diff --git a/CHANGELOG.md b/CHANGELOG.md index cdbc292469..948899cc44 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,7 @@ _**For better traceability add the corresponding GitHub issue number in each cha - #1222 Removed image publishing to GHCR - #1222 Adjust backend baseimage in Dockerfile to major version eclipse-temurin:21-jre-alpine - #XXX update springboot to 3.2.8 from 3.2.5 +- #XXX define uid and gid of backend Dockerfile directly in user, instead of variables ## [13.0.0 - 19.07.2024] diff --git a/DEPENDENCIES_BACKEND b/DEPENDENCIES_BACKEND index 67c37c250d..634d264a7a 100644 --- a/DEPENDENCIES_BACKEND +++ b/DEPENDENCIES_BACKEND @@ -124,13 +124,13 @@ maven/mavencentral/io.prometheus/simpleclient_tracer_common/0.16.0, Apache-2.0, maven/mavencentral/io.prometheus/simpleclient_tracer_otel/0.16.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.prometheus/simpleclient_tracer_otel_agent/0.16.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.rest-assured/json-path/5.3.2, Apache-2.0, approved, #9261 -maven/mavencentral/io.rest-assured/json-path/5.4.0, Apache-2.0, approved, #12042 +maven/mavencentral/io.rest-assured/json-path/5.5.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.rest-assured/json-schema-validator/5.4.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.rest-assured/rest-assured-common/5.3.2, Apache-2.0, approved, #9264 -maven/mavencentral/io.rest-assured/rest-assured-common/5.4.0, Apache-2.0, approved, #12039 -maven/mavencentral/io.rest-assured/rest-assured/5.4.0, Apache-2.0, approved, #15190 +maven/mavencentral/io.rest-assured/rest-assured-common/5.5.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/io.rest-assured/rest-assured/5.5.0, Apache-2.0, approved, #15676 maven/mavencentral/io.rest-assured/xml-path/5.3.2, Apache-2.0, approved, #9267 -maven/mavencentral/io.rest-assured/xml-path/5.4.0, Apache-2.0, approved, #12038 +maven/mavencentral/io.rest-assured/xml-path/5.5.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.smallrye/jandex/3.1.2, Apache-2.0, approved, clearlydefined maven/mavencentral/io.swagger.core.v3/swagger-annotations-jakarta/2.2.20, Apache-2.0, approved, #5947 maven/mavencentral/io.swagger.core.v3/swagger-annotations/2.2.18, Apache-2.0, approved, #11362 @@ -174,11 +174,8 @@ maven/mavencentral/org.apache.commons/commons-compress/1.26.1, Apache-2.0 AND (A maven/mavencentral/org.apache.commons/commons-lang3/3.11, Apache-2.0, approved, CQ22642 maven/mavencentral/org.apache.commons/commons-lang3/3.12.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.apache.commons/commons-lang3/3.13.0, Apache-2.0, approved, #9820 -maven/mavencentral/org.apache.groovy/groovy-json/4.0.16, Apache-2.0, approved, #7411 maven/mavencentral/org.apache.groovy/groovy-json/4.0.22, Apache-2.0, approved, #7411 -maven/mavencentral/org.apache.groovy/groovy-xml/4.0.16, Apache-2.0, approved, #10179 maven/mavencentral/org.apache.groovy/groovy-xml/4.0.22, Apache-2.0, approved, #10179 -maven/mavencentral/org.apache.groovy/groovy/4.0.16, Apache-2.0 AND BSD-3-Clause AND MIT, approved, #1742 maven/mavencentral/org.apache.groovy/groovy/4.0.22, Apache-2.0 AND BSD-3-Clause AND MIT, approved, #1742 maven/mavencentral/org.apache.httpcomponents/httpclient/4.5.13, Apache-2.0, approved, #15248 maven/mavencentral/org.apache.httpcomponents/httpcore/4.4.13, Apache-2.0, approved, CQ23528 diff --git a/Dockerfile b/Dockerfile index 155c3bfa3b..e583f250f5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -41,14 +41,11 @@ RUN --mount=type=cache,target=/root/.m2 mvn -B clean package -pl :$BUILD_TARGET # Copy the jar and build image FROM eclipse-temurin:21-jre-alpine AS traceability-app -ARG UID=10000 -ARG GID=1000 - WORKDIR /app COPY --chmod=755 --from=maven /build/tx-backend/target/traceability-app-*-exec.jar app.jar -USER ${UID}:${GID} +USER 10000:1000 ENTRYPOINT ["java", "-jar", "app.jar"] diff --git a/docs/concept/#1108-policy-management-enhancement/#1108-policy-management-enhancement.md b/docs/concept/#1108-policy-management-enhancement/#1108-policy-management-enhancement.md index 9b479ce8af..72740e484a 100644 --- a/docs/concept/#1108-policy-management-enhancement/#1108-policy-management-enhancement.md +++ b/docs/concept/#1108-policy-management-enhancement/#1108-policy-management-enhancement.md @@ -1,11 +1,11 @@ # \[Concept\] \[#1108\] Policy management enhancement -| Key | Value | -|---------------|---------------------------------------------------------------------------| -| Author | @ds-crehm | -| Creation date | 02.07.2024 | -| Ticket Id | [#849](https://github.com/eclipse-tractusx/traceability-foss/issues/1108) | -| State | DRAFT | +| Key | Value | +|---------------|----------------------------------------------------------------------------| +| Author | @ds-crehm | +| Creation date | 02.07.2024 | +| Ticket Id | [#1108](https://github.com/eclipse-tractusx/traceability-foss/issues/1108) | +| State | DRAFT | # Table of Contents 1. [Overview](#overview) @@ -22,22 +22,22 @@ It must be possible for users to change policies used for asset provisioning and - [ ] Part will be synchronized automatically afterwards - [ ] Policy updates trigger an update and synchronization of all related parts - [ ] When sending notifications, the active policy for the respective BPN is used for contract negotiation -- [ ] User can not create valid, active policies for BPNs that already have a valid, active policy +- [ ] User can not create policies with expiration date in the future for BPNs that already have a policy with an expiration date in the future. - [ ] If he wants to do so anyways, the existing policies will be invalidated (validUntil = currentTime). -> Before doing that, a modal will ask him for confirmation. -- [ ] If the EDC of the receiving BPN provides multiple contract offers, Trace-X will check if **any of them** are active and match the own policy definition. In that case, the data will be sent. This applies to data provisioning and notification transmission. -- [ ] After startup, additional policy is created for the own BPN. Its constraints are identical to the default-policy and it will be used for the initial contractOffer creation. -- [ ] contractOffer is only updated when the policy for the own BPN is changed or when a new policy for the own BPN is created. +- [ ] If the EDC of the receiving BPN provides multiple contract offers with included policies, Trace-X will check if **any of them** are active and match the own policy definition. In that case, the data will be sent. This applies to data provisioning and notification transmission. +- [ ] After startup, an additional policy is created for the own BPN. Its constraints are identical to the default-policy and it will be used for the initial contractOffer creation. +- [ ] The contractOffer is only updated when the policy for the own BPN is changed or when a new policy for the own BPN is created. - [ ] There must always be one policy with the own BPN included. It can not be deleted. The validUntil date for this one should be *null* and cannot be set to a different value. -- [ ] Default-policy is always used for sending notifications, when there is no policy defined for the receiver BPN. +- [ ] The default-policy is always used for sending notifications, when there is no policy defined for the receiver BPN. # Concept ## When to update policies for parts -A part can be republished with a different policy -> in this case the policy must be updated with the chosen policy and then republished. -For this the policy update process below must be used and then the existing publish-process can be used to republish and synchronize the part. +A part can be republished with a different policy. For this the administrator can simply select the part again and trigger the publish action. There he can select the desired policy. +Then the policy update process below can be used to update the policy for the part, which will then be republished. When a policy is updated, all parts that used this policy must be updated and republished with the new policy. -In this case, all parts using that policy must be updated. For this Trace-X must iterate through all parts and check if they use the changed policy. +For this Trace-X must iterate through all parts and check if they use the changed policy. Then the affected parts must have their policies updated. ## Policy update process for parts