Removing Collection Manager integration (center-for-threat-informed-d…

…efense#477)

* removing collection manager refs

* removing refs to collection manager

* updated diagrams

* removing unecessary collection manager env refs

* Update docker-compose.certs.yml

* doc updates

---------

Co-authored-by: mkouremetis <[email protected]>
Co-authored-by: Charissa Miller <[email protected]>

README.md

@@ -46,12 +46,7 @@ The ATT&CK Workbench application is made up of several repositories. For the ful
   The front-end user interface for the ATT&CK Workbench tool, and the primary interface through which the knowledge base is accessed.
 - [ATT&CK Workbench REST API](https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api)
 
-  REST API service for storing, querying and editing ATT&CK objects.
-- [ATT&CK Workbench Collection Manager](https://github.com/center-for-threat-informed-defense/attack-workbench-collection-manager)
-
-  REST API and services for managing collections, collection indexes, and collection subscriptions. 
-
-  The collection manager is **not** required to be installed to use the ATT&CK Workbench, but is **highly recommended**. If you opt not to install the collection-manager you will not be able to import or export data from your local knowledge base. If the collection manager is not installed, set `integrations.collection_manager.enabled` to `false` in the front-end environment. See [modifying the environment](#modifying-the-environment) for more details.
+  REST API service for storing, querying and editing ATT&CK objects, as well as  for managing collections, collection indexes, and collection subscriptions.
 
 The manual install instructions in each repository describe how each component to be deployed to a separate machine or with customized settings. 
 
@@ -81,7 +76,7 @@ This step is necessary for cases where the app is deployed locally through `ng s
 If you're building the app for production, use `ng build --prod` which will use the production environment instead of the development environment. See [modifying the environment](#modifying-the-environment) for more information.
 
 #### Modifying the environment
-The ATT&CK Workbench Frontend is configured to connect to the Collection Manager and REST API running under their default configurations. If those applications are configured to run on different ports, or if the application is to be hosted for access on multiple machines, the environment must be edited to reflect their URLs and ports.
+The ATT&CK Workbench Frontend is configured to connect to the REST API running under its default configuration. If the applications is configured to run on a different port, or if the application is to be hosted for access on multiple machines, the environment must be edited to reflect the URLs and port.
 
 These environment properties can be edited under `src/environments`:
 - [src/environments/environment.ts](app/src/environments/environment.ts) is the development environment with configurations for when it is hosted on a local machine or is being actively developed. This is the default environment file used when building the application.

app/src/environments/environment.prod.ts

@@ -1,31 +1,29 @@
 import { NgxLoggerLevel } from 'ngx-logger'
 export const environment = {
-    production: true,
-    log_level: NgxLoggerLevel.ERROR,
-    recommended_indexes: [ //recommended collection indexes shown to user if they have no indexes loaded
-        {
-            "name": "MITRE ATT&CK", //index name
-            "url": "https://raw.githubusercontent.com/mitre-attack/attack-stix-data/master/index.json" //index url
-        }
-    ],
-    integrations: {
-        rest_api: {
-            // configuration for the ATT&CK Workbench REST API
-            // https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api
-            enabled: true, // MUST be true for application operation
-            url: "api"
-        },
-        collection_manager: {
-            // configuration for the ATT&CK Workbench Collection Manager
-            // https://github.com/center-for-threat-informed-defense/attack-workbench-collection-manager
-            enabled: true, //if false, all systems for collection management will be disabled
-            url: "cm-api"
-        },
-        attack_website: {
-          // configuration for the ATT&CK Website
-          // https://github.com/mitre-attack/attack-website
-          enabled: false, // if false, the attack website integration will not work
-          url: "https://attack.mitre.org"
-        }
-    }
+	production: true,
+	log_level: NgxLoggerLevel.ERROR,
+	recommended_indexes: [ //recommended collection indexes shown to user if they have no indexes loaded
+		{
+			"name": "MITRE ATT&CK", //index name
+			"url": "https://raw.githubusercontent.com/mitre-attack/attack-stix-data/master/index.json" //index url
+		}
+	],
+	integrations: {
+		rest_api: {
+			// configuration for the ATT&CK Workbench REST API
+			// https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api
+			enabled: true, // MUST be true for application operation
+			url: "api"
+		},
+		collection_manager: {
+			// configuration for the ATT&CK Workbench REST API Collection Manager
+			enabled: true, // if false, all components for collection management will be disabled
+		},
+		attack_website: {
+			// configuration for the ATT&CK Website
+			// https://github.com/mitre-attack/attack-website
+			enabled: false, // if false, attack website integration will be disabled
+			url: "https://attack.mitre.org"
+		}
+	}
 };

app/src/environments/environment.ts

@@ -4,34 +4,32 @@ import { NgxLoggerLevel } from 'ngx-logger'
 // The list of file replacements can be found in `angular.json`.
 
 export const environment = {
-    production: false,
-    log_level: NgxLoggerLevel.INFO,
-    recommended_indexes: [ //recommended collection indexes shown to user if they have no indexes loaded
-        {
-            "name": "MITRE ATT&CK", //index name
-            "url": "https://raw.githubusercontent.com/mitre-attack/attack-stix-data/master/index.json" //index url
-        }
-    ],
-    integrations: {
-        rest_api: {
-            // configuration for the ATT&CK Workbench REST API
-            // https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api
-            enabled: true, // MUST be true for application operation
-            url: "http://localhost:3000/api"
-        },
-        collection_manager: {
-            // configuration for the ATT&CK Workbench Collection Manager
-            // https://github.com/center-for-threat-informed-defense/attack-workbench-collection-manager
-            enabled: true, //if false, all systems for collection management will be disabled
-            url: "http://localhost:3001/cm-api"
-        },
-        attack_website: {
-          // configuration for the ATT&CK Website
-          // https://github.com/mitre-attack/attack-website
-          enabled: false, // if false, the ATT&CK website integration will not work
-          url: "http://localhost:8000"
-        }
-    }
+	production: false,
+	log_level: NgxLoggerLevel.INFO,
+	recommended_indexes: [ //recommended collection indexes shown to user if they have no indexes loaded
+		{
+			"name": "MITRE ATT&CK", //index name
+			"url": "https://raw.githubusercontent.com/mitre-attack/attack-stix-data/master/index.json" //index url
+		}
+	],
+	integrations: {
+		rest_api: {
+			// configuration for the ATT&CK Workbench REST API
+			// https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api
+			enabled: true, // MUST be true for application operation
+			url: "http://localhost:3000/api"
+		},
+		collection_manager: {
+			// configuration for the ATT&CK Workbench REST API Collection Manager
+			enabled: true, // if false, all components for collection management will be disabled
+		},
+		attack_website: {
+			// configuration for the ATT&CK Website
+			// https://github.com/mitre-attack/attack-website
+			enabled: false, // if false, the ATT&CK website integration will not work
+			url: "http://localhost:8000"
+		}
+	}
 };
 
 /*

docker-compose-resources/nginx/nginx.conf

@@ -30,9 +30,5 @@ http {
       client_max_body_size 50M;
       proxy_pass http://attack-workbench-rest-api:3000;
     }
-
-    location /cm-api {
-      proxy_pass http://attack-workbench-collection-manager:3001;
-    }
   }
 }

docker-compose.certs.yml

@@ -1,9 +1,9 @@
 # Description
-# - This file augments the deployment of the ATT&CK Workbench by configuring the collection-manager container
+# - This file augments the deployment of the ATT&CK Workbench by configuring the REST API container
 # - with an additional certificate.
-# - This is recommended for deployments where the collection-manager container is behind a firewall that performs
-#   SSL inspection. The additional certificate allows collection-manager to retrieve collection-indexes and
-#   collection bundles without receiving a self-signed certificate error.
+# - This is recommended for deployments where the REST API container is behind a firewall that performs
+#   SSL inspection. The additional certificate allows the REST API collection management to retrieve 
+#   Collection Indexes and Collection bundles without receiving a self-signed certificate error.
 
 # Usage
 # This file must be used in conjunction with the main docker-compose.yml file.
@@ -17,8 +17,8 @@
 
 version: "3.9"
 services:
-  collection-manager:
+  rest-api:
     volumes:
-      - ${HOST_CERTS_PATH}:/usr/src/app/certs
+      - .${HOST_CERTS_PATH}:/usr/src/app/certs
     environment:
       - NODE_EXTRA_CA_CERTS=./certs/${CERTS_FILENAME}

docker-compose.yml

@@ -5,7 +5,6 @@ services:
     build: .
     depends_on:
       - rest-api
-      - collection-manager
     ports:
       - "80:80"
     volumes:
@@ -24,15 +23,6 @@ services:
       - DATABASE_URL=mongodb://attack-workbench-database/attack-workspace
       - SERVICE_ACCOUNT_APIKEY_ENABLE=true
       - JSON_CONFIG_PATH=./resources/rest-api-service-config.json
-
-  collection-manager:
-    container_name: attack-workbench-collection-manager
-    build: ../attack-workbench-collection-manager
-    depends_on:
-      - rest-api
-    ports:
-      - "3001:3001"
-    environment:
       - WORKBENCH_HOST=http://attack-workbench-rest-api
       - WORKBENCH_AUTHN_SERVICE_NAME=collection-manager
       - WORKBENCH_AUTHN_APIKEY=sample-key

docs/contributing.md

@@ -4,7 +4,7 @@ Thanks for contributing to `attack-workbench-frontend`!
 
 You are welcome to comment on issues, open new issues, and open pull requests.
 
-Pull requests should target the **develop** branch of the repository. If your pull request is reliant on changes to the [REST API](https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api) or [Collection Manager](https://github.com/center-for-threat-informed-defense/attack-workbench-collection-manager/), please make sure to document this in your pull request and link to the corresponding REST API or Collection Manager pull request.
+Pull requests should target the **develop** branch of the repository. If your pull request is reliant on changes to the [REST API](https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api), please make sure to document this in your pull request and link to the corresponding REST API pull request.
 
 Also, if you contribute any source code, we need you to agree to the following Developer's Certificate of Origin below.
 

docs/docker-compose.md

@@ -4,23 +4,20 @@ This document describes how to install the ATT&CK Workbench components using Doc
 
 ## 1. Download required repositories
 
-In addition to this project, the [ATT&CK Workbench REST API](https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api) and [ATT&CK Workbench Collection Manager](https://github.com/center-for-threat-informed-defense/attack-workbench-collection-manager) projects must be pulled from their github repositories.
+In addition to this project, the [ATT&CK Workbench REST API](https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api) project must be pulled from its github repository.
 
 These projects must be placed under a common parent directory:
 
 ```
 |-- <common parent directory>
     |-- attack-workbench-frontend
     |-- attack-workbench-rest-api
-    |-- attack-workbench-collection-manager
 ```
 
-To perform all three clones as required (including the clone of this repository), you can use the following commands from your working directory:
+To perform all clones as required (including the clone of this repository), you can use the following commands from your working directory:
 ```shell
 # download the front-end repository
 git clone https://github.com/center-for-threat-informed-defense/attack-workbench-frontend.git
-# download the collection manager repository
-git clone https://github.com/center-for-threat-informed-defense/attack-workbench-collection-manager.git
 # download the REST API repository
 git clone https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api.git
 ```
@@ -82,12 +79,11 @@ docker-compose up --build
 When deployed using Docker Compose, an ATT&CK Workbench installation will include four containers:
 * frontend
 * rest-api
-* collection-manager
 * mongodb
 
 These containers will communicate as illustrated in the diagram below.
 The `nginx` instance (part of the `frontend` container) is responsible for serving the statically built code for the ATT&CK Workbench web application.
-It also acts as a reverse proxy for the `rest-api` and `collection-manager` services.
+It also acts as a reverse proxy for the `rest-api` service.
 
 ![Workbench Configuration](images/workbench-configuration-docker-compose.png)