feat: switch file transfer from local to MinIO storage

gradle/libs.versions.toml

@@ -73,6 +73,7 @@ testcontainers-minio = { module = "org.testcontainers:minio", version.ref = "tes
 testcontainers-hashicorp-vault = { module = "org.testcontainers:vault", version.ref = "testcontainers" }
 azure-storage-blob = { module = "com.azure:azure-storage-blob", version = "12.28.1" }
 minio-io = { module = "io.minio:minio", version = "8.5.13" }
-
+edc-data-plane-util = { module = "org.eclipse.edc:data-plane-util", version.ref = "edc" }
+edc-provision-aws-s3 = { module = "org.eclipse.edc.aws:provision-aws-s3", version.ref = "edc" }
 [plugins]
 shadow = { id = "com.github.johnrengelman.shadow", version = "8.1.1" }

policy/policy-02-provision/policy-provision-consumer/build.gradle.kts

@@ -28,7 +28,7 @@ dependencies {
     implementation(libs.edc.transfer.data.plane.signaling)
     implementation(libs.edc.transfer.pull.http.receiver)
     implementation(libs.edc.validator.data.address.http.data)
-    implementation(libs.edc.api.control.configuration)
+    implementation(libs.edc.control.api.configuration)
 
     implementation(libs.edc.edr.cache.api)
     implementation(libs.edc.edr.store.core)
@@ -38,10 +38,13 @@ dependencies {
     implementation(libs.edc.data.plane.selector.core)
 
     implementation(libs.edc.data.plane.self.registration)
-    implementation(libs.edc.data.plane.control.api)
+    implementation(libs.edc.data.plane.signaling.api)
     implementation(libs.edc.data.plane.public.api)
     implementation(libs.edc.data.plane.core)
     implementation(libs.edc.data.plane.http)
+    implementation(libs.edc.provision.aws.s3)
+    implementation(libs.edc.data.plane.aws.s3)
+    implementation(libs.edc.http)
 }
 
 application {

policy/policy-02-provision/policy-provision-consumer/config.properties

@@ -6,10 +6,12 @@ web.http.management.port=9192
 web.http.management.path=/management
 web.http.protocol.port=9292
 web.http.protocol.path=/protocol
-edc.transfer.proxy.token.signer.privatekey.alias=private-key
-edc.transfer.proxy.token.verifier.publickey.alias=public-key
 web.http.public.port=9195
 web.http.public.path=/public
 web.http.control.port=9193
 web.http.control.path=/control
 
+edc.aws.access.key=S3AccessKey
+edc.aws.secret.access.key=S3SecretKey
+edc.aws.endpoint.override=http://localhost:9000
+edc.aws.region=us-east-1

policy/policy-02-provision/policy-provision-consumer/src/main/java/org/eclipse/edc/sample/extension/policy/ConsumerPolicyFunctionsExtension.java

@@ -20,29 +20,36 @@
 import org.eclipse.edc.runtime.metamodel.annotation.Extension;
 import org.eclipse.edc.runtime.metamodel.annotation.Inject;
 import org.eclipse.edc.spi.monitor.Monitor;
+import org.eclipse.edc.spi.security.Vault;
 import org.eclipse.edc.spi.system.ServiceExtension;
 import org.eclipse.edc.spi.system.ServiceExtensionContext;
 
-import static org.eclipse.edc.connector.controlplane.transfer.spi.provision.ResourceManifestGenerator.MANIFEST_VERIFICATION_SCOPE;
+//import static org.eclipse.edc.connector.controlplane.transfer.spi.provision.ResourceManifestGenerator.MANIFEST_VERIFICATION_SCOPE;
 import static org.eclipse.edc.policy.engine.spi.PolicyEngine.ALL_SCOPES;
 
 @Extension(value = ConsumerPolicyFunctionsExtension.NAME)
 public class ConsumerPolicyFunctionsExtension implements ServiceExtension {
     public static final String NAME = "Consumer Policy Functions Extension";
     public static final String KEY = "POLICY_REGULATE_FILE_PATH";
+    public static final String MANIFEST_VERIFICATION_SCOPE = "provision.manifest.verify";
 
     @Inject
     private Monitor monitor;
     @Inject
     private RuleBindingRegistry ruleBindingRegistry;
     @Inject
     private PolicyEngine policyEngine;
+    @Inject
+    private Vault vault;
 
     @Override
     public void initialize(ServiceExtensionContext context) {
         ruleBindingRegistry.bind("USE", ALL_SCOPES);
         ruleBindingRegistry.bind(KEY, MANIFEST_VERIFICATION_SCOPE);
         policyEngine.registerFunction(MANIFEST_VERIFICATION_SCOPE, Permission.class, KEY, new RegulateFilePathFunction(monitor));
+
+        vault.storeSecret("S3AccessKey", "admin");
+        vault.storeSecret("S3SecretKey", "password");
     }
 
     @Override

policy/policy-02-provision/policy-provision-consumer/src/main/java/org/eclipse/edc/sample/extension/policy/RegulateFilePathFunction.java

@@ -15,11 +15,11 @@
 package org.eclipse.edc.sample.extension.policy;
 
 import org.eclipse.edc.connector.controlplane.transfer.spi.provision.ResourceManifestContext;
+import org.eclipse.edc.connector.provision.aws.s3.S3BucketResourceDefinition;
 import org.eclipse.edc.policy.engine.spi.AtomicConstraintFunction;
 import org.eclipse.edc.policy.engine.spi.PolicyContext;
 import org.eclipse.edc.policy.model.Operator;
 import org.eclipse.edc.policy.model.Permission;
-import org.eclipse.edc.sample.extension.provision.LocalResourceDefinition;
 import org.eclipse.edc.spi.monitor.Monitor;
 
 import java.util.Objects;
@@ -33,13 +33,18 @@ public RegulateFilePathFunction(Monitor monitor) {
 
     @Override
     public boolean evaluate(Operator operator, Object rightValue, Permission rule, PolicyContext context) {
-        var desiredFilePath = (String) rightValue;
+        var desiredRegion = (String) rightValue;
 
         if (Objects.requireNonNull(operator) == Operator.EQ) {
             var manifestContext = context.getContextData(ResourceManifestContext.class);
+
             manifestContext.getDefinitions().stream()
-                    .filter(definition -> definition.getClass().equals(LocalResourceDefinition.class))
-                    .forEach(definition -> ((LocalResourceDefinition) definition).updatePathName(desiredFilePath));
+                    .filter(S3BucketResourceDefinition.class::isInstance)
+                    .map(S3BucketResourceDefinition.class::cast)
+                    .forEach(definition -> {
+                        definition.toBuilder().regionId(desiredRegion).build();
+                    });
+
             return true;
         }