From 172cda6758fde0d90e5a1e14827605544abf3085 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:11:29 +0200 Subject: [PATCH 01/11] feat: updated edc provider url path --- .../edc-provider/values-int.yaml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 452600869..3094214c0 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -55,13 +55,13 @@ tractusx-connector: # -- port for incoming api calls port: 8080 # -- path for incoming api calls - path: /BPNL000000000000/api + path: /provider/api # -- data management api, used by internal users, can be added to an ingress and must not be internet facing management: # -- port for incoming api calls port: 8081 # -- path for incoming api calls - path: /BPNL000000000000/management + path: /provider/management # -- authentication key, must be attached to each 'X-Api-Key' request header authKey: # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not @@ -69,19 +69,19 @@ tractusx-connector: # -- port for incoming api calls port: 8083 # -- path for incoming api calls - path: /BPNL000000000000/control + path: /provider/control # -- ids api, used for inter connector communication and must be internet facing protocol: # -- port for incoming api calls port: 8084 # -- path for incoming api calls - path: /BPNL000000000000/api/v1/dsp + path: /provider/api/v1/dsp # -- metrics api, used for application metrics, must not be internet facing metrics: # -- port for incoming api calls port: 9090 # -- path for incoming api calls - path: /BPNL000000000000/metrics + path: /provider/metrics ## Ingress declaration to expose the network service. ingresses: @@ -111,20 +111,20 @@ tractusx-connector: endpoints: default: port: 8080 - path: /BPNL000000000000/api + path: /provider/api public: port: 8081 - path: /BPNL000000000000/api/public + path: /provider/api/public control: port: 8084 - path: /BPNL000000000000/api/dataplane/control + path: /provider/api/dataplane/control proxy: port: 8186 - path: /BPNL000000000000/proxy + path: /provider/proxy authKey: metrics: port: 9090 - path: /BPNL000000000000/metrics + path: /provider/metrics token: refresh: From 5c45c9a383fe62b0d949db7aa52e4e1ef546c010 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:16:12 +0200 Subject: [PATCH 02/11] feat: updated versions of paths --- .../edc-consumer/values-int.yaml | 50 +++++++++---------- .../edc-provider/values-int.yaml | 6 +-- 2 files changed, 28 insertions(+), 28 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 96782dfd6..a92e2e66f 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -36,7 +36,7 @@ tractusx-connector: enabled: true participant: - id: "" + id: "" iatp: # Decentralized IDentifier @@ -49,8 +49,8 @@ tractusx-connector: oauth: token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: - id: "" - secret_alias: "" + id: "" + secret_alias: "" controlplane: enabled: true @@ -68,7 +68,7 @@ tractusx-connector: # -- path for incoming api calls path: /consumer/management # -- authentication key, must be attached to each 'X-Api-Key' request header - authKey: + authKey: # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not control: # -- port for incoming api calls @@ -171,29 +171,29 @@ tractusx-connector: clusterIssuer: "" postgresql: - username: - password: + username: + password: vault: hashicorp: - url: - token: + url: + token: paths: - secret: + secret: health: /v1/sys/health postgresql: auth: - username: - password: + username: + password: item-relationship-service: enabled: false - bpn: + bpn: irsUrl: "https://dpp-irs.int.catena-x.net" - apiKeyAdmin: - apiKeyRegular: + apiKeyAdmin: + apiKeyRegular: ingress: enabled: true @@ -230,22 +230,22 @@ item-relationship-service: {{- tpl (.Values.bpdm.url | default "") . }}/api/catena/legal-entities/{partnerId}?idType={idType} {{- end }} - minioUser: - minioPassword: + minioUser: + minioPassword: minioUrl: "http://{{ .Release.Name }}-minio:9000" oauth2: clientTokenUri: https://centralidp.int.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token jwkSetUri: https://centralidp.int.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs discovery: - clientId: - clientSecret: + clientId: + clientSecret: semantics: - clientId: - clientSecret: + clientId: + clientSecret: bpdm: - clientId: - clientSecret: + clientId: + clientSecret: edc: catalog: @@ -267,10 +267,10 @@ item-relationship-service: data: https://dpp.int.catena-x.net/consumer/management apikey: header: "X-Api-Key" - secret: + secret: minio: serviceAccount: create: false - rootUser: - rootPassword: + rootUser: + rootPassword: diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 3094214c0..793a2866b 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -173,10 +173,10 @@ tractusx-connector: vault: fullnameOverride: "vault" hashicorp: - url: - token: + url: + token: paths: - secret: + secret: health: /v1/sys/health postgresql: From ce3563de8d02778e12fee1e78e6337e537b95064 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:26:59 +0200 Subject: [PATCH 03/11] fix: secret path --- .../edc-consumer/values-int.yaml | 52 +++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index a92e2e66f..952f4b401 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -36,7 +36,7 @@ tractusx-connector: enabled: true participant: - id: "" + id: "" iatp: # Decentralized IDentifier @@ -49,8 +49,8 @@ tractusx-connector: oauth: token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: - id: "" - secret_alias: "" + id: "" + secret_alias: "" controlplane: enabled: true @@ -68,7 +68,7 @@ tractusx-connector: # -- path for incoming api calls path: /consumer/management # -- authentication key, must be attached to each 'X-Api-Key' request header - authKey: + authKey: # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not control: # -- port for incoming api calls @@ -171,29 +171,29 @@ tractusx-connector: clusterIssuer: "" postgresql: - username: - password: + username: + password: vault: hashicorp: - url: - token: + url: + token: paths: - secret: + secret: health: /v1/sys/health postgresql: auth: - username: - password: + username: + password: item-relationship-service: enabled: false - bpn: + bpn: irsUrl: "https://dpp-irs.int.catena-x.net" - apiKeyAdmin: - apiKeyRegular: + apiKeyAdmin: + apiKeyRegular: ingress: enabled: true @@ -220,7 +220,7 @@ item-relationship-service: oAuthClientId: discovery # ID of the OAuth2 client registration to use, see config spring.security.oauth2.client discoveryFinderUrl: https://semantics.int.catena-x.net/discoveryfinder/api/v1.0/administration/connectors/discovery/search semanticshub: - url: https://semantics.int.catena-x.net/hub/api/v1/models + url: https://semantics.int.catena-x.net/hub/apimodels oAuthClientId: semantics bpdm: url: https://partners-pool.int.catena-x.net @@ -230,22 +230,22 @@ item-relationship-service: {{- tpl (.Values.bpdm.url | default "") . }}/api/catena/legal-entities/{partnerId}?idType={idType} {{- end }} - minioUser: - minioPassword: + minioUser: + minioPassword: minioUrl: "http://{{ .Release.Name }}-minio:9000" oauth2: clientTokenUri: https://centralidp.int.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token jwkSetUri: https://centralidp.int.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs discovery: - clientId: - clientSecret: + clientId: + clientSecret: semantics: - clientId: - clientSecret: + clientId: + clientSecret: bpdm: - clientId: - clientSecret: + clientId: + clientSecret: edc: catalog: @@ -267,10 +267,10 @@ item-relationship-service: data: https://dpp.int.catena-x.net/consumer/management apikey: header: "X-Api-Key" - secret: + secret: minio: serviceAccount: create: false - rootUser: - rootPassword: + rootUser: + rootPassword: From dd9842498f7dae2d4d5d3b63aa9cbb1be8862d93 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:43:12 +0200 Subject: [PATCH 04/11] feat: added auth to the path from the edc --- .../data-consumer/edc-consumer/values-int.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 952f4b401..bbd668715 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -171,8 +171,9 @@ tractusx-connector: clusterIssuer: "" postgresql: - username: - password: + auth: + username: + password: vault: hashicorp: From 3e53fce4662901f53528b1ce352741f9f9ed2a79 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:49:13 +0200 Subject: [PATCH 05/11] feat: updated provider url --- .../edc-provider/values-int.yaml | 5 +++-- .../data-provider/edc-provider/values.yaml | 20 +++++++++---------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 793a2866b..2dc08e60a 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -167,8 +167,9 @@ tractusx-connector: clusterIssuer: "" postgresql: - username: - password: + auth: + username: + password: vault: fullnameOverride: "vault" diff --git a/deployment/infrastructure/data-provider/edc-provider/values.yaml b/deployment/infrastructure/data-provider/edc-provider/values.yaml index ab7630836..43b5fc97a 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values.yaml @@ -106,13 +106,13 @@ tractusx-connector: # -- port for incoming api calls port: 8080 # -- path for incoming api calls - path: /BPNL000000000000/api + path: /provider/api # -- data management api, used by internal users, can be added to an ingress and must not be internet facing management: # -- port for incoming api calls port: 8081 # -- path for incoming api calls - path: /BPNL000000000000/management + path: /provider/management # -- authentication key, must be attached to each 'X-Api-Key' request header authKey: "" # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not @@ -120,19 +120,19 @@ tractusx-connector: # -- port for incoming api calls port: 8083 # -- path for incoming api calls - path: /BPNL000000000000/control + path: /provider/control # -- ids api, used for inter connector communication and must be internet facing protocol: # -- port for incoming api calls port: 8084 # -- path for incoming api calls - path: /BPNL000000000000/api/v1/dsp + path: /provider/api/v1/dsp # -- metrics api, used for application metrics, must not be internet facing metrics: # -- port for incoming api calls port: 9090 # -- path for incoming api calls - path: /BPNL000000000000/metrics + path: /provider/metrics bdrs: # time that a cached BPN/DID resolution map is valid in seconds, default is 10 min @@ -349,20 +349,20 @@ tractusx-connector: endpoints: default: port: 8080 - path: /BPNL000000000000/api + path: /provider/api public: port: 8081 - path: /BPNL000000000000/api/public + path: /provider/api/public control: port: 8084 - path: /BPNL000000000000/api/dataplane/control + path: /provider/api/dataplane/control proxy: port: 8186 - path: /BPNL000000000000/proxy + path: /provider/proxy authKey: "" metrics: port: 9090 - path: /BPNL000000000000/metrics + path: /provider/metrics token: refresh: From a5c4a930dce64eeadac44de2eae223587e5c1398 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 14:53:08 +0200 Subject: [PATCH 06/11] fix: fixed chart configurations for edc --- .../infrastructure/data-consumer/edc-consumer/values-int.yaml | 2 +- .../infrastructure/data-provider/edc-provider/values-int.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index bbd668715..084d4c041 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -50,7 +50,7 @@ tractusx-connector: token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" - secret_alias: "" + secret_alias: int-client-secret controlplane: enabled: true diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 2dc08e60a..6d719f800 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -45,7 +45,7 @@ tractusx-connector: token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" - secret_alias: "" + secret_alias: int-client-secret controlplane: enabled: true From c9d8b5ea6562a39ee9bf63040b7f7faf0a6445b3 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 15:08:12 +0200 Subject: [PATCH 07/11] fix: fixed chart configurations for edc --- .../infrastructure/data-consumer/edc-consumer/values-int.yaml | 4 ++-- .../infrastructure/data-provider/edc-provider/values-int.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 084d4c041..ec8506d81 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -42,12 +42,12 @@ tractusx-connector: # Decentralized IDentifier id: "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL000000000FV1" trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) - - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" + - "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL00000003CRHK" sts: dim: url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" oauth: - token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" + token_url: "https://bpnl000000000fv1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" secret_alias: int-client-secret diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 6d719f800..922862217 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -38,6 +38,7 @@ tractusx-connector: id: "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL000000000FV1" trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" + - sts: dim: url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" From 2b37eba5107ec3037cef518d77e3dcf381422c9e Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 15:09:17 +0200 Subject: [PATCH 08/11] fix: fixed chart configurations for edc --- .../infrastructure/data-provider/edc-provider/values-int.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 922862217..b3ac19176 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -37,8 +37,7 @@ tractusx-connector: # Decentralized IDentifier id: "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL000000000FV1" trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) - - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" - - + - "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL00000003CRHK" sts: dim: url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" From 08ab1954c59e09e1a41e260cbd044fe36c32b073 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Tue, 23 Jul 2024 14:00:44 +0200 Subject: [PATCH 09/11] chore(irs): updated irs dependency version to v7.4.0 in helm chart --- .../data-consumer/edc-consumer/Chart.yaml | 2 +- .../edc-consumer/values-int.yaml | 58 ++++++++++++++----- .../data-consumer/edc-consumer/values.yaml | 50 +++++++++++++--- 3 files changed, 88 insertions(+), 22 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml index 000ec88d7..8317cd12c 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml @@ -47,5 +47,5 @@ dependencies: condition: postgresql.enabled - name: item-relationship-service repository: https://eclipse-tractusx.github.io/item-relationship-service - version: 7.1.3 + version: 7.4.0 condition: item-relationship-service.enabled diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index ec8506d81..f8824bcaf 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -189,7 +189,7 @@ postgresql: password: item-relationship-service: - enabled: false + enabled: true bpn: irsUrl: "https://dpp-irs.int.catena-x.net" @@ -250,19 +250,49 @@ item-relationship-service: edc: catalog: - acceptedPolicies: - - leftOperand: "cx-policy:FrameworkAgreement" - operator: "eq" - rightOperand: "CircularEconomy:1.0" - - leftOperand: "cx-policy:Membership" - operator: "eq" - rightOperand: "active" - - leftOperand: "cx-policy:UsagePurpose" - operator: "eq" - rightOperand: "cx.circular.dpp:1" - - leftOperand: "cx-policy:UsagePurpose" - operator: "eq" - rightOperand: "cx.core.digitalTwinRegistry:1" + acceptedPolicies: > + [{ + "policyId": "default-policy", + "createdOn": "2024-07-17T16:15:14.12345678Z", + "validUntil": "9999-01-01T00:00:00.00000000Z", + "permissions": [ + { + "action": "use", + "constraint": { + "and": [ + { + "leftOperand": "https://w3id.org/catenax/policy/FrameworkAgreement", + "operator": { + "@id": "eq" + }, + "rightOperand": "CircularEconomy:1.0" + }, + { + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "operator": { + "@id": "eq" + }, + "rightOperand": "cx.core.digitalTwinRegistry:1" + }, + { + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "operator": { + "@id": "eq" + }, + "rightOperand": "cx.circular.dpp:1" + }, + { + "leftOperand": "cx-policy:Membership", + "operator": { + "@id": "eq" + }, + "rightOperand": "active" + } + ] + } + } + ] + }] controlplane: endpoint: data: https://dpp.int.catena-x.net/consumer/management diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index f801104e1..36aa65775 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -659,13 +659,49 @@ item-relationship-service: clientSecret: "" edc: catalog: - acceptedPolicies: - - leftOperand: "cx-policy:FrameworkAgreement" - operator: "eq" - rightOperand: "CircularEconomy:1.0" - - leftOperand: "cx-policy:Membership" - operator: "eq" - rightOperand: "active" + acceptedPolicies: > + [{ + "policyId": "default-policy", + "createdOn": "2024-07-17T16:15:14.12345678Z", + "validUntil": "9999-01-01T00:00:00.00000000Z", + "permissions": [ + { + "action": "use", + "constraint": { + "and": [ + { + "leftOperand": "https://w3id.org/catenax/policy/FrameworkAgreement", + "operator": { + "@id": "eq" + }, + "rightOperand": "CircularEconomy:1.0" + }, + { + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "operator": { + "@id": "eq" + }, + "rightOperand": "cx.core.digitalTwinRegistry:1" + }, + { + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "operator": { + "@id": "eq" + }, + "rightOperand": "cx.circular.dpp:1" + }, + { + "leftOperand": "cx-policy:Membership", + "operator": { + "@id": "eq" + }, + "rightOperand": "active" + } + ] + } + } + ] + }] controlplane: endpoint: data: "" From 3047749fd9f4adacf63101db4e1d0903ee77dd69 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Wed, 24 Jul 2024 09:08:24 +0200 Subject: [PATCH 10/11] chore(fix): fixed irs policies --- .../edc-consumer/values-int.yaml | 32 +++++++++++++------ 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index f8824bcaf..cc62d0f1e 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -252,7 +252,7 @@ item-relationship-service: catalog: acceptedPolicies: > [{ - "policyId": "default-policy", + "policyId": "dpp-policy-id", "createdOn": "2024-07-17T16:15:14.12345678Z", "validUntil": "9999-01-01T00:00:00.00000000Z", "permissions": [ @@ -261,32 +261,46 @@ item-relationship-service: "constraint": { "and": [ { - "leftOperand": "https://w3id.org/catenax/policy/FrameworkAgreement", + "leftOperand": "https://w3id.org/catenax/policy/Membership", "operator": { "@id": "eq" }, - "rightOperand": "CircularEconomy:1.0" + "rightOperand": "active" }, { "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", "operator": { "@id": "eq" }, - "rightOperand": "cx.core.digitalTwinRegistry:1" - }, + "rightOperand": "cx.circular.dpp:1" + } + ] + } + } + ] + }, + { + "policyId": "default-policy", + "createdOn": "2024-07-17T16:15:14.12345678Z", + "validUntil": "9999-01-01T00:00:00.00000000Z", + "permissions": [ + { + "action": "use", + "constraint": { + "and": [ { - "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "leftOperand": "https://w3id.org/catenax/policy/Membership", "operator": { "@id": "eq" }, - "rightOperand": "cx.circular.dpp:1" + "rightOperand": "active" }, { - "leftOperand": "cx-policy:Membership", + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", "operator": { "@id": "eq" }, - "rightOperand": "active" + "rightOperand": "cx.core.digitalTwinRegistry:1" } ] } From c365923b4e0bd308113d653eb3497975a661e2e0 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Wed, 24 Jul 2024 16:51:59 +0200 Subject: [PATCH 11/11] chore(irs): added certificate to the ingress annotation --- .../infrastructure/data-consumer/edc-consumer/values-int.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index cc62d0f1e..12422f4cf 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -200,6 +200,7 @@ item-relationship-service: enabled: true annotations: ingressClassName: nginx + cert-manager.io/cluster-issuer: letsencrypt-prod nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/force-ssl-redirect: 'true' nginx.ingress.kubernetes.io/ssl-passthrough: 'false'