feat: use new BPN Policy in artefacts and E2E tests (#690)

* feat: use new BPN Policy in artefacts and E2E tests

* moved old code to the new module

* add README.md

* update helm charts, extend helm tests

* update helm tests

* unrelated: clean out old files

* use mgmt api as helm test

* fix datasource in azure chart

.github/workflows/deployment-test.yaml

@@ -73,7 +73,7 @@ jobs:
             kubectl rollout status deployment tx-inmem
             
             # execute the helm test
-            helm test tx-inmem --logs
+            helm test tx-inmem
 
   test-hashicorp-postgres:
     runs-on: ubuntu-latest
@@ -98,7 +98,7 @@ jobs:
             kubectl rollout status deployment tx-prod-dataplane
 
             # execute the helm test
-            helm test tx-prod --logs
+            helm test tx-prod
 
   test-azure-vault-postgres:
     runs-on: ubuntu-latest
@@ -135,4 +135,4 @@ jobs:
             kubectl rollout status deployment tx-prod-dataplane
 
             # execute the helm test
-            helm test tx-prod --logs
+            helm test tx-prod

charts/tractusx-connector-azure-vault/templates/deployment-controlplane.yaml

@@ -228,6 +228,16 @@ spec:
             - name: "EDC_DATASOURCE_EDR_URL"
               value: {{ tpl .Values.postgresql.jdbcUrl . | quote }}
 
+            # see extension https://github.com/eclipse-tractusx/tractusx-edc/tree/main/edc-extensions/bpn-validation/business-partner-store-sql
+            - name: "EDC_DATASOURCE_BPN_NAME"
+              value: "bpn"
+            - name: "EDC_DATASOURCE_BPN_USER"
+              value: {{ .Values.postgresql.auth.username | required ".Values.postgresql.auth.username is required" | quote }}
+            - name: "EDC_DATASOURCE_BPN_PASSWORD"
+              value: {{ .Values.postgresql.auth.password | required ".Values.postgresql.auth.password is required" | quote }}
+            - name: "EDC_DATASOURCE_BPN_URL"
+              value: {{ tpl .Values.postgresql.jdbcUrl . | quote }}
+
             ################
             ## DATA PLANE ##
             ################

charts/tractusx-connector-azure-vault/templates/tests/test-controlplane.yaml

@@ -0,0 +1,56 @@
+#
+  #  Copyright (c) 2023 Contributors to the Eclipse Foundation
+  #
+  #  See the NOTICE file(s) distributed with this work for additional
+  #  information regarding copyright ownership.
+  #
+  #  This program and the accompanying materials are made available under the
+  #  terms of the Apache License, Version 2.0 which is available at
+  #  https://www.apache.org/licenses/LICENSE-2.0
+  #
+  #  Unless required by applicable law or agreed to in writing, software
+  #  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+  #  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+  #  License for the specific language governing permissions and limitations
+  #  under the License.
+  #
+  #  SPDX-License-Identifier: Apache-2.0
+  #
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{include "txdc.fullname" .}}-test-controlplane"
+  labels:
+    {{- include "txdc.controlplane.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+    "helm.sh/hook-delete-policy": {{ .Values.tests.hookDeletePolicy }}
+spec:
+  containers:
+    {{/* Poke the pod's management API   */}}
+    - name: readiness
+      image: curlimages/curl
+      command: [ 'curl', '--fail' ]
+      args: [ '{{- printf "http://%s-controlplane:%v%s/check/readiness" (include "txdc.fullname" $ ) $.Values.controlplane.endpoints.default.port $.Values.controlplane.endpoints.default.path -}}' ]
+
+    {{/* Try adding a BPN Group to the store via the management API   */}}
+    - name: mgmt-api-bpn-store
+      image: curlimages/curl
+      command: [ 'curl', '-X', 'POST', '--fail','-H','Content-Type: application/json', '-H', '{{- printf "x-api-key: %s" $.Values.controlplane.endpoints.management.authKey }}', '-d', '{
+                    "@context": {
+                        "tx": "https://w3id.org/tractusx/v0.0.1/ns/"
+                    },
+                    "@id": "tx:BPN000001234",
+                    "tx:groups": ["group1", "group2", "group3"]
+                }' ]
+      args: [ '{{- printf "http://%s-controlplane:%v%s/business-partner-groups" (include "txdc.fullname" $ ) $.Values.controlplane.endpoints.management.port $.Values.controlplane.endpoints.management.path -}}' ]
+  restartPolicy: Never
+  securityContext:
+    fsGroup: 101 # curl_group
+    runAsGroup: 101 # curl_group
+    runAsNonRoot: true
+    runAsUser: 100 # curl_user
+    seccompProfile:
+      type: RuntimeDefault

charts/tractusx-connector-azure-vault/templates/tests/test-dataplane-readiness.yaml

@@ -31,7 +31,7 @@ spec:
   containers:
     - name: wget
       image: curlimages/curl
-      command: [ 'curl' ]
+      command: [ 'curl', '--fail' ]
       args: [ '{{- printf "http://%s-dataplane:%v%s/check/readiness" (include "txdc.fullname" $ ) $.Values.dataplane.endpoints.default.port $.Values.dataplane.endpoints.default.path -}}' ]
   restartPolicy: Never
   securityContext:
@@ -40,4 +40,4 @@ spec:
     runAsNonRoot: true
     runAsUser: 100 # curl_user
     seccompProfile:
-        type: RuntimeDefault
+      type: RuntimeDefault

charts/tractusx-connector-memory/templates/service-runtime.yaml

@@ -40,9 +40,9 @@ spec:
       protocol: TCP
       name: control
     - port: {{ .Values.runtime.endpoints.management.port }}
-      targetPort: data
+      targetPort: management
       protocol: TCP
-      name: data
+      name: management
     - port: {{ .Values.runtime.endpoints.validation.port }}
       targetPort: validation
       protocol: TCP

charts/tractusx-connector-memory/templates/tests/test-runtime.yaml

@@ -0,0 +1,57 @@
+#
+  #  Copyright (c) 2023 ZF Friedrichshafen AG
+  #  Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH
+  #  Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG)
+  #  Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
+  #
+  #  See the NOTICE file(s) distributed with this work for additional
+  #  information regarding copyright ownership.
+  #
+  #  This program and the accompanying materials are made available under the
+  #  terms of the Apache License, Version 2.0 which is available at
+  #  https://www.apache.org/licenses/LICENSE-2.0
+  #
+  #  Unless required by applicable law or agreed to in writing, software
+  #  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+  #  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+  #  License for the specific language governing permissions and limitations
+  #  under the License.
+  #
+  #  SPDX-License-Identifier: Apache-2.0
+  #
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "txdc.fullname" . }}-test"
+  labels:
+    {{- include "txdc.runtime.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+    "helm.sh/hook-delete-policy": {{ .Values.tests.hookDeletePolicy }}
+spec:
+  containers:
+    - name: readiness
+      image: curlimages/curl
+      command: [ 'curl', '--fail' ]
+      args: [ '{{- printf "http://%s-runtime:%v%s/check/readiness" (include "txdc.fullname" $ ) $.Values.runtime.endpoints.default.port $.Values.runtime.endpoints.default.path -}}' ]
+    {{/* Try adding a BPN Group to the store via the management API   */}}
+    - name: mgmt-api-bpn-store
+      image: curlimages/curl
+      command: [ 'curl', '-X', 'POST', '--fail','-H','Content-Type: application/json', '-H', '{{- printf "x-api-key: %s" $.Values.runtime.endpoints.management.authKey }}', '-d', '{
+                    "@context": {
+                        "tx": "https://w3id.org/tractusx/v0.0.1/ns/"
+                    },
+                    "@id": "tx:BPN000001234",
+                    "tx:groups": ["group1", "group2", "group3"]
+                }' ]
+      args: [ '{{- printf "http://%s-runtime:%v%s/business-partner-groups" (include "txdc.fullname" $ ) $.Values.runtime.endpoints.management.port $.Values.runtime.endpoints.management.path -}}' ]
+  restartPolicy: Never
+  securityContext:
+    fsGroup: 101 # curl_group
+    runAsGroup: 101 # curl_group
+    runAsNonRoot: true
+    runAsUser: 100 # curl_user
+    seccompProfile:
+      type: RuntimeDefault

charts/tractusx-connector/templates/deployment-controlplane.yaml

@@ -228,6 +228,16 @@ spec:
             - name: "EDC_DATASOURCE_EDR_URL"
               value: {{ tpl .Values.postgresql.jdbcUrl . | quote }}
 
+            # see extension https://github.com/eclipse-tractusx/tractusx-edc/tree/main/edc-extensions/bpn-validation/business-partner-store-sql
+            - name: "EDC_DATASOURCE_BPN_NAME"
+              value: "bpn"
+            - name: "EDC_DATASOURCE_BPN_USER"
+              value: {{ .Values.postgresql.auth.username | required ".Values.postgresql.auth.username is required" | quote }}
+            - name: "EDC_DATASOURCE_BPN_PASSWORD"
+              value: {{ .Values.postgresql.auth.password | required ".Values.postgresql.auth.password is required" | quote }}
+            - name: "EDC_DATASOURCE_BPN_URL"
+              value: {{ tpl .Values.postgresql.jdbcUrl . | quote }}
+
             ################
             ## DATA PLANE ##
             ################

charts/tractusx-connector-azure-vault/templates/tests/test-controlplane-readiness.yaml → charts/tractusx-connector/templates/tests/test-controlplane.yaml

@@ -21,23 +21,36 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: "{{include "txdc.fullname" .}}test-controlplane-readiness"
+  name: "{{include "txdc.fullname" .}}-test-controlplane"
   labels:
     {{- include "txdc.controlplane.labels" . | nindent 4 }}
   annotations:
     "helm.sh/hook": test
     "helm.sh/hook-delete-policy": {{ .Values.tests.hookDeletePolicy }}
 spec:
   containers:
-    - name: wget
+    {{/* Poke the pod's management API   */}}
+    - name: readiness
       image: curlimages/curl
-      command: [ 'curl' ]
+      command: [ 'curl', '--fail' ]
       args: [ '{{- printf "http://%s-controlplane:%v%s/check/readiness" (include "txdc.fullname" $ ) $.Values.controlplane.endpoints.default.port $.Values.controlplane.endpoints.default.path -}}' ]
+
+    {{/* Try adding a BPN Group to the store via the management API   */}}
+    - name: bpn-store
+      image: curlimages/curl
+      command: [ 'curl', '-X', 'POST', '--fail','-H','Content-Type: application/json', '-H', '{{- printf "x-api-key: %s" $.Values.controlplane.endpoints.management.authKey }}', '-d', '{
+                    "@context": {
+                        "tx": "https://w3id.org/tractusx/v0.0.1/ns/"
+                    },
+                    "@id": "tx:BPN000001234",
+                    "tx:groups": ["group1", "group2", "group3"]
+                }' ]
+      args: [ '{{- printf "http://%s-controlplane:%v%s/business-partner-groups" (include "txdc.fullname" $ ) $.Values.controlplane.endpoints.management.port $.Values.controlplane.endpoints.management.path -}}' ]
   restartPolicy: Never
   securityContext:
     fsGroup: 101 # curl_group
     runAsGroup: 101 # curl_group
     runAsNonRoot: true
     runAsUser: 100 # curl_user
     seccompProfile:
-        type: RuntimeDefault
+      type: RuntimeDefault

charts/tractusx-connector/templates/tests/test-dataplane-readiness.yaml

@@ -1,21 +1,21 @@
 #
-#  Copyright (c) 2023 Contributors to the Eclipse Foundation
-#
-#  See the NOTICE file(s) distributed with this work for additional
-#  information regarding copyright ownership.
-#
-#  This program and the accompanying materials are made available under the
-#  terms of the Apache License, Version 2.0 which is available at
-#  https://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#  License for the specific language governing permissions and limitations
-#  under the License.
-#
-#  SPDX-License-Identifier: Apache-2.0
-#
+  #  Copyright (c) 2023 Contributors to the Eclipse Foundation
+  #
+  #  See the NOTICE file(s) distributed with this work for additional
+  #  information regarding copyright ownership.
+  #
+  #  This program and the accompanying materials are made available under the
+  #  terms of the Apache License, Version 2.0 which is available at
+  #  https://www.apache.org/licenses/LICENSE-2.0
+  #
+  #  Unless required by applicable law or agreed to in writing, software
+  #  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+  #  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+  #  License for the specific language governing permissions and limitations
+  #  under the License.
+  #
+  #  SPDX-License-Identifier: Apache-2.0
+  #
 
 ---
 apiVersion: v1
@@ -31,7 +31,7 @@ spec:
   containers:
     - name: wget
       image: curlimages/curl
-      command: [ 'curl' ]
+      command: [ 'curl', '--fail' ]
       args: [ '{{- printf "http://%s-dataplane:%v%s/check/readiness" (include "txdc.fullname" $ ) $.Values.dataplane.endpoints.default.port $.Values.dataplane.endpoints.default.path -}}' ]
   restartPolicy: Never
   securityContext:
@@ -40,4 +40,4 @@ spec:
     runAsNonRoot: true
     runAsUser: 100 # curl_user
     seccompProfile:
-        type: RuntimeDefault
+      type: RuntimeDefault