From c4115bdde29c5747a515d62ea547b11d86be04df Mon Sep 17 00:00:00 2001 From: Jaro Hartmann Date: Tue, 14 Nov 2023 15:46:29 +0100 Subject: [PATCH 1/7] chore(workflows): Execute documentation linting on PR --- .github/workflows/publish-documentation.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/publish-documentation.yaml b/.github/workflows/publish-documentation.yaml index f20471c66b..54ae300e76 100644 --- a/.github/workflows/publish-documentation.yaml +++ b/.github/workflows/publish-documentation.yaml @@ -2,6 +2,9 @@ name: Publish documentation on: workflow_dispatch: # Trigger manually + pull_request: + paths: + - 'docs/**' push: branches: - main @@ -104,6 +107,7 @@ jobs: mv docs/src/diagram-replacer/assets/ docs/target/generated-docs/assets/ - name: GitHub Pages action + if: github.ref == refs/heads/main uses: peaceiris/actions-gh-pages@v3.9.3 with: github_token: ${{ secrets.GITHUB_TOKEN }} From 57fd4308a9945a383885ded789b397ab70b65173 Mon Sep 17 00:00:00 2001 From: Jaro Hartmann Date: Tue, 14 Nov 2023 15:47:11 +0100 Subject: [PATCH 2/7] chore(docs): Fix linting issues --- .../building-block-view/whitebox-overall.adoc | 26 +++++++++---------- .../arc42/cross-cutting/safety-security.adoc | 2 +- .../ess-top-down/ess-top-down.adoc | 2 +- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/docs/src/docs/arc42/building-block-view/whitebox-overall.adoc b/docs/src/docs/arc42/building-block-view/whitebox-overall.adoc index 9502356a0e..e72cf6b2e2 100644 --- a/docs/src/docs/arc42/building-block-view/whitebox-overall.adoc +++ b/docs/src/docs/arc42/building-block-view/whitebox-overall.adoc @@ -50,19 +50,19 @@ include::../../../uml-diagrams/building-block-view/whitebox_overall_decentral.pu |Number |Description | 01 -| IrsApiConsumer calls the **IRS** public **API** +| IrsApiConsumer calls the *IRS* public *API* | 02 -| IrsApiConsumer must authorize using **technical C-X User** +| IrsApiConsumer must authorize using *technical C-X User* | 03 -| Delegate authorization request to **IdP** +| Delegate authorization request to *IdP* | 04 -| IRS requesting for **SubmodelAspects** using **EDC** +| IRS requesting for *SubmodelAspects* using *EDC* | 05 -| IRS requesting the **decentral DigitalTwinRegistry** over **EDC** and service discovery flow +| IRS requesting the *decentral DigitalTwinRegistry* over *EDC* and service discovery flow | 06 | IRS uses EDC to ensure sovereign data consumption @@ -71,31 +71,31 @@ include::../../../uml-diagrams/building-block-view/whitebox_overall_decentral.pu | IRS MUST authorize at central IAM | 08 -| IRS lookup for EDC Provider by given BPNs over the **EDC Discovery Service** +| IRS lookup for EDC Provider by given BPNs over the *EDC Discovery Service* | 09 -| IRS lookup for **EDC Discovery Services** by given type over the **Discovery Finder** +| IRS lookup for *EDC Discovery Services* by given type over the *Discovery Finder* | 10 -| IRS uses **Semantic Hub** to validate of **SubmodelAspects** payloads agains the schema provided in **Semantic Hub** +| IRS uses *Semantic Hub* to validate of *SubmodelAspects* payloads agains the schema provided in *Semantic Hub* | 11 | In case "lookupBPNs" is active IRS provides a lookup of company for given BPN | 12 -| **EDC** is connected to **Managed Identity Wallet** for access policy check for data offers +| *EDC* is connected to *Managed Identity Wallet* for access policy check for data offers | 13 -| **EDC** communication covering negotiation and data consumption +| *EDC* communication covering negotiation and data consumption | 14 -| **EDC** is connected to **Managed Identity Wallet** for access policy check for data offers +| *EDC* is connected to *Managed Identity Wallet* for access policy check for data offers | 15 -| **IRS** accessing to **SubmodelServer** on Tier Level using the **EDC** +| *IRS* accessing to *SubmodelServer* on Tier Level using the *EDC* | 16 -| **IRS** accessing the **decentral DigitalTwinRegistry** on Tier Level using the **EDC** +| *IRS* accessing the *decentral DigitalTwinRegistry* on Tier Level using the *EDC* |=== diff --git a/docs/src/docs/arc42/cross-cutting/safety-security.adoc b/docs/src/docs/arc42/cross-cutting/safety-security.adoc index a5e7faee62..6d10d3c4e1 100644 --- a/docs/src/docs/arc42/cross-cutting/safety-security.adoc +++ b/docs/src/docs/arc42/cross-cutting/safety-security.adoc @@ -11,7 +11,7 @@ JWT token should also contain two claims: - 'bpn' which is equal to the configuration value from `API_ALLOWED_BPN` property - 'resource_access' with the specific 'Cl20-CX-IRS' key for C-X environments. (The keys are configurable. For more details see chapter "IRS OAuth2 JWT Token"). The list of values will be converted to roles by IRS. -Currently, IRS API handles two roles: **'admin_irs'** and **'view_irs'.** A valid token with the **'admin_irs'** role can access any endpoint exposed by the IRS API, while a token with the **'view_irs'** role does not have access to policies endpoints and can operate only on resources it owns. +Currently, IRS API handles two roles: *'admin_irs'* and *'view_irs'.* A valid token with the *'admin_irs'* role can access any endpoint exposed by the IRS API, while a token with the *'view_irs'* role does not have access to policies endpoints and can operate only on resources it owns. That means that he only has access to the resources he has created, e.g. jobs and batches. This behavior is shown in the table below. diff --git a/docs/src/docs/arc42/runtime-view/ess-top-down/ess-top-down.adoc b/docs/src/docs/arc42/runtime-view/ess-top-down/ess-top-down.adoc index b7929f23bf..5062d1b797 100644 --- a/docs/src/docs/arc42/runtime-view/ess-top-down/ess-top-down.adoc +++ b/docs/src/docs/arc42/runtime-view/ess-top-down/ess-top-down.adoc @@ -54,7 +54,7 @@ Note: ESS supplier responses are involved in each step of the process. include::../../../../uml-diagrams/runtime-view/use-case-ess-top-down/1_ess-top-down-sequence-highlevel.puml[] .... -=== Step 0: Process initiation: +=== Step 0: Process initiation The process is initiated by an ESS incident, that is received by (or created within) the inquiring company. This ESS incident acts as the root incident for the overall process The incident contains a company name (incl. address) and a valid BPN exists for that company. From 3b664244e7ec62475b12cc721c2b2c58afb0b32f Mon Sep 17 00:00:00 2001 From: Jaro Hartmann Date: Tue, 14 Nov 2023 15:50:49 +0100 Subject: [PATCH 3/7] chore(workflows): Fix condition statement --- .github/workflows/publish-documentation.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-documentation.yaml b/.github/workflows/publish-documentation.yaml index 54ae300e76..946af940bb 100644 --- a/.github/workflows/publish-documentation.yaml +++ b/.github/workflows/publish-documentation.yaml @@ -1,4 +1,4 @@ -name: Publish documentation +name: Lint and Publish documentation on: workflow_dispatch: # Trigger manually @@ -107,7 +107,7 @@ jobs: mv docs/src/diagram-replacer/assets/ docs/target/generated-docs/assets/ - name: GitHub Pages action - if: github.ref == refs/heads/main + if: github.ref == 'refs/heads/main' uses: peaceiris/actions-gh-pages@v3.9.3 with: github_token: ${{ secrets.GITHUB_TOKEN }} From ea2c2e81c4e10c29ba0c4ac65eac333e2aa54780 Mon Sep 17 00:00:00 2001 From: Jaro Hartmann Date: Tue, 14 Nov 2023 16:01:19 +0100 Subject: [PATCH 4/7] chore(workflows): Add cache step to plantuml jar --- .github/workflows/publish-documentation.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-documentation.yaml b/.github/workflows/publish-documentation.yaml index 946af940bb..84f0547eb4 100644 --- a/.github/workflows/publish-documentation.yaml +++ b/.github/workflows/publish-documentation.yaml @@ -12,7 +12,7 @@ on: - 'docs/**' jobs: - publish: + lint-and-publish: # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token permissions: @@ -67,6 +67,13 @@ jobs: asciidoctor-reducer -o docs/target/adminguide.adoc docs/src/docs/administration/administration-guide.adoc asciidoctor-reducer -o docs/target/arc42.adoc docs/src/docs/arc42/full.adoc + - name: Cache plantuml jar + uses: actions/cache@v3 + with: + path: plantuml.jar + key: ${{ runner.os }}-file-${{ hashFiles('plantuml.jar') }} + restore-keys: ${{ runner.os }}-files + - name: Download PlantUML jar run: | wget -O plantuml.jar https://sourceforge.net/projects/plantuml/files/plantuml.jar/download @@ -106,7 +113,7 @@ jobs: run: | mv docs/src/diagram-replacer/assets/ docs/target/generated-docs/assets/ - - name: GitHub Pages action + - name: Update documentation on GitHub Pages if: github.ref == 'refs/heads/main' uses: peaceiris/actions-gh-pages@v3.9.3 with: From 33bce33dab96ddba209e9c8471d9f5926515acbd Mon Sep 17 00:00:00 2001 From: Jaro Hartmann Date: Tue, 14 Nov 2023 16:13:26 +0100 Subject: [PATCH 5/7] chore(workflows): Remove restore key --- .run/IrsApplication.run.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.run/IrsApplication.run.xml b/.run/IrsApplication.run.xml index 0837bbec03..e5631923d0 100644 --- a/.run/IrsApplication.run.xml +++ b/.run/IrsApplication.run.xml @@ -2,7 +2,7 @@