Merge pull request #391 from eclipse-tractusx/chore/edcs-v0.7.3

chore/edcs v0.7.3: update IRS version in helm chart
eclipse-tractusx · Jul 24, 2024 · d951b1e · d951b1e
2 parents b9122b3 + c365923
commit d951b1e
Show file tree

Hide file tree

Showing 5 changed files with 138 additions and 55 deletions.
diff --git a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml
@@ -47,5 +47,5 @@ dependencies:
     condition: postgresql.enabled
   - name: item-relationship-service
     repository: https://eclipse-tractusx.github.io/item-relationship-service
-    version: 7.1.3
+    version: 7.4.0
     condition: item-relationship-service.enabled
diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml
@@ -42,15 +42,15 @@ tractusx-connector:
     # Decentralized IDentifier
     id: "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL000000000FV1"
     trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check)
-      - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp"
+      - "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL00000003CRHK"
     sts:
       dim:
         url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal"
       oauth:
-        token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token"
+        token_url: "https://bpnl000000000fv1-dpp.authentication.eu10.hana.ondemand.com/oauth/token"
         client:
           id: "<path:digital-product-pass/data/int/edc/wallet#clientId>"
-          secret_alias: "<path:digital-product-pass/data/int/edc/wallet#clientSecret>"
+          secret_alias: int-client-secret
 
   controlplane:
     enabled: true
@@ -171,8 +171,9 @@ tractusx-connector:
           clusterIssuer: ""
 
   postgresql:
-    username: <path:digital-product-pass/data/int/edc/database#user>
-    password: <path:digital-product-pass/data/int/edc/database#password>
+    auth:
+      username: <path:digital-product-pass/data/int/edc/database#user>
+      password: <path:digital-product-pass/data/int/edc/database#password>
 
   vault:
     hashicorp:
@@ -188,7 +189,7 @@ postgresql:
     password: <path:digital-product-pass/data/int/edc/database#password>
 
 item-relationship-service:
-  enabled: false
+  enabled: true
   bpn: <path:digital-product-pass/data/int/edc/participant#bpnNumber>
 
   irsUrl: "https://dpp-irs.int.catena-x.net"
@@ -199,6 +200,7 @@ item-relationship-service:
     enabled: true
     annotations:
       ingressClassName: nginx
+      cert-manager.io/cluster-issuer: letsencrypt-prod
       nginx.ingress.kubernetes.io/backend-protocol: HTTP
       nginx.ingress.kubernetes.io/force-ssl-redirect: 'true'
       nginx.ingress.kubernetes.io/ssl-passthrough: 'false'
@@ -220,7 +222,7 @@ item-relationship-service:
       oAuthClientId: discovery  # ID of the OAuth2 client registration to use, see config spring.security.oauth2.client
       discoveryFinderUrl: https://semantics.int.catena-x.net/discoveryfinder/api/v1.0/administration/connectors/discovery/search
     semanticshub:
-      url: https://semantics.int.catena-x.net/hub/api/v1/models
+      url: https://semantics.int.catena-x.net/hub/apimodels
       oAuthClientId: semantics
     bpdm:
       url: https://partners-pool.int.catena-x.net
@@ -249,19 +251,63 @@ item-relationship-service:
 
   edc:
     catalog:
-      acceptedPolicies:
-        - leftOperand: "cx-policy:FrameworkAgreement"
-          operator: "eq"
-          rightOperand: "CircularEconomy:1.0"
-        - leftOperand: "cx-policy:Membership"
-          operator: "eq"
-          rightOperand: "active"
-        - leftOperand: "cx-policy:UsagePurpose"
-          operator: "eq"
-          rightOperand: "cx.circular.dpp:1"
-        - leftOperand: "cx-policy:UsagePurpose"
-          operator: "eq"
-          rightOperand: "cx.core.digitalTwinRegistry:1"
+      acceptedPolicies: >
+        [{
+            "policyId": "dpp-policy-id",
+            "createdOn": "2024-07-17T16:15:14.12345678Z",
+            "validUntil": "9999-01-01T00:00:00.00000000Z",
+            "permissions": [
+                {
+                    "action": "use",
+                    "constraint": {
+                        "and": [
+                            {
+                                "leftOperand": "https://w3id.org/catenax/policy/Membership",
+                                "operator": {
+                                    "@id": "eq"
+                                },
+                                "rightOperand": "active"
+                            },
+                            {
+                                "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose",
+                                "operator": {
+                                    "@id": "eq"
+                                },
+                                "rightOperand": "cx.circular.dpp:1"
+                            }
+                        ]
+                    }
+                }
+            ]
+        },
+        {
+            "policyId": "default-policy",
+            "createdOn": "2024-07-17T16:15:14.12345678Z",
+            "validUntil": "9999-01-01T00:00:00.00000000Z",
+            "permissions": [
+                {
+                    "action": "use",
+                    "constraint": {
+                        "and": [
+                            {
+                                "leftOperand": "https://w3id.org/catenax/policy/Membership",
+                                "operator": {
+                                    "@id": "eq"
+                                },
+                                "rightOperand": "active"
+                            },
+                            {
+                                "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose",
+                                "operator": {
+                                    "@id": "eq"
+                                },
+                                "rightOperand": "cx.core.digitalTwinRegistry:1"
+                            }
+                        ]
+                    }
+                }
+            ]
+        }]
     controlplane:
       endpoint:
         data: https://dpp.int.catena-x.net/consumer/management

diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml
@@ -659,13 +659,49 @@ item-relationship-service:
       clientSecret: ""
   edc:
     catalog:
-      acceptedPolicies:
-        - leftOperand: "cx-policy:FrameworkAgreement"	
-          operator: "eq"	
-          rightOperand: "CircularEconomy:1.0"
-        - leftOperand: "cx-policy:Membership"
-          operator: "eq"
-          rightOperand: "active"
+      acceptedPolicies: >
+        [{
+            "policyId": "default-policy",
+            "createdOn": "2024-07-17T16:15:14.12345678Z",
+            "validUntil": "9999-01-01T00:00:00.00000000Z",
+            "permissions": [
+                {
+                    "action": "use",
+                    "constraint": {
+                        "and": [
+                            {
+                                "leftOperand": "https://w3id.org/catenax/policy/FrameworkAgreement",
+                                "operator": {
+                                    "@id": "eq"
+                                },
+                                "rightOperand": "CircularEconomy:1.0"
+                            },
+                            {
+                                "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose",
+                                "operator": {
+                                    "@id": "eq"
+                                },
+                                "rightOperand": "cx.core.digitalTwinRegistry:1"
+                            },
+                            {
+                                "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose",
+                                "operator": {
+                                    "@id": "eq"
+                                },
+                                "rightOperand": "cx.circular.dpp:1"
+                            },
+                            {
+                                "leftOperand": "cx-policy:Membership",
+                                "operator": {
+                                    "@id": "eq"
+                                },
+                                "rightOperand": "active"
+                            }
+                        ]
+                    }
+                }
+            ]
+        }]
     controlplane:
       endpoint:
         data: ""

diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml
@@ -37,15 +37,15 @@ tractusx-connector:
     # Decentralized IDentifier
     id: "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL000000000FV1"
     trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check)
-      - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp"
+      - "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL00000003CRHK"
     sts:
       dim:
         url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal"
       oauth:
         token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token"
         client:
           id: "<path:digital-product-pass/data/int/edc/wallet#clientId>"
-          secret_alias: "<path:digital-product-pass/data/int/edc/wallet#clientSecret>"
+          secret_alias: int-client-secret
 
   controlplane:
     enabled: true
@@ -55,33 +55,33 @@ tractusx-connector:
         # -- port for incoming api calls
         port: 8080
         # -- path for incoming api calls
-        path: /BPNL000000000000/api
+        path: /provider/api
       # -- data management api, used by internal users, can be added to an ingress and must not be internet facing
       management:
         # -- port for incoming api calls
         port: 8081
         # -- path for incoming api calls
-        path: /BPNL000000000000/management
+        path: /provider/management
         # -- authentication key, must be attached to each 'X-Api-Key' request header
         authKey: <path:digital-product-pass/data/int/edc/oauth#api.key>
       # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not
       control:
         # -- port for incoming api calls
         port: 8083
         # -- path for incoming api calls
-        path: /BPNL000000000000/control
+        path: /provider/control
       # -- ids api, used for inter connector communication and must be internet facing
       protocol:
         # -- port for incoming api calls
         port: 8084
         # -- path for incoming api calls
-        path: /BPNL000000000000/api/v1/dsp
+        path: /provider/api/v1/dsp
       # -- metrics api, used for application metrics, must not be internet facing
       metrics:
         # -- port for incoming api calls
         port: 9090
         # -- path for incoming api calls
-        path: /BPNL000000000000/metrics
+        path: /provider/metrics
 
     ## Ingress declaration to expose the network service.
     ingresses:
@@ -111,20 +111,20 @@ tractusx-connector:
     endpoints:
       default:
         port: 8080
-        path: /BPNL000000000000/api
+        path: /provider/api
       public:
         port: 8081
-        path: /BPNL000000000000/api/public
+        path: /provider/api/public
       control:
         port: 8084
-        path: /BPNL000000000000/api/dataplane/control
+        path: /provider/api/dataplane/control
       proxy:
         port: 8186
-        path: /BPNL000000000000/proxy
+        path: /provider/proxy
         authKey: <path:digital-product-pass/data/int/edc/oauth#api.key>
       metrics:
         port: 9090
-        path: /BPNL000000000000/metrics
+        path: /provider/metrics
 
     token:
       refresh:
@@ -167,16 +167,17 @@ tractusx-connector:
           clusterIssuer: ""
 
   postgresql:
-    username: <path:digital-product-pass/data/int/edc/database#user>
-    password: <path:digital-product-pass/data/int/edc/database#password>
+    auth:
+      username: <path:digital-product-pass/data/int/edc/database#user>
+      password: <path:digital-product-pass/data/int/edc/database#password>
 
   vault:
     fullnameOverride: "vault"
     hashicorp:
-      url: <path:material-pass/data/int/edc/vault#vault.hashicorp.url>
-      token: <path:material-pass/data/int/edc/vault#vault.hashicorp.token>
+      url: <path:digital-product-pass/data/int/edc/vault#vault.hashicorp.url>
+      token: <path:digital-product-pass/data/int/edc/vault#vault.hashicorp.token>
       paths:
-        secret: <path:material-pass/data/int/edc/vault#vault.hashicorp.api.secret.path>
+        secret: <path:digital-product-pass/data/int/edc/vault#vault.hashicorp.api.secret.path>
         health: /v1/sys/health
 
 postgresql:

diff --git a/deployment/infrastructure/data-provider/edc-provider/values.yaml b/deployment/infrastructure/data-provider/edc-provider/values.yaml
@@ -106,33 +106,33 @@ tractusx-connector:
         # -- port for incoming api calls
         port: 8080
         # -- path for incoming api calls
-        path: /BPNL000000000000/api
+        path: /provider/api
       # -- data management api, used by internal users, can be added to an ingress and must not be internet facing
       management:
         # -- port for incoming api calls
         port: 8081
         # -- path for incoming api calls
-        path: /BPNL000000000000/management
+        path: /provider/management
         # -- authentication key, must be attached to each 'X-Api-Key' request header
         authKey: "<insert your auth key>"
       # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not
       control:
         # -- port for incoming api calls
         port: 8083
         # -- path for incoming api calls
-        path: /BPNL000000000000/control
+        path: /provider/control
       # -- ids api, used for inter connector communication and must be internet facing
       protocol:
         # -- port for incoming api calls
         port: 8084
         # -- path for incoming api calls
-        path: /BPNL000000000000/api/v1/dsp
+        path: /provider/api/v1/dsp
       # -- metrics api, used for application metrics, must not be internet facing
       metrics:
         # -- port for incoming api calls
         port: 9090
         # -- path for incoming api calls
-        path: /BPNL000000000000/metrics
+        path: /provider/metrics
 
     bdrs:
       # time that a cached BPN/DID resolution map is valid in seconds, default is 10 min
@@ -349,20 +349,20 @@ tractusx-connector:
     endpoints:
       default:
         port: 8080
-        path: /BPNL000000000000/api
+        path: /provider/api
       public:
         port: 8081
-        path: /BPNL000000000000/api/public
+        path: /provider/api/public
       control:
         port: 8084
-        path: /BPNL000000000000/api/dataplane/control
+        path: /provider/api/dataplane/control
       proxy:
         port: 8186
-        path: /BPNL000000000000/proxy
+        path: /provider/proxy
         authKey: "<insert your auth key>"
       metrics:
         port: 9090
-        path: /BPNL000000000000/metrics
+        path: /provider/metrics
 
     token:
       refresh: