fix: conflict resolved

.github/workflows/chart-lint.yml

@@ -16,16 +16,19 @@ jobs:
           fetch-depth: 0
 
       - name: Set up Helm
-        uses: azure/setup-helm@v1
+        uses: azure/setup-helm@v3
         with:
-          version: v3.9.3
+          version: v3.11.3
 
-      - name: Add Helm repos
+      - name: Update Helm dependencies
         run: |
           cd charts/managed-identity-wallet
-          helm repo add bitnami https://charts.bitnami.com/bitnami
           helm dependency update
 
+      - name: Install Helm unittest plugin
+        run: |
+          helm plugin install https://github.com/helm-unittest/helm-unittest.git
+
       # Setup python as a prerequisite for chart linting 
       - uses: actions/setup-python@v2
         with:
@@ -34,17 +37,24 @@ jobs:
       - name: Set up chart-testing
         uses: helm/[email protected]
 
+      - name: Install Task
+        uses: arduino/setup-task@v1
+
       - name: Run chart-testing (list-changed)
         id: list-changed
         run: |
           changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
           if [[ -n "$changed" ]]; then
             echo "::set-output name=changed::true"
           fi
+
       # run chart linting 
       - name: Run chart-testing (lint)
         run: ct lint --target-branch ${{ github.event.repository.default_branch }} --config charts/chart-testing-config.yaml
 
+      - name: Run Helm unittests
+        run: task helm:unittest
+
       # Preparing a kind cluster to install and test charts on
       - name: Create kind cluster
         uses: helm/[email protected]

.github/workflows/service-build.yaml

@@ -80,7 +80,7 @@ jobs:
         uses: veracode/[email protected]
         continue-on-error: true
         with:
-          appname: 'project-managed-identity-wallets'
+          appname: 'project-managed-identity-wallet'
           createprofile: false
           filepath: 'build/libs/*' # add filepath for upload
           vid: '${{ secrets.ORG_VERACODE_API_ID }}' # reference to API ID, which is set as github org. secret
@@ -93,4 +93,4 @@ jobs:
           context: .
           push: true
           tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest${{ env.TAG_SUFFIX }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.APP_VERSION }}.${{ env.SHORT_SHA }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.APP_VERSION }}${{ env.TAG_SUFFIX }}
-          labels: ${{ steps.meta.outputs.labels }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/veracode.yaml

@@ -73,9 +73,9 @@ jobs:
         uses: veracode/[email protected]
         continue-on-error: true
         with:
-          appname: 'project-managed-identity-wallets'
+          appname: 'project-managed-identity-wallet'
           createprofile: false
-          filepath: 'build/install/org.eclipse.tractusx.managedidentitywallets/lib/*' # add filepath for upload
+          filepath: 'build/libs/*' # add filepath for upload
           vid: '${{ secrets.ORG_VERACODE_API_ID }}' # reference to API ID, which is set as github org. secret
           vkey: '${{ secrets.ORG_VERACODE_API_KEY }}' #reference to API Key in github, which is set as github or. secret
-          include: 'build/install/org.eclipse.tractusx.managedidentitywallets/lib/org.eclipse.tractusx.managedidentitywallets-*jar'
+          include: 'build/libs/miw-latest.jar'

Dockerfile

@@ -17,9 +17,7 @@
 # * SPDX-License-Identifier: Apache-2.0
 # ********************************************************************************/
 
-FROM eclipse-temurin:19-jre-alpine
-
-EXPOSE 8080:8080
+FROM eclipse-temurin:17-jre-alpine
 
 # run as non-root user
 RUN addgroup -g 11111 -S miw && adduser -u 11111 -S -s /bin/false -G miw miw

README.md

@@ -29,26 +29,43 @@ Following tools the MIW development team used successfully:
 
 To simplify the dev environment, [Taskfile](https://taskfile.dev) is used as a task executor. You have to install it first.
 
-Before executing any of th tasks, you have to choose your flow (_local_ or _docker_). _local_ is default.
-To change that, you need to edit the variable **ENV** in the _Taskfile.yaml_.
+> **IMPORTANT**: Before executing any of th tasks, you have to choose your flow (_local_ or _docker_). _local_ is
+> default.
+> To change that, you need to edit the variable **ENV** in the _Taskfile.yaml_. (see below)
 
-After that, run `task check-prereqs` to see, if any other required tool is installed or missing. If something is missing, a link to the install docs is provided.
+After that, run `task check-prereqs` to see, if any other required tool is installed or missing. If something is
+missing, a link to the install docs is provided.
 
-Now, you have to adjust the _env_ files (located in _dev-assets/env-files_). To do that, copy every file to the same directory, but without ".dist" at the end.
+Now, you have to adjust the _env_ files (located in _dev-assets/env-files_). To do that, copy every file to the same
+directory, but without ".dist" at the end.
 
-Description of the env files: 
+Description of the env files:
 
-- **env.local**: Setup everything to get ready for flow "local". You need to fill in the passwords. Everything else can remain as it is.
-- **env.docker**: Setup everything to get ready for flow "docker". You need to fill in the passwords. Everything else can remain as it is.
+- **env.local**: Setup everything to get ready for flow "local". You need to fill in the passwords. Everything else can
+  remain as it is.
+- **env.docker**: Setup everything to get ready for flow "docker". You need to fill in the passwords. Everything else
+  can remain as it is.
 
-In both env files (env.local and env.docker) you need to set _GITHUB_USERNAME_ and _GITHUB_TOKEN_ in order to be able to build the add, 
+> **IMPORTANT**: When you are using MacOS and the MIW docker container won't start up (stuck somewhere or doesn't start
+> at all), you can enable the docker-desktop feature "Use Rosetta for x86/amd64 emulation on Apple Silicon" in your Docker
+> settings
+(under "features in development")
+
+In both env files (env.local and env.docker) you need to set _GITHUB_USERNAME_ and _GITHUB_TOKEN_ in order to be able to
+build the add,
 because the SSI lib is stored in a private repo (you also need the proper rights to access the repo).
 The access token need to have `read:packages` access. (ref: https://github.com/settings/tokens/new)
 
-Note: _SKIP_GRADLE_TASKS_PARAM_ is used to pass parameters to the build process of the MIW jar. Currently, it skips the tests and code coverage, but speeds up the build time.
-If you want to activate it, just comment it out like `SKIP_GRADLE_TASKS_PARAM="" #"-x jacocoTestCoverageVerification -x test"`
+And change the _COMPOSE_COMMAND_ variable to either _docker-compose_ or _docker compose_. It depends on docker compose
+version you are using: V1 or V2
+
+Note: _SKIP_GRADLE_TASKS_PARAM_ is used to pass parameters to the build process of the MIW jar. Currently, it skips the
+tests and code coverage, but speeds up the build time.
+If you want to activate it, just comment it out
+like `SKIP_GRADLE_TASKS_PARAM="" #"-x jacocoTestCoverageVerification -x test"`
 
-After every execution (either _local_ or _docker_ flow), run the matching "stop" task (e.g.: `task docker:start-app` -> `task docker:stop-app`)
+After every execution (either _local_ or _docker_ flow), run the matching "stop" task (
+e.g.: `task docker:start-app` -> `task docker:stop-app`)
 
 When you just run `task` without parameters, you will see all tasks available.
 
@@ -158,6 +175,7 @@ This process ensures that any issues with the database schema are resolved by re
 2. Policies can be validated dynamically as per
    request while validating VP and
    VC. [Check this for more details](https://docs.walt.id/v/ssikit/concepts/verification-policies)
+
 3. When you are using MacOS and the MIW docker container won't start up, you can enable the docker-desktop feature "Use
    Rosetta for x86/amd64 emulation on Apple Silicon" in your Docker settings
    (under "features in development")
@@ -203,4 +221,4 @@ curl --location 'http://localhost:8090/actuator/loggers/org.eclipse.tractusx.man
 1. https://www.testcontainers.org/modules/databases/postgres/
 2. https://github.com/dasniko/testcontainers-keycloak
 3. https://github.com/smartSenseSolutions/smartsense-java-commons
-4. https://github.com/catenax-ng/product-lab-ssi
+4. https://github.com/catenax-ng/product-lab-ssi

build.gradle

@@ -48,11 +48,13 @@ dependencies {
 	implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${openApiVersion}"
 	implementation group: 'com.smartsensesolutions', name: 'commons-dao', version: '0.0.5'
 	implementation 'org.liquibase:liquibase-core'
-	implementation 'org.eclipse.tractusx.ssi:cx-ssi-lib:0.0.8'
+	implementation 'org.eclipse.tractusx.ssi:cx-ssi-lib:0.0.13'
+	testImplementation 'org.projectlombok:lombok:1.18.26'
 	runtimeOnly 'org.postgresql:postgresql'
 	compileOnly 'org.projectlombok:lombok'
 	developmentOnly 'org.springframework.boot:spring-boot-devtools'
 	annotationProcessor 'org.projectlombok:lombok'
+	testAnnotationProcessor 'org.projectlombok:lombok'
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
 	testImplementation "org.testcontainers:testcontainers"
 	testImplementation "org.testcontainers:postgresql"

charts/managed-identity-wallet/Chart.yaml

@@ -30,4 +30,4 @@ dependencies:
   - name: postgresql
     version: 11.9.13
     repository: https://charts.bitnami.com/bitnami
-    condition: postgresql.enabled
+    condition: postgresql.enabled

charts/managed-identity-wallet/templates/deployment.yaml

@@ -50,10 +50,10 @@ spec:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ default .Chart.AppVersion .Values.image.tag }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
-          {{- if or .Values.envs .Values.secrets }}
           env:
             - name: APPLICATION_PORT
               value: "8080"
+          {{- if or .Values.envs .Values.secrets }}
           {{- range $key, $val := .Values.envs }}
             - name: {{ $key }}
               value: {{ $val }}

charts/managed-identity-wallet/templates/secret.yaml

@@ -22,9 +22,11 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: {{ include "managed-identity-wallet.fullname" . }}
+  labels:
+    {{- include "managed-identity-wallet.labels" . | nindent 4 }}
 type: Opaque
 data:
   {{- range $key, $val := .Values.secrets }}
   {{ $key }}: {{ $val | b64enc }}
   {{- end}}
-{{- end }}
+{{- end }}

charts/managed-identity-wallet/tests/custom-values/deployment_test.yaml

@@ -0,0 +1,72 @@
+# /********************************************************************************
+# * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+# *
+# * See the NOTICE file(s) distributed with this work for additional
+# * information regarding copyright ownership.
+# *
+# * This program and the accompanying materials are made available under the
+# * terms of the Apache License, Version 2.0 which is available at
+# * https://www.apache.org/licenses/LICENSE-2.0.
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# * License for the specific language governing permissions and limitations
+# * under the License.
+# *
+# * SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+
+suite: test dev deployment
+chart:
+  version: 9.9.9+test
+  appVersion: 9.9.9
+values:
+  - values.yml
+tests:
+  - it: should have latest image tag
+    template: templates/deployment.yaml
+    asserts:
+      - matchRegex:
+          path: spec.template.spec.containers[0].image
+          pattern: .:latest
+
+  - it: should have environment variables set
+    template: templates/deployment.yaml
+    asserts:
+      - isNotEmpty:
+          path: spec.template.spec.containers[0].env
+      - lengthEqual:
+          path: spec.template.spec.containers[0].env
+          count: 5
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: APPLICATION_PORT
+            value: "8080"
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: DB_HOST
+            value: postgres-host
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: MIW_HOST_NAME
+            value: miw
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: DB_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                key: DB_PASSWORD
+                name: RELEASE-NAME-managed-identity-wallet
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: DB_USER_NAME
+            valueFrom:
+              secretKeyRef:
+                key: DB_USER_NAME
+                name: RELEASE-NAME-managed-identity-wallet

charts/managed-identity-wallet/tests/custom-values/ingress_test.yaml

@@ -0,0 +1,73 @@
+# /********************************************************************************
+# * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+# *
+# * See the NOTICE file(s) distributed with this work for additional
+# * information regarding copyright ownership.
+# *
+# * This program and the accompanying materials are made available under the
+# * terms of the Apache License, Version 2.0 which is available at
+# * https://www.apache.org/licenses/LICENSE-2.0.
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# * License for the specific language governing permissions and limitations
+# * under the License.
+# *
+# * SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+
+suite: test dev ingress
+chart:
+  version: 9.9.9+test
+  appVersion: 9.9.9
+values:
+  - values.yml
+tests:
+  - it: should have correct metadata
+    template: templates/ingress.yaml
+    asserts:
+      - hasDocuments:
+          count: 1
+      - containsDocument:
+          kind: Ingress
+          apiVersion: networking.k8s.io/v1
+          name: RELEASE-NAME-managed-identity-wallet
+      - isSubset:
+          path: metadata.labels
+          content:
+            helm.sh/chart: managed-identity-wallet-9.9.9_test
+            app.kubernetes.io/name: managed-identity-wallet
+            app.kubernetes.io/instance: RELEASE-NAME
+            app.kubernetes.io/version: "9.9.9"
+            app.kubernetes.io/managed-by: Helm
+
+  - it: must have rules set
+    template: templates/ingress.yaml
+    asserts:
+      - isNotEmpty:
+          path: spec.rules
+      - lengthEqual:
+          path: spec.rules
+          count: 1
+      - isNotEmpty:
+          path: spec.rules[0].host
+      - lengthEqual:
+          path: spec.rules[0].http.paths
+          count: 1
+      - isNotEmpty:
+          path: spec.rules[0].http.paths[0].path
+
+  - it: must have tls set
+    template: templates/ingress.yaml
+    asserts:
+      - isNotEmpty:
+          path: spec.tls
+      - lengthEqual:
+          path: spec.tls
+          count: 1
+      - isNotEmpty:
+        path: spec.tls[0].hosts
+      - lengthEqual:
+        path: spec.tls[0].hosts[0]
+        count: 1