diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 568318c8a22c825dfbd50b392ba2aa4ed3bed9d4..b6f4da1152f97ba32b9db94cfc63325919036d66 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,39 +1,9 @@
-# image: node:18
-#
-variables:
- GIT_DEPTH: 0
- DEPLOY_PID: "649"
- # Value must be the deploy project id
- DEPLOYMENT_TRIGGER_TOKEN: "glptt-c4145ab70634cdbb509d4eafec72c51df82bd290"
- # Value must be the deployment project pipeline trigger token, found/created at PROJECT > SETTINGS > CI/CD > Pipeline triggers
- # Best to place this variable in Project >> Settings >> CI/CD >> Variables
- SSH_CLONE_URL: 'git@code.vereign.com:gaiax/ocm/ocm-engine.git'
- # Value must be the project ssh clone url
- RUNNER_TAG: 'amd64-docker'
- # Value must be the runner label/tag for the runner which will execute these jobs
- PIPELINE_TRIGGERED: "no"
- # Needed for pipeline automation
-
-###
-### ADD HELPERS
-####
-
include:
- - project: 'helpers/ci-helpers'
- file:
- - 'builds.yml'
- - 'registries.yml'
- project: 'gaiax/helpers/mono-helpers'
file:
- - 'builds/registries.yml'
- - 'builds/builds.yml'
- - 'projects/chart-trigger.yml'
- - 'projects/notifiers.yml'
- - 'deployments/triggers.yml'
-
+ - ocm-engine.yml
stages:
- # - helm-branch-check
- lint
- test
- build
@@ -42,765 +12,223 @@ stages:
- registries
- helm
- deploy-test
- - deploy-stage
- - deploy-prod
-
-.distributed:
- cache:
- - key:
- files:
- - yarn.lock
- paths:
- - '.yarn-cache/'
- before_script:
- - yarn install --cache-folder .yarn-cache --prefer-offline --frozen-lockfile
-
-##
-### Lint microservices
-##
+
+# Lint microservices
lint-agent:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
+ extends: .lint-agent
stage: lint
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/agent/*
- - apps/agent/deployment/*
- - apps/agent/src/*
- - apps/agent/src/app/*
- - if: '$CI_COMMIT_TAG'
- script:
- - yarn nx run agent:lint --parallel=3
lint-attestation-manager:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
+ extends: .lint-attestation-manager
stage: lint
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/attestation-manager/*
- - apps/attestation-manager/deployment/*
- - apps/attestation-manager/src/*
- - apps/attestation-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
- script:
- - yarn nx run attestation-manager:lint --parallel=3
lint-connection-manager:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
+ extends: .lint-connection-manager
stage: lint
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/connection-manager/*
- - apps/connection-manager/deployment/*
- - apps/connection-manager/src/*
- - apps/connection-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
- script:
- - yarn nx run connection-manager:lint --parallel=3
-lint-gateway:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
+lint-proof-manager:
+ extends: .lint-proof-manager
stage: lint
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/gateway/*
- - apps/gateway/deployment/*
- - apps/gateway/src/*
- - apps/gateway/src/app/*
- - if: '$CI_COMMIT_TAG'
- script:
- - yarn nx run gateway:lint --parallel=3
-lint-proof-manager:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
+lint-gateway:
+ extends: .lint-gateway
stage: lint
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/proof-manager/*
- - apps/proof-manager/deployment/*
- - apps/proof-manager/src/*
- - apps/proof-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
- script:
- - yarn nx run proof-manager:lint --parallel=3
-
-##
-### Test microservices
-##
+
+# Test microservices
test-agent:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/agent/*
- - apps/agent/deployment/*
- - apps/agent/src/*
- - apps/agent/src/app/*
- - if: '$CI_COMMIT_TAG'
+ extends: .test-agent
stage: test
- script:
- - yarn nx run agent:test --configuration=ci --parallel=3
test-attestation-manager:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes"'
- changes:
- - apps/attestation-manager/*
- - apps/attestation-manager/deployment/*
- - apps/attestation-manager/src/*
- - apps/attestation-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
+ extends: .test-attestation-manager
stage: test
- script:
- - yarn nx run attestation-manager:test --configuration=ci --parallel=3
test-connection-manager:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes"'
- changes:
- - apps/connection-manager/*
- - apps/connection-manager/deployment/*
- - apps/connection-manager/src/*
- - apps/connection-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
+ extends: .test-connection-manager
stage: test
- script:
- - yarn nx run connection-manager:test --configuration=ci --parallel=3
-test-gateway:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes"'
- changes:
- - apps/gateway/*
- - apps/gateway/deployment/*
- - apps/gateway/src/*
- - apps/gateway/src/app/*
- - if: '$CI_COMMIT_TAG'
+test-proof-manager:
+ extends: .test-proof-manager
stage: test
- script:
- - yarn nx run gateway:test --configuration=ci --parallel=3
-test-proof-manager:
- image: node:18
- extends: .distributed
- tags:
- - amd64-docker
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes"'
- changes:
- - apps/proof-manager/*
- - apps/proof-manager/deployment/*
- - apps/proof-manager/src/*
- - apps/proof-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
+test-gateway:
+ extends: .test-gateway
stage: test
- script:
- - yarn nx run proof-manager:test --configuration=ci --parallel=3
-##
-### Bare microservice build
-##
+# Bare microservice build
build-agent:
- image: node:18
- extends: .distributed
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/agent/*
- - apps/agent/deployment/*
- - apps/agent/src/*
- - apps/agent/src/app/*
- - if: '$CI_COMMIT_TAG'
- tags:
- - amd64-docker
+ extends: .build-agent
stage: build
- script:
- # parallel is a CPU core count
- - yarn nx run agent:build:production --parallel=3
- artifacts:
- paths:
- - ./dist
- - ./package.json
- - ./yarn.lock
- expire_in: 1 day
build-attestation-manager:
- image: node:18
- extends: .distributed
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/attestation-manager/*
- - apps/attestation-manager/deployment/*
- - apps/attestation-manager/src/*
- - apps/attestation-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
- tags:
- - amd64-docker
+ extends: .build-attestation-manager
stage: build
- script:
- # parallel is a CPU core count
- - yarn nx run attestation-manager:build:production --parallel=3
- artifacts:
- paths:
- - ./dist
- - ./package.json
- - ./yarn.lock
- expire_in: 1 day
build-connection-manager:
- image: node:18
- extends: .distributed
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/connection-manager/*
- - apps/connection-manager/deployment/*
- - apps/connection-manager/src/*
- - apps/connection-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
- tags:
- - amd64-docker
+ extends: .build-connection-manager
stage: build
- script:
- # parallel is a CPU core count
- - yarn nx run connection-manager:build:production --parallel=3
- artifacts:
- paths:
- - ./dist
- - ./package.json
- - ./yarn.lock
- expire_in: 1 day
-build-gateway:
- image: node:18
- extends: .distributed
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/gateway/*
- - apps/gateway/deployment/*
- - apps/gateway/src/*
- - apps/gateway/src/app/*
- - if: '$CI_COMMIT_TAG'
- tags:
- - amd64-docker
+build-proof-manager:
+ extends: .build-proof-manager
stage: build
- script:
- # parallel is a CPU core count
- - yarn nx run gateway:build:production --parallel=3
- artifacts:
- paths:
- - ./dist
- - ./package.json
- - ./yarn.lock
- expire_in: 1 day
-build-proof-manager:
- image: node:18
- extends: .distributed
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/proof-manager/*
- - apps/proof-manager/deployment/*
- - apps/proof-manager/src/*
- - apps/proof-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
- tags:
- - amd64-docker
+build-gateway:
+ extends: .build-gateway
stage: build
- script:
- # parallel is a CPU core count
- - yarn nx run proof-manager:build:production --parallel=3
- artifacts:
- paths:
- - ./dist
- - ./package.json
- - ./yarn.lock
- expire_in: 1 day
-
-##
-### Docker build microservices
-##
+
+# Docker build microservices
docker-agent:
- extends: .docker-build
+ extends: .docker-agent
stage: docker
- variables:
- APP: agent
- rules:
- - if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/agent/*
- - apps/agent/deployment/*
- - apps/agent/src/*
- - apps/agent/src/app/*
- - if: '$CI_COMMIT_TAG'
docker-attestation-manager:
- extends: .docker-build
+ extends: .docker-attestation-manager
stage: docker
- variables:
- APP: attestation-manager
- rules:
- - if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/attestation-manager/*
- - apps/attestation-manager/deployment/*
- - apps/attestation-manager/src/*
- - apps/attestation-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
docker-connection-manager:
- extends: .docker-build
+ extends: .docker-connection-manager
stage: docker
- variables:
- APP: connection-manager
- rules:
- - if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/connection-manager/*
- - apps/connection-manager/deployment/*
- - apps/connection-manager/src/*
- - apps/connection-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
-docker-gateway:
- extends: .docker-build
+docker-proof-manager:
+ extends: .docker-proof-manager
stage: docker
- variables:
- APP: gateway
- rules:
- - if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/gateway/*
- - apps/gateway/deployment/*
- - apps/gateway/src/*
- - apps/gateway/src/app/*
- - if: '$CI_COMMIT_TAG'
-docker-proof-manager:
- extends: .docker-build
+docker-gateway:
+ extends: .docker-gateway
stage: docker
- variables:
- APP: proof-manager
- rules:
- - if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/proof-manager/*
- - apps/proof-manager/deployment/*
- - apps/proof-manager/src/*
- - apps/proof-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-##
-### Push to registries
-##
-
-google-image-agent:
- extends: .cloud
+
+# Push to registries
+
+registry-agent:
+ extends: .registry-agent
stage: registries
- variables:
- APP: agent
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/agent/*
- - apps/agent/deployment/*
- - apps/agent/src/*
- - apps/agent/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-google-image-attestation-manager:
- extends: .cloud
+
+registry-attestation-manager:
+ extends: .registry-attestation-manager
stage: registries
- variables:
- APP: attestation-manager
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/attestation-manager/*
- - apps/attestation-manager/deployment/*
- - apps/attestation-manager/src/*
- - apps/attestation-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-google-image-connection-manager:
- extends: .cloud
+
+registry-connection-manager:
+ extends: .registry-connection-manager
stage: registries
- variables:
- APP: connection-manager
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/connection-manager/*
- - apps/connection-manager/deployment/*
- - apps/connection-manager/src/*
- - apps/connection-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-google-image-gateway:
- extends: .cloud
+
+registry-proof-manager:
+ extends: .registry-proof-manager
stage: registries
- variables:
- APP: gateway
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/gateway/*
- - apps/gateway/deployment/*
- - apps/gateway/src/*
- - apps/gateway/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-google-image-proof-manager:
- extends: .cloud
+
+registry-gateway:
+ extends: .registry-gateway
stage: registries
- variables:
- APP: proof-manager
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/proof-manager/*
- - apps/proof-manager/deployment/*
- - apps/proof-manager/src/*
- - apps/proof-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-##
-### Configure helm
-##
-
-agent:
- extends: .chart-trigger-agent
+
+# Configure helm
+
+helm-agent:
+ extends: .helm-agent
stage: helm
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/agent/*
- - apps/agent/deployment/*
- - apps/agent/src/*
- - apps/agent/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-attestation-manager:
- extends: .chart-trigger-attestation-manager
+
+helm-attestation-manager:
+ extends: .helm-attestation-manager
stage: helm
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/attestation-manager/*
- - apps/attestation-manager/deployment/*
- - apps/attestation-manager/src/*
- - apps/attestation-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-connection-manager:
- extends: .chart-trigger-connection-manager
+
+helm-connection-manager:
+ extends: .helm-connection-manager
stage: helm
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/connection-manager/*
- - apps/connection-manager/deployment/*
- - apps/connection-manager/src/*
- - apps/connection-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-gateway:
- extends: .chart-trigger-gateway
+
+helm-proof-manager:
+ extends: .helm-proof-manager
stage: helm
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/gateway/*
- - apps/gateway/deployment/*
- - apps/gateway/src/*
- - apps/gateway/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-proof-manager:
- extends: .chart-trigger-proof-manager
+
+helm-gateway:
+ extends: .helm-gateway
stage: helm
- rules:
- - if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- changes:
- - apps/proof-manager/*
- - apps/proof-manager/deployment/*
- - apps/proof-manager/src/*
- - apps/proof-manager/src/app/*
- - if: '$CI_COMMIT_TAG'
-
-##
-### Deploy automatically on Test Environment
-##
-
-agent-test ocm:
+
+deploy agent ocm:
+ extends: .deploy-agent-ocm-main
+ stage: deploy-test
+
+deploy agent ocm tagged:
+ extends: .deploy-agent-ocm-main-tag
+ stage: deploy-test
+
+deploy agent ocm test:
+ extends: .deploy-agent-ocm-test
+ stage: deploy-test
+
+deploy agent ocm test tagged:
+ extends: .deploy-agent-ocm-test-tag
+ stage: deploy-test
+
+deploy attestation ocm:
+ extends: .deploy-attestation-manager-ocm-main
+ stage: deploy-test
+
+deploy attestation ocm tagged:
+ extends: .deploy-attestation-manager-ocm-main-tag
+ stage: deploy-test
+
+deploy attestation ocm test:
+ extends: .deploy-attestation-manager-ocm-test
+ stage: deploy-test
+
+deploy attestation ocm test tagged:
+ extends: .deploy-attestation-manager-ocm-test-tag
+ stage: deploy-test
+
+deploy connection ocm:
+ extends: .deploy-connection-manager-ocm-main
+ stage: deploy-test
+
+deploy connection ocm tagged:
+ extends: .deploy-connection-manager-ocm-main-tag
+ stage: deploy-test
+
+deploy connection ocm test:
+ extends: .deploy-connection-manager-ocm-test
stage: deploy-test
- extends: .test-agent-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "agent" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-agent-test ocm-two:
+deploy connection ocm test tagged:
+ extends: .deploy-connection-manager-ocm-test-tag
stage: deploy-test
- extends: .test-agent-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "agent" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-attestation-manager-test ocm:
+deploy proof ocm:
+ extends: .deploy-proof-manager-ocm-main
stage: deploy-test
- extends: .test-attestation-manager-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "attestation-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-attestation-manager-test ocm-two:
+deploy proof ocm tagged:
+ extends: .deploy-proof-manager-ocm-main-tag
stage: deploy-test
- extends: .test-attestation-manager-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "attestation-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-connection-manager-test ocm:
+deploy proof ocm test:
+ extends: .deploy-proof-manager-ocm-test
stage: deploy-test
- extends: .test-connection-manager-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "connection-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-connection-manager-test ocm-two:
+deploy proof ocm test tagged:
+ extends: .deploy-proof-manager-ocm-test-tag
stage: deploy-test
- extends: .test-connection-manager-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "connection-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-gateway-test ocm:
+deploy gateway ocm:
+ extends: .deploy-gateway-ocm-main
stage: deploy-test
- extends: .test-gateway-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "gateway" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-gateway-test ocm-two:
+deploy gateway ocm tagged:
+ extends: .deploy-gateway-ocm-main-tag
stage: deploy-test
- extends: .test-gateway-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "gateway" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-proof-manager-test ocm:
+deploy gateway ocm test:
+ extends: .deploy-gateway-ocm-test
stage: deploy-test
- extends: .test-proof-manager-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "proof-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-proof-manager-test ocm-two:
+deploy gateway ocm test tagged:
+ extends: .deploy-gateway-ocm-test-tag
stage: deploy-test
- extends: .test-proof-manager-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "proof-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
- when: manual
-
-##
-### Deploy on prod
-##
-
-agent-prod ocm:
- stage: deploy-prod
- extends: .prod-agent-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "agent" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-agent-prod ocm-two:
- stage: deploy-prod
- extends: .prod-agent-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "agent" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-attestation-manager-prod ocm:
- stage: deploy-prod
- extends: .prod-attestation-manager-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "attestation-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-attestation-manager-prod ocm-two:
- stage: deploy-prod
- extends: .prod-attestation-manager-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "attestation-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-connection-manager-prod ocm:
- stage: deploy-prod
- extends: .prod-connection-manager-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "connection-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-connection-manager-prod ocm-two:
- stage: deploy-prod
- extends: .prod-connection-manager-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "connection-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-gateway-prod ocm:
- stage: deploy-prod
- extends: .prod-gateway-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "gateway" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-gateway-prod ocm-two:
- stage: deploy-prod
- extends: .prod-gateway-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "gateway" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-proof-manager-prod ocm:
- stage: deploy-prod
- extends: .prod-proof-manager-ocm-one
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "proof-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-proof-manager-prod ocm-two:
- stage: deploy-prod
- extends: .prod-proof-manager-ocm-two
- rules:
- - if: '$PIPELINE_TRIGGERED == "yes" && $APP == "proof-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
- when: manual
-
-##
-### Deploy manual on Stage Environment
-##
-
-# deploy agent stage:
-# stage: deploy-stage
-# only:
-# refs:
-# - master
-# - tags
-# changes:
-# - apps/agent/*
-# tags:
-# - amd64-docker
-# script:
-# - echo "create docker file under agent/deployment/ci"
-# when: manual
-
-# deploy engine stage:
-# stage: deploy-stage
-# only:
-# refs:
-# - master
-# - tags
-# changes:
-# - apps/engine/*
-# tags:
-# - amd64-docker
-# script:
-# - echo "create docker file under agent/deployment/ci"
-# when: manual
-
-# ##
-# ### Deploy manual on Prod Environment
-# ##
-
-# deploy agent prod:
-# stage: deploy-prod
-# only:
-# refs:
-# - tags
-# changes:
-# - apps/engine/*
-# tags:
-# - amd64-docker
-# script:
-# - echo "create docker file under agent/deployment/ci"
-# when: manual
-
-# deploy engine prod:
-# stage: deploy-prod
-# only:
-# refs:
-# - tags
-# changes:
-# - apps/engine/*
-# tags:
-# - amd64-docker
-# script:
-# - echo "create docker file under agent/deployment/ci"
-# when: manual
-
-##
-### Commit Linters and Changelog steps
-##
commit lint:
- image: node:18
- extends: .distributed
+ extends: .commit-lint
stage: lint
- tags:
- - amd64-docker
- script:
- - echo "${CI_MERGE_REQUEST_TITLE}" | npx commitlint
- rules:
- - if: $CI_PIPELINE_SOURCE == 'merge_request_event' && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == 'main'
changelog:
- image: node:18
- extends: .distributed
+ extends: .changelog
stage: release
- tags:
- - amd64-docker
- script:
- - npx semantic-release
- rules:
- - if: '$PIPELINE_TRIGGERED != "yes" && $CI_COMMIT_BRANCH == "main"'
diff --git a/apps/agent/README.md b/apps/agent/README.md
index 865d2b07fb534644b1ac3b5601ebc0a484f2a3df..4ac3348f0ac105fab17515d54b5b7442a06ea0b9 100644
--- a/apps/agent/README.md
+++ b/apps/agent/README.md
@@ -8,7 +8,7 @@ Agent will consume messages from a broker (NATS) on a pre-configured stream and
Then it will do execute the task and send result to the @ocm-engine/gateway.
-## Agent setup
+## Agent setup
### From the root of the project run:
diff --git a/apps/agent/deployment/ci-cd/Dockerfile b/apps/agent/deployment/ci-cd/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..4a3aca95adcc6a51b2226cccbaccc61a87e49dc7
--- /dev/null
+++ b/apps/agent/deployment/ci-cd/Dockerfile
@@ -0,0 +1,44 @@
+FROM node:18.16.0-buster-slim
+
+# Argument handler
+ARG API_TOKEN
+ARG JOB_ID
+
+# Instal required software
+RUN apt update -y && apt install python3 git make build-essential wget unzip -y
+
+# Set the working directory
+WORKDIR app
+
+# Set the ENV variables
+ENV GITLAB_BASE_URL=https://code.vereign.com/api/v4
+ENV GITLAB_PROJECT_ID=662
+ENV TOKEN=$API_TOKEN
+ENV ID=$JOB_ID
+
+# Download the artifacts from the GitLab API
+RUN wget --header "PRIVATE-TOKEN: $TOKEN" -O artifacts.zip "${GITLAB_BASE_URL}/projects/${GITLAB_PROJECT_ID}/jobs/${ID}/artifacts"
+
+# Unzip the artifacts (if needed) - adjust this command based on your artifact type
+RUN unzip -q artifacts.zip && rm artifacts.zip
+
+# Fix locations
+RUN cp ./dist/apps/agent/main.js .
+RUN cp ./dist/apps/agent/main.js.map .
+RUN cp -r ./dist/libs/askar .
+RUN cp -r ./dist/libs/clients .
+RUN cp -r ./dist/libs/config .
+RUN cp -r ./dist/libs/dtos .
+RUN cp -r ./dist/libs/ledgers .
+RUN cp -r ./dist/libs/nats .
+
+RUN yarn install
+
+# Expose required ports
+EXPOSE 8080
+EXPOSE 8001
+EXPOSE 6001
+
+#####hashtag
+# Command / Entrypoint
+CMD ["node", "main.js"]
diff --git a/apps/agent/deployment/ci-cd/helm/Chart.yaml b/apps/agent/deployment/ci-cd/helm/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b9613162eb4546387fc67c553115b7703e4ce893
--- /dev/null
+++ b/apps/agent/deployment/ci-cd/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+appVersion: build-654
+description: agent deployment
+name: agent
+version: 0.0.2
+icon: "https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg"
diff --git a/apps/agent/deployment/ci-cd/helm/templates/_helpers.tpl b/apps/agent/deployment/ci-cd/helm/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..6cba3ffc4fead9c4924f9788d1fb6c1daf8874e3
--- /dev/null
+++ b/apps/agent/deployment/ci-cd/helm/templates/_helpers.tpl
@@ -0,0 +1,94 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "app.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "app.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" $name .Release.Namespace | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create instance name based on app version and short image sha.
+*/}}
+{{- define "app.revision" -}}
+{{- default .Release.Name .Values.appRel | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "app.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "app.labels" -}}
+helm.sh/chart: {{ include "app.chart" . }}
+{{ include "app.selectorLabels" . }}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "app.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/component: {{ include "app.fullname" . }}
+{{- end -}}
+
+{{/*
+Metrics Annotations
+*/}}
+{{- define "app.metricsAnnotations" -}}
+{{- if .Values.metrics.enabled -}}
+prometheus.io/scrape: "true"
+prometheus.io/port: "{{ .Values.metrics.port }}"
+prometheus.io/path: {{ .Values.metrics.path | default "/metrics" | quote }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Image string
+*/}}
+{{- define "app.image" -}}
+{{- if .Values.image.sha -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}@{{ .Values.image.sha }}
+{{- else -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Security context
+*/}}
+{{- define "app.securitycontext" -}}
+runAsNonRoot: {{ .Values.security.runAsNonRoot | default false }}
+runAsGroup: {{ .Values.security.runAsGid | default 0 }}
+runAsUser: {{ .Values.security.runAsUid | default 0 }}
+fsGroup: {{ .Values.security.runAsGid | default 0 }}
+{{- end -}}
+
+{{/*
+PostgreSQL Connection string URI
+*/}}
+{{- define "app.postgresql.connectionstring" -}}
+postgresql://{{ .Values.attestationManager.database.user }}:{{ .Values.attestationManager.database.password }}@{{ .Values.attestationManager.database.host }}:{{ .Values.attestationManager.database.port }}/{{ .Release.Namespace }}_{{ include "app.name" . | replace "-" "_" }}?schema={{ .Values.attestationManager.database.schema }}
+{{- end -}}
+
+{{/*
+Ingress custom path.
+*/}}
+{{- define "app.path" -}}
+{{- default .Chart.Name .Values.ingress.pathOverride | replace "-manager" "" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/apps/agent/deployment/ci-cd/helm/templates/deployment.yaml b/apps/agent/deployment/ci-cd/helm/templates/deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..360712b00731e0c6b422b11bffb742eaac62d292
--- /dev/null
+++ b/apps/agent/deployment/ci-cd/helm/templates/deployment.yaml
@@ -0,0 +1,145 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: "{{ template "app.name" . }}"
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ app.kubernetes.io/instance: {{ include "app.revision" . }}
+ app.kubernetes.io/part-of: rse
+spec:
+ replicas: {{ .Values.replicaCount }}
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 0
+ selector:
+ matchLabels:
+ {{- include "app.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ labels:
+ {{- include "app.labels" . | nindent 8 }}
+ annotations:
+ {{- include "app.metricsAnnotations" . | nindent 8 }}
+{{- if .Values.podAnnotations }}
+{{ toYaml .Values.podAnnotations | indent 8 }}
+{{- end }}
+ spec:
+ securityContext:
+{{- include "app.securitycontext" . | nindent 8 }}
+ imagePullSecrets:
+ - name: {{ .Values.image.pullSecrets }}
+ containers:
+ - name: {{ template "app.name" . }}
+ image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+ env:
+ {{- if eq .Release.Namespace "ocm" }}
+ - name: LEDGERS
+ value: {{ .Values.ocm.agent.ledgers | quote }}
+ - name: IDUNION_KEY
+ value: {{ .Values.ocm.agent.idunion.key | quote }}
+ - name : AGENT_PEER_URL
+ value: {{ .Values.ocm.agent.peer.url | quote }}
+ - name: AGENT_NAME
+ value: {{ .Values.ocm.agent.issuer.name | quote }}
+ - name: AGENT_KEY
+ value: {{ .Values.ocm.agent.issuer.key | quote }}
+ - name: AGENT_DID_SEED
+ value: {{ .Values.ocm.agent.issuer.did | quote }}
+ - name: AGENT_DB_HOST
+ value: {{ .Values.ocm.agent.db.host | quote }}
+ - name: AGENT_DB_USER
+ value: {{ .Values.ocm.agent.db.user | quote }}
+ - name: AGENT_DB_PASS
+ value: {{ .Values.ocm.agent.db.pass | quote }}
+ - name: AGENT_PORT
+ value: {{ .Values.ocm.agent.port | quote }}
+ - name: AGENT_CONSUMER_NAME
+ value: {{ .Values.ocm.agent.consumer.name | quote }}
+ - name: AGENT_IS_REST
+ value: {{ .Values.ocm.agent.isRest | quote }}
+ - name: AGENT_MAX_MESSAGES
+ value: {{ .Values.ocm.agent.maxMessage | quote }}
+ - name: AGENT_RETE_LIMIT
+ value: {{ .Values.ocm.agent.rateLimit | quote }}
+ - name: NATS_SERVERS
+ value: {{ .Values.ocm.nats.server | quote }}
+ - name: NATS_STREAM_NAME
+ value: {{ .Values.ocm.nats.name | quote }}
+ - name: NATS_SUBJECTS
+ value: {{ .Values.ocm.nats.subjects | quote }}
+ - name: GATEWAY_HTTP_PORT
+ value: {{ .Values.ocm.gateway.port.http | quote }}
+ - name: GATEWAY_TCP_PORT
+ value: {{ .Values.ocm.gateway.port.tcp | quote }}
+ - name: GATEWAY_SOCKET_EVENT_NAME
+ value: {{ .Values.ocm.gateway.socket.name | quote }}
+ - name: GATEWAY_MESSAGE_PATTERN
+ value: {{ .Values.ocm.gateway.messagePattern | quote }}
+ - name: GATEWAY_HOST
+ value: {{ .Values.ocm.gateway.host | quote }}
+ {{- else if eq .Release.Namespace "ocm-test" }}
+ - name: LEDGERS
+ value: {{ .Values.ocmtest.agent.ledgers | quote }}
+ - name: IDUNION_KEY
+ value: {{ .Values.ocmtest.agent.idunion.key | quote }}
+ - name : AGENT_PEER_URL
+ value: {{ .Values.ocmtest.agent.peer.url | quote }}
+ - name: AGENT_NAME
+ value: {{ .Values.ocmtest.agent.holder.name | quote }}
+ - name: AGENT_KEY
+ value: {{ .Values.ocmtest.agent.holder.key | quote }}
+ - name: AGENT_DID_SEED
+ value: {{ .Values.ocmtest.agent.holder.did | quote }}
+ - name: AGENT_DB_HOST
+ value: {{ .Values.ocmtest.agent.db.host | quote }}
+ - name: AGENT_DB_USER
+ value: {{ .Values.ocmtest.agent.db.user | quote }}
+ - name: AGENT_DB_PASS
+ value: {{ .Values.ocmtest.agent.db.pass | quote }}
+ - name: AGENT_PORT
+ value: {{ .Values.ocmtest.agent.port | quote }}
+ - name: AGENT_CONSUMER_NAME
+ value: {{ .Values.ocmtest.agent.consumer.name | quote }}
+ - name: AGENT_IS_REST
+ value: {{ .Values.ocmtest.agent.isRest | quote }}
+ - name: AGENT_MAX_MESSAGES
+ value: {{ .Values.ocmtest.agent.maxMessage | quote }}
+ - name: AGENT_RETE_LIMIT
+ value: {{ .Values.ocmtest.agent.rateLimit | quote }}
+ - name: NATS_SERVERS
+ value: {{ .Values.ocmtest.nats.server | quote }}
+ - name: NATS_STREAM_NAME
+ value: {{ .Values.ocmtest.nats.name | quote }}
+ - name: NATS_SUBJECTS
+ value: {{ .Values.ocmtest.nats.subjects | quote }}
+ - name: GATEWAY_HTTP_PORT
+ value: {{ .Values.ocmtest.gateway.port.http | quote }}
+ - name: GATEWAY_TCP_PORT
+ value: {{ .Values.ocmtest.gateway.port.tcp | quote }}
+ - name: GATEWAY_SOCKET_EVENT_NAME
+ value: {{ .Values.ocmtest.gateway.socket.name | quote }}
+ - name: GATEWAY_MESSAGE_PATTERN
+ value: {{ .Values.ocmtest.gateway.messagePattern | quote }}
+ - name: GATEWAY_HOST
+ value: {{ .Values.ocmtest.gateway.host | quote }}
+ {{- end }}
+{{- if .Values.extraVars }}
+{{ toYaml .Values.extraVars | indent 8 }}
+{{- end }}
+ ports:
+ {{- if .Values.metrics.enabled }}
+ - name: monitoring
+ containerPort: {{ .Values.metrics.port }}
+ {{- end }}
+ - name: http
+ containerPort: {{ .Values.service.port }}
+ - name: peer
+ containerPort: {{ .Values.service.port1 }}
+ - name: http2
+ containerPort: {{ .Values.service.port2 }}
+ resources:
+{{ toYaml .Values.resources | indent 10 }}
diff --git a/apps/agent/deployment/ci-cd/helm/templates/ingress.yaml b/apps/agent/deployment/ci-cd/helm/templates/ingress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..6ec5cb0df5ded928bcb88614972c9eee17b6df84
--- /dev/null
+++ b/apps/agent/deployment/ci-cd/helm/templates/ingress.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+ annotations:
+{{ toYaml .Values.ingress.annotations | indent 4 }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+spec:
+{{- if .Values.ingress.tlsEnabled }}
+ tls:
+ - hosts:
+ - {{ .Values.ingress.frontendDomain }}
+ secretName: {{ .Values.ingress.frontendTlsSecretName }}
+{{- end }}
+ rules:
+ {{- if eq .Release.Namespace "ocm" }}
+ - host: {{ .Values.ingress.frontendDomain }}
+ http:
+ paths:
+ - path: /issuer(/|$)(.*)
+ pathType: Prefix
+ backend:
+ service:
+ name: {{ template "app.name" . }}
+ port:
+ number: {{ .Values.service.port }}
+ {{- else if eq .Release.Namespace "ocm-test" }}
+ - host: {{ .Values.ingress.frontendDomain }}
+ http:
+ paths:
+ - path: /holder(/|$)(.*)
+ pathType: Prefix
+ backend:
+ service:
+ name: {{ template "app.name" . }}
+ port:
+ number: {{ .Values.service.port1 }}
+ {{- end }}
+{{- end }}
diff --git a/apps/agent/deployment/ci-cd/helm/templates/service.yaml b/apps/agent/deployment/ci-cd/helm/templates/service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..46c59e5c5e19057c6225b2886d504fdd53556fe7
--- /dev/null
+++ b/apps/agent/deployment/ci-cd/helm/templates/service.yaml
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+spec:
+ clusterIP: None
+ ports:
+ - name: http
+ port: {{ .Values.service.port }}
+ targetPort: {{ .Values.service.port }}
+ - name: http1
+ port: {{ .Values.service.port1 }}
+ targetPort: {{ .Values.service.port1 }}
+ - name: http2
+ port: {{ .Values.service.port2 }}
+ targetPort: {{ .Values.service.port2 }}
+ selector:
+ {{- include "app.selectorLabels" . | nindent 4 }}
diff --git a/apps/agent/deployment/ci-cd/helm/values.yaml b/apps/agent/deployment/ci-cd/helm/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..bda40cdeb8701eab8a5aa64e6b5c27ba8381e502
--- /dev/null
+++ b/apps/agent/deployment/ci-cd/helm/values.yaml
@@ -0,0 +1,145 @@
+# -- Default number of instances to start ...
+replicaCount: 1
+# -- Application name ...
+name: agent
+# -- Ovverwrites application name ..
+nameOverride: ""
+
+image:
+ repository: eu.gcr.io/vrgn-infra-prj/gaiax/ocm
+ # -- Image name .
+ name: ocm-engine/agent
+ # -- Image tag .
+ # Uses .Chart.AppVersion if empty .
+ tag: ""
+ # -- Image sha, usually generated by the CI .
+ # Uses image.tag if empty .
+ sha: ""
+ # -- Image pull policy .
+ pullPolicy: Always
+ # -- Image pull secret when internal image is used .
+ pullSecrets: deployment-key-light
+
+resources:
+ requests:
+ cpu: 250m
+
+autoscaling:
+ # -- Enable autoscaling .
+ enabled: false
+ # -- Minimum replicas .
+ minReplicas: 1
+ # -- Maximum replicas .
+ maxReplicas: 3
+ # -- CPU target for autoscaling trigger .
+ targetCPUUtilizationPercentage: 70
+ # -- Memory target for autoscaling trigger .
+ targetMemoryUtilizationPercentage: 70
+##
+## Prometheus Exporter / Metrics .
+##
+
+metrics:
+ # -- Enable prometheus metrics .
+ enabled: true
+ # -- Port for prometheus metrics .
+ port: 2112
+
+##
+## Kubernetes [SecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) object.
+##
+
+security:
+ # -- by default, apps run as non-root .
+ runAsNonRoot: false
+ # -- User used by the apps .
+ runAsUid: 0
+ # -- Group used by the apps .
+ runAsGid: 0
+
+ocm:
+ agent:
+ ledgers: "BCOVRIN_TEST"
+ idunion:
+ key: ""
+ peer:
+ url: "https://w3c-ocm-dev.vereign.com/issuer"
+ issuer:
+ name: "ISSUER_AGENT"
+ key: "CwNJroKHTSSj3XvE7ZAnuKiTn2C4QkFvxEqfm5rzhNri"
+ did: "000000000000000000000000TCuste89"
+ holder:
+ name: "DEV_AGENT_HOLDER_OCM_4"
+ key: "DEV_AGENT_HOLDER_OCM_4"
+ did: "2000000000000000CCA120000000TCuste21jsjs"
+ db:
+ host: ""
+ user: ""
+ pass: ""
+ port: 8081
+ consumer:
+ name: "agent_1"
+ isRest: false
+ maxMessage: 10
+ rateLimit: 5
+
+ nats:
+ server: "nats.ocm:4222"
+ name: "ssi_issuer_stream"
+ subjects: "connections.*,proofs.*,credentials.*,credentials.definition.*,credentials.offer.*,schemas.*,messages.*"
+
+ gateway:
+ port:
+ http: 8081
+ tcp: 8881
+ socket:
+ name: "message"
+ messagePattern: "webhook"
+ host: "gateway.ocm"
+
+ocmtest:
+ agent:
+ ledgers: "BCOVRIN_TEST"
+ idunion:
+ key: ""
+ peer:
+ url: "https://w3c-ocm-dev.vereign.com/holder"
+ holder:
+ name: "HOLDER_AGENT_OCM"
+ key: "CwNJroKHTSSj3XvE7ZAnuKiTn3C4QkFvxEqfm5rsdNri"
+ did: "2000000000000000CCA120000000TCuste21jsjs"
+ db:
+ host: ""
+ user: ""
+ pass: ""
+ port: 8081
+ consumer:
+ name: "agent_1"
+ isRest: false
+ maxMessage: 10
+ rateLimit: 5
+
+ nats:
+ server: "nats.ocm-test:4222"
+ name: "ssi_holder_stream"
+ subjects: "connections.*,proofs.*,credentials.*,credentials.definition.*,credentials.offer.*,schemas.*,messages.*"
+
+ gateway:
+ port:
+ http: 8081
+ tcp: 8881
+ socket:
+ name: "message"
+ messagePattern: "webhook"
+ host: "gateway.ocm-test"
+
+service:
+ port: 8080
+ port1: 8001
+ port2: 8010
+
+ingress:
+ enabled: true
+ tlsEnabled: true
+ frontendDomain: ssi-dev.vereign.com
+ frontendTlsSecretName: cert-manager-tls
diff --git a/apps/agent/deployment/Dockerfile b/apps/agent/deployment/local/Dockerfile
similarity index 100%
rename from apps/agent/deployment/Dockerfile
rename to apps/agent/deployment/local/Dockerfile
diff --git a/apps/attestation-manager/deployment/ci-cd/Dockerfile b/apps/attestation-manager/deployment/ci-cd/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..b5563b41ec75ffa5e51a4403b5dcc52db5d6979d
--- /dev/null
+++ b/apps/attestation-manager/deployment/ci-cd/Dockerfile
@@ -0,0 +1,38 @@
+FROM node:18.16.0-buster-slim
+
+# Argument handler
+ARG API_TOKEN
+ARG JOB_ID
+
+# Instal required software
+RUN apt update -y && apt install python3 git make build-essential wget unzip -y
+
+# Set the working directory
+WORKDIR app
+
+# Set the ENV variables
+ENV GITLAB_BASE_URL=https://code.vereign.com/api/v4
+ENV GITLAB_PROJECT_ID=662
+ENV TOKEN=$API_TOKEN
+ENV ID=$JOB_ID
+
+# Download the artifacts from the GitLab API
+RUN wget --header "PRIVATE-TOKEN: $TOKEN" -O artifacts.zip "${GITLAB_BASE_URL}/projects/${GITLAB_PROJECT_ID}/jobs/${ID}/artifacts"
+
+# Unzip the artifacts (if needed) - adjust this command based on your artifact type
+RUN unzip -q artifacts.zip && rm artifacts.zip
+
+# Fix locations
+RUN cp ./dist/apps/attestation-manager/main.js .
+RUN cp ./dist/apps/attestation-manager/main.js.map .
+RUN cp -r ./dist/libs/config .
+RUN cp -r ./dist/libs/dtos .
+RUN cp -r ./dist/libs/nats .
+
+RUN yarn install
+
+# Expose required ports
+EXPOSE 8883
+
+# Command to run
+CMD ["node", "main.js"]
diff --git a/apps/attestation-manager/deployment/ci-cd/helm/Chart.yaml b/apps/attestation-manager/deployment/ci-cd/helm/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..540dbcbbfc113722950ecfae2e26ba128a566d96
--- /dev/null
+++ b/apps/attestation-manager/deployment/ci-cd/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+appVersion: build-654
+description: attestation-manager deployment
+name: attestation-manager
+version: 0.0.2
+icon: "https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg"
diff --git a/apps/attestation-manager/deployment/ci-cd/helm/templates/_helpers.tpl b/apps/attestation-manager/deployment/ci-cd/helm/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..6cba3ffc4fead9c4924f9788d1fb6c1daf8874e3
--- /dev/null
+++ b/apps/attestation-manager/deployment/ci-cd/helm/templates/_helpers.tpl
@@ -0,0 +1,94 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "app.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "app.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" $name .Release.Namespace | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create instance name based on app version and short image sha.
+*/}}
+{{- define "app.revision" -}}
+{{- default .Release.Name .Values.appRel | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "app.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "app.labels" -}}
+helm.sh/chart: {{ include "app.chart" . }}
+{{ include "app.selectorLabels" . }}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "app.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/component: {{ include "app.fullname" . }}
+{{- end -}}
+
+{{/*
+Metrics Annotations
+*/}}
+{{- define "app.metricsAnnotations" -}}
+{{- if .Values.metrics.enabled -}}
+prometheus.io/scrape: "true"
+prometheus.io/port: "{{ .Values.metrics.port }}"
+prometheus.io/path: {{ .Values.metrics.path | default "/metrics" | quote }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Image string
+*/}}
+{{- define "app.image" -}}
+{{- if .Values.image.sha -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}@{{ .Values.image.sha }}
+{{- else -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Security context
+*/}}
+{{- define "app.securitycontext" -}}
+runAsNonRoot: {{ .Values.security.runAsNonRoot | default false }}
+runAsGroup: {{ .Values.security.runAsGid | default 0 }}
+runAsUser: {{ .Values.security.runAsUid | default 0 }}
+fsGroup: {{ .Values.security.runAsGid | default 0 }}
+{{- end -}}
+
+{{/*
+PostgreSQL Connection string URI
+*/}}
+{{- define "app.postgresql.connectionstring" -}}
+postgresql://{{ .Values.attestationManager.database.user }}:{{ .Values.attestationManager.database.password }}@{{ .Values.attestationManager.database.host }}:{{ .Values.attestationManager.database.port }}/{{ .Release.Namespace }}_{{ include "app.name" . | replace "-" "_" }}?schema={{ .Values.attestationManager.database.schema }}
+{{- end -}}
+
+{{/*
+Ingress custom path.
+*/}}
+{{- define "app.path" -}}
+{{- default .Chart.Name .Values.ingress.pathOverride | replace "-manager" "" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/apps/attestation-manager/deployment/ci-cd/helm/templates/deployment.yaml b/apps/attestation-manager/deployment/ci-cd/helm/templates/deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d4710a09e3d35d9d3ff4a9db31e9199cdf4b2400
--- /dev/null
+++ b/apps/attestation-manager/deployment/ci-cd/helm/templates/deployment.yaml
@@ -0,0 +1,73 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: "{{ template "app.name" . }}"
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ app.kubernetes.io/instance: {{ include "app.revision" . }}
+ app.kubernetes.io/part-of: rse
+spec:
+ replicas: {{ .Values.replicaCount }}
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 0
+ selector:
+ matchLabels:
+ {{- include "app.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ labels:
+ {{- include "app.labels" . | nindent 8 }}
+ annotations:
+ {{- include "app.metricsAnnotations" . | nindent 8 }}
+{{- if .Values.podAnnotations }}
+{{ toYaml .Values.podAnnotations | indent 8 }}
+{{- end }}
+ spec:
+ securityContext:
+{{- include "app.securitycontext" . | nindent 8 }}
+ imagePullSecrets:
+ - name: {{ .Values.image.pullSecrets }}
+ containers:
+ - name: {{ template "app.name" . }}
+ image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+ env:
+ {{- if eq .Release.Namespace "ocm" }}
+ - name: NATS_SERVERS
+ value: {{ .Values.ocm.nats.server | quote }}
+ - name: NATS_STREAM_NAME
+ value: {{ .Values.ocm.nats.name | quote }}
+ - name: NATS_SUBJECTS
+ value: {{ .Values.ocm.nats.subjects | quote }}
+ - name: ATTESTATION_SERVICE_TCP_PORT
+ value: {{ .Values.ocm.attestationManager.service.tcp.port | quote }}
+ - name: ATTESTATION_SERVICE_HOST
+ value: {{ .Values.ocm.attestationManager.service.host | quote }}
+ {{- else if eq .Release.Namespace "ocm-test" }}
+ - name: NATS_SERVERS
+ value: {{ .Values.ocmtest.nats.server | quote }}
+ - name: NATS_STREAM_NAME
+ value: {{ .Values.ocmtest.nats.name | quote }}
+ - name: NATS_SUBJECTS
+ value: {{ .Values.ocmtest.nats.subjects | quote }}
+ - name: ATTESTATION_SERVICE_TCP_PORT
+ value: {{ .Values.ocmtest.attestationManager.service.tcp.port | quote }}
+ - name: ATTESTATION_SERVICE_HOST
+ value: {{ .Values.ocmtest.attestationManager.service.host | quote }}
+ {{- end }}
+{{- if .Values.extraVars }}
+{{ toYaml .Values.extraVars | indent 8 }}
+{{- end }}
+ ports:
+ {{- if .Values.metrics.enabled }}
+ - name: monitoring
+ containerPort: {{ .Values.metrics.port }}
+ {{- end }}
+ - name: http
+ containerPort: {{ .Values.service.port }}
+ resources:
+{{ toYaml .Values.resources | indent 10 }}
diff --git a/apps/attestation-manager/deployment/ci-cd/helm/templates/hpa.yaml b/apps/attestation-manager/deployment/ci-cd/helm/templates/hpa.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..fc5c29e7463c24756cfa83754e8ab9336be7b8c2
--- /dev/null
+++ b/apps/attestation-manager/deployment/ci-cd/helm/templates/hpa.yaml
@@ -0,0 +1,27 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ template "app.name" . }}
+ minReplicas: {{ .Values.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+ metrics:
+{{- with .Values.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+{{- end }}
+{{- with .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/apps/attestation-manager/deployment/ci-cd/helm/templates/service.yaml b/apps/attestation-manager/deployment/ci-cd/helm/templates/service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..21c57ac87992e185f824c0c8c9fbf8ab19b289d2
--- /dev/null
+++ b/apps/attestation-manager/deployment/ci-cd/helm/templates/service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+spec:
+ clusterIP: None
+ ports:
+ - name: http
+ port: {{ .Values.service.port }}
+ targetPort: {{ .Values.service.port }}
+ selector:
+ {{- include "app.selectorLabels" . | nindent 4 }}
+
diff --git a/apps/attestation-manager/deployment/ci-cd/helm/values.yaml b/apps/attestation-manager/deployment/ci-cd/helm/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..df3da09f513b1b250c814635991719513e1b1c0b
--- /dev/null
+++ b/apps/attestation-manager/deployment/ci-cd/helm/values.yaml
@@ -0,0 +1,112 @@
+# -- Default number of instances to start .
+replicaCount: 1
+# -- Application name
+name: attestation-manager
+# -- Ovverwrites application name
+nameOverride: ""
+
+image:
+ repository: eu.gcr.io/vrgn-infra-prj/gaiax/ocm
+ # -- Image name
+ name: ocm-engine/attestation-manager
+ # -- Image tag
+ # Uses .Chart.AppVersion if empty
+ tag: ""
+ # -- Image sha, usually generated by the CI
+ # Uses image.tag if empty
+ sha: ""
+ # -- Image pull policy
+ pullPolicy: IfNotPresent
+ # -- Image pull secret when internal image is used
+ pullSecrets: deployment-key-light
+
+
+podAnnotations: {}
+##
+## Pass extra environment variables to the container.
+##
+# extraVars:
+# - name: EXTRA_VAR_1
+# value: extra-var-value-1
+# - name: EXTRA_VAR_2
+# value: extra-var-value-2
+##
+## Create new service when true, and use the specified uner name when set to the name specified
+##
+
+resources:
+ requests:
+ cpu: 25m
+ memory: 64Mi
+ limits:
+ cpu: 150m
+ memory: 128Mi
+
+## Configure pod autoscaling
+##
+
+autoscaling:
+ # -- Enable autoscaling
+ enabled: false
+ # -- Minimum replicas
+ minReplicas: 1
+ # -- Maximum replicas
+ maxReplicas: 3
+ # -- CPU target for autoscaling trigger
+ targetCPUUtilizationPercentage: 70
+ # -- Memory target for autoscaling trigger
+ targetMemoryUtilizationPercentage: 70
+##
+## Prometheus Exporter / Metrics
+##
+
+metrics:
+ # -- Enable prometheus metrics
+ enabled: true
+ # -- Port for prometheus metrics
+ port: 2112
+
+log:
+ level: "INFO"
+ encoding: json
+
+##
+## Kubernetes [SecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) object.
+##
+
+security:
+ # -- by default, apps run as non-root
+ runAsNonRoot: false
+ # -- User used by the apps
+ runAsUid: 0
+ # -- Group used by the apps
+ runAsGid: 0
+##
+##
+service:
+ port: 8883
+
+ocm:
+ attestationManager:
+ service:
+ tcp:
+ port: 8883
+ host: "attestation-manager.ocm"
+ nats:
+ server: "nats.ocm:4222"
+ name: "ssi_holder_stream"
+ subjects: "connections.*,proofs.*,credentials.*,credentials.definition.*,credentials.offer.*,schemas.*,messages.*"
+
+ocmtest:
+ attestationManager:
+ service:
+ tcp:
+ port: 8883
+ host: "attestation-manager.ocm-test"
+ nats:
+ server: "nats.ocm-test:4222"
+ name: "ssi_holder_stream"
+ subjects: "connections.*,proofs.*,credentials.*,credentials.definition.*,credentials.offer.*,schemas.*,messages.*"
+
+ingress:
+ enabled: false
diff --git a/apps/attestation-manager/deployment/Dockerfile b/apps/attestation-manager/deployment/local/Dockerfile
similarity index 99%
rename from apps/attestation-manager/deployment/Dockerfile
rename to apps/attestation-manager/deployment/local/Dockerfile
index 96750a73306698cfc0764db1b0b45ed468d90042..dab88e16f74614bc58fbbc729a1acafab6c8d182 100644
--- a/apps/attestation-manager/deployment/Dockerfile
+++ b/apps/attestation-manager/deployment/local/Dockerfile
@@ -13,3 +13,4 @@ RUN yarn install
EXPOSE 8883
CMD ["node", "main.js"]
+
diff --git a/apps/connection-manager/deployment/ci-cd/Dockerfile b/apps/connection-manager/deployment/ci-cd/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..19be17355f2d8a4f0cad71c38ae5ee3cb49157d3
--- /dev/null
+++ b/apps/connection-manager/deployment/ci-cd/Dockerfile
@@ -0,0 +1,37 @@
+FROM node:18.16.0-buster-slim
+
+# Argument handler
+ARG API_TOKEN
+ARG JOB_ID
+# Instal required software
+RUN apt update -y && apt install python3 git make build-essential wget unzip -y
+
+# Set the working directory
+WORKDIR app
+
+# Set the ENV variables
+ENV GITLAB_BASE_URL=https://code.vereign.com/api/v4
+ENV GITLAB_PROJECT_ID=662
+ENV TOKEN=$API_TOKEN
+ENV ID=$JOB_ID
+
+# Download the artifacts from the GitLab API
+RUN wget --header "PRIVATE-TOKEN: $TOKEN" -O artifacts.zip "${GITLAB_BASE_URL}/projects/${GITLAB_PROJECT_ID}/jobs/${ID}/artifacts"
+
+# Unzip the artifacts (if needed) - adjust this command based on your artifact type
+RUN unzip -q artifacts.zip && rm artifacts.zip
+
+# Fix locations
+RUN cp ./dist/apps/connection-manager/main.js .
+RUN cp ./dist/apps/connection-manager/main.js.map .
+RUN cp -r ./dist/libs/config .
+RUN cp -r ./dist/libs/dtos .
+RUN cp -r ./dist/libs/nats .
+
+RUN yarn install
+
+# Expose required ports
+EXPOSE 8882
+
+# Command to run
+CMD ["node", "main.js"]
diff --git a/apps/connection-manager/deployment/ci-cd/helm/Chart.yaml b/apps/connection-manager/deployment/ci-cd/helm/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1c65bbe15bb96e53502f1e8d1e0789e8f2dc00f7
--- /dev/null
+++ b/apps/connection-manager/deployment/ci-cd/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+appVersion: build-654
+description: connection-manager deployment
+name: connection-manager
+version: 0.0.2
+icon: "https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg"
diff --git a/apps/connection-manager/deployment/ci-cd/helm/templates/_helpers.tpl b/apps/connection-manager/deployment/ci-cd/helm/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..6cba3ffc4fead9c4924f9788d1fb6c1daf8874e3
--- /dev/null
+++ b/apps/connection-manager/deployment/ci-cd/helm/templates/_helpers.tpl
@@ -0,0 +1,94 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "app.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "app.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" $name .Release.Namespace | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create instance name based on app version and short image sha.
+*/}}
+{{- define "app.revision" -}}
+{{- default .Release.Name .Values.appRel | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "app.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "app.labels" -}}
+helm.sh/chart: {{ include "app.chart" . }}
+{{ include "app.selectorLabels" . }}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "app.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/component: {{ include "app.fullname" . }}
+{{- end -}}
+
+{{/*
+Metrics Annotations
+*/}}
+{{- define "app.metricsAnnotations" -}}
+{{- if .Values.metrics.enabled -}}
+prometheus.io/scrape: "true"
+prometheus.io/port: "{{ .Values.metrics.port }}"
+prometheus.io/path: {{ .Values.metrics.path | default "/metrics" | quote }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Image string
+*/}}
+{{- define "app.image" -}}
+{{- if .Values.image.sha -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}@{{ .Values.image.sha }}
+{{- else -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Security context
+*/}}
+{{- define "app.securitycontext" -}}
+runAsNonRoot: {{ .Values.security.runAsNonRoot | default false }}
+runAsGroup: {{ .Values.security.runAsGid | default 0 }}
+runAsUser: {{ .Values.security.runAsUid | default 0 }}
+fsGroup: {{ .Values.security.runAsGid | default 0 }}
+{{- end -}}
+
+{{/*
+PostgreSQL Connection string URI
+*/}}
+{{- define "app.postgresql.connectionstring" -}}
+postgresql://{{ .Values.attestationManager.database.user }}:{{ .Values.attestationManager.database.password }}@{{ .Values.attestationManager.database.host }}:{{ .Values.attestationManager.database.port }}/{{ .Release.Namespace }}_{{ include "app.name" . | replace "-" "_" }}?schema={{ .Values.attestationManager.database.schema }}
+{{- end -}}
+
+{{/*
+Ingress custom path.
+*/}}
+{{- define "app.path" -}}
+{{- default .Chart.Name .Values.ingress.pathOverride | replace "-manager" "" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/apps/connection-manager/deployment/ci-cd/helm/templates/deployment.yaml b/apps/connection-manager/deployment/ci-cd/helm/templates/deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d54ef3e515d9788a33e96fd30d387f1819bd10cc
--- /dev/null
+++ b/apps/connection-manager/deployment/ci-cd/helm/templates/deployment.yaml
@@ -0,0 +1,73 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: "{{ template "app.name" . }}"
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ app.kubernetes.io/instance: {{ include "app.revision" . }}
+ app.kubernetes.io/part-of: rse
+spec:
+ replicas: {{ .Values.replicaCount }}
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 0
+ selector:
+ matchLabels:
+ {{- include "app.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ labels:
+ {{- include "app.labels" . | nindent 8 }}
+ annotations:
+ {{- include "app.metricsAnnotations" . | nindent 8 }}
+{{- if .Values.podAnnotations }}
+{{ toYaml .Values.podAnnotations | indent 8 }}
+{{- end }}
+ spec:
+ securityContext:
+{{- include "app.securitycontext" . | nindent 8 }}
+ imagePullSecrets:
+ - name: {{ .Values.image.pullSecrets }}
+ containers:
+ - name: {{ template "app.name" . }}
+ image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+ env:
+ {{- if eq .Release.Namespace "ocm" }}
+ - name: NATS_SERVERS
+ value: {{ .Values.ocm.nats.server | quote }}
+ - name: NATS_STREAM_NAME
+ value: {{ .Values.ocm.nats.name | quote }}
+ - name: NATS_SUBJECTS
+ value: {{ .Values.ocm.nats.subjects | quote }}
+ - name: CONNECTION_SERVICE_TCP_PORT
+ value: {{ .Values.ocm.connectionManager.service.tcp.port | quote }}
+ - name: CONNECTION_SERVICE_HOST
+ value: {{ .Values.ocm.connectionManager.service.host | quote }}
+ {{- else if eq .Release.Namespace "ocm-test" }}
+ - name: NATS_SERVERS
+ value: {{ .Values.ocmtest.nats.server | quote }}
+ - name: NATS_STREAM_NAME
+ value: {{ .Values.ocmtest.nats.name | quote }}
+ - name: NATS_SUBJECTS
+ value: {{ .Values.ocmtest.nats.subjects | quote }}
+ - name: CONNECTION_SERVICE_TCP_PORT
+ value: {{ .Values.ocmtest.connectionManager.service.tcp.port | quote }}
+ - name: CONNECTION_SERVICE_HOST
+ value: {{ .Values.ocmtest.connectionManager.service.host | quote }}
+ {{- end }}
+{{- if .Values.extraVars }}
+{{ toYaml .Values.extraVars | indent 8 }}
+{{- end }}
+ ports:
+ {{- if .Values.metrics.enabled }}
+ - name: monitoring
+ containerPort: {{ .Values.metrics.port }}
+ {{- end }}
+ - name: http
+ containerPort: {{ .Values.service.port }}
+ resources:
+{{ toYaml .Values.resources | indent 10 }}
diff --git a/apps/connection-manager/deployment/ci-cd/helm/templates/hpa.yaml b/apps/connection-manager/deployment/ci-cd/helm/templates/hpa.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..fc5c29e7463c24756cfa83754e8ab9336be7b8c2
--- /dev/null
+++ b/apps/connection-manager/deployment/ci-cd/helm/templates/hpa.yaml
@@ -0,0 +1,27 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ template "app.name" . }}
+ minReplicas: {{ .Values.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+ metrics:
+{{- with .Values.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+{{- end }}
+{{- with .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/apps/connection-manager/deployment/ci-cd/helm/templates/service.yaml b/apps/connection-manager/deployment/ci-cd/helm/templates/service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..21c57ac87992e185f824c0c8c9fbf8ab19b289d2
--- /dev/null
+++ b/apps/connection-manager/deployment/ci-cd/helm/templates/service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+spec:
+ clusterIP: None
+ ports:
+ - name: http
+ port: {{ .Values.service.port }}
+ targetPort: {{ .Values.service.port }}
+ selector:
+ {{- include "app.selectorLabels" . | nindent 4 }}
+
diff --git a/apps/connection-manager/deployment/ci-cd/helm/values.yaml b/apps/connection-manager/deployment/ci-cd/helm/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..051acf536180850220aa86ec5e002f877e9c6e84
--- /dev/null
+++ b/apps/connection-manager/deployment/ci-cd/helm/values.yaml
@@ -0,0 +1,112 @@
+# -- Default number of instances to start
+replicaCount: 1
+# -- Application name
+name: connection-manager
+# -- Ovverwrites application name
+nameOverride: ""
+
+image:
+ repository: eu.gcr.io/vrgn-infra-prj/gaiax/ocm
+ # -- Image name
+ name: ocm-engine/connection-manager
+ # -- Image tag
+ # Uses .Chart.AppVersion if empty
+ tag: ""
+ # -- Image sha, usually generated by the CI
+ # Uses image.tag if empty
+ sha: ""
+ # -- Image pull policy
+ pullPolicy: IfNotPresent
+ # -- Image pull secret when internal image is used
+ pullSecrets: deployment-key-light
+
+
+podAnnotations: {}
+##
+## Pass extra environment variables to the container.
+##
+# extraVars:
+# - name: EXTRA_VAR_1
+# value: extra-var-value-1
+# - name: EXTRA_VAR_2
+# value: extra-var-value-2
+##
+## Create new service when true, and use the specified uner name when set to the name specified
+##
+
+resources:
+ requests:
+ cpu: 25m
+ memory: 64Mi
+ limits:
+ cpu: 150m
+ memory: 128Mi
+
+## Configure pod autoscaling
+##
+
+autoscaling:
+ # -- Enable autoscaling
+ enabled: false
+ # -- Minimum replicas
+ minReplicas: 1
+ # -- Maximum replicas
+ maxReplicas: 3
+ # -- CPU target for autoscaling trigger
+ targetCPUUtilizationPercentage: 70
+ # -- Memory target for autoscaling trigger
+ targetMemoryUtilizationPercentage: 70
+##
+## Prometheus Exporter / Metrics
+##
+
+metrics:
+ # -- Enable prometheus metrics
+ enabled: true
+ # -- Port for prometheus metrics
+ port: 2112
+
+log:
+ level: "INFO"
+ encoding: json
+
+##
+## Kubernetes [SecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) object.
+##
+
+security:
+ # -- by default, apps run as non-root
+ runAsNonRoot: false
+ # -- User used by the apps
+ runAsUid: 0
+ # -- Group used by the apps
+ runAsGid: 0
+##
+##
+service:
+ port: 8882
+
+ocm:
+ connectionManager:
+ service:
+ tcp:
+ port: 8882
+ host: "connection-manager.ocm"
+ nats:
+ server: "nats.ocm:4222"
+ name: "ssi_holder_stream"
+ subjects: "connections.*,proofs.*,credentials.*,credentials.definition.*,credentials.offer.*,schemas.*,messages.*"
+
+ocmtest:
+ connectionManager:
+ service:
+ tcp:
+ port: 8882
+ host: "connection-manager.ocm-test"
+ nats:
+ server: "nats.ocm-test:4222"
+ name: "ssi_holder_stream"
+ subjects: "connections.*,proofs.*,credentials.*,credentials.definition.*,credentials.offer.*,schemas.*,messages.*"
+
+ingress:
+ enabled: false
\ No newline at end of file
diff --git a/apps/connection-manager/deployment/Dockerfile b/apps/connection-manager/deployment/local/Dockerfile
similarity index 99%
rename from apps/connection-manager/deployment/Dockerfile
rename to apps/connection-manager/deployment/local/Dockerfile
index ed4f65ec7b4f474233e58d7a968696c01d8e998e..0ec6f0a7970af41bc251e71d267906b7ec9eb721 100644
--- a/apps/connection-manager/deployment/Dockerfile
+++ b/apps/connection-manager/deployment/local/Dockerfile
@@ -13,3 +13,4 @@ RUN yarn install
EXPOSE 8882
CMD ["node", "main.js"]
+
diff --git a/apps/gateway/deployment/ci-cd/Dockerfile b/apps/gateway/deployment/ci-cd/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..18b057de2aeb698a9b20ea664483ed789bc3207e
--- /dev/null
+++ b/apps/gateway/deployment/ci-cd/Dockerfile
@@ -0,0 +1,39 @@
+FROM node:18.16.0-buster-slim
+
+# Argument handler a
+ARG API_TOKEN
+ARG JOB_ID
+
+# Instal required software
+RUN apt update -y && apt install python3 git make build-essential wget unzip -y
+
+# Set the working directory
+WORKDIR app
+
+# Set the ENV variables
+ENV GITLAB_BASE_URL=https://code.vereign.com/api/v4
+ENV GITLAB_PROJECT_ID=662
+ENV TOKEN=$API_TOKEN
+ENV ID=$JOB_ID
+
+# Download the artifacts from the GitLab API
+RUN wget --header "PRIVATE-TOKEN: $TOKEN" -O artifacts.zip "${GITLAB_BASE_URL}/projects/${GITLAB_PROJECT_ID}/jobs/${ID}/artifacts"
+
+# Unzip the artifacts (if needed) - adjust this command based on your artifact type
+RUN unzip -q artifacts.zip && rm artifacts.zip
+
+# Fix locations
+RUN cp ./dist/apps/gateway/main.js .
+RUN cp ./dist/apps/gateway/main.js.map .
+RUN cp -r ./dist/libs/config .
+RUN cp -r ./dist/libs/dtos .
+RUN cp -r ./dist/libs/clients .
+
+RUN yarn install
+
+# Expose required ports
+EXPOSE 8081
+EXPOSE 8881
+
+# Command to run
+CMD ["node", "main.js"]
diff --git a/apps/gateway/deployment/ci-cd/helm/Chart.yaml b/apps/gateway/deployment/ci-cd/helm/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..29abdf2d11c82cfb8c0e7f90addbc61d386ed045
--- /dev/null
+++ b/apps/gateway/deployment/ci-cd/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+appVersion: build-654
+description: gateway deployment
+name: gateway
+version: 0.0.2
+icon: "https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg"
diff --git a/apps/gateway/deployment/ci-cd/helm/templates/_helpers.tpl b/apps/gateway/deployment/ci-cd/helm/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..2c27cb68df0e603d516d1a6b5e7770b7719ea78e
--- /dev/null
+++ b/apps/gateway/deployment/ci-cd/helm/templates/_helpers.tpl
@@ -0,0 +1,94 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "app.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "app.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" $name .Release.Namespace | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create instance name based on app version and short image sha.
+*/}}
+{{- define "app.revision" -}}
+{{- default .Release.Name .Values.appRel | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "app.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "app.labels" -}}
+helm.sh/chart: {{ include "app.chart" . }}
+{{ include "app.selectorLabels" . }}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "app.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/component: {{ include "app.fullname" . }}
+{{- end -}}
+
+{{/*
+Metrics Annotations
+*/}}
+{{- define "app.metricsAnnotations" -}}
+{{- if .Values.metrics.enabled -}}
+prometheus.io/scrape: "true"
+prometheus.io/port: "{{ .Values.metrics.port }}"
+prometheus.io/path: {{ .Values.metrics.path | default "/metrics" | quote }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Image string
+*/}}
+{{- define "app.image" -}}
+{{- if .Values.image.sha -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}@{{ .Values.image.sha }}
+{{- else -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Security context
+*/}}
+{{- define "app.securitycontext" -}}
+runAsNonRoot: {{ .Values.security.runAsNonRoot | default false }}
+runAsGroup: {{ .Values.security.runAsGid | default 0 }}
+runAsUser: {{ .Values.security.runAsUid | default 0 }}
+fsGroup: {{ .Values.security.runAsGid | default 0 }}
+{{- end -}}
+
+{{/*
+PostgreSQL Connection string URI
+*/}}
+{{- define "app.postgresql.connectionstring" -}}
+postgresql://{{ .Values.connectionManager.database.user }}:{{ .Values.connectionManager.database.password }}@{{ .Values.connectionManager.database.host }}:{{ .Values.connectionManager.database.port }}/{{ .Release.Namespace }}_{{ include "app.name" . | replace "-" "_" }}?schema={{ .Values.connectionManager.database.schema }}
+{{- end -}}
+
+{{/*
+Ingress custom path.
+*/}}
+{{- define "app.path" -}}
+{{- default .Chart.Name .Values.ingress.pathOverride | replace "-manager" "" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/apps/gateway/deployment/ci-cd/helm/templates/deployment.yaml b/apps/gateway/deployment/ci-cd/helm/templates/deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..48a5eea6ce7f197e4dd83859bbb54d16fd180d5f
--- /dev/null
+++ b/apps/gateway/deployment/ci-cd/helm/templates/deployment.yaml
@@ -0,0 +1,97 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: "{{ template "app.name" . }}"
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ app.kubernetes.io/instance: {{ include "app.revision" . }}
+ app.kubernetes.io/part-of: rse
+spec:
+ replicas: {{ .Values.replicaCount }}
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 0
+ selector:
+ matchLabels:
+ {{- include "app.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ labels:
+ {{- include "app.labels" . | nindent 8 }}
+ annotations:
+ {{- include "app.metricsAnnotations" . | nindent 8 }}
+{{- if .Values.podAnnotations }}
+{{ toYaml .Values.podAnnotations | indent 8 }}
+{{- end }}
+ spec:
+ securityContext:
+{{- include "app.securitycontext" . | nindent 8 }}
+ imagePullSecrets:
+ - name: {{ .Values.image.pullSecrets }}
+ containers:
+ - name: {{ template "app.name" . }}
+ image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+ env:
+ {{- if eq .Release.Namespace "ocm" }}
+ - name: GATEWAY_HTTP_PORT
+ value: {{ .Values.ocm.gateway.http.port | quote }}
+ - name: GATEWAY_TCP_PORT
+ value: {{ .Values.ocm.gateway.tcp.port | quote }}
+ - name: GATEWAY_SOCKET_EVENT_NAME
+ value: {{ .Values.ocm.gateway.socket.event.name | quote }}
+ - name: GATEWAY_MESSAGE_PATTERN
+ value: {{ .Values.ocm.gateway.message.pattern | quote }}
+ - name: GATEWAY_HOST
+ value: {{ .Values.ocm.gateway.host | quote }}
+ - name: CONNECTION_SERVICE_TCP_PORT
+ value: {{ .Values.ocm.gateway.connection.service.tcp.port | quote }}
+ - name: CONNECTION_SERVICE_HOST
+ value: {{ .Values.ocm.gateway.connection.service.host | quote }}
+ - name: ATTESTATION_SERVICE_TCP_PORT
+ value: {{ .Values.ocm.gateway.attestation.service.tcp.port | quote }}
+ - name: ATTESTATION_SERVICE_HOST
+ value: {{ .Values.ocm.gateway.attestation.service.host | quote }}
+ - name: PROOF_SERVICE_TCP_PORT
+ value: {{ .Values.ocm.gateway.proof.service.tcp.port | quote }}
+ - name: PROOF_SERVICE_HOST
+ value: {{ .Values.ocm.gateway.proof.service.host | quote }}
+ {{- else if eq .Release.Namespace "ocm-test" }}
+ - name: GATEWAY_HTTP_PORT
+ value: {{ .Values.ocmtest.gateway.http.port | quote }}
+ - name: GATEWAY_TCP_PORT
+ value: {{ .Values.ocmtest.gateway.tcp.port | quote }}
+ - name: GATEWAY_SOCKET_EVENT_NAME
+ value: {{ .Values.ocmtest.gateway.socket.event.name | quote }}
+ - name: GATEWAY_MESSAGE_PATTERN
+ value: {{ .Values.ocmtest.gateway.message.pattern | quote }}
+ - name: GATEWAY_HOST
+ value: {{ .Values.ocmtest.gateway.host | quote }}
+ - name: CONNECTION_SERVICE_TCP_PORT
+ value: {{ .Values.ocmtest.gateway.connection.service.tcp.port | quote }}
+ - name: CONNECTION_SERVICE_HOST
+ value: {{ .Values.ocmtest.gateway.connection.service.host | quote }}
+ - name: ATTESTATION_SERVICE_TCP_PORT
+ value: {{ .Values.ocmtest.gateway.attestation.service.tcp.port | quote }}
+ - name: ATTESTATION_SERVICE_HOST
+ value: {{ .Values.ocmtest.gateway.attestation.service.host | quote }}
+ - name: PROOF_SERVICE_TCP_PORT
+ value: {{ .Values.ocmtest.gateway.proof.service.tcp.port | quote }}
+ - name: PROOF_SERVICE_HOST
+ value: {{ .Values.ocmtest.gateway.proof.service.host | quote }}
+ {{- end }}
+{{- if .Values.extraVars }}
+{{ toYaml .Values.extraVars | indent 8 }}
+{{- end }}
+ ports:
+ {{- if .Values.metrics.enabled }}
+ - name: monitoring
+ containerPort: {{ .Values.metrics.port }}
+ {{- end }}
+ - name: http
+ containerPort: {{ .Values.service.port }}
+ resources:
+{{ toYaml .Values.resources | indent 10 }}
diff --git a/apps/gateway/deployment/ci-cd/helm/templates/hpa.yaml b/apps/gateway/deployment/ci-cd/helm/templates/hpa.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..fc5c29e7463c24756cfa83754e8ab9336be7b8c2
--- /dev/null
+++ b/apps/gateway/deployment/ci-cd/helm/templates/hpa.yaml
@@ -0,0 +1,27 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ template "app.name" . }}
+ minReplicas: {{ .Values.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+ metrics:
+{{- with .Values.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+{{- end }}
+{{- with .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/apps/gateway/deployment/ci-cd/helm/templates/ingress.yaml b/apps/gateway/deployment/ci-cd/helm/templates/ingress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d801ea960b759b09a069dec1ddb3637f1dea912e
--- /dev/null
+++ b/apps/gateway/deployment/ci-cd/helm/templates/ingress.yaml
@@ -0,0 +1,29 @@
+{{- if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+ annotations:
+{{ toYaml .Values.ingress.annotations | indent 4 }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+spec:
+{{- if .Values.ingress.tlsEnabled }}
+ tls:
+ - hosts:
+ - {{ .Values.ingress.frontendDomain }}
+ secretName: {{ .Values.ingress.frontendTlsSecretName }}
+{{- end }}
+ rules:
+ - host: {{ .Values.ingress.frontendDomain }}
+ http:
+ paths:
+ - path: /{{ .Release.Namespace }}-{{ template "app.path" . }}(/|$)(.*)
+ pathType: Prefix
+ backend:
+ service:
+ name: {{ template "app.name" . }}
+ port:
+ number: {{ .Values.service.port }}
+{{- end }}
\ No newline at end of file
diff --git a/apps/gateway/deployment/ci-cd/helm/templates/service.yaml b/apps/gateway/deployment/ci-cd/helm/templates/service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d2687b90611d102b7c86a25dbfe154d1c3a86639
--- /dev/null
+++ b/apps/gateway/deployment/ci-cd/helm/templates/service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+spec:
+ clusterIP: None
+ ports:
+ - name: http
+ port: {{ .Values.service.port }}
+ targetPort: {{ .Values.service.port }}
+ - name: tcp
+ port: {{ .Values.service.port1 }}
+ targetPort: {{ .Values.service.port1 }}
+ selector:
+ {{- include "app.selectorLabels" . | nindent 4 }}
+
diff --git a/apps/gateway/deployment/ci-cd/helm/values.yaml b/apps/gateway/deployment/ci-cd/helm/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..589109d0daed7f6b30883239785cd78e0a8653fa
--- /dev/null
+++ b/apps/gateway/deployment/ci-cd/helm/values.yaml
@@ -0,0 +1,156 @@
+# -- Default number of instances to start
+replicaCount: 1
+# -- Application name
+name: gateway
+# -- Ovverwrites application name a
+nameOverride: ""
+
+image:
+ repository: eu.gcr.io/vrgn-infra-prj/gaiax/ocm
+ # -- Image name
+ name: ocm-engine/gateway
+ # -- Image tag
+ # Uses .Chart.AppVersion if empty
+ tag: ""
+ # -- Image sha, usually generated by the CI
+ # Uses image.tag if empty
+ sha: ""
+ # -- Image pull policy
+ pullPolicy: IfNotPresent
+ # -- Image pull secret when internal image is used
+ pullSecrets: deployment-key-light
+
+
+podAnnotations: {}
+##
+## Pass extra environment variables to the container.
+##
+# extraVars:
+# - name: EXTRA_VAR_1
+# value: extra-var-value-1
+# - name: EXTRA_VAR_2
+# value: extra-var-value-2
+##
+## Create new service when true, and use the specified uner name when set to the name specified
+##
+
+resources:
+ requests:
+ cpu: 25m
+ memory: 64Mi
+ limits:
+ cpu: 150m
+ memory: 128Mi
+
+## Configure pod autoscaling
+##
+
+autoscaling:
+ # -- Enable autoscaling
+ enabled: false
+ # -- Minimum replicas
+ minReplicas: 1
+ # -- Maximum replicas
+ maxReplicas: 3
+ # -- CPU target for autoscaling trigger
+ targetCPUUtilizationPercentage: 70
+ # -- Memory target for autoscaling trigger
+ targetMemoryUtilizationPercentage: 70
+##
+## Prometheus Exporter / Metrics
+##
+
+metrics:
+ # -- Enable prometheus metrics
+ enabled: true
+ # -- Port for prometheus metrics
+ port: 2112
+
+log:
+ level: "INFO"
+ encoding: json
+
+##
+## Kubernetes [SecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) object.
+##
+
+security:
+ # -- by default, apps run as non-root
+ runAsNonRoot: false
+ # -- User used by the apps
+ runAsUid: 0
+ # -- Group used by the apps
+ runAsGid: 0
+##
+##
+service:
+ port: 8081
+ port1: 8881
+
+
+ocm:
+ gateway:
+ http:
+ port: 8081
+ tcp:
+ port: 8881
+ socket:
+ event:
+ name: message
+ message:
+ pattern: webhook
+ host: gateway.ocm
+ connection:
+ service:
+ tcp:
+ port: 8882
+ host: connection-manager.ocm
+ attestation:
+ service:
+ tcp:
+ port: 8883
+ host: attestation-manager.ocm
+ proof:
+ service:
+ tcp:
+ port: 8884
+ host: proof-manager.ocm
+
+ocmtest:
+ gateway:
+ http:
+ port: 8081
+ tcp:
+ port: 8881
+ socket:
+ event:
+ name: message
+ message:
+ pattern: webhook
+ host: gateway.ocm-test
+ connection:
+ service:
+ tcp:
+ port: 8882
+ host: connection-manager.ocm-test
+ attestation:
+ service:
+ tcp:
+ port: 8883
+ host: attestation-manager.ocm-test
+ proof:
+ service:
+ tcp:
+ port: 8884
+ host: proof-manager.ocm-test
+
+ingress:
+ enabled: true
+ annotations:
+ cert-manager.io/cluster-issuer: letsencrypt-production-http
+ kubernetes.io/ingress.class: nginx
+ nginx.ingress.kubernetes.io/rewrite-target: /$2
+ tlsEnabled: true
+ frontendDomain: ssi-dev.vereign.com
+ frontendTlsSecretName: cert-manager-tls
+ pathOverride: ""
diff --git a/apps/gateway/deployment/Dockerfile b/apps/gateway/deployment/local/Dockerfile
similarity index 99%
rename from apps/gateway/deployment/Dockerfile
rename to apps/gateway/deployment/local/Dockerfile
index 7fd2b527b187305e6c390355bc084de13cddc5ab..25901e7ff9d09e61558c1d754a15606a55ed7c7e 100644
--- a/apps/gateway/deployment/Dockerfile
+++ b/apps/gateway/deployment/local/Dockerfile
@@ -14,3 +14,4 @@ EXPOSE 8081
EXPOSE 8881
CMD ["node", "main.js"]
+
diff --git a/apps/proof-manager/deployment/ci-cd/Dockerfile b/apps/proof-manager/deployment/ci-cd/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..cf7af2f508d19469ccdab9781550bb0c39db8d1f
--- /dev/null
+++ b/apps/proof-manager/deployment/ci-cd/Dockerfile
@@ -0,0 +1,38 @@
+FROM node:18.16.0-buster-slim
+
+# Argument handler
+ARG API_TOKEN
+ARG JOB_ID
+
+# Instal required software
+RUN apt update -y && apt install python3 git make build-essential wget unzip -y
+
+# Set the working directory
+WORKDIR app
+
+# Set the ENV variables
+ENV GITLAB_BASE_URL=https://code.vereign.com/api/v4
+ENV GITLAB_PROJECT_ID=662
+ENV TOKEN=$API_TOKEN
+ENV ID=$JOB_ID
+
+# Download the artifacts from the GitLab API
+RUN wget --header "PRIVATE-TOKEN: $TOKEN" -O artifacts.zip "${GITLAB_BASE_URL}/projects/${GITLAB_PROJECT_ID}/jobs/${ID}/artifacts"
+
+# Unzip the artifacts (if needed) - adjust this command based on your artifact type
+RUN unzip -q artifacts.zip && rm artifacts.zip
+
+# Fix locations
+RUN cp ./dist/apps/proof-manager/main.js .
+RUN cp ./dist/apps/proof-manager/main.js.map .
+RUN cp -r ./dist/libs/config .
+RUN cp -r ./dist/libs/dtos .
+RUN cp -r ./dist/libs/nats .
+
+RUN yarn install
+
+# Expose required ports
+EXPOSE 8882
+
+# Command to run
+CMD ["node", "main.js"]
diff --git a/apps/proof-manager/deployment/ci-cd/helm/Chart.yaml b/apps/proof-manager/deployment/ci-cd/helm/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a99d0e07c93f31d293168c2c1dd667122830c223
--- /dev/null
+++ b/apps/proof-manager/deployment/ci-cd/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+appVersion: build-654
+description: proof-manager deployment
+name: proof-manager
+version: 0.0.2
+icon: "https://www.vereign.com/wp-content/themes/vereign2020/images/vereign-logo.svg"
diff --git a/apps/proof-manager/deployment/ci-cd/helm/templates/_helpers.tpl b/apps/proof-manager/deployment/ci-cd/helm/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..6cba3ffc4fead9c4924f9788d1fb6c1daf8874e3
--- /dev/null
+++ b/apps/proof-manager/deployment/ci-cd/helm/templates/_helpers.tpl
@@ -0,0 +1,94 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "app.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "app.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" $name .Release.Namespace | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create instance name based on app version and short image sha.
+*/}}
+{{- define "app.revision" -}}
+{{- default .Release.Name .Values.appRel | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "app.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "app.labels" -}}
+helm.sh/chart: {{ include "app.chart" . }}
+{{ include "app.selectorLabels" . }}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "app.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/component: {{ include "app.fullname" . }}
+{{- end -}}
+
+{{/*
+Metrics Annotations
+*/}}
+{{- define "app.metricsAnnotations" -}}
+{{- if .Values.metrics.enabled -}}
+prometheus.io/scrape: "true"
+prometheus.io/port: "{{ .Values.metrics.port }}"
+prometheus.io/path: {{ .Values.metrics.path | default "/metrics" | quote }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Image string
+*/}}
+{{- define "app.image" -}}
+{{- if .Values.image.sha -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}@{{ .Values.image.sha }}
+{{- else -}}
+{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Security context
+*/}}
+{{- define "app.securitycontext" -}}
+runAsNonRoot: {{ .Values.security.runAsNonRoot | default false }}
+runAsGroup: {{ .Values.security.runAsGid | default 0 }}
+runAsUser: {{ .Values.security.runAsUid | default 0 }}
+fsGroup: {{ .Values.security.runAsGid | default 0 }}
+{{- end -}}
+
+{{/*
+PostgreSQL Connection string URI
+*/}}
+{{- define "app.postgresql.connectionstring" -}}
+postgresql://{{ .Values.attestationManager.database.user }}:{{ .Values.attestationManager.database.password }}@{{ .Values.attestationManager.database.host }}:{{ .Values.attestationManager.database.port }}/{{ .Release.Namespace }}_{{ include "app.name" . | replace "-" "_" }}?schema={{ .Values.attestationManager.database.schema }}
+{{- end -}}
+
+{{/*
+Ingress custom path.
+*/}}
+{{- define "app.path" -}}
+{{- default .Chart.Name .Values.ingress.pathOverride | replace "-manager" "" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/apps/proof-manager/deployment/ci-cd/helm/templates/deployment.yaml b/apps/proof-manager/deployment/ci-cd/helm/templates/deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..67b9487ea5372ae3ee404954548943c0cd873432
--- /dev/null
+++ b/apps/proof-manager/deployment/ci-cd/helm/templates/deployment.yaml
@@ -0,0 +1,73 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: "{{ template "app.name" . }}"
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ app.kubernetes.io/instance: {{ include "app.revision" . }}
+ app.kubernetes.io/part-of: rse
+spec:
+ replicas: {{ .Values.replicaCount }}
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 0
+ selector:
+ matchLabels:
+ {{- include "app.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ labels:
+ {{- include "app.labels" . | nindent 8 }}
+ annotations:
+ {{- include "app.metricsAnnotations" . | nindent 8 }}
+{{- if .Values.podAnnotations }}
+{{ toYaml .Values.podAnnotations | indent 8 }}
+{{- end }}
+ spec:
+ securityContext:
+{{- include "app.securitycontext" . | nindent 8 }}
+ imagePullSecrets:
+ - name: {{ .Values.image.pullSecrets }}
+ containers:
+ - name: {{ template "app.name" . }}
+ image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+ env:
+ {{- if eq .Release.Namespace "ocm" }}
+ - name: NATS_SERVERS
+ value: {{ .Values.ocm.nats.server | quote }}
+ - name: NATS_STREAM_NAME
+ value: {{ .Values.ocm.nats.name | quote }}
+ - name: NATS_SUBJECTS
+ value: {{ .Values.ocm.nats.subjects | quote }}
+ - name: PROOF_SERVICE_TCP_PORT
+ value: {{ .Values.ocm.proofManager.service.tcp.port | quote }}
+ - name: PROOF_SERVICE_HOST
+ value: {{ .Values.ocm.proofManager.service.host | quote }}
+ {{- else if eq .Release.Namespace "ocm-test" }}
+ - name: NATS_SERVERS
+ value: {{ .Values.ocmtest.nats.server | quote }}
+ - name: NATS_STREAM_NAME
+ value: {{ .Values.ocmtest.nats.name | quote }}
+ - name: NATS_SUBJECTS
+ value: {{ .Values.ocmtest.nats.subjects | quote }}
+ - name: PROOF_SERVICE_TCP_PORT
+ value: {{ .Values.ocmtest.proofManager.service.tcp.port | quote }}
+ - name: PROOF_SERVICE_HOST
+ value: {{ .Values.ocmtest.proofManager.service.host | quote }}
+ {{- end }}
+{{- if .Values.extraVars }}
+{{ toYaml .Values.extraVars | indent 8 }}
+{{- end }}
+ ports:
+ {{- if .Values.metrics.enabled }}
+ - name: monitoring
+ containerPort: {{ .Values.metrics.port }}
+ {{- end }}
+ - name: http
+ containerPort: {{ .Values.service.port }}
+ resources:
+{{ toYaml .Values.resources | indent 10 }}
diff --git a/apps/proof-manager/deployment/ci-cd/helm/templates/hpa.yaml b/apps/proof-manager/deployment/ci-cd/helm/templates/hpa.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..fc5c29e7463c24756cfa83754e8ab9336be7b8c2
--- /dev/null
+++ b/apps/proof-manager/deployment/ci-cd/helm/templates/hpa.yaml
@@ -0,0 +1,27 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ template "app.name" . }}
+ minReplicas: {{ .Values.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+ metrics:
+{{- with .Values.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+{{- end }}
+{{- with .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/apps/proof-manager/deployment/ci-cd/helm/templates/service.yaml b/apps/proof-manager/deployment/ci-cd/helm/templates/service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..21c57ac87992e185f824c0c8c9fbf8ab19b289d2
--- /dev/null
+++ b/apps/proof-manager/deployment/ci-cd/helm/templates/service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "app.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "app.labels" . | nindent 4 }}
+spec:
+ clusterIP: None
+ ports:
+ - name: http
+ port: {{ .Values.service.port }}
+ targetPort: {{ .Values.service.port }}
+ selector:
+ {{- include "app.selectorLabels" . | nindent 4 }}
+
diff --git a/apps/proof-manager/deployment/ci-cd/helm/values.yaml b/apps/proof-manager/deployment/ci-cd/helm/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..320de2f0f211c1ee0c6669647480a5c1fdc6743a
--- /dev/null
+++ b/apps/proof-manager/deployment/ci-cd/helm/values.yaml
@@ -0,0 +1,112 @@
+# -- Default number of instances to start
+replicaCount: 1
+# -- Application name
+name: proof-manager
+# -- Ovverwrites application name
+nameOverride: ""
+
+image:
+ repository: eu.gcr.io/vrgn-infra-prj/gaiax/ocm
+ # -- Image name
+ name: ocm-engine/proof-manager
+ # -- Image tag
+ # Uses .Chart.AppVersion if empty
+ tag: ""
+ # -- Image sha, usually generated by the CI
+ # Uses image.tag if empty
+ sha: ""
+ # -- Image pull policy
+ pullPolicy: IfNotPresent
+ # -- Image pull secret when internal image is used
+ pullSecrets: deployment-key-light
+
+
+podAnnotations: {}
+##
+## Pass extra environment variables to the container.
+##
+# extraVars:
+# - name: EXTRA_VAR_1
+# value: extra-var-value-1
+# - name: EXTRA_VAR_2
+# value: extra-var-value-2
+##
+## Create new service when true, and use the specified uner name when set to the name specified
+##
+
+resources:
+ requests:
+ cpu: 25m
+ memory: 64Mi
+ limits:
+ cpu: 150m
+ memory: 128Mi
+
+## Configure pod autoscaling
+##
+
+autoscaling:
+ # -- Enable autoscaling
+ enabled: false
+ # -- Minimum replicas
+ minReplicas: 1
+ # -- Maximum replicas
+ maxReplicas: 3
+ # -- CPU target for autoscaling trigger
+ targetCPUUtilizationPercentage: 70
+ # -- Memory target for autoscaling trigger
+ targetMemoryUtilizationPercentage: 70
+##
+## Prometheus Exporter / Metrics
+##
+
+metrics:
+ # -- Enable prometheus metrics
+ enabled: true
+ # -- Port for prometheus metrics
+ port: 2112
+
+log:
+ level: "INFO"
+ encoding: json
+
+##
+## Kubernetes [SecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) object.
+##
+
+security:
+ # -- by default, apps run as non-root
+ runAsNonRoot: false
+ # -- User used by the apps
+ runAsUid: 0
+ # -- Group used by the apps
+ runAsGid: 0
+##
+##
+service:
+ port: 8884
+
+ocm:
+ proofManager:
+ service:
+ tcp:
+ port: 8883
+ host: "proof-manager.ocm"
+ nats:
+ server: "nats.ocm:4222"
+ name: "ssi_holder_stream"
+ subjects: "connections.*,proofs.*,credentials.*,credentials.definition.*,credentials.offer.*,schemas.*,messages.*"
+
+ocmtest:
+ proofManager:
+ service:
+ tcp:
+ port: 8883
+ host: "proof-manager.ocm-test"
+ nats:
+ server: "nats.ocm-test:4222"
+ name: "ssi_holder_stream"
+ subjects: "connections.*,proofs.*,credentials.*,credentials.definition.*,credentials.offer.*,schemas.*,messages.*"
+
+ingress:
+ enabled: false
\ No newline at end of file
diff --git a/apps/proof-manager/deployment/Dockerfile b/apps/proof-manager/deployment/local/Dockerfile
similarity index 99%
rename from apps/proof-manager/deployment/Dockerfile
rename to apps/proof-manager/deployment/local/Dockerfile
index 8c740efc99871407d03be48922d4a533808f51ce..2f2254564b30429432c48b09736d2318ad0d6350 100644
--- a/apps/proof-manager/deployment/Dockerfile
+++ b/apps/proof-manager/deployment/local/Dockerfile
@@ -13,3 +13,4 @@ RUN yarn install
EXPOSE 8882
CMD ["node", "main.js"]
+
diff --git a/compose/docker-compose.simple.yml b/compose/docker-compose.simple.yml
index 0d8d9ad9557fbabc3efc2789d571667cdaf0b2ac..30d614e481ab7e208ea86f184cf39f4fe029c862 100644
--- a/compose/docker-compose.simple.yml
+++ b/compose/docker-compose.simple.yml
@@ -15,7 +15,7 @@ services:
container_name: agent-issuer-simple
build:
context: "../"
- dockerfile: "./apps/agent/deployment/Dockerfile"
+ dockerfile: "./apps/agent/deployment/local/Dockerfile"
env_file:
- ./env/issuer.simple.env
ports:
@@ -29,7 +29,7 @@ services:
container_name: agent-holder-simple
build:
context: "../"
- dockerfile: "./apps/agent/deployment/Dockerfile"
+ dockerfile: "./apps/agent/deployment/local/Dockerfile"
env_file:
- ./env/holder.simple.env
ports:
diff --git a/package.json b/package.json
index 18c6045eaa5387a868ad4f21db6fb08e7cc85226..3443e6970e52e3487e33e157972825a37f297ccb 100644
--- a/package.json
+++ b/package.json
@@ -53,7 +53,8 @@
"nats": "^2.14.0",
"reflect-metadata": "^0.1.13",
"rxjs": "^7.0.0",
- "tslib": "^2.3.0"
+ "tslib": "^2.3.0",
+ "ws": "^8.13.0"
},
"devDependencies": {
"@aries-framework/anoncreds": "^0.4.0",
diff --git a/yarn.lock b/yarn.lock
index 81e582cf1544525ea5e815e534ef97550a457856..9b857ac58a18edcb876f55ba20d6a865edc57975 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1141,11 +1141,11 @@
integrity sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ==
"@commitlint/config-conventional@^17.6.1":
- version "17.6.7"
- resolved "https://registry.yarnpkg.com/@commitlint/config-conventional/-/config-conventional-17.6.7.tgz#8469d977def36148615e9516b1a521e38ca27ddd"
- integrity sha512-4oTpEUC0HRM54QRHBPMOJW1pETp7usxXn9RuNYNWHcmu8wi1mpws95hvS20u2n6HtIkTn0jfn7vHioCm4AGUTw==
+ version "17.7.0"
+ resolved "https://registry.yarnpkg.com/@commitlint/config-conventional/-/config-conventional-17.7.0.tgz#1bbf2bce7851db63c1a8aa8d924277ad4938247e"
+ integrity sha512-iicqh2o6et+9kWaqsQiEYZzfLbtoWv9uZl8kbI8EGfnc0HeGafQBF7AJ0ylN9D/2kj6txltsdyQs8+2fTMwWEw==
dependencies:
- conventional-changelog-conventionalcommits "^5.0.0"
+ conventional-changelog-conventionalcommits "^6.1.0"
"@cspotcode/source-map-support@^0.8.0":
version "0.8.1"
@@ -2462,9 +2462,9 @@
url-join "^5.0.0"
"@semantic-release/gitlab@^12.0.1":
- version "12.0.4"
- resolved "https://registry.yarnpkg.com/@semantic-release/gitlab/-/gitlab-12.0.4.tgz#ac8ec980b37723ea45d82b94f164dbfd88800f69"
- integrity sha512-4NRc9wf9xJglomskpZuRp////bUArlFFP/a6PX4LVSMxn4/jD7UgN474d/1xgixlWRxzmN48L32gyvAjq+znpw==
+ version "12.0.5"
+ resolved "https://registry.yarnpkg.com/@semantic-release/gitlab/-/gitlab-12.0.5.tgz#533860a1a90472c34d13d131a7fdc594305e828d"
+ integrity sha512-7iLeD5J0BF34jBUKTYbJT+Z+J9j55PXeR78wKWq9Lqbc8Y566D0g8BNVl9HUVSv6eipELdkqS+zMyTDGqiUL1w==
dependencies:
"@semantic-release/error" "^4.0.0"
aggregate-error "^4.0.0"
@@ -2532,10 +2532,10 @@
resolved "https://registry.yarnpkg.com/@sideway/pinpoint/-/pinpoint-2.0.0.tgz#cff8ffadc372ad29fd3f78277aeb29e632cc70df"
integrity sha512-RNiOoTPkptFtSVzQevY/yWtZwf/RxyVnPy/OcA9HBM3MlGDnBEYL5B41H0MTn0Uec8Hi+2qUtTfG2WWZBmMejQ==
-"@sigstore/bundle@^1.0.0":
- version "1.0.0"
- resolved "https://registry.yarnpkg.com/@sigstore/bundle/-/bundle-1.0.0.tgz#2f2f4867f434760f4bc6f4b4bbccbaecd4143bc3"
- integrity sha512-yLvrWDOh6uMOUlFCTJIZEnwOT9Xte7NPXUqVexEKGSF5XtBAuSg5du0kn3dRR0p47a4ah10Y0mNt8+uyeQXrBQ==
+"@sigstore/bundle@^1.1.0":
+ version "1.1.0"
+ resolved "https://registry.yarnpkg.com/@sigstore/bundle/-/bundle-1.1.0.tgz#17f8d813b09348b16eeed66a8cf1c3d6bd3d04f1"
+ integrity sha512-PFutXEy0SmQxYI4texPw3dd2KewuNqv7OuK1ZFtY2fM754yhvG2KdgwIhRnoEE2uHdtdGNQ8s0lb94dW9sELog==
dependencies:
"@sigstore/protobuf-specs" "^0.2.0"
@@ -2544,6 +2544,15 @@
resolved "https://registry.yarnpkg.com/@sigstore/protobuf-specs/-/protobuf-specs-0.2.0.tgz#5801b2a4d10afe1577be6133be6b132b5677c18c"
integrity sha512-8ZhZKAVfXjIspDWwm3D3Kvj0ddbJ0HqDZ/pOs5cx88HpT8mVsotFrg7H1UMnXOuDHz6Zykwxn4mxG3QLuN+RUg==
+"@sigstore/sign@^1.0.0":
+ version "1.0.0"
+ resolved "https://registry.yarnpkg.com/@sigstore/sign/-/sign-1.0.0.tgz#6b08ebc2f6c92aa5acb07a49784cb6738796f7b4"
+ integrity sha512-INxFVNQteLtcfGmcoldzV6Je0sbbfh9I16DM4yJPw3j5+TFP8X6uIiA18mvpEa9yyeycAKgPmOA3X9hVdVTPUA==
+ dependencies:
+ "@sigstore/bundle" "^1.1.0"
+ "@sigstore/protobuf-specs" "^0.2.0"
+ make-fetch-happen "^11.0.1"
+
"@sigstore/tuf@^1.0.3":
version "1.0.3"
resolved "https://registry.yarnpkg.com/@sigstore/tuf/-/tuf-1.0.3.tgz#2a65986772ede996485728f027b0514c0b70b160"
@@ -2871,9 +2880,9 @@
integrity sha512-jhuKLIRrhvCPLqwPcx6INqmKeiA5EWrsCOPhrlFSrbrmU4ZMPjj5Ul/oLCMDO98XRUIwVm78xICz4EPCektzeQ==
"@types/node@*":
- version "20.4.8"
- resolved "https://registry.yarnpkg.com/@types/node/-/node-20.4.8.tgz#b5dda19adaa473a9bf0ab5cbd8f30ec7d43f5c85"
- integrity sha512-0mHckf6D2DiIAzh8fM8f3HQCvMKDpK94YQ0DSVkfWTG9BZleYIWudw9cJxX8oCk9bM+vAkDyujDV6dmKHbvQpg==
+ version "20.5.0"
+ resolved "https://registry.yarnpkg.com/@types/node/-/node-20.5.0.tgz#7fc8636d5f1aaa3b21e6245e97d56b7f56702313"
+ integrity sha512-Mgq7eCtoTjT89FqNoTzzXg2XvCi5VMhRV6+I2aYanc6kQCBImeNaAYRs/DyoVqk1YEUJK5gN9VO7HRIdz4Wo3Q==
"@types/node@~18.7.1":
version "18.7.23"
@@ -3590,12 +3599,12 @@ atob@^2.1.2:
integrity sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==
autoprefixer@^10.4.9:
- version "10.4.14"
- resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-10.4.14.tgz#e28d49902f8e759dd25b153264e862df2705f79d"
- integrity sha512-FQzyfOsTlwVzjHxKEqRIAdJx9niO6VCBCoEwax/VLSoQF29ggECcPuBqUMZ+u8jCZOPSy8b8/8KnuFbp0SaFZQ==
+ version "10.4.15"
+ resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-10.4.15.tgz#a1230f4aeb3636b89120b34a1f513e2f6834d530"
+ integrity sha512-KCuPB8ZCIqFdA4HwKXsvz7j6gvSDNhDP7WnUjBleRkKjPdvCmHFuQ77ocavI8FT6NdvlBnE2UFr2H4Mycn8Vew==
dependencies:
- browserslist "^4.21.5"
- caniuse-lite "^1.0.30001464"
+ browserslist "^4.21.10"
+ caniuse-lite "^1.0.30001520"
fraction.js "^4.2.0"
normalize-range "^0.1.2"
picocolors "^1.0.0"
@@ -3906,7 +3915,7 @@ braces@^3.0.2, braces@~3.0.2:
dependencies:
fill-range "^7.0.1"
-browserslist@^4.0.0, browserslist@^4.14.5, browserslist@^4.21.4, browserslist@^4.21.5, browserslist@^4.21.9:
+browserslist@^4.0.0, browserslist@^4.14.5, browserslist@^4.21.10, browserslist@^4.21.4, browserslist@^4.21.9:
version "4.21.10"
resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.21.10.tgz#dbbac576628c13d3b2231332cb2ec5a46e015bb0"
integrity sha512-bipEBdZfVH5/pwrvqc+Ub0kUPVfGUhlKxbvfD+z1BDnPEO/X98ruXGA1WP5ASpAFKan7Qr6j736IacbZQuAlKQ==
@@ -4053,10 +4062,10 @@ caniuse-api@^3.0.0:
lodash.memoize "^4.1.2"
lodash.uniq "^4.5.0"
-caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001464, caniuse-lite@^1.0.30001517:
- version "1.0.30001519"
- resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001519.tgz#3e7b8b8a7077e78b0eb054d69e6edf5c7df35601"
- integrity sha512-0QHgqR+Jv4bxHMp8kZ1Kn8CH55OikjKJ6JmKkZYP1F3D7w+lnFXF70nG5eNfsZS89jadi5Ywy5UCSKLAglIRkg==
+caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001517, caniuse-lite@^1.0.30001520:
+ version "1.0.30001520"
+ resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001520.tgz#62e2b7a1c7b35269594cf296a80bdf8cb9565006"
+ integrity sha512-tahF5O9EiiTzwTUqAeFjIZbn4Dnqxzz7ktrgGlMYNLH43Ul26IgTMH/zvL3DG0lZxBYnlT04axvInszUsZULdA==
canonicalize@^1.0.1:
version "1.0.8"
@@ -4456,6 +4465,13 @@ conventional-changelog-conventionalcommits@^5.0.0:
lodash "^4.17.15"
q "^1.5.1"
+conventional-changelog-conventionalcommits@^6.1.0:
+ version "6.1.0"
+ resolved "https://registry.yarnpkg.com/conventional-changelog-conventionalcommits/-/conventional-changelog-conventionalcommits-6.1.0.tgz#3bad05f4eea64e423d3d90fc50c17d2c8cf17652"
+ integrity sha512-3cS3GEtR78zTfMzk0AizXKKIdN4OvSh7ibNz6/DPbhWWQu7LqE/8+/GqSodV+sywUR2gpJAdP/1JFf4XtN7Zpw==
+ dependencies:
+ compare-func "^2.0.0"
+
conventional-changelog-core@^4.2.1:
version "4.2.4"
resolved "https://registry.yarnpkg.com/conventional-changelog-core/-/conventional-changelog-core-4.2.4.tgz#e50d047e8ebacf63fac3dc67bf918177001e1e9f"
@@ -5091,9 +5107,9 @@ ejs@^3.1.7:
jake "^10.8.5"
electron-to-chromium@^1.4.477:
- version "1.4.487"
- resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.487.tgz#e2ef8b15f2791bf68fa6f38f2656f1a551d360ae"
- integrity sha512-XbCRs/34l31np/p33m+5tdBrdXu9jJkZxSbNxj5I0H1KtV2ZMSB+i/HYqDiRzHaFx2T5EdytjoBRe8QRJE2vQg==
+ version "1.4.490"
+ resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.490.tgz#d99286f6e915667fa18ea4554def1aa60eb4d5f1"
+ integrity sha512-6s7NVJz+sATdYnIwhdshx/N/9O6rvMxmhVoDSDFdj6iA45gHR8EQje70+RYsF4GeB+k0IeNSBnP7yG9ZXJFr7A==
emittery@^0.13.1:
version "0.13.1"
@@ -5288,9 +5304,9 @@ eslint-visitor-keys@^2.0.0:
integrity sha512-0rSmRBzXgDzIsD6mGdJgevzgezI534Cer5L/vyMX0kHzT/jiB43jRhd9YUlMGYLQy2zprNmoT8qasCGtY+QaKw==
eslint-visitor-keys@^3.3.0, eslint-visitor-keys@^3.4.1:
- version "3.4.2"
- resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.4.2.tgz#8c2095440eca8c933bedcadf16fefa44dbe9ba5f"
- integrity sha512-8drBzUEyZ2llkpCA67iYrgEssKDUu68V8ChqqOfFupIaG/LCVPUT+CoGJpT77zJprs4T/W7p07LP7zAIMuweVw==
+ version "3.4.3"
+ resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz#0cd72fe8550e3c2eae156a96a4dddcd1c8ac5800"
+ integrity sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag==
eslint@~8.15.0:
version "8.15.0"
@@ -6098,9 +6114,9 @@ globals@^11.1.0:
integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==
globals@^13.19.0, globals@^13.6.0:
- version "13.20.0"
- resolved "https://registry.yarnpkg.com/globals/-/globals-13.20.0.tgz#ea276a1e508ffd4f1612888f9d1bad1e2717bf82"
- integrity sha512-Qg5QtVkCy/kv3FUSlu4ukeZDVf9ee0iXLAUYX13gbR17bnejFTzr4iS9bY7kwCf1NztRNm1t91fjOiyx4CSwPQ==
+ version "13.21.0"
+ resolved "https://registry.yarnpkg.com/globals/-/globals-13.21.0.tgz#163aae12f34ef502f5153cfbdd3600f36c63c571"
+ integrity sha512-ybyme3s4yy/t/3s35bewwXKOf7cvzfreG2lH0lZl0JB7I4GxRP2ghxOK/Nb9EkRXdbBXZLfq/p/0W2JUONB/Gg==
dependencies:
type-fest "^0.20.2"
@@ -6818,9 +6834,9 @@ iterare@1.2.1:
integrity sha512-RKYVTCjAnRthyJes037NX/IiqeidgN1xc3j1RjFfECFp28A1GVwK9nA+i0rJPaHqSZwygLzRnFlzUuHFoWWy+Q==
jackspeak@^2.0.3:
- version "2.2.2"
- resolved "https://registry.yarnpkg.com/jackspeak/-/jackspeak-2.2.2.tgz#707c62733924b8dc2a0a629dc6248577788b5385"
- integrity sha512-mgNtVv4vUuaKA97yxUHoA3+FkuhtxkjdXEWOyB/N76fjy0FjezEt34oy3epBtvCvS+7DyKwqCFWx/oJLV5+kCg==
+ version "2.2.3"
+ resolved "https://registry.yarnpkg.com/jackspeak/-/jackspeak-2.2.3.tgz#ac63c57c18d254dc78a1f4ecd1cdeb4daeb6e616"
+ integrity sha512-pF0kfjmg8DJLxDrizHoCZGUFz4P4czQ3HyfW4BU0ffebYkzAVlBywp5zaxW/TM+r0sGbmrQdi8EQQVTJFxnGsQ==
dependencies:
"@isaacs/cliui" "^8.0.2"
optionalDependencies:
@@ -7536,9 +7552,9 @@ libnpmversion@^4.0.2:
semver "^7.3.7"
libphonenumber-js@^1.10.14:
- version "1.10.39"
- resolved "https://registry.yarnpkg.com/libphonenumber-js/-/libphonenumber-js-1.10.39.tgz#12dd512621c9ebb13402a694ac81dc78511cd982"
- integrity sha512-iPMM/NbSNIrdwbr94rAOos6krB7snhfzEptmk/DJUtTPs+P9gOhZ1YXVPcRgjpp3jJByclfm/Igvz45spfJK7g==
+ version "1.10.41"
+ resolved "https://registry.yarnpkg.com/libphonenumber-js/-/libphonenumber-js-1.10.41.tgz#14b6be5894bed3385808a6a088031b5b8a27c105"
+ integrity sha512-4rmmF4u4vD3eGNuuCGjCPwRwO+fIuu1WWcS7VwbPTiMFkJd8F02v8o5pY5tlYuMR+xOvJ88mtOHpkm0Tnu2LcQ==
license-webpack-plugin@^4.0.2:
version "4.0.2"
@@ -7715,9 +7731,9 @@ lru-cache@^7.4.4, lru-cache@^7.5.1, lru-cache@^7.7.1:
integrity sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==
"lru-cache@^9.1.1 || ^10.0.0":
- version "10.0.0"
- resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-10.0.0.tgz#b9e2a6a72a129d81ab317202d93c7691df727e61"
- integrity sha512-svTf/fzsKHffP42sujkO/Rjs37BCIsQVRCeNYIm9WN8rgT7ffoUnRtZCqU+6BqcSBdv8gwJeTz8knJpgACeQMw==
+ version "10.0.1"
+ resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-10.0.1.tgz#0a3be479df549cca0e5d693ac402ff19537a6b7a"
+ integrity sha512-IJ4uwUTi2qCccrioU6g9g/5rvvVl13bsdczUUcqbciD9iLr095yj8DQKdObriEvuNSx325N1rV1O0sJFszx75g==
lru_map@^0.4.1:
version "0.4.1"
@@ -7725,9 +7741,9 @@ lru_map@^0.4.1:
integrity sha512-I+lBvqMMFfqaV8CJCISjI3wbjmwVu/VyOoU7+qtu9d7ioW5klMgsTTiUOUp+DJvfTTzKXoPbyC6YfgkNcyPSOg==
luxon@^3.3.0:
- version "3.3.0"
- resolved "https://registry.yarnpkg.com/luxon/-/luxon-3.3.0.tgz#d73ab5b5d2b49a461c47cedbc7e73309b4805b48"
- integrity sha512-An0UCfG/rSiqtAIiBPO0Y9/zAnHUZxAMiCpTd5h2smgsj7GGmcenvrvww2cqNA8/4A5ZrD1gJpHN2mIHZQF+Mg==
+ version "3.4.0"
+ resolved "https://registry.yarnpkg.com/luxon/-/luxon-3.4.0.tgz#17cb754efecbf76994f05b2a3f1f91fad7ddfde7"
+ integrity sha512-7eDo4Pt7aGhoCheGFIuq4Xa2fJm4ZpmldpGhjTYBNUYNCN6TIEP6v7chwwwt3KRp7YR+rghbfvjyo3V5y9hgBw==
magic-string@0.30.0:
version "0.30.0"
@@ -8041,9 +8057,9 @@ minipass@^5.0.0:
integrity sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==
"minipass@^5.0.0 || ^6.0.2 || ^7.0.0":
- version "7.0.2"
- resolved "https://registry.yarnpkg.com/minipass/-/minipass-7.0.2.tgz#58a82b7d81c7010da5bd4b2c0c85ac4b4ec5131e"
- integrity sha512-eL79dXrE1q9dBbDCLg7xfn/vl7MS4F1gvJAgjJrQli/jbQWdUttuVawphqpffoIYfRdq78LHx6GP4bU/EQ2ATA==
+ version "7.0.3"
+ resolved "https://registry.yarnpkg.com/minipass/-/minipass-7.0.3.tgz#05ea638da44e475037ed94d1c7efcc76a25e1974"
+ integrity sha512-LhbbwCfz3vsb12j/WkWQPZfKTsgqIe1Nf/ti1pKjYESGLHIVjWU96G9/ljLH4F9mWNVhlQOm0VySdAWzf05dpg==
minizlib@^2.1.1, minizlib@^2.1.2:
version "2.1.2"
@@ -9867,9 +9883,9 @@ sass-loader@^12.2.0:
neo-async "^2.6.2"
sass@^1.42.1:
- version "1.64.2"
- resolved "https://registry.yarnpkg.com/sass/-/sass-1.64.2.tgz#0d9805ad6acf31c59c3acc725fcfb91b7fcc6909"
- integrity sha512-TnDlfc+CRnUAgLO9D8cQLFu/GIjJIzJCGkE7o4ekIGQOH7T3GetiRR/PsTWJUHhkzcSPrARkPI+gNWn5alCzDg==
+ version "1.65.1"
+ resolved "https://registry.yarnpkg.com/sass/-/sass-1.65.1.tgz#8f283b0c26335a88246a448d22e1342ba2ea1432"
+ integrity sha512-9DINwtHmA41SEd36eVPQ9BJKpn7eKDQmUHmpI0y5Zv2Rcorrh0zS+cFrt050hdNbmmCNKTW3hV5mWfuegNRsEA==
dependencies:
chokidar ">=3.0.0 <4.0.0"
immutable "^4.0.0"
@@ -10098,12 +10114,13 @@ signale@^1.2.1:
pkg-conf "^2.1.0"
sigstore@^1.3.0, sigstore@^1.4.0, sigstore@^1.7.0:
- version "1.8.0"
- resolved "https://registry.yarnpkg.com/sigstore/-/sigstore-1.8.0.tgz#f790120697fa7c89f4418598ce59e638ff680aa5"
- integrity sha512-ogU8qtQ3VFBawRJ8wjsBEX/vIFeHuGs1fm4jZtjWQwjo8pfAt7T/rh+udlAN4+QUe0IzA8qRSc/YZ7dHP6kh+w==
+ version "1.9.0"
+ resolved "https://registry.yarnpkg.com/sigstore/-/sigstore-1.9.0.tgz#1e7ad8933aa99b75c6898ddd0eeebc3eb0d59875"
+ integrity sha512-0Zjz0oe37d08VeOtBIuB6cRriqXse2e8w+7yIy2XSXjshRKxbc2KkhXjL229jXSxEm7UbcjS76wcJDGQddVI9A==
dependencies:
- "@sigstore/bundle" "^1.0.0"
+ "@sigstore/bundle" "^1.1.0"
"@sigstore/protobuf-specs" "^0.2.0"
+ "@sigstore/sign" "^1.0.0"
"@sigstore/tuf" "^1.0.3"
make-fetch-happen "^11.0.1"