[INJICERT-13] move feature branch changes to develop (#19)

* [INJICERT-13] VCI Segregation from eSignet (#10) * [INJICERT-13] VCI Segregation from eSignet Signed-off-by: Challarao <[email protected]> * [INJICERT-13] kernel core dependency version upgrade to java 21 Signed-off-by: Challarao <[email protected]> * [INJICERT-13] removed unused methods and classes Signed-off-by: Challarao <[email protected]> * [INJICERT-13] changed esignet reference for jwt uri to certify Signed-off-by: Challarao <[email protected]> * [INJICERT-13] removed vci service impl module and refactored code Signed-off-by: Challarao <[email protected]> * [INJICERT-13] moved dependencies to parent and added license to all files Signed-off-by: Challarao <[email protected]> * [INJICERT-13] added audit plugin implementation Signed-off-by: Challarao <[email protected]> * [INJICERT-212] Docker file for inji certify repo and integration of certify with eSignet + sunbird C installation Signed-off-by: Challarao <[email protected]> * [INJICERT-212] seperated plugin related properties from certify to different file Signed-off-by: Challarao <[email protected]> * [DSD-5387] added .github Signed-off-by: Rakshithb1 <[email protected]> * [DSD-5387] added .github Signed-off-by: Rakshithb1 <[email protected]> * [INJICERT-212] update certify image Signed-off-by: Challarao <[email protected]> * [DSD-5387] added helm chart Signed-off-by: Rakshithb1 <[email protected]> * [DSD-5387] updated values.yaml Signed-off-by: Rakshithb1 <[email protected]> * [DSD-5387] updated values.yaml Signed-off-by: Rakshithb1 <[email protected]> * [DSD-5387] updated install.sh Signed-off-by: Rakshithb1 <[email protected]> * [INJICERT-212] added instructions in README.md for downloading jar files Signed-off-by: Challarao <[email protected]> --------- Signed-off-by: Rakshithb1 <[email protected]> Co-authored-by: Vishwa <[email protected]> Co-authored-by: Rakshithb1 <[email protected]> Co-authored-by: Chandra Keshav Mishra <[email protected]> Co-authored-by: Rakshith B <[email protected]> Signed-off-by: Vishwa <[email protected]>
mosip · Jun 3, 2024 · 4dfbe92 · 4dfbe92
1 parent 8e79f5e
commit 4dfbe92
Show file tree

Hide file tree

Showing 103 changed files with 6,592 additions and 41 deletions.
diff --git a/.github/keys/mosipgpgkey_pub.gpg b/.github/keys/mosipgpgkey_pub.gpg
diff --git a/.github/keys/mosipgpgkey_sec.gpg b/.github/keys/mosipgpgkey_sec.gpg
diff --git a/.github/workflows/chart-lint-publish.yml b/.github/workflows/chart-lint-publish.yml
@@ -0,0 +1,62 @@
+name: Validate / Publish helm charts
+
+on:
+  release:
+    types: [published]
+  pull_request:
+    types: [opened, reopened, synchronize]
+    paths:
+      - 'helm/**'
+  workflow_dispatch:
+    inputs:
+      IGNORE_CHARTS:
+        description: 'Provide list of charts to be ignored separated by pipe(|)'
+        required: false
+        default: ''
+        type: string
+      CHART_PUBLISH:
+        description: 'Chart publishing to gh-pages branch'
+        required: false
+        default: 'NO'
+        type: string
+        options:
+          - YES
+          - NO
+      INCLUDE_ALL_CHARTS:
+        description: 'Include all charts for Linting/Publishing (YES/NO)'
+        required: false
+        default: 'NO'
+        type: string
+        options:
+          - YES
+          - NO
+  push:
+    branches:
+      - '!release-branch'
+      - master
+      - 1.*
+      - 0.*
+      - develop
+      - MOSIP*
+      - release*
+    paths:
+      - './helm/**'
+
+jobs:
+  chart-lint-publish:
+    uses: mosip/kattu/.github/workflows/chart-lint-publish.yml@master
+    with:
+      CHARTS_DIR: ./helm
+      CHARTS_URL: https://mosip.github.io/mosip-helm
+      REPOSITORY: mosip-helm
+      BRANCH: gh-pages
+      INCLUDE_ALL_CHARTS: "${{ inputs.INCLUDE_ALL_CHARTS || 'NO' }}"
+      IGNORE_CHARTS: "${{ inputs.IGNORE_CHARTS ||'redis' }}"
+      CHART_PUBLISH: "${{ inputs.CHART_PUBLISH || 'YES' }}"
+      LINTING_CHART_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-schema.yaml"
+      LINTING_LINTCONF_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/lintconf.yaml"
+      LINTING_CHART_TESTING_CONFIG_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-testing-config.yaml"
+      LINTING_HEALTH_CHECK_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/health-check-schema.yaml"
+    secrets:
+      TOKEN: ${{ secrets.ACTION_PAT }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/.github/workflows/push-trigger.yml b/.github/workflows/push-trigger.yml
@@ -0,0 +1,87 @@
+name: Maven Package upon a push
+
+on:
+  release:
+    types: [published]
+  pull_request:
+    types: [opened, reopened, synchronize]
+  workflow_dispatch:
+    inputs:
+      message:
+        description: 'Message for manually triggering'
+        required: false
+        default: 'Triggered for Updates'
+        type: string
+  push:
+    branches:
+      - '!release-branch'
+      - master
+      - 1.*
+      - develop
+      - MOSIP*
+      - release*
+      - INJICERT-13
+
+jobs:
+  build-maven-inji-certify:
+    uses: mosip/kattu/.github/workflows/maven-build.yml@master-java21
+    with:
+      SERVICE_LOCATION: ./
+      BUILD_ARTIFACT: inji-certify
+    secrets:
+      OSSRH_USER: ${{ secrets.OSSRH_USER }}
+      OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
+      OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+      GPG_SECRET: ${{ secrets.GPG_SECRET }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  publish_to_nexus:
+    if: "${{ !contains(github.ref, 'master') && github.event_name != 'pull_request' }}"
+    needs: build-maven-inji-certify
+    uses: mosip/kattu/.github/workflows/maven-publish-to-nexus.yml@master-java21
+    with:
+      SERVICE_LOCATION: ./
+    secrets:
+      OSSRH_USER: ${{ secrets.OSSRH_USER }}
+      OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
+      OSSRH_URL: ${{ secrets.OSSRH_SNAPSHOT_URL }}
+      OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+      GPG_SECRET: ${{ secrets.GPG_SECRET }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+
+  build-dockers:
+    needs: build-maven-inji-certify
+    strategy:
+      matrix:
+        include:
+          - SERVICE_LOCATION: 'certify-service'
+            SERVICE_NAME: 'inji-certify'
+            BUILD_ARTIFACT: 'inji-certify'
+      fail-fast: false
+    name: ${{ matrix.SERVICE_NAME }}
+    uses: mosip/kattu/.github/workflows/docker-build.yml@master-java21
+    with:
+      SERVICE_LOCATION: ${{ matrix.SERVICE_LOCATION }}
+      SERVICE_NAME: ${{ matrix.SERVICE_NAME }}
+      BUILD_ARTIFACT: ${{ matrix.BUILD_ARTIFACT }}
+    secrets:
+      DEV_NAMESPACE_DOCKER_HUB: ${{ secrets.DEV_NAMESPACE_DOCKER_HUB }}
+      ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
+      RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  sonar_analysis:
+    needs: build-maven-inji-certify
+    if: "${{  github.event_name != 'pull_request' }}"
+    uses: mosip/kattu/.github/workflows/maven-sonar-analysis.yml@master-java21
+    with:
+      SERVICE_LOCATION: ./
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      ORG_KEY: ${{ secrets.ORG_KEY }}
+      OSSRH_USER: ${{ secrets.OSSRH_USER }}
+      OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
+      OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+      GPG_SECRET: ${{ secrets.GPG_SECRET }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/.github/workflows/release-changes.yml b/.github/workflows/release-changes.yml
@@ -0,0 +1,29 @@
+name: Release/pre-release Preparation.
+
+on:
+  workflow_dispatch:
+    inputs:
+      MESSAGE:
+        description: 'Triggered for release or pe-release'
+        required: false
+        default: 'Release Preparation'
+      RELEASE_TAG:
+        description: 'tag to update'
+        required: true
+      SNAPSHOT_TAG:
+        description: 'tag to be replaced'
+        required: true
+      BASE:
+        description: 'base branch for PR'
+        required: true
+jobs:
+  maven-release-preparation:
+    uses: mosip/kattu/.github/workflows/release-changes.yml@master
+    with:
+      MESSAGE: ${{ inputs.MESSAGE }}
+      RELEASE_TAG: ${{ inputs.RELEASE_TAG }}
+      SNAPSHOT_TAG: ${{ inputs.SNAPSHOT_TAG }}
+      BASE: ${{ inputs.BASE }}
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+      ACTION_PAT: ${{ secrets.ACTION_PAT }}
diff --git a/.github/workflows/tag.yaml b/.github/workflows/tag.yaml
@@ -0,0 +1,53 @@
+name: Tagging of repos
+
+on:
+  workflow_dispatch:
+    inputs:
+      TAG:
+        description: 'Tag to be published'
+        required: true
+        type: string
+      BODY:
+        description: 'Release body message'
+        required: true
+        default: 'Changes in this Release'
+        type: string
+      PRE_RELEASE:
+        description: 'Pre-release? True/False'
+        required: false
+        default: 'false'
+        type: string
+      DRAFT:
+        description: 'Draft? True/False'
+        required: false
+        default: 'false'
+        type: string
+      ONLY_TAG:
+        description: "Only Tag"
+        required: false
+        type: string
+        default: 'false'
+      BRANCH:
+        description: 'Branch name'
+        required: true
+        type: string
+      LATEST:
+        description: 'Latest release'
+        required: false
+        type: string
+        default: 'true'
+
+jobs:
+  tag-branch:
+    uses: mosip/kattu/.github/workflows/tag.yml@master
+    with:
+      TAG: ${{ inputs.TAG }}
+      BODY: ${{ inputs.BODY }}
+      PRE_RELEASE: ${{ inputs.PRE_RELEASE }}
+      DRAFT: ${{ inputs.DRAFT }}
+      ONLY_TAG: ${{ inputs.ONLY_TAG }}
+      BRANCH: ${{ inputs.BRANCH }}
+      LATEST: ${{ inputs.LATEST }}
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+      TOKEN: ${{ secrets.ACTION_PAT }}
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,32 @@
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+
+# other directories
+target/
+.idea/
+*.p12
+*.iml
+.settings/
+.setting/
+.mvn/
+.project/
+helm/*/Chart.lock
+helm/*/charts/
diff --git a/README.md b/README.md
@@ -29,7 +29,7 @@ Execute installation script
 
     ```
     1. Sunbird RC
-    2. Esignet
+    2. Certify
     0. Exit
     Select:
     ```
@@ -45,33 +45,59 @@ Execute installation script
     * Set the hostname of the endpoints correctly as per your docker setup
     * Now generate a DID, create a credential schema and create an issuance registry
         * take note of `$.schema[0].author`  and  `$.schema[0].id` from the create credential schema request
-6. Add the jar file of Digital Credential Stack(DCS) plugin implementation in [loader_path](docker-compose-esignet/loader_path). The JAR can be built [from source](https://github.com/mosip/digital-credential-plugins/) or [downloaded directly](https://mvnrepository.com/artifact/io.mosip.esignet.sunbirdrc/sunbird-rc-esignet-integration-impl).
-7. Modify the properties of the Esignet service located in the [esignet-default.properties](docker-compose-esignet/config/esignet-default.properties) file:
-   - Include Issuer ID and credential schema ID for the following properties: `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.static-value-map.issuerId`, `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential-type}.cred-schema-id`.
+6. Create a folder with name loader_path [here](docker-compose/docker-compose-certify).
+7. Add the jar file of Digital Credential Stack(DCS) plugin implementations for eSignet and certify:
+     * For eSignet create a folder with name esignet inside loader_path folder created in the above step and add the jar files inside the folder.
+       *  JAR file for sunbird can be downloaded [here](https://mvnrepository.com/artifact/io.mosip.esignet.sunbirdrc/sunbird-rc-esignet-integration-impl).
+       *  JAR file for mock identity can be downloaded [here](https://repo1.maven.org/maven2/io/mosip/esignet/mock/mock-esignet-integration-impl/0.9.2/mock-esignet-integration-impl-0.9.2.jar)
+     * For certify create a folder with name certify inside loader_path folder created in the above step and add the jar file inside the folder. The JAR can be built [from source](https://github.com/mosip/digital-credential-plugins/tree/INJICERT-13/sunbird-rc-certify-integration-impl).
+8. Modify the properties of the Esignet and Certify services located in the [esignet-default.properties](docker-compose/docker-compose-certify/config/esignet-default.properties) and [certify-default.properties](docker-compose/docker-compose-certify/config/certify-default.properties) files respectively.
+   - Include Issuer ID and credential schema ID for the following properties: 
+     - esignet-default-properties:
+       - `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.static-value-map.issuerId`.
+       - `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential-type}.cred-schema-id`.
+     - certify-default.properties:
+       - `mosip.certify.vciplugin.sunbird-rc.credential-type.{credential type}.static-value-map.issuerId`.
+       - `mosip.certify.vciplugin.sunbird-rc.credential-type.{credential-type}.cred-schema-id`.
    - The `$.schema[0].author` DID goes to the config ending in issuerId and `$.schema[0].id` DID goes to the config ending in `cred-schema-id`.
-8. Once the Esignet properties are configured, proceed to select Esignet from the options provided for eSignet.
-9. Download the postman collection and environment for sunbird use case from [here](https://github.com/mosip/digital-credential-plugins/tree/master/sunbird-rc-esignet-integration-impl/postman-collections).
-10. Create Client from Create OIDC client API, add redirect uri 'http://localhost:3001', add auth-factor 'mosip:idp:acr:knowledge' to the request body.
-11. Change `aud` variable in environment to 'http://localhost:8088/v1/esignet/oauth/v2/token' and set `audUrl` to http://localhost:8088
-12. Perform a Knowledge based authentication(KBA) as specified in the Postman collection.
+9. Once the Esignet and Certify properties are configured, proceed to select Certify from the option provided in the installation steps.
+10. The installation of Certify will encompass the following services:
+    * [Esignet Service](https://github.com/mosip/esignet)
+    * [Certify Service](https://github.com/mosip/inji-certify)
+11. Download the postman collection and environment for sunbird use case from [here](docker-compose/docker-compose-certify/postman-collections).
+12. Create Client from Create OIDC client API, add redirect uri 'http://localhost:3001'.
+13. Change `aud` variable in environment to 'http://localhost:8088/v1/esignet/oauth/v2/token' and set `audUrl` to http://localhost:8088
+14. Perform a Knowledge based authentication(KBA) as specified in the Postman collection.
     * perform the authorize callback request
     * in the /authorization/authenticate request update the challenge to a URL-safe base64 encoded string with the KBA details such as `{"fullName":"Abhishek Gangwar","dob":"1967-10-24"}`, one can use an [online base64 encoding service](https://base64encode.org) for the same.
-    * in the /vci/credential api inside pre-request script section change the aud env variable to  -> "aud" : pm.environment.get('audUrl')
+    * in the /issuance/credential api inside pre-request script section change the aud env variable to  -> "aud" : pm.environment.get('audUrl')
 
 ## Properties for custom use case
 
-- Sample schemas for Insurance registry are provided [here](docker-compose-sunbird/schemas), change it according to use case.
+- Sample schemas for Insurance registry are provided [here](docker-compose/docker-compose-sunbird/schemas), change it according to use case.
 - Change these properties for different use case `mosip.esignet.authenticator.sunbird-rc.auth-factor.kba.field-details`,`mosip.esignet.authenticator.sunbird-rc.auth-factor.kba.individual-id-field`
 - Add the Sunbird registry URL for these properties: `mosip.esignet.vciplugin.sunbird-rc.issue-credential-url`,`mosip.esignet.authenticator.sunbird-rc.auth-factor.kba.registry-search-url`.
-- Specify the list of supported credential types using the property: `mosip.esignet.vciplugin.sunbird-rc.supported-credential-types`.
-- For each supported credential type change the below properties. Sample properties are provided in the [default properties](docker-compose-esignet/config/esignet-default.properties) file.
-   * Issuer id `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.static-value-map.issuerId`
-   * Credential schema id `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.cred-schema-id`
-   * Registry Url `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.registry-get-url`
-   * Template Url `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.template-url`
-   * Credential schema version `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.cred-schema-version`
-- Define the list of supported scopes using: `mosip.esignet.supported.credential.scopes`, and for each scope, map the resource accordingly at `mosip.esignet.credential.scope-resource-mapping`.
-- Change this property for different credential types supported `mosip.esignet.vci.key-values` based on OID4VCI version.
+- Specify the list of supported credential types for these properties:
+  - esignet-default-properties:
+    - `mosip.esignet.vciplugin.sunbird-rc.supported-credential-types`.
+  - certify-default.properties:
+    - `mosip.certify.vciplugin.sunbird-rc.supported-credential-types`.
+- For each supported credential type change the below properties. Sample properties are provided in the [eSignet default properties](docker-compose/docker-compose-certify/config/esignet-default.properties) and [Certify default properties](docker-compose/docker-compose-certify/config/certify-default.properties).
+  * esignet-default-properties:
+    * Issuer id `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.static-value-map.issuerId`
+    * Credential schema id `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.cred-schema-id`
+    * Registry Url `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.registry-get-url`
+    * Template Url `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.template-url`
+    * Credential schema version `mosip.esignet.vciplugin.sunbird-rc.credential-type.{credential type}.cred-schema-version`
+    * Define the list of supported scopes using: `mosip.esignet.supported.credential.scopes`, and for each scope, map the resource accordingly at `mosip.esignet.credential.scope-resource-mapping`.
+    * Change these properties for different credential types supported `mosip.esignet.vci.key-values` based on OID4VCI version.
+  * certify-default-properties:
+    * Issuer id  `mosip.certify.vciplugin.sunbird-rc.credential-type.{credential type}.static-value-map.issuerId`
+    * Credential schema id  `mosip.certify.vciplugin.sunbird-rc.credential-type.{credential type}.cred-schema-id`
+    * Registry Url `mosip.certify.vciplugin.sunbird-rc.credential-type.{credential type}.registry-get-url`
+    * Template Url `mosip.certify.vciplugin.sunbird-rc.credential-type.{credential type}.template-url`
+    * Credential schema version  `mosip.certify.vciplugin.sunbird-rc.credential-type.{credential type}.cred-schema-version`
+    * Change these properties for different credential types supported `mosip.certify.key-values` based on OID4VCI version.
 
 ## Troubleshooting
 
@@ -87,4 +113,4 @@ Execute installation script
       *  [Registry](https://github.com/challabeehyv/sunbird-devops/tree/main/deploy-as-code/helm/demo-mosip-registry)
       *  [Credential service, Credential schema service & Identity service](https://github.com/Sunbird-RC/devops/tree/main/deploy-as-code/helm/v2)
       *  [Vault](https://github.com/challabeehyv/sunbird-devops/blob/main/deploy-as-code/helm/v2/README.md#vault-deployment)
-   * [Esignet](https://github.com/mosip/esignet/tree/develop/helm)
+   * [Esignet](https://github.com/mosip/esignet/tree/develop/helm)