From 3e8a74e9f6d13f60080365f2b2e3849198832441 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20J=C3=A4ckle?= Date: Fri, 7 Jul 2023 13:58:18 +0200 Subject: [PATCH 1/5] fix that CreationRestrictionPreEnforcer did not work MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * reason was that wrong config was loaded - and e.g. system properties overwrites were not applied * also cleaned up and improved documentation of that feature Signed-off-by: Thomas Jäckle --- .../ditto/base/model/common/LikeHelper.java | 5 +++- .../pages/ditto/installation-operating.md | 28 ++++++++++++------- .../main/resources/ditto-entity-creation.conf | 15 +++++++++- .../DefaultCreationRestrictionConfig.java | 20 +++++++------ .../config/DefaultEntityCreationConfig.java | 2 +- .../pre/CreationRestrictionPreEnforcer.java | 4 ++- .../resources/entity-creation/default.conf | 2 +- .../entity-creation/restricted1.conf | 2 +- 8 files changed, 54 insertions(+), 24 deletions(-) diff --git a/base/model/src/main/java/org/eclipse/ditto/base/model/common/LikeHelper.java b/base/model/src/main/java/org/eclipse/ditto/base/model/common/LikeHelper.java index 75a3d9bd56..e25db8a962 100644 --- a/base/model/src/main/java/org/eclipse/ditto/base/model/common/LikeHelper.java +++ b/base/model/src/main/java/org/eclipse/ditto/base/model/common/LikeHelper.java @@ -14,6 +14,8 @@ import java.util.regex.Pattern; +import javax.annotation.Nullable; + /** * A helper to create "like" patterns. * @@ -40,7 +42,8 @@ private LikeHelper() { * @param expression The wildcard expression to convert. * @return The regular expression, which can be compiled with {@link Pattern#compile(String)}. */ - public static String convertToRegexSyntax(final String expression) { + @Nullable + public static String convertToRegexSyntax(@Nullable final String expression) { if (expression == null) { return null; } diff --git a/documentation/src/main/resources/pages/ditto/installation-operating.md b/documentation/src/main/resources/pages/ditto/installation-operating.md index e12756f5d1..aeba2c62a8 100644 --- a/documentation/src/main/resources/pages/ditto/installation-operating.md +++ b/documentation/src/main/resources/pages/ditto/installation-operating.md @@ -260,16 +260,24 @@ The basic schema is: ``` # restrict entity creation ditto.entity-creation { - grant = [ - { - resource-types = [], - namespace = [] - auth-subjects = [] - } - ] - revoke = [ - # same as "grant", but rejecting requests which already passed "grant" - ] + # this default entry allows every authenticated "auth-subject" to create any "resource-type" in any "namespace": + grant = [ + { + resource-types = [ +// "policy" +// "thing" + ] + namespaces = [ +// "org.eclipse.ditto*" + ] + auth-subjects = [ +// "pre:ditto-*" + ] + } + ] + revoke = [ + # same as "grant", but rejecting requests which already passed "grant" + ] } ``` diff --git a/internal/utils/config/src/main/resources/ditto-entity-creation.conf b/internal/utils/config/src/main/resources/ditto-entity-creation.conf index 9f9286739c..2cd95bef80 100644 --- a/internal/utils/config/src/main/resources/ditto-entity-creation.conf +++ b/internal/utils/config/src/main/resources/ditto-entity-creation.conf @@ -2,7 +2,20 @@ ditto.entity-creation { # this default entry allows every authenticated "auth-subject" to create any "resource-type" in any "namespace": - grant = [{}] + grant = [ + { + resource-types = [ +// "policy" +// "thing" + ] + namespaces = [ +// "org.eclipse.ditto*" + ] + auth-subjects = [ +// "pre:ditto-*" + ] + } + ] # same as "grant", but rejecting requests which already passed "grant" revoke = [] } diff --git a/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/config/DefaultCreationRestrictionConfig.java b/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/config/DefaultCreationRestrictionConfig.java index 2714d017ce..0ba36ad9f8 100644 --- a/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/config/DefaultCreationRestrictionConfig.java +++ b/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/config/DefaultCreationRestrictionConfig.java @@ -30,23 +30,27 @@ @Immutable public final class DefaultCreationRestrictionConfig implements CreationRestrictionConfig { - private static final String RESOURCE_TYPES_CONFIG_PATH = "resource-types"; - private static final String NAMESPACES_CONFIG_PATH = "namespaces"; - private static final String AUTH_SUBJECTS_CONFIG_PATH = "auth-subjects"; - private final Set resourceTypes; private final List namespacePatterns; private final List authSubjectPatterns; private DefaultCreationRestrictionConfig(final ConfigWithFallback configWithFallback) { - this.resourceTypes = Set.copyOf(configWithFallback.getStringList(RESOURCE_TYPES_CONFIG_PATH)); - this.namespacePatterns = compile(List.copyOf(configWithFallback.getStringList(NAMESPACES_CONFIG_PATH))); - this.authSubjectPatterns = compile(List.copyOf(configWithFallback.getStringList(AUTH_SUBJECTS_CONFIG_PATH))); + this.resourceTypes = Set.copyOf(configWithFallback.getStringList( + CreationRestrictionConfigValues.RESOURCE_TYPES.getConfigPath() + )); + this.namespacePatterns = compile(List.copyOf(configWithFallback.getStringList( + CreationRestrictionConfigValues.NAMESPACES.getConfigPath()) + )); + this.authSubjectPatterns = compile(List.copyOf(configWithFallback.getStringList( + CreationRestrictionConfigValues.AUTH_SUBJECTS.getConfigPath()) + )); } private static List compile(final List patterns) { return patterns.stream() - .map(expression -> Pattern.compile(LikeHelper.convertToRegexSyntax(expression))) + .map(LikeHelper::convertToRegexSyntax) + .filter(Objects::nonNull) + .map(Pattern::compile) .toList(); } diff --git a/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/config/DefaultEntityCreationConfig.java b/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/config/DefaultEntityCreationConfig.java index 2dcc2050f8..64d9a652dc 100644 --- a/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/config/DefaultEntityCreationConfig.java +++ b/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/config/DefaultEntityCreationConfig.java @@ -28,7 +28,7 @@ @Immutable public final class DefaultEntityCreationConfig implements EntityCreationConfig { - private static final String CONFIG_PATH = "entity-creation"; + private static final String CONFIG_PATH = "ditto.entity-creation"; private final List grant; private final List revoke; diff --git a/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/pre/CreationRestrictionPreEnforcer.java b/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/pre/CreationRestrictionPreEnforcer.java index 67276ee1dd..ad6e0c3b6c 100644 --- a/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/pre/CreationRestrictionPreEnforcer.java +++ b/policies/enforcement/src/main/java/org/eclipse/ditto/policies/enforcement/pre/CreationRestrictionPreEnforcer.java @@ -55,7 +55,9 @@ public final class CreationRestrictionPreEnforcer implements PreEnforcer { */ @SuppressWarnings("unused") public CreationRestrictionPreEnforcer(final ActorSystem actorSystem, final Config config) { - this.config = DefaultEntityCreationConfig.of(config); + // explicitly use the ActorSystem config instead of the PreEnforcer config - as the config is loaded from + // file "ditto-entity-creation.conf" and extending with system properties of that file should not be broken + this.config = DefaultEntityCreationConfig.of(actorSystem.settings().config()); } boolean canCreate(final Context context) { diff --git a/policies/enforcement/src/test/resources/entity-creation/default.conf b/policies/enforcement/src/test/resources/entity-creation/default.conf index 09e7754043..b5a6255acf 100644 --- a/policies/enforcement/src/test/resources/entity-creation/default.conf +++ b/policies/enforcement/src/test/resources/entity-creation/default.conf @@ -1,4 +1,4 @@ -entity-creation { +ditto.entity-creation { grant = [{}] revoke = [] } diff --git a/policies/enforcement/src/test/resources/entity-creation/restricted1.conf b/policies/enforcement/src/test/resources/entity-creation/restricted1.conf index 49cff709b5..ff04466da2 100644 --- a/policies/enforcement/src/test/resources/entity-creation/restricted1.conf +++ b/policies/enforcement/src/test/resources/entity-creation/restricted1.conf @@ -1,4 +1,4 @@ -entity-creation { +ditto.entity-creation { grant = [ { resource-types = ["policy"] From 87c9f67576a752211ee275f29bcc66d4b80a2fda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20J=C3=A4ckle?= Date: Mon, 10 Jul 2023 14:06:41 +0200 Subject: [PATCH 2/5] Helm chart: add support for entity creation via Helm configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Jäckle --- deployment/helm/ditto/Chart.yaml | 2 +- deployment/helm/ditto/local-values.yaml | 12 +++++++ .../ditto/templates/policies-deployment.yaml | 18 ++++++++++ .../ditto/templates/things-deployment.yaml | 18 ++++++++++ deployment/helm/ditto/values.yaml | 34 +++++++++++++++++++ 5 files changed, 83 insertions(+), 1 deletion(-) diff --git a/deployment/helm/ditto/Chart.yaml b/deployment/helm/ditto/Chart.yaml index d3772c7814..44a9aeb513 100644 --- a/deployment/helm/ditto/Chart.yaml +++ b/deployment/helm/ditto/Chart.yaml @@ -16,7 +16,7 @@ description: | A digital twin is a virtual, cloud based, representation of his real world counterpart (real world “Things”, e.g. devices like sensors, smart heating, connected cars, smart grids, EV charging stations etc). type: application -version: 3.3.3 # chart version is effectively set by release-job +version: 3.3.4 # chart version is effectively set by release-job appVersion: 3.3.3 keywords: - iot-chart diff --git a/deployment/helm/ditto/local-values.yaml b/deployment/helm/ditto/local-values.yaml index 9523f26b63..faeb79351f 100644 --- a/deployment/helm/ditto/local-values.yaml +++ b/deployment/helm/ditto/local-values.yaml @@ -40,6 +40,12 @@ policies: - "ditto-originator" - "ditto-origin" - "correlation-id" + entityCreation: + grants: + - namespaces: + - "org.eclipse.ditto.room" + authSubjects: + - "connection:some" ## ---------------------------------------------------------------------------- ## things configuration @@ -58,6 +64,12 @@ things: - "ditto-originator" - "ditto-origin" - "correlation-id" + entityCreation: + grants: + - namespaces: + - "org.eclipse.ditto.room" + authSubjects: + - "connection:some" ## ---------------------------------------------------------------------------- ## things-search configuration diff --git a/deployment/helm/ditto/templates/policies-deployment.yaml b/deployment/helm/ditto/templates/policies-deployment.yaml index 8fc365b063..ea372d7915 100644 --- a/deployment/helm/ditto/templates/policies-deployment.yaml +++ b/deployment/helm/ditto/templates/policies-deployment.yaml @@ -126,6 +126,24 @@ spec: {{- range $index, $header := .Values.policies.config.persistence.events.historicalHeadersToPersist }} "{{ printf "%s%d=%s" "-Dditto.policies.policy.event.historical-headers-to-persist." $index $header }}" {{- end }} + {{- range $grantIdx, $grant := .Values.policies.config.entityCreation.grants }} + "{{ printf "%s%d%s=%s" "-Dditto.entity-creation.grant." $grantIdx ".resource-types.0" "policy" }}" + {{- range $namespaceIdx, $namespace := $grant.namespaces }} + "{{ printf "%s%d%s%d=%s" "-Dditto.entity-creation.grant." $grantIdx ".namespaces." $namespaceIdx $namespace }}" + {{- end }} + {{- range $subjectIdx, $subject := $grant.authSubjects }} + "{{ printf "%s%d%s%d=%s" "-Dditto.entity-creation.grant." $grantIdx ".auth-subjects." $subjectIdx $subject }}" + {{- end }} + {{- end }} + {{- range $revokeIdx, $revoke := .Values.policies.config.entityCreation.revokes }} + "{{ printf "%s%d%s=%s" "-Dditto.entity-creation.revoke." $revokeIdx ".resource-types.0" "policy" }}" + {{- range $namespaceIdx, $namespace := $revoke.namespaces }} + "{{ printf "%s%d%s%d=%s" "-Dditto.entity-creation.revoke." $revokeIdx ".namespaces." $namespaceIdx $namespace }}" + {{- end }} + {{- range $subjectIdx, $subject := $revoke.authSubjects }} + "{{ printf "%s%d%s%d=%s" "-Dditto.entity-creation.revoke." $revokeIdx ".auth-subjects." $subjectIdx $subject }}" + {{- end }} + {{- end }} {{ join " " .Values.policies.systemProps }} - name: MONGO_DB_SSL_ENABLED value: "{{ if .Values.dbconfig.policies.ssl }}true{{ else }}false{{ end }}" diff --git a/deployment/helm/ditto/templates/things-deployment.yaml b/deployment/helm/ditto/templates/things-deployment.yaml index 50a4284fa3..a535598555 100644 --- a/deployment/helm/ditto/templates/things-deployment.yaml +++ b/deployment/helm/ditto/templates/things-deployment.yaml @@ -126,6 +126,24 @@ spec: {{- range $index, $header := .Values.things.config.persistence.events.historicalHeadersToPersist }} "{{ printf "%s%d=%s" "-Dditto.things.thing.event.historical-headers-to-persist." $index $header }}" {{- end }} + {{- range $grantIdx, $grant := .Values.things.config.entityCreation.grants }} + "{{ printf "%s%d%s=%s" "-Dditto.entity-creation.grant." $grantIdx ".resource-types.0" "thing" }}" + {{- range $namespaceIdx, $namespace := $grant.namespaces }} + "{{ printf "%s%d%s%d=%s" "-Dditto.entity-creation.grant." $grantIdx ".namespaces." $namespaceIdx $namespace }}" + {{- end }} + {{- range $subjectIdx, $subject := $grant.authSubjects }} + "{{ printf "%s%d%s%d=%s" "-Dditto.entity-creation.grant." $grantIdx ".auth-subjects." $subjectIdx $subject }}" + {{- end }} + {{- end }} + {{- range $revokeIdx, $revoke := .Values.things.config.entityCreation.revokes }} + "{{ printf "%s%d%s=%s" "-Dditto.entity-creation.revoke." $revokeIdx ".resource-types.0" "thing" }}" + {{- range $namespaceIdx, $namespace := $revoke.namespaces }} + "{{ printf "%s%d%s%d=%s" "-Dditto.entity-creation.revoke." $revokeIdx ".namespaces." $namespaceIdx $namespace }}" + {{- end }} + {{- range $subjectIdx, $subject := $revoke.authSubjects }} + "{{ printf "%s%d%s%d=%s" "-Dditto.entity-creation.revoke." $revokeIdx ".auth-subjects." $subjectIdx $subject }}" + {{- end }} + {{- end }} '-Dditto.things.wot.to-thing-description.json-template={{ .Values.things.config.wot.tdJsonTemplate | replace "\n" "" | replace "\\\"" "\"" }}' {{ join " " .Values.things.systemProps }} - name: MONGO_DB_SSL_ENABLED diff --git a/deployment/helm/ditto/values.yaml b/deployment/helm/ditto/values.yaml index e8acdd6d4a..0f8d8e71f8 100644 --- a/deployment/helm/ditto/values.yaml +++ b/deployment/helm/ditto/values.yaml @@ -553,6 +553,23 @@ policies: interval: 15m # threshold configures the threshold after how many changes to a Policy to do a snapshot threshold: 5 + # entityCreation by default, Ditto allows anyone to create a new entity (policy in this case) in any namespace. + # However, this behavior can be customized, and the ability to create new entities can be restricted: + entityCreation: + # grants contains the list of creation config entries which would allow the creation of entities + # An empty list would *not* allow any entity to be created. + # You must have at least one entry, even if it is without restrictions. + grants: + - # namespaces holds the list of namespaces this entry applies to. An empty list would match any. + # Wildcards `*` (Matching any number of any character) and `?` (Matches any single character) are supported in entries of this list. + namespaces: [] + # authSubjects holds list of authentication subjects this entry applies to. An empty list would match any. + # Wildcards `*` (Matching any number of any character) and `?` (Matches any single character) are supported in entries of this list. + authSubjects: [] + # revokes contains the list of creation config entries which would reject the creation of entities + revokes: [] + # - namespaces: [] + # authSubjects: [] ## ---------------------------------------------------------------------------- ## things configuration @@ -724,6 +741,23 @@ things: interval: 15m # the threshold after how many changes to a Thing to do a snapshot threshold: 50 + # entityCreation by default, Ditto allows anyone to create a new entity (thing in this case) in any namespace. + # However, this behavior can be customized, and the ability to create new entities can be restricted: + entityCreation: + # grants contains the list of creation config entries which would allow the creation of entities + # An empty list would *not* allow any entity to be created. + # You must have at least one entry, even if it is without restrictions. + grants: + - # namespaces holds the list of namespaces this entry applies to. An empty list would match any. + # Wildcards `*` (Matching any number of any character) and `?` (Matches any single character) are supported in entries of this list. + namespaces: [] + # authSubjects holds list of authentication subjects this entry applies to. An empty list would match any. + # Wildcards `*` (Matching any number of any character) and `?` (Matches any single character) are supported in entries of this list. + authSubjects: [] + # revokes contains the list of creation config entries which would reject the creation of entities + revokes: [] + # - namespaces: [] + # authSubjects: [] # policiesEnforcer contains configuration for Ditto "Policy Enforcers", e.g. regarding caching policiesEnforcer: # cache holds the configuration of policy enforcer caching From f3d1d7708cebfa79c671097b8401024cee800098 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20J=C3=A4ckle?= Date: Mon, 10 Jul 2023 17:39:07 +0200 Subject: [PATCH 3/5] adjusted Eclipse Ditto domain to eclipse.dev/ditto fix default value of 'jwtOnly' being 'true' in Helm chart MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * changed to `false` as default so that simple setups can use nginx based auth Signed-off-by: Thomas Jäckle --- deployment/helm/ditto/Chart.yaml | 2 +- deployment/helm/ditto/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deployment/helm/ditto/Chart.yaml b/deployment/helm/ditto/Chart.yaml index 44a9aeb513..752f170fb3 100644 --- a/deployment/helm/ditto/Chart.yaml +++ b/deployment/helm/ditto/Chart.yaml @@ -16,7 +16,7 @@ description: | A digital twin is a virtual, cloud based, representation of his real world counterpart (real world “Things”, e.g. devices like sensors, smart heating, connected cars, smart grids, EV charging stations etc). type: application -version: 3.3.4 # chart version is effectively set by release-job +version: 3.3.5 # chart version is effectively set by release-job appVersion: 3.3.3 keywords: - iot-chart diff --git a/deployment/helm/ditto/values.yaml b/deployment/helm/ditto/values.yaml index 0f8d8e71f8..2f6649605e 100644 --- a/deployment/helm/ditto/values.yaml +++ b/deployment/helm/ditto/values.yaml @@ -62,7 +62,7 @@ global: # jwtOnly controls whether only OpenID-Connect authentication is supported # if false, both OpenID-Connect and basicAuth via nginx (see above "basicAuthUsers" and "hashedBasicAuthUsers") is used # ref: https://www.eclipse.dev/ditto/installation-operating.html#openid-connect - jwtOnly: true + jwtOnly: false # jvmOptions defines the JVM options applied to all Ditto services running in the JVM, it is put in JAVA_TOOL_OPTIONS jvmOptions: > -XX:+ExitOnOutOfMemoryError From 46936c5bcf2501fd41cfe9b898904a0dd6f4c306 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20J=C3=A4ckle?= Date: Mon, 10 Jul 2023 17:58:29 +0200 Subject: [PATCH 4/5] prepare Ditto 3.3.4 release notes --- .../_data/sidebars/ditto_sidebar.yml | 3 ++ .../pages/ditto/release_notes_334.md | 49 +++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 documentation/src/main/resources/pages/ditto/release_notes_334.md diff --git a/documentation/src/main/resources/_data/sidebars/ditto_sidebar.yml b/documentation/src/main/resources/_data/sidebars/ditto_sidebar.yml index bda236c677..48c7c3de88 100644 --- a/documentation/src/main/resources/_data/sidebars/ditto_sidebar.yml +++ b/documentation/src/main/resources/_data/sidebars/ditto_sidebar.yml @@ -23,6 +23,9 @@ entries: - title: Release Notes output: web folderitems: + - title: 3.3.4 + url: /release_notes_334.html + output: web - title: 3.3.3 url: /release_notes_333.html output: web diff --git a/documentation/src/main/resources/pages/ditto/release_notes_334.md b/documentation/src/main/resources/pages/ditto/release_notes_334.md new file mode 100644 index 0000000000..06bbc65641 --- /dev/null +++ b/documentation/src/main/resources/pages/ditto/release_notes_334.md @@ -0,0 +1,49 @@ +--- +title: Release notes 3.3.4 +tags: [release_notes] +published: true +keywords: release notes, announcements, changelog +summary: "Version 3.3.4 of Eclipse Ditto, released on 11.07.2023" +permalink: release_notes_334.html +--- + +This is a bugfix release, no new features since [3.3.3](release_notes_333.html) were added. + +## Changelog + +Compared to the latest release [3.3.3](release_notes_333.html), the following changes and bugfixes were added. + +### Changes + + +### Bugfixes + +This is a complete list of the +[merged pull requests](https://github.com/eclipse-ditto/ditto/pulls?q=is%3Apr+milestone%3A3.3.4). + +#### [Fix that CreationRestrictionPreEnforcer did not work](https://github.com/eclipse-ditto/ditto/pull/1682) + +The previously added [restriction configuration of creating new entities](installation-operating.html#restricting-entity-creation) +did no longer work with Ditto 3.x - as some changes were done in Ditto 3.x regarding extension loading. + +This is now fixed and creating new entities can be configured again. + + +### Helm Chart + +The [Ditto Helm Chart](https://github.com/eclipse-ditto/ditto/tree/master/deployment/helm), which was enhanced and changed +a lot for version 3.3.0, contained some configuration bugs which are also addressed with this bugfix release. + +#### [Add support for entity creation via Helm configuration](https://github.com/eclipse-ditto/ditto/pull/1684) + +In order to make use of the [restriction for creating new entities](installation-operating.html#restricting-entity-creation), +the Helm chart was enhanced with configuration options for creating policies and things. + +#### [Fix default value of 'jwtOnly' being 'true' in Helm chart ](https://github.com/eclipse-ditto/ditto/pull/1686) + +Former versions of the Helm chart configured by default `jwtOnly: false` which meant that it was possible to authenticate +users at Ditto's HTTP or WebSocket API via the nginx `.htpasswd` file approach. + +The new Helm chart changed the default to `jwtOnly: true` which broke this very simple approach of authenticating users. + +So the default was changed back to allow nginx authentication. From 3a0419a346b563fbba34e6f50eec25f0664c8b83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20J=C3=A4ckle?= Date: Mon, 10 Jul 2023 19:54:04 +0200 Subject: [PATCH 5/5] prepare Helm chart for 3.3.4 release --- deployment/helm/ditto/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deployment/helm/ditto/Chart.yaml b/deployment/helm/ditto/Chart.yaml index 752f170fb3..69ec776958 100644 --- a/deployment/helm/ditto/Chart.yaml +++ b/deployment/helm/ditto/Chart.yaml @@ -16,8 +16,8 @@ description: | A digital twin is a virtual, cloud based, representation of his real world counterpart (real world “Things”, e.g. devices like sensors, smart heating, connected cars, smart grids, EV charging stations etc). type: application -version: 3.3.5 # chart version is effectively set by release-job -appVersion: 3.3.3 +version: 3.3.4 # chart version is effectively set by release-job +appVersion: 3.3.4 keywords: - iot-chart - digital-twin