DSC v8.0.2 - Fix Migrations

Added

• Migration file for version 8.0.2.

Fixed

• Fix a mismatch between the database if created with or without flyway.

Dependencies

• Bump maven-checkstyle-plugin version from 3.1.2 to 3.2.0
• Bump checkstyle from 10.3.2 to 10.3.4
• Bump maven-pmd-plugin version from 3.17.0 to 3.19.0
• Bump postgresql version from 42.4.2 to 42.5.0
• Bump camel-idscp2 version from 0.10.3 to 0.11.1
• Bump dependency-check-maven version from 7.1.1 to 7.2.1
• Bump pitest-maven from 1.9.4 to 1.9.7
• Bump flyway-core from 9.1.6 to 9.4.0
• Bump pmd.version from 6.48.0 to 6.50.0
• Bump jackson.version from 2.13.3 to 2.14.0-rc1
• Bump jose4j from 0.7.12 to 0.9.0
• Bump pitest-junit5-plugin from 1.0.0 to 1.1.0
• Bump spotbugs-annotations from 4.7.1 to 4.7.2
• Bump jackson-databind from 2.13.3 to 2.14.0-rc1
• Bump versions-maven-plugin from 2.11.0 to 2.12.0
• Bump camel.version from 3.18.1 to 3.19.0
• Bump opentelemetry-semconv from 1.17.0-alpha to 1.19.0-alpha
• Bump opentelemetry.version from 1.17.0 to 1.19.0
• Bump springframework.version from 5.3.22 to 5.3.23
• Bump protobuf-java from 3.21.5 to 3.21.7
• Bump dependency-check-maven from 7.1.2 to 7.2.0
• Bump spring-boot-starter-parent from 2.7.3 to 2.7.4
• Bump commons-text from 1.9 to 1.10.0
• Bump swagger-annotations from 1.6.6 to 1.6.7
• Bump tidy-maven-plugin from 1.1.0 to 1.2.0
• Bump actions/cache from 3.0.8 to 3.0.10
• Bump spotbugs-maven-plugin from 4.7.1.1 to 4.7.2.1
• Bump camel-idscp2 from 0.11.1 to 0.12.1
• Bump snakeyaml.version from 1.30 to 1.32

DSC v8.0.1 - Fix Route

Fixed

• Fix route reference check. The DSC now uses the UUID to prove if a remote data is a route or not.
  Fixes #355

DSC v8.0.0 - [Referred Check]

Major Changes

• Renamed reserved keywords columns in model classes for newer H2 versions and MSSQL. Please enable database migration.

Added

• Add daps.whitelisted.url to application.properties.. Allows configuring whitelisted DAPS URLs already at configuration time.
• Introduction of the setting referred.check=true/false in the application.properties. Enables or disables DAT claim referringConnector vs IDS message issuerConnector validation. Disabled by default.
• Updated Connector container architecture overview in Readme and documentation.

Fixed

• Fix bootstrapping with broker registration. The DSC now searches for the correct resource id when bootstrapping.
• Removed trivyignore file.
• e2e-tests now delete the PVC (PersistentVolumeClaim) and PV (PersistentVolume) during cleanup phase.
• Requesting the same local-data artifact multiple times now updates the data-record in the database for the artifact instead of creating a new data-record.
• OpenApi specification: made tag names unique, removed not allowed additional properties.
• Excluded old IAIS http repository from build at top level since no longer accessible but used from transitive dependencies, which could lead to a build timeout. Repository and its artifacts now reachable via https.
• Replaced telemetry collection via OpenTracing with OpenTelemetry with Jaeger export.
• Accessing the public self-description endpoint is now also possible for logged in admins.
• The connector public key is now also persisted.
• Set URI-converter and column-length for location in AppStore-entity. Tested AppStore-App deployment with Portainer 2.14.0
• Query parameters are ignored if a query parameter with the same key is already defined in the target url
• Removed hyphen in docker env var file which led to unexpected character exception
• Fix DSC version, curator and maintainer fields when accessing the self description

Changed

• Code base refactorings and removing of unused code.
• Replace deprecated JPA calls getById with findById.
• Replace deprecated spring security WebSecurityConfigurerAdapter with use of SecurityFilterChain.
• Replace deprecated podAnnotation seccomp with use of podSecurityContext seccompProfile.
• Removed debug-logging built request messages, all messages can now be logged via the IDS-Messaging-Services instead.

Dependencies

• Update ids-messaging-services from 6.1.0 to 7.0.0.
• Update okhttp version from 4.9.3 to 4.10.0.
• Update pmd version from 6.44.0 to 6.48.0.
• Update pmd-plugin version from 3.16.0 to 3.17.0.
• Update maven-enforcer-plugin version from 3.0.0 to 3.1.0.
• Update maven-surefire-plugin version from 3.0.0-M6 to 3.0.0-M7.
• Update pitest-maven version from 1.7.5 to 1.9.4.
• Update pitest-junit5-plugin version from 0.16 to 1.0.0.
• Update com.puppycrawl.tools:checkstyle version from 10.1 to 10.3.2.
• Update org.owasp:dependency-check-maven from version 7.0.4 to 7.1.2.
• Update org.springframework.boot:spring-boot-starter-parent from 2.6.6 to 2.7.3.
• Update com.google.protobuf:protobuf-java version from 3.20.0 to 3.21.5.
• Update org.apache.maven.plugins:maven-site-plugin version from 3.11.0 to 3.12.1.
• Update org.apache.maven.plugins:maven-javadoc-plugin version from 3.3.2 to 3.4.1.
• Update org.apache.maven.plugins:maven-project-info-reports-plugin version from 3.2.2 to 3.4.1.
• Update org.postgresql:postgresql version from 42.3.3 to 42.4.2.
• Update springframework version from 5.3.18 to 5.3.22.
• Update com.h3xstream.findsecbugs:findsecbugs-plugin version from 1.11.0 to 1.12.0.
• Update org.flywaydb:flyway-core version from 8.5.5 to 9.1.6.
• Update springdoc version from 1.6.6 to 1.6.11.
• Update de.fhg.aisec.ids:camel-idscp2 version from 0.6.0 to 0.10.3.
• Update camel version from 3.16.0 to 3.18.1.
• Update jackson version from 2.13.2 to 2.13.3.
• Update spotbugs version from 4.6.0 to 4.7.1.
• Update com.github.spotbugs:spotbugs-maven-plugin version from 4.6.0.0 to 4.7.1.1.
• Update com.fasterxml.jackson.core:jackson-databind version from 2.13.2.2 to 2.13.3.
• Update org.codehaus.mojo:versions-maven-plugin version from 2.10.0 to 2.11.0.
• Removed io.opentracing.contrib:opentracing-spring-jaeger-web-starter
• Add io.opentelemetry:opentelemetry-api and -sdk and -exporter-jaeger version 1.17.0
• Add io.opentelemetry:opentelemetry-semconv version 1.17.0-alpha
• Add io.jsonwebtoken:jjwt-impl and :jjwt-api version 0.11.5.
• Add org.bitbucket.b_c:jose4j version 0.7.12.
• Add h2 versioning and update to version 2.1.212.
• Add com.microsoft.sqlserver:mssql-jdbc version 10.2.0.jre17.

DSC v7.1.0 - [DAPS Whitelisting]

[7.1.0] - 2022-04-06

Added

• Add additional field to GenericEndpointView.
• New APIs: Manageable DAPS entities (CRUD APIs)
• New Feature: DAPS whitelisting for producitve deployment: It is now possible to whitelist DAPS and to restrict data exchange with IDS Connectors that receive their DATs from whitelisted DAPS. In the default case without changes, all DAPS are trusted. For this purpose the column whitelisted=true/false is available at the DAPS entites. To activate the whitelisting functionality, there must be at least one DAPS entity with whitelisted=true (this can also be the DAPS used by the connector to only trust the own used DAPS). If a message with a DAT arrives while whitelisting is active and from a non-whitelisted DAPS, the message is rejected with a RejectionMessage.

Fixed

• Derive maven compiler version globally in pom instead of setting it individually.

Changed

• Updating of the connector branding.

Removed

• Removed com.mycila:license-maven-plugin to support multiple different license headers.

Dependency Maintenance

• Update jackson version from 2.13.1 to 2.13.2.
• Add jackson-databind version 2.13.2.2.
• Update org.springframework version from 5.3.15 to 5.3.18.
• Update org.springframework.boot:spring-boot-starter-parent from 2.6.3 to 2.6.6.
• Update maven-surefire-plugin version from 3.0.0-M5 to 3.0.0-M6.
• Update org.modelmapper:modelmapper version from 3.0.0 to 3.1.0.
• Update nl.jqno.equalsverifier:equalsverifier version from 3.9 to 3.10.
• Update org.apache.maven.plugins:maven-javadoc-plugin version from 3.3.1 to 3.3.2.
• Update org.pitest:pitest-maven version from 1.7.4 to 1.7.5.
• Update org.apache.maven.plugins:maven-site-plugin version from 3.10.0 to 3.11.0.
• Update org.apache.maven.plugins:maven-project-info-reports-plugin version from 3.2.1 to 3.2.2.
• Update com.puppycrawl.tools:checkstyle version from 9.3 to 10.1.
• Update net.sourceforge.pmd version from 6.42.0 to 6.44.0.
• Update org.apache.maven.plugins:maven-pmd-plugin version from 3.15.0 to 3.16.0.
• Update org.codehaus.mojo:versions-maven-plugin version from 2.9.0 to 2.10.0.
• Update org.owasp:dependency-check-maven version from 6.5.3 to 7.0.4.
• Update org.apache.maven.plugins:maven-jxr-plugin version from 3.1.1 to 3.2.0.
• Update org.flywaydb:flyway-core version from 8.4.4 to 8.5.5.
• Update spotbugs version from 4.5.3 to 4.6.0.
• Update camel version from 3.15.0 to 3.16.0.
• Update com.google.protobuf:protobuf-java version from 3.19.4 to 3.20.0.
• Update io.swagger:swagger-annotations version from 1.6.5 to 1.6.6.
• Update org.jacoco:jacoco-maven-plugin version from 0.8.7 to 0.8.8.

DSC v7.0.3 - Fix Clearing House Interaction

In CHANGELOG.md:

Added

• Add title and description to AppView.
• Add endpoint type to AppEndpointView.

Changed

• Update IDS messaging services version from 6.0.1 to 6.1.0.
• Set content type of payload when logging to the Clearing House, so that logged items are not
  encoded in the Clearing House's response to a query.

Fixed

• Use connector fingerprints instead of IDs to create processes at the Clearing House.

DSC v7.0.2 - PostgreSQL v42.3.3 Fix

In CHANGELOG.md:

Added

• Add custom view for DatabaseDataSource to display URL and driver class.

Changed

• Update swagger-annotations version from 1.6.4 to 1.6.5.
• Update postgresql version from 42.3.2 to 42.3.3.

DSC v7.0.1-ra - Remote Attestation

This version is not available in the main branch but in release/v7.0.1-ra.
Details on how to run the DSC with remote attestation can be found here.

In CHANGELOG.md:

Added

• Add mvn-local directory and allow the usage of locally published artifacts in the pom.xml.
• Add maven dependencies for velocity, idscp2-tpm2d, idscp2-cmc, grpc-netty, and netty.
• Add functionality to run the Connector with remote attestation.

Changed

• Update .dockerignore, docker-compose.yml and Dockerfile.
• Increase camel-idscp2 version from 0.6.0 to 0.9.1.

DSC v7.0.1 - Fixes & Maintenance

In CHANGELOG.md:

Added

• Add portainer.application.connector.network to application.properties.. Default is set to local.

Changed

• Update equalsverifier version from 3.8.3 to 3.9.
• Update postgresql version from 42.3.1 to 42.3.2.
• Update flyway-core version from 8.4.3 to 8.4.4.
• Update pitest-maven version from 1.7.3 to 1.7.4.
• Update camel version from 3.14.1 to 3.15.0.
• Update springdoc.version from 1.6.5 to 1.6.6.
• Update maven-project-info-reports-plugin version from 3.1.2 to 3.2.1.

Fixed

• Deployment of DataApps via Portainer
• Escape data source URL before creating data source bean.

DSC v7.0.0 - Extended Route Functionality

WARNING - MAJOR CHANGES: Before updating, please read this guide!

In CHANGELOG.md:

Added

• Allow using route ID (URI) as access URL for artifacts.
• Allow using route ID (URI) as location for subscriptions.
• Allow specifying route IDs when calling GET /data endpoint to automatically dispatch data via these routes.
  • When a route is specified, requested data will not be persisted in the local database.
• Allow using API key authentication for DataSource.
• Create sub-types for DataSourceDesc for types REST and DATABASE to allow adding database driver and URL.
• Create datasource beans from DataSources of type DATABASE automatically.
• Add database migration feature.
  • Offer possibility to migrate databases to v7.0.0 starting from v5.0.0.
• Add portainer.application.scheme to application.properties.. Default is set to http.

Changed

• Change jdk version from 11 to 17.
• Change encoding of local data from UTF-16 to UTF-8.
• Change relation between Route and Artifact to one-to-one (previously one-to-many).
  • Link is created automatically when an artifact is created with a route reference as access URL.
• Change field location of Endpoint from URI to String.
• Replace template engine Velocity with Freemarker.
• Remove suffix settings from ConfigurationDesc attributes (truststore, proxy, keystore).
• Log header and payload of sent message in AbstractMessageService.
• Ignore IDS InfoModel version incompatibility for incoming messages. Add log message level warn.
• Rearrange Swagger UI.
  • Rename tags.
    • Rename tag Messages to _Messaging.
    • Rename tag Camel to Routes (Apache Camel).
    • Rename tag Connector to _Connector.
    • Rename tag Configurations to _Configurations.
  • Create tag _Utils.
    • Move /api/examples/validation and /api/examples/policy to _Utils.
    • Move /api/utils/enum to _Utils.
  • Remove annotation @hidden from the following REST endpoints:
    • /api
    • /api/beans
    • /api/beans/{beanId}
    • /api/camel/routes
    • /api/camel/routes/{routeId}
    • /api/camel/routes/error
  • Move contract agreement endpoints to Contracts.
  • Move /api/configuration/negotiation and /api/configuration/pattern to _Configurations.
• Change REST endpoints.
  • PUT /api/routes/{id}/endpoint/start expects a URI instead of a UUID.
  • PUT /api/routes/{id}/endpoint/end expects a URI instead of a UUID.
  • Change POST /api/configmanaer/enum/{enumName} to GET /api/utils/enums and change it to return all types within one call.
    • Add enum types POLICY_PATTERN, UPDATE_TYPE, ENDPOINT_TYPE, EVENT_TYPE, ERROR_MESSAGE, USAGE_CONTROL_FRAMEWORK, ACTION_TYPE, and DATA_SOURCE_TYPE.
    • Change return value of SECURITY_PROFILE to the internal model. Add IDS_SECURITY_PROFILE for the ids enum.
    • Change return value of CONNECTOR_STATUS to the internal model. Add IDS_CONNECTOR_STATUS for the ids enum.
  • Change /api/configmanaer/route/error to /api/camel/routes/error.
• Change response bodies to JSON objects for the following REST endpoints:
  • /api/routes/{id}/endpoint/start
  • /api/routes/{id}/endpoint/end
  • /api/examples/validation
  • /api/examples/policy
  • /api/ids/app/actions
  • /api/routes/{id}/endpoint/start
  • /api/routes/{id}/endpoint/end
  • /api/beans
  • /api/beans/{beanId}
  • /api/camel/routes
  • /api/camel/routes/{routeId}
  • Of every endpoint that builds an error response with ResponseUtils.
• Add correct content type to the following endpoints:
  • /api/notify
  • /api/configurations/{id}/active
  • /api/ids/app
  • /api/examples/validation
  • /api/examples/policy
• Make field type in DataSource transient, as type information is persisted through the dtype column created through the @Inheritance annotation.
• Rename param of /describe from actionType to type and change it to type ActionType.
• Change strings of the following enums:
  • PolicyPattern: added strings.
  • UsageControlFramework: e.g. INTERNAL to Internal.
  • ActionType: e.g. START to Start.
  • EndpointType: e.g. APP to App.
  • Event: e.g. UPDATED to Updated.
• Update dependencies.
  • Increase camel version from 3.12.0 to 3.14.1.
  • Increase spring-boot-starter-parent version from 2.5.6 to 2.6.3.
  • Increase spotbugs version from 4.4.2 to 4.5.3.
  • Increase okhttp version from 4.9.2 to 4.9.3.
  • Increase checkstyle version from 9.1 to 9.3.
  • Increase pmd version from 6.40.0 to 6.42.0.
  • Increase springdoc version from 1.5.3 to 1.6.5.
  • Increase modelmapper version from 2.4.4 to 3.0.0.
  • Increase equalsverifier version from 3.7.2 to 3.8.3.
  • Increase log4j2 version from 2.14.0 to 2.17.1.
  • Increase dependency-check-maven from 6.5.0 to 6.5.3.
  • Increase maven-site-plugin version from 3.9.1 to 3.10.0.
  • Increase protobuf version from 3.15.5 to 3.19.4.
  • Increase jackson version from 2.13.0 to 2.13.1.
  • Increase swagger-annotations version from 1.6.3 to 1.6.4.
  • Increase messaging services version from 5.1.1 to 6.0.1.
  • Increase maven-plugin version from 2.8.1 to 2.9.0.
  • Increase taglist-maven-plugin version from 2.4 to 3.0.0.

Fixed

• XML-escape URLs before injecting them into Camel route templates.
• Add exception handling for SSLHandshakeExceptions caused by PKIX errors.
• Insert user input for title and description to example policies at /api/examples/policy.
• Make /database accessible again.
• Add class type check to rule comparison.
• Remove @column(unique = true) from AppStore entity.
• Keep keystore settings for active config if not present in the updated one.
• Add missing brackets to Camel route templates, so that properties get inserted correctly.

Removed

• Remove entity ConnectorEndpoint and all corresponding classes.

DSC v6.5.3 - Log4j2 v2.17.1 Fix

In CHANGELOG.md:

Changed

• Increase log4j2 version from 2.16.0 to 2.17.1.