diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml
index 670833f..3086fd5 100644
--- a/.github/workflows/ci-release.yml
+++ b/.github/workflows/ci-release.yml
@@ -49,7 +49,7 @@ jobs:
docker push "${APP_PACKAGES_URL}:latest"
docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
env:
- APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-verifier-service
+ APP_PACKAGES_URL: ghcr.io/worldhealthorganization/tng-key-distribution/tng-key-distribution
APP_PACKAGES_USERNAME: ${{ github.actor }}
APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: assets
@@ -82,8 +82,8 @@ jobs:
cf target -o ${CF_ORG} -s ${CF_SPACE}
cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
env:
- APP_NAME: dgca-verifier-service-eu-test
- APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-verifier-service
+ APP_NAME: tng-key-distribution-test
+ APP_IMAGE: ghcr.io/worldhealthorganization/tng-key-distribution/tng-key-distribution
CF_API: ${{ secrets.CF_API }}
CF_ORG: ${{ secrets.CF_ORG }}
CF_SPACE: ${{ secrets.CF_SPACE }}
diff --git a/Dockerfile b/Dockerfile
index 03de66b..4eadf5d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,13 @@
-FROM adoptopenjdk:11-jre-hotspot
-COPY ./target/*.jar /app/app.jar
-WORKDIR /app
-ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -Djava.security.egd=file:/dev/./urandom -jar ./app.jar" ]
+FROM eclipse-temurin:17-jre
+
+WORKDIR /
+
+COPY [ "./target/tng-key-distribution-latest.jar", "/tng-key-distribution.jar" ]
+
+ENV JAVA_OPTS="$JAVA_OPTS -Xms256M -Xmx1G"
+
+EXPOSE 8080
+
+USER 65534:65534
+
+ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -Djava.security.egd=file:/dev/./urandom -jar /tng-key-distribution.jar" ]
diff --git a/docker-compose.yml b/docker-compose.yml
index f337100..025645e 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,41 +2,35 @@ version: '3'
services:
postgres:
- image: library/postgres:9.6
- container_name: tng-key-distribution-postgres
+ image: postgres
ports:
- 5432:5432
environment:
- POSTGRES_DB: postgres
- POSTGRES_USER: postgres
- POSTGRES_PASSWORD: postgres
+ - POSTGRES_PASSWORD=admin # do not use this for production deployments
+ - PGPASSWORD=admin # do not use this for production deployments
+ - POSTGRES_USER=postgres
+ - POSTGRES_DB=postgres
restart: unless-stopped
networks:
persistence:
- backend:
+ tng-kds:
build: .
- image: eu-digital-green-certificates/dgc-verifier-service
- container_name: tng-key-distribution
- ports:
- - 8080:8080
+ image: ghcr.io/worldhealthorganization/tng-key-distribution/tng-key-distribution:latest
volumes:
- ./certs:/ec/prod/app/san/dgc
+ - ./logs:/logs
+ ports:
+ - 8080:8080
environment:
- SERVER_PORT=8080
- SPRING_PROFILES_ACTIVE=cloud
- - SPRING_DATASOURCE_URL=jdbc:postgresql://dgc-verifier-service-postgres:5432/postgres
+ - SPRING_DATASOURCE_URL=jdbc:postgresql://postgres:5432/postgres
+ - SPRING_DATASOURCE_DRIVERCLASSNAME=org.postgresql.Driver
+ - SPRING_DATASOURCE_JNDI_NAME=false
+ - SPRING_JPA_DATABASEPLATFORM=org.hibernate.dialect.PostgreSQLDialect
- SPRING_DATASOURCE_USERNAME=postgres
- - SPRING_DATASOURCE_PASSWORD=postgres
- - DGC_GATEWAY_CONNECTOR_ENDPOINT=https://dgc-gateway.example.com
- - DGC_GATEWAY_CONNECTOR_TLSTRUSTSTORE_PATH=file:/ec/prod/app/san/dgc/tls_trust_store.p12
- - DGC_GATEWAY_CONNECTOR_TLSTRUSTSTORE_PASSWORD=dgcg-p4ssw0rd
- - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_ALIAS=1
- - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_PATH=file:/ec/prod/app/san/dgc/tls_key_store.p12
- - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_PASSWORD=dgcg-p4ssw0rd
- - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_ALIAS=ta
- - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_PATH=file:/ec/prod/app/san/dgc/trust_anchor.jks
- - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_PASSWORD=dgcg-p4ssw0rd
+ - SPRING_DATASOURCE_PASSWORD=admin # do not use this for production deployments
depends_on:
- postgres
networks:
@@ -44,5 +38,5 @@ services:
persistence:
networks:
- backend:
persistence:
+ backend:
diff --git a/k8s/helm/tngkds/.helmignore b/k8s/helm/tngkds/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/k8s/helm/tngkds/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/k8s/helm/tngkds/Chart.yaml b/k8s/helm/tngkds/Chart.yaml
new file mode 100644
index 0000000..d50a026
--- /dev/null
+++ b/k8s/helm/tngkds/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: tngkds
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
diff --git a/k8s/helm/tngkds/charts/tngkds-backend/.helmignore b/k8s/helm/tngkds/charts/tngkds-backend/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-backend/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/k8s/helm/tngkds/charts/tngkds-backend/Chart.yaml b/k8s/helm/tngkds/charts/tngkds-backend/Chart.yaml
new file mode 100644
index 0000000..ef2337c
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-backend/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: tngkds-backend
+description: A Helm chart for TNG Key Distribution Service
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
diff --git a/k8s/helm/tngkds/charts/tngkds-backend/templates/_helpers.tpl b/k8s/helm/tngkds/charts/tngkds-backend/templates/_helpers.tpl
new file mode 100644
index 0000000..b30552c
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-backend/templates/_helpers.tpl
@@ -0,0 +1,46 @@
+{{/*
+Template labels
+*/}}
+{{- define "tngkds-backend.templateLabels" -}}
+ app: {{ template "tngkds-backend.fullname" . }}
+{{- end -}}
+
+{{- define "tngkds-backend.selectorLabels" -}}
+ app: {{ template "tngkds-backend.fullname" . }}
+{{- end -}}
+
+{{- define "tngkds-backend.labels" -}}
+ app: {{ template "tngkds-backend.fullname" . }}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "tngkds-backend.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "tngkds-backend.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "tngkds-backend.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/k8s/helm/tngkds/charts/tngkds-backend/templates/configmap.yml b/k8s/helm/tngkds/charts/tngkds-backend/templates/configmap.yml
new file mode 100644
index 0000000..fb77939
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-backend/templates/configmap.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "tngkds-backend.fullname" . }}-cfg
+data:
+ host: "{{ .Values.configMap.data.host }}"
+ dbname: "{{ .Values.configMap.data.dbName }}"
diff --git a/k8s/helm/tngkds/charts/tngkds-backend/templates/deployment.yaml b/k8s/helm/tngkds/charts/tngkds-backend/templates/deployment.yaml
new file mode 100644
index 0000000..52cbe17
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-backend/templates/deployment.yaml
@@ -0,0 +1,75 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "tngkds-backend.fullname" . }}
+ labels:
+ {{- include "tngkds-backend.labels" . | nindent 4 }}
+spec:
+ {{- if not .Values.autoscaling.enabled }}
+ replicas: {{ .Values.replicaCount }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "tngkds-backend.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "tngkds-backend.labels" . | nindent 8 }}
+ spec:
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: "{{ .Values.image.repository }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ ports:
+ {{ range .Values.service.ports }}
+ - name: {{ .name }}
+ containerPort: {{ .port }}
+ protocol: {{ .protocol }}
+ {{ end }}
+ env:
+ - name: SERVER_PORT
+ value: "{{ .Values.server.port }}"
+ - name: SPRING_PROFILES_ACTIVE
+ value: {{ .Values.spring.profile }}
+ - name: SPRING_DATASOURCE_URL
+ value: "jdbc:postgresql://{{ .Values.psql.serviceName }}.{{ .Release.Namespace }}.{{ .Values.psql.cluster }}:{{ .Values.psql.port }}/{{ .Values.psql.dbName }}"
+ - name: SPRING_DATASOURCE_DRIVERCLASSNAME
+ value: "org.postgresql.Driver"
+ - name: SPRING_DATASOURCE_JNDI_NAME
+ value: "false"
+ - name: SPRING_JPA_DATABASEPLATFORM
+ value: "org.hibernate.dialect.PostgreSQLDialect"
+ - name: SPRING_DATASOURCE_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "tngkds-backend.fullname" . }}-secret
+ key: pgUser
+ - name: SPRING_DATASOURCE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "tngkds-backend.fullname" . }}-secret
+ key: pgPassword
+ resources:
+ {{- toYaml .Values.resources | nindent 12 }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
diff --git a/k8s/helm/tngkds/charts/tngkds-backend/templates/secrets.yml b/k8s/helm/tngkds/charts/tngkds-backend/templates/secrets.yml
new file mode 100644
index 0000000..eead9f3
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-backend/templates/secrets.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "tngkds-backend.fullname" . }}-secret
+stringData:
+ pgUser: "postgres"
+ pgPassword: "postgres"
diff --git a/k8s/helm/tngkds/charts/tngkds-backend/templates/service.yaml b/k8s/helm/tngkds/charts/tngkds-backend/templates/service.yaml
new file mode 100644
index 0000000..b41452a
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-backend/templates/service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "tngkds-backend.fullname" . }}-service
+ labels:
+ {{- include "tngkds-backend.labels" . | nindent 4 }}
+ namespace: {{ .Release.Namespace }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{ range .Values.service.ports }}
+ - port: {{ .port }}
+ targetPort: {{ .targetPort | int}}
+ nodePort: {{ .nodePort }}
+ protocol: {{ .protocol }}
+ name: {{ .name }}
+ {{ end }}
+ selector:
+ {{- include "tngkds-backend.selectorLabels" . | nindent 4 }}
diff --git a/k8s/helm/tngkds/charts/tngkds-backend/values.yaml b/k8s/helm/tngkds/charts/tngkds-backend/values.yaml
new file mode 100644
index 0000000..8cff916
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-backend/values.yaml
@@ -0,0 +1,108 @@
+# Default values for tngkds-backend.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: ghcr.io/worldhealthorganization/tng-key-distribution/tng-key-distribution
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # Annotations to add to the service account
+ annotations: {}
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: NodePort
+ ports:
+ - name: http
+ port: 8080
+ targetPort: 8080
+ nodePort: 30164
+ protocol: TCP
+
+ingress:
+ enabled: false
+ className: ""
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths:
+ - path: /
+ pathType: ImplementationSpecific
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 100
+ targetCPUUtilizationPercentage: 80
+ # targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+# Postgres
+psql:
+ serviceName: postgres
+ port: 5432
+ dbName: postgres
+ cluster: svc.cluster.local
+
+# ConfigMap
+configMap:
+ data:
+ host: localhost
+ dbName: postgres
+
+# Spring
+spring:
+ profile: cloud
+
+# Server port
+server:
+ port: 8080
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/.helmignore b/k8s/helm/tngkds/charts/tngkds-postgres/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/Chart.yaml b/k8s/helm/tngkds/charts/tngkds-postgres/Chart.yaml
new file mode 100644
index 0000000..f138934
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: tngkds-postgres
+description: A Helm chart for PostgreSQL database for TNG Key Distribution Service
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/templates/_helpers.tpl b/k8s/helm/tngkds/charts/tngkds-postgres/templates/_helpers.tpl
new file mode 100644
index 0000000..c7471d9
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/templates/_helpers.tpl
@@ -0,0 +1,46 @@
+{{/*
+Template labels
+*/}}
+{{- define "tngkds-postgres.templateLabels" -}}
+ app: {{ template "tngkds-postgres.fullname" . }}
+{{- end -}}
+
+{{- define "tngkds-postgres.selectorLabels" -}}
+ app: {{ template "tngkds-postgres.fullname" . }}
+{{- end -}}
+
+{{- define "tngkds-postgres.labels" -}}
+ app: {{ template "tngkds-postgres.fullname" . }}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "tngkds-postgres.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "tngkds-postgres.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "tngkds-postgres.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/templates/configmap.yml b/k8s/helm/tngkds/charts/tngkds-postgres/templates/configmap.yml
new file mode 100644
index 0000000..34d2e43
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/templates/configmap.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "tngkds-postgres.fullname" . }}-cfg
+data:
+ host: "{{ .Values.configMap.data.host }}"
+ dbname: "{{ .Values.configMap.data.dbName }}"
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/templates/deployment.yaml b/k8s/helm/tngkds/charts/tngkds-postgres/templates/deployment.yaml
new file mode 100644
index 0000000..d46629a
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/templates/deployment.yaml
@@ -0,0 +1,49 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "tngkds-postgres.fullname" . }}
+ labels:
+ {{- include "tngkds-postgres.labels" . | nindent 4 }}
+ tier: database
+spec:
+ selector:
+ matchLabels:
+ {{- include "tngkds-postgres.selectorLabels" . | nindent 6 }}
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ {{- include "tngkds-postgres.labels" . | nindent 8 }}
+ tier: database
+ spec:
+ containers:
+ - name: postgres
+ image: postgres
+ imagePullPolicy: "IfNotPresent"
+ env:
+ - name: POSTGRES_USER
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "tngkds-postgres.fullname" . }}-secret
+ key: pgUser
+ - name: POSTGRES_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "tngkds-postgres.fullname" . }}-secret
+ key: pgPassword
+ - name: POSTGRES_DB
+ valueFrom:
+ configMapKeyRef:
+ name: {{ include "tngkds-postgres.fullname" . }}-cfg
+ key: dbname
+ ports:
+ - containerPort: 5432
+ name: postgres
+ volumeMounts:
+ - mountPath: /var/lib/postgresql/data
+ name: postgres-persistance-storage
+ volumes:
+ - name: postgres-persistance-storage
+ persistentVolumeClaim:
+ claimName: {{ include "tngkds-postgres.fullname" . }}-pv-claim
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/templates/pv-claim.yaml b/k8s/helm/tngkds/charts/tngkds-postgres/templates/pv-claim.yaml
new file mode 100644
index 0000000..6a6bd21
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/templates/pv-claim.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ include "tngkds-postgres.fullname" . }}-pv-claim
+ labels:
+ {{- include "tngkds-postgres.labels" . | nindent 4 }}
+ tier: database
+spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/templates/secrets.yml b/k8s/helm/tngkds/charts/tngkds-postgres/templates/secrets.yml
new file mode 100644
index 0000000..1720e47
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/templates/secrets.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "tngkds-postgres.fullname" . }}-secret
+stringData:
+ pgUser: "postgres"
+ pgPassword: "postgres"
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/templates/service.yaml b/k8s/helm/tngkds/charts/tngkds-postgres/templates/service.yaml
new file mode 100644
index 0000000..e6fcc29
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/templates/service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: postgres
+ labels:
+ {{- include "tngkds-postgres.labels" . | nindent 4 }}
+ tier: database
+spec:
+ type: NodePort
+ ports:
+ {{ range .Values.service.ports }}
+ - port: {{ .port }}
+ {{ end }}
+ selector:
+ {{- include "tngkds-postgres.selectorLabels" . | nindent 4 }}
+ tier: database
diff --git a/k8s/helm/tngkds/charts/tngkds-postgres/values.yaml b/k8s/helm/tngkds/charts/tngkds-postgres/values.yaml
new file mode 100644
index 0000000..2b66f43
--- /dev/null
+++ b/k8s/helm/tngkds/charts/tngkds-postgres/values.yaml
@@ -0,0 +1,89 @@
+# Default values for tngkds-postgres.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # Annotations to add to the service account
+ annotations: {}
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: NodePort
+ ports:
+ - port: 5432
+
+ingress:
+ enabled: false
+ className: ""
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths:
+ - path: /
+ pathType: ImplementationSpecific
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 100
+ targetCPUUtilizationPercentage: 80
+ # targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+# ConfigMap
+configMap:
+ data:
+ host: localhost
+ dbName: postgres
diff --git a/k8s/helm/tngkds/templates/NOTES.txt b/k8s/helm/tngkds/templates/NOTES.txt
new file mode 100644
index 0000000..caedd9c
--- /dev/null
+++ b/k8s/helm/tngkds/templates/NOTES.txt
@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+ {{- range .paths }}
+ http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+ {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "tngkds.fullname" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "tngkds.fullname" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "tngkds.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+ echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "tngkds.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
diff --git a/k8s/helm/tngkds/templates/_helpers.tpl b/k8s/helm/tngkds/templates/_helpers.tpl
new file mode 100644
index 0000000..c0b246e
--- /dev/null
+++ b/k8s/helm/tngkds/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "tngkds.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "tngkds.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "tngkds.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "tngkds.labels" -}}
+helm.sh/chart: {{ include "tngkds.chart" . }}
+{{ include "tngkds.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "tngkds.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "tngkds.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "tngkds.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "tngkds.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/k8s/helm/tngkds/templates/deployment.yaml b/k8s/helm/tngkds/templates/deployment.yaml
new file mode 100644
index 0000000..4e6ea05
--- /dev/null
+++ b/k8s/helm/tngkds/templates/deployment.yaml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "tngkds.fullname" . }}
+ labels:
+ {{- include "tngkds.labels" . | nindent 4 }}
+spec:
+ {{- if not .Values.autoscaling.enabled }}
+ replicas: {{ .Values.replicaCount }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "tngkds.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "tngkds.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "tngkds.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.podSecurityContext | nindent 8 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.service.port }}
+ protocol: TCP
+ livenessProbe:
+ httpGet:
+ path: /
+ port: http
+ readinessProbe:
+ httpGet:
+ path: /
+ port: http
+ resources:
+ {{- toYaml .Values.resources | nindent 12 }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
diff --git a/k8s/helm/tngkds/templates/hpa.yaml b/k8s/helm/tngkds/templates/hpa.yaml
new file mode 100644
index 0000000..74bdc60
--- /dev/null
+++ b/k8s/helm/tngkds/templates/hpa.yaml
@@ -0,0 +1,32 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "tngkds.fullname" . }}
+ labels:
+ {{- include "tngkds.labels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "tngkds.fullname" . }}
+ minReplicas: {{ .Values.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ target:
+ type: Utilization
+ averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ target:
+ type: Utilization
+ averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
diff --git a/k8s/helm/tngkds/templates/ingress.yaml b/k8s/helm/tngkds/templates/ingress.yaml
new file mode 100644
index 0000000..0d0eb41
--- /dev/null
+++ b/k8s/helm/tngkds/templates/ingress.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "tngkds.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+ {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+ {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+ {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+ name: {{ $fullName }}
+ labels:
+ {{- include "tngkds.labels" . | nindent 4 }}
+ {{- with .Values.ingress.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+ ingressClassName: {{ .Values.ingress.className }}
+ {{- end }}
+ {{- if .Values.ingress.tls }}
+ tls:
+ {{- range .Values.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
+ rules:
+ {{- range .Values.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
+ paths:
+ {{- range .paths }}
+ - path: {{ .path }}
+ {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+ pathType: {{ .pathType }}
+ {{- end }}
+ backend:
+ {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+ service:
+ name: {{ $fullName }}
+ port:
+ number: {{ $svcPort }}
+ {{- else }}
+ serviceName: {{ $fullName }}
+ servicePort: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/k8s/helm/tngkds/templates/service.yaml b/k8s/helm/tngkds/templates/service.yaml
new file mode 100644
index 0000000..8bcc07d
--- /dev/null
+++ b/k8s/helm/tngkds/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "tngkds.fullname" . }}
+ labels:
+ {{- include "tngkds.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.port }}
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ {{- include "tngkds.selectorLabels" . | nindent 4 }}
diff --git a/k8s/helm/tngkds/templates/serviceaccount.yaml b/k8s/helm/tngkds/templates/serviceaccount.yaml
new file mode 100644
index 0000000..8f7f62e
--- /dev/null
+++ b/k8s/helm/tngkds/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "tngkds.serviceAccountName" . }}
+ labels:
+ {{- include "tngkds.labels" . | nindent 4 }}
+ {{- with .Values.serviceAccount.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+{{- end }}
diff --git a/k8s/helm/tngkds/values.yaml b/k8s/helm/tngkds/values.yaml
new file mode 100644
index 0000000..2466c99
--- /dev/null
+++ b/k8s/helm/tngkds/values.yaml
@@ -0,0 +1,82 @@
+# Default values for tngkds.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # Annotations to add to the service account
+ annotations: {}
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 80
+
+ingress:
+ enabled: false
+ className: ""
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths:
+ - path: /
+ pathType: ImplementationSpecific
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 100
+ targetCPUUtilizationPercentage: 80
+ # targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
diff --git a/pom.xml b/pom.xml
index 7a1e4cd..14c4c43 100644
--- a/pom.xml
+++ b/pom.xml
@@ -27,6 +27,7 @@
8.3.1
3.0.9
2022.0.3
+ 2.1.0
5.3.23
6.1.2
1.18.28
@@ -78,6 +79,45 @@
https://github.com/WorldHealthOrganization/tng-key-distribution
+
+
+ docker
+
+ docker
+ jar
+
+
+
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+
+ ${project.build.directory}/docker
+ ddccg
+
+
+
+ maven-assembly-plugin
+
+
+ make-zip-ACC
+ none
+
+
+ make-zip-test
+ none
+
+
+ make-zip-PRD
+ none
+
+
+
+
+
+
+
+
who-github
@@ -170,6 +210,11 @@
lombok
${lombok.version}
+
+ org.springdoc
+ springdoc-openapi-starter-webmvc-ui
+ ${springdoc.version}
+
org.liquibase
liquibase-core
@@ -459,6 +504,22 @@
+
+ org.springdoc
+ springdoc-openapi-maven-plugin
+ 1.3
+
+ http://localhost:8080/api/docs
+
+
+
+ integration-test
+
+ generate
+
+
+
+
diff --git a/src/main/java/tng/trustnetwork/keydistribution/config/OpenApiConfig.java b/src/main/java/tng/trustnetwork/keydistribution/config/OpenApiConfig.java
index bfb1deb..51d05bb 100644
--- a/src/main/java/tng/trustnetwork/keydistribution/config/OpenApiConfig.java
+++ b/src/main/java/tng/trustnetwork/keydistribution/config/OpenApiConfig.java
@@ -25,8 +25,8 @@ public class OpenApiConfig {
public OpenAPI openApi() {
return new OpenAPI()
.info(new Info()
- .title("Digital Green Certificate Verifier Service")
- .description("The API defines how to exchange verification information for digital green certificates.")
+ .title("TNG Key Distribution Service")
+ .description("The API defines the key distribution service for digital green certificates.")
.version(buildProperties.getVersion())
.license(new License()
.name("Apache 2.0")