INFO + + # -- Provide your custom configuration here (this overrides the DPP backend spring application.yaml) + # -- max retries for the backend services + maxRetries: 5 + + # -- security configuration + securityCheck: + enabled: false + bpn: false + edc: false - # -- specific backend and spring boot configurations - application: - yml: |- - # -- spring boot configuration - spring: - name: "Catena-X Product Passport Consumer Backend" - main: - allow-bean-definition-overriding: true - devtools: - add-properties: false - jackson: - serialization: - indent_output: true - logging: - level: - # -- general logging level - root: INFO - # -- logging for the util components - utils: INFO - configuration: - # -- max retries for the backend services - maxRetries: 5 - # -- keycloak configuration - keycloak: - realm: CX-Central - resource: Cl13-CX-Battery - tokenUri: 'https:///auth/realms//protocol/openid-connect/token' - userInfoUri: 'https:///auth/realms//protocol/openid-connect/userinfo' - # -- edc consumer connection configuration - edc: - endpoint: 'https://' - management: '/management/v2' - catalog: '/catalog/request' - negotiation: '/contractnegotiations' - transfer: '/transferprocesses' - receiverEndpoint: 'https:///endpoint' - delay: 100 # -- Negotiation status Delay in milliseconds in between async requests [<= 500] - # -- security configuration - security: - check: - enabled: false - bpn: false - edc: false - # -- irs configuration - irs: - enabled: true # -- Enable search for children in the requests - endpoint: "https://" # -- IRS endpoint - paths: - job: "/irs/jobs" # -- API path for calling in the IRS endpoints and staring/getting jobs - tree: - fileName: "treeDataModel" # -- Tree dataModel filename created in the processId directory - indent: true # -- Indent tree file - callbackUrl: "https:///api/irs" # -- Backend call back base url for the irs controller - # -- digital twin registry configuration - dtr: - central: false - # -- central digital twin registry url - centralUrl: 'https://' - # -- asset type to search for the registry in the edc - assetType: 'data.core.digitalTwinRegistry' - # -- submodel endpoint interface to search - endpointInterface: 'SUBMODEL-3.0' - # -- dsp endpoint key inside submodel body - dspEndpointKey: 'dspEndpoint' - # -- decentral digital twin apis - decentralApis: - search: "/lookup/shells" - digitalTwin: "/shell-descriptors" - subModel: "/submodel-descriptors" - # -- timeouts for the digital twin registry async negotiation - timeouts: - search: 10 - negotiation: 40 - transfer: 10 - digitalTwin: 20 - # -- temporary storage of dDTRs for optimization - temporaryStorage: true - # -- discovery configuration - discovery: - # -- discovery finder configuration - endpoint: "https:///discoveryfinder/api/v1.0/administration/connectors/discovery/search" - # -- bpn discovery configuration - bpn: - key: "manufacturerPartId" - searchPath: "/api/v1.0/administration/connectors/bpnDiscovery/search" - timeout: 1500 # -- timeout in milliseconds for the bpn discovery APIs to respond - # -- edc discovery configuration - edc: - key: "bpn" - timeout: 1500 # -- timeout in milliseconds for the bpn discovery APIs to respond - # -- process configuration - process: - # -- directory for storing the contract negotiation files - dir: "process" - # -- indent the process negotiation files - indent: true - # -- unique sha512 hash key used for the passport encryption - signKey: "" - # -- passport data transfer configuration - passport: - # -- configure the data transfer - dataTransfer: - # -- encrypt the passport when he arrives from the edc data plane - encrypt: true - # -- the indent from the passport - indent: true - # -- directory to store the passport when is not linked to a process - dir: "data/transfer" - # -- passport versions and aspects allowed - aspects: - - "urn:bamm:io.catenax.generic.digital_product_passport:1.0.0#DigitalProductPassport" - - "urn:bamm:io.catenax.battery.battery_pass:3.0.1#BatteryPass" - # -- configuration of the spring boot server - server: - # -- configuration of backend errors - error: - include-message: ALWAYS - include-binding-errors: ALWAYS - include-stacktrace: ON_PARAM - include-exception: false - # -- listening port for the backend - port: 8888 - # -- maximum allowed connections - tomcat: - max-connections: 10000 + # -- irs configuration + irs: + enabled: false + hostname: "" + + # -- digital twin registry configuration + process: + # -- unique sha512 hash key used for the passport encryption + encryptionKey: "" + + # -- passport data transfer configuration + passport: + # -- passport versions and aspects allowed + aspects: + - "urn:bamm:io.catenax.generic.digital_product_passport:1.0.0#DigitalProductPassport" + - "urn:bamm:io.catenax.battery.battery_pass:3.0.1#BatteryPass" + - "urn:bamm:io.catenax.transmission.transmission_pass:1.0.0#TransmissionPass" + + digitalTwinRegistry: + endpoints: + search: "/lookup/shells" + digitalTwin: "/shell-descriptors" + subModel: "/submodel-descriptors" + # -- timeouts for the digital twin registry async negotiation + timeouts: + search: 10 + negotiation: 40 + transfer: 10 + digitalTwin: 20 + # -- temporary storage of dDTRs for optimization + temporaryStorage: + enabled: true + + # -- discovery configuration + discovery: + # -- discovery finder configuration + hostname: "" + # -- bpn discovery configuration + bpnDiscovery: + key: "manufacturerPartId" + path: "/api/v1.0/administration/connectors/bpnDiscovery/search" + # -- edc discovery configuration + edcDiscovery: + key: "bpn" # Following Catena-X Helm Best Practices @url: https://catenax-ng.github.io/docs/kubernetes-basics/helm # @url: https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits diff --git a/consumer-backend/productpass/src/main/resources/application.yml b/consumer-backend/productpass/src/main/resources/application.yml index 778385128..7c2087be5 100644 --- a/consumer-backend/productpass/src/main/resources/application.yml +++ b/consumer-backend/productpass/src/main/resources/application.yml @@ -72,8 +72,6 @@ configuration: dtr: assetType: 'data.core.digitalTwinRegistry' - central: false - centralUrl: 'https://semantics.int.demo.catena-x.net/registry' endpointInterface: 'SUBMODEL-3.0' dspEndpointKey: 'dspEndpoint' semanticIdTypeKey: 'Submodel' diff --git a/src/services/service.const.js b/src/services/service.const.js index 91a2cbfa3..c9b7fada8 100644 --- a/src/services/service.const.js +++ b/src/services/service.const.js @@ -84,7 +84,11 @@ if (window.location.href.includes("localhost")) { //Modify credentials for local INIT_OPTIONS["url"] = (IDP_URL != null) ? IDP_URL : "http://localhost:8088/auth/", //Point to IDP service if specified or localhost REDIRECT_URI = "http://localhost:8080/"; } else { - INIT_OPTIONS["url"] = IDP_URL; + if(!IDP_URL.includes("auth/")){ + INIT_OPTIONS["url"] = IDP_URL + "auth/"; + }else{ + INIT_OPTIONS["url"] = IDP_URL; + } REDIRECT_URI = SERVER_URL; } // Export all the CONSTANTS and VARIABLES