Merge pull request #735 from TNO/line-endings

Line endings

Author: bnouwt

.github/workflows/docker-image.yml

@@ -1,45 +1,45 @@
-name: Docker Image CI
-
-on:
-  push:
-    branches: [ "master" ]
-  pull_request:
-    branches: [ "master" ]
-
-env:
-  MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true
-  MAVEN_CLI_OPTS: --batch-mode --errors --fail-at-end --show-version
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Set up JDK 17
-      uses: actions/setup-java@v3
-      with:
-        java-version: '17'
-        distribution: 'temurin'
-    - uses: actions/checkout@v4
-    - name: Set up QEMU
-      uses: docker/setup-qemu-action@v3
-    - name: Run the Maven verify phase
-      run: mvn $MAVEN_CLI_OPTS verify
-    - name: Build Docker image for Knowledge Directory
-      uses: docker/build-push-action@v6
-      with:
-        context: ./knowledge-directory
-        platforms: linux/amd64
-        tags: knowledge-directory
-        load: true
-    - name: Build Docker image for Smart Connector
-      uses: docker/build-push-action@v6
-      with:
-        context: ./smart-connector-rest-dist
-        platforms: linux/amd64
-        tags: smart-connector
-        load: true
-    - name: Build and start smoke test
-      run: docker compose -f ".github/workflows/docker-smoke-test" up -d --build
-    - name: Check smoke test status
-      run: sleep 60s && test $(docker info --format '{{json .ContainersRunning}}') == 5
-      shell: bash
+name: Docker Image CI
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+
+env:
+  MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true
+  MAVEN_CLI_OPTS: --batch-mode --errors --fail-at-end --show-version
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Set up JDK 17
+      uses: actions/setup-java@v3
+      with:
+        java-version: '17'
+        distribution: 'temurin'
+    - uses: actions/checkout@v4
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v3
+    - name: Run the Maven verify phase
+      run: mvn $MAVEN_CLI_OPTS verify
+    - name: Build Docker image for Knowledge Directory
+      uses: docker/build-push-action@v6
+      with:
+        context: ./knowledge-directory
+        platforms: linux/amd64
+        tags: knowledge-directory
+        load: true
+    - name: Build Docker image for Smart Connector
+      uses: docker/build-push-action@v6
+      with:
+        context: ./smart-connector-rest-dist
+        platforms: linux/amd64
+        tags: smart-connector
+        load: true
+    - name: Build and start smoke test
+      run: docker compose -f ".github/workflows/docker-smoke-test" up -d --build
+    - name: Check smoke test status
+      run: sleep 60s && test $(docker info --format '{{json .ContainersRunning}}') == 5
+      shell: bash

.github/workflows/docker-smoke-test

@@ -1,46 +1,46 @@
-services:
-  knowledge-directory:
-    image: knowledge-directory
-
-  runtime-1:
-    image: smart-connector
-    environment: 
-      KE_RUNTIME_PORT: 8081 
-      KE_RUNTIME_EXPOSED_URL: http://runtime-1:8081 
-      KD_URL: http://knowledge-directory:8282
-  runtime-2:
-    image: smart-connector
-    environment: 
-      KE_RUNTIME_PORT: 8081
-      KE_RUNTIME_EXPOSED_URL: http://runtime-2:8081
-      KD_URL: http://knowledge-directory:8282
-  
-  kb1:
-    build: ../../examples/common/asking_kb
-    environment:
-      KE_URL: http://runtime-1:8280/rest
-      KB_ID: http://example.org/kb1
-      PREFIXES: |
-        {
-          "ex": "http://example.org/"
-        }
-      GRAPH_PATTERN: |
-        ?a ex:relatedTo ?b .
-  kb2:
-    build: ../../examples/common/answering_kb
-    environment:
-      KE_URL: http://runtime-2:8280/rest
-      KB_ID: http://example.org/kb2
-      PREFIXES: |
-        {
-          "ex": "http://example.org/"
-        }
-      GRAPH_PATTERN: |
-        ?a ex:relatedTo ?b .
-      KB_DATA: |
-        [
-          {
-            "a": "<http://example.org/Math>",
-            "b": "<http://example.org/Science>"
-          }
+services:
+  knowledge-directory:
+    image: knowledge-directory
+
+  runtime-1:
+    image: smart-connector
+    environment: 
+      KE_RUNTIME_PORT: 8081 
+      KE_RUNTIME_EXPOSED_URL: http://runtime-1:8081 
+      KD_URL: http://knowledge-directory:8282
+  runtime-2:
+    image: smart-connector
+    environment: 
+      KE_RUNTIME_PORT: 8081
+      KE_RUNTIME_EXPOSED_URL: http://runtime-2:8081
+      KD_URL: http://knowledge-directory:8282
+  
+  kb1:
+    build: ../../examples/common/asking_kb
+    environment:
+      KE_URL: http://runtime-1:8280/rest
+      KB_ID: http://example.org/kb1
+      PREFIXES: |
+        {
+          "ex": "http://example.org/"
+        }
+      GRAPH_PATTERN: |
+        ?a ex:relatedTo ?b .
+  kb2:
+    build: ../../examples/common/answering_kb
+    environment:
+      KE_URL: http://runtime-2:8280/rest
+      KB_ID: http://example.org/kb2
+      PREFIXES: |
+        {
+          "ex": "http://example.org/"
+        }
+      GRAPH_PATTERN: |
+        ?a ex:relatedTo ?b .
+      KB_DATA: |
+        [
+          {
+            "a": "<http://example.org/Math>",
+            "b": "<http://example.org/Science>"
+          }
         ]

admin-ui/src/main/java/eu/knowledge/engine/admin/AdminUIConfig.java

@@ -1,13 +1,13 @@
-package eu.knowledge.engine.admin;
-
-public class AdminUIConfig {
-
-	/**
-	 * The key to configure how long (in milliseconds) should the Admin UI wait
-	 * until it tries to ask for all KBs in the network. This value should probably
-	 * be higher in distributed mode, to allow the participants to reach equilibrium
-	 * with respect to knowledge about each other.
-	 */
-	public static final String CONF_KEY_INITIAL_ADMIN_UI_DELAY = "initial.admin.ui.delay";
-
-}
+package eu.knowledge.engine.admin;
+
+public class AdminUIConfig {
+
+	/**
+	 * The key to configure how long (in milliseconds) should the Admin UI wait
+	 * until it tries to ask for all KBs in the network. This value should probably
+	 * be higher in distributed mode, to allow the participants to reach equilibrium
+	 * with respect to knowledge about each other.
+	 */
+	public static final String CONF_KEY_INITIAL_ADMIN_UI_DELAY = "initial.admin.ui.delay";
+
+}

docs/docs/glossary.md

@@ -1,59 +1,59 @@
----
- sidebar_position: 100
----
-
-# Glossary
-
-## Knowledge Base
-An independent producer and/or consumer of information.
-
-## Knowledge Network
-A set of Knowledge Bases that securely exchange knowledge about a clearly defined domain.
-
-## Knowledge Engine Runtime
-A single instance that is part of a Knowledge Network.
-It takes care of the communication between one (or more!) Knowledge Base(s) and the rest of the Knowledge Network.
-
-## Knowledge Directory
-A registry that keeps track of all Knowledge Bases (as represented by Smart Connectors), and specifically their knowledge needs and desires.
-
-## Smart Connector
-An entity (currently in the form of a Java object) that enables a Knowledge Base to connect to a Knowledge Network and exchange knowledge.
-
-## Knowledge Interaction
-A specification of knowledge that a Knowledge Base processes.
-A Knowledge Interaction is always one of the following four types: ASK, ANSWER, POST, REACT.
-### ASK
-A request for knowledge.
-
-### ANSWER
-Answer to a request for knowledge
-
-### POST
-A publication of knowledge.
-
-### REACT
-Reaction to the publication of knowledge
-
-
-## Graph Pattern
-A set of triples, separated by a dot (.), that describe the Knowledge that is processed with a Knowledge Interaction.
-Each triple consists of a subject, predicate, and object.
-Each of these can be either a variable (using a question mark `?var` prefix), a URI (using the `<https://...>`) or a literal (using quotes `"hello"`)
-
-### On the Expressibility of Graph Patterns
-Currently, the Knowledge Engine only supports Basic Graph Patterns.
-It does not yet support features such as the FILTER from SPARQL.
-
-## Binding Set
-A result of a Knowledge Interaction can have more than 1 match. 
-These matches are collected in a `BindingSet`, which is simply a set of bindings.
-
-### Binding
-Describes a 'match' of a graph pattern.
-Essentially it maps (free) variables in a graph pattern to actual values.
-Variables can be identified in a graph pattern as they are always prefixed with `?`.
-
-Two important things should be noted:
-1. The keys of the bindings MUST correspond to the variable names in the graph pattern, and they must be complete (all variables must have a value bound to them). (This last restriction does not apply to the bindings given with ASK requests; they can be partial of even empty.)
-2. The values of the bindings MUST be valid IRIs (https://www.w3.org/TR/turtle/#sec-iri) (for now without prefixes, so full IRIs) or valid literals (https://www.w3.org/TR/turtle/#literals).
+---
+ sidebar_position: 100
+---
+
+# Glossary
+
+## Knowledge Base
+An independent producer and/or consumer of information.
+
+## Knowledge Network
+A set of Knowledge Bases that securely exchange knowledge about a clearly defined domain.
+
+## Knowledge Engine Runtime
+A single instance that is part of a Knowledge Network.
+It takes care of the communication between one (or more!) Knowledge Base(s) and the rest of the Knowledge Network.
+
+## Knowledge Directory
+A registry that keeps track of all Knowledge Bases (as represented by Smart Connectors), and specifically their knowledge needs and desires.
+
+## Smart Connector
+An entity (currently in the form of a Java object) that enables a Knowledge Base to connect to a Knowledge Network and exchange knowledge.
+
+## Knowledge Interaction
+A specification of knowledge that a Knowledge Base processes.
+A Knowledge Interaction is always one of the following four types: ASK, ANSWER, POST, REACT.
+### ASK
+A request for knowledge.
+
+### ANSWER
+Answer to a request for knowledge
+
+### POST
+A publication of knowledge.
+
+### REACT
+Reaction to the publication of knowledge
+
+
+## Graph Pattern
+A set of triples, separated by a dot (.), that describe the Knowledge that is processed with a Knowledge Interaction.
+Each triple consists of a subject, predicate, and object.
+Each of these can be either a variable (using a question mark `?var` prefix), a URI (using the `<https://...>`) or a literal (using quotes `"hello"`)
+
+### On the Expressibility of Graph Patterns
+Currently, the Knowledge Engine only supports Basic Graph Patterns.
+It does not yet support features such as the FILTER from SPARQL.
+
+## Binding Set
+A result of a Knowledge Interaction can have more than 1 match. 
+These matches are collected in a `BindingSet`, which is simply a set of bindings.
+
+### Binding
+Describes a 'match' of a graph pattern.
+Essentially it maps (free) variables in a graph pattern to actual values.
+Variables can be identified in a graph pattern as they are always prefixed with `?`.
+
+Two important things should be noted:
+1. The keys of the bindings MUST correspond to the variable names in the graph pattern, and they must be complete (all variables must have a value bound to them). (This last restriction does not apply to the bindings given with ASK requests; they can be partial of even empty.)
+2. The values of the bindings MUST be valid IRIs (https://www.w3.org/TR/turtle/#sec-iri) (for now without prefixes, so full IRIs) or valid literals (https://www.w3.org/TR/turtle/#literals).

docs/docs/security.md

@@ -1,21 +1,21 @@
----
-  sidebar_position: 11
----
-
-# Security
-Within the KE we distinguish between several parts of the security question and explain below how we expect to deal with those:
-
-1) **Connection between Knowledge Base (KB) and Smart Connector (SC)**: When using _Java_ Developer API this is secure by default, however, when using the REST Developer API we need to be more careful. The Generic Adapter and Service Store already provide some solution for this.
-2) **Connection between SC and SC** (when in different Java Virtual Machines): By using a configurable Exposed URL, the KE remains flexible with respect to the setup it is used in. This Exposed URL can point directly to the SC or to a proxy that is configured for HTTPS with certificates.
-3) **Connection between SC and Knowledge Directory (KD)**: The Knowledge Directory itself exposes a REST API that we recommend to be put behind a HTTPS proxy. SCs have a configuration option to point to the URL of the Knowledge Directory. This can be both HTTP and HTTPS.
-4) **Identification/authentication**: Still unclear, but we are thinking about *not* introducing the concept of a user within the KE. The reason is that the only way other KBs can really trust a user, is by having a centralized Identity Provider that all KBs can access which constrasts the distributed nature of the KE. But again, not sure about whether we can maintain this position. Sharing login credentials and JWT tokens through the KE by including them in the domain knowledge is of course possible and this indeed requires the ontologies to contain classes and properties related to login and token information.
-5) **Authorization**: In the future we want to support roles and access control policies that are agreed upon by all KBs and it should make up the domain knowledge together with the ontology. We will definitely work on this in the future, but probably not in the scope of InterConnect.
-
-
-## Sharing credentials
-
-As I mentioned in my previous comment there is no _right_ way to deal with sharing credentials. More discussion and experience is definitely necessary to find the sweet spot for security related issues like these. In your use cases, the easiest and safest way is probably to share the credentials outside of the Knowledge Engine and just use some token (or home id) in the graph pattern, but it might be interesting to see how actually sending the credentials through the KE works out using a login graph pattern. Keep in mind, though, that the KE does not encrypt anything by itself and that the credentials might be visible to others.
-
-## Using Basic Authentication to secure data exchange
-
-The communication in a Knowledge Network can be secured using Basic Authentication and HTTPS. This requires the usage of reverse proxies (like [NGINX](https://www.nginx.org/)) in front of the KD and KE runtimes. In such scenario, this reverse proxy handles all HTTPS and Basis Authentication configuration and forwards traffic over HTTP and without basic authentication to the KD and KE Runtime. To facilitate this, the KE supports conveying user credentials (username and password) within both the KD_URL and KE_RUNTIME_EXPOSED_URL environment variables like this `https://username:password@www.example.org/keruntime`. Whenever these URLs contains user credentials, the KER uses these credentials to connect to the Knowledge Directory or Knowledge Engine Runtime, respectively. An example of using Basic Authentication (without HTTPS) in distributed mode can be found in the within the Knowledge Engine repository at `examples/authentication/`.
+---
+  sidebar_position: 11
+---
+
+# Security
+Within the KE we distinguish between several parts of the security question and explain below how we expect to deal with those:
+
+1) **Connection between Knowledge Base (KB) and Smart Connector (SC)**: When using _Java_ Developer API this is secure by default, however, when using the REST Developer API we need to be more careful. The Generic Adapter and Service Store already provide some solution for this.
+2) **Connection between SC and SC** (when in different Java Virtual Machines): By using a configurable Exposed URL, the KE remains flexible with respect to the setup it is used in. This Exposed URL can point directly to the SC or to a proxy that is configured for HTTPS with certificates.
+3) **Connection between SC and Knowledge Directory (KD)**: The Knowledge Directory itself exposes a REST API that we recommend to be put behind a HTTPS proxy. SCs have a configuration option to point to the URL of the Knowledge Directory. This can be both HTTP and HTTPS.
+4) **Identification/authentication**: Still unclear, but we are thinking about *not* introducing the concept of a user within the KE. The reason is that the only way other KBs can really trust a user, is by having a centralized Identity Provider that all KBs can access which constrasts the distributed nature of the KE. But again, not sure about whether we can maintain this position. Sharing login credentials and JWT tokens through the KE by including them in the domain knowledge is of course possible and this indeed requires the ontologies to contain classes and properties related to login and token information.
+5) **Authorization**: In the future we want to support roles and access control policies that are agreed upon by all KBs and it should make up the domain knowledge together with the ontology. We will definitely work on this in the future, but probably not in the scope of InterConnect.
+
+
+## Sharing credentials
+
+As I mentioned in my previous comment there is no _right_ way to deal with sharing credentials. More discussion and experience is definitely necessary to find the sweet spot for security related issues like these. In your use cases, the easiest and safest way is probably to share the credentials outside of the Knowledge Engine and just use some token (or home id) in the graph pattern, but it might be interesting to see how actually sending the credentials through the KE works out using a login graph pattern. Keep in mind, though, that the KE does not encrypt anything by itself and that the credentials might be visible to others.
+
+## Using Basic Authentication to secure data exchange
+
+The communication in a Knowledge Network can be secured using Basic Authentication and HTTPS. This requires the usage of reverse proxies (like [NGINX](https://www.nginx.org/)) in front of the KD and KE runtimes. In such scenario, this reverse proxy handles all HTTPS and Basis Authentication configuration and forwards traffic over HTTP and without basic authentication to the KD and KE Runtime. To facilitate this, the KE supports conveying user credentials (username and password) within both the KD_URL and KE_RUNTIME_EXPOSED_URL environment variables like this `https://username:password@www.example.org/keruntime`. Whenever these URLs contains user credentials, the KER uses these credentials to connect to the Knowledge Directory or Knowledge Engine Runtime, respectively. An example of using Basic Authentication (without HTTPS) in distributed mode can be found in the within the Knowledge Engine repository at `examples/authentication/`.

examples/anomaly-detection/dk.rules

@@ -1,11 +1,11 @@
-#------------------------------------------------------------------
-# Domain knowledge
-#------------------------------------------------------------------
-
-@prefix ex: <http://example.org/> .
-
--> ( ex:DutchTemperatureSensor rdfs:subClassOf ex:Sensor ) .
--> ( ex:USTemperatureSensor rdfs:subClassOf ex:Sensor ) .
-
-(?x rdfs:subClassOf ?y), (?a rdf:type ?x) -> (?a rdf:type ?y) .
-
+#------------------------------------------------------------------
+# Domain knowledge
+#------------------------------------------------------------------
+
+@prefix ex: <http://example.org/> .
+
+-> ( ex:DutchTemperatureSensor rdfs:subClassOf ex:Sensor ) .
+-> ( ex:USTemperatureSensor rdfs:subClassOf ex:Sensor ) .
+
+(?x rdfs:subClassOf ?y), (?a rdf:type ?x) -> (?a rdf:type ?y) .
+