Skip to content
Snippets Groups Projects
Verified Commit 9b7dfd68 authored by Konstantin Tsabolov's avatar Konstantin Tsabolov
Browse files

chore: remove attestation manager

parent ebb39da2
Branches chore/remove-attestation-manager
No related tags found
No related merge requests found
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 0 additions and 2396 deletions
apps/attestation-manager/.env.example deleted 100644 → 0
+ 0
11
View file @ ebb39da2
PORT=3005
DATABASE_URL=postgresql://root:password@localhost:5432/postgres?schema=attestation
ECSURL=http://localhost:9200/
ACCEPT_MEMBERSHIP_CREDENTIALS_CONFIG = AUTO
NATS_URL=nats://localhost:4222
AGENT_URL=http://localhost:3010
TSA_URL=https://gaiax.vereign.com/tsa/policy/policy/example
USE_AUTH=false
OAUTH_CLIENT_ID=clientid
OAUTH_CLIENT_SECRET=clientsecret
OAUTH_TOKEN_URL=https://tokenurl
\ No newline at end of file
apps/attestation-manager/GDPR.md deleted 100644 → 0
+ 0
42
View file @ ebb39da2
# GDPR Compliance Document
The objective of this document is to detail, the data being stored and proccessed by the Organization Credential Manager's, Attestation Manger.
## What information is stored
### Source User Information
The Open Id connect claims that MAY contain all sorts of personal data (like email, name, age and others), are received from any external source.
### Technical User Information (Public)
- Schema information (public)
- Credential/credential definition ids and states
- DID of issuer
- DID of holder
- Created/updated dates
- Offered credential attributes and attachments
## How is the information stored
### Source User Information
Source User Information is encrypted using the Private Key of the Organizations SSI Agent and stored until the issuance of credential in Organization's SSI Agent's PostgreSQL database.
### Technical User Information (Public)
Technical User Information is encrypted using the Private Key of the Organizations SSI Agent and stored internally (on the agent) on PostgreSQL and externally/ metadata (shared between the OCM services) on PostgreSQL of Organization.
## Who can access the information
The Source User Information and Technical User Information both are accessible only by the Organization specific SSI agent's private key.
## How long will the information stay
### Source User Information
The Source User Information is wiped out once the credential is issued.
### Technical User Information (Public)
The Technical User Information is wiped out according to the retention periods (not defined yet).
apps/attestation-manager/LICENSE deleted 100644 → 0
+ 0
636
View file @ ebb39da2
This diff is collapsed.
apps/attestation-manager/README.md deleted 100644 → 0
+ 0
137
View file @ ebb39da2
# OCM Attestation Manager
## Description
<hr/>
The Attestation Manager is the microservice responsible for handling the features related to Issuance of Credentials. It handles REST endpoints for Schemas, Credential Definitions and Verifiable Credentials.
## Usage
<hr/>
### Swagger Documentation:
[Swagger/OpenAPI](swagger.json)
## Installation
<hr/>
### Pre-requisite
- pnpm
- docker
- docker-compose
- PostgreSQL
### OCM Services Dependencies
- SSI Abstraction
- Connection Manager
## Running the app
**Each service in the Organizational Credential Manager can be run from the infrastructure repository with Docker.**
**The .env files are in the infrastructure repository under /env**
```bash
## production in:
./deployment/ci
## development in:
./deployment/dev
```
- (optional) Edit docker-compose.yml in "infrastructure" to use either **/ci/** or **/dev/** Dockerfiles.
- Run while in **"infrastructure"** project:
```bash
$ docker-compose up --build attestation-m
```
to run only Attestation Manager or
```bash
$ docker-compose up --build
```
to run all the services.
## Build
```
pnpm build
```
## Run
```
pnpm start
```
### Environment Variables Required
```
1. PORT
2. DATABASE_URL
3. ECSURL
4. NATS_URL
5. AGENT_URL
```
### Outgoing communication services
```
1. SSI Abstraction
```
### Incomming communication services
```
1. Principal Manager
```
### Features supported
```
1. Create Schema
2. Create Credential Definition
3. Offer Credentials
4. Propose Credentials
5. Accept Credential
```
## Test
<hr/>
```bash
# unit tests
$ pnpm test
# e2e tests
$ pnpm test:e2e
# test coverage
$ pnpm test:cov
```
## GDPR
<hr/>
[GDPR](GDPR.md)
## Dependencies
<hr/>
[Dependencies](package.json)
## License
<hr/>
[Apache 2.0 license](LICENSE)
apps/attestation-manager/deployment/helm/Chart.yaml deleted 100644 → 0
+ 0
6
View file @ ebb39da2
apiVersion: v1
appVersion: v1.0.4-rc
description: attestation-manager deployment
name: attestation-manager
version: 1.0.4
icon: 'https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg'
apps/attestation-manager/deployment/helm/LICENSE deleted 100644 → 0
+ 0
15
View file @ ebb39da2
Deployment recipe for OCM attestation manager.
Copyright 2022 Vereign AG
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
apps/attestation-manager/deployment/helm/README.md deleted 100644 → 0
+ 0
68
View file @ ebb39da2
# attestation-manager
![Version: 1.0.1](https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square) ![AppVersion: v1.0.1-rc](https://img.shields.io/badge/AppVersion-v1.0.1--rc-informational?style=flat-square)
attestation-manager deployment
## Values
| Key | Type | Default | Description |
| ----------------------------------------------------------------- | ------ | ------------------------------------------------------- | -------------------------------------------------------------- |
| attestationManager.acceptMembershipCredentialsConfig | string | `"AUTO"` | |
| attestationManager.agent.host | string | `"ssi-abstraction"` | |
| attestationManager.agent.port | int | `3010` | |
| attestationManager.agent.protocol | string | `"http"` | |
| attestationManager.database.db | string | `"ocm_attestation_manager"` | |
| attestationManager.database.host | string | `"postgresql-postgresql-ha-postgresql.infra"` | |
| attestationManager.database.password | string | `"ocm_attestation_manager"` | |
| attestationManager.database.port | int | `5432` | |
| attestationManager.database.schema | string | `"attestation"` | |
| attestationManager.database.user | string | `"ocm_attestation_manager"` | |
| attestationManager.elastic.port | int | `9200` | |
| attestationManager.elastic.protocol | string | `"http"` | |
| attestationManager.elastic.url | string | `"elasticsearch"` | |
| attestationManager.nats.port | int | `4222` | |
| attestationManager.nats.protocol | string | `"nats"` | |
| attestationManager.nats.url | string | `"nats"` | |
| attestationManager.url.attestationManager | string | `"https://gaiax.vereign.com/ocm/attestation"` | |
| attestationManager.url.connectionManager | string | `"https://gaiax.vereign.com/ocm/connection"` | |
| attestationManager.url.tsa | string | `"https://gaiax.vereign.com/tsa/policy/policy/example"` | |
| autoscaling.enabled | bool | `false` | Enable autoscaling |
| autoscaling.maxReplicas | int | `3` | Maximum replicas |
| autoscaling.minReplicas | int | `1` | Minimum replicas |
| autoscaling.targetCPUUtilizationPercentage | int | `70` | CPU target for autoscaling trigger |
| autoscaling.targetMemoryUtilizationPercentage | int | `70` | Memory target for autoscaling trigger |
| image.name | string | `"gaiax/attestation-manager"` | Image name |
| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy |
| image.pullSecrets | string | `"deployment-key-light"` | Image pull secret when internal image is used |
| image.repository | string | `"eu.gcr.io/vrgn-infra-prj"` | |
| image.sha | string | `""` | Image sha, usually generated by the CI Uses image.tag if empty |
| image.tag | string | `""` | Image tag Uses .Chart.AppVersion if empty |
| ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt-production-http"` | |
| ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | |
| ingress.annotations."kubernetes.io/ingress.global-static-ip-name" | string | `"dev-light-public"` | |
| ingress.annotations."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/$2"` | |
| ingress.enabled | bool | `true` | |
| ingress.frontendDomain | string | `"gaiax.vereign.com"` | |
| ingress.frontendTlsSecretName | string | `"cert-manager-tls"` | |
| ingress.tlsEnabled | bool | `true` | |
| log.encoding | string | `"json"` | |
| log.level | string | `"INFO"` | |
| metrics.enabled | bool | `true` | Enable prometheus metrics |
| metrics.port | int | `2112` | Port for prometheus metrics |
| name | string | `"ssi-abstraction"` | Application name |
| nameOverride | string | `""` | Ovverwrites application name |
| podAnnotations | object | `{}` | |
| replicaCount | int | `1` | Default number of instances to start |
| resources.limits.cpu | string | `"150m"` | |
| resources.limits.memory | string | `"128Mi"` | |
| resources.requests.cpu | string | `"25m"` | |
| resources.requests.memory | string | `"64Mi"` | |
| security.runAsGid | int | `0` | Group used by the apps |
| security.runAsNonRoot | bool | `false` | by default, apps run as non-root |
| security.runAsUid | int | `0` | User used by the apps |
| service.port | int | `3005` | |
---
Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)
apps/attestation-manager/deployment/helm/templates/_helpers.tpl deleted 100644 → 0
+ 0
94
View file @ ebb39da2
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "app.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "app.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" $name .Release.Namespace | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create instance name based on app version and short image sha.
*/}}
{{- define "app.revision" -}}
{{- default .Release.Name .Values.appRel | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "app.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "app.labels" -}}
helm.sh/chart: {{ include "app.chart" . }}
{{ include "app.selectorLabels" . }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Selector labels
*/}}
{{- define "app.selectorLabels" -}}
app.kubernetes.io/name: {{ include "app.name" . }}
app.kubernetes.io/component: {{ include "app.fullname" . }}
{{- end -}}
{{/*
Metrics Annotations
*/}}
{{- define "app.metricsAnnotations" -}}
{{- if .Values.metrics.enabled -}}
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.metrics.port }}"
prometheus.io/path: {{ .Values.metrics.path | default "/metrics" | quote }}
{{- end -}}
{{- end -}}
{{/*
Image string
*/}}
{{- define "app.image" -}}
{{- if .Values.image.sha -}}
{{ .Values.image.repository }}/{{ .Values.image.name }}@{{ .Values.image.sha }}
{{- else -}}
{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}
{{- end -}}
{{- end -}}
{{/*
Security context
*/}}
{{- define "app.securitycontext" -}}
runAsNonRoot: {{ .Values.security.runAsNonRoot | default false }}
runAsGroup: {{ .Values.security.runAsGid | default 0 }}
runAsUser: {{ .Values.security.runAsUid | default 0 }}
fsGroup: {{ .Values.security.runAsGid | default 0 }}
{{- end -}}
{{/*
PostgreSQL Connection string URI
*/}}
{{- define "app.postgresql.connectionstring" -}}
postgresql://{{ .Values.attestationManager.database.user }}:{{ .Values.attestationManager.database.password }}@{{ .Values.attestationManager.database.host }}:{{ .Values.attestationManager.database.port }}/{{ .Release.Namespace }}_{{ include "app.name" . | replace "-" "_" }}?schema={{ .Values.attestationManager.database.schema }}
{{- end -}}
{{/*
Ingress custom path.
*/}}
{{- define "app.path" -}}
{{- default .Chart.Name .Values.ingress.pathOverride | replace "-manager" "" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
apps/attestation-manager/deployment/helm/templates/deployment.yaml deleted 100644 → 0
+ 0
81
View file @ ebb39da2
apiVersion: apps/v1
kind: Deployment
metadata:
name: "{{ template "app.name" . }}"
namespace: {{ .Release.Namespace }}
labels:
{{- include "app.labels" . | nindent 4 }}
app.kubernetes.io/instance: {{ include "app.revision" . }}
app.kubernetes.io/part-of: rse
spec:
replicas: {{ .Values.replicaCount }}
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
{{- include "app.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "app.labels" . | nindent 8 }}
annotations:
{{- include "app.metricsAnnotations" . | nindent 8 }}
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
securityContext:
{{- include "app.securitycontext" . | nindent 8 }}
imagePullSecrets:
- name: {{ .Values.image.pullSecrets }}
containers:
- name: {{ template "app.name" . }}
image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: PORT
value: {{ .Values.service.port | quote }}
- name: DATABASE_URL
value: {{ template "app.postgresql.connectionstring" (merge (dict "application" "true") .) }}
- name: NATS_URL
value: "{{ .Values.attestationManager.nats.protocol }}://{{ .Values.attestationManager.nats.url }}:{{ .Values.attestationManager.nats.port }}"
- name: ECSURL
value: "{{ .Values.attestationManager.elastic.protocol }}://{{ .Values.attestationManager.elastic.url }}:{{ .Values.attestationManager.elastic.port }}/"
- name: LOG_LEVEL
value: {{ .Values.log.level | default "INFO" }}
- name: LOG_ENCODING
value: {{ .Values.log.encoding | default "json" }}
- name: AGENT_URL
value: "{{ .Values.attestationManager.agent.protocol }}://{{ .Values.attestationManager.agent.host }}:{{ .Values.attestationManager.agent.port }}"
- name: ACCEPT_MEMBERSHIP_CREDENTIALS_CONFIG
value: {{ .Values.attestationManager.acceptMembershipCredentialsConfig }}
- name: TSA_URL
value: {{ .Values.attestationManager.url.tsa }}
- name: CONNECTION_MANAGER_URL
value: {{ .Values.attestationManager.url.connectionManager }}
- name: ATTESTATION_MANAGER_URL
value: {{ .Values.attestationManager.url.attestationManager }}
{{- if .Values.extraVars }}
{{ toYaml .Values.extraVars | indent 8 }}
{{- end }}
ports:
{{- if .Values.metrics.enabled }}
- name: monitoring
containerPort: {{ .Values.metrics.port }}
{{- end }}
- name: http
containerPort: {{ .Values.service.port }}
readinessProbe:
httpGet:
path: /v1/health
port: {{ .Values.service.port }}
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 2
failureThreshold: 2
timeoutSeconds: 5
resources:
{{ toYaml .Values.resources | indent 10 }}
apps/attestation-manager/deployment/helm/templates/hpa.yaml deleted 100644 → 0
+ 0
27
View file @ ebb39da2
{{- if .Values.autoscaling.enabled }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
labels:
{{- include "app.labels" . | nindent 4 }}
name: {{ template "app.name" . }}
namespace: {{ .Release.Namespace }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ template "app.name" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
metrics:
{{- with .Values.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
{{- end }}
{{- with .Values.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
{{- end }}
{{- end }}
\ No newline at end of file
apps/attestation-manager/deployment/helm/templates/ingress.yaml deleted 100644 → 0
+ 0
29
View file @ ebb39da2
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ template "app.path" . }}
namespace: {{ .Release.Namespace }}
annotations:
{{ toYaml .Values.ingress.annotations | indent 4 }}
labels:
{{- include "app.labels" . | nindent 4 }}
spec:
{{- if .Values.ingress.tlsEnabled }}
tls:
- hosts:
- {{ .Values.ingress.frontendDomain }}
secretName: {{ .Values.ingress.frontendTlsSecretName }}
{{- end }}
rules:
- host: {{ .Values.ingress.frontendDomain }}
http:
paths:
- path: /{{ template "app.path" . }}(/|$)(.*)
pathType: Prefix
backend:
service:
name: {{ template "app.name" . }}
port:
number: {{ .Values.service.port }}
{{- end }}
\ No newline at end of file
apps/attestation-manager/deployment/helm/templates/service.yaml deleted 100644 → 0
+ 0
13
View file @ ebb39da2
apiVersion: v1
kind: Service
metadata:
name: { { template "app.name" . } }
namespace: { { .Release.Namespace } }
labels: { { - include "app.labels" . | nindent 4 } }
spec:
clusterIP: None
ports:
- name: http
port: { { .Values.service.port } }
targetPort: { { .Values.service.port } }
selector: { { - include "app.selectorLabels" . | nindent 4 } }
apps/attestation-manager/deployment/helm/values-override.yaml deleted 100644 → 0
+ 0
37
View file @ ebb39da2
image:
repository: registry.gitlab.com/gaia-x/data-infrastructure-federation-services/ocm
# -- Image name
name: attestation-manager
attestationManager:
url:
tsa: https://tsa.gxfs.dev/policy/policy/example
connectionManager: https://ocm.gxfs.dev/connection
attestationManager: https://ocm.gxfs.dev/attestation
database:
host: vereign-database1-postgres.gxfs-vereign
user: ENC[AES256_GCM,data:mk+oOKURENM=,iv:COwKJMsdTq5rk0L6bgooO2ZfTUlc1s16KWfPOGlJ1lo=,tag:5OXJ6l8DCvOUhinh922IAw==,type:str]
password: ENC[AES256_GCM,data:2DRvp3NP2KWDABEjRFqlfVPwtxsooDJW357jmJ7KEFURlubs3DGbce+5wLLhG8XbpdFZhCFEoNZivREa4LwhIw==,iv:3hqOlGqAT5/g52nSnqa8/ydUprOtWThT4lcoysmy11Q=,tag:0ZWS2zf5/huwhq9KO2HjoQ==,type:str]
db: vereign-database1-postgres
ingress:
frontendDomain: ocm.gxfs.dev
frontendTlsSecretName: wildcard-gxfs-dev
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1nrk70nevtmrcgzjunsed43ar6dk3e06qt7tryqqprj9axv4e0djqa0n0cg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySXY3dzljdWdyamFLNkFW
WHNqeGY3Q09WNnd2blJiTDhhVzdKQ0hjalgwCjR3RGZMdHFyM1lhQXdhcnN5SVE0
NnBwMzlVY2xwTzFQNE5VR3QybnpLb28KLS0tIHU4QVZZRWViNlVKQzg0YVBQWVI5
S3J1amdkVGhBUzhHOEJmWThSbVFNdm8KsBA7cO4f2Zmym8SoIXAzNw0uxaxfDWg9
ryyxpwCjSQD2kuOw9epK/J7DpCkpAmipQSNvmU5ZiNnq9VzdQ8WGEA==
-----END AGE ENCRYPTED FILE-----
lastmodified: '2022-08-04T11:06:04Z'
mac: ENC[AES256_GCM,data:MdbVIQyR5s4efjMB1MIiOJZOueS0R1F4xvoaHEUoWaQ/bIWa3Km/CBijCI4+zqM54tZ3Zs+kMLK0FdHd+TpSujY2Jg6U8JqRHnA4cUEcr1el5pnhqo3lLiSmZXhGJaO9mlPoE/IVDdlrDXgRwexnznvyJn5RUpK1KdTsAU02wBI=,iv:EdCTlV7CDJikksz0HoiShKhKCO6LsOGsTk6GQalw6QA=,tag:QCbYT1Wr3KwcgmR70Qxlvg==,type:str]
pgp: []
encrypted_regex: ^(password|user)$
version: 3.7.3
apps/attestation-manager/deployment/helm/values.yaml deleted 100644 → 0
+ 0
120
View file @ ebb39da2
# -- Default number of instances to start
replicaCount: 1
# -- Application name
name: ssi-abstraction
# -- Ovverwrites application name
nameOverride: ''
image:
repository: eu.gcr.io/vrgn-infra-prj
# -- Image name
name: gaiax/attestation-manager
# -- Image tag
# Uses .Chart.AppVersion if empty
tag: ''
# -- Image sha, usually generated by the CI
# Uses image.tag if empty
sha: ''
# -- Image pull policy
pullPolicy: IfNotPresent
# -- Image pull secret when internal image is used
pullSecrets: deployment-key-light
podAnnotations: {}
##
## Pass extra environment variables to the container.
##
# extraVars:
# - name: EXTRA_VAR_1
# value: extra-var-value-1
# - name: EXTRA_VAR_2
# value: extra-var-value-2
##
## Create new service when true, and use the specified uner name when set to the name specified
##
resources:
requests:
cpu: 25m
memory: 64Mi
limits:
cpu: 150m
memory: 128Mi
## Configure pod autoscaling
##
autoscaling:
# -- Enable autoscaling
enabled: false
# -- Minimum replicas
minReplicas: 1
# -- Maximum replicas
maxReplicas: 3
# -- CPU target for autoscaling trigger
targetCPUUtilizationPercentage: 70
# -- Memory target for autoscaling trigger
targetMemoryUtilizationPercentage: 70
##
## Prometheus Exporter / Metrics
##
metrics:
# -- Enable prometheus metrics
enabled: true
# -- Port for prometheus metrics
port: 2112
log:
level: 'INFO'
encoding: json
##
## Kubernetes [SecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) object.
##
security:
# -- by default, apps run as non-root
runAsNonRoot: false
# -- User used by the apps
runAsUid: 0
# -- Group used by the apps
runAsGid: 0
##
##
service:
port: 3005
attestationManager:
acceptMembershipCredentialsConfig: AUTO
agent:
host: ssi-abstraction
protocol: http
port: 3010
database:
host: postgresql-postgresql-ha-postgresql.infra
user: ocm_attestation_manager
password: ocm_attestation_manager
port: 5432
schema: attestation
db: ocm_attestation_manager
nats:
url: nats
port: 4222
protocol: nats
elastic:
url: elasticsearch
port: 9200
protocol: http
url:
tsa: https://gaiax.vereign.com/tsa/policy/policy/example
connectionManager: https://gaiax.vereign.com/ocm/connection
attestationManager: https://gaiax.vereign.com/ocm/attestation
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
tlsEnabled: true
frontendDomain: gaiax.vereign.com
frontendTlsSecretName: cert-manager-tls
apps/attestation-manager/jest.config.js deleted 100644 → 0
+ 0
49
View file @ ebb39da2
import { readFileSync } from 'node:fs';
const swcConfig = JSON.parse(readFileSync('../../.swcrc', 'utf8'));
/** @type {import('jest').Config} */
export default {
moduleFileExtensions: ['js', 'ts'],
testEnvironment: 'node',
transform: {
'^.+\\.(js|ts)$': [
'@swc/jest',
{
...swcConfig,
sourceMaps: false,
exclude: [],
swcrc: false,
},
],
},
extensionsToTreatAsEsm: ['.ts'],
moduleNameMapper: {
// ESM modules require `.js` extension to be specified, but Jest doesn't work with them
// Removing `.js` extension from module imports
'^uuid$': 'uuid',
'^(.*)/(.*)\\.js$': '$1/$2',
},
collectCoverageFrom: ['src/**/*.(t|j)s'],
coverageReporters:
process.env.CI === 'true'
? ['text-summary', 'json-summary']
: ['text-summary', 'html'],
coveragePathIgnorePatterns: [
'<rootDir>/node_modules/',
'<rootDir>/test/',
'<rootDir>/coverage/',
'<rootDir>/dist/',
'<rootDir>/**/test',
'@types',
'.dto.(t|j)s',
'.enum.ts',
'.interface.ts',
'.type.ts',
'.spec.ts',
],
coverageDirectory: './coverage',
// With v8 coverage provider it's much faster, but
// with this enabled it's not possible to ignore whole files' coverage
coverageProvider: 'v8',
};
apps/attestation-manager/nest-cli.json deleted 100644 → 0
+ 0
14
View file @ ebb39da2
{
"$schema": "https://json.schemastore.org/nest-cli",
"collection": "@nestjs/schematics",
"sourceRoot": "src",
"compilerOptions": {
"typeCheck": true,
"builder": {
"type": "swc",
"options": {
"swcrcPath": "../../.swcrc"
}
}
}
}
apps/attestation-manager/package.json deleted 100644 → 0
+ 0
78
View file @ ebb39da2
{
"name": "@ocm/attestation-manager",
"version": "0.0.1",
"description": "",
"author": "Shirdhar",
"private": true,
"license": "Apache-2.0",
"type": "module",
"scripts": {
"clean": "rimraf dist coverage *.tsbuildinfo",
"prebuild": "pnpm clean",
"build": "nest build",
"prebuild:production": "pnpm clean",
"build:production": "pnpm prisma:generate && nest build -p tsconfig.production.json",
"prisma:dbpush": "prisma db push --schema=./src/prisma/schema.prisma",
"prisma:generate": "prisma generate --schema=./src/prisma/schema.prisma",
"prisma:migrate": "prisma migrate deploy --schema=./src/prisma/schema.prisma",
"prisma:studio": "prisma studio",
"start": "nest start",
"start:dev": "nest start --watch --preserveWatchOutput",
"test": "jest",
"test:watch": "jest --watch",
"test:cov": "jest --coverage",
"test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
"test:e2e": "jest --config ./test/jest.config.js"
},
"dependencies": {
"@elastic/ecs-winston-format": "^1.5.0",
"@nestjs/axios": "^3.0.1",
"@nestjs/common": "^10.2.8",
"@nestjs/config": "^3.1.1",
"@nestjs/core": "^10.2.8",
"@nestjs/mapped-types": "^2.0.3",
"@nestjs/microservices": "^10.2.8",
"@nestjs/platform-express": "^10.2.8",
"@nestjs/swagger": "^7.1.15",
"@nestjs/terminus": "^10.1.1",
"@prisma/client": "^5.6.0",
"class-transformer": "^0.5.1",
"class-validator": "^0.14.0",
"express": "^4.17.3",
"joi": "^17.11.0",
"jsonwebtoken": "^9.0.2",
"jwks-rsa": "^3.1.0",
"liquibase": "^4.4.0",
"moment": "^2.29.4",
"nats": "^2.18.0",
"pg": "^8.11.3",
"reflect-metadata": "^0.1.13",
"rxjs": "^7.8.1",
"swagger-ui-express": "^5.0.0",
"winston": "^3.11.0",
"winston-elasticsearch": "^0.17.4"
},
"devDependencies": {
"@nestjs/cli": "^10.2.1",
"@nestjs/schematics": "^10.0.3",
"@nestjs/testing": "^10.2.8",
"@swc/cli": "^0.1.62",
"@swc/core": "^1.3.96",
"@swc/jest": "^0.2.29",
"@types/express": "^4.17.21",
"@types/jest": "^29.5.8",
"@types/jsonwebtoken": "^9.0.5",
"@types/node": "^20.9.0",
"@types/supertest": "^2.0.16",
"dotenv-cli": "^7.3.0",
"eslint": "^8.53.0",
"jest": "^29.7.0",
"node-mocks-http": "^1.13.0",
"prisma": "^5.6.0",
"rimraf": "^5.0.5",
"source-map-support": "^0.5.21",
"supertest": "^6.3.3",
"ts-node": "^10.9.1",
"typescript": "^5.2.2"
}
}
apps/attestation-manager/src/app.module.ts deleted 100644 → 0
+ 0
53
View file @ ebb39da2
import {
Module,
RequestMethod,
type MiddlewareConsumer,
type NestModule,
} from '@nestjs/common';
import { ConfigModule } from '@nestjs/config';
import { APP_FILTER } from '@nestjs/core';
import { TerminusModule } from '@nestjs/terminus';
import ExceptionHandler from './common/exception.handler.js';
import config from './config/config.js';
import validationSchema from './config/validation.js';
import CredentialDefModule from './credentialDef/module.js';
import HealthController from './health/health.controller.js';
import AttestationModule from './issue-credential/module.js';
import { AuthMiddleware } from './middleware/auth.middleware.js';
import SchemasModule from './schemas/module.js';
import UserInfoModule from './userInfo/module.js';
@Module({
imports: [
TerminusModule,
ConfigModule.forRoot({
isGlobal: true,
load: [config],
validationSchema,
}),
SchemasModule,
AttestationModule,
CredentialDefModule,
UserInfoModule,
],
controllers: [HealthController],
providers: [
{
provide: APP_FILTER,
useClass: ExceptionHandler,
},
],
})
export default class AppModule implements NestModule {
public configure(consumer: MiddlewareConsumer) {
// eslint-disable-line
consumer
.apply(AuthMiddleware)
.exclude({
path: 'v1/health',
method: RequestMethod.GET,
})
.forRoutes('*');
}
}
apps/attestation-manager/src/client/nats.client.ts deleted 100644 → 0
+ 0
36
View file @ ebb39da2
import { Inject, Injectable } from '@nestjs/common';
import { ClientProxy } from '@nestjs/microservices';
import { lastValueFrom } from 'rxjs';
import { Connection, NATSServices } from '../common/constants.js';
@Injectable()
export default class NatsClientService {
public constructor(
@Inject(NATSServices.SERVICE_NAME) private natsClient: ClientProxy,
) {}
public getConnectionById(connectionId: string) {
const pattern = {
endpoint: `${Connection.NATS_ENDPOINT}/${Connection.GET_CONNECTION_BY_ID}`,
};
const payload = { connectionId };
return lastValueFrom(this.natsClient.send(pattern, payload));
}
public connectionTrusted(connectionId: string) {
const pattern = {
endpoint: `${Connection.NATS_ENDPOINT}/${Connection.MAKE_CONNECTION_TRUSTED}`,
};
const payload = { connectionId };
return lastValueFrom(this.natsClient.send(pattern, payload));
}
public getReceivedConnections() {
const pattern = {
endpoint: `${Connection.NATS_ENDPOINT}/${Connection.GET_RECEIVED_CONNECTIONS}`,
};
const payload = {};
return lastValueFrom(this.natsClient.send(pattern, payload));
}
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent