Merge pull request #1484 from eclipse-tractusx/release/0.8.0-rc2

Release version 0.8.0-rc2
eclipse-tractusx · Aug 7, 2024 · 9b39949 · 9b39949
2 parents 04bb4e1 + 350886d
commit 9b39949
Show file tree

Hide file tree

Showing 119 changed files with 2,281 additions and 1,294 deletions.
diff --git a/.github/actions/publish-docker-image/action.yml b/.github/actions/publish-docker-image/action.yml
@@ -42,23 +42,12 @@ inputs:
   docker_tag:
     required: false
     description: 'additional docker tags'
-  do_push:
-    required: false
-    default: 'false'
-    description: 'whether or not to actually push the image'
+
 runs:
   using: "composite"
   steps:
     - uses: actions/checkout@v4
 
-    - name: Download OpenTelemetry
-      shell: bash
-      run: |-
-        # "jq -r" removes the quotation marks, that would trip up "wget"
-        URL=$(grep "val openTelemetryAgentUrl = " build.gradle.kts | awk -F'= ' '{print $2}' | jq -r)
-        wget -O ${{ inputs.rootDir }}/opentelemetry-javaagent.jar -q $URL
-        
-
     #####################
     # Login to DockerHub
     #####################
@@ -102,12 +91,13 @@ runs:
     - name: Build and push
       uses: docker/build-push-action@v3
       with:
-        context: .
-        file: ${{ inputs.rootDir }}/src/main/docker/Dockerfile
+        context: ${{ inputs.rootDir }}
+        file: ${{ inputs.rootDir }}/build/resources/docker/Dockerfile
         build-args: |
-          JAR=${{ inputs.rootDir }}/build/libs/${{ inputs.imagename }}.jar
-          OTEL_JAR=${{ inputs.rootDir }}/opentelemetry-javaagent.jar
-        push: ${{ inputs.do_push == 'true' }}
+          JAR=build/libs/${{ inputs.imagename }}.jar
+          OTEL_JAR=build/resources/otel/opentelemetry-javaagent.jar
+          ADDITIONAL_FILES=build/legal/*
+        push: true
         tags: ${{ steps.meta.outputs.tags }}
         labels: ${{ steps.meta.outputs.labels }}
 

diff --git a/.github/actions/run-deployment-test/action.yml b/.github/actions/run-deployment-test/action.yml
@@ -25,7 +25,7 @@ description: "Build and publish a Docker Image to DockerHub"
 inputs:
   imagename:
     required: true
-    description: "name of the docker image, e.g. edc-runtime-memory"
+    description: "list of docker image names separated by whitespace, e.g. 'edc-runtime-memory edc-runtime-other'"
 
   image_tag:
     required: false
@@ -38,7 +38,7 @@ inputs:
 
   rootDir:
     required: true
-    description: "The directory that contains the docker file, e.g. edc-controlplane/edc-runtime-memory"
+    description: "list of directories of the modules to be dockerized, separated by whitespace, e.g. 'edc-controlplane/edc-runtime-memory edc-dataplane/edc-dataplane-memory'"
 
   k8sversion:
     required: false
@@ -69,12 +69,19 @@ runs:
     - name: Build docker images
       shell: bash
       run: |-
-        ./gradlew -p ${{ inputs.rootDir }} dockerize
+        modules=(${{ inputs.rootDir }})
+        for module in "${modules[@]}"
+        do
+          ./gradlew -p $module dockerize
+        done
 
     - name: Load images into KinD
       shell: bash
       run: |
-        kind get clusters | xargs -n1 kind load docker-image ${{ inputs.imagename }}:${{ inputs.image_tag }} --name
+        images=(${{ inputs.imagename }})
+        versioned=( "${images[@]/%/:${{ inputs.image_tag }}}" )
+        versioned_images=$(IFS=' ' ; echo "${versioned[*]}")
+        kind get clusters | xargs -n1 kind load docker-image $versioned_images --name
 
     ###################################################
     # Install the test infrastructure

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -47,61 +47,7 @@ updates:
   # Docker
   - package-ecosystem: "docker"
     target-branch: main
-    directory: ./edc-controlplane/edc-controlplane-postgresql-azure-vault/src/main/docker/
-    labels:
-      - "dependabot"
-      - "docker"
-    schedule:
-      interval: "weekly"
-  -
-    package-ecosystem: "docker"
-    target-branch: main
-    directory: ./edc-controlplane/edc-controlplane-postgresql-hashicorp-vault/src/main/docker/
-    labels:
-      - "dependabot"
-      - "docker"
-    schedule:
-      interval: "weekly"
-  -
-    package-ecosystem: "docker"
-    target-branch: main
-    directory: ./edc-controlplane/edc-runtime-memory/src/main/docker/
-    labels:
-      - "dependabot"
-      - "docker"
-    schedule:
-      interval: "weekly"
-  -
-    package-ecosystem: "docker"
-    target-branch: main
-    directory: ./edc-dataplane/edc-dataplane-azure-vault/src/main/docker/
-    labels:
-      - "dependabot"
-      - "docker"
-    schedule:
-      interval: "weekly"
-  -
-    package-ecosystem: "docker"
-    target-branch: main
-    directory: ./edc-dataplane/edc-dataplane-hashicorp-vault/src/main/docker/
-    labels:
-      - "dependabot"
-      - "docker"
-    schedule:
-      interval: "weekly"
-  -
-    package-ecosystem: "docker"
-    target-branch: main
-    directory: ./edc-tests/runtime/mock-connector/src/main/docker/
-    labels:
-      - "dependabot"
-      - "docker"
-    schedule:
-      interval: "weekly"
-  -
-    package-ecosystem: "docker"
-    target-branch: main
-    directory: ./samples/edc-dast/edc-dast-runtime/src/main/docker/
+    directory: resources
     labels:
       - "dependabot"
       - "docker"

diff --git a/.github/workflows/deployment-test.yaml b/.github/workflows/deployment-test.yaml
@@ -18,7 +18,6 @@
 #  SPDX-License-Identifier: Apache-2.0
 #################################################################################
 
-
 ---
 name: "Deployment Tests"
 
@@ -28,7 +27,6 @@ on:
   workflow_dispatch:
 
 jobs:
-
   secret-presence:
     runs-on: ubuntu-latest
     outputs:
@@ -81,17 +79,17 @@ jobs:
       fail-fast: false
       # this will verify that the official distribution of the Tractus-X EDC Helm chart runs on the last 3 Kubernetes versions
       matrix:
-        k8s-version: ["v1.30.0",
-                      "v1.29.4",
-                      "v1.28.9"]
+        k8s-version: [ "v1.30.2",
+                       "v1.29.4",
+                       "v1.28.9" ]
     steps:
       - name: Checkout
         uses: actions/checkout@v4
       - uses: ./.github/actions/run-deployment-test
-        name: "Run deployment test using KinD and Helm"
+        name: "Run deployment test using KinD and Helm - tokenbased auth"
         with:
           imagename: "edc-controlplane-postgresql-hashicorp-vault edc-dataplane-hashicorp-vault"
-          rootDir: "."
+          rootDir: "edc-controlplane/edc-controlplane-postgresql-hashicorp-vault edc-dataplane/edc-dataplane-hashicorp-vault"
           k8sversion: ${{ matrix.k8s-version }}
           helm_command: |-
             helm install tx-prod charts/tractusx-connector \
@@ -103,14 +101,33 @@ jobs:
             kubectl rollout status deployment tx-prod-controlplane
             kubectl rollout status deployment tx-prod-dataplane
 
-            # execute the helm test
+            # execute the helm test using token based auth in the Management API
             helm test tx-prod
 
+      - uses: ./.github/actions/run-deployment-test
+        name: "Run deployment test using KinD and Helm - delegated auth"
+        with:
+          imagename: "edc-controlplane-postgresql-hashicorp-vault edc-dataplane-hashicorp-vault"
+          rootDir: "edc-controlplane/edc-controlplane-postgresql-hashicorp-vault edc-dataplane/edc-dataplane-hashicorp-vault"
+          k8sversion: ${{ matrix.k8s-version }}
+          helm_command: |-
+            helm install tx-prod charts/tractusx-connector \
+            -f edc-tests/deployment/src/main/resources/helm/tractusx-connector-test.yaml \
+            --set controlplane.endpoints.management.jwksUrl="http://foo-bar.com/.well-known/jwks.json" \
+            --dependency-update \
+            --wait-for-jobs --timeout=120s    
+
+            # wait for the pod to become ready
+            kubectl rollout status deployment tx-prod-controlplane
+            kubectl rollout status deployment tx-prod-dataplane
+            
+            # no helm test here, because the delegated auth won't work without an actual IdP
+
   test-azure-vault-postgres:
     runs-on: ubuntu-latest
     needs: [ test-prepare, secret-presence ]
-#    if: |
-#      needs.secret-presence.outputs.AZURE_KV_CREDS
+    #    if: |
+    #      needs.secret-presence.outputs.AZURE_KV_CREDS
 
     # DEACTIVATE this job for now because our Azure Credentials are expired
     # TODO: reactivate once we have refreshed Azure Credentials
@@ -125,7 +142,7 @@ jobs:
         name: "Run deployment test using KinD and Helm"
         with:
           imagename: "edc-controlplane-postgresql-azure-vault edc-dataplane-azure-vault"
-          rootDir: "."
+          rootDir: "edc-controlplane/edc-controlplane-postgresql-azure-vault edc-dataplane/edc-dataplane-azure-vault"
           helm_command: |-
             az keyvault secret set --vault-name ${{ secrets.AZURE_VAULT_NAME }} --name aes-keys --value "$(cat aes.key)" > /dev/null
             az keyvault secret set --vault-name ${{ secrets.AZURE_VAULT_NAME }} --name client-secret --value "$(cat client.secret)" > /dev/null

diff --git a/.github/workflows/publish-new-release.yml b/.github/workflows/publish-new-release.yml
@@ -60,66 +60,26 @@ jobs:
   maven-release:
     name: Publish extension's release version to maven repository
     needs: [ release-version ]
-    runs-on: ubuntu-latest
     permissions:
       contents: read
       packages: write
     if: github.event.pull_request.merged == true && needs.release-version.outputs.RELEASE_VERSION
-    steps:
-      - name: Export RELEASE_VERSION env
-        run: |
-          echo "RELEASE_VERSION=${{ needs.release-version.outputs.RELEASE_VERSION }}" >> $GITHUB_ENV
-
-      # Set-Up
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/setup-java
-
-      # Import GPG Key
-      - uses: ./.github/actions/import-gpg-key
-        name: "Import GPG Key"
-        with:
-          gpg-private-key: ${{ secrets.ORG_GPG_PRIVATE_KEY }}
-
-      # publish releases
-      - name: Publish version
-        env:
-          OSSRH_PASSWORD: ${{ secrets.ORG_OSSRH_PASSWORD }}
-          OSSRH_USER: ${{ secrets.ORG_OSSRH_USERNAME }}
-        run: |-
-          echo "Publishing Version $RELEASE_VERSION to Sonatype/MavenCentral"
-          ./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository --no-parallel -Pversion=$RELEASE_VERSION -Psigning.gnupg.executable=gpg -Psigning.gnupg.passphrase="${{ secrets.ORG_GPG_PASSPHRASE }}"
+    uses: ./.github/workflows/trigger-maven-publish.yaml
+    secrets: inherit
+    with:
+      version: $RELEASE_VERSION
 
   docker-release:
     name: Publish Docker images
-    runs-on: ubuntu-latest
     needs: [ release-version ]
     permissions:
       contents: write
     if: github.event.pull_request.merged == true && needs.release-version.outputs.RELEASE_VERSION
 
-    strategy:
-      fail-fast: false
-      matrix:
-        variant: [ { dir: edc-controlplane, img: edc-runtime-memory },
-                   { dir: edc-controlplane, img: edc-controlplane-postgresql-hashicorp-vault },
-                   { dir: edc-controlplane, img: edc-controlplane-postgresql-azure-vault },
-                   { dir: edc-dataplane,    img: edc-dataplane-azure-vault },
-                   { dir: edc-dataplane,    img: edc-dataplane-hashicorp-vault },
-                   { dir: edc-tests/runtime, img: mock-connector }]
-    steps:
-      - uses: actions/checkout@v4
-      - name: Export RELEASE_VERSION env
-        run: |
-          echo "RELEASE_VERSION=${{ needs.release-version.outputs.RELEASE_VERSION }}" >> $GITHUB_ENV
-      - uses: ./.github/actions/publish-docker-image
-        name: Publish ${{ matrix.variant.img }}
-        with:
-          docker_tag: ${{ env.RELEASE_VERSION }}
-          rootDir: ${{ matrix.variant.dir }}/${{ matrix.variant.img }}
-          imagename: ${{ matrix.variant.img }}
-          docker_user: ${{ secrets.DOCKER_HUB_USER }}
-          docker_token: ${{ secrets.DOCKER_HUB_TOKEN }}
-          do_push: 'true'
+    uses: ./.github/workflows/trigger-docker-publish.yaml
+    secrets: inherit
+    with:
+      docker_tag: ${{ env.RELEASE_VERSION }}
 
   # Release: Helm Charts
   helm-release:
@@ -249,3 +209,13 @@ jobs:
     with:
       downstream-version: ${{ needs.release-version.outputs.RELEASE_VERSION }}
     secrets: inherit
+
+  publish-openapi-to-gh-pages:
+    name: "Publish OpenAPI UI spec GitHub Pages"
+    permissions:
+      contents: write
+    needs: [ release-version ]
+    uses: ./.github/workflows/publish-openapi-ui.yml
+    secrets: inherit
+    with:
+      version: ${{ needs.release-version.outputs.RELEASE_VERSION }}