Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: add identity provider to DTR #361

Merged
merged 13 commits into from
May 21, 2024
Merged

Feat: add identity provider to DTR #361

merged 13 commits into from
May 21, 2024

Conversation

tom-rm-meyer-ISST
Copy link
Contributor

@tom-rm-meyer-ISST tom-rm-meyer-ISST commented May 12, 2024
edited
Loading

Description

Add identity provider configuration for the PURIS backend:

  • EDC client with only read access that is added to the data asset's address
  • PURIS client with all permissions for shell descriptor updates etc.

Changes:

  • Add OAuth2ClientInterceptor with DTR configuration that is conditionally binded
  • DataAddress in Asset registration for DTR conditionally contains oauth2 keys
  • Test for OAuth2ClientInterceptor
  • Helm chart
    • add dtr idp config
    • add missing frameworkagreement.use in values
  • local setup:
    • centralize keycloak with two additional realms to configure the idp per partner
    • keycloak setup for miw does not need anymore a jq injection because it now uses environment variables
    • separate keycloak and miw properties

Note: changes without formatting git diff --stat -w main results in delta of 6062 lines of code (loc) of which the following are no code changes:

  • 5010 loc: keycloak realms for customer and supplier as json
  • 41 loc: plain markdown documentation
  • 60 loc: plain license headers
    result (not even considering inline documentation like javadoc): 951 loc

Pre-review checks

Please ensure to do as many of the following checks as possible, before asking for committer review:

@gitguardian GitGuardian
Copy link

gitguardian bot commented May 12, 2024
edited
Loading

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
Once a secret has been leaked into a git repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@tom-rm-meyer-ISST tom-rm-meyer-ISST marked this pull request as ready for review May 12, 2024 16:04
@RolaH1t RolaH1t mentioned this pull request May 14, 2024
Closed
6 tasks
@tom-rm-meyer-ISST
feat(local/docker-compose.yaml): updated local deployment to be activ…
11f9e0e 
…ated by default
@tom-rm-meyer-ISST
feat(local/docker-compose.yaml): updated deployment to just use one u…
e21e9ce 
…ser with all permissions
@tom-rm-meyer-ISST
Merge branch 'main' into feat/dtr-security
554031f 
# Conflicts:
#	backend/src/main/java/org/eclipse/tractusx/puris/backend/common/ddtr/logic/DtrAdapterService.java
#	charts/puris/README.md
#	local/docker-compose.yaml
@tom-rm-meyer-ISST
fix(local/docker-compose.yaml): use customer specific alias for dtr idp
17ae9b9
@tom-rm-meyer-ISST
chore(helm): version bump after merge
8102f13
eschrewe
eschrewe suggested changes May 17, 2024
View reviewed changes
Copy link
Contributor

@eschrewe eschrewe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very well done,
just some minor remarks from my side.

...c/main/java/org/eclipse/tractusx/puris/backend/common/security/DtrSecurityConfiguration.java Outdated Show resolved Hide resolved
...nd/src/main/java/org/eclipse/tractusx/puris/backend/common/ddtr/logic/DtrAdapterService.java Outdated Show resolved Hide resolved
local/docker-compose.yaml Outdated Show resolved Hide resolved
local/cleanup.sh Outdated Show resolved Hide resolved
eschrewe
eschrewe suggested changes May 21, 2024
View reviewed changes
Copy link
Contributor

@eschrewe eschrewe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Almost there :)

...c/main/java/org/eclipse/tractusx/puris/backend/common/security/DtrSecurityConfiguration.java Show resolved Hide resolved
eschrewe
eschrewe approved these changes May 21, 2024
View reviewed changes
Copy link
Contributor

@eschrewe eschrewe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you very much :)

@tom-rm-meyer-ISST
Merge branch 'main' into feat/dtr-security
5ce7b6f 
# Conflicts:
#	backend/pom.xml
#	backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/util/EdcRequestBodyBuilder.java
#	charts/puris/README.md
#	charts/puris/values.yaml
#	local/docker-compose.yaml
#	local/tractus-x-edc/config/customer/puris-backend.properties
#	local/tractus-x-edc/config/supplier/puris-backend.properties
@tom-rm-meyer-ISST
feat(helm): removed framework credential use from backend deployment
e84f500
@tom-rm-meyer-ISST
fix(local/docker-compose): updated healthcheck to use correct database
bdca115
@tom-rm-meyer-ISST
chore(helm): bump chart version
d8b53ac
mhellmeier
mhellmeier approved these changes May 21, 2024
View reviewed changes
Copy link
Member

@mhellmeier mhellmeier left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As described by @tom-rm-meyer-ISST in the description, the changes in this PR based on LOC are minimal. This is due to the autogenerated realm files like this one or this one. Therefore, the actual LOC are under 1000.

To prevent future misinterpretations, it should be checked if these autogenerated files are mentioned in a NOTICE file.

@mhellmeier mhellmeier merged commit 98f1e7d into eclipse-tractusx:main May 21, 2024
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eschrewe eschrewe eschrewe approved these changes

@mhellmeier mhellmeier mhellmeier approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tom-rm-meyer-ISST @mhellmeier @eschrewe