feat: enhance issuer component expiry cron job #366

.github/workflows/chart-test.yml

@@ -79,13 +79,13 @@ jobs:
           tags: kind-registry:5000/credential-issuer-service:testing
 
       - name: Build expiry app
-        id: build-expiry-app-image
+        id: build-data-deletion-app-image
         uses: docker/build-push-action@v6
         with:
           context: .
-          file: ./docker/Dockerfile-credential-expiry-app
+          file: ./docker/Dockerfile-credential-data-deletion-app
           push: true
-          tags: kind-registry:5000/credential-expiry-app:testing
+          tags: kind-registry:5000/credential-data-deletion-app:testing
 
       - name: Build processes worker
         id: build-processes-worker-image
@@ -121,7 +121,7 @@ jobs:
         run: ct lint --validate-maintainers=false --check-version-increment=false --target-branch ${{ github.event.repository.default_branch }}
 
       - name: Run chart-testing (install)
-        run: ct install --charts charts/ssi-credential-issuer --config charts/chart-testing-config.yaml --helm-extra-set-args "--set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing"
+        run: ct install --charts charts/ssi-credential-issuer --config charts/chart-testing-config.yaml --helm-extra-set-args "--set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-data-deletion-app --set credentialExpiry.image.tag=testing"
         if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
 
       # Upgrade the released chart version with the locally available chart
@@ -132,5 +132,5 @@ jobs:
           helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
           helm install ssi-credential-issuer tractusx-dev/ssi-credential-issuer --version ${{ github.event.inputs.upgrade_from || '1.0.0' }} --namespace upgrade --create-namespace
           helm dependency update charts/ssi-credential-issuer
-          helm upgrade ssi-credential-issuer charts/ssi-credential-issuer --set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --namespace upgrade
+          helm upgrade ssi-credential-issuer charts/ssi-credential-issuer --set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-data-deletion-app --set credentialExpiry.image.tag=testing --namespace upgrade
         if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'

.github/workflows/credential-expiry-app-docker.yml → .github/workflows/credential-data-deletion-app-docker.yml

@@ -17,25 +17,25 @@
 # SPDX-License-Identifier: Apache-2.0
 ###############################################################
 
-name: Build Credential Expiry App Image
+name: Build Credential Data Deletion App Image
 
 on: 
   push:
     paths:
       # service and transitive paths
       - 'src/**'
       # workflow file
-      - '.github/workflows/credential-expiry-app-docker.yml'
+      - '.github/workflows/credential-data-deletion-app-docker.yml'
       # dockerfile
-      - 'docker/Dockerfile-credential-expiry-app'
+      - 'docker/Dockerfile-credential-data-deletion-app'
 
     branches:
       - 'main'
   workflow_dispatch:
 
 env:
   IMAGE_NAMESPACE: "tractusx"
-  IMAGE_NAME: "ssi-credential-expiry-app"
+  IMAGE_NAME: "ssi-credential-data-deletion-app"
 
 jobs:
   build-and-push-image:
@@ -70,7 +70,7 @@ jobs:
         uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0
         with:
           context: .
-          file: ./docker/Dockerfile-credential-expiry-app
+          file: ./docker/Dockerfile-credential-data-deletion-app
           platforms: linux/amd64, linux/arm64
           pull: true
           push: ${{ github.event_name != 'pull_request' }}
@@ -85,4 +85,4 @@ jobs:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
           repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
-          readme-filepath: ./docker/notice-credential-expiry-app.md
+          readme-filepath: ./docker/notice-credential-data-deletion-app.md

.github/workflows/owasp-zap.yml

@@ -88,13 +88,13 @@ jobs:
           tags: kind-registry:5000/credential-issuer-processes-worker:testing
 
       - name: Build Expiry image
-        id: build-expiry-image
+        id: build-data-deletion-image
         uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0
         with:
           context: .
-          file: ./docker/Dockerfile-credential-expiry-app
+          file: ./docker/Dockerfile-credential-data-deletion-app
           push: true
-          tags: kind-registry:5000/credential-expiry-app:testing
+          tags: kind-registry:5000/credential-data-deletion-app:testing
 
       - name: Add bitnami repo
         run: |
@@ -107,7 +107,7 @@ jobs:
           helm dependency build
 
       - name: Install the chart on KinD cluster
-        run: helm install testing -n apps --create-namespace --wait --set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-expiry-app --set credentialExpiry.image.tag=testing --set service.swaggerEnabled=true charts/ssi-credential-issuer
+        run: helm install testing -n apps --create-namespace --wait --set service.image.name=kind-registry:5000/credential-issuer-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/credential-issuer-migrations --set migrations.image.tag=testing --set processesworker.image.name=kind-registry:5000/credential-issuer-processes-worker --set processesworker.image.tag=testing --set credentialExpiry.image.name=kind-registry:5000/credential-data-deletion-app --set credentialExpiry.image.tag=testing --set service.swaggerEnabled=true charts/ssi-credential-issuer
 
       - name: Configure port forward to app in KinD
         run: |

.github/workflows/release.yml

@@ -100,9 +100,9 @@ jobs:
           - image: tractusx/ssi-credential-issuer-processes-worker
             dockerfile: ./docker/Dockerfile-credential-issuer-processes-worker
             dockernotice: ./docker/notice-credential-issuer-processes-worker.md
-          - image: tractusx/ssi-credential-expiry-app
-            dockerfile: ./docker/Dockerfile-credential-expiry-app
-            dockernotice: ./docker/notice-credential-expiry-app.md
+          - image: tractusx/ssi-credential-data-deletion-app
+            dockerfile: ./docker/Dockerfile-credential-data-deletion-app
+            dockernotice: ./docker/notice-credential-data-deletion-app.md
     outputs:
       app-version: ${{ steps.app-version.outputs.current }}
       version-check: ${{ steps.version-check.outputs.exists }}

.github/workflows/release_candidate.yml

@@ -42,9 +42,9 @@ jobs:
           - image: tractusx/ssi-credential-issuer-processes-worker
             dockerfile: ./docker/Dockerfile-credential-issuer-processes-worker
             dockernotice: ./docker/notice-credential-issuer-processes-worker.md
-          - image: tractusx/ssi-credential-expiry-app
-            dockerfile: ./docker/Dockerfile-credential-expiry-app
-            dockernotice: ./docker/notice-credential-expiry-app.md
+          - image: tractusx/ssi-credential-data-deletion-app
+            dockerfile: ./docker/Dockerfile-credential-data-deletion-app
+            dockernotice: ./docker/notice-credential-data-deletion-app.md
     steps:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

.github/workflows/trivy-main.yml

@@ -144,7 +144,7 @@ jobs:
         with:
           sarif_file: "trivy-results3.sarif"
 
-  analyze-ssi-credential-expiry-app:
+  analyze-ssi-credential-data-deletion-app:
     runs-on: ubuntu-latest
     permissions:
       actions: read
@@ -165,7 +165,7 @@ jobs:
         uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 # v0.30.0
         with:
           # Path to Docker image
-          image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-expiry-app:main"
+          image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-data-deletion-app:main"
           format: "sarif"
           output: "trivy-results4.sarif"
           vuln-type: "os,library"

.github/workflows/trivy.yml

@@ -144,7 +144,7 @@ jobs:
         with:
           sarif_file: "trivy-results3.sarif"
 
-  analyze-ssi-credential-expiry-app:
+  analyze-ssi-credential-data-deletion-app:
     runs-on: ubuntu-latest
     permissions:
       actions: read
@@ -165,7 +165,7 @@ jobs:
         uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 # v0.30.0
         with:
           # Path to Docker image
-          image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-expiry-app:latest"
+          image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-data-deletion-app:latest"
           format: "sarif"
           output: "trivy-results4.sarif"
           vuln-type: "os,library"

README.md

@@ -39,7 +39,7 @@ See Docker notice files for more information:
 
 - [credential-issuer-service](./docker//notice-credential-issuer-service.md)
 - [credential-issuer-processes-worker](./docker/notice-credential-issuer-processes-worker.md)
-- [credential-expiry-app](./docker/notice-credential-expiry-app.md)
+- [credential-data-deletion-app](./docker/notice-credential-data-deletion-app.md)
 - [credential-issuer-migrations](./docker/notice-credential-issuer-migrations.md)
 
 ## Contributing

charts/ssi-credential-issuer/README.md

@@ -106,15 +106,15 @@ dependencies:
 | processesworker.wallet.getCredentialPath | string | `"/api/v2.0.0/credentials/{0}"` | path to get a specific credential; {0} will be replaced by the credential id |
 | processesworker.wallet.revokeCredentialPath | string | `"/api/v2.0.0/credentials/{0}"` | path to revoke a specific credential; {0} will be replaced by the credential id |
 | credentialExpiry.name | string | `"expiry"` |  |
-| credentialExpiry.image.name | string | `"docker.io/tractusx/ssi-credential-expiry-app"` |  |
+| credentialExpiry.image.name | string | `"docker.io/tractusx/ssi-credential-data-deletion-app"` |  |
 | credentialExpiry.image.tag | string | `""` |  |
 | credentialExpiry.image.pullSecrets | list | `[]` |  |
 | credentialExpiry.imagePullPolicy | string | `"IfNotPresent"` |  |
 | credentialExpiry.resources | object | `{"limits":{"cpu":"45m","memory":"105M"},"requests":{"cpu":"15m","memory":"105M"}}` | We recommend to review the default resource limits as this should a conscious choice. |
 | credentialExpiry.processIdentity.identityId | string | `"ac1cf001-7fbc-1f2f-817f-bce058020006"` |  |
 | credentialExpiry.logging.default | string | `"Information"` |  |
 | credentialExpiry.expiry.expiredVcsToDeleteInMonth | int | `12` |  |
-| credentialExpiry.expiry.inactiveVcsToDeleteInWeeks | int | `12` |  |
+| credentialExpiry.expiry.inactiveVcsToDeleteInDays | int | `84` |  |
 | existingSecret | string | `""` | Secret containing the client-secrets for the connection to portal and wallet as well as encryptionKeys for issuer.credential and processesworker.wallet |
 | dotnetEnvironment | string | `"Production"` |  |
 | dbConnection.schema | string | `"issuer"` |  |

charts/ssi-credential-issuer/templates/cronjob-expiry-app.yaml → charts/ssi-credential-issuer/templates/cronjob-data-deletion-app.yaml

@@ -72,8 +72,8 @@ spec:
             {{- end }}
             - name: "EXPIRY__EXPIREDVCSTODELETEINMONTH"
               value: "{{ .Values.credentialExpiry.expiry.expiredVcsToDeleteInMonth }}"
-            - name: "EXPIRY__INACTIVEVCSTODELETEINWEEKS"
-              value: "{{ .Values.credentialExpiry.expiry.inactiveVcsToDeleteInWeeks }}"
+            - name: "EXPIRY__INACTIVEVCSTODELETEINDAYS"
+              value: "{{ .Values.credentialExpiry.expiry.inactiveVcsToDeleteInDays }}"
             - name: "PROCESSIDENTITY__IDENTITYID"
               value: "{{ .Values.credentialExpiry.processIdentity.identityId }}"
             - name: "PORTAL__CLIENTID"

charts/ssi-credential-issuer/values.yaml

@@ -149,7 +149,7 @@ processesworker:
 credentialExpiry:
   name: "expiry"
   image:
-    name: "docker.io/tractusx/ssi-credential-expiry-app"
+    name: "docker.io/tractusx/ssi-credential-data-deletion-app"
     tag: ""
     pullSecrets: []
   imagePullPolicy: "IfNotPresent"
@@ -167,7 +167,7 @@ credentialExpiry:
     default: "Information"
   expiry:
     expiredVcsToDeleteInMonth: 12
-    inactiveVcsToDeleteInWeeks: 12
+    inactiveVcsToDeleteInDays: 84
 
 # -- Secret containing the client-secrets for the connection to portal and wallet
 # as well as encryptionKeys for issuer.credential and processesworker.wallet

docker/Dockerfile-credential-expiry-app → docker/Dockerfile-credential-data-deletion-app

@@ -22,14 +22,14 @@ ARG TARGETARCH
 WORKDIR /
 COPY LICENSE NOTICE.md DEPENDENCIES /
 COPY src/ src/
-RUN dotnet restore "src/credentials/SsiCredentialIssuer.Expiry.App/SsiCredentialIssuer.Expiry.App.csproj"
-WORKDIR /src/credentials/SsiCredentialIssuer.Expiry.App
-RUN dotnet publish "SsiCredentialIssuer.Expiry.App.csproj" -c Release -o /app/publish
+RUN dotnet restore "src/credentials/SsiCredentialIssuer.DataDeletion.App/SsiCredentialIssuer.DataDeletion.App.csproj"
+WORKDIR /src/credentials/SsiCredentialIssuer.DataDeletion.App
+RUN dotnet publish "SsiCredentialIssuer.DataDeletion.App.csproj" -c Release -o /app/publish
 
 FROM mcr.microsoft.com/dotnet/runtime:9.0-alpine
 ENV COMPlus_EnableDiagnostics=0
 WORKDIR /app
 COPY --from=publish /app/publish .
 RUN chown -R 1000:3000 /app
 USER 1000:3000
-ENTRYPOINT ["dotnet", "Org.Eclipse.TractusX.SsiCredentialIssuer.Expiry.App.dll"]
+ENTRYPOINT ["dotnet", "Org.Eclipse.TractusX.SsiCredentialIssuer.DataDeletion.App.dll"]

docker/notice-credential-expiry-app.md → docker/notice-credential-data-deletion-app.md

@@ -1,14 +1,14 @@
 ## Notice for Docker image
 
-DockerHub: [https://hub.docker.com/r/tractusx/ssi-credential-expiry-app](https://hub.docker.com/r/tractusx/ssi-credential-expiry-app)
+DockerHub: [https://hub.docker.com/r/tractusx/ssi-credential-data-deletion-app](https://hub.docker.com/r/tractusx/ssi-credential-data-deletion-app)
 
 Eclipse Tractus-X product(s) installed within the image:
 
 __Credential Expiry App__
 
 - GitHub: https://github.com/eclipse-tractusx/ssi-credential-issuer
 - Project home: https://projects.eclipse.org/projects/automotive.tractusx
-- Dockerfile: https://github.com/eclipse-tractusx/ssi-credential-issuer/blob/main/docker/Dockerfile-credential-expiry-app
+- Dockerfile: https://github.com/eclipse-tractusx/ssi-credential-issuer/blob/main/docker/Dockerfile-credential-data-deletion-app
 - Project license: [Apache License, Version 2.0](https://github.com/eclipse-tractusx/ssi-credential-issuer/blob/main/LICENSE)
 
 __Used base images__

src/SsiCredentialIssuer.sln

@@ -27,11 +27,11 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CredentialProcess.Library",
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Portal.Service", "externalservices\Portal.Service\Portal.Service.csproj", "{8AF8FC7D-3448-422A-8739-0690AA700DAD}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SsiCredentialIssuer.Expiry.App", "credentials\SsiCredentialIssuer.Expiry.App\SsiCredentialIssuer.Expiry.App.csproj", "{9F9FFBEE-4256-494F-BEF7-8856145D45EC}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SsiCredentialIssuer.DataDeletion.App", "credentials\SsiCredentialIssuer.DataDeletion.App\SsiCredentialIssuer.DataDeletion.App.csproj", "{9F9FFBEE-4256-494F-BEF7-8856145D45EC}"
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "tests", "tests", "{A2FC3E0F-5AFE-44FA-909B-B8016DD1EB44}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SsiCredentialIssuer.Expiry.App.Tests", "..\tests\credentials\SsiCredentialIssuer.Expiry.App.Tests\SsiCredentialIssuer.Expiry.App.Tests.csproj", "{FFB1423F-C41F-46A9-8D5D-115B3BC46682}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SsiCredentialIssuer.DataDeletion.App.Tests", "..\tests\credentials\SsiCredentialIssuer.DataDeletion.App.Tests\SsiCredentialIssuer.DataDeletion.App.Tests.csproj", "{FFB1423F-C41F-46A9-8D5D-115B3BC46682}"
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SsiCredentialIssuer.Service.Tests", "..\tests\issuer\SsiCredentialIssuer.Service.Tests\SsiCredentialIssuer.Service.Tests.csproj", "{D88007E0-603A-49B7-B4E4-AD255B06D252}"
 EndProject

src/credentials/SsiCredentialIssuer.Expiry.App/ExpiryCheckService.cs → src/credentials/SsiCredentialIssuer.DataDeletion.App/DataDeletionCheckService.cs

@@ -29,33 +29,33 @@
 using Org.Eclipse.TractusX.SsiCredentialIssuer.DBAccess.Models;
 using Org.Eclipse.TractusX.SsiCredentialIssuer.DBAccess.Repositories;
 using Org.Eclipse.TractusX.SsiCredentialIssuer.Entities.Enums;
-using Org.Eclipse.TractusX.SsiCredentialIssuer.Expiry.App.DependencyInjection;
+using Org.Eclipse.TractusX.SsiCredentialIssuer.DataDeletion.App.DependencyInjection;
 using Org.Eclipse.TractusX.SsiCredentialIssuer.Portal.Service.Models;
 using Org.Eclipse.TractusX.SsiCredentialIssuer.Portal.Service.Services;
 using System.Text.Json;
 
-namespace Org.Eclipse.TractusX.SsiCredentialIssuer.Expiry.App;
+namespace Org.Eclipse.TractusX.SsiCredentialIssuer.DataDeletion.App;
 
 /// <summary>
 /// Service to delete the pending and inactive documents as well as the depending consents from the database
 /// </summary>
-public class ExpiryCheckService
+public class DataDeletionCheckService
 {
     private static readonly JsonSerializerOptions Options = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase };
     private readonly IServiceScopeFactory _serviceScopeFactory;
-    private readonly ILogger<ExpiryCheckService> _logger;
-    private readonly ExpiryCheckServiceSettings _settings;
+    private readonly ILogger<DataDeletionCheckService> _logger;
+    private readonly DataDeletionCheckServiceSettings _settings;
 
     /// <summary>
-    /// Creates a new instance of <see cref="ExpiryCheckService"/>
+    /// Creates a new instance of <see cref="DataDeletionCheckService"/>
     /// </summary>
     /// <param name="serviceScopeFactory">access to the services</param>
     /// <param name="logger">the logger</param>
     /// <param name="options">The options</param>
-    public ExpiryCheckService(
+    public DataDeletionCheckService(
         IServiceScopeFactory serviceScopeFactory,
-        ILogger<ExpiryCheckService> logger,
-        IOptions<ExpiryCheckServiceSettings> options)
+        ILogger<DataDeletionCheckService> logger,
+        IOptions<DataDeletionCheckServiceSettings> options)
     {
         _serviceScopeFactory = serviceScopeFactory;
         _logger = logger;
@@ -83,7 +83,7 @@ public async Task ExecuteAsync(CancellationToken stoppingToken)
                 var now = dateTimeProvider.OffsetNow;
                 var companySsiDetailsRepository = repositories.GetInstance<ICompanySsiDetailsRepository>();
                 var processStepRepository = repositories.GetInstance<IProcessStepRepository<ProcessTypeId, ProcessStepTypeId>>();
-                var inactiveVcsToDelete = now.AddDays(-(_settings.InactiveVcsToDeleteInWeeks * 7));
+                var inactiveVcsToDelete = now.AddDays(-_settings.InactiveVcsToDeleteInDays);
                 var expiredVcsToDelete = now.AddMonths(-_settings.ExpiredVcsToDeleteInMonth);
 
                 var credentials = outerLoopRepositories.GetInstance<ICompanySsiDetailsRepository>()