-
Notifications
You must be signed in to change notification settings - Fork 23
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #592 from catenax-ng/main
Security related adjustments
- Loading branch information
Showing
40 changed files
with
7,550 additions
and
285 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,5 @@ | ||
# ref https://github.com/catenax-ng/product-traceability-foss-backend/security/code-scanning/1419 | ||
CVE-2022-25857 | ||
# ref https://github.com/catenax-ng/tx-traceability-foss/security/code-scanning/6879 | ||
# this is acceptable due to custom environment variable injection script which is executed upon FE container startup | ||
AVD-KSV-0014 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
[#_portal_configuration] | ||
= Portal Configuration | ||
//:allow-uri-read: | ||
:icons: font | ||
:icon-set: fas | ||
The following process is required to successfully connect to the portal: | ||
== Company Registration | ||
https://portal.int.demo.catena-x.net/documentation[How To] | ||
=== Additional info | ||
Each instance of trace-x reflects an own company, which is associated with one BPN. | ||
== User Registration | ||
https://portal.int.demo.catena-x.net/documentation/[How To] | ||
=== Additional info | ||
The user registration is a self service. Each user can have one or multiple trace-x roles assigned. | ||
== Connector Registration | ||
https://portal.int.demo.catena-x.net/documentation/[How To] | ||
=== Additional info | ||
A connector in the context of trace-x is a Eclipse-Dataspace-Connector. This connector needs to be configured by the public controlplane url. | ||
== App Registration | ||
https://portal.int.demo.catena-x.net/documentation/[How To] | ||
=== Additional info | ||
A connector in the context of trace-x is a Eclipse-Dataspace-Connector. This connector needs to be configured by the public controlplane url. | ||
== Create App Subscription | ||
https://portal.int.demo.catena-x.net/documentation/[How To] | ||
=== Additional info | ||
An app subscription is necessary to be able to setup a frontend url which will be authorized through keycloak and accessible with the portal. | ||
== Activate App Subscription | ||
https://portal.int.demo.catena-x.net/documentation/[How To] | ||
=== Additional info | ||
The app subscription needs to be activated from all instances which want to participate in the trace-x use case. | ||
== Retrieve Wallet Configuration | ||
https://portal.int.demo.catena-x.net/documentation/[How To] |
65 changes: 65 additions & 0 deletions
65
docs/src/docs/concepts/#534-policies/policy-handling-tracex.puml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
@startuml | ||
skinparam monochrome true | ||
skinparam shadowing false | ||
skinparam defaultFontName "Architects daughter" | ||
title Sequence Diagram: TraceX Interaction with IRS on startup | ||
participant "TraceXConfig" as Config | ||
participant "TraceX" as TraceX | ||
participant "IRS " as IRS | ||
|
||
Config -> TraceX : ID 3.0 Trace | ||
TraceX -> IRS : Get Policies | ||
IRS -> TraceX: Return policies (Default Policies from IRS (C1: Membership, C2: Framework, C3: ID3.0) | ||
TraceX -> IRS : Create(not exists) or update(exists) | ||
|
||
@enduml | ||
|
||
|
||
@startuml | ||
skinparam monochrome true | ||
skinparam shadowing false | ||
skinparam defaultFontName "Architects daughter" | ||
|
||
title Sequence Diagram: TraceX Interaction with EDC on startup (As is) | ||
participant "TraceXConfig" as Config | ||
participant "TraceX" as TraceX | ||
participant "EDC " as EDC | ||
Config -> TraceX : ID 3.0 Trace | ||
TraceX -> EDC : Create notification asset, policy, definition | ||
@enduml | ||
|
||
@startuml | ||
skinparam monochrome true | ||
skinparam shadowing false | ||
skinparam defaultFontName "Architects daughter" | ||
|
||
title Sequence Diagram: TraceX Interaction with EDC on startup (To be) | ||
participant "IRS" as IRS | ||
participant "TraceX" as TraceX | ||
participant "EDC " as EDC | ||
TraceX -> IRS: Get Policies | ||
IRS -> TraceX : return policy(c1,c2,c3,c4) | ||
TraceX -> EDC : Create notification asset, policy, definition | ||
@enduml | ||
|
||
@startuml | ||
skinparam monochrome true | ||
skinparam shadowing false | ||
skinparam defaultFontName "Architects daughter" | ||
|
||
title Sequence Diagram: Sending notifications | ||
participant "TraceX" as TraceX | ||
participant "TraceXIRSLib" as TraceXIRSLib | ||
participant "IRS " as IRS | ||
participant "EDC " as EDC | ||
|
||
TraceX -> TraceX: ... | ||
TraceX -> EDC: Get catalog | ||
EDC -> TraceX: -> Return catalog | ||
TraceX -> TraceX: Filter for notification type (alert / investigation) / method(update, receive) | ||
TraceX -> TraceXIRSLib: Validate if catalog policy matches the configured policies in IRS Lib (3 Default Policies) | ||
TraceXIRSLib -> TraceX: Valid | ||
TraceX -> EDC: Send out notification | ||
@enduml | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.