chore(build): upgrade to EDC nightly (#1333)

* chore(build): upgrade to EDC nightly * explicitly register token based service * revert wrong deprecation * DEPENDENCIES * update ContractRequests in tests * fix deprecation, shim TokenBasedAuthenticationService * use separate API key for consumer proxy * update to EDC snapshot * DEPENDENCIES * update environment variables * use new settings/envvars * helm docs * DEPENDENCIES
eclipse-tractusx · May 28, 2024 · 29bb4a8 · 29bb4a8
1 parent 466a18d
commit 29bb4a8
Show file tree

Hide file tree

Showing 21 changed files with 368 additions and 273 deletions.
diff --git a/DEPENDENCIES b/DEPENDENCIES
diff --git a/charts/tractusx-connector-azure-vault/templates/deployment-controlplane.yaml b/charts/tractusx-connector-azure-vault/templates/deployment-controlplane.yaml
@@ -277,7 +277,7 @@ spec:
               value: {{ .Values.iatp.sts.oauth.client.id | required ".Values.iatp.sts.oauth.client.id is required" | quote}}
             - name: "EDC_IAM_STS_OAUTH_CLIENT_SECRET_ALIAS"
               value: {{ .Values.iatp.sts.oauth.client.secret_alias | required ".Values.iatp.sts.oauth.client.secret_alias is required" | quote}}
-            - name: "EDC_IAM_STS_DIM_URL"
+            - name: "TX_EDC_IAM_STS_DIM_URL"
               value: {{ .Values.iatp.sts.dim.url | required ".Values.iatp.sts.dim.url is required" | quote}}
 
             {{- range $index, $issuer := .Values.iatp.trustedIssuers }}
@@ -322,7 +322,7 @@ spec:
               value: {{ .Values.vault.azure.certificate | quote }}
             {{- end }}
 
-       
+
 
             ###########################
             ## BUSINESS PARTNER NUMBER VALIDATION EXTENSION ##

diff --git a/charts/tractusx-connector-azure-vault/templates/deployment-dataplane.yaml b/charts/tractusx-connector-azure-vault/templates/deployment-dataplane.yaml
@@ -151,8 +151,8 @@ spec:
             #######
             # API #
             #######
-            - name: "EDC_API_AUTH_KEY"
-              value: {{ .Values.dataplane.endpoints.proxy.authKey | required ".Values.proxy.endpoints.proxy.authKey is required" | quote }}
+            - name: "TX_EDC_DPF_CONSUMER_PROXY_AUTH_APIKEY"
+              value: {{ .Values.dataplane.endpoints.proxy.authKey | required ".Values.dataplane.endpoints.proxy.authKey is required" | quote }}
             - name: "WEB_HTTP_DEFAULT_PORT"
               value: {{ .Values.dataplane.endpoints.default.port | quote }}
             - name: "WEB_HTTP_DEFAULT_PATH"
@@ -214,7 +214,7 @@ spec:
               value: {{ .Values.vault.azure.certificate | quote }}
             {{- end }}
 
-           #############################
+            #############################
             ## IATP / STS / DIM CONFIG ##
             #############################
             - name: "EDC_IAM_STS_OAUTH_TOKEN_URL"
@@ -223,7 +223,7 @@ spec:
               value: {{ .Values.iatp.sts.oauth.client.id | required ".Values.iatp.sts.oauth.client.id is required" | quote}}
             - name: "EDC_IAM_STS_OAUTH_CLIENT_SECRET_ALIAS"
               value: {{ .Values.iatp.sts.oauth.client.secret_alias | required ".Values.iatp.sts.oauth.client.secret_alias is required" | quote}}
-            - name: "EDC_IAM_STS_DIM_URL"
+            - name: "TX_EDC_IAM_STS_DIM_URL"
               value: {{ .Values.iatp.sts.dim.url | required ".Values.iatp.sts.dim.url is required" | quote}}
 
             ################
@@ -271,20 +271,20 @@ spec:
             ## TOKEN REFRESH
             ##################
             {{- if .Values.dataplane.token.refresh.expiry_seconds }}
-            - name: "EDC_DATAPLANE_TOKEN_EXPIRY"
+            - name: "TX_EDC_DATAPLANE_TOKEN_EXPIRY"
               value: {{ .Values.dataplane.token.refresh.expiry_seconds | quote}}
             {{- end}}
 
             {{- if .Values.dataplane.token.refresh.expiry_tolerance_seconds }}
-            - name: "EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE"
+            - name: "TX_EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE"
               value: {{ .Values.dataplane.token.refresh.expiry_tolerance_seconds | quote }}
             {{- end}}
 
             {{- if .Values.dataplane.token.refresh.refresh_endpoint }}
-            - name: "EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
+            - name: "TX_EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
               value: {{ .Values.dataplane.token.refresh.refresh_endpoint }}
             {{- else}}
-            - name: "EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
+            - name: "TX_EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
               value: {{ include "txdc.dataplane.url.public" . }}/token
             {{- end}}
 

diff --git a/charts/tractusx-connector-memory/README.md b/charts/tractusx-connector-memory/README.md
@@ -79,7 +79,7 @@ helm install my-release tractusx-edc/tractusx-connector-memory --version 0.7.2 \
 | runtime.debug.enabled | bool | `false` |  |
 | runtime.debug.port | int | `1044` |  |
 | runtime.debug.suspendOnStart | bool | `false` |  |
-| runtime.endpoints | object | `{"control":{"path":"/control","port":8083},"default":{"path":"/api","port":8080},"management":{"authKey":"password","path":"/management","port":8081},"protocol":{"path":"/api/v1/dsp","port":8084},"proxy":{"path":"/proxy","port":8186},"public":{"path":"/api/public","port":8086},"signaling":{"path":"/api/signaling","port":8087}}` | endpoints of the control plane |
+| runtime.endpoints | object | `{"control":{"path":"/control","port":8083},"default":{"path":"/api","port":8080},"management":{"authKey":"password","path":"/management","port":8081},"protocol":{"path":"/api/v1/dsp","port":8084},"proxy":{"authKey":"password","path":"/proxy","port":8186},"public":{"path":"/api/public","port":8086},"signaling":{"path":"/api/signaling","port":8087}}` | endpoints of the control plane |
 | runtime.endpoints.control | object | `{"path":"/control","port":8083}` | control api, used for internal control calls. can be added to the internal ingress, but should probably not |
 | runtime.endpoints.control.path | string | `"/control"` | path for incoming api calls |
 | runtime.endpoints.control.port | int | `8083` | port for incoming api calls |

diff --git a/charts/tractusx-connector-memory/templates/deployment-runtime.yaml b/charts/tractusx-connector-memory/templates/deployment-runtime.yaml
@@ -154,6 +154,8 @@ spec:
             #######
             - name: "EDC_API_AUTH_KEY"
               value: {{ .Values.runtime.endpoints.management.authKey | required ".Values.runtime.endpoints.management.authKey is required" | quote }}
+            - name: "TX_EDC_DPF_CONSUMER_PROXY_AUTH_APIKEY"
+              value: {{ .Values.runtime.endpoints.proxy.authKey | required ".Values.runtime.endpoints.proxy.authKey is required" | quote }}
             - name: "WEB_HTTP_DEFAULT_PORT"
               value: {{ .Values.runtime.endpoints.default.port | quote }}
             - name: "WEB_HTTP_DEFAULT_PATH"
@@ -210,12 +212,12 @@ spec:
               value: {{ .Values.iatp.sts.oauth.client.id | required ".Values.iatp.sts.oauth.client.id is required" | quote}}
             - name: "EDC_IAM_STS_OAUTH_CLIENT_SECRET_ALIAS"
               value: {{ .Values.iatp.sts.oauth.client.secret_alias | required ".Values.iatp.sts.oauth.client.secret_alias is required" | quote}}
-            - name: "EDC_IAM_STS_DIM_URL"
+            - name: "TX_EDC_IAM_STS_DIM_URL"
               value: {{ .Values.iatp.sts.dim.url | required ".Values.iatp.sts.dim.url is required" | quote}}
 
             {{- range $index, $issuer := .Values.iatp.trustedIssuers }}
             - name: "EDC_IAM_TRUSTED-ISSUER_{{$index}}-ISSUER_ID"
-              value: { { $issuer | quote } }
+              value: {{ $issuer | quote }}
             {{- end }}
 
             #################
@@ -242,20 +244,20 @@ spec:
             ## TOKEN REFRESH
             ##################
             {{- if .Values.runtime.token.refresh.expiry_seconds }}
-            - name: "EDC_DATAPLANE_TOKEN_EXPIRY"
+            - name: "TX_EDC_DATAPLANE_TOKEN_EXPIRY"
               value: {{ .Values.runtime.token.refresh.expiry_seconds | quote}}
             {{- end}}
 
             {{- if .Values.runtime.token.refresh.expiry_tolerance_seconds }}
-            - name: "EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE"
+            - name: "TX_EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE"
               value: {{ .Values.runtime.token.refresh.expiry_tolerance_seconds | quote }}
             {{- end}}
 
             {{- if .Values.runtime.token.refresh.refresh_endpoint }}
-            - name: "EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
+            - name: "TX_EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
               value: {{ .Values.runtime.token.refresh.refresh_endpoint }}
             {{- else }}
-            - name: "EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
+            - name: "TX_EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
               value: {{ include "txdc.dataplane.url.public" . }}/token
             {{- end}}
 

diff --git a/charts/tractusx-connector-memory/values.yaml b/charts/tractusx-connector-memory/values.yaml
@@ -123,6 +123,7 @@ runtime:
     proxy:
       port: 8186
       path: /proxy
+      authKey: "password"
     signaling:
       # -- port for incoming api calls
       port: 8087

diff --git a/charts/tractusx-connector/templates/deployment-controlplane.yaml b/charts/tractusx-connector/templates/deployment-controlplane.yaml
@@ -278,7 +278,7 @@ spec:
               value: {{ .Values.iatp.sts.oauth.client.id | required ".Values.iatp.sts.oauth.client.id is required" | quote}}
             - name: "EDC_IAM_STS_OAUTH_CLIENT_SECRET_ALIAS"
               value: {{ .Values.iatp.sts.oauth.client.secret_alias | required ".Values.iatp.sts.oauth.client.secret_alias is required" | quote}}
-            - name: "EDC_IAM_STS_DIM_URL"
+            - name: "TX_EDC_IAM_STS_DIM_URL"
               value: {{ .Values.iatp.sts.dim.url | required ".Values.iatp.sts.dim.url is required" | quote}}
 
             {{- range $index, $issuer := .Values.iatp.trustedIssuers }}

diff --git a/charts/tractusx-connector/templates/deployment-dataplane.yaml b/charts/tractusx-connector/templates/deployment-dataplane.yaml
@@ -151,8 +151,8 @@ spec:
             #######
             # API #
             #######
-            - name: "EDC_API_AUTH_KEY"
-              value: {{ .Values.dataplane.endpoints.proxy.authKey | required ".Values.proxy.endpoints.proxy.authKey is required" | quote }}
+            - name: "TX_EDC_DPF_CONSUMER_PROXY_AUTH_APIKEY"
+              value: {{ .Values.dataplane.endpoints.proxy.authKey | required ".Values.dataplane.endpoints.proxy.authKey is required" | quote }}
             - name: "WEB_HTTP_DEFAULT_PORT"
               value: {{ .Values.dataplane.endpoints.default.port | quote }}
             - name: "WEB_HTTP_DEFAULT_PATH"
@@ -219,7 +219,7 @@ spec:
               value: {{ .Values.iatp.sts.oauth.client.id | required ".Values.iatp.sts.oauth.client.id is required" | quote}}
             - name: "EDC_IAM_STS_OAUTH_CLIENT_SECRET_ALIAS"
               value: {{ .Values.iatp.sts.oauth.client.secret_alias | required ".Values.iatp.sts.oauth.client.secret_alias is required" | quote}}
-            - name: "EDC_IAM_STS_DIM_URL"
+            - name: "TX_EDC_IAM_STS_DIM_URL"
               value: {{ .Values.iatp.sts.dim.url | required ".Values.iatp.sts.dim.url is required" | quote}}
 
             ################
@@ -267,20 +267,20 @@ spec:
             ## TOKEN REFRESH
             ##################
             {{- if .Values.dataplane.token.refresh.expiry_seconds }}
-            - name: "EDC_DATAPLANE_TOKEN_EXPIRY"
+            - name: "TX_EDC_DATAPLANE_TOKEN_EXPIRY"
               value: {{ .Values.dataplane.token.refresh.expiry_seconds | quote}}
             {{- end}}
 
             {{- if .Values.dataplane.token.refresh.expiry_tolerance_seconds }}
-            - name: "EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE"
+            - name: "TX_EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE"
               value: {{ .Values.dataplane.token.refresh.expiry_tolerance_seconds | quote }}
             {{- end}}
 
             {{- if .Values.dataplane.token.refresh.refresh_endpoint }}
-            - name: "EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
+            - name: "TX_EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
               value: {{ .Values.dataplane.token.refresh.refresh_endpoint }}
             {{- else}}
-            - name: "EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
+            - name: "TX_EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
               value: {{ include "txdc.dataplane.url.public" . }}/token
             {{- end}}
 

diff --git a/docs/migration/Version_0.5.x_0.7.x.md b/docs/migration/Version_0.5.x_0.7.x.md
@@ -64,10 +64,10 @@ participant's control plane and data plane.
 
 | Helm value                                         | Environment value                                   | required | default value        | description                                               |
 |----------------------------------------------------|-----------------------------------------------------|----------|----------------------|-----------------------------------------------------------|
-| `dataplane.token.refresh.expiry_seconds`           | `EDC_DATAPLANE_TOKEN_EXPIRY`                        |          | 30                   | TTL for access tokens                                     |
-| `dataplane.token.refresh.expiry_tolerance_seconds` | `EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE`              |          | 10                   | tolerance for token expiry                                |
-| `dataplane.token.refresh.refresh_endpoint`         | `EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT`              |          | `<PUBLIC_API>/token` | endpoint for an OAuth2 token refresh request              |
-| `dataplane.token.refresh.refresh_endpoint`         | `EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT`              |          | `<PUBLIC_API>/token` | endpoint for an OAuth2 token refresh request              |
+| `dataplane.token.refresh.expiry_seconds`           | `TX_EDC_DATAPLANE_TOKEN_EXPIRY`                     |          | 30                   | TTL for access tokens                                     |
+| `dataplane.token.refresh.expiry_tolerance_seconds` | `TX_EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE`           |          | 10                   | tolerance for token expiry                                |
+| `dataplane.token.refresh.refresh_endpoint`         | `TX_EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT`           |          | `<PUBLIC_API>/token` | endpoint for an OAuth2 token refresh request              |
+| `dataplane.token.refresh.refresh_endpoint`         | `TX_EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT`           |          | `<PUBLIC_API>/token` | endpoint for an OAuth2 token refresh request              |
 | `dataplane.token.signer.privatekey_alias`          | `EDC_TRANSFER_PROXY_TOKEN_SIGNER_PRIVATEKEY_ALIAS`  | x        |                      | alias, under which the private key is stored in the vault |
 | `dataplane.token.verifier.publickey_alias`         | `EDC_TRANSFER_PROXY_TOKEN_VERIFIER_PUBLICKEY_ALIAS` | x        |                      | alias, under which the public key is stored in the vault  |
 | `dataplane.endpoints.signaling.port`               | `WEB_HTTP_SIGNALING_PORT`                           |          | 8083                 | port where the Signaling API is exposed                   |
@@ -89,7 +89,8 @@ participant's control plane and data plane.
 The setting `backendService.httpProxyTokenReceiverUrl`, which configured an EDR receiver backend using the upstream
 EDC [extension](https://github.com/eclipse-edc/Connector/tree/main/extensions/control-plane/transfer/transfer-pull-http-dynamic-receiver)
 is no longer available as well as the extension is not shipped in the Tractus-X EDC 0.7.x distributions.
-Likewise, the option to dynamically register a consumer-side HTTP-callback via `receiverHttpEndpoint` in the POST /transferprocesses call was removed. Consumer apps should use the /v2/edrs API instead.
+Likewise, the option to dynamically register a consumer-side HTTP-callback via `receiverHttpEndpoint` in the POST
+/transferprocesses call was removed. Consumer apps should use the /v2/edrs API instead.
 
 The main reason is that EDC/Tractus-X-EDC switched to Dataplane Signaling for handling transfers and the EDR format
 specified in
@@ -174,7 +175,7 @@ the connector.
 |--------------------------------------|-----------------------------------------------|----------|---------------|---------------------------------------------------------------|
 | `iatp.id`                            | `EDC_IAM_ISSUER_ID`                           | x        |               | DID, e.g. `did:web:your connector`                            |
 | `iatp.trustedIssuers`                | `EDC_IAM_TRUSTED-ISSUER_{{$index}}-ISSUER_ID` | x        |               | a list of DIDs, each representing an issuer of VCs            |
-| `iatp.sts.dim.url`                   | `EDC_IAM_STS_DIM_URL`                         | x        |               | URL where connectors can request SI tokens                    |
+| `iatp.sts.dim.url`                   | `TX_EDC_IAM_STS_DIM_URL`                      | x        |               | URL where connectors can request SI tokens                    |
 | `iatp.sts.oauth.token_url`           | `EDC_IAM_STS_OAUTH_TOKEN_URL`                 | x        |               | URL where connectors can request OAuth2 access tokens for DIM |
 | `iatp.sts.oauth.client.id`           | `EDC_IAM_STS_OAUTH_CLIENT_ID`                 | x        |               | Client ID issued by DIM                                       |
 | `iatp.sts.oauth.client.secret_alias` | `EDC_IAM_STS_OAUTH_CLIENT_SECRET_ALIAS`       | x        |               | alias under which the client secret is stored in the vault    |
@@ -238,7 +239,8 @@ this [test class](https://github.com/eclipse-tractusx/tractusx-edc/blob/main/edc
 
 ### 5.0 Policies
 
-Due to [#4192](https://github.com/eclipse-edc/Connector/issues/4192) and [#4179](https://github.com/eclipse-edc/Connector/issues/4179)
+Due to [#4192](https://github.com/eclipse-edc/Connector/issues/4192)
+and [#4179](https://github.com/eclipse-edc/Connector/issues/4179)
 
 The `action` and the `leftOperand` field are now represented as `@id` instead of `value` in JSON-LD.
 
@@ -253,6 +255,7 @@ The `action` and the `leftOperand` field are now represented as `@id` instead of
   }
 }
 ```
+
 to:
 
 ```json
@@ -271,7 +274,7 @@ to:
 }
 ```
 
-to: 
+to:
 
 ```json
 {
@@ -288,8 +291,6 @@ This is reflected in the `Catalog` as well as in `PolicyDefinition` API.
 - `counterPartyId` is a **required** property for the catalog request in Tractus-X EDC. It's not enforced currently (
   backward compatibility) but if not provided, the IATP flows won't work and thus the catalog request will fail.
 
-
-
 ### 5.2 Transfer Process
 
 - `transferType`  is a needed property for the transfer request to be working in tx-edc. `transferTypes` are the