Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introducing ESS-Batch, better configuration, Spring Boot update #184

Merged
merged 41 commits into from
Oct 12, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
41 commits
Select commit Hold shift + click to select a range
34e2c2c
feat(impl):[TRI-1664] new batch api endpoints impl
ds-ext-kmassalski Oct 2, 2023
c55ea1b
feat(impl):[TRI-1664] new api endpoint
ds-ext-kmassalski Oct 3, 2023
233c856
feat(impl):[TRI-1664] update api impl
ds-ext-kmassalski Oct 3, 2023
026d296
feat(impl):[TRI-1664] change default bpn allowed api
ds-ext-kmassalski Oct 3, 2023
e65cc7a
Update irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/Bat…
ds-ext-kmassalski Oct 4, 2023
0072e4e
Update irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/Bat…
ds-ext-kmassalski Oct 4, 2023
595b792
Update irs-models/src/main/java/org/eclipse/tractusx/irs/component/Re…
ds-ext-kmassalski Oct 4, 2023
b84cf42
feat(impl):[TRI-1664] fix tests
ds-ext-kmassalski Oct 4, 2023
c204308
Merge branch 'main' into feature/TRI-1664-new-batch-api-endpoint
ds-ext-kmassalski Oct 4, 2023
d346572
feat(impl):[TRI-1664] merge main
ds-ext-kmassalski Oct 4, 2023
8b15cd9
feat(impl):[TRI-1664] cleanup - move code from IrsService responsibility
ds-ext-kmassalski Oct 4, 2023
a19c6fc
Merge branch 'feature/TRI-1678-fix-jsonschema-validation' into featur…
ds-ext-kmassalski Oct 5, 2023
7a5f7c3
feat(impl):[TRI-1664] fix code smells
ds-ext-kmassalski Oct 5, 2023
e597629
Merge branch 'main' into feature/TRI-1664-new-batch-api-endpoint
ds-ext-kmassalski Oct 5, 2023
39b4704
feat(impl):[TRI-1664] fix test
ds-ext-kmassalski Oct 5, 2023
4cdb21f
feat(impl):[TRI-1664] cover with more unit tests
ds-ext-kmassalski Oct 5, 2023
d6193cf
Merge branch 'main' into feature/TRI-1664-new-batch-api-endpoint
ds-ext-kmassalski Oct 5, 2023
150f628
Merge branch 'main' into feature/TRI-1664-new-batch-api-endpoint
ds-ext-kmassalski Oct 9, 2023
da4b773
feat(impl):[TRI-1664] update changelog, merge main
ds-ext-kmassalski Oct 9, 2023
d601f28
feat(docs):[TRI-1654] Add section in building block view for subproto…
ds-jhartmann Oct 9, 2023
c6e3bbe
feat(impl):[TRI-1664] fix test
ds-ext-kmassalski Oct 9, 2023
b47a6f5
feat(docs):[TRI-1654] Move section for subprotocolBody usage to cross…
ds-jhartmann Oct 9, 2023
15367fa
Merge pull request #561 from catenax-ng/feature/TRI-1664-new-batch-ap…
ds-ext-kmassalski Oct 9, 2023
d025568
feat(irs-api): Move OAuth2 JWT token claim to configuration
ds-jhartmann Oct 10, 2023
1680e96
feat(charts):[TRI-1611] Added configuration for IRS OAuth2 JWT token …
ds-jhartmann Oct 10, 2023
c82ecb1
feat(docs):[TRI-1611] Added configuration for IRS OAuth2 JWT token claim
ds-jhartmann Oct 10, 2023
4048d1f
feat(charts):[TRI-1611] Fix chart linting issue
ds-jhartmann Oct 10, 2023
e5dc4e7
feat(impl):[TRI-1661] update spring boot version to newest
ds-ext-kmassalski Oct 10, 2023
6b325c6
feat(docs):[TRI-1611] Add hint for configurable namespace
ds-jhartmann Oct 10, 2023
86f3ab9
feat(impl):[TRI-1661] update DEP's
ds-ext-kmassalski Oct 11, 2023
2c79ad8
Merge pull request #580 from catenax-ng/feature/TRI-1661-update-sprin…
ds-ext-kmassalski Oct 11, 2023
15f90f0
Merge pull request #579 from catenax-ng/feature/TRI-1611-make-oauth-c…
ds-jhartmann Oct 11, 2023
c55b4da
feat(docs):[TRI-1654] Add review improvements
ds-jhartmann Oct 11, 2023
a947a38
Merge pull request #575 from catenax-ng/feature/TRI-1654-update-docum…
ds-jhartmann Oct 11, 2023
03f3821
chore(dependencies): Add minio dependency to root pom dependency mana…
ds-jhartmann Oct 11, 2023
2261e25
chore(dependencies): Remove manual graalvm update since the vulnerabi…
ds-jhartmann Oct 11, 2023
c917e91
chore(dependencies): Suppress CVE CVE-2023-22006: This vulnerability …
ds-jhartmann Oct 11, 2023
9668d76
chore(dependencies): Manually update EDC dependency jetty websocket
ds-jhartmann Oct 11, 2023
6440ad5
chore(dependencies): Update DEPENDENCIES
ds-jhartmann Oct 11, 2023
8da4aa9
chore(dependencies): Remove outdated suppressions
ds-jhartmann Oct 11, 2023
9198633
Merge pull request #582 from catenax-ng/chore/update-dependencies
ds-jhartmann Oct 11, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 7 additions & 21 deletions .config/owasp-suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,26 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes><![CDATA[
Transitive dependency of OkHttp. CVE is only relevant for Gradle builds, not relevant for IRS.
]]></notes>
<gav regex="true">org\.jetbrains\.kotlin:.*</gav>
<vulnerabilityName>CVE-2022-24329</vulnerabilityName>
</suppress>
<suppress>
<notes><![CDATA[
Vulnerability method not in IRS codebase (Files.createTempDir from guava).
]]></notes>
<gav regex="true">com\.google\.guava:guava.*</gav>
<vulnerabilityName>CVE-2020-8908</vulnerabilityName>
</suppress>
<suppress>
<notes><![CDATA[
Vulnerability method not in IRS codebase (Files.createTempDir from guava).
]]></notes>
<gav regex="true">com\.google\.guava:guava.*</gav>
<vulnerabilityName>CVE-2023-2976</vulnerabilityName>
</suppress>
<suppress>
<notes><![CDATA[
Vulnerability is a false positive.
Expand All @@ -42,4 +21,11 @@
<gav regex="true">org\.eclipse\.jetty\.toolchain:jetty\-jakarta\-websocket\-api.*</gav>
<vulnerabilityName regex="true">.*</vulnerabilityName>
</suppress>
<suppress>
<notes><![CDATA[
This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code. This is not exploitable in IRS.
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\.sdk/graal\-sdk@.*$</packageUrl>
<vulnerabilityName>CVE-2023-22006</vulnerabilityName>
</suppress>
</suppressions>
6 changes: 6 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]
### Added
- Introduced new API endpoint to register ESS Jobs in Batch - POST {{IRS_HOST}}/irs/ess/orders

### Changed
- Deprecated query parameter 'jobStates' was removed from GET {{IRS_HOST}}/irs/jobs endpoint
- Moved OAuth2 JWT token claim to configuration. The fields can be configured with `oauth.resourceClaim`, `oauth.irsNamespace`, `oauth.roles`.

## [3.5.3] - 2023-10-09
### Fixed
Expand Down
161 changes: 76 additions & 85 deletions DEPENDENCIES

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions charts/irs-helm/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]
### Added
- Added configuration for IRS OAuth2 JWT token claim

## [6.8.0] - 2023-10-09
### Changed
Expand Down
5 changes: 5 additions & 0 deletions charts/irs-helm/templates/configmap-spring-app-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,11 @@ data:

apiAllowedBpn: {{ tpl (.Values.bpn | default "") . | quote }}

oauth:
resourceClaim: {{ tpl (.Values.oauth.resourceClaim | default "resource_access") . | quote }}
irsNamespace: {{ tpl (.Values.oauth.irsNamespace | default "") . | quote }}
roles: {{ tpl (.Values.oauth.roles | default "roles") . | quote }}

{{- if .Values.config.content }}
{{- tpl (toYaml .Values.config.content) . | nindent 4 }}
{{- end }}
5 changes: 5 additions & 0 deletions charts/irs-helm/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,11 @@ ess:
mockRecursiveEdcAsset: # List of BPNs for which the special, mocked notification asset should be used
managementPath: "/management/v2" # EDC management API path - used for notification asset creation

oauth:
resourceClaim: "resource_access" # Name of the JWT claim for roles
irsNamespace: "Cl20-CX-IRS" # Namespace for the IRS roles
ds-jhartmann marked this conversation as resolved.
Show resolved Hide resolved
roles: "roles" # Name of the list of roles within the IRS namespace

config:
# If true, the config provided below will completely replace the configmap.
# In this case, you need to provide all required config values defined above yourself!
Expand Down
138 changes: 128 additions & 10 deletions docs/src/api/irs-api.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,61 @@ paths:
summary: Accepts notifications sent via EDC.
tags:
- Environmental- and Social Standards
/irs/ess/orders:
post:
description: "Registers an order for an ESS investigation with an array of
{globalAssetIds}. Each globalAssetId will be processed in an separate job, grouped in batches."
operationId: registerESSInvestigationOrder
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RegisterBpnInvestigationBatchOrder'
required: true
responses:
"201":
content:
application/json:
examples:
complete:
$ref: '#/components/examples/job-handle'
schema:
$ref: '#/components/schemas/BatchOrderCreated'
description: Returns orderId of registered Batch order.
"400":
content:
application/json:
examples:
error:
$ref: '#/components/examples/error-response-400'
schema:
$ref: '#/components/schemas/ErrorResponse'
description: Batch Order registration failed.
"401":
content:
application/json:
examples:
error:
$ref: '#/components/examples/error-response-401'
schema:
$ref: '#/components/schemas/ErrorResponse'
description: No valid authentication credentials.
"403":
content:
application/json:
examples:
error:
$ref: '#/components/examples/error-response-403'
schema:
$ref: '#/components/schemas/ErrorResponse'
description: Authorization refused by server.
security:
- oAuth2:
- profile email
summary: "Registers an order for an ESS investigation with an array of {globalAssetIds}.
Each globalAssetId will be processed in an separate job, grouped in batches."
tags:
- Environmental- and Social Standards
ds-jhartmann marked this conversation as resolved.
Show resolved Hide resolved
/irs/jobs:
get:
description: Returns paginated jobs with state and execution times.
Expand Down Expand Up @@ -759,7 +814,7 @@ paths:
responses:
"200":
content:
'application/json':
application/json:
schema:
type: array
items:
Expand Down Expand Up @@ -1155,8 +1210,8 @@ components:
- language: en
text: The shell for a vehicle
globalAssetId: urn:uuid:a45a2246-f6e1-42da-b47d-5c3b58ed62e9
idShort: future concept x
id: 882fc530-b69b-4707-95f6-5dbc5e9baaa8
idShort: future concept x
specificAssetIds:
- name: engineserialid
value: "12309481209312"
Expand Down Expand Up @@ -1186,13 +1241,13 @@ components:
href: https://catena-x.net/vehicle/partdetails/
endpointProtocol: HTTPS
endpointProtocolVersion: ["1.0"]
idShort: vehicle part details
id: dae4d249-6d66-4818-b576-bf52f3b9ae90
idShort: vehicle part details
semanticId:
type: ModelReference
keys:
- type: Submodel
value: urn:bamm:com.catenax.vehicle:0.1.1#PartDetails
type: ModelReference
submodels:
- aspectType: urn:bamm:io.catenax.single_level_bom_as_built:1.0.0
identification: urn:uuid:fc784d2a-5506-4e61-8e34-21600f8cdeff
Expand Down Expand Up @@ -1335,8 +1390,8 @@ components:
- language: en
text: The shell for a vehicle
globalAssetId: urn:uuid:a45a2246-f6e1-42da-b47d-5c3b58ed62e9
idShort: future concept x
id: 882fc530-b69b-4707-95f6-5dbc5e9baaa8
idShort: future concept x
specificAssetIds:
- name: engineserialid
value: "12309481209312"
Expand All @@ -1350,8 +1405,8 @@ components:
href: https://catena-x.net/vehicle/basedetails/
endpointProtocol: HTTPS
endpointProtocolVersion: ["1.0"]
idShort: vehicle base details
id: 4a738a24-b7d8-4989-9cd6-387772f40565
idShort: vehicle base details
semanticId:
type: ModelReference
keys:
Expand All @@ -1366,8 +1421,8 @@ components:
href: https://catena-x.net/vehicle/partdetails/
endpointProtocol: HTTPS
endpointProtocolVersion: ["1.0"]
idShort: vehicle part details
id: dae4d249-6d66-4818-b576-bf52f3b9ae90
idShort: vehicle part details
semanticId:
type: ModelReference
keys:
Expand Down Expand Up @@ -1468,10 +1523,10 @@ components:
type: string
description: Id of global asset.
example: urn:uuid:6c311d29-5753-46d4-b32c-19b918ea93b0
idShort:
type: string
id:
type: string
idShort:
type: string
specificAssetIds:
type: array
items:
Expand Down Expand Up @@ -1507,8 +1562,8 @@ components:
minimum: 0
BatchOrderCreated:
type: object
description: Id of the created Batch order.
additionalProperties: false
description: Id of the created Batch order.
properties:
id:
type: string
Expand Down Expand Up @@ -2258,6 +2313,69 @@ components:
minimum: 60
required:
- keys
RegisterBpnInvestigationBatchOrder:
type: object
additionalProperties: false
description: Request body for registering a new Batch Order for ESS Investigation
Job.
properties:
batchSize:
type: integer
format: int32
default: 20
description: Size of the batch.
maximum: 100
minimum: 10
batchStrategy:
type: string
description: The strategy how the batch is processed internally in IRS.
enum:
- PRESERVE_BATCH_JOB_ORDER
- PRESERVE_JOB_ORDER
- PRESERVE_BATCH_ORDER
bomLifecycle:
type: string
description: The lifecycle context in which the child part was assembled
into the parent part.
enum:
- asBuilt
- asPlanned
- asSpecified
callbackUrl:
type: string
description: "Callback url to notify requestor when job processing is finished.\
\ There are four uri variable placeholders that can be used: orderId,\
\ batchId, orderState and batchState."
example: "https://hostname.com/callback?orderId={orderId}&batchId={batchId}&orderState={orderState}&batchState={batchState}"
incidentBPNSs:
type: array
items:
type: string
pattern: "(BPN)[LSA][\\w\\d]{10}[\\w\\d]{2}"
maxItems: 2147483647
jobTimeout:
type: integer
format: int32
default: 3600
description: Timeout in seconds for each job processing inside the complete
order.
maximum: 7200
minimum: 60
keys:
type: array
items:
$ref: '#/components/schemas/PartChainIdentificationKey'
maxItems: 2147483647
timeout:
type: integer
format: int32
default: 43200
description: Timeout in seconds for the complete batch order processing.
maximum: 86400
minimum: 60
required:
- incidentBPNSs
- keys
RegisterBpnInvestigationJob:
type: object
additionalProperties: false
Expand Down
2 changes: 1 addition & 1 deletion docs/src/docs/arc42/building-block-view/level-2.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ include::../../../uml-diagrams/building-block-view/level-2-int-transfer-process-
|The DigitalTwinRegistryFacade calls the DigitalTwinRegistry to retrieve data form the AAS registry and transforms the response to internal data models.

|SubmodelFacade
|The SubmodelFacade calls the EDC to retrieve data from the submodel server and transforms the response to internal data models.
|The SubmodelFacade handles EDC contract negotiations and is responsible for the EDC dataplane requests to retrieve data from the submodel servers.

|BlobStore
|The BlobStore is the database where the relationships and tombstones are stored for a requested item.
Expand Down
Loading
Loading