Merge pull request eclipse-tractusx#5 from eclipse-tractusx/develop

Develop
catenax-ng · Dec 16, 2022 · 134cc13 · 134cc13
2 parents 1e58e9b + a109253
commit 134cc13
Show file tree

Hide file tree

Showing 87 changed files with 9,343 additions and 1,253 deletions.
diff --git a/.env.docker b/.env.docker
@@ -26,4 +26,7 @@ BPDM_AUTH_SCOPE=openid
 BPDM_AUTH_URL=https://centralidp.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token
 BPDM_PULL_DATA_AT_HOUR=23
 
+REVOCATION_URL=http://localhost:8086
+REVOCATION_CREATE_STATUS_LIST_CREDENTIAL_AT_HOUR=3
+
 LOG_LEVEL_EXPOSED=INFO
diff --git a/.env.example b/.env.example
@@ -1,7 +1,7 @@
 APP_VERSION=
 CX_BPN="bpn111"
-CX_DB_JDBC_URL="jdbc:sqlite:local.db"
-CX_DB_JDBC_DRIVER="org.sqlite.JDBC"
+CX_DB_JDBC_URL="jdbc:postgresql://localhost:5432/miwdev?user=miwdevuser&password=^cXnF61qM1kf"
+CX_DB_JDBC_DRIVER="org.postgresql.Driver"
 CX_AUTH_JWKS_URL="http://localhost:8081/auth/realms/catenax/protocol/openid-connect/certs"
 CX_AUTH_ISSUER_URL="http://localhost:8081/auth/realms/catenax"
 CX_AUTH_REALM="catenax"
@@ -23,5 +23,8 @@ BPDM_AUTH_SCOPE="openid"
 BPDM_AUTH_URL="https://centralidp.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token"
 BPDM_PULL_DATA_AT_HOUR="23"
 
+REVOCATION_URL="http://localhost:8086"
+REVOCATION_CREATE_STATUS_LIST_CREDENTIAL_AT_HOUR="3"
+
 # Set to OFF in production to avoid extensive logging
 LOG_LEVEL_EXPOSED=INFO
diff --git a/.github/workflows/chart-lint.yml b/.github/workflows/chart-lint.yml
@@ -0,0 +1,57 @@
+name: Lint and Test Charts
+
+# Run chart linting and tests on each pull request
+on: 
+  pull_request:
+    paths:
+      - 'charts/**'
+
+jobs:
+  lint-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.9.3
+
+      - name: Add Helm repos
+        run: |
+          cd charts/managed-identity-wallets
+          helm repo add bitnami https://charts.bitnami.com/bitnami
+          helm dependency update
+
+      # Setup python as a prerequisite for chart linting 
+      - uses: actions/setup-python@v2
+        with:
+          python-version: 3.7
+
+      - name: Set up chart-testing
+        uses: helm/[email protected]
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
+          if [[ -n "$changed" ]]; then
+            echo "::set-output name=changed::true"
+          fi
+      # run chart linting 
+      - name: Run chart-testing (lint)
+        run: ct lint --target-branch ${{ github.event.repository.default_branch }} --config charts/chart-testing-config.yaml
+
+      # Preparing a kind cluster to install and test charts on
+      - name: Create kind cluster
+        uses: helm/[email protected]
+        if: steps.list-changed.outputs.changed == 'true'
+
+      # install the chart to the kind cluster and run helm test
+      # define charts to test with the --charts parameter
+      - name: Run chart-testing (install)
+        run: ct install --charts charts/managed-identity-wallets --config charts/chart-testing-config.yaml
+        if: steps.list-changed.outputs.changed == 'true'
diff --git a/.github/workflows/chart-releaser.yaml b/.github/workflows/chart-releaser.yaml
@@ -0,0 +1,37 @@
+name: Release - Helm Charts
+
+on:
+  push:
+    paths:
+      - 'charts/**'
+    branches:
+      - main
+jobs:
+  release:
+    # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions
+    # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token
+    permissions:
+      contents: write
+    runs-on: ubuntu-latest
+
+    steps:
+      # fetch-depth: 0 is required to determine differences in chart(s)
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "[email protected]"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v3
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Run chart-releaser
+        uses: helm/[email protected]
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml
@@ -63,6 +63,7 @@ jobs:
           # GITHUB_TOKEN enables this github action to access github API and post comments in a pull request
           # token: ${{ secrets.GITHUB_TOKEN }}
           # enable_comments: true
+          exclude_paths: "docs/openapi_v200.json"
 
       # Upload findings to GitHub Advanced Security Dashboard
       - name: Upload SARIF file for GitHub Advanced Security Dashboard

diff --git a/.github/workflows/service-build.yaml b/.github/workflows/service-build.yaml
@@ -99,5 +99,5 @@ jobs:
         with:
           context: .
           push: true
-          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest${{ env.TAG_SUFFIX }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.APP_VERSION }}.${{ env.SHORT_SHA }}
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest${{ env.TAG_SUFFIX }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.APP_VERSION }}.${{ env.SHORT_SHA }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.APP_VERSION }}${{ env.TAG_SUFFIX }}
           labels: ${{ steps.meta.outputs.labels }}
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,16 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [2.1.1] - 2022-10-07
+
+### Added
+- Wallet handling via CRUD
+- Verifiable Credentials and Verifiable Presentation handling via CRUD
+- Revocation of Verifiable Credentials
+- DID document and Service Endpoint handling via CRUD
+- Business Partner data integration from external BPDM service and Verifiable Credentials
diff --git a/DEPENDENCIES b/DEPENDENCIES
@@ -6,7 +6,7 @@ maven/mavencentral/com.apicatalog/titanium-json-ld/1.0.0, Apache-2.0, approved,
 maven/mavencentral/com.apicatalog/titanium-json-ld/1.1.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.auth0/java-jwt/3.13.0, MIT, approved, clearlydefined
 maven/mavencentral/com.auth0/jwks-rsa/0.17.0, MIT, approved, #3117
-maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.13.1, Apache-2.0, approved, CQ24135
+maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.13.3, Apache-2.0, approved, CQ24135
 maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.12.5, Apache-2.0, approved, CQ23845
 maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.13.1, Apache-2.0, approved, #2133
 maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.11.0, Apache-2.0, approved, CQ23093
@@ -19,13 +19,18 @@ maven/mavencentral/com.github.kagkarlsson/db-scheduler/11.2, Apache-2.0, approve
 maven/mavencentral/com.github.kagkarlsson/micro-jdbc/0.3, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.github.peteroupc/numbers/1.7.4, CC0-1.0, approved, CQ22895
 maven/mavencentral/com.google.code.findbugs/jsr305/3.0.2, Apache-2.0, approved, #20
+maven/mavencentral/com.google.code.gson/gson/2.9.1, Apache-2.0, approved, CQ24148
 maven/mavencentral/com.google.errorprone/error_prone_annotations/2.3.4, Apache-2.0, approved, #807
 maven/mavencentral/com.google.guava/failureaccess/1.0.1, Apache-2.0, approved, CQ22654
 maven/mavencentral/com.google.guava/guava/30.0-jre, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.google.guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava, LicenseRef-NONE, approved, #803
 maven/mavencentral/com.google.j2objc/j2objc-annotations/1.3, Apache-2.0, approved, CQ21195
 maven/mavencentral/com.googlecode.json-simple/json-simple/1.1.1, Apache-2.0, approved, CQ9858
 maven/mavencentral/com.sabnf/apg/1.1.0, BSD-2-Clause, approved, #3114
+maven/mavencentral/com.squareup.okhttp3/logging-interceptor/4.10.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/com.squareup.okhttp3/okhttp/4.10.0, Apache-2.0 AND MPL-2.0, approved, #3057
+maven/mavencentral/com.squareup.okio/okio-jvm/3.0.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/com.squareup.okio/okio/3.0.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.typesafe/config/1.4.1, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.upokecenter/cbor/4.4.3, CC0-1.0, approved, #254
 maven/mavencentral/commons-codec/commons-codec/1.11, Apache-2.0 AND BSD-3-Clause, approved, CQ15971
@@ -97,12 +102,15 @@ maven/mavencentral/io.netty/netty-transport-native-epoll/4.1.74.Final, Apache-2.
 maven/mavencentral/io.netty/netty-transport-native-kqueue/4.1.74.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926
 maven/mavencentral/io.netty/netty-transport-native-unix-common/4.1.74.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926
 maven/mavencentral/io.netty/netty-transport/4.1.74.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926
+maven/mavencentral/io.projectreactor/reactor-core/3.4.22, Apache-2.0, approved, clearlydefined
 maven/mavencentral/io.setl/rdf-urdna/1.1, Apache-2.0, approved, clearlydefined
 maven/mavencentral/junit/junit/4.10, CPL-1.0, approved, CQ5958
 maven/mavencentral/junit/junit/4.13.2, EPL-2.0, approved, CQ23636
 maven/mavencentral/net.java.dev.jna/jna-platform/5.9.0, Apache-2.0 OR LGPL-2.1-or-later, approved, #3118
 maven/mavencentral/net.java.dev.jna/jna/5.6.0, Apache-2.0 AND LGPL-2.1-or-later, approved, CQ22391
 maven/mavencentral/net.java.dev.jna/jna/5.9.0, Apache-2.0 AND LGPL-2.1-or-later, approved, #3110
+maven/mavencentral/network.idu.acapy/aries-client-python/0.7.29, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.apache.commons/commons-lang3/3.12.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/org.apache.httpcomponents/httpasyncclient/4.1.5, Apache-2.0, approved, CQ13506
 maven/mavencentral/org.apache.httpcomponents/httpclient/4.5.13, Apache-2.0 AND LicenseRef-Public-Domain, approved, CQ23527
 maven/mavencentral/org.apache.httpcomponents/httpcore-nio/4.4.15, Apache-2.0, approved, CQ13509
@@ -200,7 +208,8 @@ maven/mavencentral/org.ow2.asm/asm-analysis/9.2, BSD-3-Clause, approved, clearly
 maven/mavencentral/org.ow2.asm/asm-commons/9.2, BSD-3-Clause, approved, clearlydefined
 maven/mavencentral/org.ow2.asm/asm-tree/9.2, BSD-3-Clause, approved, clearlydefined
 maven/mavencentral/org.ow2.asm/asm/9.2, BSD-3-Clause, approved, CQ23635
-maven/mavencentral/org.postgresql/postgresql/42.4.0, BSD-2-Clause, approved, #3112
+maven/mavencentral/org.postgresql/postgresql/42.4.1, BSD-2-Clause, approved, #3112
+maven/mavencentral/org.reactivestreams/reactive-streams/1.0.4, CC0-1.0, approved, CQ16332
 maven/mavencentral/org.slf4j/slf4j-api/1.7.25, MIT, approved, CQ13368
 maven/mavencentral/org.slf4j/slf4j-api/1.7.30, MIT, approved, CQ13368
 maven/mavencentral/org.slf4j/slf4j-api/1.7.32, MIT, approved, CQ13368

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM amazoncorretto:17-alpine
+FROM eclipse-temurin:19-jre-alpine
 EXPOSE 8080:8080
 # run as non-root user
 RUN addgroup -g 1001 -S user && adduser -u 1001 -S -s /bin/false -G user user