Merge branch 'feature/14-rs-jws' into feature/43/43-enrollment-url-in…

…-did
agera-edc · Jul 27, 2022 · e7cf15e · e7cf15e
2 parents fd3bf7e + e612bb9
commit e7cf15e
Show file tree

Hide file tree

Showing 48 changed files with 1,106 additions and 327 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,2 @@
+# Declare files that will always have LF line endings on checkout.
+*.sh text eol=lf
diff --git a/.github/actions/gradle-setup/action.yml b/.github/actions/gradle-setup/action.yml
@@ -9,14 +9,21 @@ runs:
       with:
         repository: eclipse-dataspaceconnector/DataSpaceConnector
         path: DataSpaceConnector
-        ref: 6fc0c00f434547b790a5c09c9f61a4aa8cca7d13
+        ref: 3ff940b720f44826df28e893fb31344eb6faacef
 
     - name: Checkout Registration Service
       uses: actions/checkout@v2
       with:
         repository: eclipse-dataspaceconnector/RegistrationService
         path: RegistrationService
-        ref: ef045e3b6556bf1b1148536a1be30d564fd56bf6
+        ref: daa414856b42c8534e9123279112e33b366039b4
+
+    - name: Checkout Identity Hub
+      uses: actions/checkout@v2
+      with:
+        repository: eclipse-dataspaceconnector/IdentityHub
+        path: IdentityHub
+        ref: bc13cf0cb8589b792eef733c7cf7b3422476add5
 
     # Install Java and cache MVD Gradle build.
     - uses: actions/setup-java@v2
@@ -34,7 +41,7 @@ runs:
       with:
         path: ~/.m2
         # .git/FETCH_HEAD contains latest commit ID
-        key: ${{ runner.os }}-m2-${{ hashFiles('DataSpaceConnector/.git/FETCH_HEAD') }}-${{ hashFiles('RegistrationService/.git/FETCH_HEAD') }}
+        key: ${{ runner.os }}-m2-${{ hashFiles('DataSpaceConnector/.git/FETCH_HEAD') }}-${{ hashFiles('RegistrationService/.git/FETCH_HEAD') }}-${{ hashFiles('IdentityHub/.git/FETCH_HEAD') }}
 
     # Install EDC packages into ~/.m2.
     # This action only runs if the packages could not be restored from the cache.
@@ -45,7 +52,7 @@ runs:
       shell: bash
       working-directory: DataSpaceConnector
 
-    - name: Delete EDC packages
+    - name: Delete local EDC repository
       run: rm -r DataSpaceConnector
       shell: bash
 
@@ -62,3 +69,16 @@ runs:
     - name: Move Registration Service packages out of build directory
       run: mv RegistrationService ${{ runner.temp }}
       shell: bash
+
+    # Install Identity Hub packages into ~/.m2.
+    # This action only runs if the packages could not be restored from the cache.
+    - name: Build Identity Hub packages
+      run: |
+        ./gradlew publishToMavenLocal -Pskip.signing
+      if: steps.cache.outputs.cache-hit != 'true' # only on cache miss
+      shell: bash
+      working-directory: IdentityHub
+
+    - name: Delete local Identity Hub repository
+      run: rm -r IdentityHub
+      shell: bash
diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
@@ -5,61 +5,49 @@ on:
     paths-ignore:
       - 'docs/**'
 
-# Grant permissions to obtain federated identity credentials
-# see https://docs.github.com/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure
-permissions:
-  id-token: write
-  contents: read
-
-# Update this value with a unique name to guarantee uniqueness of resource names and avoid conflicts between fork repositories when running CD workflow.
-# CD workflow creates resources with this prefix and destroy them.
-env:
-  CD_RESOURCES_PREFIX: mvd
+# MVD runs using docker-compose based setup with no dependency on cloud services.
 
 jobs:
-  # The purpose of this job is only to set up resources_prefix as an output, because env context is not available in arguments to a called workflow
-  # See this discussion for more context: https://github.saobby.my.eu.orgmunity/t/reusable-workflow-env-context-not-available-in-jobs-job-id-with/206111/13
-  SetResourcesPrefix:
-    name: 'Set Resources Prefix'
-    runs-on: ubuntu-latest
-    # Added a step doing nothing, because a job needs to have at least one step.
-    steps:
-      - name: 'Empty step.'
-        run: exit 0
-    outputs:
-      resources_prefix: ${{ env.CD_RESOURCES_PREFIX }}${{ github.run_number }}
 
-  # Temporary step that checks if Azure secrets are set up. If not then the deploy of Azure resources will be skipped. Introduced to not fail checks in PRs from forks.
-  Check-Cloud-Environments:
-    name: 'Check if Azure secrets are set up'
+  VerifyLocalTests:
     runs-on: ubuntu-latest
     steps:
-      - id: has-azure
+      - uses: actions/checkout@v2
+
+      - uses: ./.github/actions/gradle-setup
+
+      # Use EDC FileSystem vault for CI run.
+      - name: 'Build launcher'
+        run: ./gradlew -DuseFsVault="true" :launcher:shadowJar
+
+      # Build Registration Service runtime JAR locally.
+      # The result is a JAR file in launcher/build/libs.
+      - name: 'Build Registration Service launcher'
+        run: ./gradlew :launcher:shadowJar
+        working-directory: ${{ runner.temp }}/RegistrationService
+
+      - name: 'Copy Registration Service CLI'
+        run: |
+          mvn dependency:copy -Dartifact=org.eclipse.dataspaceconnector.registrationservice:registration-service-cli:$REGISTRATION_SERVICE_VERSION:jar:all -DoutputDirectory=.
+          mv registration-service-cli-$REGISTRATION_SERVICE_VERSION-all.jar registration-service-cli.jar
+        working-directory: system-tests/resources/cli-tools
         env:
-          HAS_AZURE: ${{ secrets.ARM_SUBSCRIPTION_ID }}
-        if: "${{ env.HAS_AZURE != '' }}"
-        run: echo "::set-output name=defined::true"
-    outputs:
-      has-azure: ${{ steps.has-azure.outputs.defined }}
+           REGISTRATION_SERVICE_VERSION: 0.0.1-SNAPSHOT
 
-  Deploy:
-    if: ${{ needs.Check-Cloud-Environments.outputs.has-azure == 'true' }}
-    uses: ./.github/workflows/deploy.yaml
-    secrets: inherit
-    needs:
-      - SetResourcesPrefix
-      - Check-Cloud-Environments
-    with:
-      resources_prefix: ${{ needs.SetResourcesPrefix.outputs.resources_prefix }}
+      - name: 'Run MVD docker-compose'
+        run: docker-compose -f system-tests/docker-compose.yml up --build --detach
+        timeout-minutes: 10
+        env:
+          REGISTRATION_SERVICE_LAUNCHER_PATH: ${{ runner.temp }}/RegistrationService/launcher
 
-  Destroy:
-    # Always run Destroy workflow unless SetResourcesPrefix workflow fails.
-    if: ${{ always() && needs.SetResourcesPrefix.result == 'success' && needs.Check-Cloud-Environments.outputs.has-azure == 'true'}}
-    uses: ./.github/workflows/destroy.yaml
-    needs:
-      - SetResourcesPrefix
-      - Deploy
-      - Check-Cloud-Environments
-    secrets: inherit
-    with:
-      resources_prefix: ${{ needs.SetResourcesPrefix.outputs.resources_prefix }}
+      - name: 'Unit and system tests'
+        run: ./gradlew test
+        timeout-minutes: 10
+        env:
+          TEST_ENVIRONMENT: "local"
+
+      - name: 'docker-compose logs'
+        run: docker-compose -f system-tests/docker-compose.yml logs
+        if: always()
+        env:
+          REGISTRATION_SERVICE_LAUNCHER_PATH: ${{ runner.temp }}/RegistrationService/launcher
diff --git a/.github/workflows/check.yaml b/.github/workflows/check.yaml
@@ -2,7 +2,6 @@ name: Checks
 
 on:
   pull_request:
-    branches: [ main ]
     paths-ignore:
       - 'docs/**'
 

diff --git a/.github/workflows/cloud-cd.yaml b/.github/workflows/cloud-cd.yaml
@@ -0,0 +1,65 @@
+name: CLOUD-CD
+
+on:
+  pull_request:
+    paths-ignore:
+      - 'docs/**'
+
+# Grant permissions to obtain federated identity credentials
+# see https://docs.github.com/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure
+permissions:
+  id-token: write
+  contents: read
+
+# Update this value with a unique name to guarantee uniqueness of resource names and avoid conflicts between fork repositories when running CD workflow.
+# CD workflow creates resources with this prefix and destroy them.
+env:
+  CD_RESOURCES_PREFIX: mvd
+
+jobs:
+  # The purpose of this job is only to set up resources_prefix as an output, because env context is not available in arguments to a called workflow
+  # See this discussion for more context: https://github.saobby.my.eu.orgmunity/t/reusable-workflow-env-context-not-available-in-jobs-job-id-with/206111/13
+  SetResourcesPrefix:
+    name: 'Set Resources Prefix'
+    runs-on: ubuntu-latest
+    # Added a step doing nothing, because a job needs to have at least one step.
+    steps:
+      - name: 'Empty step.'
+        run: exit 0
+    outputs:
+      resources_prefix: ${{ env.CD_RESOURCES_PREFIX }}${{ github.run_number }}
+
+  # Temporary step that checks if Azure secrets are set up. If not then the deploy of Azure resources will be skipped. Introduced to not fail checks in PRs from forks.
+  Check-Cloud-Environments:
+    name: 'Check if Azure secrets are set up'
+    runs-on: ubuntu-latest
+    steps:
+      - id: has-azure
+        env:
+          HAS_AZURE: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+        if: "${{ env.HAS_AZURE != '' }}"
+        run: echo "::set-output name=defined::true"
+    outputs:
+      has-azure: ${{ steps.has-azure.outputs.defined }}
+
+  Deploy:
+    if: ${{ needs.Check-Cloud-Environments.outputs.has-azure == 'true' }}
+    uses: ./.github/workflows/deploy.yaml
+    secrets: inherit
+    needs:
+      - SetResourcesPrefix
+      - Check-Cloud-Environments
+    with:
+      resources_prefix: ${{ needs.SetResourcesPrefix.outputs.resources_prefix }}
+
+  Destroy:
+    # Always run Destroy workflow unless SetResourcesPrefix workflow fails.
+    if: ${{ always() && needs.SetResourcesPrefix.result == 'success' && needs.Check-Cloud-Environments.outputs.has-azure == 'true'}}
+    uses: ./.github/workflows/destroy.yaml
+    needs:
+      - SetResourcesPrefix
+      - Deploy
+      - Check-Cloud-Environments
+    secrets: inherit
+    with:
+      resources_prefix: ${{ needs.SetResourcesPrefix.outputs.resources_prefix }}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# Declare files that will always have LF line endings on checkout.
		*.sh text eol=lf