Skip to content

Commit

Permalink
update chart tractusx-connector-memory
Browse files Browse the repository at this point in the history
  • Loading branch information
@paullatzelsperger
paullatzelsperger committed Apr 2, 2024
1 parent 058462a commit cf173b6
Show file tree
Hide file tree
Showing 2 changed files with 84 additions and 15 deletions.
65 changes: 52 additions & 13 deletions charts/tractusx-connector-memory/templates/deployment-runtime.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,8 @@ spec:
########################
- name: EDC_PARTICIPANT_ID
value: {{ .Values.participant.id | required ".Values.participant.id is required" | quote }}
- name: "EDC_IAM_ISSUER_ID"
value: {{ .Values.iatp.id | required ".Values.iatp.id is required" | quote}}

#######
# API #
Expand Down Expand Up @@ -197,6 +199,31 @@ spec:
- name: "EDC_OAUTH_ENDPOINT_AUDIENCE"
value: {{ printf "%s%s" (include "txdc.runtime.url.protocol" . ) .Values.runtime.endpoints.protocol.path | quote }}

#############################
## IATP / STS / DIM CONFIG ##
#############################
- name: "EDC_IAM_STS_OAUTH_TOKEN_URL"
value: {{ .Values.iatp.sts.oauth.token_url | required ".Values.iatp.oauth.token_url is required" | quote}}
- name: "EDC_IAM_STS_OAUTH_CLIENT_ID"
value: {{ .Values.iatp.sts.oauth.client.id | required ".Values.iatp.sts.oauth.client.id is required" | quote}}
- name: "EDC_IAM_STS_OAUTH_CLIENT_SECRET_ALIAS"
value: {{ .Values.iatp.sts.oauth.client.secret_alias | required ".Values.iatp.sts.oauth.client.secret_alias is required" | quote}}
- name: "EDC_IAM_STS_DIM_URL"
value: {{ .Values.iatp.sts.dim.url | required ".Values.iatp.sts.dim.url is required" | quote}}

#################
## BDRS CLIENT ##
#################

{{- if .Values.runtime.bdrs.server.url }}
- name: "TX_IAM_IATP_BDRS_SERVER_URL"
value: {{ .Values.runtime.bdrs.server.url | required ".Values.runtime.bdrs.server.url is required" | quote }}
{{- end }}
{{- if .Values.runtime.bdrs.cache_validity_seconds }}
- name: "TX_IAM_IATP_BDRS_CACHE_VALIDITY"
value: {{ .Values.runtime.bdrs.cache_validity_seconds | quote}}
{{- end}}

################
## DATA PLANE ##
################
Expand All @@ -212,23 +239,35 @@ spec:
value: |-
{{ printf "{ \"publicApiUrl\": \"%s\" }" (include "txdc.dataplane.url.public" . ) }}
# see extension https://github.com/eclipse-edc/Connector/tree/main/extensions/control-plane/data-plane-transfer
- name: "EDC_TRANSFER_PROXY_ENDPOINT"
- name: "EDC_DATAPLANE_API_PUBLIC_BASEURL"
value: {{ include "txdc.dataplane.url.public" . }}
{{- if .Values.vault.secretNames.transferProxyTokenSignerPrivateKey }}


##################
## TOKEN REFRESH
##################
{{- if .Values.runtime.token.refresh.expiry_seconds }}
- name: "EDC_DATAPLANE_TOKEN_EXPIRY"
value: {{ .Values.runtime.token.refresh.expiry_seconds | quote}}
{{- end}}

{{- if .Values.runtime.token.refresh.expiry_tolerance_seconds }}
- name: "EDC_DATAPLANE_TOKEN_EXPIRY_TOLERANCE"
value: {{ .Values.runtime.token.refresh.expiry_tolerance_seconds | quote }}
{{- end}}

{{- if .Values.runtime.token.refresh.refresh_endpoint }}
- name: "EDC_DATAPLANE_TOKEN_REFRESH_ENDPOINT"
value: {{ .Values.runtime.token.refresh.refresh_endpoint }}
{{- end}}

- name: "EDC_TRANSFER_PROXY_TOKEN_SIGNER_PRIVATEKEY_ALIAS"
value: {{ .Values.vault.secretNames.transferProxyTokenSignerPrivateKey | quote }}
{{- end }}
{{- if .Values.vault.secretNames.transferProxyTokenSignerPublicKey }}
value: {{ .Values.runtime.token.signer.privatekey_alias | required ".Values.runtime.token.signer.privatekey_alias is required" | quote}}

- name: "EDC_TRANSFER_PROXY_TOKEN_VERIFIER_PUBLICKEY_ALIAS"
value: {{ .Values.vault.secretNames.transferProxyTokenSignerPublicKey | quote }}
{{- end }}
- name: "EDC_TRANSFER_PROXY_TOKEN_VALIDITY_SECONDS"
value: {{ .Values.runtime.edr.transferProxyTokenValidity | required ".Values.runtime.edr.transferProxyTokenValidity is required" | quote }}
value: {{ .Values.runtime.token.verifier.publickey_alias | required ".Values.runtime.token.verifier.publickey_alias" | quote }}

# see extension https://github.com/eclipse-edc/Connector/tree/main/extensions/control-plane/http-receiver
- name: "EDC_RECEIVER_HTTP_ENDPOINT"
value: {{ .Values.backendService.httpProxyTokenReceiverUrl | required ".Values.backendService.httpProxyTokenReceiverUrl is required" | quote }}

###########
## VAULT ##
Expand Down
34 changes: 32 additions & 2 deletions charts/tractusx-connector-memory/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,18 @@ participant:
# -- BPN Number
id: "BPNLCHANGEME"

iatp:
# Decentralized IDentifier
id: "did:web:changeme"
sts:
dim:
url:
oauth:
token_url:
client:
id:
secret_alias:

# -- Add custom ca certificates to the truststore
customCaCerts: {}

Expand Down Expand Up @@ -109,11 +121,29 @@ runtime:
proxy:
port: 8186
path: /proxy

businessPartnerValidation:
log:
agreementValidation: true
edr:
transferProxyTokenValidity: "2592000"
token:
refresh:
expiry_seconds: 300
expiry_tolerance_seconds: 10
# optional URL that can be provided where clients go to refresh tokens.
refresh_endpoint:
signer:
# alias under which the private key is stored in the vault (JWK or PEM format)
privatekey_alias:
verifier:
# alias under which the public key is stored in the vault, that belongs to the private key ("privatekey_alias", JWK or PEM format)
publickey_alias:

bdrs:
# time that a cached BPN/DID resolution map is valid in seconds, default is 10 min
cache_validity_seconds: 600
server:
# URL of the BPN/DID Resolution Service - required:
url:

service:
# -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service.
Expand Down

0 comments on commit cf173b6

Please sign in to comment.