Merge branch 'main' of https://github.com/eclipse-tractusx/sldt-seman…

…tic-hub into SAMM_BAMM_Support-ESMF_SDK_2.3.2

# Conflicts:
#	CHANGELOG.md
#	backend/src/test/java/org/eclipse/tractusx/semantics/hub/ModelsApiTest.java

.github/actions/generate-dependencies-notice/action.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2023 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional

.github/actions/generate-dependencies-notice/index.js

@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2023 Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
+Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
 Copyright (c) 2023 Contributors to the Eclipse Foundation
 
 See the NOTICE file(s) distributed with this work for additional

.github/workflows/build-snapshot.yml

@@ -54,7 +54,7 @@ jobs:
         run: |
           unzip jena-fuseki.zip
           cd jena-fuseki-docker-$FUSEKI_VERSION
-          docker build --build-arg JENA_VERSION=$FUSEKI_VERSION -t jena-fuseki-docker .
+          docker build --build-arg JENA_VERSION=$FUSEKI_VERSION -t jena-fuseki-docker:4.7.0 .
       - name: Build and Deploy with Maven
         run: mvn clean install
         env:

.github/workflows/gitleaks.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2021-2022 Copyright (c) 2021-2022 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2021-2022 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2021-2022 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional

.github/workflows/helm-release.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2021-2022 Copyright (c) 2021-2022 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2021-2022 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2021-2022 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional

.github/workflows/helm-test.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2023 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional
@@ -26,7 +26,12 @@ on:
       node_image:
         description: 'kindest/node image for k8s kind cluster'
         # k8s version from 3.1 release as default
-        default: 'kindest/node:v1.24.6'
+        default: 'kindest/node:v1.27.3'
+        required: false
+        type: string
+      upgrade_from:
+        description: 'chart version to upgrade from'
+        default: '0.1.32'
         required: false
         type: string
 
@@ -41,6 +46,9 @@ jobs:
 
       - name: Kubernetes KinD Cluster
         uses: container-tools/kind-action@v1
+        with:
+          # upgrade version, default (v0.17.0) uses node image v1.21.1 and doesn't work with more recent node image versions
+          version: v0.20.0
 
       - name: Set up Helm
         uses: azure/setup-helm@v3
@@ -67,4 +75,13 @@ jobs:
 
       - name: Run chart-testing (install)
         run: ct install --charts charts/semantic-hub --config charts/chart-testing-config.yaml
-        if: steps.list-changed.outputs.changed == 'true'
+        if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
+
+      - name: Run helm upgrade
+        run: |
+          helm repo add bitnami https://charts.bitnami.com/bitnami
+          helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
+          helm install semantic-hub tractusx-dev/semantic-hub --version ${{ github.event.inputs.upgrade_from || '0.1.32' }}
+          helm dependency update charts/semantic-hub
+          helm upgrade semantic-hub charts/semantic-hub
+        if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'

.github/workflows/kics.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2021-2022 Copyright (c) 2021-2022 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2021-2022 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2021-2022 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional

.github/workflows/publish-image-semantic-hub.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2023 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional

.github/workflows/release.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2023 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional

.github/workflows/semantic-hub-e2e-test.yml

@@ -0,0 +1,69 @@
+###############################################################
+# Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2023 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+name: Semantic-hub End-to-End tests
+
+on:
+  workflow_dispatch:
+    inputs:
+      bearerToken:
+        description: 'bearerToken'
+        required: true
+      semantichubUrl:
+        description: 'semantic-hub-Url'
+        required: true
+
+jobs:
+  end_to_end_tests:
+    runs-on: ubuntu-latest
+    name: Execute End-to-End tests
+
+    steps:
+      - name: Mask Input Credentials
+        run: |
+          mask_client_bearer_token=$(jq -r '.inputs.bearerToken' $GITHUB_EVENT_PATH)
+          echo ::add-mask::$mask_client_bearer_token
+          echo mask_client_bearer_token=$mask_client_bearer_token >> $GITHUB_ENV
+
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.8"
+          check-latest: true
+
+      - name: Install python dependencies
+        working-directory: ./e2e-tests
+        run: |
+          pip install -r requirements.txt
+
+      - name: Install python dependencies
+        working-directory: ./e2e-tests/semantic-hub
+        run: |
+          py.test . -vv --html=./output/report.html --self-contained-html
+        env:
+          BEARER_TOKEN: ${{ env.mask_client_bearer_token }}
+          SEMANTIC_HUB_API_URL: ${{ inputs.semantichubUrl }}
+      - name: Upload test report
+        uses: actions/upload-artifact@v3
+        if: always()
+        with:
+          name: semantic-hub-e2e-test-report
+          path: ./e2e-tests/semantic-hub/output/report.html

.github/workflows/trivy.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2021-2022 Copyright (c) 2021-2022 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2021-2022 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2021-2022 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional
@@ -35,15 +35,14 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.14.0
         with:
           scan-type: "config"
           # ignore-unfixed: true
-          exit-code: "1"
           hide-progress: false
           format: "sarif"
           output: "trivy-results1.sarif"
-          severity: "CRITICAL,HIGH"
+          vuln-type: "os,library"
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
@@ -70,15 +69,14 @@ jobs:
         run: mvn clean package -DskipTests
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.14.0
         with:
           image-ref: "tractusx/sldt-semantic-hub:latest"
           # ignore-unfixed: true
-          exit-code: "1"
           hide-progress: false
           format: "sarif"
           output: "trivy-results-semantic-hub.sarif"
-          severity: "CRITICAL,HIGH"
+          vuln-type: "os,library"
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2

.github/workflows/veracode.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
+# Copyright (c) 2023 Robert Bosch Manufacturing Solutions GmbH
 # Copyright (c) 2023 Contributors to the Eclipse Foundation
 
 # See the NOTICE file(s) distributed with this work for additional

CHANGELOG.md

@@ -6,9 +6,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## 0.2.15
 ### Added
+- Added helm upgrade feature into helm test
+- Removed the docker apk upgrade and update commands.
 - Upgrade dependency to ESMF SDK 2.4.2
 
 ### Fixed
+=======
+- Handled UrnSyntaxException.
+- Fixed the jena-fuseki-docker version to 4.7.0 for the test case.
 
 ## 0.2.14
 ### Added

SECURITY.md

@@ -1,6 +1,17 @@
-# Security Policy
-
 ## Reporting a Vulnerability
 
-Please report a found vulnerability here:
-[https://www.eclipse.org/security/](https://www.eclipse.org/security/)
+Please do **not** report security vulnerabilities through public GitHub issues.
+
+Please report vulnerabilities to this repository via **GitHub security advisories** instead.
+
+How? Inside affected repository → security tab
+
+for contributor:  
+→ Report a vulnerability
+
+for committer:  
+→ advisories → New draft security advisory
+
+In severe cases, you can also report a found vulnerability via mail or eclipse issue here: https://www.eclipse.org/security/
+
+See [Eclipse Foundation Vulnerability Reporting Policy](https://www.eclipse.org/projects/handbook/#vulnerability)

backend/Dockerfile

@@ -26,11 +26,6 @@ RUN mvn package -DskipTests
 
 FROM eclipse-temurin:17-jre-alpine
 
-RUN apk --no-cache upgrade \
-    && apk --no-cache update \
-    && apk  --no-cache add graphviz \
-    && rm -rf /var/cache/apk/*
-
 RUN addgroup -g 101 -S spring \
     && adduser -u 100 -S spring -G spring \
     && mkdir -p /service \

backend/src/main/java/org/eclipse/tractusx/semantics/ApiExceptionHandler.java

@@ -24,6 +24,14 @@
 import java.util.Map;
 import java.util.stream.Collectors;
 
+import org.eclipse.esmf.aspectmodel.urn.UrnSyntaxException;
+import org.eclipse.tractusx.semantics.hub.AspectModelNotFoundException;
+import org.eclipse.tractusx.semantics.hub.EntityNotFoundException;
+import org.eclipse.tractusx.semantics.hub.InvalidAspectModelException;
+import org.eclipse.tractusx.semantics.hub.InvalidStateTransitionException;
+import org.eclipse.tractusx.semantics.hub.ModelPackageNotFoundException;
+import org.eclipse.tractusx.semantics.hub.model.Error;
+import org.eclipse.tractusx.semantics.hub.model.ErrorResponse;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -35,14 +43,6 @@
 import org.springframework.web.context.request.WebRequest;
 import org.springframework.web.method.annotation.MethodArgumentConversionNotSupportedException;
 import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
-import org.eclipse.tractusx.semantics.hub.AspectModelNotFoundException;
-import org.eclipse.tractusx.semantics.hub.EntityNotFoundException;
-import org.eclipse.tractusx.semantics.hub.InvalidAspectModelException;
-import org.eclipse.tractusx.semantics.hub.InvalidStateTransitionException;
-
-import org.eclipse.tractusx.semantics.hub.ModelPackageNotFoundException;
-import org.eclipse.tractusx.semantics.hub.model.Error;
-import org.eclipse.tractusx.semantics.hub.model.ErrorResponse;
 
 import jakarta.servlet.http.HttpServletRequest;
 
@@ -124,4 +124,12 @@ public ResponseEntity<ErrorResponse> handleInvalidStateTransitionException( fina
                         .path( request.getRequestURI() ) ), HttpStatus.BAD_REQUEST );
     }
 
+   @ExceptionHandler( { UrnSyntaxException.class } )
+   public ResponseEntity<ErrorResponse> handleInvalidStateTransitionException( final HttpServletRequest request, final UrnSyntaxException exception ) {
+      return new ResponseEntity<>( new ErrorResponse()
+            .error( new Error()
+                  .message( exception.getMessage() )
+                  .path( request.getRequestURI() ) ), HttpStatus.BAD_REQUEST );
+   }
+
 }

backend/src/test/java/org/eclipse/tractusx/semantics/FusekiTestContainer.java

@@ -26,7 +26,7 @@
 
 public class FusekiTestContainer {
    private static final int PORT = 3030;
-   private static final String IMAGE = "jena-fuseki-docker";
+   private static final String IMAGE = "jena-fuseki-docker:4.7.0";
    private static final String CONTAINER_NAME = "fuseki-container";
 
    public static final GenericContainer<?> FUSEKI_CONTAINER =

backend/src/test/java/org/eclipse/tractusx/semantics/hub/ModelsApiTest.java

@@ -918,6 +918,17 @@ private static String toMovementUrn(String urn){
       return urn + "Movement";
    }
 
+   @Test
+   public void testGetModelByURNWithInvalidURN() throws Exception {
+      String urnPrefix = "urn:invalid";
+      mvc.perform( MockMvcRequestBuilders.get( "/api/v1/models/{urn}", urnPrefix ).with( jwtTokenFactory.allRoles() ) )
+            .andDo( MockMvcResultHandlers.print() )
+            .andExpect( status().isBadRequest() )
+            .andExpect( jsonPath( "$.error.message", is(
+                  "The URN must consist of at least 5 sections adhering to the following schema: "
+                        + "urn:samm:<organisation>:<optional>:<version>:<model-name>." ) ) );
+   }
+
    @Test
    void testGeneratePngForBAMMModel() throws Exception {
       String urnPrefix = "urn:bamm:org.eclipse.tractusx.model.status.transition:2.0.0#";

charts/semantic-hub/README.md

@@ -19,7 +19,7 @@ This Helm charts installs the Semantic Hub application and its dependencies.
 ## Install
 ```
 kubectl create namespace semantics
-helm install hub -n semantics ./charts/semantic-hub`
+helm install hub -n semantics ./charts/semantic-hub
 ```
 
 ## Values

charts/semantic-hub/templates/graphdb/graphdb-deployment.yaml

@@ -1,24 +1,24 @@
-{{- if and (.Values.graphdb.enabled) (not .Values.hub.embeddedTripleStore) }}
 ###############################################################
 # Copyright (c) 2021, 2023 Robert Bosch Manufacturing Solutions GmbH
-# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
-#
-# See the NOTICE file(s) distributed with this work for additional
-# information regarding copyright ownership.
-#
-# This program and the accompanying materials are made available under the
-# terms of the Apache License, Version 2.0 which is available at
-# https://www.apache.org/licenses/LICENSE-2.0.
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-###############################################################
+  # Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
+  #
+  # See the NOTICE file(s) distributed with this work for additional
+  # information regarding copyright ownership.
+  #
+  # This program and the accompanying materials are made available under the
+  # terms of the Apache License, Version 2.0 which is available at
+  # https://www.apache.org/licenses/LICENSE-2.0.
+  #
+  # Unless required by applicable law or agreed to in writing, software
+  # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+  # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+  # License for the specific language governing permissions and limitations
+  # under the License.
+  #
+  # SPDX-License-Identifier: Apache-2.0
+  ###############################################################
 
+{{- if and (.Values.graphdb.enabled) (not .Values.hub.embeddedTripleStore) }}
 {{- $deployment_name := printf "cx-%s-graphdb" .Release.Name }}
 {{- $sec_name := printf "%s-sec" $deployment_name }}
 {{- $pvc_name := printf "%s-pvc" $deployment_name }}