diff --git a/.tractusx b/.tractusx index b14cf437..6a3bf141 100644 --- a/.tractusx +++ b/.tractusx @@ -4,3 +4,6 @@ repositories: - name: "puris" usage: "PURIS Frontend and Backend Implementation" url: "https://github.com/eclipse-tractusx/puris" +skipReleaseChecks: + alignedBaseImage: + - "local/vault/Dockerfile" diff --git a/DEPENDENCIES_BACKEND b/DEPENDENCIES_BACKEND index 9b2fbc6b..9c8dc632 100644 --- a/DEPENDENCIES_BACKEND +++ b/DEPENDENCIES_BACKEND @@ -71,7 +71,7 @@ maven/mavencentral/org.springdoc/springdoc-openapi-starter-common/2.1.0, Apache- maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-api/2.1.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-ui/2.1.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.1.4, Apache-2.0, approved, #9341 -maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.1.4, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.1.4, Apache-2.0, approved, #11406 maven/mavencentral/org.springframework.boot/spring-boot-starter-aop/3.1.4, Apache-2.0, approved, #9338 maven/mavencentral/org.springframework.boot/spring-boot-starter-data-jpa/3.1.4, Apache-2.0, approved, #9733 maven/mavencentral/org.springframework.boot/spring-boot-starter-jdbc/3.1.4, Apache-2.0, approved, #9737 diff --git a/backend/DEPENDENCIES b/backend/DEPENDENCIES index 9b2fbc6b..9c8dc632 100644 --- a/backend/DEPENDENCIES +++ b/backend/DEPENDENCIES @@ -71,7 +71,7 @@ maven/mavencentral/org.springdoc/springdoc-openapi-starter-common/2.1.0, Apache- maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-api/2.1.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-ui/2.1.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.1.4, Apache-2.0, approved, #9341 -maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.1.4, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.1.4, Apache-2.0, approved, #11406 maven/mavencentral/org.springframework.boot/spring-boot-starter-aop/3.1.4, Apache-2.0, approved, #9338 maven/mavencentral/org.springframework.boot/spring-boot-starter-data-jpa/3.1.4, Apache-2.0, approved, #9733 maven/mavencentral/org.springframework.boot/spring-boot-starter-jdbc/3.1.4, Apache-2.0, approved, #9737 diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/DataInjectionCommandLineRunner.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/DataInjectionCommandLineRunner.java index 84dff11f..2001a75d 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/DataInjectionCommandLineRunner.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/DataInjectionCommandLineRunner.java @@ -99,7 +99,7 @@ public DataInjectionCommandLineRunner(ObjectMapper objectMapper) { @Override public void run(String... args) throws Exception { - createOwnPartnerEntity(); + //createOwnPartnerEntity(); log.info("Creating setup for " + demoRole.toUpperCase()); if (demoRole.equals("supplier")) { setupSupplierRole(); @@ -281,7 +281,7 @@ private void setupSupplierRole() { private Partner createAndGetCustomerPartner() { Partner customerPartnerEntity = new Partner( "Scenario Customer", - "http://sokrates-controlplane:8084/api/v1/ids", + "http://customer-control-plane:8184/api/v1/ids", "BPNL4444444444XX", "BPNS4444444444XY", "Hauptwerk Musterhausen", @@ -306,7 +306,7 @@ private Partner createAndGetCustomerPartner() { private Partner createAndGetSupplierPartner() { Partner supplierPartnerEntity = new Partner( "Scenario Supplier", - "http://plato-controlplane:8084/api/v1/ids", + "http://supplier-control-plane:9184/api/v1/ids", "BPNL1234567890ZZ", "BPNS1234567890XY", "Konzernzentrale Dudelsdorf", @@ -383,7 +383,8 @@ private void createRequest() throws JsonProcessingException { messageHeader.setRespondAssetId("product-stock-response-api"); messageHeader.setContractAgreementId("some cid"); messageHeader.setSender("BPNL1234567890ZZ"); - messageHeader.setSenderEdc("http://plato-controlplane:8084/api/v1/ids"); + //messageHeader.setSenderEdc("http://plato-controlplane:8084/api/v1/ids"); + messageHeader.setSenderEdc("http://supplier-control-plane:9184/api/v1/ids"); messageHeader.setReceiver("BPNL4444444444XX"); messageHeader.setUseCase(DT_UseCaseEnum.PURIS); messageHeader.setCreationDate(new Date()); diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/api/logic/service/VariablesService.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/api/logic/service/VariablesService.java index 5a7cf177..f393050d 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/api/logic/service/VariablesService.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/api/logic/service/VariablesService.java @@ -21,13 +21,11 @@ */ package org.eclipse.tractusx.puris.backend.common.api.logic.service; +import lombok.Getter; import org.eclipse.tractusx.puris.backend.common.edc.logic.dto.datatype.DT_ApiMethodEnum; -import org.eclipse.tractusx.puris.backend.masterdata.domain.model.Partner; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; -import lombok.Getter; - @Getter @Service diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/controller/EndpointDataReferenceReceiver.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/controller/EndpointDataReferenceReceiver.java index 7f928aca..9b254d91 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/controller/EndpointDataReferenceReceiver.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/controller/EndpointDataReferenceReceiver.java @@ -24,7 +24,6 @@ import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.ExampleObject; -import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.responses.ApiResponses; import lombok.extern.slf4j.Slf4j; @@ -36,8 +35,6 @@ import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; -import java.util.UUID; - /** * This class contains the endpoint for receiving the authCodes from * the counterparty's dataplane. diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/service/EdcAdapterService.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/service/EdcAdapterService.java index 2f3121fa..1cdeba11 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/service/EdcAdapterService.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/service/EdcAdapterService.java @@ -25,24 +25,17 @@ import com.fasterxml.jackson.databind.node.ObjectNode; import com.squareup.okhttp.*; import lombok.extern.slf4j.Slf4j; - import org.eclipse.tractusx.puris.backend.common.api.logic.service.VariablesService; import org.eclipse.tractusx.puris.backend.common.edc.logic.dto.CreateAssetDto; import org.eclipse.tractusx.puris.backend.common.edc.logic.dto.EDR_Dto; import org.eclipse.tractusx.puris.backend.common.edc.logic.util.EDCRequestBodyBuilder; import org.eclipse.tractusx.puris.backend.model.repo.OrderRepository; -import org.springframework.aot.hint.TypeReference; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; - import java.io.IOException; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Optional; -import java.util.UUID; +import java.util.*; /** * Service Layer of EDC Adapter. Builds and sends requests to a productEDC. @@ -65,6 +58,12 @@ public class EdcAdapterService { @Value("${edc.controlplane.data.port}") private Integer dataPort; + /** + * Path to data management api + */ + @Value("${edc.controlplane.data.path}") + private String dataPath; + @Value("${edc.controlplane.key}") private String edcApiKey; @@ -101,13 +100,13 @@ public boolean publishOrderAtEDC(String orderId) throws IOException { var policyBody = edcRequestBodyBuilder.buildPolicyRequestBody(orderId); var contractBody = edcRequestBodyBuilder.buildContractRequestBody(orderId); - var response = sendEdcRequest(assetBody, "/data/assets"); + var response = sendEdcRequest(assetBody, "/assets"); var success = response.isSuccessful(); response.body().close(); - response = sendEdcRequest(policyBody, "/data/policydefinitions"); + response = sendEdcRequest(policyBody, "/policydefinitions"); success &= response.isSuccessful(); response.body().close(); - response = sendEdcRequest(contractBody, "/data/contractdefinitions"); + response = sendEdcRequest(contractBody, "/contractdefinitions"); success &= response.isSuccessful(); response.body().close(); return success; @@ -134,15 +133,15 @@ public boolean publishAssetAtEDC(CreateAssetDto createAssetDto) throws IOExcepti JsonNode contractBody = edcRequestBodyBuilder.buildContractRequestBody(assetId); log.info(String.format("Contract Body: \n%s", contractBody.toPrettyString())); log.info(String.format("Asset Body: \n%s", assetBody.toPrettyString())); - var response = sendEdcRequest(assetBody, "/data/assets"); + var response = sendEdcRequest(assetBody, "/assets"); success &= response.isSuccessful(); log.info(String.format("Creation of asset was successfull: %b", success)); response.body().close(); - response = sendEdcRequest(policyBody, "/data/policydefinitions"); + response = sendEdcRequest(policyBody, "/policydefinitions"); log.info(String.format("Creation of policy was successfull: %b", response.isSuccessful())); success &= response.isSuccessful(); response.body().close(); - response = sendEdcRequest(contractBody, "/data/contractdefinitions"); + response = sendEdcRequest(contractBody, "/contractdefinitions"); success &= response.isSuccessful(); log.info(String.format("Created Contract Definition (%b) for Asset %s", response.isSuccessful(), objectMapper.writeValueAsString(createAssetDto))); @@ -176,6 +175,8 @@ public String getCatalog(String idsUrl, Optional> filterProp urlBuilder.scheme("http") .host(edcHost) .port(dataPort) + .addPathSegment("api") + .addPathSegment("v1") .addPathSegment("data") .addPathSegment("catalog") .addEncodedQueryParameter("providerUrl", idsUrl + "/data"); @@ -243,7 +244,7 @@ public JsonNode getCatalogFilteredByAssetPropertyObjectFilter(String idsUrl, Map /** * Orders your own EDC Connector Controlplane to negotiate a contract with * the owner of the given connector address for an asset (specified by the - * assetId) under conditions as stated in the contract definition with the + * assetId) under conditions as stated in the contract defintion with the * given contractDefinitionId * @param connectorAddress * @param contractDefinitionId @@ -256,7 +257,7 @@ public String startNegotiation(String connectorAddress, var negotiationRequestBody = edcRequestBodyBuilder.buildNegotiationRequestBody(connectorAddress, contractDefinitionId, assetId); - var response = sendEdcRequest(negotiationRequestBody, "/data/contractnegotiations"); + var response = sendEdcRequest(negotiationRequestBody, "/contractnegotiations"); String stringData = response.body().string(); response.body().close(); return stringData; @@ -271,7 +272,7 @@ public String startNegotiation(String connectorAddress, * @throws IOException */ public String getNegotiationState(String negotiationId) throws IOException { - var response = sendEdcRequest("/data/contractnegotiations/" + negotiationId); + var response = sendEdcRequest("/contractnegotiations/" + negotiationId); String stringData = response.body().string(); response.body().close(); return stringData; @@ -293,7 +294,7 @@ public String startTransfer(String transferId, String orderId) throws IOException { var transferNode = edcRequestBodyBuilder.buildTransferRequestBody(transferId, connectorAddress, contractId, orderId); log.debug("TransferRequestBody:\n" + transferNode.toPrettyString()); - var response = sendEdcRequest(transferNode, "/data/transferprocess"); + var response = sendEdcRequest(transferNode, "/transferprocess"); String stringData = response.body().string(); response.body().close(); return stringData; @@ -303,12 +304,12 @@ public String startTransfer(String transferId, * Sends a request to the own EDC Connector Controlplane in order to receive * the current status of the previously initiated transfer as specified by * the parameter. - * @param transferId the id of the transfer in question - * @return the response from your Controlplane + * @param transferId + * @return * @throws IOException */ public String getTransferState(String transferId) throws IOException { - var response = sendEdcRequest("/data/transferprocess/" + transferId); + var response = sendEdcRequest("/transferprocess/" + transferId); String stringData = response.body().string(); response.body().close(); return stringData; @@ -390,9 +391,9 @@ public Response sendEdcRequest(JsonNode requestBody, String urlSuffix) throws IO .header("X-Api-Key", edcApiKey) .header("Content-Type", "application/json") .post(RequestBody.create(MediaType.parse("application/json"), requestBody.toString())) - .url("http://" + edcHost + ":" + dataPort + urlSuffix) + .url("http://" + edcHost + ":" + dataPort + dataPath + urlSuffix) .build(); - + log.debug(String.format("Request send to url: %s", request.urlString())); log.debug(String.format("Request body of EDC Request: %s", requestBody)); return CLIENT.newCall(request).execute(); } @@ -410,7 +411,7 @@ public Response sendEdcRequest(String urlSuffix) throws IOException { Request request = new Request.Builder() .header("X-Api-Key", edcApiKey) .header("Content-Type", "application/json") - .url("http://" + edcHost + ":" + dataPort + urlSuffix) + .url("http://" + edcHost + ":" + dataPort + dataPath + urlSuffix) .build(); log.debug(String.format("Send Request to url: %s", request.urlString())); @@ -430,6 +431,7 @@ public Response sendEdcRequest(String urlSuffix) throws IOException { * @return the response from your dataplane */ public Response sendDataPullRequest(String url, String authKey, String authCode, String requestBodyString){ + log.debug(String.format("Sending proxy call to endpoint '%s' with auth key '%s' and auth code '%s' with request body '%s'", url, authKey, authCode, requestBodyString)); try { RequestBody requestBody = RequestBody.create(MediaType.parse("application/json"), requestBodyString); Request request = new Request.Builder() diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/service/EndpointDataReferenceService.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/service/EndpointDataReferenceService.java index 4bfbd3f9..f374afbf 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/service/EndpointDataReferenceService.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/edc/logic/service/EndpointDataReferenceService.java @@ -20,12 +20,12 @@ */ package org.eclipse.tractusx.puris.backend.common.edc.logic.service; -import java.util.HashMap; - +import lombok.extern.slf4j.Slf4j; import org.eclipse.tractusx.puris.backend.common.edc.logic.dto.EDR_Dto; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; -import lombok.extern.slf4j.Slf4j; + +import java.util.HashMap; /** * This class stores authCodes which are generated in the course of * the contracting for the request or response api. Since authCodes diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/masterdata/logic/dto/MaterialDto.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/masterdata/logic/dto/MaterialDto.java index b45cf117..10f32eb3 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/masterdata/logic/dto/MaterialDto.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/masterdata/logic/dto/MaterialDto.java @@ -22,10 +22,9 @@ package org.eclipse.tractusx.puris.backend.masterdata.logic.dto; import lombok.*; -import org.eclipse.tractusx.puris.backend.stock.logic.dto.StockDto; import java.io.Serializable; -import java.util.*; +import java.util.UUID; @Getter @Setter diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/controller/ProductStockResponseApiController.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/controller/ProductStockResponseApiController.java index f9b24f21..438c4f4e 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/controller/ProductStockResponseApiController.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/controller/ProductStockResponseApiController.java @@ -21,17 +21,17 @@ */ package org.eclipse.tractusx.puris.backend.stock.controller; -import java.util.UUID; - +import com.fasterxml.jackson.databind.ObjectMapper; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.ExampleObject; import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.responses.ApiResponses; -import org.eclipse.tractusx.puris.backend.stock.domain.model.ProductStockRequest; +import lombok.extern.slf4j.Slf4j; import org.eclipse.tractusx.puris.backend.common.api.domain.model.datatype.DT_RequestStateEnum; import org.eclipse.tractusx.puris.backend.common.api.logic.dto.SuccessfulRequestDto; +import org.eclipse.tractusx.puris.backend.stock.domain.model.ProductStockRequest; import org.eclipse.tractusx.puris.backend.stock.domain.model.ProductStockResponse; import org.eclipse.tractusx.puris.backend.stock.logic.service.ProductStockRequestService; import org.eclipse.tractusx.puris.backend.stock.logic.service.ProductStockResponseApiServiceImpl; @@ -44,9 +44,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -import com.fasterxml.jackson.databind.ObjectMapper; - -import lombok.extern.slf4j.Slf4j; +import java.util.UUID; /** * This class contains the REST controller of the product-stock-response api. diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/domain/model/ProductStockResponse.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/domain/model/ProductStockResponse.java index b9e75722..dc96b447 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/domain/model/ProductStockResponse.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/domain/model/ProductStockResponse.java @@ -20,19 +20,16 @@ */ package org.eclipse.tractusx.puris.backend.stock.domain.model; -import com.fasterxml.jackson.annotation.JsonIgnore; -import jakarta.persistence.*; +import jakarta.persistence.Embedded; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; import lombok.ToString; -import org.eclipse.tractusx.puris.backend.common.api.domain.model.MessageContent; import org.eclipse.tractusx.puris.backend.common.api.domain.model.MessageHeader; import org.eclipse.tractusx.puris.backend.stock.logic.dto.samm.ProductStockSammDto; import java.util.ArrayList; import java.util.List; -import java.util.UUID; /** * This Response represents the message received via a Response API. diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/dto/samm/Position.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/dto/samm/Position.java index 4377f05e..b8730985 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/dto/samm/Position.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/dto/samm/Position.java @@ -26,7 +26,6 @@ import jakarta.validation.constraints.NotNull; import lombok.ToString; -import javax.xml.datatype.XMLGregorianCalendar; import java.util.Collection; import java.util.Date; import java.util.Objects; diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/dto/samm/ProductStockSammDto.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/dto/samm/ProductStockSammDto.java index 191070ca..9f1981c4 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/dto/samm/ProductStockSammDto.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/dto/samm/ProductStockSammDto.java @@ -32,7 +32,6 @@ import org.eclipse.tractusx.puris.backend.common.api.logic.dto.MessageContentDto; import java.util.Collection; -import java.util.Objects; import java.util.Optional; /** diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/service/PartnerProductStockService.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/service/PartnerProductStockService.java index 613acb1f..b76d3bba 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/service/PartnerProductStockService.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/stock/logic/service/PartnerProductStockService.java @@ -26,7 +26,6 @@ import org.eclipse.tractusx.puris.backend.stock.domain.model.PartnerProductStock; import org.eclipse.tractusx.puris.backend.stock.domain.model.measurement.MeasurementUnit; import org.eclipse.tractusx.puris.backend.stock.logic.dto.samm.LocationIdTypeEnum; -import org.springframework.stereotype.Service; import java.util.List; import java.util.UUID; diff --git a/backend/src/main/resources/application-customer.properties b/backend/src/main/resources/application-customer.properties index fe98451c..6793d661 100755 --- a/backend/src/main/resources/application-customer.properties +++ b/backend/src/main/resources/application-customer.properties @@ -16,7 +16,8 @@ spring.jpa.hibernate.ddl-auto=create server.servlet.context-path=${API_ROOTDIR:/catena} # EDC Config edc.controlplane.host=${EDC_CONTROLPLANE_HOST:192.168.49.2} -edc.controlplane.data.port=${EDC_CONTROLPLANE_DATA_PORT:30216} +edc.controlplane.data.path=/api/v1/data +edc.controlplane.data.port=${EDC_CONTROLPLANE_DATA_PORT:31944} edc.controlplane.key=${EDC_CONTROLPLANE_KEY:password} edc.applydataplaneworkaround=true @@ -30,7 +31,7 @@ spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true # Own EDC-IDS-URL -edc.idsUrl=${EDC_IDSURL:http://sokrates-controlplane:8084/api/v1/ids} +edc.idsUrl=${EDC_IDSURL:http://customer-control-plane:8184/api/v1/ids} # Own BPNL own.bpnl=${OWN_BPNL:BPNL4444444444XX} diff --git a/backend/src/main/resources/application-supplier.properties b/backend/src/main/resources/application-supplier.properties index 8e3a1c87..647eca99 100644 --- a/backend/src/main/resources/application-supplier.properties +++ b/backend/src/main/resources/application-supplier.properties @@ -16,7 +16,8 @@ spring.jpa.hibernate.ddl-auto=create server.servlet.context-path=${API_ROOTDIR:/catena} # EDC Config edc.controlplane.host=${EDC_CONTROLPLANE_HOST:192.168.49.2} -edc.controlplane.data.port=${EDC_CONTROLPLANE_DATA_PORT:31466} +edc.controlplane.data.port=${EDC_CONTROLPLANE_DATA_PORT:32272} +edc.controlplane.data.path=/api/v1/data edc.controlplane.key=${EDC_CONTROLPLANE_KEY:password} edc.applydataplaneworkaround=true @@ -30,7 +31,7 @@ spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true # Own EDC-IDS-URL -edc.idsUrl=${EDC_IDSURL:http://plato-controlplane:8084/api/v1/ids} +edc.idsUrl=${EDC_IDSURL:http://supplier-control-plane:9184/api/v1/ids} # Own BPNL own.bpnl=${OWN_BPNL:BPNL1234567890ZZ} diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index 1ecba503..59df5890 100755 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -1,6 +1,6 @@ # Server Config server.port=${SERVER_PORT:8081} -my.base.url=http://host.minikube.internal +my.base.url=http://localhost request.serverendpoint=${my.base.url}:${server.port}/catena/product-stock/request request.apiassetid=product-stock-request-api response.serverendpoint=${my.base.url}:${server.port}/catena/product-stock/response @@ -15,8 +15,9 @@ spring.jpa.hibernate.ddl-auto=create # API Root server.servlet.context-path=${API_ROOTDIR:/catena} # EDC Config -edc.controlplane.host=${EDC_CONTROLPLANE_HOST:192.168.49.2} -edc.controlplane.data.port=${EDC_CONTROLPLANE_DATA_PORT:31944} +edc.controlplane.host=${EDC_CONTROLPLANE_HOST:172.17.0.2} +edc.controlplane.data.port=${EDC_CONTROLPLANE_DATA_PORT:31960} +edc.controlplane.data.path=/api/v1/data edc.controlplane.key=${EDC_CONTROLPLANE_KEY:password} edc.applydataplaneworkaround=true @@ -28,9 +29,8 @@ minikube.ip=${MINIKUBE_IP:host.minikube.internal} #logging.level.org.hibernate.type.descriptor.sql.BasicBinder=TRACE spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true - # Own EDC-IDS-URL -edc.idsUrl=${EDC_IDSURL:http://sokrates-controlplane:8084/api/v1/ids} +edc.idsUrl=${EDC_IDSURL:http://customer-control-plane:8184/api/v1/ids} # Own BPNL own.bpnl=${OWN_BPNL:BPNL4444444444XX} diff --git a/frontend/.env.dockerbuild b/frontend/.env.dockerbuild index 01ac8990..41222c60 100644 --- a/frontend/.env.dockerbuild +++ b/frontend/.env.dockerbuild @@ -1,6 +1,6 @@ VITE_APP_NAME=\$APP_NAME VITE_BACKEND_BASE_URL=\$BACKEND_BASE_URL -VITE_ENDPOINT_MATERIALS=\$ENDPOINT_MATERIAL +VITE_ENDPOINT_MATERIALS=\$ENDPOINT_MATERIALS VITE_ENDPOINT_PRODUCTS=\$ENDPOINT_PRODUCTS VITE_ENDPOINT_MATERIAL_STOCKS=\$ENDPOINT_MATERIAL_STOCKS VITE_ENDPOINT_PRODUCT_STOCKS=\$ENDPOINT_PRODUCT_STOCKS diff --git a/frontend/src/config.json b/frontend/src/config.json index 789b0687..57ff88ae 100644 --- a/frontend/src/config.json +++ b/frontend/src/config.json @@ -1,7 +1,7 @@ { "APP_NAME": "$APP_NAME", "BACKEND_BASE_URL": "$BACKEND_BASE_URL", - "ENDPOINT_MATERIALS": "$ENDPOINT_MATERIAL", + "ENDPOINT_MATERIALS": "$ENDPOINT_MATERIALS", "ENDPOINT_PRODUCTS": "$ENDPOINT_PRODUCTS", "ENDPOINT_MATERIAL_STOCKS": "$ENDPOINT_MATERIAL_STOCKS", "ENDPOINT_PRODUCT_STOCKS": "$ENDPOINT_PRODUCT_STOCKS", diff --git a/local/.env b/local/.env new file mode 100644 index 00000000..dabd766a --- /dev/null +++ b/local/.env @@ -0,0 +1,5 @@ +VAULT_DEV_ROOT_TOKEN_ID= +EDC_API_PW= +PG_USER= +PG_PW= +VAULT_SECRETS_DIR= diff --git a/local/.gitignore b/local/.gitignore new file mode 100644 index 00000000..d9f256bc --- /dev/null +++ b/local/.gitignore @@ -0,0 +1,4 @@ +*.key +*.cert +*.keys +local/.env diff --git a/local/INSTALL.md b/local/INSTALL.md new file mode 100644 index 00000000..444e1561 --- /dev/null +++ b/local/INSTALL.md @@ -0,0 +1,52 @@ +# Initial Setup +1. Generate keys +```shell +cd local +sh generate-keys.sh +``` +2. Define remaining secrets in `/local/.env` + - set root token for vault instance `VAULT_DEV_ROOT_TOKEN_ID` (e.g. "4Ko6r3UcHM4dXnOGmPKTHds3") + - set password for edc control plane `EDC_API_PW` (e.g. "password") + - set user `PG_USER` and password `PG_PW` for postgres (e.g. "edc-pg-user" and "edc-pg-passw0rd") + - set vault secrets dir as mapped via volume (e.g. `/vault/secrets/`) + +# Start +```shell +docker-compose up +``` +or use +``` +sh restart.sh +``` +Wait for the startup and visit http://localhost:3000/ + +## Notes on debugging + +### DAPS +The omejdn-daps does not provide any further logging configuration. +It may make sense to log the whole tokens or responses to decode the JWT or similar. + +Requires ruby, which can be installed on Ubuntu as follows: +```shell +sudo apt-get install ruby +``` + +Then download the respective [omejdn release](https://github.com/Fraunhofer-AISEC/omejdn-server/releases/tag/v1.7.1) and unzip it. +In the `omejdn-server/omejdn.rb` +- search for token POST endpoint ("endpoint '/token', ['POST'],") +- go to end of endpoint definition (most left-hand end) +- add your echo / log upfront the status codes return (e.g. "puts.response.compact.to_json") +- build the omejdn server +```shell +docker build -t omejdn-server:local +``` + +Finally update the `./daps/docker-compose.yaml` to use this image instead. + +### Vault & Certs +When having problems with the certs or the vault, one need to delete the vault container. +Following script helps faster restarting +```shell +cd local +sh restart.sh +``` diff --git a/local/daps/config/clients.yml b/local/daps/config/clients.yml new file mode 100755 index 00000000..4ff70080 --- /dev/null +++ b/local/daps/config/clients.yml @@ -0,0 +1,41 @@ +--- +# Customer +- client_id: customer + name: customer + import_certfile: keys/clients/customer.cert + token_endpoint_auth_method: private_key_jwt + grant_types: client_credentials + scope: idsc:IDS_CONNECTOR_ATTRIBUTES_ALL + attributes: + - key: idsc + value: IDS_CONNECTOR_ATTRIBUTES_ALL + - key: securityProfile + value: idsc:BASE_SECURITY_PROFILE + - key: referringConnector + value: http://customer-control-plane/ + - key: "@type" + value: ids:datPayload + - key: "@context" + value: https://w3id.org/idsa/contexts/context.jsonld + - key: transportCertsSha256 + value: ea3593699acad45973321dbe0011122fa965062ce68c0edcd7a8198d493be91d +# Supplier +- client_id: supplier + name: supplier + import_certfile: keys/clients/supplier.cert + token_endpoint_auth_method: private_key_jwt + grant_types: client_credentials + scope: idsc:IDS_CONNECTOR_ATTRIBUTES_ALL + attributes: + - key: idsc + value: IDS_CONNECTOR_ATTRIBUTES_ALL + - key: securityProfile + value: idsc:BASE_SECURITY_PROFILE + - key: referringConnector + value: http://supplier-control-plane/ #TODO + - key: "@type" + value: ids:datPayload + - key: "@context" + value: https://w3id.org/idsa/contexts/context.jsonld + - key: transportCertsSha256 + value: 89ab21422a70a198bd891d03e165297ce930a766b0c7eee0e24adb5e9bc92115 diff --git a/local/daps/config/omejdn.yml b/local/daps/config/omejdn.yml new file mode 100755 index 00000000..09b7775c --- /dev/null +++ b/local/daps/config/omejdn.yml @@ -0,0 +1,19 @@ +--- +host: http://ids-daps:4567/ +path_prefix: '' +bind_to: 0.0.0.0 +allow_origin: "*" +issuer: http://ids-daps:4567/ +openid: false +accept_audience: idsc:IDS_CONNECTORS_ALL +default_audience: +- idsc:IDS_CONNECTORS_ALL +app_env: debug +environment: development +access_token: + expiration: 3600 + algorithm: RS256 +id_token: + expiration: 3600 + algorithm: RS256 +front_url: http://ids-daps:4567/ diff --git a/local/daps/config/plugins.yml b/local/daps/config/plugins.yml new file mode 100755 index 00000000..25672071 --- /dev/null +++ b/local/daps/config/plugins.yml @@ -0,0 +1,9 @@ +--- +plugins: + admin_api: + user_selfservice: + allow_deletion: false + allow_password_change: true + editable_attributes: [] + token_user_attributes: + skip_id_token: true diff --git a/local/daps/config/scope_description.yml b/local/daps/config/scope_description.yml new file mode 100755 index 00000000..012107ba --- /dev/null +++ b/local/daps/config/scope_description.yml @@ -0,0 +1,9 @@ +--- +omejdn:read: Read access to the Omejdn server API +omejdn:write: Write access to the Omejdn server API +omejdn:admin: Access to the Omejdn server admin API +profile: 'Standard profile claims (e.g.: Name, picture, website, gender, birthdate, + location)' +email: Email-Address +address: Address +phone: Phone-number diff --git a/local/daps/config/scope_mapping.yml b/local/daps/config/scope_mapping.yml new file mode 100755 index 00000000..3a92285b --- /dev/null +++ b/local/daps/config/scope_mapping.yml @@ -0,0 +1,4 @@ +--- +idsc:IDS_CONNECTOR_ATTRIBUTES_ALL: +- securityProfile +- referringConnector diff --git a/local/daps/config/webfinger.yml b/local/daps/config/webfinger.yml new file mode 100755 index 00000000..2fbf0ffd --- /dev/null +++ b/local/daps/config/webfinger.yml @@ -0,0 +1 @@ +--- {} diff --git a/local/daps/docker-compose.yaml b/local/daps/docker-compose.yaml new file mode 100644 index 00000000..ab43e3b2 --- /dev/null +++ b/local/daps/docker-compose.yaml @@ -0,0 +1,39 @@ +# +# Copyright (c) 2023 Volkswagen AG +# Copyright (c) 2023 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) +# Copyright (c) 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# +version: "3" +services: + omejdn-daps: + image: ghcr.io/fraunhofer-aisec/omejdn-server:1.7.1 + container_name: omejdn-daps + ports: + - 4567:4567 +# networks: +# - ids-network + environment: + OMEJDN_JWT_AUD_OVERRIDE: idsc:IDS_CONNECTORS_ALL + OMEJDN_PLUGINS: config/plugins.yml + volumes: + - ./config:/opt/config + - ./keys:/opt/keys/omejdn + +#networks: +# ids-network: +# driver: bridge diff --git a/local/docker-compose.yaml b/local/docker-compose.yaml new file mode 100644 index 00000000..5e8801e8 --- /dev/null +++ b/local/docker-compose.yaml @@ -0,0 +1,246 @@ +# +# Copyright (c) 2023 Volkswagen AG +# Copyright (c) 2023 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) +# Copyright (c) 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# +version: "3" +services: + puris-frontend-customer: + image: puris-frontend:dev + container_name: customer-frontend + ports: + - 3000:8080 + environment: + - APP_NAME=PURIS Customer + - BACKEND_BASE_URL=http://localhost:8081/catena/ + - ENDPOINT_MATERIALS=stockView/materials + - ENDPOINT_PRODUCTS=stockView/products + - ENDPOINT_MATERIAL_STOCKS=stockView/material-stocks + - ENDPOINT_PRODUCT_STOCKS=stockView/product-stocks + - ENDPOINT_CUSTOMER=stockView/customer?ownMaterialNumber= + - ENDPOINT_PARTNER_PRODUCT_STOCKS=stockView/partner-product-stocks?ownMaterialNumber= + - ENDPOINT_UPDATE_PARTNER_PRODUCT_STOCK=stockView/update-partner-product-stock?ownMaterialNumber= + + puris-backend-customer: + image: puris-backend:dev + container_name: customer-backend + depends_on: + edc-customer-control-plane: + condition: service_started #service_healthy + ports: + - 8081:8081 # expose port of server.port + environment: + - server.port=8081 + - puris.demonstrator.role=customer + - edc.controlplane.host=customer-control-plane + - edc.controlplane.data.port=8181 + - edc.controlplane.data.path=/api/v1/data + - edc.controlplane.key=${EDC_API_PW} + - edc.dataplane.public.port=8285 # edc-customer-data-plane + - edc.applydataplaneworkaround=false + - edc.idsUrl=http://customer-control-plane:8184/api/v1/ids + - own.bpnl=BPNL4444444444XX + - own.bpns=BPNS4444444444XX + - edr.endpoint=http://customer-backend:8081/catena/edrendpoint + - request.serverendpoint=http://customer-backend:8081/catena/product-stock/request + - response.serverendpoint=http://customer-backend:8081/catena/product-stock/response + + edc-customer-control-plane: + extends: + file: ./tractus-x-edc/docker-compose.yaml + service: control-plane + container_name: customer-control-plane + depends_on: + omejdn-daps: + condition: service_started # has no health-check + vault: + condition: service_started # has no health-check, needs to run script to put secrets + postgres: + condition: service_started # has no health-check, needs to run db script to create edc tables + environment: + edc.vault.hashicorp.token: ${VAULT_DEV_ROOT_TOKEN_ID} + edc.api.auth.key: ${EDC_API_PW} + edc.datasource.asset.user: ${PG_USER} + edc.datasource.asset.password: ${PG_PW} + edc.datasource.contractdefinition.user: ${PG_USER} + edc.datasource.contractdefinition.password: ${PG_PW} + edc.datasource.contractnegotiation.user: ${PG_USER} + edc.datasource.contractnegotiation.password: ${PG_PW} + edc.datasource.policy.user: ${PG_USER} + edc.datasource.policy.password: ${PG_PW} + edc.datasource.transferprocess.user: ${PG_USER} + edc.datasource.transferprocess.password: ${PG_PW} + ports: + - 8180:8180 + - 8181:8181 + - 8182:8182 + - 8183:8183 + - 8184:8184 + volumes: + - ./tractus-x-edc/config/customer/control-plane.properties:/app/configuration.properties + + edc-customer-data-plane: + extends: + file: ./tractus-x-edc/docker-compose.yaml + service: data-plane + container_name: customer-data-plane + depends_on: + omejdn-daps: + condition: service_started # has no health-check + vault: + condition: service_started # has no health-check, needs to run script to put secrets + postgres: + condition: service_started # has no health-check, needs to run db script to create edc tables + ports: + - 8280:8280 + - 8285:8285 + environment: + edc.vault.hashicorp.token: ${VAULT_DEV_ROOT_TOKEN_ID} + volumes: + - ./tractus-x-edc/config/customer/data-plane.properties:/app/configuration.properties + + omejdn-daps: + extends: + file: ./daps/docker-compose.yaml + service: omejdn-daps + container_name: omejdn-daps + volumes: + - ./vault/secrets/customer.cert:/opt/keys/clients/customer.cert:ro + - ./vault/secrets/supplier.cert:/opt/keys/clients/supplier.cert:ro + + vault: + build: ./vault + container_name: vault + ports: + - 8200:8200 + environment: + # token id may not contain prefix + VAULT_DEV_ROOT_TOKEN_ID: ${VAULT_DEV_ROOT_TOKEN_ID} + VAULT_ADDR: http://vault:8200 + VAULT_PUT_SECRETS_DIR: ${VAULT_SECRETS_DIR} + # ATTENTION: Non productive environment + SKIP_SETCAP: "true" + SKIP_CHOWN: "true" + volumes: + - ./vault/secrets:${VAULT_SECRETS_DIR} + + postgres: + image: postgres:15.4-alpine + container_name: postgres + environment: + POSTGRES_DB: edc + POSTGRES_USER: ${PG_USER} + POSTGRES_PASSWORD: ${PG_PW} + volumes: + # use docker-compose down --volumes to kill db volume + # only then, changes to the script are executed! + - ./postgres/init-db.sql:/docker-entrypoint-initdb.d/init-db.sql + + puris-frontend-supplier: + image: puris-frontend:dev + container_name: supplier-frontend + ports: + - 3001:8080 + environment: + - APP_NAME=PURIS Customer + - BACKEND_BASE_URL=http://localhost:8082/catena/ + - ENDPOINT_MATERIALS=stockView/materials + - ENDPOINT_PRODUCTS=stockView/products + - ENDPOINT_MATERIAL_STOCKS=stockView/material-stocks + - ENDPOINT_PRODUCT_STOCKS=stockView/product-stocks + - ENDPOINT_CUSTOMER=stockView/customer?ownMaterialNumber= + - ENDPOINT_PARTNER_PRODUCT_STOCKS=stockView/partner-product-stocks?ownMaterialNumber= + - ENDPOINT_UPDATE_PARTNER_PRODUCT_STOCK=stockView/update-partner-product-stock?ownMaterialNumber= + + puris-backend-supplier: + image: puris-backend:dev + container_name: supplier-backend + depends_on: + edc-supplier-control-plane: + condition: service_started #service_healthy + ports: + - 8082:8082 + environment: + - server.port=8082 + - puris.demonstrator.role=supplier + - edc.controlplane.host=supplier-control-plane + - edc.controlplane.data.port=9181 + - edc.controlplane.data.path=/api/v1/data + - edc.controlplane.key=${EDC_API_PW} + - edc.dataplane.public.port=9285 + - edc.applydataplaneworkaround=false + - edc.idsUrl=http://supplier-control-plane:9184/api/v1/ids + - own.bpnl=BPNL1234567890ZZ + - own.bpns=BPNS1234567890ZZ + - edr.endpoint=http://supplier-backend:8082/catena/edrendpoint + - request.serverendpoint=http://supplier-backend:8082/catena/product-stock/request + - response.serverendpoint=http://supplier-backend:8082/catena/product-stock/response + + edc-supplier-control-plane: + extends: + file: ./tractus-x-edc/docker-compose.yaml + service: control-plane + container_name: supplier-control-plane + depends_on: + omejdn-daps: + condition: service_started # has no health-check + vault: + condition: service_started # has no health-check, needs to run script to put secrets + postgres: + condition: service_started # has no health-check, needs to run db script to create edc tables + ports: + - 9180:9180 + - 9181:9181 + - 9182:9182 + - 9183:9183 + - 9184:9184 + environment: + edc.vault.hashicorp.token: ${VAULT_DEV_ROOT_TOKEN_ID} + edc.api.auth.key: ${EDC_API_PW} + edc.datasource.asset.user: ${PG_USER} + edc.datasource.asset.password: ${PG_PW} + edc.datasource.contractdefinition.user: ${PG_USER} + edc.datasource.contractdefinition.password: ${PG_PW} + edc.datasource.contractnegotiation.user: ${PG_USER} + edc.datasource.contractnegotiation.password: ${PG_PW} + edc.datasource.policy.user: ${PG_USER} + edc.datasource.policy.password: ${PG_PW} + edc.datasource.transferprocess.user: ${PG_USER} + edc.datasource.transferprocess.password: ${PG_PW} + volumes: + - ./tractus-x-edc/config/supplier/control-plane.properties:/app/configuration.properties + + edc-supplier-data-plane: + extends: + file: ./tractus-x-edc/docker-compose.yaml + service: data-plane + container_name: supplier-data-plane + depends_on: + omejdn-daps: + condition: service_started # has no health-check + vault: + condition: service_started # has no health-check, needs to run script to put secrets + postgres: + condition: service_started # has no health-check, needs to run db script to create edc tables + ports: + - 9280:9280 + - 9285:9285 + environment: + edc.vault.hashicorp.token: ${VAULT_DEV_ROOT_TOKEN_ID} + volumes: + - ./tractus-x-edc/config/supplier/data-plane.properties:/app/configuration.properties diff --git a/local/generate-keys.sh b/local/generate-keys.sh new file mode 100644 index 00000000..a6178388 --- /dev/null +++ b/local/generate-keys.sh @@ -0,0 +1,47 @@ +#!/bin/bash +# generate .key .cert (asymmetric encryption) and .keys (data encryption edc) for customer and supplier +# generate .key .cert (asymmetric encryption) and .keys (data encryption edc) for daps + +# create folders, if not existing +mkdir -p ./vault/secrets +mkdir -p ./daps/keys + +echo "Creating customer key, cert, keys and SHA..." +CUSTOMER_CERT="./vault/secrets/customer.cert" +CUSTOMER_KEY="./vault/secrets/customer.key" +CUSTOMER_ENCRYPTION_KEYS="./vault/secrets/customer-encryption.keys" +openssl req -newkey rsa:2048 -new -batch -nodes -x509 -days 3650 -text -keyout $CUSTOMER_KEY -out $CUSTOMER_CERT +# EDC token encryption keys for edc-extensions/data-encryption +key1=`openssl rand -base64 16` +key2=`openssl rand -base64 24` +key3=`openssl rand -base64 32` +echo "${key1},${key2},${key3}" > $CUSTOMER_ENCRYPTION_KEYS + +CUSTOMER_CERT_SHA="$(openssl x509 -in "$CUSTOMER_CERT" -noout -sha256 -fingerprint | tr '[:upper:]' '[:lower:]' | tr -d : | sed 's/.*=//')" + +echo "Creating supplier key, cert, keys and SHA..." +SUPPLIER_CERT="./vault/secrets/supplier.cert" +SUPPLIER_KEY="./vault/secrets/supplier.key" +SUPPLIER_ENCRYPTION_KEYS="./vault/secrets/supplier-encryption.keys" +openssl req -newkey rsa:2048 -new -batch -nodes -x509 -days 3650 -text -keyout $SUPPLIER_KEY -out $SUPPLIER_CERT +# EDC token encryption keys for edc-extensions/data-encryption +key1=`openssl rand -base64 16` +key2=`openssl rand -base64 24` +key3=`openssl rand -base64 32` +echo "${key1},${key2},${key3}" > $SUPPLIER_ENCRYPTION_KEYS + + +SUPPLIER_CERT_SHA="$(openssl x509 -in "$SUPPLIER_CERT" -noout -sha256 -fingerprint | tr '[:upper:]' '[:lower:]' | tr -d : | sed 's/.*=//')" + +echo "Make sure to update the ./daps/config/clients.yml:" +echo "Customer.transportCertsSha256: $CUSTOMER_CERT_SHA" +echo "Supplier.transportCertsSha256: $SUPPLIER_CERT_SHA" + +# DAPS +echo "Creating daps key and cert..." +DAPS_CERT="./daps/keys/omejdn.cert" +DAPS_KEY="./daps/keys/omejdn.key" +openssl req -newkey rsa:2048 -new -batch -nodes -x509 -days 3650 -text -keyout $DAPS_KEY -out $DAPS_CERT + +# let everyone access the files so that the non-root user in vault container can put them +chmod -R 755 ./vault/secrets diff --git a/local/postgres/init-db.sql b/local/postgres/init-db.sql new file mode 100644 index 00000000..ebf9ce5a --- /dev/null +++ b/local/postgres/init-db.sql @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2023 Volkswagen AG + * Copyright (c) 2023 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. + * (represented by Fraunhofer ISST) + * Copyright (c) 2023 Contributors to the Eclipse Foundation + * + * See the NOTICE file(s) distributed with this work for additional + * information regarding copyright ownership. + * + * This program and the accompanying materials are made available under the + * terms of the Apache License, Version 2.0 which is available at + * https://www.apache.org/licenses/LICENSE-2.0. + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + * SPDX-License-Identifier: Apache-2.0 + */ + +CREATE DATABASE "edc_customer_asset"; +CREATE DATABASE "edc_customer_contractdefinition"; +CREATE DATABASE "edc_customer_contractnegotiation"; +CREATE DATABASE "edc_customer_policy"; +CREATE DATABASE "edc_customer_transferprocess"; +--CREATE DATABASE "edc_customer_edrs"; + +CREATE DATABASE "edc_supplier_asset"; +CREATE DATABASE "edc_supplier_contractdefinition"; +CREATE DATABASE "edc_supplier_contractnegotiation"; +CREATE DATABASE "edc_supplier_policy"; +CREATE DATABASE "edc_supplier_transferprocess"; +--CREATE DATABASE "edc_supplier_edrs"; diff --git a/local/restart.sh b/local/restart.sh new file mode 100644 index 00000000..f8c5c3b3 --- /dev/null +++ b/local/restart.sh @@ -0,0 +1,8 @@ +# restarts the docker-compose and kill images, that may need a full refresh + +docker compose down + +# kill vault container that has been built with given secrets +docker image rm local-vault + +docker compose up diff --git a/local/tractus-x-edc/config/customer/control-plane.properties b/local/tractus-x-edc/config/customer/control-plane.properties new file mode 100644 index 00000000..37b05dad --- /dev/null +++ b/local/tractus-x-edc/config/customer/control-plane.properties @@ -0,0 +1,93 @@ +# API +web.http.default.port=8180 +web.http.default.path=/api + +# MANAGEMENT (replaced data in 0.3.0) +web.http.management.port=8181 +web.http.management.path=/api/v1/data + +# CONTROL (replaced validation in 0.3.0) +web.http.control.port=8183 +web.http.control.path=/api/controlplane/control + +# PROTOCOL (replaced IDS in 0.3.0) +web.http.protocol.port=8184 +# note: EDC in this version appends a "data" per IDS protocol +# https://eclipse-edc.github.io/docs/#/submodule/Connector/docs/developer/decision-records/2022-11-09-api-refactoring/renaming +web.http.protocol.path=/api/v1/ids + +edc.ids.title=Customer EDC +edc.ids.description=Customer EDC Control Plane +edc.ids.id=urn:connector:customer-control-plane +edc.ids.security.profile=base +edc.ids.maintainer=http://customer-control-plane +edc.ids.curator=http://customer-control-plane +edc.ids.catalog.id=urn:catalog:default + +# /api/v1/ids is the default HTTP IDS path +ids.webhook.address=http://customer-control-plane:8184 + +edc.hostname=customer-control-plane + +# set via .env +#edc.api.auth.key=password + +# OAuth / DAPS related configuration +edc.ids.endpoint=http://customer-control-plane:8184/api/v1/ids +## this may relate to version > 0.1.3 +edc.oauth.endpoint.audience=http://customer-control-plane:8184/api/v1/ids/data +## starting from 0.4.0 with new protocol +#edc.oauth.endpoint.audience=http://consumer-control-plane:8184/api/v1/dsp +edc.oauth.token.url=http://omejdn-daps:4567/token +edc.oauth.client.id=customer +edc.oauth.provider.jwks.url=http://omejdn-daps:4567/jwks.json +edc.oauth.provider.audience=idsc:IDS_CONNECTORS_ALL +edc.oauth.public.key.alias=customer-cert +edc.oauth.private.key.alias=customer-key +edc.ids.validation.referringconnector=false + +# HashiCorp vault related configuration +edc.vault.hashicorp.url=http://vault:8200 +# set via docker-compose .env +#edc.vault.hashicorp.token= +edc.vault.hashicorp.health.check.enabled=false + +# Data-Plane configuration +edc.transfer.proxy.endpoint=http://customer-data-plane:8285/api/public/ +edc.transfer.proxy.token.signer.privatekey.alias=customer-key +edc.transfer.proxy.token.verifier.publickey.alias=customer-cert + +# Data-Plane selector configuration +edc.dataplane.selector.edchttp.url=http://customer-data-plane:8299/api/dataplane/control +edc.dataplane.selector.edchttp.sourcetypes=HttpData +edc.dataplane.selector.edchttp.destinationtypes=HttpProxy +edc.dataplane.selector.edchttp.properties={"publicApiUrl" : "http://customer-data-plane:8285/api/public/"} + +# backend receiver for static Endpoint Data References +edc.receiver.http.endpoint=http://backend-app:8080 + +# Postgresql related configuration +edc.datasource.asset.name=asset +edc.datasource.asset.url=jdbc:postgresql://postgres:5432/edc_customer_asset +# edc.datasource.asset.user and edc.datasource.asset.password are set via .env +edc.datasource.contractdefinition.name=contractdefinition +edc.datasource.contractdefinition.url=jdbc:postgresql://postgres:5432/edc_customer_contractdefinition + +# edc.datasource.contractdefinition.user and edc.datasource.contractdefinition.password are set via .env +edc.datasource.contractnegotiation.name=contractnegotiation +edc.datasource.contractnegotiation.url=jdbc:postgresql://postgres:5432/edc_customer_contractnegotiation +# edc.datasource.contractnegotiation.user and edc.datasource.contractnegotiation.password are set via .env +edc.datasource.policy.name=policy +edc.datasource.policy.url=jdbc:postgresql://postgres:5432/edc_customer_policy +# edc.datasource.policy.user and edc.datasource.policy.password are set via .env +edc.datasource.transferprocess.name=transferprocess +edc.datasource.transferprocess.url=jdbc:postgresql://postgres:5432/edc_customer_transferprocess +# edc.datasource.transferprocess.user and edc.datasource.transferprocess.password are set via .env +# new in 0.4.x +#edc.datasource.edr.name=edr +#edc.datasource.edr.url=jdbc:postgresql://postgres:5432/edc_customer_edrs +# edc.datasource.edr.user and edc.datasource.edr.password are set via .env +#org.eclipse.tractusx.edc.postgresql.migration.edr.enabled=true + +# Data Encryption edc-extensions/data-encryption +edc.data.encryption.keys.alias=customer-encryption-keys diff --git a/local/tractus-x-edc/config/customer/data-plane.properties b/local/tractus-x-edc/config/customer/data-plane.properties new file mode 100644 index 00000000..a0aed114 --- /dev/null +++ b/local/tractus-x-edc/config/customer/data-plane.properties @@ -0,0 +1,26 @@ +# API +web.http.port=8280 +web.http.path=/api +# Public +web.http.public.port=8285 +web.http.public.path=/api/public +# Control +web.http.control.port=8299 +web.http.control.path=/api/dataplane/control + +# new in 0.3.3 - why do we need the management in a data plane? +web.http.management.port=8293 +web.http.management.path=/api/v1/data + +# Validation endpoint of controlplane +edc.dataplane.token.validation.endpoint=http://customer-control-plane:8183/api/controlplane/control/token + +# EDC hostname +edc.hostname=customer-data-plane + +# HashiCorp vault related configuration +edc.vault.hashicorp.url=http://vault:8200 +# set via docker-compose .env +#edc.vault.hashicorp.token= +#disable annoying logging - do we need this enabled? +edc.vault.hashicorp.health.check.enabled=false diff --git a/local/tractus-x-edc/config/default/logging.properties b/local/tractus-x-edc/config/default/logging.properties new file mode 100644 index 00000000..213edc48 --- /dev/null +++ b/local/tractus-x-edc/config/default/logging.properties @@ -0,0 +1,6 @@ +level=INFO +org.eclipse.edc.level=ALL +handlers=java.util.logging.ConsoleHandler +java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter +java.util.logging.ConsoleHandler.level=ALL +java.util.logging.SimpleFormatter.format=[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS] [%4$-7s] %5$s%6$s%n diff --git a/local/tractus-x-edc/config/default/opentelemetry.properties b/local/tractus-x-edc/config/default/opentelemetry.properties new file mode 100644 index 00000000..aaaab2db --- /dev/null +++ b/local/tractus-x-edc/config/default/opentelemetry.properties @@ -0,0 +1 @@ +otel.javaagent.enabled=false \ No newline at end of file diff --git a/local/tractus-x-edc/config/supplier/control-plane.properties b/local/tractus-x-edc/config/supplier/control-plane.properties new file mode 100644 index 00000000..f0c60726 --- /dev/null +++ b/local/tractus-x-edc/config/supplier/control-plane.properties @@ -0,0 +1,92 @@ +# API +web.http.default.port=9180 +web.http.default.path=/api + +# MANAGEMENT (replaced data in 0.3.0) +web.http.management.port=9181 +web.http.management.path=/api/v1/data + +# CONTROL (replaced validation in 0.3.0) +web.http.control.port=9183 +web.http.control.path=/api/controlplane/control + +# PROTOCOL (replaced IDS in 0.3.0) +web.http.protocol.port=9184 +# note: EDC in this version appends a "data" per IDS protocol +# https://eclipse-edc.github.io/docs/#/submodule/Connector/docs/developer/decision-records/2022-11-09-api-refactoring/renaming +web.http.protocol.path=/api/v1/ids + +edc.ids.title=Supplier EDC +edc.ids.description=Supplier EDC Control Plane +edc.ids.id=urn:connector:supplier-control-plane +edc.ids.security.profile=base +edc.ids.maintainer=http://supplier-control-plane +edc.ids.curator=http://supplier-control-plane +edc.ids.catalog.id=urn:catalog:default + +# /api/v1/ids is the default HTTP IDS path +ids.webhook.address=http://supplier-control-plane:9184 + +edc.hostname=supplier-control-plane + +# set via .env +#edc.api.auth.key=password + +# OAuth / DAPS related configuration +edc.ids.endpoint=http://supplier-control-plane:9184/api/v1/ids +## this may relate to version > 0.1.3 +edc.oauth.endpoint.audience=http://supplier-control-plane:9184/api/v1/ids/data +## starting from 0.4.0 with new protocol +#edc.oauth.endpoint.audience=http://consumer-control-plane:9184/api/v1/dsp +edc.oauth.token.url=http://omejdn-daps:4567/token +edc.oauth.client.id=supplier +edc.oauth.provider.jwks.url=http://omejdn-daps:4567/jwks.json +edc.oauth.provider.audience=idsc:IDS_CONNECTORS_ALL +edc.oauth.public.key.alias=supplier-cert +edc.oauth.private.key.alias=supplier-key +edc.ids.validation.referringconnector=false + +# HashiCorp vault related configuration +edc.vault.hashicorp.url=http://vault:8200 +# set via docker-compose .env +#edc.vault.hashicorp.token= +edc.vault.hashicorp.health.check.enabled=false + +# Data-Plane configuration +edc.transfer.proxy.endpoint=http://supplier-data-plane:9285/api/public/ +edc.transfer.proxy.token.signer.privatekey.alias=supplier-key +edc.transfer.proxy.token.verifier.publickey.alias=supplier-cert + +# Data-Plane selector configuration +edc.dataplane.selector.edchttp.url=http://supplier-data-plane:9299/api/dataplane/control +edc.dataplane.selector.edchttp.sourcetypes=HttpData +edc.dataplane.selector.edchttp.destinationtypes=HttpProxy +edc.dataplane.selector.edchttp.properties={"publicApiUrl" : "http://supplier-data-plane:9285/api/public/"} + +# puris backend receiver +edc.receiver.http.endpoint=http://backend-app:8080 + +# Postgresql related configuration +edc.datasource.asset.name=asset +edc.datasource.asset.url=jdbc:postgresql://postgres:5432/edc_supplier_asset +# edc.datasource.asset.user and edc.datasource.asset.password are set via .env +edc.datasource.contractdefinition.name=contractdefinition +edc.datasource.contractdefinition.url=jdbc:postgresql://postgres:5432/edc_supplier_contractdefinition +# edc.datasource.contractdefinition.user and edc.datasource.contractdefinition.password are set via .env +edc.datasource.contractnegotiation.name=contractnegotiation +edc.datasource.contractnegotiation.url=jdbc:postgresql://postgres:5432/edc_supplier_contractnegotiation +# edc.datasource.contractnegotiation.user and edc.datasource.contractnegotiation.password are set via .env +edc.datasource.policy.name=policy +edc.datasource.policy.url=jdbc:postgresql://postgres:5432/edc_supplier_policy +# edc.datasource.policy.user and edc.datasource.policy.password are set via .env +edc.datasource.transferprocess.name=transferprocess +edc.datasource.transferprocess.url=jdbc:postgresql://postgres:5432/edc_supplier_transferprocess +# edc.datasource.transferprocess.user and edc.datasource.transferprocess.password are set via .env +# new in 0.4.x +#edc.datasource.edr.name=edr +#edc.datasource.edr.url=jdbc:postgresql://postgres:5432/edc_supplier_edrs +# edc.datasource.edr.user and edc.datasource.edr.password are set via .env +#org.eclipse.tractusx.edc.postgresql.migration.edr.enabled=true + +# Data Encryption +edc.data.encryption.keys.alias=supplier-encryption-keys diff --git a/local/tractus-x-edc/config/supplier/data-plane.properties b/local/tractus-x-edc/config/supplier/data-plane.properties new file mode 100644 index 00000000..9b10f9cc --- /dev/null +++ b/local/tractus-x-edc/config/supplier/data-plane.properties @@ -0,0 +1,26 @@ +# API +web.http.port=9280 +web.http.path=/api +# Public +web.http.public.port=9285 +web.http.public.path=/api/public +# Control +web.http.control.port=9299 +web.http.control.path=/api/dataplane/control + +# new in 0.3.3 - why do we need the management in a data plane? +web.http.management.port=9293 +web.http.management.path=/api/v1/data + +# Validation endpoint of controlplane +edc.dataplane.token.validation.endpoint=http://supplier-control-plane:9183/api/controlplane/control/token + +# EDC hostname +edc.hostname=supplier-data-plane + +# HashiCorp vault related configuration +edc.vault.hashicorp.url=http://vault:8200 +# set via docker-compose .env +#edc.vault.hashicorp.token= +#disable annoying logging - do we need this enabled? +edc.vault.hashicorp.health.check.enabled=false diff --git a/local/tractus-x-edc/docker-compose.yaml b/local/tractus-x-edc/docker-compose.yaml new file mode 100644 index 00000000..88739817 --- /dev/null +++ b/local/tractus-x-edc/docker-compose.yaml @@ -0,0 +1,42 @@ +# +# Copyright (c) 2023 Volkswagen AG +# Copyright (c) 2023 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) +# Copyright (c) 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# +version: "3" +services: + control-plane: + image: ghcr.io/catenax-ng/product-edc/edc-controlplane-postgresql-hashicorp-vault:0.3.0 + #ports: + # - "8180:8080" # default + # - "8184:8084" # ids + # - "8181:8081" # data management api - should be private later on + # - "8182:8082" # validation + #entrypoint: find startup information in product-edc/edc-controlplane/edc-controlplane-postgresql-hashicorp-vault/src/main/docker/Dockerfile + volumes: + - ./config/default/opentelemetry.properties:/app/opentelemetry.properties + - ./config/default/logging.properties:/app/logging.properties + + data-plane: + image: ghcr.io/catenax-ng/product-edc/edc-dataplane-hashicorp-vault:0.3.0 + #ports: + # - "8080:8080" # default + # - "8185:8185" # public + volumes: + - ./config/default/opentelemetry.properties:/app/opentelemetry.properties + - ./config/default/logging.properties:/app/logging.properties diff --git a/local/vault/Dockerfile b/local/vault/Dockerfile new file mode 100644 index 00000000..ae5933fd --- /dev/null +++ b/local/vault/Dockerfile @@ -0,0 +1,33 @@ +# +# Copyright (c) 2023 Volkswagen AG +# Copyright (c) 2023 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) +# Copyright (c) 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# +FROM vault:1.12.2 + +RUN apk --no-cache add bash + +EXPOSE 8200 +COPY ./put-keys.sh /put-keys.sh + +RUN chmod 755 put-keys.sh #&& chmod -R 755 ./vault/secrets #&& /usr/sbin/setcap cap_ipc_lock=+ep /bin/vault + +# already is a non-root user +USER vault + +ENTRYPOINT exec "./put-keys.sh" diff --git a/local/vault/put-keys.sh b/local/vault/put-keys.sh new file mode 100644 index 00000000..acd3416e --- /dev/null +++ b/local/vault/put-keys.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +# enable job control (bg, fg) +set -m + +# start vault +docker-entrypoint.sh server -dev & + +echo "Environment Variable VAULT_ADDR=$VAULT_ADDR" + +echo "Trying to login..." +until vault login $VAULT_DEV_ROOT_TOKEN_ID +do + echo "Waiting for vault startup..." + sleep 1 +done + +echo "Adding customer certificates" +cat $VAULT_PUT_SECRETS_DIR/customer.key | vault kv put secret/customer-key content=- +cat $VAULT_PUT_SECRETS_DIR/customer.cert | vault kv put secret/customer-cert content=- +cat $VAULT_PUT_SECRETS_DIR/customer-encryption.keys | vault kv put secret/customer-encryption-keys content=- + +echo "Adding supplier certificates" +cat $VAULT_PUT_SECRETS_DIR/supplier.key | vault kv put secret/supplier-key content=- +cat $VAULT_PUT_SECRETS_DIR/supplier.cert | vault kv put secret/supplier-cert content=- +cat $VAULT_PUT_SECRETS_DIR/supplier-encryption.keys | vault kv put secret/supplier-encryption-keys content=- + +# and get the actual server process back to the foreground +fg %1