From 0d597a871e09199b1dbc7b1b0d5a22d1df5f288f Mon Sep 17 00:00:00 2001 From: --show-origin Date: Tue, 18 Jun 2024 22:37:16 -0700 Subject: [PATCH 1/7] refactor(backend): use spring-boot-actuator instead of proprietary health endpoint --- DEPENDENCIES_BACKEND | 67 ++++++++++--------- backend/pom.xml | 4 ++ .../common/security/SecurityConfig.java | 4 +- .../backend/controller/HealthController.java | 45 ------------- .../src/main/resources/application.properties | 3 + charts/puris/Chart.yaml | 2 +- charts/puris/README.md | 7 +- .../puris/templates/backend-deployment.yaml | 2 +- 8 files changed, 53 insertions(+), 81 deletions(-) delete mode 100644 backend/src/main/java/org/eclipse/tractusx/puris/backend/controller/HealthController.java diff --git a/DEPENDENCIES_BACKEND b/DEPENDENCIES_BACKEND index 6b2dc903..26172521 100644 --- a/DEPENDENCIES_BACKEND +++ b/DEPENDENCIES_BACKEND @@ -1,22 +1,24 @@ -maven/mavencentral/ch.qos.logback/logback-classic/1.4.14, EPL-1.0 OR LGPL-2.1-only, approved, #3435 -maven/mavencentral/ch.qos.logback/logback-core/1.4.14, EPL-1.0 OR LGPL-2.1-only, approved, #3373 -maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.15.4, Apache-2.0, approved, #7947 +maven/mavencentral/ch.qos.logback/logback-classic/1.4.14, EPL-1.0 AND LGPL-2.1-only, approved, #15230 +maven/mavencentral/ch.qos.logback/logback-core/1.4.14, EPL-1.0 AND LGPL-2.1-only, approved, #15209 +maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.15.4, Apache-2.0, approved, #15260 maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.15.4, MIT AND Apache-2.0, approved, #7932 -maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.15.4, Apache-2.0, approved, #7934 -maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.15.4, Apache-2.0, approved, #8802 -maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.15.4, Apache-2.0, approved, #8808 -maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.15.4, Apache-2.0, approved, #7930 -maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.15.4, Apache-2.0, approved, #8803 +maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.15.4, Apache-2.0, approved, #15199 +maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.15.4, Apache-2.0, approved, #15207 +maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.15.4, Apache-2.0, approved, #15281 +maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.15.4, Apache-2.0, approved, #15189 +maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.15.4, Apache-2.0, approved, #15219 maven/mavencentral/com.fasterxml/classmate/1.6.0, Apache-2.0, approved, clearlydefined maven/mavencentral/com.jayway.jsonpath/json-path/2.9.0, Apache-2.0, approved, clearlydefined maven/mavencentral/com.squareup.okhttp3/mockwebserver/4.12.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/com.squareup.okhttp3/okhttp/4.12.0, Apache-2.0, approved, #11156 +maven/mavencentral/com.squareup.okhttp3/okhttp/4.12.0, Apache-2.0, approved, #15227 maven/mavencentral/com.squareup.okio/okio-jvm/3.6.0, Apache-2.0, approved, #11158 maven/mavencentral/com.squareup.okio/okio/3.6.0, Apache-2.0, approved, #11155 -maven/mavencentral/com.sun.istack/istack-commons-runtime/4.1.2, BSD-3-Clause, approved, #2590 +maven/mavencentral/com.sun.istack/istack-commons-runtime/4.1.2, BSD-3-Clause, approved, #15290 maven/mavencentral/com.vaadin.external.google/android-json/0.0.20131108.vaadin1, Apache-2.0, approved, CQ21310 maven/mavencentral/com.zaxxer/HikariCP/5.0.1, Apache-2.0, approved, clearlydefined maven/mavencentral/io.micrometer/micrometer-commons/1.12.5, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11679 +maven/mavencentral/io.micrometer/micrometer-core/1.12.5, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11678 +maven/mavencentral/io.micrometer/micrometer-jakarta9/1.12.5, Apache-2.0, approved, #12923 maven/mavencentral/io.micrometer/micrometer-observation/1.12.5, Apache-2.0, approved, #11680 maven/mavencentral/io.smallrye/jandex/3.1.2, Apache-2.0, approved, clearlydefined maven/mavencentral/io.swagger.core.v3/swagger-annotations-jakarta/2.2.21, Apache-2.0, approved, #5947 @@ -37,12 +39,12 @@ maven/mavencentral/net.minidev/json-smart/2.5.1, Apache-2.0, approved, clearlyde maven/mavencentral/org.antlr/antlr4-runtime/4.13.0, BSD-3-Clause, approved, #10767 maven/mavencentral/org.apache.commons/commons-lang3/3.13.0, Apache-2.0, approved, #9820 maven/mavencentral/org.apache.logging.log4j/log4j-api/2.21.1, Apache-2.0 AND (Apache-2.0 AND LGPL-2.0-or-later), approved, #11079 -maven/mavencentral/org.apache.logging.log4j/log4j-to-slf4j/2.21.1, Apache-2.0, approved, #11919 +maven/mavencentral/org.apache.logging.log4j/log4j-to-slf4j/2.21.1, Apache-2.0, approved, #15262 maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-core/10.1.20, Apache-2.0 AND (EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND (CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND W3C AND CC0-1.0, approved, #5949 maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.20, Apache-2.0, approved, #6997 maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.20, Apache-2.0, approved, #7920 maven/mavencentral/org.apiguardian/apiguardian-api/1.1.2, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.aspectj/aspectjweaver/1.9.22, Apache-2.0 AND BSD-3-Clause AND EPL-1.0 AND BSD-3-Clause AND Apache-1.1, approved, #7695 +maven/mavencentral/org.aspectj/aspectjweaver/1.9.22, Apache-2.0 AND BSD-3-Clause AND EPL-1.0 AND BSD-3-Clause AND Apache-1.1, approved, #15252 maven/mavencentral/org.assertj/assertj-core/3.24.2, Apache-2.0, approved, #6161 maven/mavencentral/org.awaitility/awaitility/4.2.1, Apache-2.0, approved, #14178 maven/mavencentral/org.checkerframework/checker-qual/3.42.0, MIT, approved, clearlydefined @@ -52,6 +54,7 @@ maven/mavencentral/org.glassfish.jaxb/jaxb-runtime/4.0.5, BSD-3-Clause, approved maven/mavencentral/org.glassfish.jaxb/txw2/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl maven/mavencentral/org.hamcrest/hamcrest-core/2.2, BSD-3-Clause, approved, clearlydefined maven/mavencentral/org.hamcrest/hamcrest/2.2, BSD-3-Clause, approved, clearlydefined +maven/mavencentral/org.hdrhistogram/HdrHistogram/2.1.12, CC0-1.0, approved, #15259 maven/mavencentral/org.hibernate.common/hibernate-commons-annotations/6.0.6.Final, LGPL-2.1-only, approved, #6962 maven/mavencentral/org.hibernate.orm/hibernate-core/6.4.4.Final, LGPL-2.1-or-later AND (EPL-2.0 OR BSD-3-Clause) AND MIT, approved, #12490 maven/mavencentral/org.hibernate.validator/hibernate-validator/8.0.1.Final, Apache-2.0, approved, clearlydefined @@ -64,10 +67,11 @@ maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib/1.9.23, Apache-2.0, approv maven/mavencentral/org.jetbrains/annotations/13.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.10.2, EPL-2.0, approved, #9714 maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.10.2, EPL-2.0, approved, #9711 -maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.10.2, EPL-2.0, approved, #9708 -maven/mavencentral/org.junit.jupiter/junit-jupiter/5.10.2, EPL-2.0, approved, #13393 +maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.10.2, EPL-2.0, approved, #15250 +maven/mavencentral/org.junit.jupiter/junit-jupiter/5.10.2, EPL-2.0, approved, #15197 maven/mavencentral/org.junit.platform/junit-platform-commons/1.10.2, EPL-2.0, approved, #9715 maven/mavencentral/org.junit.platform/junit-platform-engine/1.10.2, EPL-2.0, approved, #9709 +maven/mavencentral/org.latencyutils/LatencyUtils/2.0.3, CC0-1.0, approved, #15280 maven/mavencentral/org.mockito/mockito-core/5.7.0, MIT AND (Apache-2.0 AND MIT) AND Apache-2.0, approved, #11424 maven/mavencentral/org.mockito/mockito-junit-jupiter/5.7.0, MIT, approved, #11423 maven/mavencentral/org.modelmapper/modelmapper/3.2.0, Apache-2.0, approved, clearlydefined @@ -75,15 +79,18 @@ maven/mavencentral/org.objenesis/objenesis/3.3, Apache-2.0, approved, clearlydef maven/mavencentral/org.opentest4j/opentest4j/1.3.0, Apache-2.0, approved, #9713 maven/mavencentral/org.ow2.asm/asm/9.6, BSD-3-Clause, approved, #10776 maven/mavencentral/org.postgresql/postgresql/42.7.3, BSD-2-Clause AND Apache-2.0, approved, #11681 -maven/mavencentral/org.projectlombok/lombok/1.18.32, MIT AND LicenseRef-Public-Domain, approved, CQ23907 +maven/mavencentral/org.projectlombok/lombok/1.18.32, MIT, approved, #15192 maven/mavencentral/org.skyscreamer/jsonassert/1.5.1, Apache-2.0, approved, clearlydefined maven/mavencentral/org.slf4j/jul-to-slf4j/2.0.13, MIT, approved, #7698 maven/mavencentral/org.slf4j/slf4j-api/2.0.13, MIT, approved, #5915 maven/mavencentral/org.springdoc/springdoc-openapi-starter-common/2.5.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-api/2.5.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-ui/2.5.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-actuator-autoconfigure/3.2.5, Apache-2.0, approved, #11921 +maven/mavencentral/org.springframework.boot/spring-boot-actuator/3.2.5, Apache-2.0, approved, #11918 maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.2.5, Apache-2.0, approved, #11751 maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.2.5, Apache-2.0, approved, #12915 +maven/mavencentral/org.springframework.boot/spring-boot-starter-actuator/3.2.5, Apache-2.0, approved, #12918 maven/mavencentral/org.springframework.boot/spring-boot-starter-aop/3.2.5, Apache-2.0, approved, #11928 maven/mavencentral/org.springframework.boot/spring-boot-starter-data-jpa/3.2.5, Apache-2.0, approved, #11926 maven/mavencentral/org.springframework.boot/spring-boot-starter-jdbc/3.2.5, Apache-2.0, approved, #11878 @@ -97,27 +104,27 @@ maven/mavencentral/org.springframework.boot/spring-boot-starter/3.2.5, Apache-2. maven/mavencentral/org.springframework.boot/spring-boot-test-autoconfigure/3.2.5, Apache-2.0, approved, #12920 maven/mavencentral/org.springframework.boot/spring-boot-test/3.2.5, Apache-2.0, approved, #12916 maven/mavencentral/org.springframework.boot/spring-boot/3.2.5, Apache-2.0, approved, #11752 -maven/mavencentral/org.springframework.data/spring-data-commons/3.2.5, Apache-2.0, approved, #11917 -maven/mavencentral/org.springframework.data/spring-data-jpa/3.2.5, Apache-2.0, approved, #11882 +maven/mavencentral/org.springframework.data/spring-data-commons/3.2.5, Apache-2.0, approved, #15202 +maven/mavencentral/org.springframework.data/spring-data-jpa/3.2.5, Apache-2.0, approved, #15183 maven/mavencentral/org.springframework.security/spring-security-config/6.2.4, Apache-2.0, approved, #11896 maven/mavencentral/org.springframework.security/spring-security-core/6.2.4, Apache-2.0, approved, #11904 maven/mavencentral/org.springframework.security/spring-security-crypto/6.2.4, Apache-2.0 AND ISC, approved, #11908 maven/mavencentral/org.springframework.security/spring-security-test/6.2.4, Apache-2.0, approved, #12922 maven/mavencentral/org.springframework.security/spring-security-web/6.2.4, Apache-2.0, approved, #11911 maven/mavencentral/org.springframework.session/spring-session-core/3.2.2, Apache-2.0, approved, #12588 -maven/mavencentral/org.springframework/spring-aop/6.1.6, Apache-2.0, approved, #11755 -maven/mavencentral/org.springframework/spring-aspects/6.1.6, Apache-2.0, approved, #11905 -maven/mavencentral/org.springframework/spring-beans/6.1.6, Apache-2.0, approved, #11754 -maven/mavencentral/org.springframework/spring-context/6.1.6, Apache-2.0, approved, #11753 -maven/mavencentral/org.springframework/spring-core/6.1.6, Apache-2.0 AND BSD-3-Clause, approved, #11750 -maven/mavencentral/org.springframework/spring-expression/6.1.6, Apache-2.0, approved, #11747 -maven/mavencentral/org.springframework/spring-jcl/6.1.6, Apache-2.0, approved, #11749 -maven/mavencentral/org.springframework/spring-jdbc/6.1.6, Apache-2.0, approved, #11897 -maven/mavencentral/org.springframework/spring-orm/6.1.6, Apache-2.0, approved, #11924 -maven/mavencentral/org.springframework/spring-test/6.1.6, Apache-2.0, approved, #12919 -maven/mavencentral/org.springframework/spring-tx/6.1.6, Apache-2.0, approved, #11901 -maven/mavencentral/org.springframework/spring-web/6.1.6, Apache-2.0, approved, #11748 -maven/mavencentral/org.springframework/spring-webmvc/6.1.6, Apache-2.0, approved, #11879 +maven/mavencentral/org.springframework/spring-aop/6.1.6, Apache-2.0, approved, #15221 +maven/mavencentral/org.springframework/spring-aspects/6.1.6, Apache-2.0, approved, #15193 +maven/mavencentral/org.springframework/spring-beans/6.1.6, Apache-2.0, approved, #15213 +maven/mavencentral/org.springframework/spring-context/6.1.6, Apache-2.0, approved, #15261 +maven/mavencentral/org.springframework/spring-core/6.1.6, Apache-2.0 AND BSD-3-Clause, approved, #15206 +maven/mavencentral/org.springframework/spring-expression/6.1.6, Apache-2.0, approved, #15264 +maven/mavencentral/org.springframework/spring-jcl/6.1.6, Apache-2.0, approved, #15266 +maven/mavencentral/org.springframework/spring-jdbc/6.1.6, Apache-2.0, approved, #15191 +maven/mavencentral/org.springframework/spring-orm/6.1.6, Apache-2.0, approved, #15278 +maven/mavencentral/org.springframework/spring-test/6.1.6, Apache-2.0, approved, #15265 +maven/mavencentral/org.springframework/spring-tx/6.1.6, Apache-2.0, approved, #15229 +maven/mavencentral/org.springframework/spring-web/6.1.6, Apache-2.0, approved, #15188 +maven/mavencentral/org.springframework/spring-webmvc/6.1.6, Apache-2.0, approved, #15182 maven/mavencentral/org.webjars/swagger-ui/5.13.0, Apache-2.0, approved, #14547 maven/mavencentral/org.xmlunit/xmlunit-core/2.9.1, Apache-2.0, approved, #6272 maven/mavencentral/org.yaml/snakeyaml/2.2, Apache-2.0 AND (Apache-2.0 OR BSD-3-Clause OR EPL-1.0 OR GPL-2.0-or-later OR LGPL-2.1-or-later), approved, #10232 diff --git a/backend/pom.xml b/backend/pom.xml index 42233b13..415226af 100644 --- a/backend/pom.xml +++ b/backend/pom.xml @@ -49,6 +49,10 @@ 2.5.0 + + org.springframework.boot + spring-boot-starter-actuator + org.springframework.boot spring-boot-starter-data-jpa diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/security/SecurityConfig.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/security/SecurityConfig.java index 468ea19d..cf8e9351 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/security/SecurityConfig.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/security/SecurityConfig.java @@ -87,7 +87,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { "/stockView/**", "/partners/**", "/materials/**", - "/materialpartnerrelations/**", + "/materialpartnerrelations/**", "/item-stock/**", "/production/**", "/delivery/**", @@ -101,7 +101,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { "/parttypeinformation/**" ) .authenticated() - .requestMatchers("/swagger-ui/**", "/v3/api-docs/**", "/health/**").permitAll() + .requestMatchers("/swagger-ui/**", "/v3/api-docs/**", "/actuator/health/**").permitAll() .dispatcherTypeMatchers(DispatcherType.ERROR).permitAll() ) .httpBasic( diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/controller/HealthController.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/controller/HealthController.java deleted file mode 100644 index d1dc5771..00000000 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/controller/HealthController.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2023 Volkswagen AG - * Copyright (c) 2023 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) - * Copyright (c) 2023 Contributors to the Eclipse Foundation - * - * See the NOTICE file(s) distributed with this work for additional - * information regarding copyright ownership. - * - * This program and the accompanying materials are made available under the - * terms of the Apache License, Version 2.0 which is available at - * https://www.apache.org/licenses/LICENSE-2.0. - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - * - * SPDX-License-Identifier: Apache-2.0 - */ -package org.eclipse.tractusx.puris.backend.controller; - -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; - -/** - * Controller used for health and readiness probes. - */ -@RestController -@RequestMapping("health") -public class HealthController { - - /** - * Return 200 OK status for health and readiness probes. - * - * @return 200 OK if healthy. - */ - @GetMapping("/") - public ResponseEntity getHealth() { - return ResponseEntity.ok().build(); - } - -} diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index 4df72211..a2d21cfa 100755 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -62,6 +62,9 @@ own.bpna=${OWN_BPNA:BPNA4444444444AA} own.streetandnumber=${OWN_STREETANDNUMBER:13th Street 47} own.zipcodeandcity=${OWN_ZIPCODEANDCITY:10011 New York} own.country=${OWN_COUNTRY:USA} +# only enable health endpoint from actuator by default +management.endpoints.enabled-by-default=false +management.endpoint.health.enabled=true server.ssl.enabled=false #server.port=8443 #server.ssl.bundle=server diff --git a/charts/puris/Chart.yaml b/charts/puris/Chart.yaml index f95fbeac..d79e0ccc 100644 --- a/charts/puris/Chart.yaml +++ b/charts/puris/Chart.yaml @@ -35,7 +35,7 @@ dependencies: # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.6.3 +version: 2.6.4 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/puris/README.md b/charts/puris/README.md index 91802d70..07700d50 100644 --- a/charts/puris/README.md +++ b/charts/puris/README.md @@ -1,6 +1,6 @@ # puris -![Version: 2.6.3](https://img.shields.io/badge/Version-2.6.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.2](https://img.shields.io/badge/AppVersion-2.0.2-informational?style=flat-square) +![Version: 2.6.4](https://img.shields.io/badge/Version-2.6.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.2](https://img.shields.io/badge/AppVersion-2.0.2-informational?style=flat-square) A helm chart for Kubernetes deployment of PURIS @@ -17,7 +17,7 @@ To install the chart with the release name `puris`: ```shell $ helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev -$ helm install puris tractusx-dev/policy-hub +$ helm install puris tractusx-dev/puris ``` To install the helm chart into your cluster with your values: @@ -218,6 +218,9 @@ dependencies: | postgresql.service | object | `{"ports":{"postgresql":5432}}` | Possibility to override the name nameOverride: "" | | postgresql.service.ports.postgresql | int | `5432` | Port of postgres database. | +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3) + ## NOTICE This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0). diff --git a/charts/puris/templates/backend-deployment.yaml b/charts/puris/templates/backend-deployment.yaml index 21071f28..f46e6975 100644 --- a/charts/puris/templates/backend-deployment.yaml +++ b/charts/puris/templates/backend-deployment.yaml @@ -181,7 +181,7 @@ spec: protocol: TCP livenessProbe: httpGet: - path: {{ .Values.backend.puris.api.rootDir }}/health/ + path: {{ .Values.backend.puris.api.rootDir }}/actuator/health/ port: http initialDelaySeconds: {{ .Values.backend.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.backend.livenessProbe.periodSeconds }} From b1abb3c766daa7d3aab0c9e5673572b3cf60a384 Mon Sep 17 00:00:00 2001 From: --show-origin Date: Tue, 18 Jun 2024 22:58:51 -0700 Subject: [PATCH 2/7] refactor(local): add health checks for docker compose --- local/docker-compose-infrastructure.yaml | 28 +++++++++++++++++- local/docker-compose.yaml | 36 +++++++++++++++++++++++- local/miw/keycloak.properties | 2 ++ 3 files changed, 64 insertions(+), 2 deletions(-) diff --git a/local/docker-compose-infrastructure.yaml b/local/docker-compose-infrastructure.yaml index f0ac241f..0d0f53b4 100644 --- a/local/docker-compose-infrastructure.yaml +++ b/local/docker-compose-infrastructure.yaml @@ -17,7 +17,6 @@ # # SPDX-License-Identifier: Apache-2.0 # -version: "3" services: # Outcommented as not updated for R24.05 but scheduled for R24.08 @@ -35,6 +34,11 @@ services: postgres: image: postgres:15.4-alpine container_name: postgres-miw + healthcheck: + test: ["CMD-SHELL", "pg_isready -d miw -U ${PG_USER}"] + interval: 4s + timeout: 3s + retries: 15 environment: POSTGRES_DB: miw POSTGRES_USER: ${PG_USER} @@ -49,9 +53,16 @@ services: - miw-net keycloak: + container_name: keycloak image: quay.io/keycloak/keycloak:23.0.1 env_file: - ./miw/keycloak.properties + healthcheck: + # https://gist.github.com/sarath-soman/5d9aec06953bbd0990c648605d4dba07 + test: ["CMD-SHELL", '[ -f /tmp/HealthCheck.java ] || echo "public class HealthCheck { public static void main(String[] args) throws java.lang.Throwable { System.exit(java.net.HttpURLConnection.HTTP_OK == ((java.net.HttpURLConnection)new java.net.URL(args[0]).openConnection()).getResponseCode() ? 0 : 1); } }" > /tmp/HealthCheck.java && java /tmp/HealthCheck.java http://localhost:8080/health/live'] + interval: 4s + timeout: 3s + retries: 20 environment: DB_SCHEMA: public command: @@ -73,6 +84,11 @@ services: vault: build: ./vault container_name: vault + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://vault:8200/v1/sys/health"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:8200:8200" environment: @@ -91,6 +107,11 @@ services: mock-util-service: build: ./iam-mock container_name: mock-util-service + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://mock-util-service:8888/customer/random"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:8888:80" networks: @@ -99,6 +120,11 @@ services: bdrs: image: tractusx/bdrs-server-memory:0.0.4 container_name: bdrs + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://bdrs:8580/api/check/readiness"] + interval: 4s + timeout: 3s + retries: 20 env_file: - ./bdrs/application.properties environment: diff --git a/local/docker-compose.yaml b/local/docker-compose.yaml index e681c6c7..1bfeb05d 100644 --- a/local/docker-compose.yaml +++ b/local/docker-compose.yaml @@ -18,12 +18,16 @@ # # SPDX-License-Identifier: Apache-2.0 # -version: "3" services: puris-frontend-customer: image: puris-frontend:dev container_name: customer-frontend + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://puris-frontend-customer:3000"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:3000:8080" environment: @@ -64,6 +68,11 @@ services: condition: service_healthy dtr-customer: condition: service_healthy + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://puris-backend-customer:8081/catena/actuator/health"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:8081:8081" # expose port of server.port env_file: @@ -145,6 +154,11 @@ services: container_name: customer-control-plane env_file: - ./tractus-x-edc/config/customer/control-plane.properties + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://edc-customer-control-plane:8180/api/check/health"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:8180:8180" - "127.0.0.1:8181:8181" @@ -165,6 +179,11 @@ services: file: ./tractus-x-edc/docker-compose.yaml service: data-plane container_name: customer-data-plane + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://edc-customer-data-plane:8280/api/check/health"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:8280:8280" - "127.0.0.1:8283:8283" @@ -220,6 +239,11 @@ services: condition: service_healthy dtr-supplier: condition: service_healthy + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://puris-backend-supplier:8082/catena/actuator/health"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:8082:8082" env_file: @@ -273,6 +297,11 @@ services: file: ./tractus-x-edc/docker-compose.yaml service: control-plane container_name: supplier-control-plane + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://edc-supplier-control-plane:9180/api/check/health"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:9180:9180" - "127.0.0.1:9181:9181" @@ -296,6 +325,11 @@ services: file: ./tractus-x-edc/docker-compose.yaml service: data-plane container_name: supplier-data-plane + healthcheck: + test: ["CMD-SHELL", "wget -q --spider http://edc-supplier-data-plane:9280/api/check/health"] + interval: 4s + timeout: 3s + retries: 20 ports: - "127.0.0.1:9280:9280" - "127.0.0.1:9283:9283" diff --git a/local/miw/keycloak.properties b/local/miw/keycloak.properties index fdfc081a..168fd3dd 100644 --- a/local/miw/keycloak.properties +++ b/local/miw/keycloak.properties @@ -15,3 +15,5 @@ CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET=${CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET} CUSTOMER_KC_DTR_EDC_CLIENT_SECRET=${CUSTOMER_KC_DTR_EDC_CLIENT_SECRET} SUPPLIER_KC_DTR_PURIS_CLIENT_SECRET=${SUPPLIER_KC_DTR_PURIS_CLIENT_SECRET} SUPPLIER_KC_DTR_EDC_CLIENT_SECRET=${SUPPLIER_KC_DTR_EDC_CLIENT_SECRET} +# enable health +KC_HEALTH_ENABLED=true From 9b96c4911cdb97a90c6904bab5d10ac655ab67dc Mon Sep 17 00:00:00 2001 From: --show-origin Date: Tue, 18 Jun 2024 22:59:40 -0700 Subject: [PATCH 3/7] feat(local/deploy.sh): add deployment script for one command deployments --- local/INSTALL.md | 59 ++++++++++++++++- local/deploy.sh | 160 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 216 insertions(+), 3 deletions(-) create mode 100644 local/deploy.sh diff --git a/local/INSTALL.md b/local/INSTALL.md index 76426d72..672266f6 100644 --- a/local/INSTALL.md +++ b/local/INSTALL.md @@ -1,5 +1,8 @@ # Creating a local testing and development setup via Docker +This guide helps you to run PURIS for local demonstration and testing purposes. You can either choose to use +the "Extended Run Instructions" or to use the "Run with simplified Deployment Script". + ## Additional information for Windows users If you want to use the local setup on a Windows machine, it seems advisable to use the Windows subsystem for Linux ( @@ -8,7 +11,57 @@ An installation guide can be found [here](https://learn.microsoft.com/en-us/wind Also see this [additional information about using Docker in combination with WSL2](https://docs.docker.com/desktop/wsl/) -## Initial Setup +## Run with simplified Deployment Script (Bash) + +This script allows easier startup for testing and demonstration. + +### Build PURIS + +Same as for the extended run build PURIS manually. + +```shell +cd ../backend +docker build -t puris-backend:dev . + +cd ../frontend +docker build -t puris-frontend:dev . + +cd ../local +``` + +Then use the deployment script to fulfill common scenarios: + +```shell +cd local + +# deploy PURIS from scratch with a cleanup upfront +sh deploy.sh -c + +# deploy only EDC with cleanup of infrastructure +sh deploy.sh -ce + +# redeploy puris but keep infrastructure +sh deploy.sh + +# redeploy puris but keep infrastructure and show logs of EDC, DTR, PURIS +sh deploy.sh -l +``` + +The script also checks if the respective services are healthy (sometimes simplified). + +But you now need to get logs on your own + +```shell +# identify container names +docker container ls + +# e.g. puris backend of customer, use '-f' option to follow logs. +docker logs customer-backend +``` + +## Extended Run Instructions + +### Initial Setup In case you had any previous installations of this project on your machine, it is advisable to remove them via the script @@ -46,7 +99,7 @@ Please see the INSTALL.md documents in the [frontend](../frontend/INSTALL.md) an The default image tag is 'dev'. Remember to also adjust the tag in the docker-compose.yaml if you want to use different tags. -## Start +### Start First start the infrastructure by navigating your shell to the local folder and running @@ -113,7 +166,7 @@ cd local sh cleanup.sh ``` -Then start your containers again with the aforementioned commands. +Then start your containers again with the aforementioned commands. ## NOTICE diff --git a/local/deploy.sh b/local/deploy.sh new file mode 100644 index 00000000..4db2e6f8 --- /dev/null +++ b/local/deploy.sh @@ -0,0 +1,160 @@ +#!/bin/bash +# +# Copyright (c) 2024 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# + +cleanup=0 +edc_only=0 +int_seed=0 +logs=0 +# Remove previous installations if -c flag has been specified, and generate new keys +while getopts "ceilh" opt;do + case $opt in + c) + echo "Cleanup requested." + cleanup=1 + ;; + e) + echo "Only start with EDC. Restarts EDC if already existing" + edc_only=1 + ;; + i) + echo "Alright, we'll seed the INT Test Data." + int_seed=1 + ;; + l) + echo "Alright, you'll see the logs of the edc, dtr, puris." + logs=1 + ;; + h) + echo "By default the tool does the following:" + echo "- ensure that environment and keys have been generated" + echo "- startup infrastructure, if needed" + echo "- (delete and re-) start edc, dtr, puris" + echo "" + echo "If no option -e is provided, then start PURIS, with same result as running following commands:" + echo "\$sh generate-keys.sh # if no .env exists" + echo "\$docker compose -f docker-compose-infrastructure up # if no keycloak is running" + echo "\$docker compose down -v" + echo "\$docker compose up" + echo "" + echo "You can use options to alter behavior:" + echo "-c clean = run sh.cleanup before starting to create a new environment (Wallet, Keycloak, Keys)" + echo "-e edc-only = start only the EDCs with DTR and Data Base. Kill existing edc, dtr, db esources." + echo "-i seed-int-data = TBD seed integration test data" + echo "-l logs = Follows the logs of the EDC, DTR and PURIS same as today with docker-compose." + echo "-p puris = start PURIS, same result as 'docker compose up' with previous 'docker compose down -v'" + echo "\nExiting..." + exit 1 + ;; + esac +done + +if [ $cleanup -eq 1 ]; then + echo "Cleaning up previous installations and generating new keys..." + sh cleanup.sh +fi + +env_created=0 +if [ ! -f ".env" ]; then + echo "No environment given. Generating new one with keys..." + env_created=1 + sh generate-keys.sh + echo "" +else + echo "Reusing existing environment." +fi + +# consider running keycloak as infrastructure is already running +if [ "$(docker inspect --format='{{.State.Health.Status}}' keycloak)" = "healthy" ]; then + echo "Infrastructure (Wallet, Keycloak) already running. Don't restart infrastructure." +else + # Start the infrastructure services + echo "Starting infrastructure services (Wallet, Keycloak) ..." + docker compose -f docker-compose-infrastructure.yaml up -d + + # Wait for the infrastructure services to be fully up and running + echo "...waiting for infrastructure services to be fully operational..." + until [ "$(docker inspect --format='{{.State.Health.Status}}' keycloak)" = "healthy" ]; do + printf '.' + sleep 5 + done + echo "Infrastructure services are up and running." +fi + +# only seed bdrs, if the environment is new +if [ $env_created -eq 1 ]; then + # Seed the bdrs-service + echo "Seeding the bdrs-service..." + sh seed-bdrs.sh +fi + +if [ $edc_only -eq 1 ]; then + + # first down edc + dtr if running + echo "Removing the EDCs with their DTR and Database..." + docker compose down -v postgres-all dtr-customer dtr-supplier edc-customer-control-plane edc-customer-data-plane \ + edc-supplier-control-plane edc-supplier-data-plane + + echo "We'll only start the the EDCs..." + docker compose up -d edc-customer-control-plane edc-customer-data-plane edc-supplier-control-plane \ + edc-supplier-data-plane + + echo "...waiting for EDCs to be fully operational..." + until [ "$(docker inspect --format='{{.State.Health.Status}}' customer-control-plane)" = "healthy" -a \ + "$(docker inspect --format='{{.State.Health.Status}}' customer-data-plane)" = "healthy" -a \ + "$(docker inspect --format='{{.State.Health.Status}}' supplier-control-plane)" = "healthy" -a \ + "$(docker inspect --format='{{.State.Health.Status}}' supplier-data-plane)" = "healthy" ]; + do + printf '.' + sleep 5 + done +else + echo "Removing the PURIS + EDCs with their DTR and Database..." + docker compose down -v puris-backend-customer puris-backend-supplier puris-frontend-customer \ + puris-frontend-supplier postgres-all dtr-customer dtr-supplier edc-customer-control-plane \ + edc-customer-data-plane edc-supplier-control-plane edc-supplier-data-plane + + # Start the PURIS demonstrator containers + echo "Starting PURIS demonstrator containers..." + docker compose up -d + + # Wait for puris services to be fully up and running + echo "...waiting for backends to be fully operational..." + until [ "$(docker inspect --format='{{.State.Health.Status}}' customer-backend)" = "healthy" -a \ + "$(docker inspect --format='{{.State.Health.Status}}' supplier-backend)" = "healthy" ]; + do + printf '.' + sleep 5 + done + echo "Infrastructure services are up and running." +fi + +echo "All services started successfully." + +if [ $int_seed -eq 1 ]; then + echo "Seeding Int Data: Not yet implemented." +fi + +if [ $logs -eq 1 ]; then + echo "Seeding Int Data: Not yet implemented." + docker compose logs -f dtr-customer edc-customer-control-plane edc-supplier-control-plane postgres-all \ + puris-backend-supplier puris-frontend-supplier dtr-supplier edc-customer-data-plane \ + edc-supplier-data-plane puris-backend-customer puris-frontend-customer +fi From e22cebcd954fa1dc0e50abee0810e46f77f94982 Mon Sep 17 00:00:00 2001 From: --show-origin Date: Wed, 19 Jun 2024 23:25:45 -0700 Subject: [PATCH 4/7] feat(docker-compose-newman.yaml): add seeding job for INT test data --- local/.gitignore | 2 + local/INSTALL.md | 8 ++++ local/cleanup.sh | 5 ++- local/deploy.sh | 6 +-- local/docker-compose-infrastructure.yaml | 5 --- local/docker-compose-newman.yaml | 34 +++++++++++++++ local/docker-compose.yaml | 4 +- local/generate-keys.sh | 41 +++++++++++++++---- ...s-integration-test.postman_collection.json | 5 ++- 9 files changed, 91 insertions(+), 19 deletions(-) create mode 100644 local/docker-compose-newman.yaml diff --git a/local/.gitignore b/local/.gitignore index 01985a44..fad3980f 100644 --- a/local/.gitignore +++ b/local/.gitignore @@ -4,3 +4,5 @@ *.secret .env seed-bdrs.sh +local.postman_environment.json +tmp.json diff --git a/local/INSTALL.md b/local/INSTALL.md index 672266f6..93b6a79f 100644 --- a/local/INSTALL.md +++ b/local/INSTALL.md @@ -3,6 +3,11 @@ This guide helps you to run PURIS for local demonstration and testing purposes. You can either choose to use the "Extended Run Instructions" or to use the "Run with simplified Deployment Script". +**Prerequisites** + +- [jq](https://jqlang.github.io/jq/download/) -> used to auto generate environment files +- [docker engine](https://docs.docker.com/engine/install/) (docker & docker compose) -> used for the setup + ## Additional information for Windows users If you want to use the local setup on a Windows machine, it seems advisable to use the Windows subsystem for Linux ( @@ -45,6 +50,9 @@ sh deploy.sh # redeploy puris but keep infrastructure and show logs of EDC, DTR, PURIS sh deploy.sh -l + +# remove role definition in puris-backend.properties and seed INT test data from scratch with a cleanup upfront +sh deploy.sh -ci ``` The script also checks if the respective services are healthy (sometimes simplified). diff --git a/local/cleanup.sh b/local/cleanup.sh index 9a4fb5a2..cd12d33d 100644 --- a/local/cleanup.sh +++ b/local/cleanup.sh @@ -22,10 +22,13 @@ docker compose down -v docker compose -f docker-compose-infrastructure.yaml down -v +docker compose -f docker-compose-newman.yaml down -v docker image rm local-vault docker image rm local-mock-util-service rm .env rm seed-bdrs.sh rm ./vault/secrets -r rm ./iam-mock/keys -r -echo "Deleted .env and vault/secrets" +rm ./postman/tmp.json +rm ./postman/local.postman_environment.json +echo "Deleted .env, vault/secrets, seed-bdr.sh script and postman environment." diff --git a/local/deploy.sh b/local/deploy.sh index 4db2e6f8..86870355 100644 --- a/local/deploy.sh +++ b/local/deploy.sh @@ -127,9 +127,7 @@ if [ $edc_only -eq 1 ]; then done else echo "Removing the PURIS + EDCs with their DTR and Database..." - docker compose down -v puris-backend-customer puris-backend-supplier puris-frontend-customer \ - puris-frontend-supplier postgres-all dtr-customer dtr-supplier edc-customer-control-plane \ - edc-customer-data-plane edc-supplier-control-plane edc-supplier-data-plane + docker compose down -v # Start the PURIS demonstrator containers echo "Starting PURIS demonstrator containers..." @@ -150,6 +148,8 @@ echo "All services started successfully." if [ $int_seed -eq 1 ]; then echo "Seeding Int Data: Not yet implemented." + docker compose -f docker-compose-newman.yaml up + echo "Seeded data. PLEASE CHECK RESULTS ON YOUR OWN." fi if [ $logs -eq 1 ]; then diff --git a/local/docker-compose-infrastructure.yaml b/local/docker-compose-infrastructure.yaml index 0d0f53b4..74ea3bb2 100644 --- a/local/docker-compose-infrastructure.yaml +++ b/local/docker-compose-infrastructure.yaml @@ -107,11 +107,6 @@ services: mock-util-service: build: ./iam-mock container_name: mock-util-service - healthcheck: - test: ["CMD-SHELL", "wget -q --spider http://mock-util-service:8888/customer/random"] - interval: 4s - timeout: 3s - retries: 20 ports: - "127.0.0.1:8888:80" networks: diff --git a/local/docker-compose-newman.yaml b/local/docker-compose-newman.yaml new file mode 100644 index 00000000..17ebf003 --- /dev/null +++ b/local/docker-compose-newman.yaml @@ -0,0 +1,34 @@ +# +# Copyright (c) 2024 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# +services: + + newman: + image: postman/newman:6.1.3-alpine + container_name: newman + volumes: + - ./postman/puris-integration-test.postman_collection.json:/etc/newman/collection.json + - ./postman/local.postman_environment.json:/etc/newman/environment.json + networks: + - miw-net + command: run /etc/newman/collection.json -e /etc/newman/environment.json + +networks: + miw-net: + external: true diff --git a/local/docker-compose.yaml b/local/docker-compose.yaml index 1bfeb05d..2e00d95f 100644 --- a/local/docker-compose.yaml +++ b/local/docker-compose.yaml @@ -63,7 +63,7 @@ services: container_name: customer-backend depends_on: edc-customer-control-plane: - condition: service_started #service_healthy + condition: service_healthy postgres-all: condition: service_healthy dtr-customer: @@ -234,7 +234,7 @@ services: container_name: supplier-backend depends_on: edc-supplier-control-plane: - condition: service_started #service_healthy + condition: service_healthy postgres-all: condition: service_healthy dtr-supplier: diff --git a/local/generate-keys.sh b/local/generate-keys.sh index ac61bb06..b1adc475 100644 --- a/local/generate-keys.sh +++ b/local/generate-keys.sh @@ -32,8 +32,12 @@ CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9 SUPPLIER_KC_DTR_EDC_CLIENT_SECRET=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` SUPPLIER_KC_DTR_PURIS_CLIENT_SECRET=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` -CUSTOMER_KC_MIW_CLIENT_SECRET=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` -SUPPLIER_KC_MIW_CLIENT_SECRET=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` +CUSTOMER_BACKEND_API_KEY=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` +SUPPLIER_BACKEND_API_KEY=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` + +# for some reaseon we generated keys for MIW that leaded to failure for some time, as they are not inserted to MIW +CUSTOMER_KC_MIW_CLIENT_SECRET=miw_private_client +SUPPLIER_KC_MIW_CLIENT_SECRET=miw_private_client # generate .env echo "Creating .env" @@ -47,21 +51,23 @@ KC_MIW_ENC=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` CUSTOMER_BPNL=BPNL4444444444XX CUSTOMER_OAUTH_SECRET_ALIAS=customer.miw.secret -CUSTOMER_OAUTH_CLIENT_ID=customer_private_client +# use hard coded client for now to only have some bearer token for the mock-util-service +CUSTOMER_OAUTH_CLIENT_ID=miw_private_client CUSTOMER_PRIVATE_KEY_ALIAS=customer-key CUSTOMER_PUBLIC_KEY_ALIAS=customer-cert CUSTOMER_ENCRYPTION_KEYS_ALIAS=customer-encryption-keys -CUSTOMER_BACKEND_API_KEY=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` +CUSTOMER_BACKEND_API_KEY=$CUSTOMER_BACKEND_API_KEY CUSTOMER_KC_DTR_EDC_CLIENT_ALIAS=customer.dtr.edc-client.secret CUSTOMER_KC_DTR_PURIS_CLIENT_ALIAS=customer.dtr.puris-client.secret SUPPLIER_BPNL=BPNL1234567890ZZ SUPPLIER_OAUTH_SECRET_ALIAS=supplier.miw.secret -SUPPLIER_OAUTH_CLIENT_ID=supplier_private_client +# use hard coded client for now to only have some bearer token for the mock-util-service +SUPPLIER_OAUTH_CLIENT_ID=miw_private_client SUPPLIER_PRIVATE_KEY_ALIAS=supplier-key SUPPLIER_PUBLIC_KEY_ALIAS=supplier-cert SUPPLIER_ENCRYPTION_KEYS_ALIAS=supplier-encryption-keys -SUPPLIER_BACKEND_API_KEY=`openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32` +SUPPLIER_BACKEND_API_KEY=$SUPPLIER_BACKEND_API_KEY KEYCLOAK_MIW_PUBLIC_CLIENT=miw_public SUPPLIER_KC_DTR_EDC_CLIENT_ALIAS=supplier.dtr.edc-client.secret SUPPLIER_KC_DTR_PURIS_CLIENT_ALIAS=supplier.dtr.puris-client.secret @@ -89,7 +95,7 @@ CUSTOMER_MIW_CLIENT_SECRET="./vault/secrets/customer.miw.secret" CUSTOMER_KC_DTR_EDC_CLIENT_SECRET_FILE_PATH="./vault/secrets/customer.dtr.edc-client.secret" echo -n $CUSTOMER_KC_DTR_EDC_CLIENT_SECRET >> $CUSTOMER_KC_DTR_EDC_CLIENT_SECRET_FILE_PATH CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET_FILE_PATH="./vault/secrets/customer.dtr.puris-client.secret" -echo -n $CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET>> $CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET_FILE_PATH +echo -n $CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET >> $CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET_FILE_PATH openssl req -newkey rsa:2048 -new -batch -nodes -x509 -days 3650 -text -keyout $CUSTOMER_KEY -out $CUSTOMER_CERT # EDC token encryption keys for edc-extensions/data-encryption @@ -151,6 +157,27 @@ curl -X POST -H "x-api-key: \$KEY" -H "Content-Type: application/json" -d '{ "bp echo "" EOF +echo "Generate environment file for newman" +#cp "./postman/Local Dev.postman_environment.json" ./postman/local.postman_environment.json +jq --arg CUSTOMER_BACKEND_API_KEY $CUSTOMER_BACKEND_API_KEY \ + --arg SUPPLIER_BACKEND_API_KEY $SUPPLIER_BACKEND_API_KEY \ + --arg CUSTOMER_MANAGE_CLIENT_SECRET $CUSTOMER_KC_DTR_PURIS_CLIENT_SECRET \ + --arg SUPPLIER_MANAGE_CLIENT_SECRET $SUPPLIER_KC_DTR_PURIS_CLIENT_SECRET \ + --arg EDC_API_PW $EDC_API_PW \ + '(.values[] | select(.key == "CUSTOMER_PURIS_BACKEND_API_KEY") | .value) |= $CUSTOMER_BACKEND_API_KEY | + (.values[] | select(.key == "SUPPLIER_PURIS_BACKEND_API_KEY") | .value) |= $SUPPLIER_BACKEND_API_KEY | + (.values[] | select(.key == "CUSTOMER_EDC_API_KEY") | .value) |= $EDC_API_PW | + (.values[] | select(.key == "SUPPLIER_EDC_API_KEY") | .value) |= $EDC_API_PW | + (.values[] | select(.key == "CUSTOMER_MANAGE_CLIENT_SECRET") | .value) |= $CUSTOMER_MANAGE_CLIENT_SECRET | + (.values[] | select(.key == "SUPPLIER_MANAGE_CLIENT_SECRET") | .value) |= $SUPPLIER_MANAGE_CLIENT_SECRET | + (.values[] | select(.key == "CUSTOMER_EDC") | .value) |= "http://customer-control-plane:8181" | + (.values[] | select(.key == "SUPPLIER_EDC") | .value) |= "http://supplier-control-plane:9181" | + (.values[] | select(.key == "CUSTOMER_DTR") | .value) |= "http://dtr-customer:4243" | + (.values[] | select(.key == "SUPPLIER_DTR") | .value) |= "http://dtr-supplier:4243" | + (.values[] | select(.key == "CUSTOMER_PURIS_BACKEND") | .value) |= "http://customer-backend:8081" | + (.values[] | select(.key == "SUPPLIER_PURIS_BACKEND") | .value) |= "http://supplier-backend:8082" ' \ +"./postman/Local Dev.postman_environment.json" > ./postman/tmp.json && mv ./postman/tmp.json ./postman/local.postman_environment.json + # let everyone access the files so that the non-root user in vault container can put them chmod -R 755 ./vault/secrets chmod -R 755 ./iam-mock/keys diff --git a/local/postman/puris-integration-test.postman_collection.json b/local/postman/puris-integration-test.postman_collection.json index 885af818..4ebd80b1 100644 --- a/local/postman/puris-integration-test.postman_collection.json +++ b/local/postman/puris-integration-test.postman_collection.json @@ -898,7 +898,10 @@ "", " const address = site.addresses[0];", " pm.expect(address).to.have.property(\"bpna\", pm.environment.get(\"SUPPLIER_BPNA\"));", - "});" + "});", + "", + "// wait for 15 seconds after last test for MAD so that Twins can be updated asynchronously.", + "setTimeout(function(){}, [25000]);" ], "type": "text/javascript", "packages": {} From 4c7ca1597260abd456a5d4012279eea45fc247a6 Mon Sep 17 00:00:00 2001 From: --show-origin Date: Wed, 19 Jun 2024 23:34:07 -0700 Subject: [PATCH 5/7] fix(backend-deployment.yaml): remove trailing slash in healthcheck --- charts/puris/templates/backend-deployment.yaml | 2 +- local/tractus-x-edc/config/customer/puris-backend.properties | 3 +-- local/tractus-x-edc/config/supplier/puris-backend.properties | 3 +-- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/puris/templates/backend-deployment.yaml b/charts/puris/templates/backend-deployment.yaml index f46e6975..025c01be 100644 --- a/charts/puris/templates/backend-deployment.yaml +++ b/charts/puris/templates/backend-deployment.yaml @@ -181,7 +181,7 @@ spec: protocol: TCP livenessProbe: httpGet: - path: {{ .Values.backend.puris.api.rootDir }}/actuator/health/ + path: {{ .Values.backend.puris.api.rootDir }}/actuator/health port: http initialDelaySeconds: {{ .Values.backend.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.backend.livenessProbe.periodSeconds }} diff --git a/local/tractus-x-edc/config/customer/puris-backend.properties b/local/tractus-x-edc/config/customer/puris-backend.properties index 20cd322c..d54cef50 100644 --- a/local/tractus-x-edc/config/customer/puris-backend.properties +++ b/local/tractus-x-edc/config/customer/puris-backend.properties @@ -1,6 +1,6 @@ server.port=8081 server.error.include-message=always -puris.demonstrator.role=customer +puris.demonstrator.role= puris.baseurl=http://customer-backend:8081/ puris.itemstocksubmodel.apiassetid=itemstocksubmodel-api-asset puris.productionsubmodel.apiassetid=productionsubmodel-api-asset @@ -27,7 +27,6 @@ edc.controlplane.key=${EDC_API_PW} edc.controlplane.management.url=http://customer-control-plane:8181/management edc.controlplane.protocol.url=http://customer-control-plane:8184/api/v1/dsp edc.dataplane.public.url=http://customer-data-plane:8285/api/public/ - own.bpnl=BPNL4444444444XX own.name=Control Unit Creator Inc. own.bpns=BPNS4444444444XX diff --git a/local/tractus-x-edc/config/supplier/puris-backend.properties b/local/tractus-x-edc/config/supplier/puris-backend.properties index 65aaa222..68798d33 100644 --- a/local/tractus-x-edc/config/supplier/puris-backend.properties +++ b/local/tractus-x-edc/config/supplier/puris-backend.properties @@ -1,6 +1,6 @@ server.port=8082 server.error.include-message=always -puris.demonstrator.role=supplier +puris.demonstrator.role= puris.baseurl=http://supplier-backend:8082/ puris.itemstocksubmodel.apiassetid=itemstocksubmodel-api-asset puris.productionsubmodel.apiassetid=productionsubmodel-api-asset @@ -27,7 +27,6 @@ edc.controlplane.key=${EDC_API_PW} edc.controlplane.management.url=http://supplier-control-plane:9181/management edc.controlplane.protocol.url=http://supplier-control-plane:9184/api/v1/dsp edc.dataplane.public.url=http://supplier-data-plane:9285/api/public/ - own.bpnl=BPNL1234567890ZZ own.name=Semiconductor Supplier Inc. own.bpns=BPNS1234567890ZZ From 2d42582ba985113c586a879a8e1028ae93b148aa Mon Sep 17 00:00:00 2001 From: --show-origin Date: Thu, 20 Jun 2024 00:18:51 -0700 Subject: [PATCH 6/7] fix(helm): correction of readiness and liveness probe --- charts/puris/templates/backend-deployment.yaml | 4 ++-- charts/puris/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/puris/templates/backend-deployment.yaml b/charts/puris/templates/backend-deployment.yaml index 025c01be..6fda4fc8 100644 --- a/charts/puris/templates/backend-deployment.yaml +++ b/charts/puris/templates/backend-deployment.yaml @@ -181,7 +181,7 @@ spec: protocol: TCP livenessProbe: httpGet: - path: {{ .Values.backend.puris.api.rootDir }}/actuator/health + path: {{ .Values.backend.puris.api.rootDir }}/actuator/health/liveness port: http initialDelaySeconds: {{ .Values.backend.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.backend.livenessProbe.periodSeconds }} @@ -190,7 +190,7 @@ spec: failureThreshold: {{ .Values.backend.livenessProbe.failureThreshold }} readinessProbe: httpGet: - path: {{ .Values.backend.puris.api.rootDir }}/health/ + path: {{ .Values.backend.puris.api.rootDir }}/actuator/health/readiness port: http initialDelaySeconds: {{ .Values.backend.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.backend.readinessProbe.periodSeconds }} diff --git a/charts/puris/values.yaml b/charts/puris/values.yaml index 63651bf4..1ee7ca34 100644 --- a/charts/puris/values.yaml +++ b/charts/puris/values.yaml @@ -32,7 +32,7 @@ frontend: # -- Repository of the docker image repository: tractusx/app-puris-frontend # -- THe policy for the image pull process - pullPolicy: IfNotPresent + pullPolicy: Always # -- Overrides the image tag whose default is the chart appVersion. tag: "" From cc4089ca08c615907daec9cd373f948ef1a11ce4 Mon Sep 17 00:00:00 2001 From: --show-origin Date: Thu, 20 Jun 2024 00:30:36 -0700 Subject: [PATCH 7/7] chore: updated license header --- .../puris/backend/common/security/SecurityConfig.java | 1 + local/cleanup.sh | 1 + local/docker-compose-infrastructure.yaml | 5 +++-- local/generate-keys.sh | 1 + 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/security/SecurityConfig.java b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/security/SecurityConfig.java index cf8e9351..5b1e2a06 100644 --- a/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/security/SecurityConfig.java +++ b/backend/src/main/java/org/eclipse/tractusx/puris/backend/common/security/SecurityConfig.java @@ -1,5 +1,6 @@ /* * Copyright (c) 2022,2024 Volkswagen AG + * Copyright (c) 2024 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) * Copyright (c) 2022,2024 Contributors to the Eclipse Foundation * * See the NOTICE file(s) distributed with this work for additional diff --git a/local/cleanup.sh b/local/cleanup.sh index cd12d33d..76740564 100644 --- a/local/cleanup.sh +++ b/local/cleanup.sh @@ -3,6 +3,7 @@ # # Copyright (c) 2022,2024 Volkswagen AG # Copyright (c) 2022,2024 Contributors to the Eclipse Foundation +# Copyright (c) Copyright (c) 2024 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) # # See the NOTICE file(s) distributed with this work for additional # information regarding copyright ownership. diff --git a/local/docker-compose-infrastructure.yaml b/local/docker-compose-infrastructure.yaml index 74ea3bb2..9b606ccd 100644 --- a/local/docker-compose-infrastructure.yaml +++ b/local/docker-compose-infrastructure.yaml @@ -1,6 +1,7 @@ # -# Copyright (c) 2023 Volkswagen AG -# Copyright (c) 2023 Contributors to the Eclipse Foundation +# Copyright (c) 2023,2024 Volkswagen AG +# Copyright (c) 2024 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) +# Copyright (c) 2023,2024 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional # information regarding copyright ownership. diff --git a/local/generate-keys.sh b/local/generate-keys.sh index b1adc475..46fb8fee 100644 --- a/local/generate-keys.sh +++ b/local/generate-keys.sh @@ -2,6 +2,7 @@ # # Copyright (c) 2022,2024 Volkswagen AG +# Copyright (c) 2024 Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V. (represented by Fraunhofer ISST) # Copyright (c) 2022,2024 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional