fix: Adapt Helm Chart for version 0.3.x (eclipse-tractusx#211)

* Adapt Charts for version 0.3.x * fix business-tests * add edc.receiver.http.dynamic.endpoint * fix business-tests * code-review findings
paullatzelsperger · Apr 14, 2023 · 406e137 · 406e137
1 parent ecccbb0
commit 406e137
Show file tree

Hide file tree

Showing 8 changed files with 72 additions and 81 deletions.
diff --git a/.github/workflows/business-tests.yaml b/.github/workflows/business-tests.yaml
@@ -128,14 +128,14 @@ jobs:
         run: |-
           # Define endpoints
           echo "SOKRATES_DATA_MANAGEMENT_API_AUTH_KEY=password" | tee -a ${GITHUB_ENV}
-          echo "SOKRATES_DATA_MANAGEMENT_URL=http://sokrates-controlplane:8081/data" | tee -a ${GITHUB_ENV}
+          echo "SOKRATES_DATA_MANAGEMENT_URL=http://sokrates-controlplane:8081/management" | tee -a ${GITHUB_ENV}
           echo "SOKRATES_IDS_URL=http://sokrates-controlplane:8084/api/v1/ids" | tee -a ${GITHUB_ENV}
           echo "SOKRATES_DATA_PLANE_URL=http://sokrates-dataplane:8081/api/public/" | tee -a ${GITHUB_ENV}
           echo "SOKRATES_DATABASE_URL=jdbc:postgresql://plato-postgresql:5432/edc" | tee -a ${GITHUB_ENV}
           echo "SOKRATES_DATABASE_USER=user" | tee -a ${GITHUB_ENV}
           echo "SOKRATES_DATABASE_PASSWORD=password" | tee -a ${GITHUB_ENV}
           echo "PLATO_DATA_MANAGEMENT_API_AUTH_KEY=password" | tee -a ${GITHUB_ENV}
-          echo "PLATO_DATA_MANAGEMENT_URL=http://plato-controlplane:8081/data" | tee -a ${GITHUB_ENV}
+          echo "PLATO_DATA_MANAGEMENT_URL=http://plato-controlplane:8081/management" | tee -a ${GITHUB_ENV}
           echo "PLATO_IDS_URL=http://plato-controlplane:8084/api/v1/ids" | tee -a ${GITHUB_ENV}
           echo "PLATO_DATA_PLANE_URL=http://plato-dataplane:8081/api/public/" | tee -a ${GITHUB_ENV}
           echo "PLATO_DATABASE_URL=jdbc:postgresql://plato-postgresql:5432/edc" | tee -a ${GITHUB_ENV}
@@ -176,7 +176,7 @@ jobs:
             helm install plato charts/tractusx-connector  \
               --set fullnameOverride=plato \
               --set controlplane.service.type=NodePort \
-              --set controlplane.endpoints.data.authKey=password \
+              --set controlplane.endpoints.management.authKey=password \
               --set controlplane.image.tag=business-test \
               --set controlplane.image.pullPolicy=Never \
               --set controlplane.image.repository=docker.io/library/edc-controlplane-postgresql-hashicorp-vault \
@@ -209,7 +209,7 @@ jobs:
             helm install sokrates charts/tractusx-connector  \
               --set fullnameOverride=sokrates \
               --set controlplane.service.type=NodePort \
-              --set controlplane.endpoints.data.authKey=password \
+              --set controlplane.endpoints.management.authKey=password \
               --set controlplane.image.tag=business-test \
               --set controlplane.image.pullPolicy=Never \
               --set controlplane.image.repository=docker.io/library/edc-controlplane-postgresql-hashicorp-vault \

diff --git a/charts/tractusx-connector/templates/_helpers.tpl b/charts/tractusx-connector/templates/_helpers.tpl
@@ -110,9 +110,9 @@ Create the name of the service account to use
 {{/*
 Control IDS URL
 */}}
-{{- define "txdc.controlplane.url.ids" -}}
-{{- if .Values.controlplane.url.ids }}{{/* if ids api url has been specified explicitly */}}
-{{- .Values.controlplane.url.ids }}
+{{- define "txdc.controlplane.url.protocol" -}}
+{{- if .Values.controlplane.url.protocol }}{{/* if ids api url has been specified explicitly */}}
+{{- .Values.controlplane.url.protocol }}
 {{- else }}{{/* else when ids api url has not been specified explicitly */}}
 {{- with (index .Values.controlplane.ingresses 0) }}
 {{- if .enabled }}{{/* if ingress enabled */}}
@@ -122,17 +122,17 @@ Control IDS URL
 {{- printf "http://%s" .hostname -}}
 {{- end }}{{/* end if tls */}}
 {{- else }}{{/* else when ingress not enabled */}}
-{{- printf "http://%s-controlplane:%v" ( include "txdc.fullname" $ ) $.Values.controlplane.endpoints.ids.port -}}
+{{- printf "http://%s-controlplane:%v" ( include "txdc.fullname" $ ) $.Values.controlplane.endpoints.protocol.port -}}
 {{- end }}{{/* end if ingress */}}
 {{- end }}{{/* end with ingress */}}
-{{- end }}{{/* end if .Values.controlplane.url.ids */}}
+{{- end }}{{/* end if .Values.controlplane.url.protocol */}}
 {{- end }}
 
 {{/*
 Validation URL
 */}}
 {{- define "txdc.controlplane.url.validation" -}}
-{{- printf "http://%s-controlplane:%v%s/token" ( include "txdc.fullname" $ ) $.Values.controlplane.endpoints.validation.port $.Values.controlplane.endpoints.validation.path -}}
+{{- printf "http://%s-controlplane:%v%s/token" ( include "txdc.fullname" $ ) $.Values.controlplane.endpoints.control.port $.Values.controlplane.endpoints.control.path -}}
 {{- end }}
 
 {{/*

diff --git a/charts/tractusx-connector/templates/deployment-controlplane.yaml b/charts/tractusx-connector/templates/deployment-controlplane.yaml
@@ -128,45 +128,30 @@ spec:
               value: {{ printf "%s%s" .Values.daps.url .Values.daps.paths.token }}
             - name: EDC_OAUTH_PRIVATE_KEY_ALIAS
               value: {{ .Values.vault.secretNames.dapsPrivateKey | required ".Values.vault.secretNames.dapsPrivateKey is required" | quote }}
-            - name: EDC_OAUTH_PUBLIC_KEY_ALIAS
+            - name: EDC_OAUTH_CERTIFICATE_ALIAS
               value: {{ .Values.vault.secretNames.dapsPublicKey | required ".Values.vault.secretNames.dapsPublicKey is required" | quote }}
 
             #######
             # API #
             #######
             - name: "EDC_API_AUTH_KEY"
-              value: {{ .Values.controlplane.endpoints.data.authKey | required ".Values.controlplane.endpoints.data.authKey is required" | quote }}
+              value: {{ .Values.controlplane.endpoints.management.authKey | required ".Values.controlplane.endpoints.mangement.authKey is required" | quote }}
             - name: "WEB_HTTP_DEFAULT_PORT"
               value: {{ .Values.controlplane.endpoints.default.port | quote }}
             - name: "WEB_HTTP_DEFAULT_PATH"
               value: {{ .Values.controlplane.endpoints.default.path | quote }}
-            {{- if or (eq (substr 0 3 .Values.controlplane.image.tag) "0.1") (eq (substr 0 3 .Values.controlplane.image.tag) "0.2") }}
-            # WEB_HTTP_DATA_PORT is renamed to WEB_HTTP_MANAGEMENT_PORT from version 0.2.1 and newer
-            # we will keep both settings for downward capabilities
-            - name: "WEB_HTTP_DATA_PORT"
-              value: {{ .Values.controlplane.endpoints.data.port | quote }}
-            # WEB_HTTP_DATA_PATH is renamed to WEB_HTTP_MANAGEMENT_PATH from version 0.2.1 and newer
-            # we will keep both settings for downward capabilities
-            - name: "WEB_HTTP_DATA_PATH"
-              value: {{ .Values.controlplane.endpoints.data.path | quote }}
-            {{- else }}
             - name: "WEB_HTTP_MANAGEMENT_PORT"
-              value: {{ .Values.controlplane.endpoints.data.port | quote }}
+              value: {{ .Values.controlplane.endpoints.management.port | quote }}
             - name: "WEB_HTTP_MANAGEMENT_PATH"
-              value: {{ .Values.controlplane.endpoints.data.path | quote }}
-            {{- end }}
-            - name: "WEB_HTTP_VALIDATION_PORT"
-              value: {{ .Values.controlplane.endpoints.validation.port | quote }}
-            - name: "WEB_HTTP_VALIDATION_PATH"
-              value: {{ .Values.controlplane.endpoints.validation.path | quote }}
+              value: {{ .Values.controlplane.endpoints.management.path | quote }}
             - name: "WEB_HTTP_CONTROL_PORT"
               value: {{ .Values.controlplane.endpoints.control.port | quote }}
             - name: "WEB_HTTP_CONTROL_PATH"
               value: {{ .Values.controlplane.endpoints.control.path | quote }}
-            - name: "WEB_HTTP_IDS_PORT"
-              value: {{ .Values.controlplane.endpoints.ids.port | quote }}
-            - name: "WEB_HTTP_IDS_PATH"
-              value: {{ .Values.controlplane.endpoints.ids.path | quote }}
+            - name: "WEB_HTTP_PROTOCOL_PORT"
+              value: {{ .Values.controlplane.endpoints.protocol.port | quote }}
+            - name: "WEB_HTTP_PROTOCOL_PATH"
+              value: {{ .Values.controlplane.endpoints.protocol.path | quote }}
             - name: "WEB_HTTP_OBSERVABILITY_PORT"
               value: {{ .Values.controlplane.endpoints.observability.port | quote}}
             - name: "WEB_HTTP_OBSERVABILITY_PATH"
@@ -178,9 +163,9 @@ spec:
             ## IDS ##
             #########
             - name: "IDS_WEBHOOK_ADDRESS"
-              value: {{ include "txdc.controlplane.url.ids" . | quote }}
+              value: {{ include "txdc.controlplane.url.protocol" . | quote }}
             - name: "EDC_IDS_ENDPOINT"
-              value: {{ printf "%s%s" (include "txdc.controlplane.url.ids" .) .Values.controlplane.endpoints.ids.path | quote }}
+              value: {{ printf "%s%s" (include "txdc.controlplane.url.protocol" .) .Values.controlplane.endpoints.protocol.path | quote }}
             - name: "EDC_IDS_ID"
               value: {{ printf "urn:connector:%s" (lower .Values.controlplane.internationalDataSpaces.id) | quote }}
             - name: "EDC_IDS_DESCRIPTION"
@@ -196,10 +181,10 @@ spec:
             - name: "EDC_OAUTH_PROVIDER_AUDIENCE"
               value: "idsc:IDS_CONNECTORS_ALL"
             - name: "EDC_OAUTH_ENDPOINT_AUDIENCE"
-              value: {{ printf "%s%s%s" (include "txdc.controlplane.url.ids" . ) .Values.controlplane.endpoints.ids.path "/data" | quote }}
+              value: {{ printf "%s%s%s" (include "txdc.controlplane.url.protocol" . ) .Values.controlplane.endpoints.protocol.path "/data" | quote }}
             # this is the old setting name for 'EDC_OAUTH_ENDPOINT_AUDIENCE' and is mandatory for Produce EDC v0.1.2 and older
             - name: "EDC_IDS_ENDPOINT_AUDIENCE"
-              value: {{ printf "%s%s%s" (include "txdc.controlplane.url.ids" . ) .Values.controlplane.endpoints.ids.path "/data" | quote }}
+              value: {{ printf "%s%s%s" (include "txdc.controlplane.url.protocol" . ) .Values.controlplane.endpoints.protocol.path "/data" | quote }}
 
           {{- if .Values.postgresql.enabled }}
 
@@ -281,9 +266,9 @@ spec:
             - name: "EDC_TRANSFER_PROXY_TOKEN_VERIFIER_PUBLICKEY_ALIAS"
               value: {{ .Values.vault.secretNames.transferProxyTokenSignerPublicKey | quote }}
 
-            # see extension https://github.com/eclipse-edc/Connector/tree/main/extensions/control-plane/http-receiver
+            # see extension https://github.com/eclipse-edc/Connector/tree/main/extensions/control-plane/transfer/transfer-pull-http-dynamic-receiver
 
-            - name: "EDC_RECEIVER_HTTP_ENDPOINT"
+            - name: "EDC_RECEIVER_HTTP_DYNAMIC_ENDPOINT"
               value: {{ .Values.backendService.httpProxyTokenReceiverUrl | required ".Values.backendService.httpProxyTokenReceiverUrl is required" | quote }}
 
             ###########

diff --git a/charts/tractusx-connector/templates/deployment-dataplane.yaml b/charts/tractusx-connector/templates/deployment-dataplane.yaml
@@ -78,8 +78,8 @@ spec:
           {{- if .Values.dataplane.livenessProbe.enabled }}
           livenessProbe:
             httpGet:
-              path: {{ .Values.dataplane.endpoints.default.path }}/check/liveness
-              port: {{ .Values.dataplane.endpoints.default.port }}
+              path: {{ .Values.dataplane.endpoints.observability.path }}/check/liveness
+              port: {{ .Values.dataplane.endpoints.observability.port }}
             initialDelaySeconds: {{ .Values.dataplane.livenessProbe.initialDelaySeconds }}
             periodSeconds: {{ .Values.dataplane.livenessProbe.periodSeconds }}
             timeoutSeconds: {{ .Values.dataplane.livenessProbe.timeoutSeconds }}
@@ -89,8 +89,8 @@ spec:
           {{- if .Values.dataplane.readinessProbe.enabled }}
           readinessProbe:
             httpGet:
-              path: {{ .Values.dataplane.endpoints.default.path }}/check/readiness
-              port: {{ .Values.dataplane.endpoints.default.port }}
+              path: {{ .Values.dataplane.endpoints.observability.path }}/check/readiness
+              port: {{ .Values.dataplane.endpoints.observability.port }}
             initialDelaySeconds: {{ .Values.dataplane.readinessProbe.initialDelaySeconds }}
             periodSeconds: {{ .Values.dataplane.readinessProbe.periodSeconds }}
             timeoutSeconds: {{ .Values.dataplane.readinessProbe.timeoutSeconds }}
@@ -122,16 +122,18 @@ spec:
               value: {{ .Values.dataplane.endpoints.control.port | quote }}
             - name: "WEB_HTTP_CONTROL_PATH"
               value: {{ .Values.dataplane.endpoints.control.path | quote }}
-            - name: "WEB_HTTP_VALIDATION_PORT"
-              value: {{ .Values.dataplane.endpoints.validation.port | quote }}
-            - name: "WEB_HTTP_VALIDATION_PATH"
-              value: {{ .Values.dataplane.endpoints.validation.path | quote }}
             - name: "WEB_HTTP_PUBLIC_PORT"
               value: {{ .Values.dataplane.endpoints.public.port | quote }}
             - name: "WEB_HTTP_PUBLIC_PATH"
               value: {{ .Values.dataplane.endpoints.public.path | quote }}
             - name: "EDC_DATAPLANE_TOKEN_VALIDATION_ENDPOINT"
               value: {{ include "txdc.controlplane.url.validation" .}}
+            - name: "WEB_HTTP_OBSERVABILITY_PORT"
+              value: {{ .Values.dataplane.endpoints.observability.port | quote }}
+            - name: "WEB_HTTP_OBSERVABILITY_PATH"
+              value: {{ .Values.dataplane.endpoints.observability.path | quote }}
+            - name: "TRACTUSX_API_OBSERVABILITY_ALLOW-INSECURE"
+              value: {{ .Values.dataplane.endpoints.observability.insecure | quote }}
 
             #######
             # AWS #
@@ -178,10 +180,16 @@ spec:
               value: {{ .Values.vault.azure.tenant | quote }}
             - name: "EDC_VAULT_NAME"
               value: {{ .Values.vault.azure.name | quote }}
+            # only set the env var if config value not null
+            {{- if .Values.vault.azure.secret }}
             - name: "EDC_VAULT_CLIENTSECRET"
               value: {{ .Values.vault.azure.secret | quote }}
+            {{- end }}
+            # only set the env var if config value not null
+            {{- if .Values.vault.azure.certificate }}
             - name: "EDC_VAULT_CERTIFICATE"
               value: {{ .Values.vault.azure.certificate | quote }}
+            {{- end }}
           {{- end }}
 
             ######################################

diff --git a/charts/tractusx-connector/templates/service-controlplane.yaml b/charts/tractusx-connector/templates/service-controlplane.yaml
@@ -39,18 +39,14 @@ spec:
       targetPort: control
       protocol: TCP
       name: control
-    - port: {{ .Values.controlplane.endpoints.data.port }}
-      targetPort: data
+    - port: {{ .Values.controlplane.endpoints.management.port }}
+      targetPort: management
       protocol: TCP
-      name: data
-    - port: {{ .Values.controlplane.endpoints.validation.port }}
-      targetPort: validation
+      name: management
+    - port: {{ .Values.controlplane.endpoints.protocol.port }}
+      targetPort: protocol
       protocol: TCP
-      name: validation
-    - port: {{ .Values.controlplane.endpoints.ids.port }}
-      targetPort: ids
-      protocol: TCP
-      name: ids
+      name: protocol
     - port: {{ .Values.controlplane.endpoints.metrics.port }}
       targetPort: metrics
       protocol: TCP

diff --git a/charts/tractusx-connector/templates/service-dataplane.yaml b/charts/tractusx-connector/templates/service-dataplane.yaml
@@ -21,6 +21,10 @@ spec:
       targetPort: public
       protocol: TCP
       name: public
+    - port: {{ .Values.dataplane.endpoints.observability.port }}
+      targetPort: observability
+      protocol: TCP
+      name: observability
     - port: {{ .Values.dataplane.endpoints.metrics.port }}
       targetPort: metrics
       protocol: TCP

diff --git a/charts/tractusx-connector/values.yaml b/charts/tractusx-connector/values.yaml
@@ -89,27 +89,21 @@ controlplane:
       # -- path for incoming api calls
       path: /api
     # -- data management api, used by internal users, can be added to an ingress and must not be internet facing
-    data:
+    management:
       # -- port for incoming api calls
       port: 8081
       # -- path for incoming api calls
-      path: /data
+      path: /management
       # -- authentication key, must be attached to each 'X-Api-Key' request header
       authKey: ""
-    # -- validation api, only used by the data plane and should not be added to any ingress
-    validation:
-      # -- port for incoming api calls
-      port: 8082
-      # -- path for incoming api calls
-      path: /validation
     # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not
     control:
       # -- port for incoming api calls
       port: 8083
       # -- path for incoming api calls
       path: /control
     # -- ids api, used for inter connector communication and must be internet facing
-    ids:
+    protocol:
       # -- port for incoming api calls
       port: 8084
       # -- path for incoming api calls
@@ -221,7 +215,7 @@ controlplane:
       annotations: {}
       # -- EDC endpoints exposed by this ingress resource
       endpoints:
-        - data
+        - management
         - control
       # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class)  to use
       className: ""
@@ -340,12 +334,16 @@ dataplane:
     public:
       port: 8081
       path: /api/public
-    validation:
-      port: 8082
-      path: /validation
     control:
       port: 8083
       path: /api/dataplane/control
+    observability:
+      # -- port for incoming API calls
+      port: 8085
+      # -- observability api, provides /health /readiness and /liveness endpoints
+      path: /observability
+      # -- allow or disallow insecure access, i.e. access without authentication
+      insecure: true
     metrics:
       port: 9090
       path: /metrics

diff --git a/edc-dataplane/edc-dataplane-base/build.gradle.kts b/edc-dataplane/edc-dataplane-base/build.gradle.kts
@@ -4,18 +4,18 @@ plugins {
 }
 
 dependencies {
-    implementation(edc.config.filesystem)
-    implementation(edc.dpf.awss3)
-    implementation(edc.dpf.oauth2)
-    implementation(edc.dpf.http)
+    runtimeOnly(project(":edc-extensions:observability-api-customization"))
 
-    implementation(edc.dpf.framework)
-    implementation(edc.dpf.api)
-    implementation(edc.api.observability)
-    implementation(edc.core.connector)
-    implementation(edc.boot)
+    runtimeOnly(edc.config.filesystem)
+    runtimeOnly(edc.dpf.awss3)
+    runtimeOnly(edc.dpf.oauth2)
+    runtimeOnly(edc.dpf.http)
 
+    runtimeOnly(edc.dpf.framework)
+    runtimeOnly(edc.dpf.api)
+    runtimeOnly(edc.core.connector)
+    runtimeOnly(edc.boot)
 
-    implementation(edc.bundles.monitoring)
-    implementation(edc.ext.http)
+    runtimeOnly(edc.bundles.monitoring)
+    runtimeOnly(edc.ext.http)
 }