From b90b2badbe0a1be9a443d9cec59c582af39ea597 Mon Sep 17 00:00:00 2001 From: Denis Neuling Date: Fri, 20 May 2022 10:24:42 +0200 Subject: [PATCH] Release version 0.0.2 (#151) --- .github/workflows/build.yaml | 43 ++-- .github/workflows/publish-new-release.yml | 96 +++++++- CHANGELOG.md | 6 +- deployment/helm/README.md | 8 + deployment/helm/edc-controlplane/Chart.yaml | 7 +- deployment/helm/edc-controlplane/README.md | 82 ++++++- .../helm/edc-controlplane/README.md.gotmpl | 25 +++ deployment/helm/edc-controlplane/values.yaml | 210 +++++++----------- deployment/helm/edc-dataplane/Chart.yaml | 7 +- deployment/helm/edc-dataplane/README.md | 70 +++++- .../helm/edc-dataplane/README.md.gotmpl | 25 +++ deployment/helm/edc-dataplane/values.yaml | 160 ++++++------- edc | 2 +- edc-controlplane/README.md | 4 +- .../edc-controlplane-cosmosdb/pom.xml | 2 +- .../edc-controlplane-memory/README.md | 13 ++ .../edc-controlplane-memory/pom.xml | 8 +- .../edc-controlplane-postgresql/pom.xml | 2 +- edc-controlplane/pom.xml | 2 +- edc-dataplane/pom.xml | 2 +- edc-extensions/aas-controller/pom.xml | 2 +- .../business-partner-validation/pom.xml | 2 +- edc-extensions/pom.xml | 2 +- edc-extensions/postgresql-migration/pom.xml | 2 +- pom.xml | 6 +- 25 files changed, 510 insertions(+), 278 deletions(-) create mode 100644 deployment/helm/edc-controlplane/README.md.gotmpl create mode 100644 deployment/helm/edc-dataplane/README.md.gotmpl diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index a6f2ff925..f16603612 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -8,6 +8,9 @@ on: - develop tags: - '[0-9]+.[0-9]+.[0-9]+' + release: + types: + - released pull_request: branches: - '*' @@ -17,15 +20,15 @@ jobs: runs-on: ubuntu-latest outputs: CXNG_GHCR_PAT: ${{ steps.secret-presence.outputs.CXNG_GHCR_PAT }} - VERACODE_ID: ${{ steps.secret-presence.outputs.VERACODE_ID }} - VERACODE_SECRET_KEY: ${{ steps.secret-presence.outputs.VERACODE_SECRET_KEY }} + ORG_VERACODE_API_ID: ${{ steps.secret-presence.outputs.ORG_VERACODE_API_ID }} + ORG_VERACODE_API_KEY: ${{ steps.secret-presence.outputs.ORG_VERACODE_API_KEY }} steps: - name: Check whether secrets exist id: secret-presence run: | [ ! -z "${{ secrets.CXNG_GHCR_PAT }}" ] && echo "::set-output name=CXNG_GHCR_PAT::true" - [ ! -z "${{ secrets.VERACODE_ID }}" ] && echo "::set-output name=VERACODE_ID::true" - [ ! -z "${{ secrets.VERACODE_SECRET_KEY }}" ] && echo "::set-output name=VERACODE_SECRET_KEY::true" + [ ! -z "${{ secrets.ORG_VERACODE_API_ID }}" ] && echo "::set-output name=ORG_VERACODE_API_ID::true" + [ ! -z "${{ secrets.ORG_VERACODE_API_KEY }}" ] && echo "::set-output name=ORG_VERACODE_API_KEY::true" exit 0 ##################### @@ -99,7 +102,7 @@ jobs: name: Veracode Upload And Scan uses: veracode/veracode-uploadandscan-action@v1.0 if: | - needs.secret-presence.outputs.VERACODE_ID && needs.secret-presence.outputs.VERACODE_SECRET_KEY && contains(' + needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY && contains(' refs/heads/develop refs/heads/release/ refs/tags/ @@ -108,10 +111,10 @@ jobs: with: appname: 'product-edc/edc-dataplane' createprofile: true - version: ${{ github.ref }} + version: ${{ github.ref }}-${{ github.sha }} filepath: edc-dataplane/target/edc-dataplane.jar - vid: ${{ secrets.VERACODE_ID }} - vkey: ${{ secrets.VERACODE_SECRET_KEY }} + vid: ${{ secrets.ORG_VERACODE_API_ID }} + vkey: ${{ secrets.ORG_VERACODE_API_KEY }} ################################# ### edc-controlplane-memory ### @@ -184,7 +187,7 @@ jobs: name: Veracode Upload And Scan uses: veracode/veracode-uploadandscan-action@v1.0 if: | - needs.secret-presence.outputs.VERACODE_ID && needs.secret-presence.outputs.VERACODE_SECRET_KEY && contains(' + needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY && contains(' refs/heads/develop refs/heads/release/ refs/tags/ @@ -193,10 +196,10 @@ jobs: with: appname: 'product-edc/edc-controlplane-memory' createprofile: true - version: ${{ github.ref }} + version: ${{ github.ref }}-${{ github.sha }} filepath: edc-controlplane/edc-controlplane-memory/target/edc-controlplane-memory.jar - vid: ${{ secrets.VERACODE_ID }} - vkey: ${{ secrets.VERACODE_SECRET_KEY }} + vid: ${{ secrets.ORG_VERACODE_API_ID }} + vkey: ${{ secrets.ORG_VERACODE_API_KEY }} ################################# ### edc-controlplane-cosmosdb ### @@ -269,7 +272,7 @@ jobs: name: Veracode Upload And Scan uses: veracode/veracode-uploadandscan-action@v1.0 if: | - needs.secret-presence.outputs.VERACODE_ID && needs.secret-presence.outputs.VERACODE_SECRET_KEY && contains(' + needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY && contains(' refs/heads/develop refs/heads/release/ refs/tags/ @@ -279,9 +282,9 @@ jobs: appname: 'product-edc/edc-controlplane-cosmosdb' createprofile: true filepath: edc-controlplane/edc-controlplane-cosmosdb/target/edc-controlplane-cosmosdb.jar - version: ${{ github.ref }} - vid: ${{ secrets.VERACODE_ID }} - vkey: ${{ secrets.VERACODE_SECRET_KEY }} + version: ${{ github.ref }}-${{ github.sha }} + vid: ${{ secrets.ORG_VERACODE_API_ID }} + vkey: ${{ secrets.ORG_VERACODE_API_KEY }} ################################### ### edc-controlplane-postgresql ### @@ -354,7 +357,7 @@ jobs: name: Veracode Upload And Scan uses: veracode/veracode-uploadandscan-action@v1.0 if: | - needs.secret-presence.outputs.VERACODE_ID && needs.secret-presence.outputs.VERACODE_SECRET_KEY && contains(' + needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY && contains(' refs/heads/develop refs/heads/release/ refs/tags/ @@ -364,6 +367,6 @@ jobs: appname: 'product-edc/edc-controlplane-postgresql' createprofile: true filepath: edc-controlplane/edc-controlplane-postgresql/target/edc-controlplane-postgresql.jar - version: ${{ github.ref }} - vid: ${{ secrets.VERACODE_ID }} - vkey: ${{ secrets.VERACODE_SECRET_KEY }} + version: ${{ github.ref_name }}-${{ github.sha }} + vid: ${{ secrets.ORG_VERACODE_API_ID }} + vkey: ${{ secrets.ORG_VERACODE_API_KEY }} diff --git a/.github/workflows/publish-new-release.yml b/.github/workflows/publish-new-release.yml index fad49a49c..2a8b33e72 100644 --- a/.github/workflows/publish-new-release.yml +++ b/.github/workflows/publish-new-release.yml @@ -9,15 +9,25 @@ on: - closed jobs: - release: - name: Publish new release + secret-presence: + name: Determine secret presence runs-on: ubuntu-latest - if: github.event.pull_request.merged == true + outputs: + CXNG_RELEASE_PAT: ${{ steps.secret-presence.outputs.CXNG_RELEASE_PAT }} + steps: + - name: Check whether secrets exist + id: secret-presence + run: | + [ ! -z "${{ secrets.CXNG_RELEASE_PAT }}" ] && echo "::set-output name=CXNG_RELEASE_PAT::true" + + exit 0 + + release-version: + name: Determine release version + runs-on: ubuntu-latest + outputs: + RELEASE_VERSION: ${{ steps.release-version.outputs.RELEASE_VERSION }} steps: - - uses: actions/checkout@v3 - with: - # 0 to fetch the full history due to upcoming merge of main into develop branch - fetch-depth: 0 - name: Extract version from branch name (for release branches) if: startsWith(github.event.pull_request.head.ref, 'release/') @@ -34,12 +44,35 @@ jobs: VERSION=${BRANCH_NAME#hotfix/} echo "RELEASE_VERSION=$VERSION" >> $GITHUB_ENV + - + name: Output release version + id: release-version + run: | + echo "::set-output name=RELEASE_VERSION::${{ env.RELEASE_VERSION }}" + + github-release: + name: Publish new github release + needs: [ secret-presence, release-version ] + runs-on: ubuntu-latest + if: github.event.pull_request.merged == true && needs.secret-presence.outputs.CXNG_RELEASE_PAT && needs.release-version.outputs.RELEASE_VERSION + steps: + - + name: Export RELEASE_VERSION env + run: | + echo "RELEASE_VERSION=${{ needs.release-version.outputs.RELEASE_VERSION }}" >> $GITHUB_ENV + - + name: Checkout + uses: actions/checkout@v3 + with: + # 0 to fetch the full history due to upcoming merge of main into develop branch + fetch-depth: 0 - name: Create Release Tag + id: create_release_tag run: | # Prepare git env - git config user.name "GitHub actions" - git config user.email noreply@github.com + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" # informative git branch -a @@ -50,9 +83,10 @@ jobs: git push --force origin ${{ env.RELEASE_VERSION }} - name: Create Github Release + id: create_release uses: thomaseizinger/create-release@1.0.0 env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.CXNG_RELEASE_PAT }} with: target_commitish: ${{ github.event.pull_request.merge_commit_sha }} tag_name: ${{ env.RELEASE_VERSION }} @@ -90,3 +124,45 @@ jobs: git commit --message "Introduce new snapshot version $SNAPSHOT_VERSION" git push origin develop + + helm-release: + name: Publish new helm release + needs: [ release-version ] + runs-on: ubuntu-latest + if: github.event.pull_request.merged == true && needs.release-version.outputs.RELEASE_VERSION + steps: + - + name: Export RELEASE_VERSION env + run: | + echo "RELEASE_VERSION=${{ needs.release-version.outputs.RELEASE_VERSION }}" >> $GITHUB_ENV + - + name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - + name: Install Helm + uses: azure/setup-helm@v1 + with: + version: v3.8.1 + - + name: Package helm, update index.yaml and push to gh-pages + run: | + # Prepare git env + git config user.name "GitHub actions" + git config user.email noreply@github.com + + # Package all charts + find -name Chart.yaml | xargs -n1 dirname | xargs -n1 helm package -u -d helm-charts + + git checkout gh-pages || git checkout -b gh-pages + git pull --rebase origin gh-pages + + # Generate helm repo index.yaml + helm repo index . --merge index.yaml --url https://${GITHUB_REPOSITORY_OWNER}.github.io/${GITHUB_REPOSITORY#*/}/ + + # Commit and push to gh-pages + git add index.yaml helm-charts + git commit -s -m "Release ${{ env.RELEASE_VERSION }}" + + git push origin gh-pages diff --git a/CHANGELOG.md b/CHANGELOG.md index 28b4ebc85..6f7316b40 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,8 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +## [0.0.2] - 2022-05-20 + ## [0.0.1] - 2022-05-13 -[Unreleased]: https://github.com/catenax-ng/product-edc/compare/0.0.1...HEAD +[Unreleased]: https://github.com/catenax-ng/product-edc/compare/0.0.2...HEAD + +[0.0.2]: https://github.com/catenax-ng/product-edc/compare/0.0.1...0.0.2 [0.0.1]: https://github.com/catenax-ng/product-edc/compare/a02601306fed39a88a3b3b18fae98b80791157b9...0.0.1 diff --git a/deployment/helm/README.md b/deployment/helm/README.md index c5f541187..895b9eb2e 100644 --- a/deployment/helm/README.md +++ b/deployment/helm/README.md @@ -3,3 +3,11 @@ Chart linting is performed using [helm's CT tool](https://github.com/helm/chart-testing). Configuration files for [CT](../../ct.yaml), [Yamale](../../chart_schema.yaml) and [Yamllint](../../lintconf.yaml) have been provided. + +# Generate Chart Readme's + +To generate chart README.md files from its respective values.yaml file we use the [helm-docs tool](https://github.com/norwoodj/helm-docs): + +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` diff --git a/deployment/helm/edc-controlplane/Chart.yaml b/deployment/helm/edc-controlplane/Chart.yaml index 0661b813a..6896a5e64 100644 --- a/deployment/helm/edc-controlplane/Chart.yaml +++ b/deployment/helm/edc-controlplane/Chart.yaml @@ -1,9 +1,10 @@ --- apiVersion: v2 name: edc-controlplane -description: EDC Control-Plane +description: >- + EDC Control-Plane - The Eclipse DataSpaceConnector administration layer with responsibility of resource management and govern contracts and data transfers home: https://github.com/catenax-ng/product-edc/deployment/helm/edc-controlplane type: application -appVersion: "0.0.1" -version: 0.0.1 +appVersion: "0.0.2" +version: 0.0.2 maintainers: [] diff --git a/deployment/helm/edc-controlplane/README.md b/deployment/helm/edc-controlplane/README.md index 489210dba..b4003b326 100644 --- a/deployment/helm/edc-controlplane/README.md +++ b/deployment/helm/edc-controlplane/README.md @@ -1 +1,81 @@ -# edc-controlplane Helm Chart \ No newline at end of file +# edc-controlplane + +![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) + +EDC Control-Plane - The Eclipse DataSpaceConnector administration layer with responsibility of resource management and govern contracts and data transfers + +**Homepage:** + +## TL;DR +```shell +$ helm repo add catenax-ng-product-edc https://catenax-ng.github.io/product-edc +$ helm install my-release catenax-ng-product-edc/edc-controlplane +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | [Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) constrains which nodes the Pod can be scheduled on based on node labels. | +| autoscaling.enabled | bool | `false` | Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | +| autoscaling.maxReplicas | int | `100` | Maximum replicas if resource consumption exceeds resource threshholds | +| autoscaling.minReplicas | int | `1` | Minimal replicas if resource consumption falls below resource threshholds | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | targetAverageUtilization of cpu provided to a pod | +| autoscaling.targetMemoryUtilizationPercentage | int | `80` | targetAverageUtilization of memory provided to a pod | +| configuration.properties | string | `"# edc.api.auth.key=\n# edc.api.control.auth.apikey.key=\n# edc.api.control.auth.apikey.value=\n# edc.assetindex.cosmos.account-name=\n# edc.assetindex.cosmos.container-name=\n# edc.assetindex.cosmos.database-name=\n# edc.assetindex.cosmos.preferred-region=\n# edc.atomikos.checkpoint.interval=\n# edc.atomikos.directory=\n# edc.atomikos.logging=\n# edc.atomikos.threaded2pc=\n# edc.atomikos.timeout=\n# edc.aws.access.key=\n# edc.aws.provision.retry.retries.max=\n# edc.aws.provision.role.duration.session.max=\n# edc.aws.secret.access.key=\n# edc.blobstore.endpoint=\n# edc.contractdefinitionstore.cosmos.account-name=\n# edc.contractdefinitionstore.cosmos.container-name=\n# edc.contractdefinitionstore.cosmos.database-name=\n# edc.contractdefinitionstore.cosmos.preferred-region=\n# edc.contractnegotiationstore.cosmos.account-name=\n# edc.contractnegotiationstore.cosmos.container-name=\n# edc.contractnegotiationstore.cosmos.database-name=\n# edc.contractnegotiationstore.cosmos.preferred-region=\n# edc.controlplane.validation-endpoint=\n# edc.core.retry.backoff.max=\n# edc.core.retry.backoff.min=\n# edc.core.retry.retries.max=\n# edc.core.system.health.check.liveness-period=\n# edc.core.system.health.check.readiness-period=\n# edc.core.system.health.check.startup-period=\n# edc.core.system.health.check.threadpool-size=\n# edc.cosmos.partition-key=\n# edc.cosmos.query-metrics-enabled=\n# edc.dataplane.queue.capacity=\n# edc.dataplane.wait=\n# edc.dataplane.workers=\n# edc.datasource.asset.name=\"default\"\n# edc.datasource.contractdefinition.name=\"default\"\n# edc.datasource.contractnegotiation.name=\"default\"\n# edc.datasource.policy.name=\"default\"\n# edc.datasource.transferprocess.name=\"default\"\n# edc.datasource.default.pool.maxIdleConnections=\n# edc.datasource.default.pool.maxTotalConnections=\n# edc.datasource.default.pool.minIdleConnections=\n# edc.datasource.default.pool.testConnectionOnBorrow=\n# edc.datasource.default.pool.testConnectionOnCreate=\n# edc.datasource.default.pool.testConnectionOnReturn=\n# edc.datasource.default.pool.testConnectionWhileIdle=\n# edc.datasource.default.pool.testQuery=\n# edc.datasource.default.url=\n# edc.datasource.default.user=\n# edc.datasource.default.password=\n# edc.dpf.selector.url=\n# edc.events.topic.endpoint=\n# edc.events.topic.name=\n# edc.fs.config=\n# edc.hostname=\n# edc.identity.did.url=\n# edc.ids.catalog.id=\n# edc.ids.curator=\n# edc.ids.description=\n# edc.ids.endpoint=\n# edc.ids.id=\n# edc.ids.maintainer=\n# edc.ids.security.profile=\n# edc.ids.title=\n# edc.ids.validation.referringconnector=\n# edc.ion.crawler.did-type=\n# edc.ion.crawler.interval-minutes=\n# edc.ion.crawler.ion.url=\n# edc.metrics.enabled=\n# edc.metrics.executor.enabled=\n# edc.metrics.jersey.enabled=\n# edc.metrics.jetty.enabled=\n# edc.metrics.okhttp.enabled=\n# edc.metrics.system.enabled=\n# edc.negotiation.consumer.state-machine.batch-size=\n# edc.negotiation.provider.state-machine.batch-size=\n# edc.node.directory.cosmos.account.name=\n# edc.node.directory.cosmos.container.name=\n# edc.node.directory.cosmos.database.name=\n# edc.node.directory.cosmos.preferred.region=\n# edc.oauth.client.id=\n# edc.oauth.private.key.alias=\n# edc.oauth.provider.audience=\n# edc.oauth.provider.jwks.refresh=\n# edc.oauth.provider.jwks.url=\n# edc.oauth.public.key.alias=\n# edc.oauth.token.url=\n# edc.oauth.validation.nbf.leeway=\n# edc.receiver.http.auth-code=\n# edc.receiver.http.auth-key=\n# edc.receiver.http.endpoint=\n# edc.transfer.proxy.endpoint=\n# edc.transfer.dataplane.sync.token.validity=\n# edc.transfer.proxy.token.signer.privatekey.alias=\n# edc.transfer.functions.check.endpoint=\n# edc.transfer.functions.enabled.protocols=\n# edc.transfer.functions.transfer.endpoint=\n# edc.transfer-process-store.cosmos.account.name=\n# edc.transfer-process-store.cosmos.container-name=\n# edc.transfer-process-store.cosmos.preferred-region=\n# edc.transfer-process-store.database.name=\n# edc.transfer.state-machine.batch-size=\n# edc.vault=\n# edc.vault.certificate=\n# edc.vault.clientid=\n# edc.vault.clientsecret=\n# edc.vault.name=\n# edc.vault.tenantid=\n# edc.webdid.doh.url=\n# edc.web.rest.cors.enabled=\n# edc.web.rest.cors.headers=\n# edc.web.rest.cors.methods=\n# edc.web.rest.cors.origins="` | EDC configuration.properties configuring aspects of the [eclipse-dataspaceconnector](https://github.com/eclipse-dataspaceconnector/DataSpaceConnector) | +| edc.endpoints.control.path | string | `"/api/controlplane/control"` | The path mapping the "control" api is going to be exposed at | +| edc.endpoints.control.port | string | `"9999"` | The network port, which the "control" api is going to be exposed by the container, pod and service | +| edc.endpoints.data.path | string | `"/data"` | The path mapping the "data" management api is going to be exposed at | +| edc.endpoints.data.port | string | `"8181"` | The network port, which the "data" management api is going to be exposed by the container, pod and service | +| edc.endpoints.default.path | string | `"/api"` | The path mapping the "default" api is going to be exposed at | +| edc.endpoints.default.port | string | `"8080"` | The network port, which the "default" api is going to be exposed by the container, pod and service | +| edc.endpoints.ids.path | string | `"/api/v1/ids"` | The path mapping the "ids" multipart api is going to be exposed at | +| edc.endpoints.ids.port | string | `"8282"` | The network port, which the "ids" multipart api is going to be exposed by the container, pod and service | +| edc.endpoints.metrics.path | string | `"/metrics"` | The path mapping the prometheus metrics are going to be exposed at | +| edc.endpoints.metrics.port | string | `"9090"` | The network port, which the prometheus metrics are going to be exposed by the container, pod and service | +| edc.endpoints.validation.path | string | `"/validation"` | The path mapping the "validation" api is going to be exposed at | +| edc.endpoints.validation.port | string | `"8182"` | The network port, which the "validation" api is going to be exposed by the container, pod and service | +| env | object | `{}` | Container environment variables e.g. for configuring [JAVA_TOOL_OPTIONS](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) Ex.: JAVA_TOOL_OPTIONS: > -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 | +| fullnameOverride | string | `""` | Overrides the releases full name | +| image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | +| image.repository | string | `"ghcr.io/catenax-ng/product-edc/edc-controlplane-memory"` | Which derivate of the edc controlplane to use. One of: [ghcr.io/catenax-ng/product-edc/edc-controlplane-memory, , ghcr.io/catenax-ng/product-edc/edc-controlplane-postgresql, ghcr.io/catenax-ng/product-edc/edc-controlplane-cosmosdb] | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| imagePullSecret.dockerconfigjson | string | `""` | Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. | +| imagePullSecrets | list | `[]` | Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) | +| ingresses[0].annotations | object | `{}` | Additional ingress annotations to add | +| ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | +| ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | +| ingresses[0].className | string | `""` | Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use | +| ingresses[0].enabled | bool | `true` | | +| ingresses[0].endpoints | list | `["ids"]` | EDC endpoints exposed by this ingress resource | +| ingresses[0].hostname | string | `"edc-controlplane.local"` | The hostname to be used to precisely map incoming traffic onto the underlying network service | +| ingresses[0].tls | bool | `false` | Enables TLS on the ingress resource | +| ingresses[1].annotations | object | `{}` | Additional ingress annotations to add | +| ingresses[1].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | +| ingresses[1].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | +| ingresses[1].className | string | `""` | Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use | +| ingresses[1].enabled | bool | `false` | | +| ingresses[1].endpoints | list | `["data","control"]` | EDC endpoints exposed by this ingress resource | +| ingresses[1].hostname | string | `"edc-controlplane.intranet"` | The hostname to be used to precisely map incoming traffic onto the underlying network service | +| ingresses[1].tls | bool | `false` | Enables TLS on the ingress resource | +| livenessProbe.enabled | bool | `true` | Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | +| logging.properties | string | `".level=INFO\norg.eclipse.dataspaceconnector.level=ALL\nhandlers=java.util.logging.ConsoleHandler\njava.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter\njava.util.logging.ConsoleHandler.level=ALL\njava.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n"` | EDC logging.properties configuring the [java.util.logging subsystem](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html#a1.8) | +| nameOverride | string | `""` | Overrides the charts name | +| nodeSelector | object | `{}` | [Node-Selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain the Pod to nodes with specific labels. | +| opentelemetry.properties | string | `"otel.javaagent.enabled=true\notel.javaagent.debug=false"` | opentelemetry.properties configuring the [opentelemetry agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) | +| podAnnotations | object | `{}` | [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) added to deployed [pods](https://kubernetes.io/docs/concepts/workloads/pods/) | +| podSecurityContext | object | `{}` | The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment | +| readinessProbe.enabled | bool | `true` | Whether to enable kubernetes readiness-probes | +| replicaCount | int | `1` | Specifies how many replicas of a deployed pod shall be created during the deployment Note: If horizontal pod autoscaling is enabled this setting has no effect | +| resources | object | `{}` | [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod | +| securityContext.runAsNonRoot | bool | `true` | Requires the container to run without root privileges | +| securityContext.runAsUser | int | `1000` | The container's process will run with the specified uid | +| service.type | string | `"ClusterIP"` | [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. | +| serviceAccount.annotations | object | `{}` | [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a [service account](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created per release | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the release's fullname template | +| startupProbe.enabled | bool | `true` | Whether to enable kubernetes startup-probes | +| tolerations | list | `[]` | [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) are applied to Pods to schedule onto nodes with matching taints. | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) diff --git a/deployment/helm/edc-controlplane/README.md.gotmpl b/deployment/helm/edc-controlplane/README.md.gotmpl new file mode 100644 index 000000000..95c28338e --- /dev/null +++ b/deployment/helm/edc-controlplane/README.md.gotmpl @@ -0,0 +1,25 @@ +{{ template "chart.header" . }} + +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +## TL;DR +```shell +$ helm repo add catenax-ng-product-edc https://catenax-ng.github.io/product-edc +$ helm install my-release catenax-ng-product-edc/edc-controlplane +``` + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} diff --git a/deployment/helm/edc-controlplane/values.yaml b/deployment/helm/edc-controlplane/values.yaml index f832b06a1..25f40018c 100644 --- a/deployment/helm/edc-controlplane/values.yaml +++ b/deployment/helm/edc-controlplane/values.yaml @@ -3,203 +3,162 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. +# -- Specifies how many replicas of a deployed pod shall be created during the deployment +# Note: If horizontal pod autoscaling is enabled this setting has no effect replicaCount: 1 image: - ## - ## Which derivate of the edc controlplane to use. - ## One of: - ## * ghcr.io/catenax-ng/product-edc/edc-controlplane-memory - ## * ghcr.io/catenax-ng/product-edc/edc-controlplane-postgresql - ## * ghcr.io/catenax-ng/product-edc/edc-controlplane-cosmosdb - ## + # -- Which derivate of the edc controlplane to use. + # One of: [ghcr.io/catenax-ng/product-edc/edc-controlplane-memory, , ghcr.io/catenax-ng/product-edc/edc-controlplane-postgresql, ghcr.io/catenax-ng/product-edc/edc-controlplane-cosmosdb] repository: ghcr.io/catenax-ng/product-edc/edc-controlplane-memory + # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use pullPolicy: IfNotPresent - ## - ## Overrides the image tag whose default is the chart appVersion. - ## + # -- Overrides the image tag whose default is the chart appVersion. tag: "" -## -## Image pull secret to create to obtain the container image -## Note: 'imagePullSecret.dockerconfigjson' takes precedence if configured together with 'imagePullSecrets' -## imagePullSecret: + # -- Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) + # Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). + # Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. dockerconfigjson: "" -## -## Existing image pull secret to use to obtain the container image -## +# -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) imagePullSecrets: [] +# -- Overrides the charts name nameOverride: "" + +# -- Overrides the releases full name fullnameOverride: "" serviceAccount: - ## - ## Specifies whether a service account should be created per release - ## + # -- Specifies whether a [service account](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created per release create: true - ## - ## Annotations to add to the service account - ## + # -- [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to the service account annotations: {} - ## - ## The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - ## + # -- The name of the service account to use. If not set and create is true, a name is generated using the release's fullname template name: "" +# -- [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) added to deployed [pods](https://kubernetes.io/docs/concepts/workloads/pods/) podAnnotations: {} +# -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment podSecurityContext: {} -# fsGroup: 2000 + # runAsUser: 1000 + # runAsGroup: 3000 + # fsGroup: 2000 +# The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod securityContext: # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true - # runAsNonRoot: true - runAsUser: 1001 + # -- Requires the container to run without root privileges + runAsNonRoot: true + # -- The container's process will run with the specified uid + runAsUser: 1000 -## -## Whether to enable kubernetes liveness-probes -## livenessProbe: + # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) enabled: true -## -## Whether to enable kubernetes readiness-probes -## readinessProbe: + # -- Whether to enable kubernetes readiness-probes enabled: true -## -## Whether to enable kubernetes startup-probes -## startupProbe: + # -- Whether to enable kubernetes startup-probes enabled: true -## -## EDC endpoints exposed by the conrol-plane -## +## EDC endpoints exposed by the control-plane edc: endpoints: - # Default api exposing health checks etc + ## Default api exposing health checks etc default: + # -- The network port, which the "default" api is going to be exposed by the container, pod and service port: "8080" + # -- The path mapping the "default" api is going to be exposed at path: /api - ingress: false - # Data management API + ## Data management API data: + # -- The network port, which the "data" management api is going to be exposed by the container, pod and service port: "8181" + # -- The path mapping the "data" management api is going to be exposed at path: /data - ingress: true - # Validation API + ## Validation API validation: + # -- The network port, which the "validation" api is going to be exposed by the container, pod and service port: "8182" + # -- The path mapping the "validation" api is going to be exposed at path: /validation - ingress: false - # Control API + ## Control API control: + # -- The network port, which the "control" api is going to be exposed by the container, pod and service port: "9999" + # -- The path mapping the "control" api is going to be exposed at path: /api/controlplane/control - ingress: true - # IDS endpoints + ## IDS endpoints ids: + # -- The network port, which the "ids" multipart api is going to be exposed by the container, pod and service port: "8282" + # -- The path mapping the "ids" multipart api is going to be exposed at path: /api/v1/ids - ingress: true - # Prometheus endpoint + ## Prometheus endpoint metrics: + # -- The network port, which the prometheus metrics are going to be exposed by the container, pod and service port: "9090" + # -- The path mapping the prometheus metrics are going to be exposed at path: /metrics - ingress: false -## -## Service to expose the running application on a set of Pods as a network service. -## service: + # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. type: ClusterIP -## ## Ingress declaration to expose the network service. -## ingresses: ## Public / Internet facing Ingress - enabled: true - ## - ## The hostname to be used to precisely map incoming traffic onto the underlying network service - ## + # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "edc-controlplane.local" - ## - ## Additional ingress annotations to add - ## + # -- Additional ingress annotations to add annotations: {} - ## - ## EDC endpoints exposed by this ingress resource - ## + # -- EDC endpoints exposed by this ingress resource endpoints: - ids - ## - ## Defines the ingress class to use https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class - ## + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use className: "" - ## - ## Enables TLS on the ingress resource - ## + # -- Enables TLS on the ingress resource tls: false - ## - ## Adds cert-manager annotations to the ingress - ## + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource certManager: - ## - ## If preset enables certificate generation via cert-manager namespace scoped issuer - ## + # -- If preset enables certificate generation via cert-manager namespace scoped issuer issuer: "" - ## - ## If preset enables certificate generation via cert-manager cluster-wide issuer - ## + # -- If preset enables certificate generation via cert-manager cluster-wide issuer clusterIssuer: "" ## Private / Intranet facing Ingress - enabled: false - ## - ## The hostname to be used to precisely map incoming traffic onto the underlying network service - ## + # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "edc-controlplane.intranet" - ## - ## Additional ingress annotations to add - ## + # -- Additional ingress annotations to add annotations: {} - ## - ## EDC endpoints exposed by this ingress resource - ## + # -- EDC endpoints exposed by this ingress resource endpoints: - data - control - ## - ## Defines the ingress class to use https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class - ## + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use className: "" - ## - ## Enables TLS on the ingress resource - ## + # -- Enables TLS on the ingress resource tls: false - ## - ## Adds cert-manager annotations to the ingress - ## + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource certManager: - ## - ## If preset enables certificate generation via cert-manager namespace scoped issuer - ## + # -- If preset enables certificate generation via cert-manager namespace scoped issuer issuer: "" - ## - ## If preset enables certificate generation via cert-manager cluster-wide issuer - ## + # -- If preset enables certificate generation via cert-manager cluster-wide issuer clusterIssuer: "" +# -- [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod resources: {} # We usually recommend not to specify default resources and to leave this as a conscious @@ -214,31 +173,34 @@ resources: # memory: 128Mi autoscaling: + # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) enabled: false + # -- Minimal replicas if resource consumption falls below resource threshholds minReplicas: 1 + # -- Maximum replicas if resource consumption exceeds resource threshholds maxReplicas: 100 + # -- targetAverageUtilization of cpu provided to a pod targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 + # -- targetAverageUtilization of memory provided to a pod + targetMemoryUtilizationPercentage: 80 +# -- [Node-Selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain the Pod to nodes with specific labels. nodeSelector: {} +# -- [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) are applied to Pods to schedule onto nodes with matching taints. tolerations: [] +# -- [Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) constrains which nodes the Pod can be scheduled on based on node labels. affinity: {} -## -## Container environment variables -## e.g. for configuring JAVA_TOOL_OPTIONS (see: https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) -## -## JAVA_TOOL_OPTIONS: > -## -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 -## +# -- Container environment variables e.g. for configuring [JAVA_TOOL_OPTIONS](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) +# Ex.: +# JAVA_TOOL_OPTIONS: > +# -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 env: {} -## -## EDC logging.properties configuring the java.util.logging subsystem -## logging: + # -- EDC logging.properties configuring the [java.util.logging subsystem](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html#a1.8) properties: |- .level=INFO org.eclipse.dataspaceconnector.level=ALL @@ -247,22 +209,14 @@ logging: java.util.logging.ConsoleHandler.level=ALL java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n -## -## opentelemetry.properties configuring the opentelemetry agent -## -## See https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/ for further configuration options -## opentelemetry: + # -- opentelemetry.properties configuring the [opentelemetry agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) properties: |- otel.javaagent.enabled=true otel.javaagent.debug=false -## -## EDC configuration.properties -## -## Consult the eclipse-dataspaceconnector documentation for further details: https://github.com/eclipse-dataspaceconnector/DataSpaceConnector -## configuration: + # -- EDC configuration.properties configuring aspects of the [eclipse-dataspaceconnector](https://github.com/eclipse-dataspaceconnector/DataSpaceConnector) properties: |- # edc.api.auth.key= # edc.api.control.auth.apikey.key= diff --git a/deployment/helm/edc-dataplane/Chart.yaml b/deployment/helm/edc-dataplane/Chart.yaml index 82559407b..3c3ff8e38 100644 --- a/deployment/helm/edc-dataplane/Chart.yaml +++ b/deployment/helm/edc-dataplane/Chart.yaml @@ -1,9 +1,10 @@ --- apiVersion: v2 name: edc-dataplane -description: EDC Data-Plane +description: >- + EDC Data-Plane - The Eclipse DataSpaceConnector data layer with responsibility of transferring and receiving data streams home: https://github.com/catenax-ng/product-edc/deployment/helm/edc-dataplane type: application -appVersion: "0.0.1" -version: 0.0.1 +appVersion: "0.0.2" +version: 0.0.2 maintainers: [] diff --git a/deployment/helm/edc-dataplane/README.md b/deployment/helm/edc-dataplane/README.md index acc4aa7c8..1b634fa17 100644 --- a/deployment/helm/edc-dataplane/README.md +++ b/deployment/helm/edc-dataplane/README.md @@ -1 +1,69 @@ -# edc-dataplane Helm Chart \ No newline at end of file +# edc-dataplane + +![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) + +EDC Data-Plane - The Eclipse DataSpaceConnector data layer with responsibility of transferring and receiving data streams + +**Homepage:** + +## TL;DR +```shell +$ helm repo add catenax-ng-product-edc https://catenax-ng.github.io/product-edc +$ helm install my-release catenax-ng-product-edc/edc-dataplane +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | [Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) constrains which nodes the Pod can be scheduled on based on node labels. | +| autoscaling.enabled | bool | `false` | Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | +| autoscaling.maxReplicas | int | `100` | Maximum replicas if resource consumption exceeds resource threshholds | +| autoscaling.minReplicas | int | `1` | Minimal replicas if resource consumption falls below resource threshholds | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | targetAverageUtilization of cpu provided to a pod | +| autoscaling.targetMemoryUtilizationPercentage | int | `80` | targetAverageUtilization of memory provided to a pod | +| configuration.properties | string | `"# edc.api.control.auth.apikey.key=\n# edc.api.control.auth.apikey.value=\n# edc.assetindex.cosmos.account-name=\n# edc.assetindex.cosmos.container-name=\n# edc.assetindex.cosmos.database-name=\n# edc.assetindex.cosmos.preferred-region=\n# edc.atomikos.checkpoint.interval=\n# edc.atomikos.directory=\n# edc.atomikos.logging=\n# edc.atomikos.threaded2pc=\n# edc.atomikos.timeout=\n# edc.aws.access.key=\n# edc.aws.provision.retry.retries.max=\n# edc.aws.provision.role.duration.session.max=\n# edc.aws.secret.access.key=\n# edc.blobstore.endpoint=\n# edc.contractdefinitionstore.cosmos.account-name=\n# edc.contractdefinitionstore.cosmos.container-name=\n# edc.contractdefinitionstore.cosmos.database-name=\n# edc.contractdefinitionstore.cosmos.preferred-region=\n# edc.contractnegotiationstore.cosmos.account-name=\n# edc.contractnegotiationstore.cosmos.container-name=\n# edc.contractnegotiationstore.cosmos.database-name=\n# edc.contractnegotiationstore.cosmos.preferred-region=\n# edc.controlplane.validation-endpoint=\n# edc.core.retry.backoff.max=\n# edc.core.retry.backoff.min=\n# edc.core.retry.retries.max=\n# edc.core.system.health.check.liveness-period=\n# edc.core.system.health.check.readiness-period=\n# edc.core.system.health.check.startup-period=\n# edc.core.system.health.check.threadpool-size=\n# edc.cosmos.partition-key=\n# edc.cosmos.query-metrics-enabled=\n# edc.dataplane.queue.capacity=\n# edc.dataplane.wait=\n# edc.dataplane.workers=\n# edc.datasource.asset.name=\"default\"\n# edc.datasource.contractdefinition.name=\"default\"\n# edc.datasource.contractnegotiation.name=\"default\"\n# edc.datasource.policy.name=\"default\"\n# edc.datasource.transferprocess.name=\"default\"\n# edc.datasource.default.pool.maxIdleConnections=\n# edc.datasource.default.pool.maxTotalConnections=\n# edc.datasource.default.pool.minIdleConnections=\n# edc.datasource.default.pool.testConnectionOnBorrow=\n# edc.datasource.default.pool.testConnectionOnCreate=\n# edc.datasource.default.pool.testConnectionOnReturn=\n# edc.datasource.default.pool.testConnectionWhileIdle=\n# edc.datasource.default.pool.testQuery=\n# edc.datasource.default.url=\n# edc.datasource.default.user=\n# edc.datasource.default.password=\n# edc.dpf.selector.url=\n# edc.events.topic.endpoint=\n# edc.events.topic.name=\n# edc.fs.config=\n# edc.hostname=\n# edc.identity.did.url=\n# edc.ids.catalog.id=\n# edc.ids.curator=\n# edc.ids.description=\n# edc.ids.endpoint=\n# edc.ids.id=\n# edc.ids.maintainer=\n# edc.ids.security.profile=\n# edc.ids.title=\n# edc.ids.validation.referringconnector=\n# edc.ion.crawler.did-type=\n# edc.ion.crawler.interval-minutes=\n# edc.ion.crawler.ion.url=\n# edc.metrics.enabled=\n# edc.metrics.executor.enabled=\n# edc.metrics.jersey.enabled=\n# edc.metrics.jetty.enabled=\n# edc.metrics.okhttp.enabled=\n# edc.metrics.system.enabled=\n# edc.negotiation.consumer.state-machine.batch-size=\n# edc.negotiation.provider.state-machine.batch-size=\n# edc.node.directory.cosmos.account.name=\n# edc.node.directory.cosmos.container.name=\n# edc.node.directory.cosmos.database.name=\n# edc.node.directory.cosmos.preferred.region=\n# edc.oauth.client.id=\n# edc.oauth.private.key.alias=\n# edc.oauth.provider.audience=\n# edc.oauth.provider.jwks.refresh=\n# edc.oauth.provider.jwks.url=\n# edc.oauth.public.key.alias=\n# edc.oauth.token.url=\n# edc.oauth.validation.nbf.leeway=\n# edc.receiver.http.auth-code=\n# edc.receiver.http.auth-key=\n# edc.receiver.http.endpoint=\n# edc.transfer.proxy.endpoint=\n# edc.transfer.dataplane.sync.token.validity=\n# edc.transfer.proxy.token.signer.privatekey.alias=\n# edc.transfer.functions.check.endpoint=\n# edc.transfer.functions.enabled.protocols=\n# edc.transfer.functions.transfer.endpoint=\n# edc.transfer-process-store.cosmos.account.name=\n# edc.transfer-process-store.cosmos.container-name=\n# edc.transfer-process-store.cosmos.preferred-region=\n# edc.transfer-process-store.database.name=\n# edc.transfer.state-machine.batch-size=\n# edc.vault=\n# edc.vault.certificate=\n# edc.vault.clientid=\n# edc.vault.clientsecret=\n# edc.vault.name=\n# edc.vault.tenantid=\n# edc.webdid.doh.url=\n# edc.web.rest.cors.enabled=\n# edc.web.rest.cors.headers=\n# edc.web.rest.cors.methods=\n# edc.web.rest.cors.origins="` | EDC configuration.properties configuring aspects of the [eclipse-dataspaceconnector](https://github.com/eclipse-dataspaceconnector/DataSpaceConnector) | +| edc.endpoints.control.path | string | `"/api/dataplane/control"` | The path mapping the "control" api is going to be exposed by | +| edc.endpoints.control.port | string | `"9999"` | The network port, which the "control" api is going to be exposed by the container, pod and service | +| edc.endpoints.default.path | string | `"/api"` | The path mapping the "default" api is going to be exposed by | +| edc.endpoints.default.port | string | `"8080"` | The network port, which the "default" api is going to be exposed by the container, pod and service | +| edc.endpoints.metrics.path | string | `"/metrics"` | The path mapping the prometheus metrics are going to be exposed at | +| edc.endpoints.metrics.port | string | `"9090"` | The network port, which the prometheus metrics are going to be exposed by the container, pod and service | +| edc.endpoints.public.path | string | `"/api/public"` | The path mapping the "public" api is going to be exposed by | +| edc.endpoints.public.port | string | `"8185"` | The network port, which the "public" api is going to be exposed by the container, pod and service | +| env | object | `{}` | Container environment variables e.g. for configuring [JAVA_TOOL_OPTIONS](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) Ex.: JAVA_TOOL_OPTIONS: > -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 | +| fullnameOverride | string | `""` | Overrides the releases full name | +| image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | +| image.repository | string | `"ghcr.io/catenax-ng/product-edc/edc-dataplane"` | Which edc-dataplane container image to use | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | +| imagePullSecret.dockerconfigjson | string | `""` | Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. | +| imagePullSecrets | list | `[]` | Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) | +| ingresses[0].annotations | object | `{}` | Additional ingress annotations to add | +| ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | +| ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | +| ingresses[0].className | string | `""` | Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use | +| ingresses[0].enabled | bool | `true` | | +| ingresses[0].endpoints | list | `["public"]` | EDC endpoints exposed by this ingress resource | +| ingresses[0].hostname | string | `"edc-dataplane.local"` | The hostname to be used to precisely map incoming traffic onto the underlying network service | +| ingresses[0].tls | bool | `false` | Enables TLS on the ingress resource | +| livenessProbe.enabled | bool | `true` | Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | +| logging.properties | string | `".level=INFO\norg.eclipse.dataspaceconnector.level=ALL\nhandlers=java.util.logging.ConsoleHandler\njava.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter\njava.util.logging.ConsoleHandler.level=ALL\njava.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n"` | EDC logging.properties configuring the [java.util.logging subsystem](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html#a1.8) | +| nameOverride | string | `""` | Overrides the charts name | +| nodeSelector | object | `{}` | [Node-Selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain the Pod to nodes with specific labels. | +| opentelemetry.properties | string | `"otel.javaagent.enabled=true\notel.javaagent.debug=false"` | opentelemetry.properties configuring the [opentelemetry agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) | +| podAnnotations | object | `{}` | [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) added to deployed [pods](https://kubernetes.io/docs/concepts/workloads/pods/) | +| podSecurityContext | object | `{}` | The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment | +| readinessProbe.enabled | bool | `true` | Whether to enable kubernetes readiness-probes | +| replicaCount | int | `1` | Specifies how many replicas of a deployed pod shall be created during the deployment Note: If horizontal pod autoscaling is enabled this setting has no effect | +| resources | object | `{}` | [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod | +| securityContext.runAsNonRoot | bool | `true` | Requires the container to run without root privileges | +| securityContext.runAsUser | int | `1000` | The container's process will run with the specified uid | +| service.type | string | `"ClusterIP"` | [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. | +| serviceAccount.annotations | object | `{}` | [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a [service account](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created per release | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the release's fullname template | +| startupProbe.enabled | bool | `true` | Whether to enable kubernetes startup-probes | +| tolerations | list | `[]` | [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) are applied to Pods to schedule onto nodes with matching taints. | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) diff --git a/deployment/helm/edc-dataplane/README.md.gotmpl b/deployment/helm/edc-dataplane/README.md.gotmpl new file mode 100644 index 000000000..0e9ca3d5d --- /dev/null +++ b/deployment/helm/edc-dataplane/README.md.gotmpl @@ -0,0 +1,25 @@ +{{ template "chart.header" . }} + +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +## TL;DR +```shell +$ helm repo add catenax-ng-product-edc https://catenax-ng.github.io/product-edc +$ helm install my-release catenax-ng-product-edc/edc-dataplane +``` + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} diff --git a/deployment/helm/edc-dataplane/values.yaml b/deployment/helm/edc-dataplane/values.yaml index e63ce75d8..a652f9530 100644 --- a/deployment/helm/edc-dataplane/values.yaml +++ b/deployment/helm/edc-dataplane/values.yaml @@ -3,153 +3,128 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. +# -- Specifies how many replicas of a deployed pod shall be created during the deployment +# Note: If horizontal pod autoscaling is enabled this setting has no effect replicaCount: 1 image: - ## - ## Which edc-dataplane container image to use. - ## + # -- Which edc-dataplane container image to use repository: ghcr.io/catenax-ng/product-edc/edc-dataplane + # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use pullPolicy: IfNotPresent - ## - ## Overrides the image tag whose default is the chart appVersion. - ## + # -- Overrides the image tag whose default is the chart appVersion tag: "" -## -## Image pull secret to create to obtain the container image -## Note: 'imagePullSecret.dockerconfigjson' takes precedence if configured together with 'imagePullSecrets' -## imagePullSecret: + # -- Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) + # Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). + # Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. dockerconfigjson: "" -## -## Existing image pull secret to use to obtain the container image -## +# -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) imagePullSecrets: [] +# -- Overrides the charts name nameOverride: "" + +# -- Overrides the releases full name fullnameOverride: "" serviceAccount: - ## - ## Specifies whether a service account should be created per release - ## + # -- Specifies whether a [service account](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created per release create: true - ## - ## Annotations to add to the service account - ## + # -- [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to the service account annotations: {} - ## - ## The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - ## + # -- The name of the service account to use. If not set and create is true, a name is generated using the release's fullname template name: "" +# -- [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) added to deployed [pods](https://kubernetes.io/docs/concepts/workloads/pods/) podAnnotations: {} +# -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment podSecurityContext: {} + # runAsUser: 1000 + # runAsGroup: 3000 # fsGroup: 2000 +# The [container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) defines privilege and access control settings for a Container within a pod securityContext: - {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true - # runAsNonRoot: true -# runAsUser: 1000 + # -- Requires the container to run without root privileges + runAsNonRoot: true + # -- The container's process will run with the specified uid + runAsUser: 1000 -## -## Whether to enable kubernetes liveness-probes -## livenessProbe: + # -- Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) enabled: true -## -## Whether to enable kubernetes readiness-probes -## readinessProbe: + # -- Whether to enable kubernetes readiness-probes enabled: true -## -## Whether to enable kubernetes startup-probes -## startupProbe: + # -- Whether to enable kubernetes startup-probes enabled: true -## ## EDC endpoints exposed by the data-plane -## edc: endpoints: - # Default api exposing health checks etc + ## Default api exposing health checks etc default: + # -- The network port, which the "default" api is going to be exposed by the container, pod and service port: "8080" + # -- The path mapping the "default" api is going to be exposed by path: /api - ingress: false - # Public endpoint for data transfer + ## Public endpoint for data transfer public: + # -- The network port, which the "public" api is going to be exposed by the container, pod and service port: "8185" + # -- The path mapping the "public" api is going to be exposed by path: /api/public - ingress: true - # Control API + ## Control API control: + # -- The network port, which the "control" api is going to be exposed by the container, pod and service port: "9999" + # -- The path mapping the "control" api is going to be exposed by path: /api/dataplane/control - ingress: true - # Prometheus endpoint + ## Prometheus endpoint metrics: + # -- The network port, which the prometheus metrics are going to be exposed by the container, pod and service port: "9090" + # -- The path mapping the prometheus metrics are going to be exposed at path: /metrics - ingress: false -## -## Service to expose the running application on a set of Pods as a network service. -## service: + # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service. type: ClusterIP -## ## Ingress declaration to expose the network service. -## ingresses: ## Public / Internet facing Ingress - enabled: true - ## - ## The hostname to be used to precisely map incoming traffic onto the underlying network service - ## + # -- The hostname to be used to precisely map incoming traffic onto the underlying network service hostname: "edc-dataplane.local" - ## - ## Additional ingress annotations to add - ## + # -- Additional ingress annotations to add annotations: {} - ## - ## EDC endpoints exposed by this ingress resource - ## + # -- EDC endpoints exposed by this ingress resource endpoints: - public - ## - ## Defines the ingress class to use https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class - ## + # -- Defines the [ingress class](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) to use className: "" - ## - ## Enables TLS on the ingress resource - ## + # -- Enables TLS on the ingress resource tls: false - ## - ## Adds cert-manager annotations to the ingress - ## + ## Adds [cert-manager](https://cert-manager.io/docs/) annotations to the ingress resource certManager: - ## - ## If preset enables certificate generation via cert-manager namespace scoped issuer - ## + # -- If preset enables certificate generation via cert-manager namespace scoped issuer issuer: "" - ## - ## If preset enables certificate generation via cert-manager cluster-wide issuer - ## + # -- If preset enables certificate generation via cert-manager cluster-wide issuer clusterIssuer: "" +# -- [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod resources: {} # We usually recommend not to specify default resources and to leave this as a conscious @@ -164,31 +139,34 @@ resources: # memory: 128Mi autoscaling: + # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) enabled: false + # -- Minimal replicas if resource consumption falls below resource threshholds minReplicas: 1 + # -- Maximum replicas if resource consumption exceeds resource threshholds maxReplicas: 100 + # -- targetAverageUtilization of cpu provided to a pod targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 + # -- targetAverageUtilization of memory provided to a pod + targetMemoryUtilizationPercentage: 80 +# -- [Node-Selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain the Pod to nodes with specific labels. nodeSelector: {} +# -- [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) are applied to Pods to schedule onto nodes with matching taints. tolerations: [] +# -- [Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) constrains which nodes the Pod can be scheduled on based on node labels. affinity: {} -## -## Container environment variables -## e.g. for configuring JAVA_TOOL_OPTIONS (see: https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) -## -## JAVA_TOOL_OPTIONS: > -## -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 -## +# -- Container environment variables e.g. for configuring [JAVA_TOOL_OPTIONS](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) +# Ex.: +# JAVA_TOOL_OPTIONS: > +# -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 env: {} -## -## EDC logging.properties configuring the java.util.logging subsystem -## logging: + # -- EDC logging.properties configuring the [java.util.logging subsystem](https://docs.oracle.com/javase/7/docs/technotes/guides/logging/overview.html#a1.8) properties: |- .level=INFO org.eclipse.dataspaceconnector.level=ALL @@ -197,22 +175,14 @@ logging: java.util.logging.ConsoleHandler.level=ALL java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n -## -## opentelemetry.properties configuring the opentelemetry agent -## -## See https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/ for further configuration options -## opentelemetry: + # -- opentelemetry.properties configuring the [opentelemetry agent](https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/) properties: |- otel.javaagent.enabled=true otel.javaagent.debug=false -## -## EDC configuration.properties -## -## Consult the eclipse-dataspaceconnector documentation for further details: https://github.com/eclipse-dataspaceconnector/DataSpaceConnector -## configuration: + # -- EDC configuration.properties configuring aspects of the [eclipse-dataspaceconnector](https://github.com/eclipse-dataspaceconnector/DataSpaceConnector) properties: |- # edc.api.control.auth.apikey.key= # edc.api.control.auth.apikey.value= diff --git a/edc b/edc index 79fe5d3ca..dc8ff6d56 160000 --- a/edc +++ b/edc @@ -1 +1 @@ -Subproject commit 79fe5d3cacf7c323b02fc09110e81ec28b37d8e6 +Subproject commit dc8ff6d5681e80db284b6fb5d418b131eae6af57 diff --git a/edc-controlplane/README.md b/edc-controlplane/README.md index bda80caac..f1cf32338 100644 --- a/edc-controlplane/README.md +++ b/edc-controlplane/README.md @@ -448,7 +448,7 @@ __publicContractDefinition=" }" # Call Data Mgmt API -curl -X POST "$__connectorUrl/$__dataMgmtPath/policies" --header "$__apiKey: $__apiKeyValue" --header "Content-Type: application/json" --data "$__publicContractDefinition" +curl -X POST "$__connectorUrl/$__dataMgmtPath/contractdefinitions" --header "$__apiKey: $__apiKeyValue" --header "Content-Type: application/json" --data "$__publicContractDefinition" ``` #### Bash Parameters @@ -468,7 +468,7 @@ curl -X POST "$__connectorUrl/$__dataMgmtPath/policies" --header "$__apiKey: $__ Get Contract Definition ```bash -curl -X GET "$__connectorUrl/$__dataMgmtPath/policies/$__policyId" --header "$__apiKey: $__apiKeyValue" --header "Content-Type: application/json" | jq +curl -X GET "$__connectorUrl/$__dataMgmtPath/contractdefinitions/$__contractDefinitionId" --header "$__apiKey: $__apiKeyValue" --header "Content-Type: application/json" | jq ``` ### 4. Get Contract Offer Catalog diff --git a/edc-controlplane/edc-controlplane-cosmosdb/pom.xml b/edc-controlplane/edc-controlplane-cosmosdb/pom.xml index 3f29c4bf0..7faedc745 100644 --- a/edc-controlplane/edc-controlplane-cosmosdb/pom.xml +++ b/edc-controlplane/edc-controlplane-cosmosdb/pom.xml @@ -16,7 +16,7 @@ net.catenax.edc edc-controlplane - 0.0.1 + 0.0.2 4.0.0 diff --git a/edc-controlplane/edc-controlplane-memory/README.md b/edc-controlplane/edc-controlplane-memory/README.md index e8349e646..bf617c21f 100644 --- a/edc-controlplane/edc-controlplane-memory/README.md +++ b/edc-controlplane/edc-controlplane-memory/README.md @@ -36,6 +36,14 @@ Details regarding each configuration property can be found at the [documentary s | edc.api.control.auth.apikey.key | | X-Api-Key | | | edc.api.control.auth.apikey.value | | super-strong-api-key | | | edc.hostname | | localhost | | +| edc.oauth.token.url | X | https://daps.catena-x.net | | +| edc.oauth.public.key.alias | X | key-to-daps-certificate-in-keyvault | | +| edc.oauth.private.key.alias | X | key-to-private-key-in-keyvault | | +| edc.oauth.client.id | X | daps-oauth-client-id | | +| edc.vault.clientid | X | 00000000-1111-2222-3333-444444444444 | | +| edc.vault.tenantid | X | 55555555-6666-7777-8888-999999999999 | | +| edc.vault.name | X | my-vault-name | | +| edc.vault.clientsecret | X | 34-chars-secret | | | edc.transfer.proxy.endpoint | X | | | | edc.transfer.proxy.token.signer.privatekey.alias | X | | | @@ -76,6 +84,11 @@ edc.api.control.auth.apikey.value=pass edc.hostname=localhost +# OAuth / DAPS related configuration +edc.oauth.token.url=https://daps.catena-x.net +edc.oauth.public.key.alias=key-to-daps-certificate-in-keyvault +edc.oauth.private.key.alias=key-to-private-key-in-keyvault +edc.oauth.client.id=daps-oauth-client-id # Azure vault related configuration edc.vault.clientid=00000000-1111-2222-3333-444444444444 diff --git a/edc-controlplane/edc-controlplane-memory/pom.xml b/edc-controlplane/edc-controlplane-memory/pom.xml index e5dc13323..0f10692fb 100644 --- a/edc-controlplane/edc-controlplane-memory/pom.xml +++ b/edc-controlplane/edc-controlplane-memory/pom.xml @@ -16,7 +16,7 @@ edc-controlplane net.catenax.edc - 0.0.1 + 0.0.2 4.0.0 @@ -186,7 +186,11 @@ org.eclipse.dataspaceconnector - iam-mock + oauth2-core + + + org.eclipse.dataspaceconnector + iam-daps diff --git a/edc-controlplane/edc-controlplane-postgresql/pom.xml b/edc-controlplane/edc-controlplane-postgresql/pom.xml index dc858c527..65ec75b43 100644 --- a/edc-controlplane/edc-controlplane-postgresql/pom.xml +++ b/edc-controlplane/edc-controlplane-postgresql/pom.xml @@ -16,7 +16,7 @@ edc-controlplane net.catenax.edc - 0.0.1 + 0.0.2 4.0.0 diff --git a/edc-controlplane/pom.xml b/edc-controlplane/pom.xml index f62453891..8b4cc5d9e 100644 --- a/edc-controlplane/pom.xml +++ b/edc-controlplane/pom.xml @@ -18,7 +18,7 @@ net.catenax.edc product-edc-parent - 0.0.1 + 0.0.2 edc-controlplane diff --git a/edc-dataplane/pom.xml b/edc-dataplane/pom.xml index 6bd3421f2..d3ef6b593 100644 --- a/edc-dataplane/pom.xml +++ b/edc-dataplane/pom.xml @@ -18,7 +18,7 @@ net.catenax.edc product-edc-parent - 0.0.1 + 0.0.2 edc-dataplane jar diff --git a/edc-extensions/aas-controller/pom.xml b/edc-extensions/aas-controller/pom.xml index 6398e76a5..569b6b26f 100644 --- a/edc-extensions/aas-controller/pom.xml +++ b/edc-extensions/aas-controller/pom.xml @@ -18,7 +18,7 @@ net.catenax.edc.extensions edc-extensions - 0.0.1 + 0.0.2 aas-controller diff --git a/edc-extensions/business-partner-validation/pom.xml b/edc-extensions/business-partner-validation/pom.xml index dc336cb75..9c06babc2 100644 --- a/edc-extensions/business-partner-validation/pom.xml +++ b/edc-extensions/business-partner-validation/pom.xml @@ -18,7 +18,7 @@ net.catenax.edc.extensions edc-extensions - 0.0.1 + 0.0.2 business-partner-validation jar diff --git a/edc-extensions/pom.xml b/edc-extensions/pom.xml index c7cbf0615..b1f92fbab 100644 --- a/edc-extensions/pom.xml +++ b/edc-extensions/pom.xml @@ -18,7 +18,7 @@ net.catenax.edc product-edc-parent - 0.0.1 + 0.0.2 net.catenax.edc.extensions diff --git a/edc-extensions/postgresql-migration/pom.xml b/edc-extensions/postgresql-migration/pom.xml index f2e543a80..6be92f2be 100644 --- a/edc-extensions/postgresql-migration/pom.xml +++ b/edc-extensions/postgresql-migration/pom.xml @@ -16,7 +16,7 @@ edc-extensions net.catenax.edc.extensions - 0.0.1 + 0.0.2 4.0.0 diff --git a/pom.xml b/pom.xml index 76d6f5eea..50310bc89 100644 --- a/pom.xml +++ b/pom.xml @@ -18,7 +18,7 @@ net.catenax.edc product-edc-parent - 0.0.1 + 0.0.2 pom @@ -53,7 +53,7 @@ 1.2.1 3.1.0 42.3.5 - 8.5.10 + 8.5.11 5.8.2 @@ -943,7 +943,7 @@ org.glassfish.jaxb jaxb-runtime - 2.3.6 + 3.0.2