Skip to content

Commit

Permalink
Merge pull request #306 from catenax-ng/release/v3.0.0-data-sovereignty
Browse files Browse the repository at this point in the history
feat(data-sovereignty): policy configuration in backend enabled
  • Loading branch information
matbmoser authored May 10, 2024
2 parents 7b5b84b + cce58cf commit d9e97d4
Show file tree
Hide file tree
Showing 49 changed files with 2,710 additions and 562 deletions.
2 changes: 1 addition & 1 deletion AUTHORS.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ The following people have contributed to this repository:
* Jochen Braun, CGI, https://github.com/jocbra
* Muhammad Saud Khan, CGI, https://github.com/saudkhan116
* Mathias Brunkow Moser, CGI, https://github.com/matbmoser
* David Zynda, BASF, https://github.com/davidzynda
* David Zynda, https://github.com/davidzynda
* Diogo Parracho, CGI, https://github.com/dsrparracho

Please add yourself to this list, if you contribute to the content.
2 changes: 1 addition & 1 deletion charts/digital-product-pass/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ type: application
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)

version: 2.3.0
version: 2.3.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
12 changes: 11 additions & 1 deletion charts/digital-product-pass/templates/configmap-backend.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ data:
root: {{ tpl (.Values.backend.logging.level.root | default "INFO") . | quote }}
# -- logging for the util components
utils: {{ tpl (.Values.backend.logging.level.utils | default "INFO") . | quote }}
configuration:
# -- max retries for the backend services
maxRetries: {{ .Values.backend.maxRetries }}
Expand Down Expand Up @@ -107,6 +107,11 @@ data:
temporaryStorage:
enabled: {{ .Values.backend.digitalTwinRegistry.temporaryStorage.enabled }}
lifetime: {{ .Values.backend.digitalTwinRegistry.temporaryStorage.lifetime }}
# -- policy configuration for the digital twin registries negotiation
policyCheck:
enabled: {{ .Values.backend.digitalTwinRegistry.policyCheck.enabled }}
strictMode: {{ .Values.backend.digitalTwinRegistry.policyCheck.strictMode }}
policies: {{- toYaml .Values.backend.digitalTwinRegistry.policyCheck.policies | nindent 10 }}
# -- discovery configuration
discovery:
# -- discovery finder configuration
Expand Down Expand Up @@ -138,6 +143,11 @@ data:
dir: "data/transfer"
# -- passport versions and aspects allowed
aspects: {{- toYaml .Values.backend.passport.aspects | nindent 10 }}
# -- policy configuration for passport retrieval (for auto-signing only)
policyCheck:
enabled: {{ .Values.backend.passport.policyCheck.enabled }}
strictMode: {{ .Values.backend.passport.policyCheck.strictMode }}
policies: {{- toYaml .Values.backend.passport.policyCheck.policies | nindent 10 }}
# -- configuration of the spring boot server
server:
# -- configuration of backend errors
Expand Down
1 change: 1 addition & 0 deletions charts/digital-product-pass/values-int.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ backend:
xApiKey: <path:material-pass/data/int/edc/oauth#api.key>
participantId: &bpn <path:material-pass/data/int/edc/participant#bpnNumber>
hostname: "materialpass.int.demo.catena-x.net/consumer"


hostname: *hostname
securityCheck:
Expand Down
45 changes: 43 additions & 2 deletions charts/digital-product-pass/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,29 @@ backend:
- "urn:bamm:io.catenax.battery.battery_pass:3.0.1#BatteryPass"
- "urn:bamm:io.catenax.transmission.transmission_pass:1.0.0#TransmissionPass"
- "urn:samm:io.catenax.generic.digital_product_passport:2.0.0#DigitalProductPassport"

# -- configuration for policies to filter in the digital product pass asset negotiation
policyCheck:
# -- condition to enable and disable the policy check
enabled: true
# -- the strict mode is quicker (uses hashes) and requires less computation complexity, the default mode is comparing against every single object value
strictMode: false
# -- list of allowed policies that can be selected from the edc catalog in negotiations
policies:
- permission:
- action: "USE"
logicalConstraint: "odrl:and"
constraints:
- leftOperand: "cx-policy:Membership"
operator: "odrl:eq"
rightOperand: "active"
- leftOperand: "cx-policy:FrameworkAgreement"
operator: "odrl:eq"
rightOperand: "circulareconomy:1.0"
- leftOperand: "cx-policy:UsagePurpose"
operator: "odrl:eq"
rightOperand: "cx.circular.dpp:1"
prohibition: []
obligation: []
digitalTwinRegistry:
endpoints:
search: "/lookup/shells"
Expand All @@ -201,7 +223,26 @@ backend:
enabled: true
# -- lifetime of the temporaryStorage in hours
lifetime: 12

# -- policy configuration for the digital twin assets in the edc catalog
policyCheck:
# -- condition to enable and disable the policy check
enabled: true
# -- the strict mode is quicker (uses hashes) and requires less computation complexity, the default mode is comparing against every single object value
strictMode: false
# -- list of allowed policies that can be selected from the edc catalog in negotiations
policies:
- permission:
- action: "USE"
logicalConstraint: "odrl:and"
constraints:
- leftOperand: "cx-policy:Membership"
operator: "odrl:eq"
rightOperand: "active"
- leftOperand: "cx-policy:UsagePurpose"
operator: "odrl:eq"
rightOperand: "cx.core.digitalTwinRegistry:1"
prohibition: []
obligation: []
# -- discovery configuration
discovery:
# -- discovery finder configuration
Expand Down
Loading

0 comments on commit d9e97d4

Please sign in to comment.