Merge pull request #253 from catenax-ng/main

Quality gate issue fixes

.github/workflows/docker-image-main_backend.yml

@@ -76,4 +76,4 @@ jobs:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
           repository: ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.BACKEND_IMAGE_DOCKER_HUB }}
-          readme-filepath: DOCKER_NOTICE.md
+          readme-filepath: README.md

.github/workflows/docker-image-main_frontend.yml

@@ -73,4 +73,4 @@ jobs:
           username: ${{ env.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
           repository: ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.FRONTEND_IMAGE_DOCKER_HUB }}
-          readme-filepath: DOCKER_NOTICE.md
+          readme-filepath: README.md

.github/workflows/docker-image-tag-release.yaml

@@ -76,7 +76,7 @@ jobs:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
           repository: ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.FRONTEND_IMAGE_DOCKER_HUB }}
-          readme-filepath: DOCKER_NOTICE.md
+          readme-filepath: README.md
 
   Release-docker-image-backend:
     runs-on: ubuntu-latest
@@ -150,5 +150,5 @@ jobs:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
           repository: ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{env.BACKEND_IMAGE_DOCKER_HUB}}
-          readme-filepath: DOCKER_NOTICE.md
+          readme-filepath: README.md
 

.github/workflows/trivy.yml

@@ -27,15 +27,21 @@ permissions:
   contents: read
 
 env:
-  REGISTRY: ghcr.io
   JAVA_VERSION: 17
   COMMIT_SHA: ${{ github.sha }}
 
 jobs:
   build-frontend:
     permissions:
+      actions: read
       contents: read # for actions/checkout to fetch code
       security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+
     name: Build frontend
     runs-on: ubuntu-latest
     defaults:
@@ -46,12 +52,12 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Build an image from Dockerfile
-        run: docker build -t docker.io${{ env.REGISTRY }}/${{ github.repository }}:fe_${{ github.sha }} .
+        run: docker build -t localhost:5000/traceability-foss:fe_${{ github.sha }} .
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.11.2
         with:
-          image-ref: 'docker.io${{ env.REGISTRY }}/${{ github.repository }}:fe_${{ github.sha }}'
+          image-ref: 'localhost:5000/traceability-foss:fe_${{ github.sha }}'
           format: "sarif"
           exit-code: "1"
           output: 'trivy-results.sarif'
@@ -95,6 +101,11 @@ jobs:
       actions: read
       contents: read
       security-events: write
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
 
     steps:
       - name: Checkout repository
@@ -146,12 +157,12 @@ jobs:
         with:
           context: .
           push: false
-          tags: ${{ env.REGISTRY }}/${{ github.repository }}:trivy
+          tags: localhost:5000/traceability-foss:trivy
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.11.2
         with:
-          image-ref: ${{ env.REGISTRY }}/${{ github.repository }}:trivy
+          image-ref: localhost:5000/traceability-foss:trivy
           trivyignores: "./.github/workflows/.trivyignore"
           format: "sarif"
           output: "trivy-results2.sarif"

CHANGELOG.md

@@ -9,6 +9,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 - OAuth2 client credentials rest template interceptor
 - Configuration for left and right policies to use registry client library
+- Add support for JustInSequence aspect model
 - TRG Github Action Pipeline for quality checks
 - ErrorMessage field to investigation and alerts
 
@@ -18,7 +19,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - Update asBuild test data to 1.5.3 and asPlanned to 1.5.1
 - Changed transfer notification logic not to break iteration loop when sending notifications to bpn with more than 1 connector endpoints
 - Decentral flow only using bpn for resolving globalAssetIds
--
+- Logic of commitId retrieval by frontend has changed
+- Readme / Docker Notice information as required in TRGs
+- Removed references to GitHub registry and added docker hub for tractusx instead
+
 ### Removed
 
 ## [6.0.0 - 2023-07-21]

README.md

@@ -153,22 +153,31 @@ mvn -DskipTests=false clean verify
 The project follows [OpenAPI Specification](https://swagger.io/specification/) in order to document implemented REST Endpoints. The documentation can be found under [/openapi directory](https://github.com/eclipse-tractusx/traceability-foss/blob/main/tx-backend/openapi/traceability-foss-backend.json)
 or can be viewed in the Swagger UI accessing the url: `{projectBasePath}/api/swagger-ui/index.html`
 
-## Container image
+## License
 
-This application provides container images for demonstration purposes.Here you can finde the [BE Images](https://hub.docker.com/r/tractusx/traceability-foss) and the [FE Images](https://hub.docker.com/r/tractusx/traceability-foss-frontend).
-The base images used, to build these demo application images are `eclipse-temurin:17-jre-alpine` and `node:18-alpine`
+[Apache License 2.0](https://github.com/eclipse-tractusx/traceability-foss/blob/main/LICENSE)
 
-Docker Hub:
-- [eclipse-temurin](https://hub.docker.com/_/eclipse-temurin)
-- [17-jre-alpine image](https://hub.docker.com/layers/library/eclipse-temurin/17-jre-alpine/images/sha256-c26a727c4883eb73d32351be8bacb3e70f390c2c94f078dc493495ed93c60c2f?context=explore)
-- [node](https://hub.docker.com/_/node)
-- [18-alpine image](https://hub.docker.com/layers/library/node/18-alpine/images/sha256-19eaf41f3b8c2ac2f609ac8103f9246a6a6d46716cdbe49103fdb116e55ff0cc?context=explore)
+## Notice for Docker image
 
-Source:
-- [temurin-build](https://github.com/adoptium/temurin-build)
-- [temurin docker repo info](https://github.com/docker-library/repo-info/tree/master/repos/eclipse-temurin)
-- [node-build](https://github.com/nodejs/docker-node)
+This application provides container images for demonstration purposes.
 
-## License
+Eclipse Tractus-X product(s) installed within the image:
 
-[Apache License 2.0](https://github.com/eclipse-tractusx/traceability-foss/blob/main/LICENSE)
+DockerHub Backend: https://hub.docker.com/r/tractusx/traceability-foss
+DockerHub Frontend: https://hub.docker.com/r/tractusx/traceability-foss-frontend
+
+- GitHub: https://github.com/eclipse-tractusx/traceability-foss
+- Project home: https://projects.eclipse.org/projects/automotive.tractusx
+- Dockerfile Backend: https://github.com/eclipse-tractusx/traceability-foss/blob/main/Dockerfile
+- Dockerfile Frontend: https://github.com/eclipse-tractusx/traceability-foss/blob/main/frontend/Dockerfile
+- Project license: [Apache License, Version 2.0](https://github.com/eclipse-tractusx/traceability-foss/blob/main/LICENSE)
+
+**Used base image**
+- [eclipse-temurin:20-jre-alpine](https://github.com/adoptium/containers)
+- Official Eclipse Temurin DockerHub page: https://hub.docker.com/_/eclipse-temurin
+- Eclipse Temurin Project: https://projects.eclipse.org/projects/adoptium.temurin
+- Additional information about the Eclipse Temurin images: https://github.com/docker-library/repo-info/tree/master/repos/eclipse-temurin
+
+As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
+
+As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.

charts/traceability-foss/charts/backend/values.yaml

@@ -21,7 +21,7 @@
 replicaCount: 1
 
 image:
-  repository: ghcr.io/catenax-ng/tx-traceability-foss
+  repository: tractusx/tx-traceability-foss
   pullPolicy: Always
 
 ##

charts/traceability-foss/charts/frontend/templates/deployment.yaml

@@ -76,6 +76,8 @@ spec:
               value: "{{ .Values.image.CATENAX_PORTAL_BACKEND_DOMAIN }}"
             - name: CATENAX_PORTAL_URL
               value: "{{ .Values.image.CATENAX_PORTAL_URL }}"
+            - name: GIT_TAG
+              value: "{{ .Values.image.tag }}"
           ports:
             - name: http
               containerPort: {{ .Values.service.port }}

charts/traceability-foss/charts/frontend/values.yaml

@@ -20,7 +20,7 @@
 replicaCount: 1
 
 image:
-  repository: ghcr.io/catenax-ng/tx-traceability-foss
+  repository: tractusx/tx-traceability-foss
   pullPolicy: Always
 
 ##

charts/traceability-foss/values.yaml

@@ -37,7 +37,7 @@ frontend:
   replicaCount: 1
 
   image:
-    repository: ghcr.io/catenax-ng/tx-traceability-foss
+    repository: tractusx/tx-traceability-foss
     pullPolicy: Always
 
 
@@ -153,7 +153,7 @@ backend:
   replicaCount: 1
 
   image:
-    repository: ghcr.io/catenax-ng/tx-traceability-foss
+    repository: tractusx/tx-traceability-foss
     pullPolicy: Always
 
   springprofile: dev  # will be set as dev

dev/README.md

@@ -32,37 +32,37 @@ Keep in mind to always update DEV and TEST since they are dependend on each othe
 Sample invocation (DEV)
 
 ```
-python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.7.json -s https://tracex-submodel-server.dev.demo.catena-x.net -edc https://trace-x-edc.dev.demo.catena-x.net -a https://trace-x-registry.dev.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-dataplane.dev.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
+python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.8.json -s https://tracex-submodel-server.dev.demo.catena-x.net -edc https://trace-x-edc.dev.demo.catena-x.net -a https://trace-x-registry.dev.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-dataplane.dev.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
 ```
 
 Sample invocation (TEST)
 
 ```
-python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.7.json -s https://tracex-submodel-server-test.dev.demo.catena-x.net -edc https://trace-x-test-edc.dev.demo.catena-x.net -a https://trace-x-registry-test.dev.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-test-edc-dataplane.dev.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
+python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.8.json -s https://tracex-submodel-server-test.dev.demo.catena-x.net -edc https://trace-x-test-edc.dev.demo.catena-x.net -a https://trace-x-registry-test.dev.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-test-edc-dataplane.dev.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
 ```
 
 Sample invocation (E2E A)
 
 ```
-python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.7.json -s https://tracex-submodel-server-e2e-a.dev.demo.catena-x.net -edc https://trace-x-edc-e2e-a.dev.demo.catena-x.net -a https://trace-x-registry-e2e-a.dev.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-e2e-a-dataplane.dev.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
+python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.8.json -s https://tracex-submodel-server-e2e-a.dev.demo.catena-x.net -edc https://trace-x-edc-e2e-a.dev.demo.catena-x.net -a https://trace-x-registry-e2e-a.dev.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-e2e-a-dataplane.dev.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
 ```
 
 Sample invocation (E2E B)
 
 ```
-python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.7.json -s https://tracex-submodel-server-e2e-b.dev.demo.catena-x.net -edc https://trace-x-edc-e2e-b.dev.demo.catena-x.net -a https://trace-x-registry-e2e-b.dev.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-e2e-b-dataplane.dev.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
+python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.8.json -s https://tracex-submodel-server-e2e-b.dev.demo.catena-x.net -edc https://trace-x-edc-e2e-b.dev.demo.catena-x.net -a https://trace-x-registry-e2e-b.dev.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-e2e-b-dataplane.dev.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
 ```
 
 Sample invocation (INT A)
 
 ```
-python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.7.json -s https://tracex-submodel-server-int-a.int.demo.catena-x.net -edc https://trace-x-edc-int-a.int.demo.catena-x.net -a https://trace-x-registry-int-a.int.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-int-a-dataplane.int.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
+python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.8.json -s https://tracex-submodel-server-int-a.int.demo.catena-x.net -edc https://trace-x-edc-int-a.int.demo.catena-x.net -a https://trace-x-registry-int-a.int.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-int-a-dataplane.int.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
 ```
 
 Sample invocation (INT B)
 
 ```
-python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.7.json -s https://tracex-submodel-server-int-b.int.demo.catena-x.net -edc https://trace-x-edc-int-b.int.demo.catena-x.net -a https://trace-x-registry-int-b.int.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-int-b-dataplane.int.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
+python transform-and-upload.py -f CX_Testdata_MessagingTest_v0.0.8.json -s https://tracex-submodel-server-int-b.int.demo.catena-x.net -edc https://trace-x-edc-int-b.int.demo.catena-x.net -a https://trace-x-registry-int-b.int.demo.catena-x.net/semantics/registry/api/v3.0 -d https://trace-x-edc-int-b-dataplane.int.demo.catena-x.net -p id-3.0-trace -k <apiKey> --aas3
 ```
 
 where: