diff --git a/.github/workflows/discord-webhook.yml b/.github/workflows/discord-webhook.yml deleted file mode 100644 index b60de301..00000000 --- a/.github/workflows/discord-webhook.yml +++ /dev/null @@ -1,70 +0,0 @@ -# -# Copyright (c) 2024 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# - -name: 'Discord Webhook' -on: - issues: - types: [ opened ] - pull_request_target: - types: [ opened, reopened ] - discussion: - types: [ created ] - -jobs: - message: - runs-on: ubuntu-latest - steps: - - name: New Discussion - uses: tsickert/discord-webhook@v6.0.0 - if: ${{ (github.event_name == 'discussion') }} - with: - webhook-url: ${{ secrets.DISCORD_GITHUB_WEBHOOK }} - avatar-url: https://avatars.githubusercontent.com/u/9919?s=200&v=4 - embed-author-name: ${{ github.event.sender.login }} - embed-author-url: ${{ github.event.sender.html_url }} - embed-author-icon-url: ${{ github.event.sender.avatar_url }} - embed-title: ${{ github.event.discussion.title }} - embed-url: ${{ github.event.discussion.html_url }} - embed-description: A **discussion** has been created in ${{ github.repository }}. - - - name: New Issue - uses: tsickert/discord-webhook@v6.0.0 - if: ${{ (github.event_name == 'issues') }} - with: - webhook-url: ${{ secrets.DISCORD_GITHUB_WEBHOOK }} - avatar-url: https://avatars.githubusercontent.com/u/9919?s=200&v=4 - embed-author-name: ${{ github.event.sender.login }} - embed-author-url: ${{ github.event.sender.html_url }} - embed-author-icon-url: ${{ github.event.sender.avatar_url }} - embed-title: ${{ github.event.issue.title }} - embed-url: ${{ github.event.issue.html_url }} - embed-description: An **issue** has been opened in ${{ github.repository }}. - - - name: New Pull Request - uses: tsickert/discord-webhook@v6.0.0 - if: ${{ (github.event_name == 'pull_request_target') }} - with: - webhook-url: ${{ secrets.DISCORD_GITHUB_WEBHOOK }} - avatar-url: https://avatars.githubusercontent.com/u/9919?s=200&v=4 - embed-author-name: ${{ github.event.sender.login }} - embed-author-url: ${{ github.event.sender.html_url }} - embed-author-icon-url: ${{ github.event.sender.avatar_url }} - embed-title: ${{ github.event.pull_request.title }} - embed-url: ${{ github.event.pull_request.html_url }} - embed-description: A **pull request** has been opened in ${{ github.repository }}. diff --git a/.github/workflows/run-e2e-tests.yml b/.github/workflows/run-e2e-tests.yml index 71dfa155..31eff0bf 100644 --- a/.github/workflows/run-e2e-tests.yml +++ b/.github/workflows/run-e2e-tests.yml @@ -63,10 +63,10 @@ jobs: - name: "Load runtime images into KinD" run: | kind load docker-image -n dcp-demo \ - ghcr.io/eclipse-edc/minimumviabledataspace/controlplane:latest \ - ghcr.io/eclipse-edc/minimumviabledataspace/dataplane:latest \ - ghcr.io/eclipse-edc/minimumviabledataspace/identity-hub:latest \ - ghcr.io/eclipse-edc/minimumviabledataspace/issuerservice:latest + ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/controlplane:latest \ + ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/dataplane:latest \ + ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/identity-hub:latest \ + ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/issuerservice:latest - name: "Update image pull policy" run: |- diff --git a/README.md b/README.md index 12eb3623..a7aa823f 100644 --- a/README.md +++ b/README.md @@ -94,7 +94,7 @@ fixes of all upstream components. > We have monitoring systems in place that inform us about broken builds. No need to raise issues about this. More conservative developers may fall back -to [releases of MVD](https://github.com/eclipse-edc/MinimumViableDataspace/releases) that use release versions of all +to [releases of MVD](https://github.com/eclipse-dataspace-hub/minimumviabledataspace/releases) that use release versions of all upstream components. If this is you, then remember to check out the appropriate tag after cloning the repo. Either download the ZIP file and use sources therein, or check out the corresponding tag. @@ -221,10 +221,10 @@ All commands are executed from the **repository's root folder** unless stated ot > namespace, plainly for the sake of simplicity. This builds the runtime images and creates the following docker images: -`ghcr.io/eclipse-edc/minimumviabledataspace/controlplane:latest`, -`ghcr.io/eclipse-edc/minimumviabledataspace/dataplane:latest`, -`ghcr.io/eclipse-edc/minimumviabledataspace/issuerservice:latest` and -`ghcr.io/eclipse-edc/minimumviabledataspace/identity-hub:latest` in the local docker image cache. +`ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/controlplane:latest`, +`ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/dataplane:latest`, +`ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/issuerservice:latest` and +`ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/identity-hub:latest` in the local docker image cache. PostgreSQL and Hashicorp Vault obviously require additional configuration, which is handled by the Kubernetes manifests via batch jobs. @@ -262,10 +262,10 @@ grep -rlZ "imagePullPolicy: Always" k8s | xargs sed -i "s/imagePullPolicy: Alway # Load docker images into KinD kind load docker-image \ - ghcr.io/eclipse-edc/minimumviabledataspace/controlplane:latest \ - ghcr.io/eclipse-edc/minimumviabledataspace/dataplane:latest \ - ghcr.io/eclipse-edc/minimumviabledataspace/identity-hub:latest \ - ghcr.io/eclipse-edc/minimumviabledataspace/issuerservice:latest -n mvd + ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/controlplane:latest \ + ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/dataplane:latest \ + ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/identity-hub:latest \ + ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/issuerservice:latest -n mvd ``` #### 4.2.3 Deploy MVD components diff --git a/Requests/IdentityHub/VerifiableCredential Mgmt API/Add VerifiableCredential.bru b/Requests/IdentityHub/VerifiableCredential Mgmt API/Add VerifiableCredential.bru index f36cb2ce..d839f2df 100644 --- a/Requests/IdentityHub/VerifiableCredential Mgmt API/Add VerifiableCredential.bru +++ b/Requests/IdentityHub/VerifiableCredential Mgmt API/Add VerifiableCredential.bru @@ -17,7 +17,7 @@ body:json { "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredentialContainer": { - "format": "VC1_0_JWT", + "format": "vc11-sl2021/jwt", "rawVc": "eyJraWQiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIubXZkLWlzc3Vlci5zdmMuY2x1c3Rlci5sb2NhbCNrZXktMSIsInR5cCI6IkpXVCIsImFsZyI6IkVkRFNBIn0.eyJpc3MiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIubXZkLWlzc3Vlci5zdmMuY2x1c3Rlci5sb2NhbCIsImF1ZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIubXZkLWNvbnN1bWVyLXNlY3VyaXR5LnN2Yy5jbHVzdGVyLmxvY2FsJTNBNzA4Mzpjb25zdW1lciIsInN1YiI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIubXZkLWNvbnN1bWVyLXNlY3VyaXR5LnN2Yy5jbHVzdGVyLmxvY2FsJTNBNzA4Mzpjb25zdW1lciIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOndlYjpkYXRhc3BhY2UtaXNzdWVyLm12ZC1pc3N1ZXIuc3ZjLmNsdXN0ZXIubG9jYWwiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpjb25zdW1lci1pZGVudGl0eWh1Yi5tdmQtY29uc3VtZXItc2VjdXJpdHkuc3ZjLmNsdXN0ZXIubG9jYWwlM0E3MDgzOmNvbnN1bWVyIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAiLCJsZXZlbCI6InByb2Nlc3NpbmcifX0sImlhdCI6MTc1Mjc1MzA2NX0.aBs8_vc-LPIkmci1-fWU_TEAm-Nze8SQEiho_sSIdzS220RooPaMzJadiPetKBMopua_qddxYjefWRmUtGEvAw", "credential": { "credentialSubject": [ diff --git a/Requests/IdentityHub/VerifiableCredential Mgmt API/Make Credential Request.bru b/Requests/IdentityHub/VerifiableCredential Mgmt API/Make Credential Request.bru index bf09ce0b..bdbe5c84 100644 --- a/Requests/IdentityHub/VerifiableCredential Mgmt API/Make Credential Request.bru +++ b/Requests/IdentityHub/VerifiableCredential Mgmt API/Make Credential Request.bru @@ -15,12 +15,12 @@ body:json { "issuerDid": "{{ISSUER_DID}}", "holderPid": "{{$guid}}", "credentials": [{ - "format": "VC2_0_JOSE", + "format": "vc20-bssl/jwt", "type": "MembershipCredential", "id": "membership-credential-def" }, { - "format": "VC2_0_JOSE", + "format": "vc20-bssl/jwt", "type": "ManufacturerCredential", "id": "manufacturer-credential-def" }] diff --git a/Requests/IssuerService/Admin API/CredentialDefinitions/create Credential Definition.bru b/Requests/IssuerService/Admin API/CredentialDefinitions/create Credential Definition.bru index d3c1ced5..46b3e27a 100644 --- a/Requests/IssuerService/Admin API/CredentialDefinitions/create Credential Definition.bru +++ b/Requests/IssuerService/Admin API/CredentialDefinitions/create Credential Definition.bru @@ -47,7 +47,7 @@ body:json { } ], "validity": "", - "formats": ["VC2_0_JOSE"] + "formats": ["vc20-bssl/jwt"] } } diff --git a/build.gradle.kts b/build.gradle.kts index ce508025..253ac337 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -39,8 +39,8 @@ subprojects { tasks.register("dockerize", DockerBuildImage::class) { val dockerContextDir = project.projectDir dockerFile.set(file("$dockerContextDir/src/main/docker/Dockerfile")) - images.add("ghcr.io/eclipse-edc/minimumviabledataspace/${project.name}:${project.version}") - images.add("ghcr.io/eclipse-edc/minimumviabledataspace/${project.name}:latest") + images.add("ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/${project.name}:${project.version}") + images.add("ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/${project.name}:latest") // specify platform with the -Dplatform flag: if (System.getProperty("platform") != null) platform.set(System.getProperty("platform")) diff --git a/k8s/consumer/application/controlplane.yaml b/k8s/consumer/application/controlplane.yaml index c8d5aeab..aa44cd78 100644 --- a/k8s/consumer/application/controlplane.yaml +++ b/k8s/consumer/application/controlplane.yaml @@ -34,7 +34,7 @@ spec: spec: containers: - name: controlplane - image: ghcr.io/eclipse-edc/minimumviabledataspace/controlplane:latest + image: ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/controlplane:latest imagePullPolicy: Always envFrom: - configMapRef: { name: controlplane-config } diff --git a/k8s/consumer/application/dataplane.yaml b/k8s/consumer/application/dataplane.yaml index e66d45ff..cb8f1ba4 100644 --- a/k8s/consumer/application/dataplane.yaml +++ b/k8s/consumer/application/dataplane.yaml @@ -34,7 +34,7 @@ spec: spec: containers: - name: dataplane - image: ghcr.io/eclipse-edc/minimumviabledataspace/dataplane:latest + image: ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/dataplane:latest imagePullPolicy: Always envFrom: - configMapRef: diff --git a/k8s/consumer/application/identityhub-seed.yaml b/k8s/consumer/application/identityhub-seed.yaml index 0fc12f56..ff367e1e 100644 --- a/k8s/consumer/application/identityhub-seed.yaml +++ b/k8s/consumer/application/identityhub-seed.yaml @@ -214,12 +214,12 @@ spec: \"issuerDid\": \"did:web:issuerservice.issuer.svc.cluster.local%3A10016:issuer\", \"holderPid\": \"${HOLDER_PID}\", \"credentials\": [{ - \"format\": \"VC2_0_JOSE\", + \"format\": \"vc20-bssl/jwt\", \"type\": \"MembershipCredential\", \"id\": \"membership-credential-def\" }, { - \"format\": \"VC2_0_JOSE\", + \"format\": \"vc20-bssl/jwt\", \"type\": \"ManufacturerCredential\", \"id\": \"manufacturer-credential-def\" }] diff --git a/k8s/consumer/application/identityhub.yaml b/k8s/consumer/application/identityhub.yaml index b0608748..df89156c 100644 --- a/k8s/consumer/application/identityhub.yaml +++ b/k8s/consumer/application/identityhub.yaml @@ -33,7 +33,7 @@ spec: spec: containers: - name: identityhub - image: ghcr.io/eclipse-edc/minimumviabledataspace/identity-hub:latest + image: ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/identity-hub:latest imagePullPolicy: Always envFrom: - configMapRef: diff --git a/k8s/consumer/base/vault.yaml b/k8s/consumer/base/vault.yaml index d39e68f9..faf79089 100644 --- a/k8s/consumer/base/vault.yaml +++ b/k8s/consumer/base/vault.yaml @@ -34,6 +34,10 @@ spec: image: hashicorp/vault:latest ports: - containerPort: 8200 + securityContext: + capabilities: + add: + - IPC_LOCK env: - name: VAULT_DEV_ROOT_TOKEN_ID value: "root" @@ -69,6 +73,10 @@ spec: containers: - name: vault-cli image: hashicorp/vault:latest + securityContext: + capabilities: + add: + - IPC_LOCK env: - name: VAULT_ADDR value: "http://vault.consumer.svc.cluster.local:8200" diff --git a/k8s/issuer/application/issuerservice-seed-job.yaml b/k8s/issuer/application/issuerservice-seed-job.yaml index 32e24f35..f64211fb 100644 --- a/k8s/issuer/application/issuerservice-seed-job.yaml +++ b/k8s/issuer/application/issuerservice-seed-job.yaml @@ -280,7 +280,7 @@ spec: } ], "rules": [], - "format": "VC2_0_JOSE", + "format": "vc20-bssl/jwt", "validity": "604800" }' @@ -317,7 +317,7 @@ spec: } ], "rules": [], - "format": "VC2_0_JOSE", + "format": "vc20-bssl/jwt", "validity": "604800" }' diff --git a/k8s/issuer/application/issuerservice.yaml b/k8s/issuer/application/issuerservice.yaml index 08fe3fef..744675b6 100644 --- a/k8s/issuer/application/issuerservice.yaml +++ b/k8s/issuer/application/issuerservice.yaml @@ -33,7 +33,7 @@ spec: spec: containers: - name: issuerservice - image: ghcr.io/eclipse-edc/minimumviabledataspace/issuerservice:latest + image: ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/issuerservice:latest imagePullPolicy: Always ports: - containerPort: 80 diff --git a/k8s/issuer/base/vault.yaml b/k8s/issuer/base/vault.yaml index 87506a8d..092653ef 100644 --- a/k8s/issuer/base/vault.yaml +++ b/k8s/issuer/base/vault.yaml @@ -75,6 +75,10 @@ spec: value: "http://vault.issuer.svc.cluster.local:8200" - name: VAULT_TOKEN value: "root" + securityContext: + capabilities: + add: + - IPC_LOCK command: [ "sh", "-ec" ] args: - | diff --git a/k8s/provider/application/controlplane.yaml b/k8s/provider/application/controlplane.yaml index 6b8411ff..372b86e9 100644 --- a/k8s/provider/application/controlplane.yaml +++ b/k8s/provider/application/controlplane.yaml @@ -34,7 +34,7 @@ spec: spec: containers: - name: controlplane - image: ghcr.io/eclipse-edc/minimumviabledataspace/controlplane:latest + image: ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/controlplane:latest imagePullPolicy: Always envFrom: - configMapRef: { name: controlplane-config } diff --git a/k8s/provider/application/dataplane.yaml b/k8s/provider/application/dataplane.yaml index 7157f701..29569d5a 100644 --- a/k8s/provider/application/dataplane.yaml +++ b/k8s/provider/application/dataplane.yaml @@ -34,7 +34,7 @@ spec: spec: containers: - name: dataplane - image: ghcr.io/eclipse-edc/minimumviabledataspace/dataplane:latest + image: ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/dataplane:latest imagePullPolicy: Always envFrom: - configMapRef: diff --git a/k8s/provider/application/identityhub-seed.yaml b/k8s/provider/application/identityhub-seed.yaml index 4c484224..063fd943 100644 --- a/k8s/provider/application/identityhub-seed.yaml +++ b/k8s/provider/application/identityhub-seed.yaml @@ -214,12 +214,12 @@ spec: \"issuerDid\": \"did:web:issuerservice.issuer.svc.cluster.local%3A10016:issuer\", \"holderPid\": \"${HOLDER_PID}\", \"credentials\": [{ - \"format\": \"VC2_0_JOSE\", + \"format\": \"vc20-bssl/jwt\", \"type\": \"MembershipCredential\", \"id\": \"membership-credential-def\" }, { - \"format\": \"VC2_0_JOSE\", + \"format\": \"vc20-bssl/jwt\", \"type\": \"ManufacturerCredential\", \"id\": \"manufacturer-credential-def\" }] diff --git a/k8s/provider/application/identityhub.yaml b/k8s/provider/application/identityhub.yaml index 81b01edc..dae5b07a 100644 --- a/k8s/provider/application/identityhub.yaml +++ b/k8s/provider/application/identityhub.yaml @@ -33,7 +33,7 @@ spec: spec: containers: - name: identityhub - image: ghcr.io/eclipse-edc/minimumviabledataspace/identity-hub:latest + image: ghcr.io/eclipse-dataspace-hub/minimumviabledataspace/identity-hub:latest imagePullPolicy: Always envFrom: - configMapRef: diff --git a/k8s/provider/base/vault.yaml b/k8s/provider/base/vault.yaml index 1fd91324..7740e6b0 100644 --- a/k8s/provider/base/vault.yaml +++ b/k8s/provider/base/vault.yaml @@ -34,6 +34,7 @@ spec: image: hashicorp/vault:latest ports: - containerPort: 8200 + env: - name: VAULT_DEV_ROOT_TOKEN_ID value: "root" @@ -75,6 +76,10 @@ spec: value: "http://vault.provider.svc.cluster.local:8200" - name: VAULT_TOKEN value: "root" + securityContext: + capabilities: + add: + - IPC_LOCK command: [ "sh", "-ec" ] args: - | diff --git a/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/issuance/CredentialIssuanceEndToEndTest.java b/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/issuance/CredentialIssuanceEndToEndTest.java index 042f9b00..40fb51b7 100644 --- a/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/issuance/CredentialIssuanceEndToEndTest.java +++ b/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/issuance/CredentialIssuanceEndToEndTest.java @@ -72,7 +72,7 @@ void makeCredentialRequest_expectCredential() { "issuerDid": "%s", "holderPid": "%s", "credentials": [ - {"format": "VC2_0_JOSE", "type": "MembershipCredential", "id": "membership-credential-def"} + {"format": "vc20-bssl/jwt", "type": "MembershipCredential", "id": "membership-credential-def"} ] } """.formatted(ISSUER_DID, HOLDER_PID))