Skip to content
Snippets Groups Projects
Unverified Commit c5ef6fe2 authored by Konstantin Tsabolov's avatar Konstantin Tsabolov
Browse files

Merge branch 'main' into chore/dx

parents 8ad0e12f d7014eb0
No related branches found
No related tags found
2 merge requests!9feat(ssi): Establish a trusted connection with yourself,!8Project house-keeping, refactoring and reorganizing
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 1785 additions and 2041 deletions
.gitlab-ci.yml
+ 2
2
View file @ c5ef6fe2
include: include:
- project: '${HELPERS_PATH}' - project: "${HELPERS_PATH}"
file: '${HELPERS_FILE}' file: "${HELPERS_FILE}"
stages: stages:
- lint - lint
......
README.md
+ 4
4
View file @ c5ef6fe2
# ocm-engine version 1 # ocm-engine version 1
#### Dependencies #### Dependencies
Node 12 Node 12
Python 2.5.0 >= <3.0.0 Python 2.5.0 >= <3.0.0
pnpm pnpm
### Setup local ### Setup local
...@@ -13,13 +14,12 @@ pnpm ...@@ -13,13 +14,12 @@ pnpm
app options: attestation, connection, principal, ssi app options: attestation, connection, principal, ssi
### Docker compose ### Docker compose
1. Go to compose dir 1. Go to compose dir
2. docker-compose up 2. docker-compose up
## Example Flows (OCM Usage) ## Example Flows (OCM Usage)
Please refer to [OCM-flow-overview](documentation/ocm-flow-overview.md) Please refer to [OCM-flow-overview](documentation/ocm-flow-overview.md)
apps/attestation-manager/GDPR.md
+ 11
1
View file @ c5ef6fe2
# GDPR Compliance Document # GDPR Compliance Document
The objective of this document is to detail, the data being stored and proccessed by the Organization Credential Manager's, Attestation Manger. The objective of this document is to detail, the data being stored and proccessed by the Organization Credential Manager's, Attestation Manger.
## What information is stored ## What information is stored
### Source User Information ### Source User Information
The Open Id connect claims that MAY contain all sorts of personal data (like email, name, age and others), are received from any external source. The Open Id connect claims that MAY contain all sorts of personal data (like email, name, age and others), are received from any external source.
### Technical User Information (Public) ### Technical User Information (Public)
...@@ -15,18 +18,25 @@ The Open Id connect claims that MAY contain all sorts of personal data (like ema ...@@ -15,18 +18,25 @@ The Open Id connect claims that MAY contain all sorts of personal data (like ema
- Offered credential attributes and attachments - Offered credential attributes and attachments
## How is the information stored ## How is the information stored
### Source User Information ### Source User Information
Source User Information is encrypted using the Private Key of the Organizations SSI Agent and stored until the issuance of credential in Organization's SSI Agent's PostgreSQL database. Source User Information is encrypted using the Private Key of the Organizations SSI Agent and stored until the issuance of credential in Organization's SSI Agent's PostgreSQL database.
### Technical User Information (Public) ### Technical User Information (Public)
Technical User Information is encrypted using the Private Key of the Organizations SSI Agent and stored internally (on the agent) on PostgreSQL and externally/ metadata (shared between the OCM services) on PostgreSQL of Organization. Technical User Information is encrypted using the Private Key of the Organizations SSI Agent and stored internally (on the agent) on PostgreSQL and externally/ metadata (shared between the OCM services) on PostgreSQL of Organization.
## Who can access the information ## Who can access the information
The Source User Information and Technical User Information both are accessible only by the Organization specific SSI agent's private key. The Source User Information and Technical User Information both are accessible only by the Organization specific SSI agent's private key.
## How long will the information stay ## How long will the information stay
### Source User Information ### Source User Information
The Source User Information is wiped out once the credential is issued. The Source User Information is wiped out once the credential is issued.
### Technical User Information (Public) ### Technical User Information (Public)
The Technical User Information is wiped out according to the retention periods (not defined yet). The Technical User Information is wiped out according to the retention periods (not defined yet).
apps/attestation-manager/README.md
+ 26
11
View file @ c5ef6fe2
# OCM Attestation Manager # OCM Attestation Manager
## Description ## Description
<hr/> <hr/>
The Attestation Manager is the microservice responsible for handling the features related to Issuance of Credentials. It handles REST endpoints for Schemas, Credential Definitions and Verifiable Credentials. The Attestation Manager is the microservice responsible for handling the features related to Issuance of Credentials. It handles REST endpoints for Schemas, Credential Definitions and Verifiable Credentials.
## Usage ## Usage
<hr/> <hr/>
### Swagger Documentation: ### Swagger Documentation:
[Swagger/OpenAPI](swagger.json) [Swagger/OpenAPI](swagger.json)
## Installation ## Installation
<hr/> <hr/>
### Pre-requisite ### Pre-requisite
* pnpm - pnpm
* docker - docker
* docker-compose - docker-compose
* PostgreSQL - PostgreSQL
### OCM Services Dependencies ### OCM Services Dependencies
* SSI Abstraction - SSI Abstraction
* Connection Manager - Connection Manager
## Running the app ## Running the app
...@@ -40,29 +43,36 @@ The Attestation Manager is the microservice responsible for handling the feature ...@@ -40,29 +43,36 @@ The Attestation Manager is the microservice responsible for handling the feature
./deployment/dev ./deployment/dev
``` ```
* (optional) Edit docker-compose.yml in "infrastructure" to use either **/ci/** or **/dev/** Dockerfiles. - (optional) Edit docker-compose.yml in "infrastructure" to use either **/ci/** or **/dev/** Dockerfiles.
- Run while in **"infrastructure"** project:
* Run while in **"infrastructure"** project:
```bash ```bash
$ docker-compose up --build attestation-m $ docker-compose up --build attestation-m
``` ```
to run only Attestation Manager or to run only Attestation Manager or
```bash ```bash
$ docker-compose up --build $ docker-compose up --build
``` ```
to run all the services. to run all the services.
## Build ## Build
``` ```
pnpm build pnpm build
``` ```
## Run ## Run
``` ```
pnpm start pnpm start
``` ```
### Environment Variables Required ### Environment Variables Required
``` ```
1. PORT 1. PORT
2. DATABASE_URL 2. DATABASE_URL
...@@ -72,16 +82,19 @@ pnpm start ...@@ -72,16 +82,19 @@ pnpm start
``` ```
### Outgoing communication services ### Outgoing communication services
``` ```
1. SSI Abstraction 1. SSI Abstraction
``` ```
### Incomming communication services ### Incomming communication services
``` ```
1. Principal Manager 1. Principal Manager
``` ```
### Features supported ### Features supported
``` ```
1. Create Schema 1. Create Schema
2. Create Credential Definition 2. Create Credential Definition
...@@ -90,8 +103,8 @@ pnpm start ...@@ -90,8 +103,8 @@ pnpm start
5. Accept Credential 5. Accept Credential
``` ```
## Test ## Test
<hr/> <hr/>
```bash ```bash
...@@ -105,18 +118,20 @@ $ pnpm test:e2e ...@@ -105,18 +118,20 @@ $ pnpm test:e2e
$ pnpm test:cov $ pnpm test:cov
``` ```
## GDPR ## GDPR
<hr/> <hr/>
[GDPR](GDPR.md) [GDPR](GDPR.md)
## Dependencies ## Dependencies
<hr/> <hr/>
[Dependencies](package.json) [Dependencies](package.json)
## License ## License
<hr/> <hr/>
[Apache 2.0 license](LICENSE) [Apache 2.0 license](LICENSE)
apps/attestation-manager/deployment/helm/Chart.yaml
+ 1
1
View file @ c5ef6fe2
...@@ -3,4 +3,4 @@ appVersion: v1.0.4-rc ...@@ -3,4 +3,4 @@ appVersion: v1.0.4-rc
description: attestation-manager deployment description: attestation-manager deployment
name: attestation-manager name: attestation-manager
version: 1.0.4 version: 1.0.4
icon: "https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg" icon: 'https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg'
apps/attestation-manager/deployment/helm/README.md
+ 58
57
View file @ c5ef6fe2
...@@ -6,62 +6,63 @@ attestation-manager deployment ...@@ -6,62 +6,63 @@ attestation-manager deployment
## Values ## Values
| Key | Type | Default | Description | | Key | Type | Default | Description |
|-----|------|---------|-------------| | ----------------------------------------------------------------- | ------ | ------------------------------------------------------- | -------------------------------------------------------------- |
| attestationManager.acceptMembershipCredentialsConfig | string | `"AUTO"` | | | attestationManager.acceptMembershipCredentialsConfig | string | `"AUTO"` | |
| attestationManager.agent.host | string | `"ssi-abstraction"` | | | attestationManager.agent.host | string | `"ssi-abstraction"` | |
| attestationManager.agent.port | int | `3010` | | | attestationManager.agent.port | int | `3010` | |
| attestationManager.agent.protocol | string | `"http"` | | | attestationManager.agent.protocol | string | `"http"` | |
| attestationManager.database.db | string | `"ocm_attestation_manager"` | | | attestationManager.database.db | string | `"ocm_attestation_manager"` | |
| attestationManager.database.host | string | `"postgresql-postgresql-ha-postgresql.infra"` | | | attestationManager.database.host | string | `"postgresql-postgresql-ha-postgresql.infra"` | |
| attestationManager.database.password | string | `"ocm_attestation_manager"` | | | attestationManager.database.password | string | `"ocm_attestation_manager"` | |
| attestationManager.database.port | int | `5432` | | | attestationManager.database.port | int | `5432` | |
| attestationManager.database.schema | string | `"attestation"` | | | attestationManager.database.schema | string | `"attestation"` | |
| attestationManager.database.user | string | `"ocm_attestation_manager"` | | | attestationManager.database.user | string | `"ocm_attestation_manager"` | |
| attestationManager.elastic.port | int | `9200` | | | attestationManager.elastic.port | int | `9200` | |
| attestationManager.elastic.protocol | string | `"http"` | | | attestationManager.elastic.protocol | string | `"http"` | |
| attestationManager.elastic.url | string | `"elasticsearch"` | | | attestationManager.elastic.url | string | `"elasticsearch"` | |
| attestationManager.nats.port | int | `4222` | | | attestationManager.nats.port | int | `4222` | |
| attestationManager.nats.protocol | string | `"nats"` | | | attestationManager.nats.protocol | string | `"nats"` | |
| attestationManager.nats.url | string | `"nats"` | | | attestationManager.nats.url | string | `"nats"` | |
| attestationManager.url.attestationManager | string | `"https://gaiax.vereign.com/ocm/attestation"` | | | attestationManager.url.attestationManager | string | `"https://gaiax.vereign.com/ocm/attestation"` | |
| attestationManager.url.connectionManager | string | `"https://gaiax.vereign.com/ocm/connection"` | | | attestationManager.url.connectionManager | string | `"https://gaiax.vereign.com/ocm/connection"` | |
| attestationManager.url.tsa | string | `"https://gaiax.vereign.com/tsa/policy/policy/example"` | | | attestationManager.url.tsa | string | `"https://gaiax.vereign.com/tsa/policy/policy/example"` | |
| autoscaling.enabled | bool | `false` | Enable autoscaling | | autoscaling.enabled | bool | `false` | Enable autoscaling |
| autoscaling.maxReplicas | int | `3` | Maximum replicas | | autoscaling.maxReplicas | int | `3` | Maximum replicas |
| autoscaling.minReplicas | int | `1` | Minimum replicas | | autoscaling.minReplicas | int | `1` | Minimum replicas |
| autoscaling.targetCPUUtilizationPercentage | int | `70` | CPU target for autoscaling trigger | | autoscaling.targetCPUUtilizationPercentage | int | `70` | CPU target for autoscaling trigger |
| autoscaling.targetMemoryUtilizationPercentage | int | `70` | Memory target for autoscaling trigger | | autoscaling.targetMemoryUtilizationPercentage | int | `70` | Memory target for autoscaling trigger |
| image.name | string | `"gaiax/attestation-manager"` | Image name | | image.name | string | `"gaiax/attestation-manager"` | Image name |
| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy |
| image.pullSecrets | string | `"deployment-key-light"` | Image pull secret when internal image is used | | image.pullSecrets | string | `"deployment-key-light"` | Image pull secret when internal image is used |
| image.repository | string | `"eu.gcr.io/vrgn-infra-prj"` | | | image.repository | string | `"eu.gcr.io/vrgn-infra-prj"` | |
| image.sha | string | `""` | Image sha, usually generated by the CI Uses image.tag if empty | | image.sha | string | `""` | Image sha, usually generated by the CI Uses image.tag if empty |
| image.tag | string | `""` | Image tag Uses .Chart.AppVersion if empty | | image.tag | string | `""` | Image tag Uses .Chart.AppVersion if empty |
| ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt-production-http"` | | | ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt-production-http"` | |
| ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | | | ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | |
| ingress.annotations."kubernetes.io/ingress.global-static-ip-name" | string | `"dev-light-public"` | | | ingress.annotations."kubernetes.io/ingress.global-static-ip-name" | string | `"dev-light-public"` | |
| ingress.annotations."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/$2"` | | | ingress.annotations."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/$2"` | |
| ingress.enabled | bool | `true` | | | ingress.enabled | bool | `true` | |
| ingress.frontendDomain | string | `"gaiax.vereign.com"` | | | ingress.frontendDomain | string | `"gaiax.vereign.com"` | |
| ingress.frontendTlsSecretName | string | `"cert-manager-tls"` | | | ingress.frontendTlsSecretName | string | `"cert-manager-tls"` | |
| ingress.tlsEnabled | bool | `true` | | | ingress.tlsEnabled | bool | `true` | |
| log.encoding | string | `"json"` | | | log.encoding | string | `"json"` | |
| log.level | string | `"INFO"` | | | log.level | string | `"INFO"` | |
| metrics.enabled | bool | `true` | Enable prometheus metrics | | metrics.enabled | bool | `true` | Enable prometheus metrics |
| metrics.port | int | `2112` | Port for prometheus metrics | | metrics.port | int | `2112` | Port for prometheus metrics |
| name | string | `"ssi-abstraction"` | Application name | | name | string | `"ssi-abstraction"` | Application name |
| nameOverride | string | `""` | Ovverwrites application name | | nameOverride | string | `""` | Ovverwrites application name |
| podAnnotations | object | `{}` | | | podAnnotations | object | `{}` | |
| replicaCount | int | `1` | Default number of instances to start | | replicaCount | int | `1` | Default number of instances to start |
| resources.limits.cpu | string | `"150m"` | | | resources.limits.cpu | string | `"150m"` | |
| resources.limits.memory | string | `"128Mi"` | | | resources.limits.memory | string | `"128Mi"` | |
| resources.requests.cpu | string | `"25m"` | | | resources.requests.cpu | string | `"25m"` | |
| resources.requests.memory | string | `"64Mi"` | | | resources.requests.memory | string | `"64Mi"` | |
| security.runAsGid | int | `0` | Group used by the apps | | security.runAsGid | int | `0` | Group used by the apps |
| security.runAsNonRoot | bool | `false` | by default, apps run as non-root | | security.runAsNonRoot | bool | `false` | by default, apps run as non-root |
| security.runAsUid | int | `0` | User used by the apps | | security.runAsUid | int | `0` | User used by the apps |
| service.port | int | `3005` | | | service.port | int | `3005` | |
---
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)
apps/attestation-manager/deployment/helm/templates/service.yaml
+ 7
10
View file @ c5ef6fe2
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ template "app.name" . }} name: { { template "app.name" . } }
namespace: {{ .Release.Namespace }} namespace: { { .Release.Namespace } }
labels: labels: { { - include "app.labels" . | nindent 4 } }
{{- include "app.labels" . | nindent 4 }}
spec: spec:
clusterIP: None clusterIP: None
ports: ports:
- name: http - name: http
port: {{ .Values.service.port }} port: { { .Values.service.port } }
targetPort: {{ .Values.service.port }} targetPort: { { .Values.service.port } }
selector: selector: { { - include "app.selectorLabels" . | nindent 4 } }
{{- include "app.selectorLabels" . | nindent 4 }}
apps/attestation-manager/deployment/helm/values-override.yaml
+ 33
33
View file @ c5ef6fe2
image: image:
repository: registry.gitlab.com/gaia-x/data-infrastructure-federation-services/ocm repository: registry.gitlab.com/gaia-x/data-infrastructure-federation-services/ocm
# -- Image name # -- Image name
name: attestation-manager name: attestation-manager
attestationManager: attestationManager:
url: url:
tsa: https://tsa.gxfs.dev/policy/policy/example tsa: https://tsa.gxfs.dev/policy/policy/example
connectionManager: https://ocm.gxfs.dev/connection connectionManager: https://ocm.gxfs.dev/connection
attestationManager: https://ocm.gxfs.dev/attestation attestationManager: https://ocm.gxfs.dev/attestation
database: database:
host: vereign-database1-postgres.gxfs-vereign host: vereign-database1-postgres.gxfs-vereign
user: ENC[AES256_GCM,data:mk+oOKURENM=,iv:COwKJMsdTq5rk0L6bgooO2ZfTUlc1s16KWfPOGlJ1lo=,tag:5OXJ6l8DCvOUhinh922IAw==,type:str] user: ENC[AES256_GCM,data:mk+oOKURENM=,iv:COwKJMsdTq5rk0L6bgooO2ZfTUlc1s16KWfPOGlJ1lo=,tag:5OXJ6l8DCvOUhinh922IAw==,type:str]
password: ENC[AES256_GCM,data:2DRvp3NP2KWDABEjRFqlfVPwtxsooDJW357jmJ7KEFURlubs3DGbce+5wLLhG8XbpdFZhCFEoNZivREa4LwhIw==,iv:3hqOlGqAT5/g52nSnqa8/ydUprOtWThT4lcoysmy11Q=,tag:0ZWS2zf5/huwhq9KO2HjoQ==,type:str] password: ENC[AES256_GCM,data:2DRvp3NP2KWDABEjRFqlfVPwtxsooDJW357jmJ7KEFURlubs3DGbce+5wLLhG8XbpdFZhCFEoNZivREa4LwhIw==,iv:3hqOlGqAT5/g52nSnqa8/ydUprOtWThT4lcoysmy11Q=,tag:0ZWS2zf5/huwhq9KO2HjoQ==,type:str]
db: vereign-database1-postgres db: vereign-database1-postgres
ingress: ingress:
frontendDomain: ocm.gxfs.dev frontendDomain: ocm.gxfs.dev
frontendTlsSecretName: wildcard-gxfs-dev frontendTlsSecretName: wildcard-gxfs-dev
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
azure_kv: [] azure_kv: []
hc_vault: [] hc_vault: []
age: age:
- recipient: age1nrk70nevtmrcgzjunsed43ar6dk3e06qt7tryqqprj9axv4e0djqa0n0cg - recipient: age1nrk70nevtmrcgzjunsed43ar6dk3e06qt7tryqqprj9axv4e0djqa0n0cg
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySXY3dzljdWdyamFLNkFW YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySXY3dzljdWdyamFLNkFW
WHNqeGY3Q09WNnd2blJiTDhhVzdKQ0hjalgwCjR3RGZMdHFyM1lhQXdhcnN5SVE0 WHNqeGY3Q09WNnd2blJiTDhhVzdKQ0hjalgwCjR3RGZMdHFyM1lhQXdhcnN5SVE0
NnBwMzlVY2xwTzFQNE5VR3QybnpLb28KLS0tIHU4QVZZRWViNlVKQzg0YVBQWVI5 NnBwMzlVY2xwTzFQNE5VR3QybnpLb28KLS0tIHU4QVZZRWViNlVKQzg0YVBQWVI5
S3J1amdkVGhBUzhHOEJmWThSbVFNdm8KsBA7cO4f2Zmym8SoIXAzNw0uxaxfDWg9 S3J1amdkVGhBUzhHOEJmWThSbVFNdm8KsBA7cO4f2Zmym8SoIXAzNw0uxaxfDWg9
ryyxpwCjSQD2kuOw9epK/J7DpCkpAmipQSNvmU5ZiNnq9VzdQ8WGEA== ryyxpwCjSQD2kuOw9epK/J7DpCkpAmipQSNvmU5ZiNnq9VzdQ8WGEA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2022-08-04T11:06:04Z" lastmodified: '2022-08-04T11:06:04Z'
mac: ENC[AES256_GCM,data:MdbVIQyR5s4efjMB1MIiOJZOueS0R1F4xvoaHEUoWaQ/bIWa3Km/CBijCI4+zqM54tZ3Zs+kMLK0FdHd+TpSujY2Jg6U8JqRHnA4cUEcr1el5pnhqo3lLiSmZXhGJaO9mlPoE/IVDdlrDXgRwexnznvyJn5RUpK1KdTsAU02wBI=,iv:EdCTlV7CDJikksz0HoiShKhKCO6LsOGsTk6GQalw6QA=,tag:QCbYT1Wr3KwcgmR70Qxlvg==,type:str] mac: ENC[AES256_GCM,data:MdbVIQyR5s4efjMB1MIiOJZOueS0R1F4xvoaHEUoWaQ/bIWa3Km/CBijCI4+zqM54tZ3Zs+kMLK0FdHd+TpSujY2Jg6U8JqRHnA4cUEcr1el5pnhqo3lLiSmZXhGJaO9mlPoE/IVDdlrDXgRwexnznvyJn5RUpK1KdTsAU02wBI=,iv:EdCTlV7CDJikksz0HoiShKhKCO6LsOGsTk6GQalw6QA=,tag:QCbYT1Wr3KwcgmR70Qxlvg==,type:str]
pgp: [] pgp: []
encrypted_regex: ^(password|user)$ encrypted_regex: ^(password|user)$
version: 3.7.3 version: 3.7.3
apps/attestation-manager/deployment/helm/values.yaml
+ 5
6
View file @ c5ef6fe2
# -- Default number of instances to start # -- Default number of instances to start
replicaCount: 1 replicaCount: 1
# -- Application name # -- Application name
name: ssi-abstraction name: ssi-abstraction
# -- Ovverwrites application name # -- Ovverwrites application name
nameOverride: "" nameOverride: ''
image: image:
repository: eu.gcr.io/vrgn-infra-prj repository: eu.gcr.io/vrgn-infra-prj
...@@ -11,16 +11,15 @@ image: ...@@ -11,16 +11,15 @@ image:
name: gaiax/attestation-manager name: gaiax/attestation-manager
# -- Image tag # -- Image tag
# Uses .Chart.AppVersion if empty # Uses .Chart.AppVersion if empty
tag: "" tag: ''
# -- Image sha, usually generated by the CI # -- Image sha, usually generated by the CI
# Uses image.tag if empty # Uses image.tag if empty
sha: "" sha: ''
# -- Image pull policy # -- Image pull policy
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# -- Image pull secret when internal image is used # -- Image pull secret when internal image is used
pullSecrets: deployment-key-light pullSecrets: deployment-key-light
podAnnotations: {} podAnnotations: {}
## ##
## Pass extra environment variables to the container. ## Pass extra environment variables to the container.
...@@ -67,7 +66,7 @@ metrics: ...@@ -67,7 +66,7 @@ metrics:
port: 2112 port: 2112
log: log:
level: "INFO" level: 'INFO'
encoding: json encoding: json
## ##
......
apps/attestation-manager/swagger.json
+ 27
88
View file @ c5ef6fe2
...@@ -142,9 +142,7 @@ ...@@ -142,9 +142,7 @@
} }
} }
}, },
"tags": [ "tags": ["Schemas"]
"Schemas"
]
}, },
"post": { "post": {
"operationId": "SchemasController_createSchema", "operationId": "SchemasController_createSchema",
...@@ -251,9 +249,7 @@ ...@@ -251,9 +249,7 @@
} }
} }
}, },
"tags": [ "tags": ["Schemas"]
"Schemas"
]
} }
}, },
"/v1/schemas/{id}": { "/v1/schemas/{id}": {
...@@ -348,9 +344,7 @@ ...@@ -348,9 +344,7 @@
} }
} }
}, },
"tags": [ "tags": ["Schemas"]
"Schemas"
]
} }
}, },
"/v1/schemas/get-dids-for-schema/{id}": { "/v1/schemas/get-dids-for-schema/{id}": {
...@@ -383,9 +377,7 @@ ...@@ -383,9 +377,7 @@
"total_credential_defs": 1, "total_credential_defs": 1,
"principalDids": [ "principalDids": [
{ {
"loremIpsumCredDef": [ "loremIpsumCredDef": ["1234did"]
"1234did"
]
} }
] ]
} }
...@@ -429,9 +421,7 @@ ...@@ -429,9 +421,7 @@
} }
} }
}, },
"tags": [ "tags": ["Schemas"]
"Schemas"
]
} }
}, },
"/v1/create-offer-credential": { "/v1/create-offer-credential": {
...@@ -569,9 +559,7 @@ ...@@ -569,9 +559,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/create-propose-credential": { "/v1/create-propose-credential": {
...@@ -692,9 +680,7 @@ ...@@ -692,9 +680,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/accept-request/{credentialId}": { "/v1/accept-request/{credentialId}": {
...@@ -708,9 +694,7 @@ ...@@ -708,9 +694,7 @@
"description": "" "description": ""
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/accept-proposal/{credentialId}": { "/v1/accept-proposal/{credentialId}": {
...@@ -724,9 +708,7 @@ ...@@ -724,9 +708,7 @@
"description": "" "description": ""
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/accept-offer/{credentialId}": { "/v1/accept-offer/{credentialId}": {
...@@ -740,9 +722,7 @@ ...@@ -740,9 +722,7 @@
"description": "" "description": ""
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/accept-credential/{credentialId}": { "/v1/accept-credential/{credentialId}": {
...@@ -756,9 +736,7 @@ ...@@ -756,9 +736,7 @@
"description": "" "description": ""
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/credential-info/{id}": { "/v1/credential-info/{id}": {
...@@ -799,9 +777,7 @@ ...@@ -799,9 +777,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/delete-credential/{id}": { "/v1/delete-credential/{id}": {
...@@ -844,9 +820,7 @@ ...@@ -844,9 +820,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/credential": { "/v1/credential": {
...@@ -1008,9 +982,7 @@ ...@@ -1008,9 +982,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/credential/{id}": { "/v1/credential/{id}": {
...@@ -1082,9 +1054,7 @@ ...@@ -1082,9 +1054,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/updateSchemaIdByType": { "/v1/updateSchemaIdByType": {
...@@ -1166,9 +1136,7 @@ ...@@ -1166,9 +1136,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/credentialType": { "/v1/credentialType": {
...@@ -1227,9 +1195,7 @@ ...@@ -1227,9 +1195,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
}, },
"get": { "get": {
"operationId": "AttestationController_getCredentialTypeAttributes", "operationId": "AttestationController_getCredentialTypeAttributes",
...@@ -1304,9 +1270,7 @@ ...@@ -1304,9 +1270,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credentials"]
"Credentials"
]
} }
}, },
"/v1/credentialDef": { "/v1/credentialDef": {
...@@ -1416,9 +1380,7 @@ ...@@ -1416,9 +1380,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credential Definitions"]
"Credential Definitions"
]
}, },
"post": { "post": {
"operationId": "CredentialDefController_createCredentialDef", "operationId": "CredentialDefController_createCredentialDef",
...@@ -1515,9 +1477,7 @@ ...@@ -1515,9 +1477,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credential Definitions"]
"Credential Definitions"
]
} }
}, },
"/v1/credentialDef/{id}": { "/v1/credentialDef/{id}": {
...@@ -1605,9 +1565,7 @@ ...@@ -1605,9 +1565,7 @@
} }
} }
}, },
"tags": [ "tags": ["Credential Definitions"]
"Credential Definitions"
]
} }
}, },
"/v1/userInfo": { "/v1/userInfo": {
...@@ -1631,9 +1589,7 @@ ...@@ -1631,9 +1589,7 @@
"description": "" "description": ""
} }
}, },
"tags": [ "tags": ["userInfo (to be deprecated)"]
"userInfo (to be deprecated)"
]
} }
} }
}, },
...@@ -1669,12 +1625,7 @@ ...@@ -1669,12 +1625,7 @@
"type": "string" "type": "string"
} }
}, },
"required": [ "required": ["name", "createdBy", "version", "attributes"]
"name",
"createdBy",
"version",
"attributes"
]
}, },
"CredentialPreviewAttributes": { "CredentialPreviewAttributes": {
"type": "object", "type": "object",
...@@ -1686,10 +1637,7 @@ ...@@ -1686,10 +1637,7 @@
"type": "string" "type": "string"
} }
}, },
"required": [ "required": ["name", "value"]
"name",
"value"
]
}, },
"OfferCredentialDto": { "OfferCredentialDto": {
"type": "object", "type": "object",
...@@ -1755,9 +1703,7 @@ ...@@ -1755,9 +1703,7 @@
"type": "string" "type": "string"
} }
}, },
"required": [ "required": ["schemaId"]
"schemaId"
]
}, },
"CredentialTypeDto": { "CredentialTypeDto": {
"type": "object", "type": "object",
...@@ -1769,10 +1715,7 @@ ...@@ -1769,10 +1715,7 @@
"type": "string" "type": "string"
} }
}, },
"required": [ "required": ["type", "schemaId"]
"type",
"schemaId"
]
}, },
"CredentialDefDto": { "CredentialDefDto": {
"type": "object", "type": "object",
...@@ -1822,11 +1765,7 @@ ...@@ -1822,11 +1765,7 @@
"properties": {} "properties": {}
} }
}, },
"required": [ "required": ["connectionId", "autoAcceptCredential", "userInfo"]
"connectionId",
"autoAcceptCredential",
"userInfo"
]
} }
} }
} }
......
apps/connection-manager/GDPR.md
+ 8
1
View file @ c5ef6fe2
# GDPR Compliance Document # GDPR Compliance Document
The objective of this document is to detail, the data being stored and proccessed by the Organization Credential Manager's, Connection Manger. The objective of this document is to detail, the data being stored and proccessed by the Organization Credential Manager's, Connection Manger.
## What information is stored ## What information is stored
### Source User Information ### Source User Information
The email id received from the user. The email id received from the user.
### Technical User Information (Public) ### Technical User Information (Public)
- DID of the OCM agent - DID of the OCM agent
- DID of the other participant in the connection - DID of the other participant in the connection
- Connection Status - Connection Status
...@@ -14,10 +18,13 @@ The email id received from the user. ...@@ -14,10 +18,13 @@ The email id received from the user.
- Holder email as well as wallet name is stored in DB - Holder email as well as wallet name is stored in DB
## How is the information stored ## How is the information stored
The Source User Information and Technical User Information is encrypted using the Private Key of the Organizations SSI Agent and stored internally (on the agent) on PostgreSQL and externally/ metadata (shared between the OCM services) on PostgreSQL of Organization. The Source User Information and Technical User Information is encrypted using the Private Key of the Organizations SSI Agent and stored internally (on the agent) on PostgreSQL and externally/ metadata (shared between the OCM services) on PostgreSQL of Organization.
## Who can access the information ## Who can access the information
The Source User Information and Technical User Information both are accessible only by the Organization specific SSI agent's private key. The Source User Information and Technical User Information both are accessible only by the Organization specific SSI agent's private key.
## How long will the information stay ## How long will the information stay
The Source User Information and Technical User Information is wiped out according to the retention periods (not defined yet). The Source User Information and Technical User Information is wiped out according to the retention periods (not defined yet).
apps/connection-manager/README.md
+ 29
19
View file @ c5ef6fe2
# OCM Connection Manager # OCM Connection Manager
## Description ## Description
<hr/> <hr/>
The connection manager is the microservice responsible for handling the features related to connection between aries agents. The connection manager is the microservice responsible for handling the features related to connection between aries agents.
The service implements REST endpoints, events and calls to other services related to connections in the Organizational Credential Manager. The service implements REST endpoints, events and calls to other services related to connections in the Organizational Credential Manager.
#### Security note #### Security note
`Man in the mid` security concern will be address in Phase II of of the project. It was discussed multiple times, and one of the options is to use [TRAIN API](https://train.trust-scheme.de/info/) .
`Man in the mid` security concern will be address in Phase II of of the project. It was discussed multiple times, and one of the options is to use [TRAIN API](https://train.trust-scheme.de/info/) .
## Usage ## Usage
<hr/>
<hr/>
### Swagger Documentation: ### Swagger Documentation:
[Swagger/OpenAPI](swagger.json) [Swagger/OpenAPI](swagger.json)
## Installation ## Installation
<hr/>
<hr/>
### Pre-requisites ### Pre-requisites
* pnpm
* docker
* docker-compose
* postgres
* NATS Server
- pnpm
- docker
- docker-compose
- postgres
- NATS Server
### OCM Services Dependencies ### OCM Services Dependencies
* SSI Abstraction
* Principal Manager
* Attestation Manager
* Proof Manager
- SSI Abstraction
- Principal Manager
- Attestation Manager
- Proof Manager
## Running the app ## Running the app
<hr/>
<hr/>
**Each service in the Organizational Credential Manager can be run from the infrastructure repository with Docker.** **Each service in the Organizational Credential Manager can be run from the infrastructure repository with Docker.**
...@@ -52,20 +53,24 @@ The service implements REST endpoints, events and calls to other services relate ...@@ -52,20 +53,24 @@ The service implements REST endpoints, events and calls to other services relate
./deployment/dev ./deployment/dev
``` ```
* (optional) Edit docker-compose.yml in "infrastructure" to use either **/ci/** or **/dev/** Dockerfiles. - (optional) Edit docker-compose.yml in "infrastructure" to use either **/ci/** or **/dev/** Dockerfiles.
- Run while in **"infrastructure"** project:
* Run while in **"infrastructure"** project:
```bash ```bash
$ docker-compose up --build conn-m $ docker-compose up --build conn-m
``` ```
to run only Connection Manager or to run only Connection Manager or
```bash ```bash
$ docker-compose up --build $ docker-compose up --build
``` ```
to run all the services.
to run all the services.
### Environment variables required ### Environment variables required
``` ```
1. PORT 1. PORT
2. DATABASE_URL 2. DATABASE_URL
...@@ -74,6 +79,7 @@ to run all the services. ...@@ -74,6 +79,7 @@ to run all the services.
``` ```
### Outgoing communication services ### Outgoing communication services
``` ```
1. PRINCIPAL MANAGER 1. PRINCIPAL MANAGER
2. ATTESTATION MANAGER 2. ATTESTATION MANAGER
...@@ -81,6 +87,7 @@ to run all the services. ...@@ -81,6 +87,7 @@ to run all the services.
``` ```
### Incoming communication services ### Incoming communication services
``` ```
1. SSI-ABSTRACTION 1. SSI-ABSTRACTION
2. PROOF MANAGER 2. PROOF MANAGER
...@@ -88,6 +95,7 @@ to run all the services. ...@@ -88,6 +95,7 @@ to run all the services.
``` ```
### Supported features ### Supported features
``` ```
1. Nats endpoint to update connection status 1. Nats endpoint to update connection status
2. Create invitation URL. 2. Create invitation URL.
...@@ -99,6 +107,7 @@ to run all the services. ...@@ -99,6 +107,7 @@ to run all the services.
``` ```
## Test ## Test
<hr/> <hr/>
```bash ```bash
...@@ -113,18 +122,19 @@ $ pnpm test:cov ...@@ -113,18 +122,19 @@ $ pnpm test:cov
``` ```
## GDPR ## GDPR
<hr/> <hr/>
[GDPR](GDPR.md) [GDPR](GDPR.md)
## Dependencies ## Dependencies
<hr/> <hr/>
[Dependencies](package.json) [Dependencies](package.json)
## License ## License
<hr/> <hr/>
[Apache 2.0 license](LICENSE) [Apache 2.0 license](LICENSE)
apps/connection-manager/deployment/helm/Chart.yaml
+ 1
1
View file @ c5ef6fe2
...@@ -3,4 +3,4 @@ appVersion: v1.0.7-rc ...@@ -3,4 +3,4 @@ appVersion: v1.0.7-rc
description: connection-manager deployment description: connection-manager deployment
name: connection-manager name: connection-manager
version: 1.0.7 version: 1.0.7
icon: "https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg" icon: 'https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg'
apps/connection-manager/deployment/helm/README.md
+ 55
54
View file @ c5ef6fe2
...@@ -6,59 +6,60 @@ connection-manager deployment ...@@ -6,59 +6,60 @@ connection-manager deployment
## Values ## Values
| Key | Type | Default | Description | | Key | Type | Default | Description |
|-----|------|---------|-------------| | ----------------------------------------------------------------- | ------ | --------------------------------------------- | -------------------------------------------------------------- |
| autoscaling.enabled | bool | `false` | Enable autoscaling | | autoscaling.enabled | bool | `false` | Enable autoscaling |
| autoscaling.maxReplicas | int | `3` | Maximum replicas | | autoscaling.maxReplicas | int | `3` | Maximum replicas |
| autoscaling.minReplicas | int | `1` | Minimum replicas | | autoscaling.minReplicas | int | `1` | Minimum replicas |
| autoscaling.targetCPUUtilizationPercentage | int | `70` | CPU target for autoscaling trigger | | autoscaling.targetCPUUtilizationPercentage | int | `70` | CPU target for autoscaling trigger |
| autoscaling.targetMemoryUtilizationPercentage | int | `70` | Memory target for autoscaling trigger | | autoscaling.targetMemoryUtilizationPercentage | int | `70` | Memory target for autoscaling trigger |
| connectionManager.agent.host | string | `"ssi-abstraction"` | | | connectionManager.agent.host | string | `"ssi-abstraction"` | |
| connectionManager.agent.port | int | `3010` | | | connectionManager.agent.port | int | `3010` | |
| connectionManager.agent.protocol | string | `"http"` | | | connectionManager.agent.protocol | string | `"http"` | |
| connectionManager.database.db | string | `"ocm_connection_manager"` | | | connectionManager.database.db | string | `"ocm_connection_manager"` | |
| connectionManager.database.host | string | `"postgresql-postgresql-ha-postgresql.infra"` | | | connectionManager.database.host | string | `"postgresql-postgresql-ha-postgresql.infra"` | |
| connectionManager.database.password | string | `"ocm_connection_manager"` | | | connectionManager.database.password | string | `"ocm_connection_manager"` | |
| connectionManager.database.port | int | `5432` | | | connectionManager.database.port | int | `5432` | |
| connectionManager.database.schema | string | `"connection"` | | | connectionManager.database.schema | string | `"connection"` | |
| connectionManager.database.user | string | `"ocm_connection_manager"` | | | connectionManager.database.user | string | `"ocm_connection_manager"` | |
| connectionManager.elastic.port | int | `9200` | | | connectionManager.elastic.port | int | `9200` | |
| connectionManager.elastic.protocol | string | `"http"` | | | connectionManager.elastic.protocol | string | `"http"` | |
| connectionManager.elastic.url | string | `"elasticsearch"` | | | connectionManager.elastic.url | string | `"elasticsearch"` | |
| connectionManager.nats.port | int | `4222` | | | connectionManager.nats.port | int | `4222` | |
| connectionManager.nats.protocol | string | `"nats"` | | | connectionManager.nats.protocol | string | `"nats"` | |
| connectionManager.nats.url | string | `"nats"` | | | connectionManager.nats.url | string | `"nats"` | |
| image.name | string | `"gaiax/connection-manager"` | Image name | | image.name | string | `"gaiax/connection-manager"` | Image name |
| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy |
| image.pullSecrets | string | `"deployment-key-light"` | Image pull secret when internal image is used | | image.pullSecrets | string | `"deployment-key-light"` | Image pull secret when internal image is used |
| image.repository | string | `"eu.gcr.io/vrgn-infra-prj"` | | | image.repository | string | `"eu.gcr.io/vrgn-infra-prj"` | |
| image.sha | string | `""` | Image sha, usually generated by the CI Uses image.tag if empty | | image.sha | string | `""` | Image sha, usually generated by the CI Uses image.tag if empty |
| image.tag | string | `""` | Image tag Uses .Chart.AppVersion if empty | | image.tag | string | `""` | Image tag Uses .Chart.AppVersion if empty |
| ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt-production-http"` | | | ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt-production-http"` | |
| ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | | | ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | |
| ingress.annotations."kubernetes.io/ingress.global-static-ip-name" | string | `"dev-light-public"` | | | ingress.annotations."kubernetes.io/ingress.global-static-ip-name" | string | `"dev-light-public"` | |
| ingress.annotations."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/$2"` | | | ingress.annotations."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/$2"` | |
| ingress.enabled | bool | `true` | | | ingress.enabled | bool | `true` | |
| ingress.frontendDomain | string | `"gaiax.vereign.com"` | | | ingress.frontendDomain | string | `"gaiax.vereign.com"` | |
| ingress.frontendTlsSecretName | string | `"cert-manager-tls"` | | | ingress.frontendTlsSecretName | string | `"cert-manager-tls"` | |
| ingress.pathOverride | string | `""` | | | ingress.pathOverride | string | `""` | |
| ingress.tlsEnabled | bool | `true` | | | ingress.tlsEnabled | bool | `true` | |
| log.encoding | string | `"json"` | | | log.encoding | string | `"json"` | |
| log.level | string | `"INFO"` | | | log.level | string | `"INFO"` | |
| metrics.enabled | bool | `true` | Enable prometheus metrics | | metrics.enabled | bool | `true` | Enable prometheus metrics |
| metrics.port | int | `2112` | Port for prometheus metrics | | metrics.port | int | `2112` | Port for prometheus metrics |
| name | string | `"connection-manager"` | Application name | | name | string | `"connection-manager"` | Application name |
| nameOverride | string | `""` | Ovverwrites application name | | nameOverride | string | `""` | Ovverwrites application name |
| podAnnotations | object | `{}` | | | podAnnotations | object | `{}` | |
| replicaCount | int | `1` | Default number of instances to start | | replicaCount | int | `1` | Default number of instances to start |
| resources.limits.cpu | string | `"150m"` | | | resources.limits.cpu | string | `"150m"` | |
| resources.limits.memory | string | `"128Mi"` | | | resources.limits.memory | string | `"128Mi"` | |
| resources.requests.cpu | string | `"25m"` | | | resources.requests.cpu | string | `"25m"` | |
| resources.requests.memory | string | `"64Mi"` | | | resources.requests.memory | string | `"64Mi"` | |
| security.runAsGid | int | `0` | Group used by the apps | | security.runAsGid | int | `0` | Group used by the apps |
| security.runAsNonRoot | bool | `false` | by default, apps run as non-root | | security.runAsNonRoot | bool | `false` | by default, apps run as non-root |
| security.runAsUid | int | `0` | User used by the apps | | security.runAsUid | int | `0` | User used by the apps |
| service.port | int | `3003` | | | service.port | int | `3003` | |
---
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)
apps/connection-manager/deployment/helm/templates/service.yaml
+ 7
10
View file @ c5ef6fe2
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ template "app.name" . }} name: { { template "app.name" . } }
namespace: {{ .Release.Namespace }} namespace: { { .Release.Namespace } }
labels: labels: { { - include "app.labels" . | nindent 4 } }
{{- include "app.labels" . | nindent 4 }}
spec: spec:
clusterIP: None clusterIP: None
ports: ports:
- name: http - name: http
port: {{ .Values.service.port }} port: { { .Values.service.port } }
targetPort: {{ .Values.service.port }} targetPort: { { .Values.service.port } }
selector: selector: { { - include "app.selectorLabels" . | nindent 4 } }
{{- include "app.selectorLabels" . | nindent 4 }}
apps/connection-manager/deployment/helm/values-override.yaml
+ 34
34
View file @ c5ef6fe2
image: image:
repository: registry.gitlab.com/gaia-x/data-infrastructure-federation-services/ocm repository: registry.gitlab.com/gaia-x/data-infrastructure-federation-services/ocm
# -- Image name # -- Image name
name: connection-manager name: connection-manager
connectionManager: connectionManager:
database: database:
host: vereign-database1-postgres.gxfs-vereign host: vereign-database1-postgres.gxfs-vereign
user: ENC[AES256_GCM,data:f+UtjwOUiyM=,iv:X/7E+GBmxxVdphMTChhhrCjT/01cLFwh62vhJApJkWA=,tag:oM0vFH3KSpFTBjeRi40oJA==,type:str] user: ENC[AES256_GCM,data:f+UtjwOUiyM=,iv:X/7E+GBmxxVdphMTChhhrCjT/01cLFwh62vhJApJkWA=,tag:oM0vFH3KSpFTBjeRi40oJA==,type:str]
password: ENC[AES256_GCM,data:iHEwZCuABQy0RMrDGeq3QEL874JgbQWC+7WQ49TW62Ynh/isVvo0kv8FR/rXRrUks3IlTIGWncj+JnIDQkODMg==,iv:4Lza3vwWDJPTPPYwgmTvrnMLrkQBYa5mnrn9HbQd2oQ=,tag:s6f9IVyJMdqu2NXtt0tuQg==,type:str] password: ENC[AES256_GCM,data:iHEwZCuABQy0RMrDGeq3QEL874JgbQWC+7WQ49TW62Ynh/isVvo0kv8FR/rXRrUks3IlTIGWncj+JnIDQkODMg==,iv:4Lza3vwWDJPTPPYwgmTvrnMLrkQBYa5mnrn9HbQd2oQ=,tag:s6f9IVyJMdqu2NXtt0tuQg==,type:str]
db: vereign-database1-postgres db: vereign-database1-postgres
ingress: ingress:
enabled: true enabled: true
annotations: annotations:
kubernetes.io/ingress.class: nginx kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2 nginx.ingress.kubernetes.io/rewrite-target: /$2
tlsEnabled: true tlsEnabled: true
frontendDomain: ocm.gxfs.dev frontendDomain: ocm.gxfs.dev
frontendTlsSecretName: wildcard-gxfs-dev frontendTlsSecretName: wildcard-gxfs-dev
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
azure_kv: [] azure_kv: []
hc_vault: [] hc_vault: []
age: age:
- recipient: age1nrk70nevtmrcgzjunsed43ar6dk3e06qt7tryqqprj9axv4e0djqa0n0cg - recipient: age1nrk70nevtmrcgzjunsed43ar6dk3e06qt7tryqqprj9axv4e0djqa0n0cg
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBVHQvUk4xOXBHZjBhT0ly YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBVHQvUk4xOXBHZjBhT0ly
R1pVeUVtU09mYmppb2hucktLeUx2bGtsUXhJCkdUKzQ5TlNCbzFBTWV4L3REMFlR R1pVeUVtU09mYmppb2hucktLeUx2bGtsUXhJCkdUKzQ5TlNCbzFBTWV4L3REMFlR
bS9nWUxWZ3JERW81QWtCQXJxU3Uzd3MKLS0tIDdmZXdGemdjYzZ5QU11QVVtYnBz bS9nWUxWZ3JERW81QWtCQXJxU3Uzd3MKLS0tIDdmZXdGemdjYzZ5QU11QVVtYnBz
WUROeFJTV0cxYnA4MTREcVlVYkhSZmMKDqEoHpnkE6AbTn1RHDn0G6u3XmeCSaTk WUROeFJTV0cxYnA4MTREcVlVYkhSZmMKDqEoHpnkE6AbTn1RHDn0G6u3XmeCSaTk
smByqqxfWePRPIul8VTlKnDNN68iQuK7Xxmj3RV7LTSj60XwdeIKuQ== smByqqxfWePRPIul8VTlKnDNN68iQuK7Xxmj3RV7LTSj60XwdeIKuQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2022-08-03T14:42:58Z" lastmodified: '2022-08-03T14:42:58Z'
mac: ENC[AES256_GCM,data:arq9lpFfu4WBPXPiaIgT/tdRQcBv15SB2sgaD9GBlTL+dVxAuZcDiWTykzWaxpvExf8aGv3flGCMYkQlil1u1YGdlIk7TfUHa+elta/US1QVYCJznChdV4UCSLm8PRh4sg9DWRFgrtxfs6IKhEOq17DwpGc1hVAFjNjUHgvPCFg=,iv:+GvCbcxPBJkzZu5TIZ7oGtCsSa8Fl9Qt6mGi6If2wds=,tag:8Lka/tG40HYjR7Uhn9jyig==,type:str] mac: ENC[AES256_GCM,data:arq9lpFfu4WBPXPiaIgT/tdRQcBv15SB2sgaD9GBlTL+dVxAuZcDiWTykzWaxpvExf8aGv3flGCMYkQlil1u1YGdlIk7TfUHa+elta/US1QVYCJznChdV4UCSLm8PRh4sg9DWRFgrtxfs6IKhEOq17DwpGc1hVAFjNjUHgvPCFg=,iv:+GvCbcxPBJkzZu5TIZ7oGtCsSa8Fl9Qt6mGi6If2wds=,tag:8Lka/tG40HYjR7Uhn9jyig==,type:str]
pgp: [] pgp: []
encrypted_regex: ^(password|user)$ encrypted_regex: ^(password|user)$
version: 3.7.3 version: 3.7.3
apps/connection-manager/deployment/helm/values.yaml
+ 6
7
View file @ c5ef6fe2
# -- Default number of instances to start # -- Default number of instances to start
replicaCount: 1 replicaCount: 1
# -- Application name # -- Application name
name: connection-manager name: connection-manager
# -- Ovverwrites application name # -- Ovverwrites application name
nameOverride: "" nameOverride: ''
image: image:
repository: eu.gcr.io/vrgn-infra-prj repository: eu.gcr.io/vrgn-infra-prj
...@@ -11,16 +11,15 @@ image: ...@@ -11,16 +11,15 @@ image:
name: gaiax/connection-manager name: gaiax/connection-manager
# -- Image tag # -- Image tag
# Uses .Chart.AppVersion if empty # Uses .Chart.AppVersion if empty
tag: "" tag: ''
# -- Image sha, usually generated by the CI # -- Image sha, usually generated by the CI
# Uses image.tag if empty # Uses image.tag if empty
sha: "" sha: ''
# -- Image pull policy # -- Image pull policy
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# -- Image pull secret when internal image is used # -- Image pull secret when internal image is used
pullSecrets: deployment-key-light pullSecrets: deployment-key-light
podAnnotations: {} podAnnotations: {}
## ##
## Pass extra environment variables to the container. ## Pass extra environment variables to the container.
...@@ -67,7 +66,7 @@ metrics: ...@@ -67,7 +66,7 @@ metrics:
port: 2112 port: 2112
log: log:
level: "INFO" level: 'INFO'
encoding: json encoding: json
## ##
...@@ -114,4 +113,4 @@ ingress: ...@@ -114,4 +113,4 @@ ingress:
tlsEnabled: true tlsEnabled: true
frontendDomain: gaiax.vereign.com frontendDomain: gaiax.vereign.com
frontendTlsSecretName: cert-manager-tls frontendTlsSecretName: cert-manager-tls
pathOverride: "" pathOverride: ''
\ No newline at end of file
apps/connection-manager/swagger.json
+ 12
40
View file @ c5ef6fe2
...@@ -67,9 +67,7 @@ ...@@ -67,9 +67,7 @@
"@type": "https://didcomm.org/connections/1.0/invitation", "@type": "https://didcomm.org/connections/1.0/invitation",
"@id": "efe3fe97", "@id": "efe3fe97",
"label": "ssi-abstraction-agent", "label": "ssi-abstraction-agent",
"recipientKeys": [ "recipientKeys": ["8iT6AAmbj9P"],
"8iT6AAmbj9P"
],
"serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm", "serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm",
"routingKeys": [] "routingKeys": []
}, },
...@@ -95,9 +93,7 @@ ...@@ -95,9 +93,7 @@
"serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm", "serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm",
"type": "IndyAgent", "type": "IndyAgent",
"priority": 0, "priority": 0,
"recipientKeys": [ "recipientKeys": ["8iT6AAmbj9P"],
"8iT6AAmbj9P"
],
"routingKeys": [] "routingKeys": []
} }
], ],
...@@ -117,9 +113,7 @@ ...@@ -117,9 +113,7 @@
"@type": "https://didcomm.org/connections/1.0/invitation", "@type": "https://didcomm.org/connections/1.0/invitation",
"@id": "efe3fe97", "@id": "efe3fe97",
"label": "ssi-abstraction-agent", "label": "ssi-abstraction-agent",
"recipientKeys": [ "recipientKeys": ["8iT6AAmbj9P"],
"8iT6AAmbj9P"
],
"serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm", "serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm",
"routingKeys": [] "routingKeys": []
}, },
...@@ -166,9 +160,7 @@ ...@@ -166,9 +160,7 @@
} }
} }
}, },
"tags": [ "tags": ["Connections"]
"Connections"
]
} }
}, },
"/v1/connection-information": { "/v1/connection-information": {
...@@ -243,9 +235,7 @@ ...@@ -243,9 +235,7 @@
} }
} }
}, },
"tags": [ "tags": ["Connections"]
"Connections"
]
} }
}, },
"/v1/connections": { "/v1/connections": {
...@@ -330,9 +320,7 @@ ...@@ -330,9 +320,7 @@
} }
} }
}, },
"tags": [ "tags": ["Connections"]
"Connections"
]
} }
}, },
"/v1/connections/{connectionId}": { "/v1/connections/{connectionId}": {
...@@ -392,9 +380,7 @@ ...@@ -392,9 +380,7 @@
} }
} }
}, },
"tags": [ "tags": ["Connections"]
"Connections"
]
} }
}, },
"/v1/accept-connection-invitation": { "/v1/accept-connection-invitation": {
...@@ -451,9 +437,7 @@ ...@@ -451,9 +437,7 @@
"serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm", "serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm",
"type": "IndyAgent", "type": "IndyAgent",
"priority": 0, "priority": 0,
"recipientKeys": [ "recipientKeys": ["F6d"],
"F6d"
],
"routingKeys": [] "routingKeys": []
} }
], ],
...@@ -475,9 +459,7 @@ ...@@ -475,9 +459,7 @@
"@type": "https://didcomm.org/connections/1.0/invitation", "@type": "https://didcomm.org/connections/1.0/invitation",
"@id": "12ebbf61", "@id": "12ebbf61",
"label": "ssi-abstraction-agent", "label": "ssi-abstraction-agent",
"recipientKeys": [ "recipientKeys": ["5Nj"],
"5Nj"
],
"serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm", "serviceEndpoint": "https://serviceEndpointUrl.com:443/ocm/didcomm",
"routingKeys": [] "routingKeys": []
}, },
...@@ -507,9 +489,7 @@ ...@@ -507,9 +489,7 @@
} }
} }
}, },
"tags": [ "tags": ["Connections"]
"Connections"
]
} }
} }
}, },
...@@ -539,12 +519,7 @@ ...@@ -539,12 +519,7 @@
"type": "string" "type": "string"
} }
}, },
"required": [ "required": ["autoAcceptConnection", "alias", "myLabel", "myImageUrl"]
"autoAcceptConnection",
"alias",
"myLabel",
"myImageUrl"
]
}, },
"AcceptConnectionInvitationBody": { "AcceptConnectionInvitationBody": {
"type": "object", "type": "object",
...@@ -556,10 +531,7 @@ ...@@ -556,10 +531,7 @@
"type": "boolean" "type": "boolean"
} }
}, },
"required": [ "required": ["invitationUrl", "autoAcceptConnection"]
"invitationUrl",
"autoAcceptConnection"
]
} }
} }
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent