Skip to content

Commit

Permalink
feat: add issuer component (#18)
Browse files Browse the repository at this point in the history
* feat: add issuer component
* build: add helm chart for issuer component
* feat(notification): adjust notification endpoint
* fix(build): enable build of docker images (#21)
* feat: add callback process step
* chore: enable helm chart (#22)
* fix: remove lint issue
* fix: solve templating issues
* chore: change setup of cronjobs: remove hooks
* chore: change name setup of job resources
* chore: add line breaks
* chore: move placeholder value into resources
* chore: change to unique templates for db subchart
* chore: change secret setup
* chore: move passwords from db dependency to according section
* chore: remove upgrade env file
* chore: change centralidp setup
* chore: rearrange health checks
* chore: rearrange values file
* chore: change ingress to trg-5.04
* chore: fix container name and namespace
* chore: change image tag retrieval
* chore: change version
* chore(db-dependency): change image tag to get latest minor updates
* chore: set resource limits
* chore: update readme files
* chore: change credentialexpiry to camelcase
* chore: fix helm chart, improve workflows and docs (#23)
* chore(helm-test): fix image name and tag override at upgrade
* chore: fix owasp scan
* chore(helm-test and owasp): change set command
* chore: re-arrange values file
* chore(pre-checks): run only on changes to src/**
* docs(CONTRIBUTING.md): update to contribution details
* chore: fix db dependency secret name in cronjobs
* chore(dependencies-check): align file naming and docs
* chore: remove white space

---------

Refs: #2 #3 #4 #5 #6 #7 #8 #9 #13 #21 #22 #23
Reviewed-by: Evelyn Gurschler <evelyn.gurschler@bmw.de>
Reviewed-by: Norbert Truchsess <norbert.truchsess@t-online.de>
Co-authored-by: Evelyn Gurschler <evelyn.gurschler@bmw.de>
Co-authored-by: Norbert Truchsess <norbert.truchsess@t-online.de>
  • Loading branch information
3 people authored Mar 25, 2024
1 parent 9cd7d07 commit 609567a
Show file tree
Hide file tree
Showing 300 changed files with 25,349 additions and 39 deletions.
32 changes: 25 additions & 7 deletions .github/workflows/chart-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -65,19 +65,37 @@ jobs:
uses: docker/build-push-action@v3
with:
context: .
file: docker/Dockerfile-migrations
file: docker/Dockerfile-credential-issuer-migrations
push: true
tags: kind-registry:5000/migrations:testing
tags: kind-registry:5000/credential-issuer-migrations:testing

- name: Build service image
id: build-service-image
uses: docker/build-push-action@v3
with:
context: .
file: docker/Dockerfile-service
file: docker/Dockerfile-credential-issuer-service
push: true
tags: kind-registry:5000/service:testing
tags: kind-registry:5000/credential-issuer-service:testing

- name: Build expiry app
id: build-expiry-app-image
uses: docker/build-push-action@v3
with:
context: .
file: docker/Dockerfile-credential-expiry-app
push: true
tags: kind-registry:5000/credential-expiry-app:testing

- name: Build processes worker
id: build-processes-worker-image
uses: docker/build-push-action@v3
with:
context: .
file: docker/Dockerfile-credential-issuer-processes-worker
push: true
tags: kind-registry:5000/credential-issuer-processes-worker:testing

- name: Set up Helm
uses: azure/setup-helm@v3
with:
Expand All @@ -102,8 +120,8 @@ jobs:
- name: Run chart-testing (lint)
run: ct lint --validate-maintainers=false --check-version-increment=false --target-branch ${{ github.event.repository.default_branch }}

- name: Run service chart-testing (install)
run: ct install --charts charts/ssi-credential-issuer --config charts/chart-testing-config.yaml --helm-extra-set-args "--set=issuer.image=kind-registry:5000/service:testing --set=issuermigrations.image=kind-registry:5000/migrations:testing"
- name: Run chart-testing (install)
run: ct install --charts charts/ssi-credential-issuer --config charts/chart-testing-config.yaml --helm-extra-set-args "--set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing"
if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'

# TODO: re-add the step after the first version release
Expand All @@ -115,5 +133,5 @@ jobs:
# helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
# helm install ssi-credential-issuer tractusx-dev/ssi-credential-issuer --version ${{ github.event.inputs.upgrade_from || 'tbd' }} --namespace upgrade --create-namespace
# helm dependency update charts/ssi-credential-issuer
# helm upgrade ssi-credential-issuer charts/ssi-credential-issuer --set issuer.image=kind-registry:5000/service:testing --set=issuermigrations.image=kind-registry:5000/migrations:testing --namespace upgrade
# helm upgrade ssi-credential-issuer charts/ssi-credential-issuer --set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --namespace upgrade
# if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
91 changes: 91 additions & 0 deletions .github/workflows/credential-expiry-app-docker.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
###############################################################
# Copyright (c) 2024 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
#
# This program and the accompanying materials are made available under the
# terms of the Apache License, Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# SPDX-License-Identifier: Apache-2.0
###############################################################

name: Build Credential Expiry App Image

on:
push:
paths:
# service and transitive paths
- 'src/**'
# workflow file
- '.github/workflows/credential-expiry-app-docker.yml'
# dockerfile
- 'docker/Dockerfile-credential-expiry-app'

branches:
- 'dev'
workflow_dispatch:

env:
IMAGE_NAMESPACE: "tractusx"
IMAGE_NAME: "credential-expiry-app"

jobs:
build-and-push-image:
runs-on: ubuntu-latest
permissions:
contents: read

steps:
- name: Checkout repository
uses: actions/checkout@v3

- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=dev
type=raw,value=${{ github.sha }}
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
context: .
file: docker/Dockerfile-credential-expiry-app
platforms: linux/amd64, linux/arm64
pull: true
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

# https://github.com/peter-evans/dockerhub-description
- name: Update Docker Hub description
if: github.event_name != 'pull_request'
uses: peter-evans/dockerhub-description@v3
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
readme-filepath: "./docker/notice-credential-expiry-app.md"
2 changes: 1 addition & 1 deletion .github/workflows/dependencies.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ jobs:
run: dotnet list src package --include-transitive --interactive | grep ">" | grep -Pv "\s(Org.Eclipse.TractusX|Microsoft|NuGet|System|runtime|docker|Docker|NETStandard)" | sed -E -e "s/\s+> ([a-zA-Z\.\-]+).+\s([0-9]+\.[0-9]+\.[0-9]+)\s*/nuget\/nuget\/\-\/\1\/\2/g" | awk '!seen[$0]++' > PACKAGES

- name: Generate Dependencies file
run: java -jar ./scripts/download/org.eclipse.dash.licenses-1.1.1-20240213.065029-71.jar PACKAGES -project automotive.tractusx -summary DEPENDENCIES || true
run: java -jar ./scripts/download/org.eclipse.dash.licenses-1.1.1.jar PACKAGES -project automotive.tractusx -summary DEPENDENCIES || true

- name: Check if dependencies were changed
id: dependencies-changed
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/migrations-docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
# SPDX-License-Identifier: Apache-2.0
###############################################################

name: Migrations
name: Build Migrations Image

on:
push:
Expand All @@ -28,7 +28,7 @@ on:
# workflow file
- '.github/workflows/migrations-docker.yml'
# dockerfile
- 'docker/Dockerfile-migrations'
- 'docker/Dockerfile-credential-issuer-migrations'

branches:
- 'dev'
Expand Down Expand Up @@ -74,7 +74,7 @@ jobs:
uses: docker/build-push-action@v4
with:
context: .
file: docker/Dockerfile-migrations
file: docker/Dockerfile-credential-issuer-migrations
platforms: linux/amd64, linux/arm64
pull: true
push: ${{ github.event_name != 'pull_request' }}
Expand Down
28 changes: 23 additions & 5 deletions .github/workflows/owasp-zap.yml
Original file line number Diff line number Diff line change
Expand Up @@ -65,19 +65,37 @@ jobs:
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
file: docker/Dockerfile-migrations
file: docker/Dockerfile-credential-issuer-migrations
push: true
tags: kind-registry:5000/migrations:testing
tags: kind-registry:5000/credential-issuer-migrations:testing

- name: Build service image
id: build-service-image
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
file: docker/Dockerfile-service
file: docker/Dockerfile-credential-issuer-service
push: true
tags: kind-registry:5000/service:testing
tags: kind-registry:5000/credential-issuer-service:testing

- name: Build Worker image
id: build-worker-image
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
file: docker/Dockerfile-credential-issuer-processes-worker
push: true
tags: kind-registry:5000/credential-issuer-processes-worker:testing

- name: Build Expiry image
id: build-expiry-image
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
file: docker/Dockerfile-credential-expiry-app
push: true
tags: kind-registry:5000/credential-expiry-app:testing

- name: Add bitnami repo
run: |
helm repo add bitnami https://charts.bitnami.com/bitnami
Expand All @@ -89,7 +107,7 @@ jobs:
helm dependency build
- name: Install the chart on KinD cluster
run: helm install testing -n apps --create-namespace --wait --set issuer.image=kind-registry:5000/service:testing --set=issuermigrations.image=kind-registry:5000/migrations:testing --set=issuer.swaggerEnabled=true charts/ssi-credential-issuer
run: helm install testing -n apps --create-namespace --wait --set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --set issuer.swaggerEnabled=true charts/ssi-credential-issuer

- name: Configure port forward to app in KinD
run: |
Expand Down
91 changes: 91 additions & 0 deletions .github/workflows/processes-worker-docker.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
###############################################################
# Copyright (c) 2024 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
#
# This program and the accompanying materials are made available under the
# terms of the Apache License, Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# SPDX-License-Identifier: Apache-2.0
###############################################################

name: Build Processes Worker Image

on:
push:
paths:
# service and transitive paths
- 'src/**'
# workflow file
- '.github/workflows/process-worker-docker.yml'
# dockerfile
- 'docker/Dockerfile-credential-issuer-process-worker'

branches:
- 'dev'
workflow_dispatch:

env:
IMAGE_NAMESPACE: "tractusx"
IMAGE_NAME: "credential-issuer-process-worker"

jobs:
build-and-push-image:
runs-on: ubuntu-latest
permissions:
contents: read

steps:
- name: Checkout repository
uses: actions/checkout@v3

- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=dev
type=raw,value=${{ github.sha }}
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
context: .
file: docker/Dockerfile-credential-issuer-process-worker
platforms: linux/amd64, linux/arm64
pull: true
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

# https://github.com/peter-evans/dockerhub-description
- name: Update Docker Hub description
if: github.event_name != 'pull_request'
uses: peter-evans/dockerhub-description@v3
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
readme-filepath: "./docker/notice-credential-issuer-process-worker.md"
Loading

0 comments on commit 609567a

Please sign in to comment.