Merge pull request #1418 from credebl/qa

merge: Sync changes from qa to main

Author: pranalidhanavade

.env.demo

@@ -110,7 +110,7 @@ KEYCLOAK_MANAGEMENT_CLIENT_ID=adminClient
 KEYCLOAK_MANAGEMENT_CLIENT_SECRET=
 KEYCLOAK_REALM=credebl-platform
 
-SCHEMA_FILE_SERVER_URL='https://schema.credebl.id/schemas/'
+SCHEMA_FILE_SERVER_URL=
 SCHEMA_FILE_SERVER_TOKEN=
 
 GEO_LOCATION_MASTER_DATA_IMPORT_SCRIPT=/prisma/scripts/geo_location_data_import.sh
@@ -145,4 +145,45 @@ APP=api
 #Schema-file-server
 APP_PORT=4000
 JWT_TOKEN_SECRET=
-ISSUER=Credebl
+ISSUER=Credebl
+
+#Signoz and OTel
+IS_ENABLE_OTEL=false
+OTEL_SERVICE_NAME='CREDEBL-PLATFORM-SERVICE'
+OTEL_SERVICE_VERSION='1.0.0'
+OTEL_TRACES_OTLP_ENDPOINT='http://localhost:4318/v1/traces'
+OTEL_LOGS_OTLP_ENDPOINT='http://localhost:4318/v1/logs'
+OTEL_HEADERS_KEY=88ca6b1XXXXXXXXXXXXXXXXXXXXXXXXXXX
+OTEL_LOGGER_NAME='credebl-platform-logger'
+HOSTNAME='localhost'
+SESSIONS_LIMIT=10
+# SSO
+APP_PROTOCOL=http
+#To add more clients, simply copy the variable below and change the word 'CREDEBL' to your client's name.
+CREDEBL_CLIENT_ALIAS=CREDEBL
+CREDEBL_DOMAIN=http://localhost:3000
+CREDEBL_KEYCLOAK_MANAGEMENT_CLIENT_ID= #Provide the value in its encrypted form using CRYPTO_PRIVATE_KEY.
+CREDEBL_KEYCLOAK_MANAGEMENT_CLIENT_SECRET= #Provide the value in its encrypted form using CRYPTO_PRIVATE_KEY.
+# To add more clients, simply add comma separated values of client names
+SUPPORTED_SSO_CLIENTS=CREDEBL
+
+# Key for agent base wallet
+AGENT_API_KEY='supersecret-that-too-16chars'
+
+# To add more client add the following variables for each additional client.
+# Replace the `CLIENT-NAME` with the appropriate client name as added in `SUPPORTED_SSO_CLIENTS`
+# Default client will not need the following details
+
+# CLIENT-NAME_CLIENT_ALIAS=VERIFIER
+    # # Domain represents the redirection url once the client logs-in
+    # # TODO: Can be taken from keycloak instead
+# CLIENT-NAME_DOMAIN=https://VERIFIER-domain.com
+    # # Encrypted client credentials using the `CRYPTO_PRIVATE_KEY`
+# CLIENT-NAME_KEYCLOAK_MANAGEMENT_CLIENT_ID=
+# CLIENT-NAME_KEYCLOAK_MANAGEMENT_CLIENT_SECRET=
+
+# Sample values:
+# VERIFIER_CLIENT_ALIAS=VERIFIER
+# VERIFIER_DOMAIN=https://VERIFIER-domain.com
+# VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_ID=encryptedKeyCloakClientId
+# VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_SECRET=encryptedKeyCloakClientSecret

.env.sample

@@ -153,7 +153,7 @@ SCHEMA_FILE_SERVER_URL= // Please provide schema URL
 SCHEMA_FILE_SERVER_TOKEN=xxxxxxxx // Please provide schema file server token for polygon
 
 FILEUPLOAD_CACHE_TTL= //Provide file upload cache ttl
-
+SESSIONS_LIMIT= //Provide limits of sessions
 FIELD_UPLOAD_SIZE= //Provide field upload size
 
 IS_ECOSYSTEM_ENABLE= //Set this flag to `true` to enable the ecosystem, or `false` to disable it.
@@ -166,4 +166,44 @@ ELK_PASSWORD=xxxxxx // ELK user password
 
 ORGANIZATION=credebl
 CONTEXT=platform
-APP=api
+APP=api
+
+IS_ENABLE_OTEL=false                             # Flag to enable/disable OpenTelemetry (true = enabled, false = disabled)
+OTEL_SERVICE_NAME='CREDEBL-PLATFORM-SERVICE'     # Logical name of the service shown in observability tools (e.g., SigNoz)
+OTEL_SERVICE_VERSION='1.0.0'                     # Version of the service; helps in tracking changes over time
+OTEL_TRACES_OTLP_ENDPOINT='http://localhost:4318/v1/traces'  # Endpoint where traces are exported (OTLP over HTTP)
+OTEL_LOGS_OTLP_ENDPOINT='http://localhost:4318/v1/logs'      # Endpoint where logs are exported (OTLP over HTTP)
+OTEL_HEADERS_KEY=88ca6b1XXXXXXXXXXXXXXXXXXXXXXXXXXX          # API key or token used for authenticating with the OTel collector (e.g., SigNoz)
+OTEL_LOGGER_NAME='credebl-platform-logger'       # Name of the logger used for OpenTelemetry log records
+HOSTNAME='localhost'                             # Hostname or unique identifier for the service instance
+
+# SSO
+#To add more clients, simply copy the variable below and change the word 'CREDEBL' to your client's name.
+CREDEBL_CLIENT_ALIAS=CREDEBL
+CREDEBL_DOMAIN=http://localhost:3000
+CREDEBL_KEYCLOAK_MANAGEMENT_CLIENT_ID= #Provide the value in its encrypted form using CRYPTO_PRIVATE_KEY.
+CREDEBL_KEYCLOAK_MANAGEMENT_CLIENT_SECRET= #Provide the value in its encrypted form using CRYPTO_PRIVATE_KEY.
+# To add more clients, simply add comma separated values of client names
+SUPPORTED_SSO_CLIENTS=CREDEBL
+APP_PROTOCOL=
+
+# Key for agent base wallet
+AGENT_API_KEY='supersecret-that-too-16chars'
+
+# To add more client add the following variables for each additional client.
+# Replace the `CLIENT-NAME` with the appropriate client name as added in `SUPPORTED_SSO_CLIENTS`
+# Default client will not need the following details
+
+# CLIENT-NAME_CLIENT_ALIAS=MYAPP
+    # # Domain represents the redirection url once the client logs-in
+    # # TODO: Can be taken from keycloak instead
+# CLIENT-NAME_DOMAIN=https://myapp.com
+    # # Encrypted client credentials using the `CRYPTO_PRIVATE_KEY`
+# CLIENT-NAME_KEYCLOAK_MANAGEMENT_CLIENT_ID=
+# CLIENT-NAME_KEYCLOAK_MANAGEMENT_CLIENT_SECRET
+
+# Sample values:
+# VERIFIER_CLIENT_ALIAS=VERIFIER
+# VERIFIER_DOMAIN=https://VERIFIER-domain.com
+# VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_ID=encryptedKeyCloakClientId
+# VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_SECRET=encryptedKeyCloakClientSecret

.eslintrc.js

@@ -101,4 +101,4 @@ module.exports = {
     'prefer-template': 'error',
     quotes: ['warn', 'single', { allowTemplateLiterals: true }]
   }
-};
+};

.github/workflows/continuous-delivery.yml

@@ -44,6 +44,12 @@ jobs:
         id: get_tag
         run: echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
 
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@v3
         with:
@@ -57,6 +63,7 @@ jobs:
           context: .
           file: Dockerfiles/Dockerfile.${{ matrix.service }}
           push: true
+          platforms: linux/amd64,linux/arm64
           tags: |
             ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.service }}:${{ env.TAG }}
-            ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.service }}:latest
+            ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.service }}:latest

Dockerfiles/Dockerfile.agent-provisioning

@@ -9,6 +9,7 @@ RUN set -eux \
         aws-cli \
         docker \
         docker-compose \
+        jq \
     && npm install -g pnpm --ignore-scripts \
     && export PATH=$PATH:/usr/lib/node_modules/pnpm/bin \
     && rm -rf /var/cache/apk/*
@@ -46,6 +47,7 @@ RUN set -eux \
         aws-cli \
         docker \
         docker-compose \
+        jq \
     && npm install -g pnpm --ignore-scripts \
     && export PATH=$PATH:/usr/lib/node_modules/pnpm/bin \
     && rm -rf /var/cache/apk/*

apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh

@@ -17,6 +17,13 @@ PROTOCOL=${12}
 TENANT=${13}
 AFJ_VERSION=${14}
 INDY_LEDGER=${15}
+INBOUND_ENDPOINT=${16}
+SCHEMA_FILE_SERVER_URL=${17}
+AGENT_API_KEY=${18}
+ADMIN_PORT_FILE="$PWD/agent-provisioning/AFJ/port-file/last-admin-port.txt"
+INBOUND_PORT_FILE="$PWD/agent-provisioning/AFJ/port-file/last-inbound-port.txt"
+ADMIN_PORT=8001
+INBOUND_PORT=9001
 
 echo "AGENCY: $AGENCY"
 echo "EXTERNAL_IP: $EXTERNAL_IP"
@@ -34,11 +41,6 @@ echo "TENANT: $TENANT"
 echo "AFJ_VERSION: $AFJ_VERSION"
 echo "INDY_LEDGER: $INDY_LEDGER"
 
-ADMIN_PORT_FILE="$PWD/agent-provisioning/AFJ/port-file/last-admin-port.txt"
-INBOUND_PORT_FILE="$PWD/agent-provisioning/AFJ/port-file/last-inbound-port.txt"
-ADMIN_PORT=8001
-INBOUND_PORT=9001
-
 increment_port() {
     local port="$1"
     local lower_limit="$2"
@@ -144,7 +146,9 @@ cat <<EOF >${CONFIG_FILE}
   ],
   "webhookUrl": "$WEBHOOK_HOST/wh/$AGENCY",
   "adminPort": $ADMIN_PORT,
-  "tenancy": $TENANT
+  "tenancy": $TENANT,
+  "schemaFileServerURL": "$SCHEMA_FILE_SERVER_URL",
+  "apiKey": "$AGENT_API_KEY"
 }
 EOF
 
@@ -225,7 +229,7 @@ if [ $? -eq 0 ]; then
     container_logs=$(docker logs $(docker ps -q --filter "name=${AGENCY}_${CONTAINER_NAME}"))
 
     # Extract the token from the logs using sed
-    token=$(echo "$container_logs" | sed -nE 's/.*API Token: ([^ ]+).*/\1/p')
+    token=$(echo "$container_logs" | sed -nE 's/.*** API Key: ([^ ]+).*/\1/p')
 
     # Print the extracted token
     echo "Token: $token"