Chore: Prepare TX 2412 E2E Tests

.github/workflows/build.yml

@@ -88,7 +88,7 @@ jobs:
 
       # Get the Code
       - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           submodules: recursive
 
@@ -143,7 +143,7 @@ jobs:
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}
             type=semver,pattern={{major}}.{{minor}}
-            type=raw,value=1.14.23-SNAPSHOT,enable=${{ github.event.inputs.deploy_docker == 'true' || github.ref == format('refs/heads/{0}', 'main') }}
+            type=raw,value=1.14.24-SNAPSHOT,enable=${{ github.event.inputs.deploy_docker == 'true' || github.ref == format('refs/heads/{0}', 'main') }}
             type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
 
       # build in any case, but push only main and version tag settings

.github/workflows/codeql.yml

@@ -48,7 +48,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
 
       # Set-Up
       - name: Setup JDK 17
@@ -63,7 +63,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
+        uses: github/codeql-action/init@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -75,7 +75,7 @@ jobs:
           options: --overwrite
 
       - name: Cache maven packages
-        uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319
+        uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9
         with:
           path: ~/.m2
           key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
@@ -100,4 +100,4 @@ jobs:
     #     ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
+        uses: github/codeql-action/analyze@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11

.github/workflows/dependencies.yml

@@ -46,7 +46,7 @@ jobs:
 
       # Get the Code
       - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           submodules: recursive
 

.github/workflows/helm-chart-lint.yml

@@ -60,7 +60,7 @@ jobs:
     steps:
       # get the code
       - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           fetch-depth: 0
 
@@ -79,7 +79,7 @@ jobs:
           cache: 'maven'
 
       # Set-Up Python
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
         with:
           python-version: 3.9
 

.github/workflows/helm-chart-release.yml

@@ -41,7 +41,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           fetch-depth: 0
 

.github/workflows/kics.yml

@@ -46,7 +46,7 @@ jobs:
       security-events: write
 
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
 
       #
@@ -70,6 +70,6 @@ jobs:
 
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
         if: always()
-        uses: github/codeql-action/upload-sarif@689fdc5193eeb735ecb2e52e819e3382876f93f4 # v2.22.6
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           sarif_file: kicsResults/results.sarif

.github/workflows/trivy.yml

@@ -55,7 +55,7 @@ jobs:
       contents: read
       security-events: write
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: Run Trivy vulnerability scanner in repo mode
         uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
         with:
@@ -67,7 +67,7 @@ jobs:
           output: "trivy-results-config.sarif"
           severity: "CRITICAL,HIGH"
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         if: always()
         with:
           sarif_file: "trivy-results-config.sarif"
@@ -100,7 +100,7 @@ jobs:
           fi
           exit 0
 
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       # Enable repository access (on main branch and version tags only)
       - name: Login to GitHub Container Registry
@@ -133,6 +133,6 @@ jobs:
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: success() && steps.imageCheck.outcome != 'failure'
-        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           sarif_file: "trivy-results-${{ matrix.image }}.sarif"

.github/workflows/trufflehog.yml

@@ -0,0 +1,41 @@
+name: "TruffleHog"
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: ["main"]
+  schedule:
+    - cron: "0 0 * * *" # Once a day
+  workflow_dispatch:
+
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+  id-token: write
+  issues: write
+
+jobs:
+  ScanSecrets:
+    name: Scan secrets
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Ensure full clone for pull request workflows
+
+      - name: TruffleHog OSS
+        id: trufflehog
+        uses: trufflesecurity/trufflehog@main
+        continue-on-error: true
+        with:
+          path: ./  # Scan the entire repository
+          base: "${{ github.event.repository.default_branch }}"  # Set base branch for comparison (pull requests)
+          extra_args: --filter-entropy=4 --results=verified,unknown --debug
+
+      - name: Scan Results Status
+        if: steps.trufflehog.outcome == 'failure'
+        run: exit 1  # Set workflow run to failure if TruffleHog finds secrets 

DEPENDENCIES

@@ -5,7 +5,7 @@ maven/mavencentral/com.digitalpetri.fsm/strict-machine/0.6, Apache-2.0, approved
 maven/mavencentral/com.digitalpetri.netty/netty-channel-fsm/0.8, Apache-2.0, approved, #6168
 maven/mavencentral/com.ethlo.time/itu/1.8.0, Apache-2.0, approved, #12927
 maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.17.0, Apache-2.0, approved, #13672
-maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.17.0, , approved, #13665
+maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.17.0, Apache-2.0 AND MIT, approved, #13665
 maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.17.0, Apache-2.0, approved, #13671
 maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/2.16.1, Apache-2.0, approved, #12438
 maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.15.3, Apache-2.0, approved, #15207
@@ -27,7 +27,7 @@ maven/mavencentral/com.google.guava/failureaccess/1.0.2, Apache-2.0, approved, C
 maven/mavencentral/com.google.guava/guava/33.1.0-jre, Apache-2.0 AND CC0-1.0, approved, #13675
 maven/mavencentral/com.google.guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava, Apache-2.0, approved, CQ22657
 maven/mavencentral/com.google.j2objc/j2objc-annotations/3.0.0, Apache-2.0, approved, #13676
-maven/mavencentral/com.google.protobuf/protobuf-java/4.26.1, BSD-3-Clause, approved, clearlydefined
+maven/mavencentral/com.google.protobuf/protobuf-java/3.25.5, BSD-3-Clause, approved, clearlydefined
 maven/mavencentral/com.jayway.jsonpath/json-path/2.9.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.networknt/json-schema-validator/1.3.3, Apache-2.0 AND Unicode-TOU, approved, #13037
 maven/mavencentral/com.squareup.okhttp3/mockwebserver/4.12.0, Apache-2.0, approved, clearlydefined
@@ -103,9 +103,9 @@ maven/mavencentral/org.apache.poi/poi/5.2.5, Apache-2.0 AND (Apache-2.0 AND BSD-
 maven/mavencentral/org.apache.thrift/libthrift/0.19.0, Apache-2.0, approved, #15687
 maven/mavencentral/org.apache.xmlbeans/xmlbeans/5.2.0, Apache-2.0, approved, #11782
 maven/mavencentral/org.apiguardian/apiguardian-api/1.1.2, Apache-2.0, approved, clearlydefined
-maven/mavencentral/org.bouncycastle/bcpkix-jdk18on/1.77, MIT, approved, #11593
-maven/mavencentral/org.bouncycastle/bcprov-jdk18on/1.77, MIT AND CC0-1.0, approved, #11595
-maven/mavencentral/org.bouncycastle/bcutil-jdk18on/1.77, MIT, approved, #11596
+maven/mavencentral/org.bouncycastle/bcpkix-jdk18on/1.78, MIT, approved, #14434
+maven/mavencentral/org.bouncycastle/bcprov-jdk18on/1.78, MIT AND CC0-1.0, approved, #14433
+maven/mavencentral/org.bouncycastle/bcutil-jdk18on/1.78, MIT, approved, #14435
 maven/mavencentral/org.checkerframework/checker-qual/3.42.0, MIT, approved, clearlydefined
 maven/mavencentral/org.codehaus.janino/commons-compiler/3.1.11, BSD-3-Clause, approved, #13293
 maven/mavencentral/org.codehaus.janino/janino/3.1.11, BSD-3-Clause, approved, #13292
@@ -133,24 +133,24 @@ maven/mavencentral/org.eclipse.milo/stack-core/0.6.12, EPL-2.0, approved, iot.mi
 maven/mavencentral/org.eclipse.milo/stack-server/0.6.12, EPL-2.0, approved, iot.milo
 maven/mavencentral/org.eclipse.paho/org.eclipse.paho.client.mqttv3/1.2.5, EPL-1.0 OR BSD-3-Clause, approved, iot.paho
 maven/mavencentral/org.eclipse.parsson/parsson/1.1.5, EPL-2.0, approved, ee4j.parsson
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-collection-factory-api/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-annotation/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-exception/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-io/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-iterator/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-text/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-transaction/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-util/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-xml/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-model-api/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-model-vocabulary/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-model/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-query/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-queryalgebra-model/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-queryresultio-api/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-queryresultio-sparqlxml/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-rio-api/4.3.8, BSD-3-Clause, approved, technology.rdf4j
-maven/mavencentral/org.eclipse.rdf4j/rdf4j-sail-api/4.3.8, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-collection-factory-api/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-annotation/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-exception/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-io/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-iterator/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-text/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-transaction/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-util/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-common-xml/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-model-api/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-model-vocabulary/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-model/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-query/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-queryalgebra-model/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-queryresultio-api/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-queryresultio-sparqlxml/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-rio-api/4.3.14, BSD-3-Clause, approved, technology.rdf4j
+maven/mavencentral/org.eclipse.rdf4j/rdf4j-sail-api/4.3.14, BSD-3-Clause, approved, technology.rdf4j
 maven/mavencentral/org.glassfish.jaxb/jaxb-core/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
 maven/mavencentral/org.glassfish.jaxb/jaxb-runtime/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
 maven/mavencentral/org.glassfish.jaxb/txw2/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
@@ -162,11 +162,11 @@ maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk7/1.8.21, Apache-2.0, a
 maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk8/1.8.21, Apache-2.0, approved, #8919
 maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib/1.8.21, Apache-2.0, approved, #8865
 maven/mavencentral/org.jetbrains/annotations/13.0, Apache-2.0, approved, clearlydefined
-maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.10.2, EPL-2.0, approved, #9714
-maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.10.2, EPL-2.0, approved, #9711
-maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.10.2, EPL-2.0, approved, #15250
-maven/mavencentral/org.junit.platform/junit-platform-commons/1.10.2, EPL-2.0, approved, #9715
-maven/mavencentral/org.junit.platform/junit-platform-engine/1.10.2, EPL-2.0, approved, #9709
+maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.11.0, EPL-2.0, approved, #15935
+maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.11.0, EPL-2.0, approved, #15939
+maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.11.0, EPL-2.0, approved, #15940
+maven/mavencentral/org.junit.platform/junit-platform-commons/1.11.0, EPL-2.0, approved, #15936
+maven/mavencentral/org.junit.platform/junit-platform-engine/1.11.0, EPL-2.0, approved, #15932
 maven/mavencentral/org.opentest4j/opentest4j/1.3.0, Apache-2.0, approved, #9713
 maven/mavencentral/org.ow2.asm/asm/9.6, BSD-3-Clause, approved, #10776
 maven/mavencentral/org.reflections/reflections/0.10.2, Apache-2.0 AND WTFPL, approved, clearlydefined

NOTICE.md

@@ -72,8 +72,8 @@ You may recreate an up-to-date DEPENDENCIES file by invoking
 ```
 
 The KA-AAS build and runtime platform is relying on:
-* [Java Runtime Environment (JRE >=11 - license depends on chosen provider)](https://de.wikipedia.org/wiki/Java-Laufzeitumgebung)
-* [Java Development Kit (JDK >=11 - license depends on chosen provider)](https://de.wikipedia.org/wiki/Java_Development_Kit) 
+* [Java Runtime Environment (JRE >=17 - license depends on chosen provider)](https://de.wikipedia.org/wiki/Java-Laufzeitumgebung)
+* [Java Development Kit (JDK >=17 - license depends on chosen provider)](https://de.wikipedia.org/wiki/Java_Development_Kit) 
 * [Apache Maven >=3.8 (Apache License 2.0)](https://maven.apache.org) 
 * [Eclipse Dash (Eclipse Public License 2.0)](https://github.com/eclipse/dash-licenses)
 * [Docker Engine >= 20.10.17 (Apache License 2.0)]() 

README.md

@@ -110,7 +110,7 @@ kubectl wait --namespace ingress-nginx \
   --selector=app.kubernetes.io/component=controller \
   --timeout=90s
 # transfer images
-kind load docker-image docker.io/tractusx/aas-bridge:1.14.23-SNAPSHOT --name ka
+kind load docker-image docker.io/tractusx/aas-bridge:1.14.24-SNAPSHOT --name ka
 # run container test
 ct install --charts charts/aas-bridge
 ```

charts/aas-bridge/Chart.yaml

@@ -30,7 +30,7 @@ home: https://github.com/eclipse-tractusx/knowledge-agents-aas-bridge/
 sources:
   - https://github.com/eclipse-tractusx/knowledge-agents-aas-bridge/tree/main/sparql-aas
 type: application
-appVersion: "1.14.23-SNAPSHOT"
-version: 1.14.23-SNAPSHOT
+appVersion: "1.14.24-SNAPSHOT"
+version: 1.14.24-SNAPSHOT
 maintainers:
   - name: 'Tractus-X Knowledge Agents Team'

charts/aas-bridge/README.md

@@ -21,7 +21,7 @@
 
 # aas-bridge
 
-![Version: 1.14.23-SNAPSHOT](https://img.shields.io/badge/Version-0.13.6--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.14.23-SNAPSHOT](https://img.shields.io/badge/AppVersion-0.13.6--SNAPSHOT-informational?style=flat-square)
+![Version: 1.14.24-SNAPSHOT](https://img.shields.io/badge/Version-0.13.6--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.14.24-SNAPSHOT](https://img.shields.io/badge/AppVersion-0.13.6--SNAPSHOT-informational?style=flat-square)
 
 A Helm chart for the Tractus-X Knowledge Agents AAS Bridge which is a container to provide an AAS server/registry on top of a knowledge graph/SPARQL landscape.
 
@@ -32,7 +32,7 @@ This chart has no prerequisites.
 ## TL;DR
 ```shell
 $ helm repo add eclipse-tractusx https://eclipse-tractusx.github.io/charts/dev
-$ helm install my-release eclipse-tractusx/aas-bridge --version 1.14.23-SNAPSHOT
+$ helm install my-release eclipse-tractusx/aas-bridge --version 1.14.24-SNAPSHOT
 ```
 
 ## Maintainers