Merge branch 'main' into hotfix/release-23.12

.github/workflows/integration-test-DEV.yaml

@@ -23,9 +23,9 @@ jobs:
   trigger-integration-test:
     uses: ./.github/workflows/xray-cucumber-integration.yaml
     secrets:
-      keycloakTokenUrl: ${{ secrets.KEYCLOAK_OAUTH2_CLIENT_TOKEN_URI }}
-      clientId: ${{ secrets.KEYCLOAK_OAUTH2_CLIENT_ID }}
-      clientSecret: ${{ secrets.KEYCLOAK_OAUTH2_CLIENT_SECRET }}
+      oauth2TokenUrl: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
+      clientId: ${{ secrets.OAUTH2_CLIENT_ID }}
+      clientSecret: ${{ secrets.OAUTH2_CLIENT_SECRET }}
       jiraUser: ${{ secrets.ORG_IRS_JIRA_USERNAME }}
       jiraPassword: ${{ secrets.ORG_IRS_JIRA_PASSWORD }}
     with:

.github/workflows/integration-test-DIL.yaml

@@ -12,7 +12,7 @@ jobs:
   trigger-integration-test:
     uses: ./.github/workflows/xray-cucumber-integration.yaml
     secrets:
-      keycloakTokenUrl: ${{ secrets.KEYCLOAK_OAUTH2_CLIENT_TOKEN_URI }}
+      oauth2TokenUrl: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
       clientId: ${{ secrets.IRS_OAUTH2_CLIENT_ID_DIL }}
       clientSecret: ${{ secrets.IRS_OAUTH2_CLIENT_SECRET_DIL }}
       jiraUser: ${{ secrets.ORG_IRS_JIRA_USERNAME }}

.github/workflows/integration-test-INT.yaml

@@ -7,7 +7,7 @@ jobs:
   trigger-integration-test:
     uses: ./.github/workflows/xray-cucumber-integration.yaml
     secrets:
-      keycloakTokenUrl: ${{ secrets.KEYCLOAK_OAUTH2_CLIENT_TOKEN_URI }}
+      oauth2TokenUrl: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
       clientId: ${{ secrets.ORG_IRS_OAUTH2_CLIENT_ID_INT }}
       clientSecret: ${{ secrets.ORG_IRS_OAUTH2_CLIENT_SECRET_INT }}
       jiraUser: ${{ secrets.ORG_IRS_JIRA_USERNAME }}

.github/workflows/xray-cucumber.yaml

@@ -31,9 +31,9 @@ jobs:
   trigger-integration-test:
     uses: ./.github/workflows/xray-cucumber-integration.yaml
     secrets:
-      keycloakTokenUrl: ${{ secrets.KEYCLOAK_OAUTH2_CLIENT_TOKEN_URI }}
-      clientId: ${{ secrets.KEYCLOAK_OAUTH2_CLIENT_ID }}
-      clientSecret: ${{ secrets.KEYCLOAK_OAUTH2_CLIENT_SECRET }}
+      oauth2TokenUrl: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
+      clientId: ${{ secrets.OAUTH2_CLIENT_ID }}
+      clientSecret: ${{ secrets.OAUTH2_CLIENT_SECRET }}
       jiraUser: ${{ secrets.ORG_IRS_JIRA_USERNAME }}
       jiraPassword: ${{ secrets.ORG_IRS_JIRA_PASSWORD }}
     with:

CHANGELOG.md

@@ -5,11 +5,19 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Changed
+- ESS
+  - Added 'hops' parameter to SupplyChainImpacted Aspect model - contains relative distance in the supply chain
+  - Added `impactedSuppliersOnFirstTier` parameter to Supply SupplyChainImpacted Aspect model - contains information of first level supply chain impacted
+
+### Known knowns
+- [#253] Cancelation of order jobs is not working stable
 
 ## [4.1.0] - 2023-11-15
 ### Added
 - IRS can now check the readiness of external services. Use the new ``management.health.dependencies.enabled`` config entry to determine if external dependencies health checks should be checked (false by default).
   - The map of external services healthcheck endpoints can be configured with ``management.health.dependencies.urls`` property, eg. ``service_name: http://service_name_host/health``
+- Added cache mechanism for ConnectorEndpointService for fetchConnectorEndpoints method cache
 
 ### Changed
 - Changed name of spring's OAuth2 client registration from 'keycloak' to 'common' like below:
@@ -43,7 +51,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
               token-uri:
   ```
 - Update IRS API Swagger documentation to match AAS 3.0.0
-
+
+### Fixed
+- IRS will return 206 Http status from GET /jobs/{id} endpoint if Job is still running
+
 ## [4.0.2] - 2023-11-20
 ### Changed
 - Remove `apk upgrade --no-cache libssl3 libcrypto3` in Docker base image to be TRG compliant

CONTRIBUTING.md

@@ -64,10 +64,12 @@ For more information on the tool and how to acquire the token, check https://git
 
 ### Commit messages
 The commit messages have to match a pattern in the form of:  
-``< type >(optional scope):[<Ticket_ID>] < description >``
+``< type >(scope):[<Ticket_ID>] < description >``  
+where type is: `build|chore|ci|docs|feat|fix|perf|refactor|revert|style|test`
 
 Example:  
-``chore(api):[TRI-123] some text``
+``chore(api):[#123] some text``
+``chore(api): some text``
 
 Detailed pattern can be found here: [commit-msg](local/development/commit-msg)
 

charts/irs-helm/CHANGELOG.md

@@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Fixed
+- Fixed templating for `management.health.dependencies`
 
 ## [6.10.0]
 ### Changed

charts/irs-helm/templates/configmap-spring-app-config.yaml

@@ -115,7 +115,7 @@ data:
             rightOperand: {{ .rightOperand | quote }}
           {{- end }}
       connectorEndpointService:
-        cacheTTL: {{ .Values.edc.connectorEndpointService.cacheTTL | int64 }}
+        cacheTTL: {{ .Values.edc.connectorEndpointService.cacheTTL | quote }}
     ess:
       localBpn: {{ tpl (.Values.bpn | default "") . | quote }}
       localEdcEndpoint: {{ tpl (.Values.edc.provider.host | default "") . | quote }}
@@ -135,9 +135,9 @@ data:
     management:
       health:
         dependencies:
-          enabled: {{ tpl (.Values.management.health.dependencies.enabled | default "false") . | quote }}
+          enabled: {{ .Values.management.health.dependencies.enabled | default false }}
           urls:
-            {{- tpl (toYaml .Values.management.health.dependencies.urls) . | nindent 10 }}
+            {{- tpl (toYaml .Values.management.health.dependencies.urls) . | nindent 12 }}
     {{- end }}
     {{- end }}
 

charts/irs-helm/values.yaml

@@ -113,7 +113,8 @@ management:
   health:
     dependencies:
       enabled: false  # Flag to determine if external service healthcheck endpoints should be checked
-      urls: {}  # Map of services with corresponding healthcheck endpoint url's, example service_name: http://service_name_host.com/health
+      urls: {}  # Map of services with corresponding healthcheck endpoint url's. Example:
+        # service_name: http://service_name_host.com/health
 
 digitalTwinRegistry:
   type: decentral  # The type of DTR. This can be either "central" or "decentral". If "decentral", descriptorEndpoint, shellLookupEndpoint and oAuthClientId is not required.
@@ -202,7 +203,7 @@ edc:
         operator: "eq"
         rightOperand: "active"
   connectorEndpointService:
-    cacheTTL: 86400000
+    cacheTTL: PT24H  # Time to live for ConnectorEndpointService for fetchConnectorEndpoints method cache
 discovery:
   oAuthClientId: portal  # ID of the OAuth2 client registration to use, see config spring.security.oauth2.client
 

docs/src/api/irs-api.yaml

@@ -362,8 +362,8 @@ paths:
             format: uuid
             maxLength: 36
             minLength: 36
-        - description: "<true> Return job with current processed item graph. <false>\
-          \ Return job with item graph if job is in state <COMPLETED>, otherwise job."
+        - description: "\\<true\\> Return job with current processed item graph. \\<false\\>
+         Return job with item graph if job is in state COMPLETED, otherwise job."
           in: query
           name: returnUncompletedJob
           required: false
@@ -2524,6 +2524,11 @@ components:
       type: object
       additionalProperties: false
       properties:
+        hops:
+          type: integer
+          format: int32
+        bpn:
+          type: string
         result:
           type: string
     SemanticId:
@@ -2566,10 +2571,10 @@ components:
           items:
             $ref: '#/components/schemas/Endpoint'
           maxItems: 2147483647
-        idShort:
-          type: string
         id:
           type: string
+        idShort:
+          type: string
         semanticId:
           $ref: '#/components/schemas/Reference'
     Summary:

docs/src/docs/administration/configuration.adoc

@@ -74,6 +74,10 @@ The hostname where Grafana will be made available.
 The EDC consumer controlplane endpoint URL for data management, including the protocol.
 If left empty, this defaults to the internal endpoint of the controlplane provided by the irs-edc-consumer Helm chart.
 
+==== <connectorEndpointService.cacheTTL>
+When IRS calls EDC Discovery Service to fetch endpoints for BPNL's there is a cache mechanism between them, to improve performance.
+This parameter define how long cache is maintained before it is cleared. Data is in ISO 8601.
+
 === Semantic Model Provisioning
 The IRS can retrieve semantic models in two ways:
 

docs/src/docs/arc42/runtime-view/ess-top-down/ess-top-down.adoc

@@ -94,45 +94,45 @@ In case at least one "YES" is received, the process step 3 ends
 
 == Application Functionality Overview
 
-== Register an Ess-Investigation-Order
+=== Register an Ess-Investigation-Order
 
 [plantuml,target=submodel-processing,format=svg]
 ....
 include::../../../../uml-diagrams/runtime-view/use-case-ess-top-down/1_ess-top-down-sequence-highlevel.puml[]
 ....
 
-== 1. Client Request
+==== 1. Client Request
 
 The _Client App (Script)_ initiates a request to the IRS (Item Relationship Service) by sending a GET request for shell lookup based on a specific BPN (Business Partner Number).
 
-== 2. Shell Lookup
+==== 2. Shell Lookup
 
 IRS, along with other services like DiscoveryFinder, EDCDiscoveryService, and Digital Twin Registry, collaborates to look up shells for the given BPN, returning an array of AAS identifiers.
 
-== 3. AAS Descriptor Retrieval
+==== 3. AAS Descriptor Retrieval
 
 For each AAS identifier, the client requests the IRS for the corresponding shell descriptors, adding them to a collection.
 
-== 4. Filtering AAS
+==== 4. Filtering AAS
 
 The _Client App (Script)_ filters the AAS collection for SubmodelDescriptors marked _asPlanned_, based on certain criteria.
 
-== 5. Incident Registration
+==== 5. Incident Registration
 
 The client then initiates an IRS incident registration by sending a POST request with specific parameters, including bomLifecycle and callback URL.
 
-== 6. Incident Handling Loop
+==== 6. Incident Handling Loop
 
 IRS proceeds to handle the incident by iterating through AAS identifiers, extracting child CXIds, and performing checks on associated data.
 
-== 7. Data Validation
+==== 7. Data Validation
 
 The system checks the validity period of the received data and, if valid, proceeds to extract additional information.
 
-== 8. Incident Response
+==== 8. Incident Response
 
 If certain conditions are met (e.g., incidentBpns contain catenaXsiteId), the system responds to the client indicating a part-chain infection.
 
-== 9. Notification Handling
+==== 9. Notification Handling
 
 Otherwise, the system sends an ess-request notification to the next tier level IRS, and after processing the request on the next tier level, receives an ess-response notification.

docs/src/docs/arc42/runtime-view/full.adoc

@@ -17,7 +17,6 @@ include::irs-iterative/scenario-4.adoc[leveloffset=+1]
 This section covers the main processes of the IRS in a recursive scenario in a network.
 This recursive scenario is illustrated using the various use cases realized in the scenario.
 
-=== Use Case: ESS (Environmental and Social Standards) Top-Down approach
 
 include::ess-top-down/ess-top-down.adoc[leveloffset=+1]
 include::ess-top-down/ess-top-down-scenario-1.adoc[leveloffset=+1]

docs/src/docs/security/security-assessment.md

@@ -13,7 +13,7 @@ System_Ext(EDC, "EDC")
 System_Ext(EDC-DS, "EDC Discovery Service")
 System_Ext(DF, "Discovery Finder")
 System_Ext(DTR, "Digital Twin Registry")
-System_Ext(KC, "Keycloak")
+System_Ext(OAuth2, "OAuth2")
 System_Ext(BPDM, "BPDM")
 System_Ext(SH, "Semantic Hub")
 
@@ -46,7 +46,7 @@ Rel(IRS-App, EDC, "https, access token")
 Rel(IRS-App, EDC-DS, "Find decentral DTs, https, access token")
 Rel(IRS-App, DF, "Get EDC Discovery Service URL, https, access token")
 Rel(IRS-App, DTR, "https, access token")
-Rel(IRS-App, KC, "https, clientID, clientSecret, Get tokens to access DTR")
+Rel(IRS-App, OAuth2, "https, clientID, clientSecret, Get tokens to access DTR")
 Rel(IRS-App, BPDM, "https, access token, Get BPN")
 Rel(IRS-App, SH, "Get schemas to validate response from EDC, https, access token")
 

irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/IrsController.java

@@ -65,6 +65,7 @@
 import org.springdoc.core.converters.models.PageableAsQueryParam;
 import org.springframework.data.domain.Pageable;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -179,15 +180,19 @@ public JobHandle registerJobForGlobalAssetId(final @Valid @RequestBody RegisterJ
     @IrsTimer("getjob")
     @GetMapping("/jobs/{id}")
     @PreAuthorize("@authorizationService.verifyBpn() && hasAnyAuthority('" + IrsRoles.ADMIN_IRS + "', '" + IrsRoles.VIEW_IRS + "')")
-    public Jobs getJobById(
+    public ResponseEntity<Jobs> getJobById(
             @Parameter(description = "Id of the job.", schema = @Schema(implementation = UUID.class), name = "id",
                        example = "6c311d29-5753-46d4-b32c-19b918ea93b0") @Size(min = IrsAppConstants.JOB_ID_SIZE,
                                                                                max = IrsAppConstants.JOB_ID_SIZE) @Valid @PathVariable final UUID id,
             @Parameter(
-                    description = "<true> Return job with current processed item graph. <false> Return job with item graph if job is in state <COMPLETED>, otherwise job.") @Schema(
+                    description = "\\<true\\> Return job with current processed item graph. \\<false\\> Return job with item graph if job is in state COMPLETED, otherwise job.") @Schema(
                     implementation = Boolean.class, defaultValue = "true") @RequestParam(value = "returnUncompletedJob",
                                                                                          required = false) final boolean returnUncompletedJob) {
-        return itemJobService.getJobForJobId(id, returnUncompletedJob);
+        final Jobs job = itemJobService.getJobForJobId(id, returnUncompletedJob);
+        if (job.getJob().getState().equals(JobState.RUNNING)) {
+            return ResponseEntity.status(HttpStatus.PARTIAL_CONTENT).body(job);
+        }
+        return ResponseEntity.ok(job);
     }
 
     @Operation(description = "Cancel job for requested jobId.", operationId = "cancelJobByJobId",