MDB issue with private key inside broker-core container

[jfernandezsqs]

Hi all, I have deployed your component version 5.0.0 and it is not possible to insert the Broker private key into the broker-core container. For this deployment, I have used the IDS-testbed repository with the following configuration on the docker-compose.yml file.

  broker-reverseproxy:
    image: registry.gitlab.cc-asp.fraunhofer.de/eis-ids/broker-open/reverseproxy
    container_name: broker-reverseproxy
    volumes:
      - ./MetadataBroker/server.crt:/etc/cert/server.crt
      - ./MetadataBroker/server.key:/etc/cert/server.key
    ports:
      - "444:443" # IDS-HTTP API
      - "81:80"
    networks:
      - local

  broker-core:
    image: registry.gitlab.cc-asp.fraunhofer.de/eis-ids/broker-open/core:5.0.0
    container_name: broker-core
    volumes:
      - ./MetadataBroker/isstbroker-keystore.jks:/etc/cert/isstbroker-keystore.jks
    environment:
      - SPARQL_ENDPOINT=http://broker-fuseki:3030/connectorData
      - ELASTICSEARCH_HOSTNAME=broker-elasticsearch
      - SHACL_VALIDATION=true
      - DAPS_VALIDATE_INCOMING=true
      - COMPONENT_URI=https://localhost/
      - COMPONENT_CATALOGURI=https://localhost/connectors/
      - DAPS_URL=https://omejdn/auth/token
    expose:
      - "8080"
    networks:
      - local

  broker-fuseki:
    image: registry.gitlab.cc-asp.fraunhofer.de/eis-ids/broker-open/fuseki
    container_name: broker-fuseki
    volumes:
      - broker-fuseki:/fuseki
    expose:
      - "3030"
    networks:
      - local

volumes:
  broker-fuseki:

It has been tried the solution described here but it does not validate the IDS-testbed DAPS. The error obtained when trying to register the DSCA to the MDB is detailed at this issue 92.

[timwirtz86]

Dear @jfernandezsqs, sorry that it took so long to come back to you. May I ask you to give us more details about the setup and what you have done so far? from the different issues alone, it is hard to sum it up and get an idea of what caused it.

Moreover, in the meantime, we have released 5.0.3. However, we didn't change things with daps so that the same problem will occure

[jfernandezsqs]

Dear @timwirtz86, The setup is the one detailed at the IDS-testbed repository, just changing line 101 of the docker-compose.yml file to

image: registry.gitlab.cc-asp.fraunhofer.de/eis-ids/broker-open/core:5.0.0

The configuration that is used for the Metadata Broker setup is detailed at the docker-compose.yml file and the certificates used for its deployment are located at this folder MetadataBroker. The issue is that it is not possible to insert the Broker private key into the broker-core container and therefore the component does not work correctly with the rest of components (DAPS and DSC).

[SebastianOpriel]

We can confirm the problem on our side, with following setup. Same problem, same error message.

  broker-core:
    container_name: broker-core
    image: registry.gitlab.cc-asp.fraunhofer.de/eis-ids/broker/core:5.0.0-RELEASECANDIDATE
    volumes:
      - ../../resources/mds-broker/cert:/etc/cert
    environment:
      - SPARQL_ENDPOINT=http://broker-fuseki:3030/connectorData
      - ELASTICSEARCH_HOSTNAME=broker-elasticsearch
      - SHACL_VALIDATION=true
      - DAPS_VALIDATE_INCOMING=false
    ports:
      - "8080:8080"
    depends_on:
      - "broker-elasticsearch"
      - "broker-fuseki"

@timwirtz86 registry.gitlab.cc-asp.fraunhofer.de/eis-ids/broker/core:5.0.3 crashes already on startup: 2022-12-07 10:55:05 exec /run.sh: no such file or directory

[timwirtz86]

I will check what happend with the Docker-Image

[SebastianOpriel]

The issue regarding run.sh could be related to line ending encoding differences between linux and windows.