Merge branch 'release/v3.0.0'

.gitignore

@@ -42,4 +42,7 @@ out
 *.sock
 
 # Lock files
-.lock
+.lock
+
+# Version file
+/version.txt

.gitlab-ci.yml

@@ -10,78 +10,53 @@ build:
   image:
     name: fraunhoferaisec/docker-build:develop
     entrypoint: [""]
-  variables:
-    GRADLE_DIR: "/cache/.gradle"
-    M2_DIR: "/cache/.m2"
   before_script:
     # defined here because of https://gitlab.com/gitlab-org/gitlab-runner/issues/1809
     - export PROJECT_DIR="${CI_PROJECT_DIR}"
     # caching for gradle
-    - mkdir -p /cache/.gradle
+    - export GRADLE_DIR="${CI_PROJECT_DIR}/cache/.gradle"
+    - mkdir -p "$GRADLE_DIR"
     # caching for mvn (used for karaf-assembly)
-    - mkdir -p /cache/.m2
+    - export M2_DIR="${CI_PROJECT_DIR}/cache/.m2"
+    - mkdir -p "$M2_DIR"
   script:
     # yarnBuild is part of build, but we try to speed up the process a bit by prioritizing that long-running task
-    - /run.sh clean yarnBuild build check dockerize --parallel -PdockerTag=${CI_COMMIT_SHA:0:8}
+    - /run.sh yarnBuild build check dumpVersion --parallel
   artifacts:
     when: always
     paths:
       - "*/build/reports"
+      - "karaf-assembly/build/assembly"
+      - "rat-repository/build/libs"
+      - "version.txt"
+  cache:
+    key: tc-build
+    paths:
+      - "cache"
+      - "ids-webconsole/src/main/resources/www/node_modules"
 
-# tag develop builds as latest and push them to the internal registry
 push:
+  image: jonoh/docker-buildx-qemu
   stage: push
+  dependencies:
+    - build
+  before_script:
+    # Use docker-container driver to allow useful features (push/multi-platform)
+    - docker buildx create --driver docker-container --use --name tc_builder
+    - docker buildx inspect --bootstrap
+    - export TAG_NAME=$(if [ "${CI_COMMIT_REF_NAME}" = "master" ]; then echo "latest"; else echo "${CI_COMMIT_REF_NAME}"; fi)
+    # Remove the prefixing "v" of version tags for docker registry
+    - if [[ "$TAG_NAME" =~ v[0-9]+\.[0-9]+\.[0-9]+ ]]; then export TAG_NAME=${TAG_NAME:1}; fi
   script:
-    - docker tag fraunhoferaisec/trusted-connector-core:${CI_COMMIT_SHA:0:8} registry.netsec.aisec.fraunhofer.de/ids/core-platform:${CI_COMMIT_SHA:0:8}
-    - docker tag fraunhoferaisec/trusted-connector-core:${CI_COMMIT_SHA:0:8} registry.netsec.aisec.fraunhofer.de/ids/core-platform:latest
-    - docker push registry.netsec.aisec.fraunhofer.de/ids/core-platform:${CI_COMMIT_SHA:0:8}
-    - docker push registry.netsec.aisec.fraunhofer.de/ids/core-platform:latest
     - echo "$DOCKER_PASS" | docker login --username "$DOCKER_USER" --password-stdin
-    - docker tag fraunhoferaisec/trusted-connector-core:${CI_COMMIT_SHA:0:8} fraunhoferaisec/trusted-connector-core:develop
-    - docker tag fraunhoferaisec/ttpsim:${CI_COMMIT_SHA:0:8} fraunhoferaisec/ttpsim:develop
-    - docker tag fraunhoferaisec/tpmsim:${CI_COMMIT_SHA:0:8} fraunhoferaisec/tpmsim:develop
-    - docker tag fraunhoferaisec/example-client:${CI_COMMIT_SHA:0:8} fraunhoferaisec/example-client:develop
-    - docker tag fraunhoferaisec/example-server:${CI_COMMIT_SHA:0:8} fraunhoferaisec/example-server:develop
-    - docker push fraunhoferaisec/trusted-connector-core:develop
-    - docker push fraunhoferaisec/ttpsim:develop
-    - docker push fraunhoferaisec/tpmsim:develop
-    - docker push fraunhoferaisec/example-client:develop
-    - docker push fraunhoferaisec/example-server:develop
+    # Execute buildx script
+    - chmod +x ./buildx/docker-buildx.sh
+    - echo "Using image tag ${TAG_NAME}"
+    - ./buildx/docker-buildx.sh -t ${TAG_NAME} -f docker-compose.yml -f docker-bake-multi.hcl
+  after_script:
+    # Remove the buildx builder
+    - docker buildx rm tc_builder
   only:
     - develop
-
-# tag and push master to Docker Hub
-push_hub_master:
-  stage: push
-  script:
-    - echo "$DOCKER_PASS" | docker login --username "$DOCKER_USER" --password-stdin
-    - docker tag fraunhoferaisec/trusted-connector-core:${CI_COMMIT_SHA:0:8} fraunhoferaisec/trusted-connector-core:latest
-    - docker tag fraunhoferaisec/ttpsim:${CI_COMMIT_SHA:0:8} fraunhoferaisec/ttpsim:latest
-    - docker tag fraunhoferaisec/tpmsim:${CI_COMMIT_SHA:0:8} fraunhoferaisec/tpmsim:latest
-    - docker tag fraunhoferaisec/example-client:${CI_COMMIT_SHA:0:8} fraunhoferaisec/example-client:latest
-    - docker tag fraunhoferaisec/example-server:${CI_COMMIT_SHA:0:8} fraunhoferaisec/example-server:latest
-    - docker push fraunhoferaisec/trusted-connector-core:latest
-    - docker push fraunhoferaisec/ttpsim:latest
-    - docker push fraunhoferaisec/tpmsim:latest
-    - docker push fraunhoferaisec/example-client:latest
-    - docker push fraunhoferaisec/example-server:latest
-  only:
     - master
-
-# tag and push release versions to Docker Hub
-push_hub_version:
-  stage: push
-  script:
-    - echo "$DOCKER_PASS" | docker login --username "$DOCKER_USER" --password-stdin
-    - docker tag fraunhoferaisec/trusted-connector-core:${CI_COMMIT_SHA:0:8} fraunhoferaisec/trusted-connector-core:${CI_COMMIT_TAG:1}
-    - docker tag fraunhoferaisec/ttpsim:${CI_COMMIT_SHA:0:8} fraunhoferaisec/ttpsim:${CI_COMMIT_TAG:1}
-    - docker tag fraunhoferaisec/tpmsim:${CI_COMMIT_SHA:0:8} fraunhoferaisec/tpmsim:${CI_COMMIT_TAG:1}
-    - docker tag fraunhoferaisec/example-client:${CI_COMMIT_SHA:0:8} fraunhoferaisec/example-client:${CI_COMMIT_TAG:1}
-    - docker tag fraunhoferaisec/example-server:${CI_COMMIT_SHA:0:8} fraunhoferaisec/example-server:${CI_COMMIT_TAG:1}
-    - docker push fraunhoferaisec/trusted-connector-core:${CI_COMMIT_TAG:1}
-    - docker push fraunhoferaisec/ttpsim:${CI_COMMIT_TAG:1}
-    - docker push fraunhoferaisec/tpmsim:${CI_COMMIT_TAG:1}
-    - docker push fraunhoferaisec/example-client:${CI_COMMIT_TAG:1}
-    - docker push fraunhoferaisec/example-server:${CI_COMMIT_TAG:1}
-  only:
     - /^v[0-9]+\.[0-9]+\.[0-9]+$/

.travis.yml

@@ -1,6 +1,6 @@
 language: java
 jdk:
-  - oraclejdk8
+  - oraclejdk11
 services:
   - docker
 before_cache:
@@ -11,5 +11,12 @@ cache:
   - $HOME/.m2
   - $HOME/.gradle/caches/
   - $HOME/.gradle/wrapper/
+before_install:
+  - wget -O protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v3.11.4/protoc-3.11.4-linux-x86_64.zip
+  - mkdir $HOME/protoc && unzip -d $HOME/protoc protoc.zip
+  - export PATH=$HOME/protoc/bin:$PATH
+  - echo $PATH
+  - nvm install 12
+  - npm install -g yarn  
 install: true
-script: ./gradlew --parallel clean build dockerize
+script: ./gradlew --parallel clean build

README.md

@@ -16,25 +16,22 @@ Please see the [Github documentation page](https://industrial-data-space.github.
 Please refer to the [contribution guide](https://github.com/industrial-data-space/trusted-connector/blob/develop/.github/CONTRIBUTING.md)
 
 # Project structure
-So the logical depedency graph (not the file system structure) is:<br />
-.<br />
-├── _karaf-assembly //main module<br />
-&nbsp;|   ├── _camel-ids<br />
-&nbsp;|   ├── _camel-influxdb<br />
-&nbsp;|   ├── _camel-multipart-processor<br />
-&nbsp;|   ├── _ids-acme<br />
-&nbsp;|   ├── _ids-api<br />
-&nbsp;|   ├── _ids-comm<br />
-&nbsp;|   ├── _ids-container-manager<br />
-&nbsp;|   ├── _ids-dataflow-control<br />
-&nbsp;|   ├── _ids-dynamic-tls<br />
-&nbsp;|   ├── _ids-infomodel-manager<br />
-&nbsp;|   ├── _ids-multipart-bean<br />
-&nbsp;|   ├── _ids-route-manager<br />
-&nbsp;|   ├── _ids-settings<br />
-&nbsp;|   └── _ids-token-manager<br />
-├── _ids-webconsole // webconsole can be run anywhere<br />
-├── _jnr-unixsocket-wrapper //helper<br />
-├── _karaf-features-ids //helper<br />
-├── _rat_repository // can be run anywhere<br />
-└── _tpm2j<br />
+
+├── __karaf-assembly__ _Deployable "assembly" with runtime and all modules_<br />
+├── __camel-ids__ _IDS protocol (IDSCP) as an Apache Camel component_<br />
+├── __camel-influxdb__ Influx DB adapter for Apache Camel. (optional. It is not included in the assembly by default)<br />
+├── __camel-multipart-processor__ _REST/MultiPart protocol as an Apache Camel component_<br />
+├── __ids-acme__ _ACME 2 client for retrieving TLS certificates for the web console UI_<br />
+├── __ids-api__ _Internal APIs of all IDS connector modules._<br />
+├── __ids-comm__ _Communication manager, keeping track of IDSCP connections_<br />
+├── __ids-container-manager__ _Management interface to the underlying container management layer (trustme or docker)_<br />
+├── __ids-dataflow-control__ _LUCON data flow policy framework_<br />
+├── __ids-dynamic-tls__ _Fragment bundle to allow refreshing TLS certificates in Jetty web server without restarting_<br />
+├── __ids-infomodel-manager__ _Provides the IDS information model_<br />
+├── __ids-route-manager__ _Management interface to the underlying message router (Apache Camel)<br />
+├── __ids-settings__ _Manages connector configuration_<br />
+├── __ids-token-manager__ _Acquires and verifies JWT tokens received from the DAPS server_<br />
+├── __ids-webconsole__ _Management UI for the connector. Is contained in default assembly but could be moved out of it, if a smaller code base is desired_<br />
+├── __jnr-unixsocket-wrapper__ _Helper bundle for UNIX sockets for trustme cmld connection_<br />
+├── __karaf-features-ids__ _Feature definition for Apache Karaf runtime_<br />
+└── __rat_repository__ _Online repository for remote attestation. Actually not part of the Core Platform_<br />