Merge pull request #309 from eclipse-tractusx/release/v1.2.0

build(1.2.0): merge latest changes into main

.github/workflows/trivy-main.yml

@@ -61,6 +61,9 @@ jobs:
           output: "trivy-results1.sarif"
           vuln-type: "os,library"
           timeout: "3600s"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
@@ -93,6 +96,10 @@ jobs:
           format: "sarif"
           output: "trivy-results2.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -126,6 +133,10 @@ jobs:
           output: "trivy-results3.sarif"
           vuln-type: "os,library"
           skip-dirs: "docs/"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -159,6 +170,10 @@ jobs:
           output: "trivy-results4.sarif"
           vuln-type: "os,library"
           skip-dirs: "docs/"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -192,6 +207,10 @@ jobs:
           output: "trivy-results5.sarif"
           vuln-type: "os,library"
           skip-dirs: "docs/"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()

.github/workflows/trivy.yml

@@ -62,6 +62,9 @@ jobs:
           vuln-type: "os,library"
           skip-dirs: "docs/"
           timeout: "3600s"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
@@ -94,6 +97,10 @@ jobs:
           format: "sarif"
           output: "trivy-results2.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -126,6 +133,10 @@ jobs:
           format: "sarif"
           output: "trivy-results3.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -158,6 +169,10 @@ jobs:
           format: "sarif"
           output: "trivy-results4.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -190,6 +205,10 @@ jobs:
           format: "sarif"
           output: "trivy-results5.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()

.tractusx

@@ -20,4 +20,4 @@
 product: "SSI Credential Issuer"
 leadingRepository: "https://github.com/eclipse-tractusx/ssi-credential-issuer"
 openApiSpecs:
-- "https://raw.githubusercontent.com/eclipse-tractusx/ssi-credential-issuer/refs/tags/v1.2.0-rc.2/docs/api/issuer-service.yaml"
+- "https://raw.githubusercontent.com/eclipse-tractusx/ssi-credential-issuer/refs/tags/v1.2.0/docs/api/issuer-service.yaml"

CHANGELOG.md

@@ -1,16 +1,12 @@
 # Changelog
 
-## [1.2.0-rc.2](https://github.com/eclipse-tractusx/ssi-credential-issuer/compare/v1.2.0-rc.1...v1.2.0-rc2) (2024-10-24)
+## [1.2.0-rc.2](https://github.com/eclipse-tractusx/ssi-credential-issuer/compare/v1.2.0-rc.1...v1.2.0-rc.2) (2024-10-24)
 
 ### Bug Fixes
 
 * set credential to active after credential exists ([#286](https://github.com/eclipse-tractusx/ssi-credential-issuer/pull/286)) ([af759bf](https://github.com/eclipse-tractusx/ssi-credential-issuer/commit/af759bf20ec56a3098dc87d357916dcd67638a29))
 
-### Miscellaneous Chores
-
-* release 1.2.0-rc.1 ([8ada2a3](https://github.com/eclipse-tractusx/ssi-credential-issuer/commit/8ada2a30d68d200b615c3f912d61e0066d7fdcad))
-
-## [1.2.0-rc.2](https://github.com/eclipse-tractusx/ssi-credential-issuer/compare/v1.2.0-rc.1...v1.2.0-rc.2) (2024-10-21)
+## [1.2.0-rc.1](https://github.com/eclipse-tractusx/ssi-credential-issuer/compare/v1.2.0-alpha.1...v1.2.0-rc.1) (2024-10-21)
 
 ### Features
 

charts/ssi-credential-issuer/Chart.yaml

@@ -20,8 +20,8 @@
 apiVersion: v2
 name: ssi-credential-issuer
 type: application
-version: 1.2.0-rc.2
-appVersion: 1.2.0-rc.2
+version: 1.2.0
+appVersion: 1.2.0
 description: Helm chart for SSI Credential Issuer
 home: https://github.com/eclipse-tractusx/ssi-credential-issuer
 dependencies:

charts/ssi-credential-issuer/README.md

@@ -29,7 +29,7 @@ To use the helm chart as a dependency:
 dependencies:
   - name: ssi-credential-issuer
     repository: https://eclipse-tractusx.github.io/charts/dev
-    version: 1.2.0-rc.2
+    version: 1.2.0
 ```
 
 ## Requirements

docs/admin/known-issues-and-limitations.md

@@ -4,9 +4,7 @@
 
 - The DIM Status List is presently included in both the configuration file and the outbound wallet post body, which is against our recommendation as we believe this function should be autonomously managed by the wallet. The status list is defined within the component configuration, suggesting an interim solution with an intention to phase out this approach, reinforcing that the status list should not be integral to the interface in the long term.
 
-- The Operator is currently not able to review the supporting documents for a credential request of another company. See [225](https://github.com/eclipse-tractusx/ssi-credential-issuer/issues/225)
-
-- The application of the wallet and the paths of the wallet calls are not configurable. Thus the application is set to catena-x-portal. See [226](https://github.com/eclipse-tractusx/ssi-credential-issuer/issues/226)
+- Type of the status list is not yet configurable and currently still set to StatusList2021, see [299](https://github.com/eclipse-tractusx/ssi-credential-issuer/issues/299).
 
 ## NOTICE
 

docs/api/issuer-service.yaml

@@ -1,7 +1,7 @@
 openapi: 3.0.1
 info:
   title: Org.Eclipse.TractusX.SsiCredentialIssuer.Service
-  version: v1.2.0-rc.2
+  version: v1.2.0
 paths:
   /api/issuer/useCaseParticipation:
     get:

src/Directory.Build.props

@@ -20,6 +20,6 @@
 <Project>
   <PropertyGroup>
     <VersionPrefix>1.2.0</VersionPrefix>
-    <VersionSuffix>rc.2</VersionSuffix>
+    <VersionSuffix></VersionSuffix>
   </PropertyGroup>
 </Project>