Merge pull request #441 from imec-int/feat/update-secret

xdxxxdx · web-flow · commit 1c99bdac5d37 · 2025-03-04T11:34:33.000+01:00
- removed all secrets
- fix GitHub action failing 
- add readme regarding removing of secrets
diff --git a/README.md b/README.md
@@ -149,3 +149,5 @@ GitHub may be utilized for version control; however, code should be treated as a
 In accordance with the [deployEMDS Information Security Policy](https://acatechev.sharepoint.de/:b:/r/sites/EuropeanMobilityDataSpaceDeploymentConsortiumspace/Freigegebene%20Dokumente/General/07_Security%20Policy/2024-02-16%20Information%20security%20policy_DeployEMDS_V1.5_CLEAN.pdf?csf=1&web=1&e=SwIPb1), section 7.1 "Information asset protection responsibility," we are required to evaluate all information assets used or created during the project. This evaluation should adhere to the checklist provided in the risk assessment template (Annex 1, pp. 15) . The Security Advisory Board (SAB) and Project Security Officer (PSO) should only be consulted if information security concerns arise, such as when any question on the checklist is answered affirmatively.
 
 This process ensures compliance with our security protocols and safeguards the intellectual property and sensitive information.
+
+Please note: secret keys have been redacted in this repository and must be replaced with user-provided keys to ensure functionality.
diff --git a/deployment/fiware/fw_deploy_all.sh b/deployment/fiware/fw_deploy_all.sh
@@ -75,7 +75,7 @@ echo ""
 curl -v POST "${til_ta_url_prefix}${partner_suffix}.${usecase_domain}/issuer" \
     --header 'Content-Type: application/json' \
     --data '{
-      "did": "did:key:zDnaewkzcKUEUvBcGdpEqxjdeP9Nudy6tic8smf7ZmhXEhsCS",
+      "did": "did:key:REDACTED",
       "credentials": []
     }'
 
diff --git a/deployment/fiware/fw_env.sh.example b/deployment/fiware/fw_env.sh.example
@@ -10,7 +10,7 @@ export tmf_api_scheme="http://"
 export tmf_api_name="deployemds-tmf-api"
 
 # envVars for admin api key
-export admin_api_key="9Bn1Qme3CNajoHR2QKeGPoU7TmeOcOFO"
+export admin_api_key="REDACTED"
 
 # envVars for more standard components
 export apisix_control_api_prefix="http://apisix-control"
diff --git a/deployment/fiware/values_provider.yaml b/deployment/fiware/values_provider.yaml
@@ -29,7 +29,7 @@ apisix:
   controlPlane:
     enabled: true
     resourcesPreset: micro
-    apiTokenAdmin: 9Bn1Qme3CNajoHR2QKeGPoU7TmeOcOFO
+    apiTokenAdmin: REDACTED
     tls: 
       enabled: false
     ingress:
@@ -442,7 +442,7 @@ vcverifier:
       level: DEBUG
     verifier:
       tirAddress: http://tir.trust-anchor.svc.cluster.local:8080
-      did: did:key:zDnaecDCWgeitzMX55oNoVneg3uN6AyesyTpfKSb6AU53Yb6Y
+      did: did:key:REDACTED
     server:
       host: http://verifier${partner_suffix}.demo-portal.eu
     configRepo:
diff --git a/design_decisions/repository_mgmt/requirements.txt b/design_decisions/repository_mgmt/requirements.txt
@@ -1,5 +1,5 @@
 certifi==2024.7.4
-cffi==1.16.0
+cffi==1.17.1
 charset-normalizer==3.3.2
 click==8.1.7
 cryptography==43.0.1
@@ -10,7 +10,7 @@ Jinja2==3.1.4
 MarkupSafe==2.1.5
 numpy==2.0.0
 openpyxl==3.1.4
-pandas==2.2.2
+pandas==2.2.3
 pycparser==2.22
 PyGithub==2.3.0
 PyJWT==2.8.0
@@ -24,3 +24,4 @@ typing_extensions==4.12.2
 tzdata==2024.1
 urllib3==2.2.2
 wrapt==1.16.0
+ninja==1.11.1
diff --git a/tests/README.md b/tests/README.md
@@ -19,3 +19,5 @@ Definitions and deliverables and are organized in a tree that reflects the proje
 ```
 
 The structure will be used to implement comparative reviews to align the results of testing facilities. For this reason, it is advisable to follow the publication guidelines, although improvements are always welcome, and they can be requested via issues.
+
+Please notice: any secret keys have been intentionally redacted and will need to be replaced by user-provided keys to ensure functionality
diff --git a/tests/data_sharing/data_sharing_request/request_data_transfer/test_5_1_1_1/result_fiware.md b/tests/data_sharing/data_sharing_request/request_data_transfer/test_5_1_1_1/result_fiware.md
@@ -65,7 +65,7 @@ These logs could also be added/crawled into a system that provides an API to dow
 
 Nginx Logs
 ```
-185.56.150.174 - - [14/Aug/2024:10:49:25 +0000] "GET /v4/issuers/did:key:zDnaehyDsm7rkbt3t1wqYZm7vAyaEt83EZtnSF35tpXuGNgQu HTTP/1.1" 200 83 "-" "Go-http-client/1.1" 170 0.015 [trust-anc ││ 185.56.150.174 - - [14/Aug/2024:10:49:25 +0000] "POST /services/data-service/token HTTP/1.1" 200 1259 "-" "PostmanRuntime/7.29.2" 2842 0.380 
+185.56.150.174 - - [14/Aug/2024:10:49:25 +0000] "GET /v4/issuers/did:key:REDACTED HTTP/1.1" 200 83 "-" "Go-http-client/1.1" 170 0.015 [trust-anc ││ 185.56.150.174 - - [14/Aug/2024:10:49:25 +0000] "POST /services/data-service/token HTTP/1.1" 200 1259 "-" "PostmanRuntime/7.29.2" 2842 0.380 
 ```
 
 VCVerifier Logs
@@ -80,13 +80,13 @@ VCVerifier Logs
 │ {"level":"debug","msg":"Verify trusted participant for \"eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkaWQ6a2V5OnpEbmFlaHlEc203cmtidDN0MXdxWVptN3ZBeWFFdDgzRVp0blNGMzV0cFh1R05nUXUi │
 │ {"level":"info","msg":"Participants are: map[NaturalPersonCredential:[http://tir-ta.fiwareconnector.de]]","time":"2024-08-14T10:51:39Z"}                                                      │
 │ {"level":"info","msg":"First Value is [http://tir-ta.fiwareconnector.de]","time":"2024-08-14T10:51:39Z"}                                                                                      │
-│ {"level":"debug","msg":"Check if a participant did:key:zDnaehyDsm7rkbt3t1wqYZm7vAyaEt83EZtnSF35tpXuGNgQu is trusted through http://tir-ta.fiwareconnector.de.","time":"2024-08-14T10:51:39Z"} │
-│ {"level":"debug","msg":"Get issuer http://tir-ta.fiwareconnector.de/v4/issuers/did:key:zDnaehyDsm7rkbt3t1wqYZm7vAyaEt83EZtnSF35tpXuGNgQu.","time":"2024-08-14T10:51:39Z"}                     │
-│ {"level":"debug","msg":"Issuer did:key:zDnaehyDsm7rkbt3t1wqYZm7vAyaEt83EZtnSF35tpXuGNgQu response from http://tir-ta.fiwareconnector.de is 200","time":"2024-08-14T10:51:39Z"}                │
-│ {"level":"debug","msg":"Issuer did:key:zDnaehyDsm7rkbt3t1wqYZm7vAyaEt83EZtnSF35tpXuGNgQu is a trusted participant via http://tir-ta.fiwareconnector.de.","time":"2024-08-14T10:51:39Z"}       │
+│ {"level":"debug","msg":"Check if a participant did:key:REDACTED is trusted through http://tir-ta.fiwareconnector.de.","time":"2024-08-14T10:51:39Z"} │
+│ {"level":"debug","msg":"Get issuer http://tir-ta.fiwareconnector.de/v4/issuers/did:key:REDACTED.","time":"2024-08-14T10:51:39Z"}                     │
+│ {"level":"debug","msg":"Issuer did:key:REDACTED response from http://tir-ta.fiwareconnector.de is 200","time":"2024-08-14T10:51:39Z"}                │
+│ {"level":"debug","msg":"Issuer did:key:REDACTED is a trusted participant via http://tir-ta.fiwareconnector.de.","time":"2024-08-14T10:51:39Z"}       │
 │ {"level":"debug","msg":"Validate trusted issuer for \"eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkaWQ6a2V5OnpEbmFlaHlEc203cmtidDN0MXdxWVptN3ZBeWFFdDgzRVp0blNGMzV0cFh1R05nUXUifQ. │
-│ {"level":"debug","msg":"Get issuer http://tir-ta.fiwareconnector.de/v4/issuers/did:key:zDnaehyDsm7rkbt3t1wqYZm7vAyaEt83EZtnSF35tpXuGNgQu.","time":"2024-08-14T10:51:39Z"}                     │
-│ {"level":"debug","msg":"Got issuer {\"did\":\"did:key:zDnaehyDsm7rkbt3t1wqYZm7vAyaEt83EZtnSF35tpXuGNgQu\",\"attributes\":[]}.","time":"2024-08-14T10:51:39Z"}                             │
+│ {"level":"debug","msg":"Get issuer http://tir-ta.fiwareconnector.de/v4/issuers/did:key:REDACTED.","time":"2024-08-14T10:51:39Z"}                     │
+│ {"level":"debug","msg":"Got issuer {\"did\":\"did:key:REDACTED\",\"attributes\":[]}.","time":"2024-08-14T10:51:39Z"}                             │
 │ {"level":"debug","msg":"No forbidden claim found for subject {}. Checked config was {\"validFor\":{\"from\":\"\",\"to\":\"\"},\"credentialsType\":\"\",\"claims\":null}.","time":"2024-08 │
 │ {"level":"debug","msg":"Credential \"eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkaWQ6a2V5OnpEbmFlaHlEc203cmtidDN0MXdxWVptN3ZBeWFFdDgzRVp0blNGMzV0cFh1R05nUXUifQ.eyJuYmYiOjE3MjM2M │
 │ {"level":"info","msg":"Generated and signed token: {Bearer 1800 eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1pdWlSS1VrU3VVcTc2QzVXQTZNTTdITDN6WWl4b04zeEZSOXNTcHljenciLCJ0eXAiOiJKV1QifQ.eyJhdWQiOlsiZG │
diff --git a/tests/participant_onboarding/certification/identity_and_credentials_issuance/test_1_3_1_1a/result_edc_vc.md b/tests/participant_onboarding/certification/identity_and_credentials_issuance/test_1_3_1_1a/result_edc_vc.md
@@ -34,7 +34,7 @@ EDC Ecosystem**
   ],
   "type": ["VerifiableCredential"],
   "id": "did:web:wizard.lab.gaia-x.eu:api:credentials:2d37wbGvQzbAQ84yRouh2m2vBKkN8s5AfH9Q75HZRCUQmJW7yAVSNKzjJj6gcjE2mDNDUHCichXWdMH3S2c8AaDLm3kXmf5R8DWA1SrzhRkGLQLXtXP852M7hoH5hPXGueYtSN6cWyvnrXGkEYnXxDojTAVkCe44TbAPCXzgryYv33pwdVYxMoD1VDrMv9g6WksqPg6Ab76NNqEBPQR6Ncw8suXEGyMUqyZ53zrv1WNhmbNA8mt53AdL7WouUwX97gSuo5gYeBCNhbHULH2z8P1fFLCvWwTLj1Mh99fEtcdwzUeKZ9nXE7ULVvSmB9XLycHA59ArGK95ffgtTqpsVZ5DWBLEExPivNuNsBx2B5QzQDTcyucLgfnZXUXDW5A2jDgTJuAn5YQxkr6zcdvhX7jR8jbttZYYfEcRAgCNpF2tWFSBNHP3HNmjhHESHSjdRiCGPCGZ5VoRi7d9EFX3xPy8uXooe5pB5WTZAzmReFdDJZJnamFmY47VL36A8Hs5AxLKVbSBtnHMPZbSVvQgZnRMhPCJZyQEdLJj8xVdegcfx1B75vrst1e5ipyRKJsKxDHkHb6VHBB1h6fp7PskbJFDHGNAvdm8VSxccn8?uid=600f377a-ac0e-4628-abc6-334352861bf9",
-  "issuer": "did:web:wizard.lab.gaia-x.eu:api:credentials:2d37wbGvQzbAQ84yRouh2m2vBKkN8s5AfH9Q75HZRCUQmJW7yAVSNKzjJj6gcjE2mDNDUHCichXWdMH3S2c8AaDLm3kXmf5R8DWA1SrzhRkGLQLXtXP852M7hoH5hPXGueYtSN6cWyvnrXGkEYnXxDojTAVkCe44TbAPCXzgryYv33pwdVYxMoD1VDrMv9g6WksqPg6Ab76NNqEBPQR6Ncw8suXEGyMUqyZ53zrv1WNhmbNA8mt53AdL7WouUwX97gSuo5gYeBCNhbHULH2z8P1fFLCvWwTLj1Mh99fEtcdwzUeKZ9nXE7ULVvSmB9XLycHA59ArGK95ffgtTqpsVZ5DWBLEExPivNuNsBx2B5QzQDTcyucLgfnZXUXDW5A2jDgTJuAn5YQxkr6zcdvhX7jR8jbttZYYfEcRAgCNpF2tWFSBNHP3HNmjhHESHSjdRiCGPCGZ5VoRi7d9EFX3xPy8uXooe5pB5WTZAzmReFdDJZJnamFmY47VL36A8Hs5AxLKVbSBtnHMPZbSVvQgZnRMhPCJZyQEdLJj8xVdegcfx1B75vrst1e5ipyRKJsKxDHkHb6VHBB1h6fp7PskbJFDHGNAvdm8VSxccn8",
+  "issuer": "did:web:wizard.lab.gaia-x.eu:api:credentials:REDACTED",
   "issuanceDate": "2024-07-17T13:39:37.965Z",
   "credentialSubject": {
     "gx:legalName": "IMEC",
diff --git a/tests/sharing_agreement/negotiation/negotiating_sharing_agreement/test_4_2_1_3/result_edc_vc.md b/tests/sharing_agreement/negotiation/negotiating_sharing_agreement/test_4_2_1_3/result_edc_vc.md
@@ -89,7 +89,7 @@ When the consumer holds the DataProcessorCredential with the correct claim `leve
         "issuancePolicy": null,
         "reissuancePolicy": null,
         "verifiableCredential": {
-            "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA4MyIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwibGV2ZWwiOiJwcm9jZXNzaW5nIn19LCJpYXQiOjE3MjEzODU0Nzd9.vmumM-nRghKDASiwXZoRumnGAq_aRRw7UNO6PaIZZGu-Swl4GQzL5-4aXhEw0FrRMBRchmK9_FUcWenzbcBaDw",
+            "rawVc": "REDACTED",
             "format": "JWT",
             "credential": {
                 "credentialSubject": [
diff --git a/web/docs/tech-testing/way-of-working.mdx b/web/docs/tech-testing/way-of-working.mdx
@@ -76,4 +76,5 @@ The following testing facilities are currently proposed:
 | ~~Fiware+iShare~~ | ~~i4Trust~~                                         | ~~TBD~~                                                    | ~~Gernot (Fiware)~~                    | ~~imec~~       | ~~Cefriel~~                   | ~~Deprecated, will not test~~                                                                                                                     |
 | ~~EDC+XFSC~~      | ~~EDC v0.7 with some XFSC components~~              | ~~Catalog, identity provider, wallet from XFSC (Eclipse)~~ | ~~Christoph Lange-Bever (Fraunhofer)~~ | ~~TBD~~        | ~~TBD~~                       | ~~Info session completed, difficult deployment and lower maturity~~                                                                               |
 * **Technical buddies** are either commercial providers or experienced partners who help deploying the stacks.
-* The **Test squads** are deployEMDS WP2 workgroup _"Building blocks"_ partners that are responsible for phase 0 and phase 1.
+* The **Test squads** are deployEMDS WP2 workgroup _"Building blocks"_ partners that are responsible for phase 0 and phase 1.
+* Please notice: any secret keys have been intentionally redacted and will need to be replaced by user-provided keys to ensure functionality.
diff --git a/web/package-lock.json b/web/package-lock.json
