Merge pull request #759 from catenax-ng/revert-758-revert-742-revert-…

…741-revert-737-feature/378-separate-credentials-config feat(impl):[#378] separate credentials config
eclipse-tractusx · Feb 7, 2024 · 40ae1c3 · 40ae1c3
2 parents a0a6ad7 + c16476a
commit 40ae1c3
Show file tree

Hide file tree

Showing 19 changed files with 167 additions and 119 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -18,6 +18,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Updated license header to "Copyright (c) 2021,2024 Contributors to the Eclipse Foundation"
 - Changed lookupGlobalAssetIds to lookupShellsByBPN, which provides full object.
 - Suppressed CVE-2024-20932 from graal-sdk-21.2.0.jar because this is not applicable for IRS.
+- Updated configuration of `DISCOVERY_REST_TEMPLATE` from `ess.discovery.*` to `digitalTwinRegistry.discovery.*` and discovery finder URL from `digitalTwinRegistry.discoveryFinderUrl` to `digitalTwinRegistry.discovery.discoveryFinderUrl`
 - Redesigned Shell object - wrapped payload and added "contractAgreementId" field
 - Changed structure of Policy creation to match EDC format
 - Update irs-registry-client to 1.6.0-SNAPSHOT

diff --git a/charts/irs-helm/CHANGELOG.md b/charts/irs-helm/CHANGELOG.md
@@ -5,6 +5,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Added
+- Added configuration parameters `oauth2.semantics.clientId`,`oauth2.semantics.clientSecret`, `oauth2.discovery.clientId`,`oauth2.discovery.clientSecret`, `oauth2.bpdm.clientId`,`oauth2.bpdm.clientSecret`
+
+### Removed
+- Removed configuration parameters `oauth2.clientId`,`oauth2.clientSecret`, `portal.oauth2.clientId`,`portal.oauth2.clientSecret`
+
+### Changed
+- Changed configuration for discovery finder url from `digitalTwinRegistry.discoveryFinderUrl` to `discovery.discoveryFinderUrl`
 
 ## [6.13.0] - 2024-01-15
 - Update IRS version to 4.4.0

diff --git a/charts/irs-helm/templates/configmap-spring-app-config.yaml b/charts/irs-helm/templates/configmap-spring-app-config.yaml
@@ -56,36 +56,46 @@ data:
         oauth2:
           client:
             registration:
-              common:
-                client-id: "${OAUTH2_CLIENT_ID}" # taken from secret ENV
-                client-secret: "${OAUTH2_CLIENT_SECRET}" # taken from secret ENV
-              portal:
-                client-id: ${PORTAL_OAUTH2_CLIENT_ID} # taken from secret ENV
-                client-secret: ${PORTAL_OAUTH2_CLIENT_SECRET} # taken from secret ENV
+              semantics:
+                client-id: "${SEMANTICS_OAUTH2_CLIENT_ID}" # taken from secret ENV
+                client-secret: "${SEMANTICS_OAUTH2_CLIENT_SECRET}" # taken from secret ENV
+              discovery:
+                client-id: ${DISCOVERY_OAUTH2_CLIENT_ID} # taken from secret ENV
+                client-secret: ${DISCOVERY_OAUTH2_CLIENT_SECRET} # taken from secret ENV
+              bpdm:
+                client-id: ${BPDM_OAUTH2_CLIENT_ID} # taken from secret ENV
+                client-secret: ${BPDM_OAUTH2_CLIENT_SECRET} # taken from secret ENV
             provider:
-              common:
+              semantics:
                 token-uri: {{ tpl (.Values.oauth2.clientTokenUri | default "http://localhost") . | quote }}
-              portal:
+              discovery:
+                token-uri: {{ tpl (.Values.oauth2.clientTokenUri | default "http://localhost") . | quote }}
+              bpdm:
                 token-uri: {{ tpl (.Values.oauth2.clientTokenUri | default "http://localhost") . | quote }}
 
     digitalTwinRegistry:
       descriptorEndpoint: {{ tpl (.Values.digitalTwinRegistry.descriptorEndpoint | default "") . | quote }}
       shellLookupEndpoint: {{ tpl (.Values.digitalTwinRegistry.shellLookupEndpoint | default "") . | quote }}
-      discoveryFinderUrl: {{ tpl (.Values.digitalTwinRegistry.discoveryFinderUrl | default "") . | quote }}
       shellDescriptorTemplate: {{ .Values.digitalTwinRegistry.shellDescriptorTemplate | default "" | quote }}
       lookupShellsTemplate: {{ .Values.digitalTwinRegistry.lookupShellsTemplate | default "" | quote }}
       type: {{ tpl (.Values.digitalTwinRegistry.type | default "") . | quote }}
+      oAuthClientId: {{ .Values.digitalTwinRegistry.oAuthClientId | default "discovery" }}
+      discovery:
+        oAuthClientId: {{ .Values.discovery.oAuthClientId | default "discovery" }} # ID of the OAuth2 client registration to use, see config spring.security.oauth2.client
+        discoveryFinderUrl: {{ tpl (.Values.discovery.discoveryFinderUrl | default "") . | quote }} # The endpoint to discover EDC endpoints to a particular BPN.
 
     semanticshub:
       url: {{ tpl (.Values.semanticshub.url | default "") . | quote }}
       pageSize: {{ tpl (.Values.semanticshub.pageSize | default "100") . }}
       modelJsonSchemaEndpoint: {{ tpl (.Values.semanticshub.modelJsonSchemaEndpoint | default "") . | quote }}
       defaultUrns: {{ tpl (.Values.semanticshub.defaultUrns | default "") . | quote }}
+      oAuthClientId: {{ .Values.semanticshub.oAuthClientId | default "semantics" }}
       {{- if .Values.semanticshub.localModels }}
       localModelDirectory: /app/semantic-models
       {{- end }}
 
     bpdm:
+      oAuthClientId: {{ .Values.bpdm.oAuthClientId | default "bpdm" }}
       bpnEndpoint: {{ tpl (.Values.bpdm.bpnEndpoint | default "") . | quote }}
 
     irs-edc-client:
@@ -129,7 +139,7 @@ data:
       irs:
         url: {{ tpl (.Values.irsUrl | default "") . | quote }}
       discovery:
-        oAuthClientId: {{ .Values.discovery.oAuthClientId | default "portal" }}
+        oAuthClientId: {{ .Values.discovery.oAuthClientId | default "discovery" }}
         {{- if .Values.ess.mockEdcResult }}
         mockEdcResult:
         {{- tpl (toYaml .Values.ess.mockEdcResult) . | nindent 10 }}

diff --git a/charts/irs-helm/templates/deployment.yaml b/charts/irs-helm/templates/deployment.yaml
@@ -81,26 +81,36 @@ spec:
                 secretKeyRef:
                   name: {{ template "irs.secretName" . }}
                   key: minioPassword
-            - name: OAUTH2_CLIENT_ID
+            - name: SEMANTICS_OAUTH2_CLIENT_ID
               valueFrom:
                 secretKeyRef:
                   name: {{ template "irs.secretName" . }}
-                  key: clientId
-            - name: OAUTH2_CLIENT_SECRET
+                  key: semanticsId
+            - name: SEMANTICS_OAUTH2_CLIENT_SECRET
               valueFrom:
                 secretKeyRef:
                   name: {{ template "irs.secretName" . }}
-                  key: clientSecret
-            - name: PORTAL_OAUTH2_CLIENT_ID
+                  key: semanticsSecret
+            - name: DISCOVERY_OAUTH2_CLIENT_ID
               valueFrom:
                 secretKeyRef:
                   name: {{ template "irs.secretName" . }}
-                  key: portalClientId
-            - name: PORTAL_OAUTH2_CLIENT_SECRET
+                  key: discoveryClientId
+            - name: DISCOVERY_OAUTH2_CLIENT_SECRET
               valueFrom:
                 secretKeyRef:
                   name: {{ template "irs.secretName" . }}
-                  key: portalClientSecret
+                  key: discoveryClientSecret
+            - name: BPDM_OAUTH2_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "irs.secretName" . }}
+                  key: bpdmClientId
+            - name: BPDM_OAUTH2_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "irs.secretName" . }}
+                  key: bpdmClientSecret
             - name: EDC_API_KEY_SECRET
               valueFrom:
                 secretKeyRef:

diff --git a/charts/irs-helm/templates/secrets.yaml b/charts/irs-helm/templates/secrets.yaml
@@ -35,10 +35,12 @@ type: Opaque
 data:
   minioUser: {{ .Values.minioUser | default "minio" | b64enc | quote }}
   minioPassword: {{ .Values.minioPassword | default "minioPass" | b64enc | quote }}
-  clientId: {{ .Values.oauth2.clientId | default "clientId" | b64enc | quote }}
-  clientSecret: {{ .Values.oauth2.clientSecret | default "clientSecret" | b64enc | quote }}
-  portalClientId: {{ .Values.portal.oauth2.clientId | default "portalClientId" | b64enc | quote }}
-  portalClientSecret: {{ .Values.portal.oauth2.clientSecret | default "portalClientSecret" | b64enc | quote }}
+  semanticsId: {{ .Values.oauth2.semantics.clientId | default "semanticsId" | b64enc | quote }}
+  semanticsSecret: {{ .Values.oauth2.semantics.clientSecret | default "semanticsSecret" | b64enc | quote }}
+  discoveryClientId: {{ .Values.oauth2.discovery.clientId | default "discoveryClientId" | b64enc | quote }}
+  discoveryClientSecret: {{ .Values.oauth2.discovery.clientSecret | default "discoveryClientSecret" | b64enc | quote }}
+  bpdmClientId: {{ .Values.oauth2.bpdm.clientId | default "bpdmClientId" | b64enc | quote }}
+  bpdmClientSecret: {{ .Values.oauth2.bpdm.clientSecret | default "bpdmClientSecret" | b64enc | quote }}
   edcApiSecret: {{ .Values.edc.controlplane.apikey.secret | toString | default "" | b64enc | quote }}
   {{- if .Values.grafana.enabled }}
   grafanaUser: {{ .Values.grafana.user | default "grafana" | b64enc | quote }}