Merge pull request eclipse-tractusx#182 from eclipse-tractusx/merge/latest-changes-v1.1.0-RC1

ci: merge latest changes from release candidate for 1.1.0

Author: evegufy

.github/workflows/chart-test.yml

@@ -121,7 +121,7 @@ jobs:
         run: ct lint --validate-maintainers=false --check-version-increment=false --target-branch ${{ github.event.repository.default_branch }}
 
       - name: Run chart-testing (install)
-        run: ct install --charts charts/ssi-credential-issuer --config charts/chart-testing-config.yaml --helm-extra-set-args "--set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing"
+        run: ct install --charts charts/ssi-credential-issuer --config charts/chart-testing-config.yaml --helm-extra-set-args "--set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing"
         if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
 
       # Upgrade the released chart version with the locally available chart
@@ -132,5 +132,5 @@ jobs:
           helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
           helm install ssi-credential-issuer tractusx-dev/ssi-credential-issuer --version ${{ github.event.inputs.upgrade_from || '1.0.0' }} --namespace upgrade --create-namespace
           helm dependency update charts/ssi-credential-issuer
-          helm upgrade ssi-credential-issuer charts/ssi-credential-issuer --set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --namespace upgrade
+          helm upgrade ssi-credential-issuer charts/ssi-credential-issuer --set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --namespace upgrade
         if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'

.github/workflows/credential-expiry-app-docker.yml

@@ -57,9 +57,6 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
-
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1

.github/workflows/migrations-docker.yml

@@ -58,9 +58,6 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
-
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1

.github/workflows/owasp-zap.yml

@@ -107,7 +107,7 @@ jobs:
           helm dependency build
 
       - name: Install the chart on KinD cluster
-        run: helm install testing -n apps --create-namespace --wait --set issuer.image.name=kind-registry:5000/credential-issuer-service --set issuer.image.tag=testing --set issuermigrations.image.name=kind-registry:5000/credential-issuer-migrations --set issuermigrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --set issuer.swaggerEnabled=true charts/ssi-credential-issuer
+        run: helm install testing -n apps --create-namespace --wait --set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --set service.swaggerEnabled=true charts/ssi-credential-issuer
 
       - name: Configure port forward to app in KinD
         run: |

.github/workflows/processes-worker-docker.yml

@@ -57,9 +57,6 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
-
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1

.github/workflows/release.yml

@@ -121,9 +121,6 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
-
       # Create SemVer or ref tags dependent of trigger event
       - name: Docker meta
         id: meta

.github/workflows/release_candidate.yml

@@ -61,9 +61,6 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
-
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1

.github/workflows/service-docker.yml

@@ -57,9 +57,6 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
-
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1

charts/ssi-credential-issuer/README.md

@@ -43,39 +43,39 @@ dependencies:
 | portalBackendAddress | string | `"https://portal-backend.example.org"` | Provide portal-backend base address. |
 | walletAddress | string | `"https://wallet.example.org"` |  |
 | walletTokenAddress | string | `"https://wallet.example.org/oauth/token"` |  |
-| issuer.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-service"` |  |
-| issuer.image.tag | string | `""` |  |
-| issuer.imagePullPolicy | string | `"IfNotPresent"` |  |
-| issuer.resources | object | `{"limits":{"cpu":"45m","memory":"400M"},"requests":{"cpu":"15m","memory":"400M"}}` | We recommend to review the default resource limits as this should a conscious choice. |
-| issuer.logging.businessLogic | string | `"Information"` |  |
-| issuer.logging.default | string | `"Information"` |  |
-| issuer.healthChecks.startup.path | string | `"/health/startup"` |  |
-| issuer.healthChecks.startup.tags[0].name | string | `"HEALTHCHECKS__0__TAGS__1"` |  |
-| issuer.healthChecks.startup.tags[0].value | string | `"issuerdb"` |  |
-| issuer.healthChecks.liveness.path | string | `"/healthz"` |  |
-| issuer.healthChecks.readyness.path | string | `"/ready"` |  |
-| issuer.swaggerEnabled | bool | `false` |  |
-| issuer.portal.scope | string | `"openid"` |  |
-| issuer.portal.grantType | string | `"client_credentials"` |  |
-| issuer.portal.clientId | string | `"portal-client-id"` | Provide portal client-id from CX IAM centralidp. |
-| issuer.portal.clientSecret | string | `""` | Client-secret for portal client-id. Secret-key 'portal-client-secret'. |
-| issuer.credential.issuerDid | string | `"did:web:example"` |  |
-| issuer.credential.issuerBpn | string | `"BPNL00000001TEST"` |  |
-| issuer.credential.statusListUrl | string | `"https://example.org/statuslist"` |  |
-| issuer.credential.encryptionConfigIndex | int | `0` |  |
-| issuer.credential.encryptionConfigs.index0.index | int | `0` |  |
-| issuer.credential.encryptionConfigs.index0.cipherMode | string | `"CBC"` |  |
-| issuer.credential.encryptionConfigs.index0.paddingMode | string | `"PKCS7"` |  |
-| issuer.credential.encryptionConfigs.index0.encryptionKey | string | `""` | EncryptionKey for wallet. Secret-key 'credential-encryption-key0'. Expected format is 256 bit (64 digits) hex. |
-| issuermigrations.name | string | `"migrations"` |  |
-| issuermigrations.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-migrations"` |  |
-| issuermigrations.image.tag | string | `""` |  |
-| issuermigrations.imagePullPolicy | string | `"IfNotPresent"` |  |
-| issuermigrations.resources | object | `{"limits":{"cpu":"45m","memory":"200M"},"requests":{"cpu":"15m","memory":"200M"}}` | We recommend to review the default resource limits as this should a conscious choice. |
-| issuermigrations.seeding.testDataEnvironments | string | `""` |  |
-| issuermigrations.seeding.testDataPaths | string | `"Seeder/Data"` |  |
-| issuermigrations.logging.default | string | `"Information"` |  |
-| issuermigrations.processIdentity.identityId | string | `"ac1cf001-7fbc-1f2f-817f-bce058020006"` |  |
+| service.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-service"` |  |
+| service.image.tag | string | `""` |  |
+| service.imagePullPolicy | string | `"IfNotPresent"` |  |
+| service.resources | object | `{"limits":{"cpu":"45m","memory":"400M"},"requests":{"cpu":"15m","memory":"400M"}}` | We recommend to review the default resource limits as this should a conscious choice. |
+| service.logging.businessLogic | string | `"Information"` |  |
+| service.logging.default | string | `"Information"` |  |
+| service.healthChecks.startup.path | string | `"/health/startup"` |  |
+| service.healthChecks.startup.tags[0].name | string | `"HEALTHCHECKS__0__TAGS__1"` |  |
+| service.healthChecks.startup.tags[0].value | string | `"issuerdb"` |  |
+| service.healthChecks.liveness.path | string | `"/healthz"` |  |
+| service.healthChecks.readyness.path | string | `"/ready"` |  |
+| service.swaggerEnabled | bool | `false` |  |
+| service.portal.scope | string | `"openid"` |  |
+| service.portal.grantType | string | `"client_credentials"` |  |
+| service.portal.clientId | string | `"portal-client-id"` | Provide portal client-id from CX IAM centralidp. |
+| service.portal.clientSecret | string | `""` | Client-secret for portal client-id. Secret-key 'portal-client-secret'. |
+| service.credential.issuerDid | string | `"did:web:example"` |  |
+| service.credential.issuerBpn | string | `"BPNL00000001TEST"` |  |
+| service.credential.statusListUrl | string | `"https://example.org/statuslist"` |  |
+| service.credential.encryptionConfigIndex | int | `0` |  |
+| service.credential.encryptionConfigs.index0.index | int | `0` |  |
+| service.credential.encryptionConfigs.index0.cipherMode | string | `"CBC"` |  |
+| service.credential.encryptionConfigs.index0.paddingMode | string | `"PKCS7"` |  |
+| service.credential.encryptionConfigs.index0.encryptionKey | string | `""` | EncryptionKey for wallet. Secret-key 'credential-encryption-key0'. Expected format is 256 bit (64 digits) hex. |
+| migrations.name | string | `"migrations"` |  |
+| migrations.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-migrations"` |  |
+| migrations.image.tag | string | `""` |  |
+| migrations.imagePullPolicy | string | `"IfNotPresent"` |  |
+| migrations.resources | object | `{"limits":{"cpu":"45m","memory":"200M"},"requests":{"cpu":"15m","memory":"200M"}}` | We recommend to review the default resource limits as this should a conscious choice. |
+| migrations.seeding.testDataEnvironments | string | `""` |  |
+| migrations.seeding.testDataPaths | string | `"Seeder/Data"` |  |
+| migrations.logging.default | string | `"Information"` |  |
+| migrations.processIdentity.identityId | string | `"ac1cf001-7fbc-1f2f-817f-bce058020006"` |  |
 | processesworker.name | string | `"processesworker"` |  |
 | processesworker.image.name | string | `"docker.io/tractusx/ssi-credential-issuer-processes-worker"` |  |
 | processesworker.image.tag | string | `""` |  |

charts/ssi-credential-issuer/templates/cronjob-issuer-processes.yaml

@@ -67,7 +67,7 @@ spec:
               value: "Server={{ .Values.externalDatabase.host }};Database={{ .Values.externalDatabase.database }};Port={{ .Values.externalDatabase.port }};User Id={{ .Values.externalDatabase.username }};Password=$(ISSUER_PASSWORD);Ssl Mode={{ .Values.dbConnection.sslMode }};"
             {{- end }}
             - name: "PORTAL__CLIENTID"
-              value: "{{ .Values.issuer.portal.clientId }}"
+              value: "{{ .Values.service.portal.clientId }}"
             - name: "PORTAL__CLIENTSECRET"
               valueFrom:
                 secretKeyRef:
@@ -86,7 +86,7 @@ spec:
             - name: "PORTAL__USERNAME"
               value: "empty"
             - name: "CALLBACK__CLIENTID"
-              value: "{{ .Values.issuer.portal.clientId }}"
+              value: "{{ .Values.service.portal.clientId }}"
             - name: "CALLBACK__CLIENTSECRET"
               valueFrom:
                 secretKeyRef: