Skip to content
Snippets Groups Projects
Verified Commit b66131fa authored by Konstantin Tsabolov's avatar Konstantin Tsabolov
Browse files

chore: cleanup documentation

parent 006dbc69
No related branches found
No related tags found
No related merge requests found
Showing
with 44 additions and 2180 deletions
# Base
FROM node:20 AS base
ARG APP_HOME=/home/node/app
ARG SERVICE
WORKDIR ${APP_HOME}
WORKDIR /home/node/app
RUN corepack enable
......@@ -21,62 +20,60 @@ RUN pnpm install --frozen-lockfile
FROM base AS build-shared
COPY apps/shared ./apps/shared
COPY --from=dependencies ${APP_HOME}/package.json ${APP_HOME}/pnpm-lock.yaml ${APP_HOME}/pnpm-workspace.yaml ${APP_HOME}/tsconfig*.json ${APP_HOME}/.swcrc ./
COPY --from=dependencies ${APP_HOME}/node_modules ./node_modules
COPY --from=dependencies ${APP_HOME}/apps/shared/node_modules ./apps/shared/node_modules
COPY --from=dependencies ${APP_HOME}/patches ./patches
COPY --from=dependencies /home/node/app/package.json /home/node/app/pnpm-lock.yaml /home/node/app/pnpm-workspace.yaml /home/node/app/tsconfig*.json /home/node/app/.swcrc ./
COPY --from=dependencies /home/node/app/node_modules ./node_modules
COPY --from=dependencies /home/node/app/apps/shared/node_modules ./apps/shared/node_modules
COPY --from=dependencies /home/node/app/patches ./patches
RUN pnpm --filter shared build
# Build DevTools
FROM base AS build-devtools
COPY --from=dependencies ${APP_HOME}/package.json ${APP_HOME}/pnpm-lock.yaml ${APP_HOME}/pnpm-workspace.yaml ${APP_HOME}/tsconfig*.json ${APP_HOME}/.swcrc ./
COPY --from=dependencies ${APP_HOME}/node_modules ./node_modules
COPY --from=dependencies ${APP_HOME}/devtools/node_modules ./devtools/node_modules
COPY --from=dependencies ${APP_HOME}/patches ./patches
COPY --from=build-shared ${APP_HOME}/apps/shared ./apps/shared
COPY --from=dependencies /home/node/app/package.json /home/node/app/pnpm-lock.yaml /home/node/app/pnpm-workspace.yaml /home/node/app/tsconfig*.json /home/node/app/.swcrc ./
COPY --from=dependencies /home/node/app/node_modules ./node_modules
COPY --from=dependencies /home/node/app/devtools/node_modules ./devtools/node_modules
COPY --from=dependencies /home/node/app/patches ./patches
COPY --from=build-shared /home/node/app/apps/shared ./apps/shared
COPY devtools ./devtools
RUN pnpm --filter devtools build && pnpm --filter devtools --prod deploy build
# Final devtools
FROM node:20-slim AS devtools
ARG APP_HOME=/home/node/app
ARG NODE_ENV=production
ENV NODE_ENV=${NODE_ENV}
WORKDIR ${APP_HOME}
WORKDIR /home/node/app
CMD ["node", "dist/server.js"]
COPY --from=build-devtools --chown=node:node ${APP_HOME}/build/dist ./dist
COPY --from=build-devtools --chown=node:node ${APP_HOME}/build/node_modules ./node_modules
COPY --from=build-devtools --chown=node:node ${APP_HOME}/build/package.json .
COPY --from=build-devtools --chown=node:node /home/node/app/build/dist ./dist
COPY --from=build-devtools --chown=node:node /home/node/app/build/node_modules ./node_modules
COPY --from=build-devtools --chown=node:node /home/node/app/build/package.json .
USER node
# Build service
FROM base AS build-service
COPY --from=dependencies ${APP_HOME}/package.json ${APP_HOME}/pnpm-lock.yaml ${APP_HOME}/pnpm-workspace.yaml ${APP_HOME}/tsconfig*.json ${APP_HOME}/.swcrc ./
COPY --from=dependencies ${APP_HOME}/node_modules ./node_modules
COPY --from=dependencies ${APP_HOME}/patches ./patches
COPY --from=build-shared ${APP_HOME}/apps/shared ./apps/shared
COPY --from=dependencies /home/node/app/package.json /home/node/app/pnpm-lock.yaml /home/node/app/pnpm-workspace.yaml /home/node/app/tsconfig*.json /home/node/app/.swcrc ./
COPY --from=dependencies /home/node/app/node_modules ./node_modules
COPY --from=dependencies /home/node/app/patches ./patches
COPY --from=build-shared /home/node/app/apps/shared ./apps/shared
COPY apps/${SERVICE} ./apps/${SERVICE}
RUN pnpm install --frozen-lockfile && pnpm --filter ${SERVICE} build && pnpm --filter ${SERVICE} --prod deploy build
# Final
FROM node:20-slim AS final
ARG APP_HOME=/home/node/app
ARG NODE_ENV=production
ENV NODE_ENV=${NODE_ENV}
WORKDIR ${APP_HOME}
WORKDIR /home/node/app
CMD ["node", "dist/main.js"]
COPY --from=build-service --chown=node:node ${APP_HOME}/build/dist ./dist
COPY --from=build-service --chown=node:node ${APP_HOME}/build/node_modules ./node_modules
COPY --from=build-service --chown=node:node ${APP_HOME}/build/package.json .
COPY --from=build-service --chown=node:node /home/node/app/build/dist ./dist
COPY --from=build-service --chown=node:node /home/node/app/build/node_modules ./node_modules
COPY --from=build-service --chown=node:node /home/node/app/build/package.json .
# Cut unnecessary stuff from package.json. Only leave name, version, description and module type
RUN node -e "\
......
......@@ -24,34 +24,37 @@ OCM (Organizational Credential Manager) is a Node.js-based microservice system d
cd ocm-engine
```
3. Install dependencies:
3. Start the whole stack in Docker Compose:
```bash
pnpm i
docker compose up -d
```
4. Start the services locally:
OR
3. Install dependencies:
```bash
pnpm -F ssi-abstraction start
pnpm -F connection-manager start
...
pnpm i
```
5. Or start the whole stack in Docker Compose:
4. Create `.env` files for services:
```bash
docker compose up -d
cp apps/ssi-abstraction/.env.example apps/ssi-abstraction/.env
cp apps/connection-manager/.env.example apps/connection-manager/.env
cp apps/credential-manager/.env.example apps/credential-manager/.env
cp apps/did-manager/.env.example apps/did-manager/.env
cp apps/proof-manager/.env.example apps/proof-manager/.env
cp apps/schema-manager/.env.example apps/schema-manager/.env
```
6. Create a new tenant:
4. Start the services locally:
```bash
pnpm createTenant [tenantName]
pnpm start
```
Desired label for the new tenant could be set with `tenantName`.
## Example Flows (OCM Usage)
Please refer to [OCM-flow-overview](documentation/ocm-flow-overview.md)
......
......@@ -4,3 +4,7 @@ NATS_URL=nats://localhost:4222
NATS_USER=nats_user
NATS_PASSWORD=nats_password
NATS_MONITORING_URL=http://localhost:8222
POLICIES_URL=http://localhost:4100
POLICIES_AUTO_REVOCATION_POLICY=policies/xfsc/auto_revocation/1.0
POLICIES_AUTO_REISSUE_POLICY=policies/xfsc/auto_reissue/1.0
POLICIES_REFRESH_POLICY=policies/xfsc/refresh/1.0
......@@ -11,7 +11,7 @@ AGENT_WALLET_ID=ssi-wallet-id
AGENT_WALLET_KEY=ssi-wallet-key
AGENT_HOST=http://localhost
AGENT_INBOUND_PORT=3001
AGENT_PUBLIC_DID_SEED=6b8b882e2618fa5d45ee7229ca000000
AGENT_INDY_DID_SEED=6b8b882e2618fa5d45ee7229ca000000
AGENT_AUTO_ACCEPT_CONNECTION=true
AGENT_AUTO_ACCEPT_CREDENTIAL=contentApproved
AGENT_LEDGER_ID=BCOVRIN_TEST
......
......@@ -61,7 +61,7 @@ spec:
value: {{ .Values.ssiAbstraction.agent.inboundPort | quote }}
- name: AGENT_URL_PATH
value: {{ .Values.ssiAbstraction.agent.urlPath | quote }}
- name: AGENT_PUBLIC_DID_SEED
- name: AGENT_INDY_DID_SEED
value: {{ .Values.ssiAbstraction.agent.publicDidSeed | quote }}
- name: AGENT_AUTO_ACCEPT_CONNECTION
value: {{ .Values.ssiAbstraction.agent.autoAcceptConnection | quote }}
......
......@@ -74,7 +74,7 @@ services:
AGENT_WALLET_KEY: ssi-wallet-key
AGENT_HOST: http://ssi-abstraction
AGENT_INBOUND_PORT: 3001
AGENT_PUBLIC_DID_SEED: 000000000000000_OCM_E2E_ENDORSER
AGENT_INDY_DID_SEED: 000000000000000_OCM_E2E_ENDORSER
AGENT_AUTO_ACCEPT_CONNECTION: true
AGENT_AUTO_ACCEPT_CREDENTIAL: contentApproved
AGENT_LEDGER_ID: BCOVRIN_TEST
......
This diff is collapsed.
This diff is collapsed.
File deleted
documentation/GAIA-X-OCM.Participant Onboarding.drawio.png

150 KiB

documentation/GAIA-X-Overview-blockDiagram.png

105 KiB

{
"id": "a78e1388-afe8-405d-8d5e-273f5dd3ad34",
"name": "GAIAX-Complete-Flow-GX",
"values": [
{
"key": "email",
"value": "tagotejo@zetmail.com",
"type": "default",
"enabled": true
},
{
"key": "password",
"value": "password@123",
"type": "default",
"enabled": true
},
{
"key": "otp_received",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "otpId",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "part-id",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "conn-id",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "schema-id",
"value": "7KuDTpQh3GJ7Gp6kErpWvM:2:pizza_sandwich_230622:23.06.22",
"type": "default",
"enabled": true
},
{
"key": "cred-def-id",
"value": "AXF7h6Jiz3At18H5Mgrcwh:3:CL:242632:KYC_Cred_Def",
"type": "default",
"enabled": true
},
{
"key": "cred-offer-id",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "presentation-id",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "schema_attr",
"value": "[ \"fName\",\"lName\", \"gender\"]",
"type": "default",
"enabled": true
},
{
"key": "email2",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "password2",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "pcm-vc-cred-def-id",
"value": "",
"type": "default",
"enabled": true
},
{
"key": "oob-presentation-id",
"value": "",
"type": "any",
"enabled": true
},
{
"key": "Con_man_baseURL",
"value": "https://gaiax.vereign.com/ocm/connection/",
"enabled": true
},
{
"key": "Onboarding_man_baseURL",
"value": "http://3.111.77.38:3004",
"type": "default",
"enabled": true
},
{
"key": "proof_man_baseURL",
"value": "https://gaiax.vereign.com/ocm/proof",
"enabled": true
},
{
"key": "att_man_baseURL",
"value": "https://gaiax.vereign.com/ocm/attestation",
"type": "default",
"enabled": true
},
{
"key": "pcm-schema-id",
"value": "",
"type": "any",
"enabled": true
},
{
"key": "prpsl_conn-id",
"value": "",
"type": "any",
"enabled": true
},
{
"key": "oob_type-presentation-id",
"value": "",
"type": "any",
"enabled": true
},
{
"key": "princi_man_baseURL",
"value": "https://gaiax.vereign.com/ocm/principal",
"type": "default",
"enabled": true
},
{
"key": "accptfa_conn-id",
"value": "",
"type": "any",
"enabled": true
},
{
"key": "accptfa_credID",
"value": "",
"type": "any",
"enabled": true
},
{
"key": "proofpfa_presentaionID",
"value": "",
"type": "any",
"enabled": true
}
],
"_postman_variable_scope": "environment",
"_postman_exported_at": "2022-07-06T14:10:05.351Z",
"_postman_exported_using": "Postman/9.24.0"
}
This diff is collapsed.
```mermaid
sequenceDiagram
participant OCM Admin
participant OCM Attestation Manager
par
OCM Admin ->> OCM Attestation Manager: Calls the POST method credentialDef with relevant attributes.
OCM Attestation Manager ->> OCM Admin: Responds with status code 201, with message 'Credential definition created successfully', if credential definition is created on ledger successfully
end
```
```mermaid
sequenceDiagram
participant OCM Admin
participant OCM Attestation Manager
par
OCM Admin ->> OCM Attestation Manager: Calls the POST method Schemas with relevant attributes.
OCM Attestation Manager ->> OCM Admin: Responds with status code 201, with message 'Schema created successfully', if schema is created on ledger successfully
end
```
# OCM ER Diagram
```mermaid
erDiagram
Participant ||--o{ Schema : Creates-Consume
Schema ||--|{ Attributes : Has
CredentialDef ||--|| Schema : Has
Connection ||--o{ Credential : Issues
Credential ||--|| CredentialDef : Has
Participant ||--o{ Connection : Has
Proof }o--|| Connection : Requests
Agent }o--|| Participant : Has
Agent ||--|{ Ledger : Has
User }|--|| Participant : Has
Config {
uuid id
string key
string value
DateTime created_date
DateTime updated_date
}
Participant {
uuid id
string name
string address
string website
DateTime created_date
uuid created_by
DateTime updated_date
uuid updated_by
}
User {
uuid id
string email
string password
Boolean is_verified
Role role
uuid participant_id
DateTime created_date
uuid created_by
DateTime updated_date
uuid updated_by
}
Agent {
uuid id
uuid participant_id
string agent_url
string invitation_url
string public_did
string wallet_name
string status
DateTime created_date
uuid created_by
DateTime updated_date
uuid updated_by
}
Ledger {
uuid id
uuid agent_id
string network
Blob genesis_file
string environment
DateTime created_date
DateTime updated_date
}
Schema {
uuid id
string schemaID
string participant_did
string name
DateTime created_date
uuid created_by
DateTime updated_date
uuid updated_by
}
Attributes {
uuid id
string schemaID
string name
DateTime created_date
uuid created_by
DateTime updated_date
uuid updated_by
}
Credential {
uuid id
uuid exchange_id
uuid cred_def_id
string connection_id
string participant_id
string principal_did
DateTime created_date
DateTime updated_date
}
CredentialDef {
uuid id
string cred_def_id
string schemaID
string name
Boolean is_auto_issue
Boolean is_revokable
DateTime created_date
uuid created_by
DateTime updated_date
uuid updated_by
}
Connection {
uuid id
string connection_id
string status
string participant_did
string their_did
string their_label
DateTime created_date
uuid created_by
DateTime updated_date
uuid updated_by
}
Proof {
uuid id
string presentation_id
string credential_def_id
string participant_did
string their_did
string status
DateTime created_date
DateTime updated_date
}
```
```mermaid
sequenceDiagram
participant PCM User
participant PCM App
participant OCM Admin
participant OCM Attestation Manager
par
OCM Admin ->> OCM Attestation Manager: Calls the POST method create-offer-Credential with connectionId, credentialDefinitionId and relevant attributes and their values.
OCM Attestation Manager ->> PCM App: Offers the Credential to the corresponding PCM
PCM User->> PCM App: Accepts the Credential
PCM App ->> OCM Attestation Manager: Sends acknowledgement
OCM Attestation Manager ->> PCM App: Accepts the acknowledgement on accept-request API, and issues the Verifiable Credential, which gets stored in PCM wallet.
end
```
# OCM ER Diagram
```mermaid
flowchart LR
gateway[API Gateway] -->Connection
subgraph test
service1 --> service2
subgraph subgraph
subgraph2-->subgraph1
end
end
```
# Onboarding Diagram
```mermaid
flowchart LR
subgraph AA["Authentication & Authorization"]
g-reg["Registration"]
end
subgraph gaiax[Gaiax]
TSA["Trust Services API"]
subgraph ocm
AISBL
Services-->g-db
g-reg-->Services
Services-- Request -->AISBL
AISBL-- callback -->Services
end
g-db[(Database)]
end
subgraph ayanworks[Ayanworks]
aAdmin((Admin))
aAdmin-->g-reg
a-ocm["OCM Services"]-- Request -->a-afj
a-afj["AFJ"]-- callback -->a-ocm
a-ocm-->a-db[(Database)]
AISBL-- "Credential Issue v2" -->a-afj
a-TSA["Trust Service API"]
end
subgraph vereign[Vereign]
vAdmin((Admin))
vAdmin-->g-reg
v-ocm["OCM Services"]-- Request -->v-afj
v-afj["AFJ"]-- callback -->v-ocm
v-ocm-->v-db[(Database)]
AISBL-- "Credential Issue v2" -->v-afj
v-TSA["Trust Service API"]
end
subgraph pcm[PCM]
p-afj["Mobile Aries Agent"]-- "Registration connection" -->AISBL
p-afj-- "Subscription Connection" -->v-afj
end
subgraph Certifier
cAriesAgent["Aries Agent"]-- eIDAS VC -->a-afj
cAriesAgent["Aries Agent"]-- eIDAS VC -->v-afj
end
```
```mermaid
sequenceDiagram
participant PCM User
participant PCM App
participant OCM Admin
participant OCM Proof Manager
par
OCM Admin ->> OCM Proof Manager: Calls the POST method send-out-of-band-presentation-request, with either schemaId or credentialDefinitionId and required attributes.
OCM Proof Manager ->> OCM Admin: Sends the URL generated of proof presentation request
OCM Admin->> OCM Admin: Receives the URL and converts it to QR code and displays the same.
PCM App ->> OCM Admin: Scans the QR code for Out of Band Proof Presentation.
PCM User ->> PCM App: The User accepts to share the requested attributes of specified credential.
PCM App ->> OCM Proof Manager: Sends the requested attributes, if proof verification is successful it sets isVerified as true and state as done in the database.
OCM Admin ->> OCM Proof Manager: Calls Get method find-by-presentation-id API, against the presentation-id of proof request, and confirms the status of isVerified and state.
end
```
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment