rjones (Fri, 11 Sep 2020 13:20:33 GMT):
choeppler
rjones (Fri, 11 Sep 2020 13:20:42 GMT):
howdy!
choeppler (Fri, 11 Sep 2020 14:13:57 GMT):
Hi! Thank your for setting up this channel, @rjones!
choeppler (Fri, 11 Sep 2020 14:16:27 GMT):
User User_1 added by choeppler.
frank-bee (Fri, 11 Sep 2020 14:22:39 GMT):
Hey cool , thanks from me as well :-) @rjones
frank-bee (Fri, 11 Sep 2020 14:22:59 GMT):
we have a channel :woo:
rjones (Fri, 11 Sep 2020 14:34:40 GMT):
Has left the channel.
domwoe (Fri, 11 Sep 2020 14:46:36 GMT):
Has joined the channel.
matgnt (Fri, 11 Sep 2020 15:04:19 GMT):
Has joined the channel.
manoranjith (Tue, 15 Sep 2020 07:00:55 GMT):
Has joined the channel.
frank-bee (Thu, 17 Sep 2020 06:14:53 GMT):
@choeppler I created an issue for that NOTICE check :-)
frank-bee (Thu, 17 Sep 2020 06:15:06 GMT):
( I think I mentioned you anyway)
choeppler (Thu, 17 Sep 2020 15:12:29 GMT):
Okay, good. I‘ll have a look tomorrow...
vi-fu (Fri, 18 Sep 2020 07:46:45 GMT):
Has joined the channel.
vi-fu (Fri, 18 Sep 2020 07:46:45 GMT):
hello
etschelp (Fri, 18 Sep 2020 09:28:20 GMT):
Has joined the channel.
frank-bee (Fri, 18 Sep 2020 09:46:56 GMT):
Hi
frank-bee (Fri, 18 Sep 2020 09:47:25 GMT):
wir installieren gerade mal ngrok aufm mac und checken dann nochmal was geht
frank-bee (Fri, 18 Sep 2020 09:48:37 GMT):
ups sorry, english here, not?
frank-bee (Fri, 18 Sep 2020 09:48:45 GMT):
would be better
frank-bee (Fri, 18 Sep 2020 10:11:00 GMT):
on my mashine I have problems with the uniresolver I think:
```
company-agent_1 | 10:09:05.923 [pool-2-thread-8] ERROR RoutingInBoundHandler - Unexpected error occurred: Connect Error: resolver.4d8674d5248546c79689.westeurope.aksapp.io: System error
company-agent_1 | io.micronaut.http.client.exceptions.HttpClientException: Connect Error: resolver.4d8674d5248546c79689.westeurope.aksapp.io: System error
company-agent_1 | at io.micronaut.http.client.netty.DefaultHttpClient.lambda$null$33(DefaultHttpClient.java:1098) ~[organizational-agent.jar:?]
company-agent_1 | at io.micronaut.http.client.netty.DefaultHttpClient$$Lambda$768/000000002805C520.operationComplete(Unknown Source) ~[?:?]
company-agent_1 | at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:577) ~[organizational-agent.jar:?]
```
frank-bee (Fri, 18 Sep 2020 10:11:47 GMT):
@etschelp is the url somewhere hardcoded?
etschelp (Fri, 18 Sep 2020 10:13:02 GMT):
pull?
frank-bee (Fri, 18 Sep 2020 10:13:05 GMT):
this is the current resolver
https://resolver.dev.economyofthings.io/1.0/identifiers/did:sov:iil:M6Mbe3qx7vB4wpZF4sBRjt
etschelp (Fri, 18 Sep 2020 10:13:16 GMT):
its already changed
frank-bee (Fri, 18 Sep 2020 10:13:52 GMT):
I try to pull again. did a reset --hard but maybe no pull...
frank-bee (Fri, 18 Sep 2020 10:17:56 GMT):
agent is running on vitali's machine . check
etschelp (Fri, 18 Sep 2020 10:29:29 GMT):
have you checked your .env file? BPA_RESOLVER_URL=xxx
frank-bee (Fri, 18 Sep 2020 11:02:20 GMT):
@etschelp , we have a new contributer , vitali
https://github.com/hyperledger-labs/business-partner-agent/blob/master/NOTICE#L30
and this time we added him to the notice file right with the first commit :-)
frank-bee (Fri, 18 Sep 2020 11:02:20 GMT):
@choeppler , we have a new contributer , vitali
https://github.com/hyperledger-labs/business-partner-agent/blob/master/NOTICE#L30
and this time we added him to the notice file right with the first commit :-)
frank-bee (Fri, 18 Sep 2020 11:03:56 GMT):
@etschelp I anyway setup anything again on my new linux laptop.
But for @vi-fu all works so far. thanks for the help :-)
frank-bee (Fri, 18 Sep 2020 11:04:11 GMT):
And happy vacation :-)
frank-bee (Fri, 18 Sep 2020 11:04:23 GMT):
(I will also leave soon )
etschelp (Fri, 18 Sep 2020 11:09:17 GMT):
perfect. have a nice weekend and vacation :)
danielksan81 (Wed, 23 Sep 2020 08:06:14 GMT):
Has joined the channel.
frank-bee (Tue, 13 Oct 2020 14:45:24 GMT):
I removed the github action, that we anyway don't use
frank-bee (Tue, 13 Oct 2020 14:46:20 GMT):
added one to delete old non-protected branches (older than 2 month)
https://github.com/hyperledger-labs/business-partner-agent/actions/runs/304605830
fine?
frank-bee (Tue, 13 Oct 2020 14:51:35 GMT):
There are quite some protected branches , mainly from me when I worked with the github UI. But I don't have the right to unprotect them... any idea @choeppler ?
frank-bee (Wed, 14 Oct 2020 07:48:37 GMT):
Morning @vi-fu , I just talked to @domwoe
frank-bee (Wed, 14 Oct 2020 07:49:45 GMT):
He will set-up a meeting for tomorrow with the three of us...
Meanwhile you could look at this issue
https://github.com/hyperledger-labs/business-partner-agent/issues/98
frank-bee (Wed, 14 Oct 2020 07:58:33 GMT):
This issue would also be good to start with
https://github.com/hyperledger-labs/business-partner-agent/issues/172
choeppler (Wed, 14 Oct 2020 10:13:22 GMT):
I'll ping Ry and ask him how he wants us to deal with such issues.
Just to clarify the specific case at hand: you'd like to un-protect all branches but the master branch, wouldn't you?
frank-bee (Wed, 14 Oct 2020 10:22:31 GMT):
ok cool, thanks
frank-bee (Wed, 14 Oct 2020 10:23:47 GMT):
@domwoe @vi-fu
I worked on this issue
could you check and comment my PR when you find time?
https://github.com/hyperledger-labs/business-partner-agent/pull/175
frank-bee (Thu, 15 Oct 2020 11:53:51 GMT):
@domwoe
regarding transaction order agreement
frank-bee (Thu, 15 Oct 2020 11:54:18 GMT):
'''
{
"result": {
"aml_record": null,
"taa_record": null,
"taa_required": false,
"taa_accepted": null
}
}
```
```
frank-bee (Thu, 15 Oct 2020 11:54:41 GMT):
do we have to configure this on our test ledger to be able to test it?
domwoe (Thu, 15 Oct 2020 12:00:14 GMT):
I'd rather spin up a local ledger with the appropriate config (https://github.com/bcgov/von-network)
frank-bee (Thu, 15 Oct 2020 12:19:37 GMT):
looks a bit complicated
why not adding taa but with "taa_required": false
would this do any harm?
frank-bee (Thu, 15 Oct 2020 12:20:03 GMT):
I meen to our test ledger
frank-bee (Thu, 15 Oct 2020 12:20:03 GMT):
I mean to our test ledger
domwoe (Thu, 15 Oct 2020 12:23:34 GMT):
ah, ok. If you think this is sufficient for testing, I guess that's ok
frank-bee (Thu, 15 Oct 2020 12:24:04 GMT):
@etschelp
frank-bee (Thu, 15 Oct 2020 12:24:21 GMT):
could you configure some TAA on our testledger?
frank-bee (Thu, 15 Oct 2020 12:24:30 GMT):
with "taa_required": false
tkuhrt (Tue, 20 Oct 2020 19:42:58 GMT):
Has joined the channel.
domwoe (Thu, 22 Oct 2020 09:51:16 GMT):
@vi-fu Is the error 500 when requesting a verification the bug you're already aware of?
domwoe (Thu, 22 Oct 2020 09:51:46 GMT):
@vi-fu the payload for the /request-verification call is empty
domwoe (Thu, 22 Oct 2020 09:59:38 GMT):
There's also another bug. When editing the document and clicking on save it show the tooltip
domwoe (Thu, 22 Oct 2020 12:21:56 GMT):
i take care of the first thing
domwoe (Thu, 22 Oct 2020 12:22:29 GMT):
there's also another change that got lost
frank-bee (Wed, 04 Nov 2020 16:58:05 GMT):
@tkuhrt Hi Tracy , could you helm us with something please?
I'm trying to add a github action which automatically deploys a helm chart to the git hub page if our repository.
(see also https://github.com/helm/chart-releaser-action)
This is currently failing because of these errors
```
remote: error: GH006: Protected branch update failed for refs/heads/gh-pages.
remote: error: Required status check "DCO" is expected.
```
See https://github.com/hyperledger-labs/business-partner-agent/runs/1354012638?check_suite_focus=true
Could you configure the `gh-pages` branch to allow pushes from the CI user without "DCO", please?
The CI user is using the secret "secrets.GITHUB_TOKEN" which contains a GitHub access token with repo scope.
I can also create one from my personal account and send it to you, if that helps
Thanks in advance!
frank-bee (Wed, 04 Nov 2020 16:58:05 GMT):
@tkuhrt Hi Tracy , could you help us with something please?
I'm trying to add a github action which automatically deploys a helm chart to the git hub page if our repository.
(see also https://github.com/helm/chart-releaser-action)
This is currently failing because of these errors
```
remote: error: GH006: Protected branch update failed for refs/heads/gh-pages.
remote: error: Required status check "DCO" is expected.
```
See https://github.com/hyperledger-labs/business-partner-agent/runs/1354012638?check_suite_focus=true
Could you configure the `gh-pages` branch to allow pushes from the CI user without "DCO", please?
The CI user is using the secret "secrets.GITHUB_TOKEN" which contains a GitHub access token with repo scope.
I can also create one from my personal account and send it to you, if that helps
Thanks in advance!
tkuhrt (Wed, 04 Nov 2020 17:46:10 GMT):
@rjones : Can you help with this request? ^^^ I am not sure how we normally handle DCO and CI.
rjones (Wed, 04 Nov 2020 17:46:10 GMT):
Has joined the channel.
rjones (Wed, 04 Nov 2020 18:08:59 GMT):
Hi - I think it should work now. I also enabled "allow branch deletion" so someone could clean up all of the old branches. https://github.com/hyperledger-labs/business-partner-agent/branches
frank-bee (Thu, 05 Nov 2020 08:11:03 GMT):
Thanks guys for your quick help :-)
Will try it out later...
frank-bee (Thu, 05 Nov 2020 11:11:46 GMT):
@rjones , the release action seems to work now.
I configured it do a helm chart release on pushed to release branches (release/**)
What is not yet working is the URL to the git hub page for our repo.
The default URL is this one.
http(s)://
frank-bee (Thu, 05 Nov 2020 11:11:46 GMT):
@rjones , the release action seems to work now.
I configured it do a helm chart release on pushes to release branches (release/**)
What is not yet working is the URL to the git hub page for our repo.
The default URL is this one.
http(s)://
frank-bee (Thu, 05 Nov 2020 11:23:57 GMT):
And one more thing, I'd like to ask you.
Could you please make @vi-fu ( https://github.com/vi-fu ) contributer in our project? Or whatever role he needs , that allows us to assign issues to him, which would help us.
Thanks a lot in advance!
rjones (Thu, 05 Nov 2020 12:27:08 GMT):
https://labs.hyperledger.org/business-partner-agent/index.yaml
rjones (Thu, 05 Nov 2020 12:28:00 GMT):
Invite extended
domwoe (Fri, 06 Nov 2020 14:12:02 GMT):
@vi-fu Great that you bring some structure in the code!
vi-fu (Fri, 06 Nov 2020 14:17:31 GMT):
Thx :woo:
frank-bee (Fri, 06 Nov 2020 14:21:42 GMT):
@domwoe
TAA is fixed now... yeah. UI looks really nice , thanks to @vi-fu
frank-bee (Fri, 06 Nov 2020 14:23:10 GMT):
there is still one small thing:
if the frontend is open and the backend is reloaded with a new endpoint -> in this case without reload the popup asking for the TAA and triggering the endpoint change will not appear
frank-bee (Fri, 06 Nov 2020 14:23:44 GMT):
I assume that's fine for you, because you anyway love reloading , correct ;-)
frank-bee (Fri, 06 Nov 2020 14:23:44 GMT):
I assume that's fine for you, because you anyway love reloading , correct ?;-)
frank-bee (Fri, 06 Nov 2020 14:23:44 GMT):
Is this ok?
frank-bee (Fri, 06 Nov 2020 14:24:31 GMT):
guys, I leave for the day. have a great weekend :-) :-)
vi-fu (Fri, 06 Nov 2020 14:28:41 GMT):
You too Frank, have a great weekend :)
domwoe (Mon, 09 Nov 2020 08:33:31 GMT):
@vi-fu hey, I've commented the TAA Pull Request, but I'm not sure if you've seen that. In noticed that you kept the markdown editor in the package.json. Could you remove that package in a next commit?
etschelp (Wed, 11 Nov 2020 08:53:15 GMT):
Hey. I see that the compose files are now in a separate directory. How is this supposed to work now? Also the paths in the Dockerfile are still the old ones, as Docker cannot access files that are outside the directory structure like ../something this looks broken to me now.
etschelp (Wed, 11 Nov 2020 08:53:15 GMT):
Hey. I see that the compose files are now in a separate directory. How is this supposed to work now? Also the paths in the Dockerfile are still the old ones, as Docker cannot access files that are outside the directory structure like ../something this looks broken to me now.
ERROR: Service 'company-agent' failed to build : COPY failed: Forbidden path outside the build context: ../backend/pom.xml
frank-bee (Wed, 11 Nov 2020 09:21:21 GMT):
We saws this on vitalys machine as well
i move the Dockerfile to the root of the repo again. And change the build context in compose files to ".."
domwoe (Wed, 11 Nov 2020 09:23:23 GMT):
It's also possible to use docker, docker-compose from the root and specify the file with -f. The context is then relative to where you started the command not where the file lives
frank-bee (Wed, 11 Nov 2020 09:24:10 GMT):
but the scripts won't work
frank-bee (Wed, 11 Nov 2020 09:24:37 GMT):
or ?
frank-bee (Wed, 11 Nov 2020 09:25:34 GMT):
Let's move it , not?
domwoe (Wed, 11 Nov 2020 09:27:02 GMT):
mh the env file also needs to be in root I think
frank-bee (Wed, 11 Nov 2020 09:27:27 GMT):
I don't think so
frank-bee (Wed, 11 Nov 2020 09:27:44 GMT):
the env file should be there where you start the scripts
frank-bee (Wed, 11 Nov 2020 09:27:47 GMT):
not?
domwoe (Wed, 11 Nov 2020 09:28:34 GMT):
you need to start the scripts from the root. Otherwise you get the problem @etschelp described
frank-bee (Wed, 11 Nov 2020 09:29:02 GMT):
not if I move the dockerfile and change the context
frank-bee (Wed, 11 Nov 2020 09:29:23 GMT):
https://github.com/hyperledger-labs/business-partner-agent/pull/258
domwoe (Wed, 11 Nov 2020 09:30:11 GMT):
mh ok, feels also a bit strange. I'd suggest we look at few well known projecrs an look how they handle it :)
frank-bee (Wed, 11 Nov 2020 09:34:16 GMT):
I also renamed the docker folder to "scripts" , then it make totally sense to me
frank-bee (Wed, 11 Nov 2020 09:35:01 GMT):
Docker build should be anyway independent of the compose-stuff
domwoe (Wed, 11 Nov 2020 10:17:12 GMT):
ok. now we have to have our .env in the scripts folder?
frank-bee (Wed, 11 Nov 2020 10:18:28 GMT):
yes. it belongs to the compose scripts ,not?
frank-bee (Wed, 11 Nov 2020 10:19:33 GMT):
we can also call the folder docker-compose-plus-shell-scripts-setup :laughing:
domwoe (Wed, 11 Nov 2020 10:20:19 GMT):
yes, fine. Does it make a difference if I do cd scripts && ./start-with-tunnels.sh or ./scripts/start-with-tunnels.sh ?
domwoe (Wed, 11 Nov 2020 10:20:36 GMT):
alos https://github.com/hyperledger-labs/business-partner-agent/tree/master/scripts still has "docker" folder in README
frank-bee (Wed, 11 Nov 2020 10:21:50 GMT):
yes it makes a difference, the "context"
frank-bee (Wed, 11 Nov 2020 10:22:40 GMT):
the readme I can fix if we agree - at least for the time beeing - on the structure
frank-bee (Wed, 11 Nov 2020 10:24:52 GMT):
./scripts/start-with-tunnels.sh does not make much sense if the related readme is in ./scripts, not?
domwoe (Wed, 11 Nov 2020 10:25:42 GMT):
For the first time usage yes, then no :) But I'm fine with it
frank-bee (Wed, 11 Nov 2020 10:29:59 GMT):
OK, I change the context to "." again and check the docu.
all fine
frank-bee (Wed, 11 Nov 2020 10:43:50 GMT):
It does not work like that @domwoe
frank-bee (Wed, 11 Nov 2020 10:45:47 GMT):
```
➜ business-partner-agent git:(fixContext) ✗ docker-compose -f ./scripts/docker-compose.yml up
WARNING: The ACAPY_ADMIN_URL_API_KEY variable is not set. Defaulting to a blank string.
Building company-agent
ERROR: Cannot locate specified Dockerfile: Dockerfile
```
frank-bee (Wed, 11 Nov 2020 10:46:45 GMT):
maybe you can try it out once and fix that, its not urgent...
I leave it as it is now but change the path in the docu
vi-fu (Fri, 13 Nov 2020 14:17:28 GMT):
I have the internal 500 error. Do somebody have the same problem today?
vi-fu (Fri, 13 Nov 2020 14:17:29 GMT):
Clipboard - 13. November 2020 15:17
vi-fu (Fri, 13 Nov 2020 14:17:32 GMT):
Clipboard - 13. November 2020 15:17
vi-fu (Fri, 13 Nov 2020 14:18:57 GMT):
Resolver not reachable: https://resolver.dev.economyofthings.io/
domwoe (Fri, 13 Nov 2020 15:23:53 GMT):
ah, it's probably because @frank-bee et al are working on the infrastructure today
vi-fu (Fri, 13 Nov 2020 16:29:11 GMT):
ok :)
frank-bee (Mon, 16 Nov 2020 09:03:35 GMT):
hi @vi-fu , morning
frank-bee (Mon, 16 Nov 2020 09:04:22 GMT):
Maybe you where not in the mail... The new infra is up and ready, but the domain is not yet pointing to it
frank-bee (Mon, 16 Nov 2020 09:04:54 GMT):
meanwhile you can reach our stuff via another domain ,
e.g. https://resolver.eot.cardamom.ninja/
vi-fu (Mon, 16 Nov 2020 10:32:39 GMT):
I want to verify a Bank Account --> I have added the Contoso LP to my Business Partner Agents. If I start the bank account verification, I get the following error:
vi-fu (Mon, 16 Nov 2020 10:32:40 GMT):
Clipboard - 16. November 2020 11:32
vi-fu (Mon, 16 Nov 2020 10:33:21 GMT):
Clipboard - 16. November 2020 11:33
vi-fu (Mon, 16 Nov 2020 10:34:00 GMT):
Before submit i got the following notice: "The connection with your Business Partner is marked as request. This could mean that your request will fail. Do you want to try anyways?"
frank-bee (Mon, 16 Nov 2020 10:38:32 GMT):
@etschelp @domwoe , do we have to redeploy the bank?
frank-bee (Mon, 16 Nov 2020 10:39:32 GMT):
it probably needs the uniresolver currently only on https://resolver.eot.cardamom.ninja/
domwoe (Mon, 16 Nov 2020 10:42:04 GMT):
jepp
frank-bee (Mon, 16 Nov 2020 10:43:20 GMT):
ok, so either someone does this or we have to wait until the domain is working again
frank-bee (Mon, 16 Nov 2020 10:43:29 GMT):
I have no access to the bank agent
domwoe (Mon, 16 Nov 2020 11:04:34 GMT):
@etschelp Is there an easy fix to this? The Agency UI does not allow to change the resolver
domwoe (Mon, 16 Nov 2020 11:05:54 GMT):
the dependency on the uni resolver really sucks
etschelp (Mon, 16 Nov 2020 11:40:38 GMT):
i have set it in the bpa.
etschelp (Thu, 26 Nov 2020 14:40:23 GMT):
I have pushed my current state to the custom documents branch. One of the biggest changes is that the only place where there is a credential type is when creating documents. There are only two types ORGANIZATIONAL_PROFILE_CREDENTIAL and SCHEMA_BASED. e.g. post a new document:
{
"type": "SCHEMA_BASED",
"schemaId": "M6Mbe3qx7vB4wpZF4sBRjt:2:bank_account:1.0",
"isPublic": true,
"label": "Foo",
"document": {"iban": "FR7630006000011234567890189", "bic":"AGRIFRPP"}
}
I also added validation that checks the document against the schema, also schema based documents always need to have a schema id. Instead of a type I added a typeLabel field to the response so that you already have a human readable type in the UI.
{
"id": "b82acc4a-aaef-4f09-a880-431d02ae8ed9",
"createdDate": 1606400408197,
"updatedDate": 1606400408197,
"type": "SCHEMA_BASED",
"typeLabel": "Bank Account",
"schemaId": "M6Mbe3qx7vB4wpZF4sBRjt:2:bank_account:1.0",
"isPublic": true,
"label": "Foo",
"documentData": {
"bic": "AGRIFRPP",
"iban": "FR7630006000011234567890189"
}
}
etschelp (Thu, 26 Nov 2020 14:40:23 GMT):
I have pushed my current state to the custom documents branch. One of the biggest changes is that the only place where there is a credential type is when dealing with documents. There are only two types now ORGANIZATIONAL_PROFILE_CREDENTIAL and SCHEMA_BASED. e.g. post a new document based on a bank account schema:
{
"type": "SCHEMA_BASED",
"schemaId": "M6Mbe3qx7vB4wpZF4sBRjt:2:bank_account:1.0",
"isPublic": true,
"label": "Foo",
"document": {"iban": "FR7630006000011234567890189", "bic":"AGRIFRPP"}
}
I also added validation that checks the document data against the schema attributes on the ledger, so it is not possible to send attributes that do not belong to a schema. Also schema based documents always need to have a schema id set. Instead of a type I added a typeLabel field to the response so that you already have a human readable type in the UI.
{
"id": "b82acc4a-aaef-4f09-a880-431d02ae8ed9",
"createdDate": 1606400408197,
"updatedDate": 1606400408197,
"type": "SCHEMA_BASED",
"typeLabel": "Bank Account",
"schemaId": "M6Mbe3qx7vB4wpZF4sBRjt:2:bank_account:1.0",
"isPublic": true,
"label": "Foo",
"documentData": {
"bic": "AGRIFRPP",
"iban": "FR7630006000011234567890189"
}
}
etschelp (Thu, 26 Nov 2020 14:53:10 GMT):
The next step would be that I also add the typeLabel to credentials. With a default to the schemaName when no matching schema was found locally. Also I noticed that the uniresolver now returns a did document in a different format ,so public profile validation is currently broken, but I fixed the verification method in the public profile.
etschelp (Thu, 26 Nov 2020 14:53:50 GMT):
The next biggest change is that the rest api now uses schemaId instead of credential type, e.g. when filtering partners that can issue a credential.
marc0olo (Wed, 02 Dec 2020 22:05:22 GMT):
Has joined the channel.
thearhaam (Fri, 04 Dec 2020 21:58:52 GMT):
Has joined the channel.
domwoe (Fri, 11 Dec 2020 14:36:16 GMT):
@etschelp @vi-fu I've an issue with the typeLabel for VCs. I'm not totally sure if this is an issue because I'v legacy data in my BPA, but I've VCs with schemaId 8faozNpSjFfPJXYtgcPtmJ:2:commercialregister:1.2 and I've registered that schema with label "Credential Registry Entry" but the typeLabel is set to "commercialregister". Unfortunately I can't issue a new commercial registry entry at the moment because Open Corporates API blocks us currently...
etschelp (Fri, 11 Dec 2020 14:39:22 GMT):
currently the following schema id is configured for the commercial register: 3gLVpb3i5jzvZqWYyesSB3:2:commercialregister:1.2. if the schema is not configured the fallback is to use the schema name.
etschelp (Fri, 11 Dec 2020 14:40:31 GMT):
you can always register a new schema in the settings
domwoe (Fri, 11 Dec 2020 14:46:16 GMT):
As written, I've registered it in the settings. But the schema and the VCs already existed in the database before I switched to the custom documents branch. So I guess the issue is related to this.
etschelp (Fri, 11 Dec 2020 15:22:27 GMT):
this generated on the fly. are you sure that the ids match
domwoe (Fri, 11 Dec 2020 16:38:24 GMT):
you're right, they don't :innocent:
etschelp (Mon, 14 Dec 2020 14:54:03 GMT):
Screen Shot 2020-12-14 at 15.53.44.png
etschelp (Mon, 14 Dec 2020 14:55:25 GMT):
I upgraded alice and bob to the latest version, seems we now have a issue with the partners name. My guess is that it was set previously via the legal name of the org profile?
etschelp (Mon, 14 Dec 2020 14:55:25 GMT):
I upgraded alice and bob to the latest version, seems we now have a issue with the name of the partner. My guess is that it was set previously via the legal name of the org profile?
domwoe (Mon, 14 Dec 2020 15:08:27 GMT):
@vi-fu ? https://github.com/hyperledger-labs/business-partner-agent/commit/57aac85716e469d943a8be9f6f63af5fe1414cad#diff-6cd00acbb70e4c0e703b585f5868a15c1207d731a9558327a62c38d112390534
domwoe (Mon, 14 Dec 2020 15:12:54 GMT):
initially the logic was as follows:
```
export const getPartnerName = (partner) => {
if (typeof partner !== "object") {
return "";
} else if ({}.hasOwnProperty.call(partner, "alias")) {
return partner.alias;
} else if (
{}.hasOwnProperty.call(partner, "profile") &&
partner.profile !== null &&
{}.hasOwnProperty.call(partner.profile, "legalName")
) {
return partner.profile.legalName;
} else {
return partner.id;
}
};
```
vi-fu (Mon, 14 Dec 2020 16:13:10 GMT):
need to check
ianco (Thu, 04 Feb 2021 18:50:14 GMT):
Has joined the channel.
ianco (Thu, 04 Feb 2021 19:54:09 GMT):
Hi folks, I've just built & started up the business partner demo on my local as per the docker compose steps (https://github.com/hyperledger-labs/business-partner-agent/tree/master/scripts) and I was wondering if there were any other docs about setting up multiple business partner agents and connecting them? I'm not sure what is the next step once I have a business partner agent running?
ianco (Thu, 04 Feb 2021 20:48:02 GMT):
Also I was wondering about the mechanism used to share public documents between business partners? Is it using a shared database, or messaging protocols between agents, or ... ?
domwoe (Fri, 05 Feb 2021 07:43:48 GMT):
Hi @ianco setting up multiple business partners is better done using k8s and the provided helm chart. See https://github.com/hyperledger-labs/business-partner-agent/tree/master/charts/bpa#install-multiple-bpa-instances
domwoe (Fri, 05 Feb 2021 07:43:48 GMT):
Hi @ianco setting up multiple business partners is better done using k8s and the provided helm chart. See https://github.com/hyperledger-labs/business-partner-agent/tree/master/charts/bpa#install-multiple-bpa-instances . If you need help you should ping @frank-bee .
domwoe (Fri, 05 Feb 2021 07:49:18 GMT):
The public profile is just a web resource advertised as a special service endpoint in the the DID doc. Have a look at this example
```
```
domwoe (Fri, 05 Feb 2021 07:49:18 GMT):
The public profile is just a web resource advertised as a special service endpoint in the the DID doc. Have a look at this example
```
{
"@context": "https://www.w3.org/ns/did/v1",
"id": "did:sov:iil:9W3UamsAoNyUbuFy8PLbry",
"verificationMethod": [
{
"type": [
"Ed25519VerificationKey2018"
],
"id": "did:sov:iil:9W3UamsAoNyUbuFy8PLbry#key-1",
"publicKeyBase58": "5dj3y6CboaN3W7oHNzpZzhk4HdJcCJRw97i5LwXDdfLT"
}
],
"authentication": [
{
"type": [
"Ed25519SignatureAuthentication2018"
],
"verificationMethod": "did:sov:iil:9W3UamsAoNyUbuFy8PLbry#key-1"
}
],
"service": [
{
"type": "endpoint",
"serviceEndpoint": "https://orangemax.aries.bosch-digital.de:8080"
},
{
"type": "profile",
"serviceEndpoint": "https://bosch-test.iil.network/profile.jsonld"
}
]
}
```
domwoe (Fri, 05 Feb 2021 07:57:40 GMT):
The most simple Organization Identity Hub. Just one Verifiable Presentation including all public documents/credentials
frank-bee (Fri, 05 Feb 2021 08:32:19 GMT):
@choeppler Regarding docker image , I mailed with @rjones . We will use github docker image registry.
There are already some examples in hyperledger projects.
I will probably switch our build engine from azure devops to to github actions which we anyway use already for some other things.
Not sure if I find time today, but next week this is on my agenda
ianco (Fri, 05 Feb 2021 14:34:19 GMT):
@domwoe thanks for the info!
frank-bee (Fri, 12 Feb 2021 15:22:43 GMT):
@rjones The docker image build is not up and running :-)
https://github.com/hyperledger-labs/business-partner-agent/blob/master/.github/workflows/build.yml#L41-L69
frank-bee (Fri, 12 Feb 2021 15:23:22 GMT):
kindly have a look at it - short review would be nice ( couldn't do this in a PR because I had to test it on the master)
frank-bee (Fri, 12 Feb 2021 15:25:25 GMT):
Feel free to suggest any changes.
One open point would be to have github action / workflow that deletes images after a while . The ones with the name "sha-*" which I build for each commit on the master
frank-bee (Fri, 12 Feb 2021 15:25:25 GMT):
Feel free to suggest any changes.
One open point would be to have a small github action / workflow that deletes images after a while . The ones with the tag "sha-*" which I build for each commit on the master
rjones (Fri, 12 Feb 2021 15:27:35 GMT):
I did suggest some changes while it was in development, but I can try to take a look later today
frank-bee (Mon, 15 Feb 2021 11:53:02 GMT):
Hi @rjones I have seen you suggestions and considered them ( e.g. squashing the commits ... and there was anotherone
frank-bee (Mon, 15 Feb 2021 11:53:02 GMT):
Hi @rjones I have seen your suggestions and considered them ( e.g. squashing the commits ... and there was another one)
frank-bee (Mon, 15 Feb 2021 11:53:53 GMT):
The problem currently is , that the package seems to be not publically available.
Can you set it to public?
frank-bee (Mon, 15 Feb 2021 11:54:37 GMT):
Otherwise docker login is required which is difficult for helm charts, not?
rjones (Mon, 15 Feb 2021 14:48:12 GMT):
@frank-bee they are all public, I think? https://github.com/orgs/hyperledger-labs/packages?visibility=private
frank-bee (Mon, 15 Feb 2021 14:49:39 GMT):
hmm , strange. Somehow it is not possible to do a docker pull without docker login ( which should be the case)
frank-bee (Mon, 15 Feb 2021 14:51:31 GMT):
wait... now it works
frank-bee (Mon, 15 Feb 2021 14:51:58 GMT):
in the morning some colleges ask me why it does not work
frank-bee (Mon, 15 Feb 2021 15:02:16 GMT):
I asked him to try again. Maybe a proxy issue.
frank-bee (Mon, 15 Feb 2021 15:24:20 GMT):
@rjones I think github needs some authentication even for public images
https://github.community/t/docker-pull-from-public-github-package-registry-fail-with-no-basic-auth-credentials-error/16358/8
frank-bee (Mon, 15 Feb 2021 15:25:58 GMT):
Can we used docker hub ?
frank-bee (Mon, 15 Feb 2021 15:25:58 GMT):
Can we use docker hub ?
frank-bee (Mon, 15 Feb 2021 15:41:41 GMT):
Another option seems to be:
> Basically, ghcr.io 16 does have public access but needs to be enabled per-image from the https://github.com/user?tab=packages 38 settings page.
(https://github.community/t/docker-pull-from-public-github-package-registry-fail-with-no-basic-auth-credentials-error/16358/81)
frank-bee (Mon, 15 Feb 2021 16:27:13 GMT):
I already tried to push some dummy image to https://github.com/orgs/hyperledger-labs/packages/container/package/business-partner-agent
frank-bee (Mon, 15 Feb 2021 16:29:04 GMT):
will switch the pipeline tomorrow to use this registry , pushing to ghcr.io/hyperledger-labs/business-partner-agent
rjones (Mon, 15 Feb 2021 16:48:32 GMT):
right, I enabled public access to those images sometime in the last few days. The audit log doesn't show exactly when.
rjones (Mon, 15 Feb 2021 16:48:41 GMT):
please don't use docker hub, it makes life harder
frank-bee (Tue, 16 Feb 2021 10:39:47 GMT):
@rjones
this is now the package I use in the latest pipeline
https://github.com/orgs/hyperledger-labs/packages/container/package/business-partner-agent
I works without auth, e.g. docker pull `ghcr.io/hyperledger-labs/business-partner-agent:sha-080ac78a`
frank-bee (Tue, 16 Feb 2021 10:39:47 GMT):
@rjones
this is now the package I use in the latest pipeline
https://github.com/orgs/hyperledger-labs/packages/container/package/business-partner-agent
I works without auth, e.g. `docker pull ghcr.io/hyperledger-labs/business-partner-agent:sha-080ac78a`
frank-bee (Tue, 16 Feb 2021 10:41:59 GMT):
could you please delete the other 2 packages?
- the [legacy one](https://github.com/hyperledger-labs/business-partner-agent/packages/616681)
- the [one with another name which I tried](https://github.com/orgs/hyperledger-labs/packages/container/package/business-partner-agent%2Fbusiness-partner-agent)
frank-bee (Tue, 16 Feb 2021 10:42:36 GMT):
thanks in advance and sorry for the circumstances
rjones (Tue, 16 Feb 2021 17:31:06 GMT):
I don't think you can delete a package once it is published, but I'll try.
rjones (Tue, 16 Feb 2021 17:35:36 GMT):
I deleted the one I can delete. The docker thing I cannot delete.
frank-bee (Wed, 17 Feb 2021 09:49:54 GMT):
ok Thanks
I have opened a ticket at github asking them to delete it. But it's not so important.
usingetechnology (Wed, 17 Feb 2021 21:21:10 GMT):
Has joined the channel.
usingetechnology (Wed, 17 Feb 2021 21:21:11 GMT):
hi all, I had a GitHub issue about the universal resolver, thanks for the response, now pointing at `http://resolver.dev.economyofthings.io`. the did resolves, but the "bank" doesn't new error is: ```bpa_1 | 21:05:45.593 [io-executor-thread-10] ERROR URClient - Call to partner web endpoint failed - msg: Failed to connect to contoso.iil.network/192.168.4.1:443
bpa_1 | 21:06:06.850 [io-executor-thread-12] WARN URClient - Could not resolve public profile: 402,```
usingetechnology (Thu, 18 Feb 2021 18:58:27 GMT):
I've tried using the resolver (reverted back to stage, but tried again with dev), and the cannot add the bank partner specified in the demo ```{"message":"Call to partner web endpoint failed - msg: Failed to connect to bank.stage.economyofthings.io/192.168.4.1:443"}```
frank-bee (Fri, 19 Feb 2021 10:47:12 GMT):
@usingetechnology find our comments in the [github issue](https://github.com/hyperledger-labs/business-partner-agent/issues/326)
usingetechnology (Fri, 19 Feb 2021 17:13:37 GMT):
@frnk
usingetechnology (Fri, 19 Feb 2021 17:14:11 GMT):
@frank-bee thanks. I just stood up my agents, but get the same message trying to connect to the bank.
etschelp (Mon, 22 Feb 2021 08:29:34 GMT):
This happens when the controller tries to access the following URL: https://bank.stage.economyofthings.io/profile.jsonld. Whats strange is that bank resolves to a non routable ip address.
etschelp (Mon, 22 Feb 2021 08:29:34 GMT):
This happens when the controller tries to access the following URL: https://bank.stage.economyofthings.io/profile.jsonld. Whats strange is that bank resolves to a non routable ip address, so my first guess would be an DNS issue, because bank should resolve to something like:
`Non-authoritative answer:
bank.stage.economyofthings.io canonical name = eot-infra-cluster.westeurope.cloudapp.azure.com.
Name: eot-infra-cluster.westeurope.cloudapp.azure.com
Address: 20.71.3.142`
ianco (Thu, 25 Feb 2021 18:40:08 GMT):
I managed to get 2 business partner agents running locally, with a local universal resolver (pointing to the BC Gov bcovrin ledger), scripts and configs are on this PR: https://github.com/hyperledger-labs/business-partner-agent/pull/333
ianco (Thu, 25 Feb 2021 18:40:22 GMT):
Curious about how to setup schemas and so forth ...
ianco (Thu, 25 Feb 2021 18:41:14 GMT):
For example this demo scenario is relying on a previously setup "bank" with some kind of "account schema": https://github.com/hyperledger-labs/business-partner-agent/blob/master/demo.md
ianco (Thu, 25 Feb 2021 18:41:29 GMT):
What are the steps to setup new schemas for a BPA?
usingetechnology (Thu, 25 Feb 2021 19:57:01 GMT):
how do we change the business partner application to use a different schema id? I tried editing the application.yml file, but I cannot build the docker image. is there a way to do it with the existing docker image?
usingetechnology (Thu, 25 Feb 2021 19:57:10 GMT):
the error I get is ```[ERROR] Failed to execute goal org.apache.maven.plugins:maven-dependency-plugin:3.1.2:go-offline (default-cli) on project business-partner-agent: org.eclipse.aether.resolution.DependencyResolutionException: Could not find artifact org.hyperledger:aries-client-python:jar:0.5.1-SNAPSHOT -> [Help 1]```
etschelp (Fri, 26 Feb 2021 16:40:56 GMT):
The easiest way to add schemas is to do this over the UI. You can add them under Settings/Schema Settings. Concerning the error, that one should not prevent the image from building. Is there more in the logs? But whats probably easier is to use the images we have available on GitHub and directly set -> image: ghcr.io/hyperledger-labs/business-partner-agent:edge in the compose file.
etschelp (Fri, 26 Feb 2021 16:50:32 GMT):
The second way to add schemas is to bootstrap them via property overwrites. So you could add them as JAVA_OPTS like this:
`-Dbpa.schemas.myschema1.id=Schema id like it is on the ledger
-Dbpa.schemas.myschema1.label=UI label
-Dbpa.schemas.myschema1.defaultAttributeName=Default values that should be displayed toplevel in the UI. e.g if your schema has a attribute foo then you could set foo here`
etschelp (Fri, 26 Feb 2021 16:50:32 GMT):
The second way to add schemas is to bootstrap them via property overwrites. So you could add them as JAVA_OPTS like this:
-Dbpa.schemas.myschema1.id=Schema id like it is on the ledger
-Dbpa.schemas.myschema1.label=UI label
-Dbpa.schemas.myschema1.defaultAttributeName=Default values that should be displayed toplevel in the UI. e.g if your schema has a attribute foo then you could set foo here
usingetechnology (Fri, 26 Feb 2021 17:45:50 GMT):
@etschelp thanks for the tips. I was able to get the schemas I wanted into my running app (through the UI), I do like the JAVA_OPTS, easier to document for other devs. I was using the ghcr...edge image, but that doesn't take into account changes I make to local code, so I needed to build an image with my local code. The error didn't seem to prevent the image from running. But is concerning that building the docker image didn't work (100%) for me. Is there a better way to integrate changes from my local code to the compose file?
usingetechnology (Fri, 26 Feb 2021 21:16:35 GMT):
I could not use the JAVA_OPTS to override the bank-account or credentialregistry ids, and I also tried adding new ones in as suggested, but slightly different failure.
usingetechnology (Fri, 26 Feb 2021 21:17:32 GMT):
Using `-Dbpa.schemas.bank-account.id=myschemaid` get this: `Error: Unable to access jarfile Account`
usingetechnology (Fri, 26 Feb 2021 21:18:21 GMT):
Using `-Dbpa.schemas.mynewschema.id=mynewschemaid` get this: ```bpa-2_1 | Error: Could not find or load main class Account
bpa-2_1 | Caused by: java.lang.ClassNotFoundException: Account```
usingetechnology (Fri, 26 Feb 2021 21:19:13 GMT):
So I've had to rebuild locally to change the bank-account schema id - I am using an env var to set it. ``` schemas:
#test ledger schemas, can be overwritten / extended when e.g. working with other ledger
bank-account:
id: ${BPA_SCHEMA_BANK_ID}
label: "Bank Account"
defaultAttributeName: "iban"
```
etschelp (Mon, 01 Mar 2021 14:17:31 GMT):
you could try building the jar without docker and then building the container from it afterwards. so on the cli this would be:
cd backend
mvn clean package -Pbuild-frontend
mvn docker:build
After that you would switch the image in the .env file:
BPA_DOCKER_IMAGE=bds/business-partner-agent:latest
Generally the failure you mentioned earlier should not break the docker build. But hopefully the root cause can be spotted better like that.
etschelp (Mon, 01 Mar 2021 15:30:15 GMT):
The first one happens if there is a space somewhere in the property like "Bank Account". Unfortunately docker-compose behaves strangely here so escaping the yaml way does not work. The only workaround is to write "Bank_Account" or "Bank-Account" instead.
I can not reproduce the second error, but it seems related to the first one.
Adding a new env var is a workaround for the bank account schema. If you want to set different schemas -D java opts are more flexible.
Jsyro (Mon, 01 Mar 2021 22:15:55 GMT):
Has joined the channel.
Jsyro (Mon, 01 Mar 2021 22:19:37 GMT):
Hello, I'm working with @usingetechnology on a neighbouring issue.
When establishing a connection two agent register their did’s on the ledger, and BPA1 gets BPA2’s public did out of band and tries to initialize a connection. That connection invitation has a my_did and their_did, neither of which are the public DID (they are private to that one connection)
BPA1 saves a controller level entry in postgres that has the target’s public DID because it’s coded to do that (i think).
However BPA2 only has the connection invitation to work from, and saves the connections private DID in the same way that BPA1 saved the public DID.
so the Initiator (BPA1) properly holds the targets public did, but the responder incorrectly saves the connection their_did as the public DID , which appears to be causing some issues.
Is this a known issue, is there something that would help find the Public DID of the initiator as the responder?
etschelp (Tue, 02 Mar 2021 09:37:10 GMT):
Hey. Yes this is a known "issue". The initiating controller knows the public did of the other agent through the rest call and can store this information. On the aca-py level the connection is based on (private) peer did's only. We also asked on the aca-py channel if it is possible to display public did's in the agents connection information, and it will be implemented sometime in the future.
Currently we implemented two workarounds in the controller:
1. You can set the did in aca-py's label e.g. --label did:sov:xxx:123:MyLabel Then this information becomes theirLabel in the connection event and the receiving controller can use this information to resolve the public profile of the initiating agent.
2. We have a special credential type called commercial register that has a did attribute which we will then use to resolve the partners public profile. This is something the initiating controller would do. Meaning after establishing the connection it would send a commercial register presentation. This is currently not automated so one has to do this via the UI.
ianco (Tue, 02 Mar 2021 18:15:43 GMT):
I like option 2. Option 1 seems like a bit of a hack to me.
domwoe (Tue, 02 Mar 2021 19:21:21 GMT):
There's a long standing issue about this https://github.com/hyperledger/aries-cloudagent-python/issues/358 which got a bit off
c2bo (Wed, 03 Mar 2021 18:01:06 GMT):
Has joined the channel.
Jsyro (Fri, 05 Mar 2021 21:33:22 GMT):
Hello again, thanks for the support getting this up and running. Have you been able to setup remote debugging inside the docker container?
I've added the following java_opt (and exposed the port) to the docker-compose and have been trying to remote connect with jdb `$ jdb -attach localhost:1044` or VSCode's `Debugger for Java` extension. (launch.json config)
```
"configurations": [
{
"type": "java",
"name": "Attach to Remote Program",
"request": "attach",
"hostName": "localhost",
"port": 1044
}
]
```
The option appears to be recognised properly as the application is waiting for the debugger to attach
```bpa1_1 | Listening for transport dt_socket at address: 1044```
but I haven't had success yet.
I'm wondering if you guys have. Thanks so much!
Jsyro (Fri, 05 Mar 2021 21:33:22 GMT):
Hello again, thanks for the support getting this up and running. Have you been able to setup remote debugging inside the docker container?
I've added the following java_opt (and exposed the port) to the docker-compose and have been trying to remote connect with jdb `$ jdb -attach localhost:1044` or VSCode's 'Debugger for Java' extension. (launch.json config)
```
"configurations": [
{
"type": "java",
"name": "Attach to Remote Program",
"request": "attach",
"hostName": "localhost",
"port": 1044
}
]
```
The option appears to be recognised properly as the application is waiting for the debugger to attach
```bpa1_1 | Listening for transport dt_socket at address: 1044```
but I haven't had success yet.
I'm wondering if you guys have. Thanks so much!
etschelp (Mon, 08 Mar 2021 10:25:46 GMT):
I got it to work with the following three steps:
in docker-compose.yml add the following to java_opts:
-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:1044
ports:
- 1044:1044
Then run
jdb -sourcepath ./src/main/java -attach 1044
Have you set address=*:1044? As this is for Java version > 9. Just setting the port works, but you wont be able to connect.
Jsyro (Mon, 08 Mar 2021 19:40:34 GMT):
This worked perfectly! Thanks.
Jsyro (Tue, 30 Mar 2021 00:22:56 GMT):
I've got the helm templates generating the acapy wallet seed as a secret and having that consumed as an environment variable, it also auto registers it self on the indy ledger on first startup. Do you have interest in that behaviour?
domwoe (Tue, 30 Mar 2021 06:08:27 GMT):
That sounds awesome. I bet. @frank-bee what do you think?
frank-bee (Tue, 30 Mar 2021 10:16:25 GMT):
Sounds great! Can you open a PR @Jsyro ?
On Thursday in out next session we can anyway talk about how to enable you.
We can make you guys maintainers? Plus maybe adding a rule for PRs that e.g. 1 reviewer is required other than the one that opened the PR?
rjones (Tue, 30 Mar 2021 13:59:47 GMT):
Has left the channel.
matthewhall78 (Tue, 30 Mar 2021 22:19:28 GMT):
Has joined the channel.
matthewhall78 (Tue, 30 Mar 2021 22:19:28 GMT):
It was great to watch those helm charts in action today. Seeing a new BPA start up in ~20seconds during a live demo was very cool.
frank-bee (Thu, 01 Apr 2021 11:33:57 GMT):
what came to my mind:
would be great to generate the password for the BPA login as well, same way.
I just have to check if that also works with GitOps (we use Flux 2 here for our demo deployments)
frank-bee (Thu, 01 Apr 2021 11:42:50 GMT):
I think the Gitops way would be something like this:
1) generate the secrets with a commandline tool or so (seed, password)
2) encrypt secrets with commandline tool, e.g. SOPS
3) check in the encrypted secretes in git
4) reference the secrets in the helm release or in the templates
Registering the agent on the ledger on first start would be anyway great.
MatthiasBinzer (Wed, 07 Apr 2021 14:35:34 GMT):
Has joined the channel.
Jsyro (Wed, 07 Apr 2021 14:35:45 GMT):
That sounds great my only hesitation is that a secret with the seed is created and it works great.
.
However when `helm uninstall` is run. The PVC is left behind on purpose, but the secret is destroyed. If `helm install` is run again, a new seed is generated, but the wallet has the original seed. Which causes the app to crash on startup
.
Do you have an idea of resolving this? Can you configure the helm charts to NOT uninstall a certain item?
usingetechnology (Wed, 07 Apr 2021 22:48:09 GMT):
Hi, we discussed updating Aries cloud agent wrapper(https://github.com/boschresearch/aries-acapy-clients/tree/main/java), then integrating that updated library into BPA before we begin adding new features. Some changes are already happening, with the addition of multi-tenancy and `/present-proof/records/{pres_ex_id}/credentials` endpoint. I guess the first thing to decide is what version of ace-py will be run and what this library will be wrapping. I don't know all the changes that have happened between 5.6 and 6 (hopefully none of the requests and/or responses have changed, just new calls and functionality added). From what I can see documented as implemented, I have listed out the act-py 6.0 api calls that are not implemented in the wrapper. I think we can prioritize them fairly easily, and focus on any deal with connections, credentials, proofs and schemas. I suppose we can stay with issue-credential 1.0 for now unless advised to migrate to 2.0?
usingetechnology (Wed, 07 Apr 2021 22:48:20 GMT):
### action-menu
```
POST /action-menu/{conn_id}/close
POST /action-menu/{conn_id}/fetch
POST /action-menu/{conn_id}/perform
POST /action-menu/{conn_id}/request
POST /action-menu/{conn_id}/send-menu
```
### connection
```
POST /connections/create-static
GET /connections/{conn_id}
POST /connections/{conn_id}/accept-invitation
POST /connections/{conn_id}/accept-request
GET /connections/{conn_id}/endpoints
POST /connections/{conn_id}/establish-inbound/{ref_id}
GET /connections/{conn_id}/metadata
POST /connections/{conn_id}/metadata
```
### credentials
```
GET /credential/mime-types/{credential_id}
```
### did-exchange
```
POST /didexchange/create-request
POST /didexchange/receive-request
POST /didexchange/{conn_id}/accept-invitation
POST /didexchange/{conn_id}/accept-request
```
### introduction
```
POST /connections/{conn_id}/start-introduction
```
### issue-credential v1.0
```
POST /issue-credential/create
GET /issue-credential/records/{cred_ex_id}
POST /issue-credential/records/{cred_ex_id}/issue
POST /issue-credential/records/{cred_ex_id}/problem-report
POST /issue-credential/records/{cred_ex_id}/send-offer
POST /issue-credential/records/{cred_ex_id}/send-request
POST /issue-credential/send-offer
```
### issue-credential v2.0
All need to be implemented
### ledger
```
GET /ledger/get-nym-role
POST /ledger/register-nym
PATCH /ledger/rotate-public-did-keypair
```
### mediation
All need to be implemented
### out-of-band
```
POST /out-of-band/create-invitation
POST /out-of-band/receive-invitation
```
### present-proof
```
POST /present-proof/records/{pres_ex_id}/problem-report
POST /present-proof/records/{pres_ex_id}/send-request
POST /present-proof/records/{pres_ex_id}/verify-presentation
```
### schema
```
GET /schemas/created
```
### server
```
GET /features
GET /plugins
GET /shutdown
GET /status
POST /status/reset
```
### wallet
```
PATCH /wallet/did/local/rotate-keypair
POST /wallet/did/public
```
domwoe (Thu, 08 Apr 2021 07:01:20 GMT):
Do you need all those endpoints? I suggest that we only implement the endpoints that are required for the BPA.
domwoe (Thu, 08 Apr 2021 07:01:20 GMT):
Do you need all those endpoints? I suggest that we only implement the endpoints that are required for the BPA and add them as required by our user stories
domwoe (Thu, 08 Apr 2021 11:54:18 GMT):
Concerning the v2 protocols. I'd actually would like to put this on the roadmap because I think JSON-
domwoe (Thu, 08 Apr 2021 11:54:18 GMT):
Concerning the v2 protocols. I'd actually think this would be worth putting on the roadmap because I think JSON-LD Credentials are very useful in B2B settings. Also I think it would be useful to be able to "request a document", i.e. self-attested data following a specific schema. I think https://identity.foundation/presentation-exchange which can be used with the v2 protocols would better fit this use case in comparison to in the indy proof request format
usingetechnology (Thu, 08 Apr 2021 16:16:03 GMT):
no, we don't need all the apis implemented yet, certainly all the credential and issue-credentials. and present-proofs are top priority. i think it would be worthwhile for all the methods to be implemented so that there is a java interface for other developers (not just in the bpa app)
matthewhall78 (Thu, 08 Apr 2021 23:36:42 GMT):
The BCGOV has updated the issue list in the BPA repo with the items that we are already working on and updated our Use Case Roadmap with links to those issues: https://miro.com/app/board/o9J_lfQFP90=/?moveToWidget=3074457354350535618&cot=14
matthewhall78 (Thu, 08 Apr 2021 23:36:42 GMT):
The BCGOV Digital Trust team has updated the issue list in the BPA repo with the items that we are already working on and updated our Use Case Roadmap with links to those issues: https://miro.com/app/board/o9J_lfQFP90=/?moveToWidget=3074457354350535618&cot=14
Jsyro (Thu, 08 Apr 2021 23:43:43 GMT):
Tomorrow I have some local development changes that I hope to migrate into the repo (local deployment of ledger, resolver, and 2 BPA's).
Then i'm planning on diving into the selecting attributes on proof request, which aligns with issue 12.
usingetechnology (Fri, 09 Apr 2021 00:39:55 GMT):
I am going to port over creating a schema and Cred Def.
etschelp (Fri, 09 Apr 2021 15:35:11 GMT):
I have created the endpoints with the highest priority. The long term goal is to switch this manual process to swagger-codegen, but as aca-py's swagger.json is not always up to date this can not be done so easily. I therefore created a ticket in the aca-py repo to collect all discrepancies that i find. When I have the time I will setup codegen and will continue with the endpoints of lower priority while collecting issues in the ticket. I hope there will be some help from the community, because this is more work than one can handle alone. On Monday I will merge my changes to the client and then start the BPA upgrade.
usingetechnology (Mon, 12 Apr 2021 00:41:04 GMT):
quick update before you start your week. we've put in a few small pull requests, no significant functionality changes except I put in a PR that allows editing the DID of a business partner in the application. This is expected to be removed when we can sort out a proper way to have both sides of the partner connection work. There is another PR that is only in our fork for my local development, if you want it, I can make a PR into the hyperledger repo. https://github.com/bcgov/b2b-credential-manager/pull/6
usingetechnology (Tue, 13 Apr 2021 00:26:02 GMT):
Looking forward to the meeting tomorrow (morning for BC, afternoon for EU). we've addressed some changes to PRs. I've closed one of mine and added a new one that contains only that feature (the frontend/backend paths). Still not sure about the DID update one, couldn't quite figure out your workarounds, that is something we can touch on tomorrow. I started in on create schema (https://github.com/hyperledger-labs/business-partner-agent/tree/feature/create-schema) that is based on phillip (much appreciated) PR with the updates to the acapy client.
MatthiasBinzer (Tue, 13 Apr 2021 09:04:44 GMT):
Has left the channel.
domwoe (Tue, 13 Apr 2021 13:49:40 GMT):
Hey we would propose the following main points for the meeting today
* Go through the Pull Requests
* Talk about our upcoming shared goal of getting rid of the ACA-Py auto flags and other upcoming stories
usingetechnology (Tue, 13 Apr 2021 14:16:58 GMT):
sounds good. i thought the meeting was at 7, so up and at it.
MichaelSchaefer (Tue, 13 Apr 2021 15:07:54 GMT):
Has joined the channel.
Jsyro (Thu, 15 Apr 2021 21:39:37 GMT):
Hey Team,
We have a demonstration use case that involves issuing 'relationship' credentials to personal wallets. So I've added an issue (https://github.com/hyperledger-labs/business-partner-agent/issues/385) and we will be working on that in parallel with bring a few of our custom features into the HLL repo.
Let us know if you have attempted this otherwise we hope to show this off by the end of the sprint.
Jsyro (Thu, 15 Apr 2021 21:39:37 GMT):
Hey Team,
We have pivoted to fulfilling a demonstration use case that involves issuing 'relationship' credentials to personal wallets. So I've added an issue (https://github.com/hyperledger-labs/business-partner-agent/issues/385) and we will be working on that in parallel with bring a few of our custom features into the HLL repo.
Let us know if you have attempted this otherwise we hope to show this off by the end of the sprint.
matthewhall78 (Fri, 16 Apr 2021 17:14:33 GMT):
The reason we pivoted was because connecting to a personal wallet is being talked about a lot by a number of key stakeholders. So this capability would be very timely to be able to demonstrate soon.
matthewhall78 (Fri, 16 Apr 2021 17:15:34 GMT):
Selective disclosure remain a high priority and we will return to that set up capabilities after we get to a certain point with connecting to personal wallets
Jsyro (Sat, 17 Apr 2021 00:05:47 GMT):
@etschelp and maybe @ianco
I'm working on connecting my phone, with a trinsic wallet to the BPA.
I'm generating a connection-invitation through the bpa's acapy admin api, turning into a QR code, and scanning it in the app (setting the service name to be the url of the ngrok tunnel).
First issue i ran into was this line expecting a 'theirLabel' from the ConnectionRecord? Is this connectionRecord in line with an aca-py artifact or is it custom? https://github.com/boschresearch/aries-acapy-clients/blob/main/java/src/main/java/org/hyperledger/aries/api/connection/ConnectionRecord.java
2nd blocking issue is that there isn't a did resolver on that ledger (http://test.bcovrin.vonx.io), which i am forced to use because the trinsic app has a fixed list of ledgers. I am getting the connection-request from the phone to the BPA, but it's sitting in 'invitation' and won't complete because the BPA can't find a public profile.
It is also assuming that there is going to be a public profile for it to look at. which will not be the case for other aca-py wallet applications, we will need to make that not required for connection.
a) we could make these 'Business Partners' a different data object, that behave differently
b) We could also add some application.yml flag of 'allow_all_acapy_connections' or something like that, that doesn't make the did resolution/public-profile a requirement for connection.
Still investigating and work in non-bpa connection into the handlers, just want to raise this incase there is background knowledger that would help.
Have a great weekend, I'm off Monday, so first thing i'll do is see you guys early Tuesday morning.
usingetechnology (Mon, 19 Apr 2021 00:16:20 GMT):
have started in on issuer code, added in create schema/cred def, currently found under the Settings. When we have a little more issuer functionality, we will move that to specific area of the application (like Partner or Wallet).
domwoe (Mon, 19 Apr 2021 14:02:23 GMT):
Looks really good! Good work on starting to refactor the API services.
etschelp (Mon, 19 Apr 2021 15:57:44 GMT):
I might not totally be getting all these questions, but...
1. There is a field theirLabel on the ConnectionRecord https://github.com/boschresearch/aries-acapy-clients/blob/fc3db20787d09da1c572da6c560643f0e192bfe8/java/src/main/java/org/hyperledger/aries/api/connection/ConnectionRecord.java#L33
Usually I'm creating the invitation like ```aries.connectionsCreateInvitation(
CreateInvitationRequest.builder().recipientKeys(List.of()).build(),
CreateInvitationParams.builder().autoAccept(Boolean.TRUE).build());```
So there is no need to set an additional endpoint, because aca-py already uses the one that was provided as the startup parameter, and i then simply convert the invite url into the qr code.
2. bpa should already be able to open aca-py to aca-py connections (without a public profile) in both directions. especially the incoming side does not care. The only time it does a lookup is if the partners label is a did. If it is then this might be the issue, then the only thing that is needed is an exception handler in the lookup.
matthewhall78 (Tue, 20 Apr 2021 23:01:50 GMT):
Does the Bosch team have a team page that I could refer to when tell other folks in BC Gov who we are working with? I got a few questions, like, "which Bosch? Thee Bosch?". Also do you have a Product Vision document? I got a question, "What is Bosch hoping to achieve with this BPA software?"
frank-bee (Wed, 21 Apr 2021 08:19:51 GMT):
Hi @matthewhall78 , good question
frank-bee (Wed, 21 Apr 2021 08:23:47 GMT):
we started to create a website for BPA. I will get back to Moritz asking how far we are with that.
In general we work in a Bosch Project called "Economy of Things", where SSI / BPA... is one topic but there are others as well like "Decentralized Marketplaces" , and so on.
Will get back to you
frank-bee (Wed, 21 Apr 2021 14:17:32 GMT):
some config in the bpa is strange not.
I was not able to push to a branch from @Jsyro and even not to one created on my own ( feature/helm-agent-secrets )
seems to be protected?
frank-bee (Wed, 21 Apr 2021 14:18:43 GMT):
@rjones could you helm me ones more with this? thanks in advance
rjones (Wed, 21 Apr 2021 14:18:43 GMT):
Has joined the channel.
rjones (Wed, 21 Apr 2021 14:59:18 GMT):
@frank-bee OK I changed it a little
usingetechnology (Wed, 21 Apr 2021 22:05:03 GMT):
quick update, using trinsic and bpa, can connect (agent can connect just fine), and i’ve sent a credential from bpa to trinsic - all good. seems like trinsic either doesn’t fully follow the protocols or is on a different version of aca-py? example. connection is ok on phone, but agent says it is state=received until i send a message from my phone to the agent (which is accepted just fine), after that, agent connection state=active. similarly, when i issue a credential, then trinsic asks me to accept or decline, when i accept, the agent cred exchange stays at credential_issued - it doesn’t get the credential_acked back from the phone. now, some of this could be the wacky networking right now (seeing a lot of unprocessable message errors on the phone), but perhaps not. anyway, progress.
lohan.spies (Wed, 21 Apr 2021 22:29:00 GMT):
Has joined the channel.
Jsyro (Wed, 21 Apr 2021 22:33:09 GMT):
I wasn't able to push any changes to your branch.. it is protected by DCO but i should be statisfying it.
Here is my log of a failed `git push` and a `git log`.
```
remote: Resolving deltas: 100% (5/5), completed with 5 local objects.
remote: error: GH006: Protected branch update failed for refs/heads/feature/helm-agent-secrets.
remote: error: Required status check "DCO" is expected.
To https://github.com/hyperledger-labs/business-partner-agent.git
! [remote rejected] feature/helm-agent-secrets -> feature/helm-agent-secrets (protected branch hook declined)
error: failed to push some refs to 'https://github.com/hyperledger-labs/business-partner-agent.git'
jsyro@jsyro-Latitude-5400:~/src/digitrust/b2b-credential-manager/charts$ git log
commit d621471fa7824b9a4037910e926c299cd766e8c9 (HEAD -> feature/helm-agent-secrets)
Author: Jason Sy
domwoe (Wed, 21 Apr 2021 22:47:48 GMT):
I'm tired after IIW so don't take my word, but this might be because ACA-Py expects a "Ping" after creating a connection to change the state to established. Probably Trinsic does not send a ping and so it stays in "received" until another message is received
usingetechnology (Wed, 21 Apr 2021 22:49:34 GMT):
yes, makes sense. the state was active after i sent a message from phone to agent.
usingetechnology (Wed, 21 Apr 2021 22:50:25 GMT):
the credential not getting acked is strange.
etschelp (Thu, 22 Apr 2021 10:10:22 GMT):
yes. if --auto-ping-connection is not set the connection will not become active.
frank-bee (Thu, 22 Apr 2021 10:33:49 GMT):
@rjones I also get this
Counting objects: 7, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (7/7), 2.07 KiB | 2.07 MiB/s, done.
Total 7 (delta 1), reused 0 (delta 0)
remote: Resolving deltas: 100% (1/1), done.
remote: error: GH006: Protected branch update failed for refs/heads/feature/helm-agent-secrets.
remote: error: Required status check "DCO" is expected.
To github.com:hyperledger-labs/business-partner-agent.git
! [remote rejected] feature/helm-agent-secrets -> feature/helm-agent-secrets (protected branch hook declined)
error: failed to push some refs to 'git@github.com:hyperledger-labs/business-partner-agent.git'
frank-bee (Thu, 22 Apr 2021 10:33:49 GMT):
@rjones I also get this
```
Counting objects: 7, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (7/7), 2.07 KiB | 2.07 MiB/s, done.
Total 7 (delta 1), reused 0 (delta 0)
remote: Resolving deltas: 100% (1/1), done.
remote: error: GH006: Protected branch update failed for refs/heads/feature/helm-agent-secrets.
remote: error: Required status check "DCO" is expected.
To github.com:hyperledger-labs/business-partner-agent.git
! [remote rejected] feature/helm-agent-secrets -> feature/helm-agent-secrets (protected branch hook declined)
error: failed to push some refs to 'git@github.com:hyperledger-labs/business-partner-agent.git'
```
frank-bee (Thu, 22 Apr 2021 10:34:57 GMT):
refs/heads/feature/helm-agent-secrets should not be protected , correct?
frank-bee (Thu, 22 Apr 2021 12:29:50 GMT):
quick update from my sidee..
I pushed the changes from @Jsyro regarding the helm chart : auto seed and url creation .
Added some fixes and will test this now on our test ledger and waiting for @Jsyro feedback
frank-bee (Thu, 22 Apr 2021 12:31:12 GMT):
One thing I realized : Do we always assume the bpa and the acapy is reachable from outside via http*s* only?
This is hard-coded right now I assume:
https://github.com/hyperledger-labs/business-partner-agent/blob/master/charts/bpa/templates/bpa_configmap.yaml#L14
frank-bee (Thu, 22 Apr 2021 12:32:02 GMT):
at least for the acapy
frank-bee (Thu, 22 Apr 2021 12:33:05 GMT):
@etschelp , for the bpa is this figured out at runtime ?
in the config we only give the hostname , no protocol for the public profile
https://github.com/hyperledger-labs/business-partner-agent/blob/master/charts/bpa/templates/bpa_configmap.yaml#L20
frank-bee (Thu, 22 Apr 2021 12:36:11 GMT):
Wait, I found it , can be configured here:
https://github.com/hyperledger-labs/business-partner-agent/blob/master/backend/business-partner-agent/src/main/resources/application.yml#L108
etschelp (Thu, 22 Apr 2021 12:43:34 GMT):
yes it can be configured, but we have to be careful did:web for example implies https
MoritzKa (Thu, 22 Apr 2021 13:40:25 GMT):
Has joined the channel.
MoritzKa (Thu, 22 Apr 2021 13:40:26 GMT):
@matthewhall78 we are about to launch a website. Purchasing processes in big corporates are a bit slow sometimes. Nevertheless I will prepare some documentation for you.
frank-bee (Thu, 22 Apr 2021 13:45:13 GMT):
welcome @MoritzKa
frank-bee (Thu, 22 Apr 2021 13:45:17 GMT):
:-)
MoritzKa (Thu, 22 Apr 2021 13:45:43 GMT):
:woo:
frank-bee (Thu, 22 Apr 2021 13:46:05 GMT):
+ @MoritzKa
rjones (Thu, 22 Apr 2021 14:17:25 GMT):
yes - it is protected for DCO signoff
frank-bee (Thu, 22 Apr 2021 14:21:40 GMT):
ah ok, I thought the DCO signoff check is only running when merging / pushing to the master branch .
This would allow to create feature branches with missing signoffs ( which seems to happen in some situations) and do the signoff when merging the PR
frank-bee (Thu, 22 Apr 2021 14:23:14 GMT):
DCO signoff basically has to be in each commit, right? what about auto-generated merge messages ( maybe we have had one of those in the branch)?
rjones (Thu, 22 Apr 2021 14:27:26 GMT):
each commit - auto merges don't need signoff
frank-bee (Thu, 22 Apr 2021 14:29:06 GMT):
ok, thanks for you help. we'll ensure /observe this
rjones (Thu, 22 Apr 2021 14:29:48 GMT):
sure. it's easier to fork the repo to your account, then you can force-push or whatever, and your PRs will auto-update
frank-bee (Thu, 22 Apr 2021 14:32:12 GMT):
good hint , we'll discuss this with our friends from BCGov . maybe either they can give us access to their private repo or vice versa ( in case we work together on a feature branch)
rjones (Thu, 22 Apr 2021 14:33:40 GMT):
if you fork the public one to your account, you don't need anyone's say so
Jsyro (Thu, 22 Apr 2021 18:08:48 GMT):
The DCO check doesn't not appear to be working for me at all, i branched, made a commit, pushed one commit, success. Make a second commit, can't push because of expected DCO.
No auto-merging, same git client, same settings.
```
remote: Resolving deltas: 100% (2/2), completed with 2 local objects.
remote: error: GH006: Protected branch update failed for refs/heads/fix/from-references-for-ocp4.
remote: error: Required status check "DCO" is expected.
To https://github.com/hyperledger-labs/business-partner-agent.git
! [remote rejected] fix/from-references-for-ocp4 -> fix/from-references-for-ocp4 (protected branch hook declined)
error: failed to push some refs to 'https://github.com/hyperledger-labs/business-partner-agent.git'
jsyro@jsyro-Latitude-5400:~/src/digitrust/b2b-credential-manager$ git log
commit da5a268360fb87a88905a794c8d720da8508c337 (HEAD -> fix/from-references-for-ocp4)
Author: Jason Sy
frank-bee (Fri, 23 Apr 2021 13:38:09 GMT):
@rjones
I faced the same problem today again with this branch ( one I created)
https://github.com/hyperledger-labs/business-partner-agent/compare/feature/fixSeedhandling
frank-bee (Fri, 23 Apr 2021 13:40:08 GMT):
on the branch there are 2 commits , one with proper sign-off and one merge commit ( generated message without sign-off ) .
When I pushed a third commit (with sign-off again ) I had this error message
frank-bee (Fri, 23 Apr 2021 13:40:47 GMT):
feel free to push something to that branch for testing, I do not need it anymore (it is merged)
rjones (Fri, 23 Apr 2021 15:55:24 GMT):
sure, don't push directly to those branches. Use a PR from your home account.
matthewhall78 (Fri, 23 Apr 2021 18:46:45 GMT):
Clipboard - April 23, 2021 11:46 AM
matthewhall78 (Fri, 23 Apr 2021 18:46:47 GMT):
@MoritzKa is this you?
matthewhall78 (Fri, 23 Apr 2021 18:50:10 GMT):
This is a pretty awesome video: https://youtu.be/uaeADiepfXk #likeabosch It would cool to have something like that for the BPA
matthewhall78 (Fri, 23 Apr 2021 19:27:48 GMT):
Clipboard - April 23, 2021 12:27 PM
matthewhall78 (Fri, 23 Apr 2021 19:27:50 GMT):
Also, is your team part of the "Cross-domain Computing Solutions" group?
matthewhall78 (Fri, 23 Apr 2021 19:54:55 GMT):
@MoritzKa is your team's work connected to the Bosch Trac360 work?
https://www.youtube.com/watch?v=ARzzQbZsaxc&ab_channel=BoschEngineering%26BusinessSolutions
MoritzKa (Mon, 26 Apr 2021 12:09:39 GMT):
Wish I could rap like him.
MoritzKa (Mon, 26 Apr 2021 12:15:20 GMT):
our team is part of the corporate research department: https://www.bosch.com/research/blog/economy-of-things/technology/#self-sovereign-identity. But we are in the process of transferring all SSI related projects to Bosch.io (the software department of Bosch)
let me know if I can connect you to "Cross-domain Computing Solutions" and Trac360 .
MoritzKa (Mon, 26 Apr 2021 12:15:20 GMT):
our team is part of the corporate research department: https://www.bosch.com/research/blog/economy-of-things/technology/#self-sovereign-identity. But we are in the process of transferring all SSI related projects to Bosch.io (the software department of Bosch).
Let me know if I can connect you to "Cross-domain Computing Solutions" and Trac360 .
matthewhall78 (Mon, 26 Apr 2021 22:32:15 GMT):
I'd be interested to connect with someone working on tracking supply of goods using verifiable credentials. If Bosch Trac260 is doing that then we should definitely try to collaborate with them.
matthewhall78 (Mon, 26 Apr 2021 22:32:15 GMT):
I'd be interested to connect with someone working on tracking supply of goods using verifiable credentials. If Bosch Trac360 is doing that then we should definitely try to collaborate with them.
usingetechnology (Mon, 26 Apr 2021 23:04:33 GMT):
Have PR for issuing credential. This is kind of a placeholder, as we build out the issuance functions, a lot of the components will be built out to support that. For now, just putting it under Partner and basing the components on existing ones (re-use where possible). I've tracked the issuance in a new table `bpa_credential_exchange`, i know there is a `my_credential` table but that seems to be more about what is actually in the wallet and profile. https://github.com/hyperledger-labs/business-partner-agent/pull/389
Jsyro (Mon, 26 Apr 2021 23:19:10 GMT):
PR up for displaying a QR code to connect personal wallets, use case if only for people that already have access to BPA, there would be an additional feature added to allow users to distribute the invitation (via email) https://github.com/hyperledger-labs/business-partner-agent/pull/399. One outstanding issue related to the aries-client project. I believe the ConnectionRecord class needs to be modified to allow for instances without the 'theirLabel' attribute (class marks it as required, but @ianco mentioned it was optional)
.
Looking for feedback, but i have got it to a state for all the PR checks to pass.
.
See you tomorrow morning!
Jsyro (Mon, 26 Apr 2021 23:19:10 GMT):
PR up for displaying a QR code to connect personal wallets, use case if only for people that already have access to BPA, there would be an additional feature added to allow users to distribute the invitation (via email) https://github.com/hyperledger-labs/business-partner-agent/pull/399. One outstanding issue related to the aries-client project. I believe the ConnectionRecord class needs to be modified to allow for instances without the 'theirLabel' attribute (class marks it as required, but @ianco thinks it should be optional)
.
Looking for feedback, but i have got it to a state for all the PR checks to pass.
.
See you tomorrow morning!
MoritzKa (Tue, 27 Apr 2021 13:36:50 GMT):
I doubt that they are doing that already. We could try to convince them to use VCs. Happy to discuss that on a call.
Jsyro (Tue, 27 Apr 2021 16:01:39 GMT):
let the record show i was incorrect, it's a method that uses the label, not the model itself.
etschelp (Tue, 27 Apr 2021 16:02:59 GMT):
I have a fix for this, I will clean it up and have it ready by tomorrow.
Jsyro (Tue, 27 Apr 2021 16:03:37 GMT):
Thanks @etschelp for helping us get up to speed.
etschelp (Tue, 27 Apr 2021 16:07:50 GMT):
your welcome. its really cool working with you guys. so i'm doing my best to support you wherever i can.
matthewhall78 (Tue, 27 Apr 2021 19:59:42 GMT):
At the this point in the video they mention using blockchain when talking about enterprise systems: https://youtu.be/ARzzQbZsaxc?t=175
matthewhall78 (Tue, 27 Apr 2021 22:06:24 GMT):
This will be important for making sure our schemas are interoperable https://github.com/w3c-ccg/traceability-vocab/
matthewhall78 (Tue, 27 Apr 2021 22:06:55 GMT):
with the accompanying presentation: https://docs.google.com/presentation/d/15Zc1dAcCUklL28AT4QOuFM50AZ-G_Qa_wmOrjQWQMLk/edit?usp=sharing
usingetechnology (Tue, 27 Apr 2021 23:28:09 GMT):
Quick update about the Issue Credential and persistence of Credential Exchange records. We had discussed not duplicating data that is available through aca-py. By default, aca-py (wallet) does not persist credential exchange data once a credential exchange is terminated (the credential is issued), so, if BPA wanted to review the credentials it issued, that needs to be stored in our BPA database. There is no redundancy. We could turn the flags on to store permanantly, or a limited amount of data (which would be useful for revocation), or the default (store nothing). I think we stay with BPA storing the data so we can easily track what was issued etc. The bonus of that is the relationships to Partner and Schema and Cred Def objects, so we don't have to query aca-py, then for each cred ex, lookup the schema, cred def, and partner in the database. I will be making the other changes @etschelp suggested in the PR, but will keep with persistence in the bpa db.
rjones (Tue, 27 Apr 2021 23:28:56 GMT):
Has left the channel.
etschelp (Wed, 28 Apr 2021 14:50:47 GMT):
@Jsyro It took me longer than expected to fix this. I had to merge my changes that I did for the manual connection request first. Then I had to fix the connection handling. There is a new PR: https://github.com/hyperledger-labs/business-partner-agent/pull/402 Its not 100% complete as I want to extend the tests before merging. But from the functional side it should be done, as long as I did not overlook something.
MoritzKa (Fri, 30 Apr 2021 16:55:21 GMT):
I will arrange a call with the colleagues from India and let you know more.
mwklein (Tue, 04 May 2021 21:45:41 GMT):
Has joined the channel.
usingetechnology (Wed, 05 May 2021 01:33:16 GMT):
Still working on PR 409 (https://github.com/hyperledger-labs/business-partner-agent/pull/409). I will put in the schema/cred def management into the Credential Management section, and then I need to use the new components in other parts of the app (Settings, and Partner issue credential).
MoritzKa (Wed, 05 May 2021 07:07:23 GMT):
Trac360 is mainly used by Bosch plants in India right now and are talking with external leads like Siemens about new projects. The mentioned "Blockchain service" is outsourced and used for payment settlement.
Shall I make a connection for you?
Jsyro (Wed, 05 May 2021 23:18:52 GMT):
I've updated the draft PR around proof construction. Still happy to take suggestions if you think i'm heading down the wrong path.
usingetechnology (Thu, 06 May 2021 04:20:56 GMT):
I should finish up my PR tomorrow.
usingetechnology (Thu, 06 May 2021 16:35:20 GMT):
Question about BPA Vue app and the agent DID. The did on the dashboard is `status.did` and status is a reserved word, how is `did` getting put into `status`?
usingetechnology (Fri, 07 May 2021 01:27:48 GMT):
PR 409 (https://github.com/hyperledger-labs/business-partner-agent/pull/409) ready for review. Lots or refactoring and tweaks to the UX. This is not perfect, but we can create other issues and tickets to add finishing touches and bug fixes. Would like to get this merged soon because of all the changes to Vue files.
MoritzKa (Fri, 07 May 2021 15:08:25 GMT):
@matthewhall78 let me know if you want talk to the Trac360 team and what time fits you best.
usingetechnology (Mon, 10 May 2021 16:44:15 GMT):
@etschelp @domwoe - when we commit to the repo, there are a lot of jobs running (pmd, license check, spotbugs) and some external ones (lgtm) - how are you running those locally? do you have anything setup on your local development machines to replicate what happens on push to github?
etschelp (Tue, 11 May 2021 10:37:27 GMT):
Before pushing I usually run ```mvn clean install``` which runs all those checks locally.
Jsyro (Tue, 11 May 2021 14:20:39 GMT):
OIDC Identity Provider that can read VC's to be used as an authentication method https://github.com/bcgov/vc-authn-oidc.
Jsyro (Tue, 11 May 2021 14:20:39 GMT):
OIDC Identity Provider (keycloak) that can read VC's to be used as an authentication method https://github.com/bcgov/vc-authn-oidc.
Jsyro (Tue, 11 May 2021 14:20:39 GMT):
Keycloak (OIDC) Identity Provider that can read VC's to be used as an authentication method https://github.com/bcgov/vc-authn-oidc.
usingetechnology (Tue, 11 May 2021 14:56:44 GMT):
thanks.
matthewhall78 (Mon, 17 May 2021 19:16:08 GMT):
Does anyone at Bosch know if this project (https://www.bundesregierung.de/breg-de/aktuelles/hotel-check-in-kuenftig-per-id-wallet-moeglich-1914612) was done using the BPA?
domwoe (Tue, 18 May 2021 06:02:59 GMT):
We are participating in this project as an employer issuing corporate IDs to employees. We currently don't use the BPA since currently only issuer capabilities to personal wallets are used and we needed a self-service for employees with Azure AD integration. However, it's a service built of the same pieces (ACA-Py, Java Client, Micronaut, Vue).
frank-bee (Fri, 21 May 2021 09:00:06 GMT):
hi everyone,
Ry would be so nice to create repos for us if we want to have the helm charts for BPA and Acapy seperately , see also
https://github.com/hyperledger-labs/business-partner-agent/issues/397
frank-bee (Fri, 21 May 2021 09:00:24 GMT):
I think this makes sense , what do you think?
frank-bee (Fri, 21 May 2021 09:00:39 GMT):
Proposals for the names of those 2 helm chart repos?
frank-bee (Fri, 21 May 2021 09:25:09 GMT):
what about
- business-partner-agent-chart
- business-partner-agent-acapy-chart
Jsyro (Fri, 28 May 2021 23:30:09 GMT):
After many of edits, PR 407 is ready for review. I was never able to find a way of writing tests I was happy with and I think we should look into build better testing infrastructures around factories so object creation is as easy as possible.
https://github.com/hyperledger-labs/business-partner-agent/pull/407
frank-bee (Mon, 31 May 2021 13:02:24 GMT):
The new bpa helm repo is up and running
https://github.com/hyperledger-labs/business-partner-agent-chart/tree/main
Let's soon remove the old one ( as soon as @usingetechnology 's PR is merged - ideally directly in the new repo)
@rjones could you please make the `main` branch the default branch?
Also for the other repo : https://github.com/hyperledger-labs/business-partner-agent-acapy-chart
frank-bee (Mon, 31 May 2021 13:02:24 GMT):
The new bpa helm repo is up and running
https://github.com/hyperledger-labs/business-partner-agent-chart/tree/main
Let's soon remove the old one ( as soon as @usingetechnology 's PR is merged - ideally directly in the new repo)
@rjones could you please make the `main` branch the default branch?
frank-bee (Mon, 31 May 2021 13:02:24 GMT):
The new bpa helm repo is up and running
https://github.com/hyperledger-labs/business-partner-agent-chart/tree/main
Let's soon removed the old one ( as soon as @usingetechnology 's PR is merged - ideally directly in the new repo)
@rjones could you please make the `main` branch the default branch?
rjones (Mon, 31 May 2021 13:02:24 GMT):
Has joined the channel.
frank-bee (Mon, 31 May 2021 13:19:11 GMT):
Also for the other repo : https://github.com/hyperledger-labs/business-partner-agent-acapy-chart
frank-bee (Mon, 31 May 2021 15:40:16 GMT):
one more question @rjones : is there a way that we can track the issues related to the new chart repository ( the bpa one) in our main bpa project ?
frank-bee (Mon, 31 May 2021 15:40:16 GMT):
one more question @rjones : is there a suitable way that we can track the issues related to the new chart repository ( the bpa one) in our main bpa project ?
frank-bee (Mon, 31 May 2021 15:46:56 GMT):
we can reference another repo at least by including the repository before the name like kneath/example-project#42
but seeing the issues of the other (helm) repo in our backlog / project would be better
rjones (Tue, 01 Jun 2021 00:06:11 GMT):
You can reference other issues directly, you don't need any permissions
rjones (Tue, 01 Jun 2021 00:08:10 GMT):
You could have done it on your own, without my intervention, but I've done it.
frank-bee (Tue, 01 Jun 2021 08:57:28 GMT):
thanks @rjones !
Unfortunately I have not enough rights to change default branches .
The `branches` menu does not appear for me under settings .
frank-bee (Tue, 01 Jun 2021 08:59:52 GMT):
I have had a talk with our PO @MoritzKa today about versioning of the bpa releases ( helm chart ).
We should find some kind of release process and agree on some versioning , maybe tonight.
frank-bee (Tue, 01 Jun 2021 09:05:38 GMT):
Proposal:
- we have to used semantic versioning for charts anyway
- we could use minor changes for "releases") the time being : 0.1, 0.2,.... (because we are still are in a general alpha environment where e.g. APIs change)
- for untested releases we could e.g. add `-alpha.XX`
frank-bee (Tue, 01 Jun 2021 09:05:38 GMT):
Proposal:
- we have to used semantic versioning for charts anyway
- we could use minor changes for "releases") the time being : `0.1`, `0.2`,.... (because we are still are in a general alpha environment where e.g. APIs change)
- for untested releases we could e.g. add `-alpha.XX`
frank-bee (Tue, 01 Jun 2021 09:05:38 GMT):
Proposal:
- we have to used semantic versioning for charts anyway
- we could use minor changes for "releases") the time being : `0.1`, `0.2`,.... (because we are still are in a general alpha environment where e.g. APIs change)
- for untested releases we could e.g. add `-alphaXX`
frank-bee (Tue, 01 Jun 2021 09:12:59 GMT):
Example versions evolving from top to bottom:
`0.3.0-alpha04` (current version)
`0.3` (first "stable release")
`0.4-alpha01` (untested new version)
`0.4-alpha02`
`0.4` (new release)
`0.4.1` (urgent bug fix)
...
frank-bee (Tue, 01 Jun 2021 09:12:59 GMT):
Example versions evolving from top to bottom:
`0.3.0-alpha04` (current version)
`0.3` (first "stable release")
`0.4.0-alpha01` (untested new version)
`0.4.0-alpha02`
`0.4` (new release)
`0.4.1` (urgent bug fix)
...
rjones (Tue, 01 Jun 2021 14:01:50 GMT):
If you check in a settings file - [here is an example](https://github.com/hyperledger/cactus/blob/main/.github/settings.yml) - you can do it. I apologize, I thought you would have the branches option in the UI.
frank-bee (Tue, 01 Jun 2021 15:08:24 GMT):
I added this simple idea of version to this issue
:https://github.com/hyperledger-labs/business-partner-agent/issues/444
will document it when working on the issue...
frank-bee (Tue, 01 Jun 2021 15:19:49 GMT):
I bumped the current chart version ( which is somehow tested ) to 0.3.0
And asked @usingetechnology to use 0.4.0-alpha01 for the changes in his PR ( and ideally create a new bpa docker image with 0.4.0-alpha01 and use that in appVersion).
As soon as we tested 0.4.0-alphaXX a bit we can release 0.4.0 (latest at the end of this sprint)
usingetechnology (Tue, 01 Jun 2021 18:06:48 GMT):
i've updated the chart version, but didn't update the appVersion, wasn't sure when we were ready to create a github release.
frank-bee (Wed, 02 Jun 2021 13:35:08 GMT):
@usingetechnology I merged your changes and roughly tested the chart with latest bpa image. seems to work so far :-)
usingetechnology (Wed, 02 Jun 2021 13:36:24 GMT):
great. i used the chart repo yesterday to setup a bpa in one of our namespaces (with keycloak). glad it works for you too.
frank-bee (Wed, 02 Jun 2021 13:36:36 GMT):
Had to do a small fix in the schema / values
new new chart is released as 0.4.0-alpha08
usingetechnology (Wed, 02 Jun 2021 13:37:15 GMT):
ok, i'll update and pull that in. :thumbup:
frank-bee (Wed, 02 Jun 2021 13:38:32 GMT):
Versioning is now simpler , even the git tags for the bpa a just x.x.x ( semantic versioning)
So we can do it like this for chart and bpa image / appVersion:
`0.3.0-alpha04` (current version)
`0.3` (first "stable release")
`0.4.0-alpha01` (untested new version)
`0.4.0-alpha02`
`0.4` (new release)
`0.4.1` (urgent bug fix)
...
Example versions evolving from top to bottom:
`0.3.0-alpha04` (current version)
`0.3` (first "stable release")
`0.4.0-alpha01` (untested new version)
`0.4.0-alpha02`
`0.4` (new release)
`0.4.1` (urgent bug fix)
...
frank-bee (Wed, 02 Jun 2021 13:38:32 GMT):
Versioning is now simpler , even the git tags for the bpa a just x.x.x ( semantic versioning)
So we can do it like this for chart and bpa image / appVersion:
`0.3.0-alpha04` (current version)
`0.3` (first "stable release")
`0.4.0-alpha01` (untested new version)
`0.4.0-alpha02`
`0.4` (new release)
`0.4.1` (urgent bug fix)
...
frank-bee (Wed, 02 Jun 2021 13:39:39 GMT):
have a great week , we have holiday tommorow :-)
Here you on monday
usingetechnology (Wed, 02 Jun 2021 13:43:48 GMT):
enjoy your long weekend!
rjones (Wed, 02 Jun 2021 14:38:38 GMT):
Has left the channel.
ianco (Wed, 02 Jun 2021 18:35:02 GMT):
Hi folks just updated by local BPA environment, started up the two local BPA's and issued a credential. The updates are all pretty slick, good work! :+1:
ianco (Wed, 02 Jun 2021 18:35:51 GMT):
I had a couple of issued with the startup scripts, running locally on a Mac, I'll open a PR, but wondering if anyone else is running on a Mac and is able to successfully start up with the scripts in the `scripts/local` directory?
ianco (Thu, 03 Jun 2021 19:37:54 GMT):
FYI looking into adding Endorser support to BPA, this is the ticket (a hackmd doc is linked in the comments): https://github.com/bcgov/von/issues/378 ... interested in any feedback from the community
Jsyro (Thu, 03 Jun 2021 23:09:46 GMT):
I'm on Linux and other members are on Windows. `scripts/local-network/docker-compose.yaml` should not contain `extra-hosts` in the services. that extra section should ber reserved for the `-linux.yml` file to resolve an issue. Not sure if that should be in or out for MAC users.
etschelp (Mon, 07 Jun 2021 11:30:59 GMT):
cool, let's also put this on the agenda of our weekly meeting as this affects the order of some of the work we have planned. e.g. label a connection or apply policies.
usingetechnology (Tue, 08 Jun 2021 15:10:49 GMT):
as discussed in our weekly meeting. here is a demo video that i put together. this is for a non-technical person that wanted to understand their role in the overall flow. they would be acting strictly as a verifier, and wanted to see what they would do to connect to a mining company and then get proof that the mining company meets certain criterion: is a BC registered business, has a BC mining permit, the mine has a verified TSM (Towards Sustainable Mining) certificate from a 3rd party (Pricewaterhouse Coopers). There are some times when there is no english audio, but that is because the Japanese audio would still be running. https://www.dropbox.com/s/mw2qlsg22u80eus/mitsubishi-demo-english.mp4?dl=0
frank-bee (Tue, 08 Jun 2021 15:54:43 GMT):
@usingetechnology on the terminal you can run `ct install --config ct.yaml --all` to run the helm chart. see https://github.com/helm/chart-testing
frank-bee (Tue, 08 Jun 2021 15:55:18 GMT):
but this does not install the local cluster, it uses the one configured in kubectl and creates a random namespace
usingetechnology (Tue, 08 Jun 2021 16:13:44 GMT):
thanks @frank-bee , i was running that, wasn't sure about the cluster - good to know!
Jsyro (Wed, 09 Jun 2021 20:18:41 GMT):
The use for business wallets requires trust to be built on previous credentials, so we have been exploring how to initialise this trust. Jason Sherman presented a written procedure, and I have drafted a timeline diagram to help explain the procedure. Please review and comment.
https://hackmd.io/@cBTgnqf4SLi410m52P6JSw/HkjabY0qO
domwoe (Thu, 10 Jun 2021 12:47:00 GMT):
@Jsyro I've written a proposal for the proof template builder https://hackmd.io/JgMsZMHlT-2qy5Y1oThTMg?both
domwoe (Thu, 10 Jun 2021 13:00:09 GMT):
I visualized the flow from my perspective a while ago when I read @usingetechnology's proposal. I added the diagram to the document
usingetechnology (Thu, 10 Jun 2021 15:40:10 GMT):
awesome stuff guys!
etschelp (Thu, 10 Jun 2021 16:12:22 GMT):
I'm currently working on a design on how to link this with proof templates and rules and also to evaluate what needs to be refactored to achieve that.
matthewhall78 (Thu, 10 Jun 2021 18:55:16 GMT):
@jsyro
matthewhall78 (Thu, 10 Jun 2021 18:55:16 GMT):
@Jsyro can you update the business level diagram I made in MIRO based on your more technical diagram, so that the business level diagram isn't incorrect. I don't mind if it glosses over some things that are too technical, but I don't want to to be wrong either. https://miro.com/app/board/o9J_lfQFP90=/?moveToWidget=3074457358272204211&cot=14
matthewhall78 (Thu, 10 Jun 2021 18:55:16 GMT):
@Jsyro can you update the business level diagram I made in MIRO based on your more technical diagram, so that the business level diagram isn't incorrect. I don't mind if it glosses over some things that are too technical, but I don't want it to be wrong either. https://miro.com/app/board/o9J_lfQFP90=/?moveToWidget=3074457358272204211&cot=14
frank-bee (Fri, 11 Jun 2021 15:10:27 GMT):
@usingetechnology I made quite a lot of changes to the helm chart. Would be great if you could do a review and test it against your config https://github.com/hyperledger-labs/business-partner-agent-chart/pull/11
frank-bee (Fri, 11 Jun 2021 15:11:18 GMT):
Most of it is just refactoring but also some renaming of values.
What I fixed is also the schema config which did not work
frank-bee (Fri, 11 Jun 2021 15:23:28 GMT):
Clipboard - June 11, 2021 5:23 PM
frank-bee (Fri, 11 Jun 2021 15:24:31 GMT):
This is how our config looks now in kubeapps.
Next week I will also get rid if seed and did which will be generated then....
frank-bee (Fri, 11 Jun 2021 15:47:58 GMT):
@usingetechnology one idea:
maybe you can add your value files ( examples ) to be linted
see [docu](https://github.com/helm/chart-testing/blob/main/doc/ct_lint.md)
```
Charts may have multiple custom values files matching the glob pattern '*-values.yaml' in a directory named 'ci' in the root of the chart's directory. The chart is linted for each of these files. If no custom values file is present, the chart is linted with defaults.
```
usingetechnology (Fri, 11 Jun 2021 16:22:17 GMT):
ok, frank, just reviewing, trying to see impact on our deployments. i will run it against openshift and see how it goes.
usingetechnology (Fri, 11 Jun 2021 18:08:28 GMT):
looks good @frank-bee, just rolled out a couple of instances in one of our namespaces. One thing that I noticed was that `helm upgrade` will set new values and configuration but will not redeploy. I don't know how you are planning to handle this through kubeapps, and we do not have a pipeline yet, so unsure how we will do it in the future... but I used the following commands to install a BPA, then change some configuration and redeploy only the BPA (not the agent). ```helm upgrade kc2 bpa -f bpa/values-kc.yaml \
--install \
--set schemas.enabled=true \
--set "bpa.podAnnotations.timestamp=$(date)" \
--set "acapy.podAnnotations.timestamp=$(date)"
```
usingetechnology (Fri, 11 Jun 2021 18:09:01 GMT):
So that installs if not exists, and sets some timestamps for the agent deployment and the bpa deployment.
usingetechnology (Fri, 11 Jun 2021 18:09:21 GMT):
```helm upgrade kc2 bpa -f bpa/values-kc.yaml \
--install \
--set bpa.config.name="Keycloak Two!" \
--set schemas.enabled=false \
--set "bpa.podAnnotations.timestamp=$(date)"
```
usingetechnology (Fri, 11 Jun 2021 18:10:00 GMT):
then this will do the upgrade and change values in the configmaps, remove the schemas config, then redeply the bpa because the timestamp annotation changed.
frank-bee (Mon, 14 Jun 2021 09:25:49 GMT):
Hi @usingetechnology ,
I think they recommended way to handle this is:
https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
frank-bee (Mon, 14 Jun 2021 09:26:20 GMT):
I will create a PR for that...
frank-bee (Mon, 14 Jun 2021 09:26:20 GMT):
I can create a PR for that...
frank-bee (Mon, 14 Jun 2021 10:32:28 GMT):
hi guys, I thought a bit about releasing again.
Prepared a [Release Drafter](https://github.com/release-drafter/release-drafter) action / workflow which helps managing the releases.
The draft for the next release (kind of our first release: 0.6.0) looks like this: https://github.com/hyperledger-labs/business-partner-agent/releases/tag/untagged-a9baaf8e5f9bc8b885d2
What about having a release every three weeks? This would fit to our sprint cycles.
A good date for us would be the 23.6. for the 0.6.0 ( three weeks later 0.7.0 and so on)
frank-bee (Mon, 14 Jun 2021 10:32:28 GMT):
hi guys, I thought a bit about **releasing** again.
Prepared a [Release Drafter](https://github.com/release-drafter/release-drafter) action / workflow which helps managing the releases.
The draft for the next release (kind of our first release: 0.6.0) looks like this: https://github.com/hyperledger-labs/business-partner-agent/releases/tag/untagged-a9baaf8e5f9bc8b885d2
What about having a release every three weeks? This would fit to our sprint cycles.
A good date for us would be the **23.6. for the 0.6.0** ( three weeks later 0.7.0 and so on)
usingetechnology (Mon, 14 Jun 2021 16:03:53 GMT):
yeah, i saw that, but we don't necessarily change a file, so the checksum won't work, and i don't think we should have a random num either. I think we would lose control over what is rolled out, I think we will deploy the BPA more frequently than the AGENT. And for us, we will have a property overrides using `--set X`, and if we changed one of those values we would want to deploy only what is affected. We can discuss tomorrow.
frank-bee (Mon, 14 Jun 2021 16:11:42 GMT):
hmm, my feeling is we might have overengineered the way we parameterize the bpa or even the acapy deployment.
In general the deployment "should know when to do a new roleout"
the only case it does not , is when a value in a referenced configmap changes, not?
and for that purpose it is fine to create this hash over the configmaps.
Which scenario do you have in mind where a) a configmap won't change plus b) the deployment doesn't change either ?
usingetechnology (Mon, 14 Jun 2021 16:15:05 GMT):
does that checksum work against the result of the configmap or the actual template file? because the template file may not change frequently, but the values we pass in will. so if a value changes and it redeploys, then that works for us. and if it deploys when we change a value using `--set` then that is good to. If it doesn't deploy on changes via `--set` then the caller can force a deployment using the pod annotations as described above. so i think what you
usingetechnology (Mon, 14 Jun 2021 16:15:45 GMT):
have done will cover most (hopefully all) situatations. and if not, then the caller can "force" deployment.
frank-bee (Mon, 14 Jun 2021 16:19:24 GMT):
> does that checksum work against the result of the configmap or the actual template file?
result
frank-bee (Mon, 14 Jun 2021 16:20:02 GMT):
see you tommorrow @usingetechnology , I have to leave ( wife is calling ;-) )
usingetechnology (Mon, 14 Jun 2021 16:22:40 GMT):
:thumbsup: (about the deploy on result) talk to you tomorrrow
usingetechnology (Mon, 14 Jun 2021 16:55:17 GMT):
just ran your scripts, called ```helm upgrade kc1 bpa -f bpa/values-kc.yaml \
--install \
--set bpa.config.name="Keycloak BPA 1"``` and the rollout worked :thumbsup: :thumbsup: nice work!
matthewhall78 (Mon, 14 Jun 2021 17:14:36 GMT):
Why 3 weeks? versus 2 or 1 week? Our sprint cycles are 2 weeks.
usingetechnology (Mon, 14 Jun 2021 23:39:09 GMT):
set up some empty temporary BPAs that use the local login (admin/changeme). All have been deployed using the helm charts from PR (https://github.com/hyperledger-labs/business-partner-agent-chart/pull/15). First one has BCGov UX which is all just configuration from PR(https://github.com/hyperledger-labs/business-partner-agent/pull/477). ```https://govbc-bpa-dev.apps.silver.devops.gov.bc.ca/
```
usingetechnology (Mon, 14 Jun 2021 23:39:09 GMT):
set up some empty temporary BPAs that use the local login (admin/changeme). All have been deployed using the helm charts from PR (https://github.com/hyperledger-labs/business-partner-agent-chart/pull/15). First one has BCGov UX which is all just configuration from PR(https://github.com/hyperledger-labs/business-partner-agent/pull/477).
usingetechnology (Mon, 14 Jun 2021 23:39:15 GMT):
https://govbc-bpa-dev.apps.silver.devops.gov.bc.ca/
usingetechnology (Mon, 14 Jun 2021 23:39:31 GMT):
https://acme-bpa-dev.apps.silver.devops.gov.bc.ca/
https://bizco-bpa-dev.apps.silver.devops.gov.bc.ca/
frank-bee (Tue, 15 Jun 2021 07:38:14 GMT):
Hi @matthewhall78 !
Our sprint cycle is 3 weeks ;-)
If we do every week , I think there is not much time to stabilize.
If find it better to have always a version in advance which can be roughly tested (e.g. 0.6.0-alpha01)
Maybe you can discuss it tonight with my collegues (I cannot join tonight)
lohan.spies (Tue, 15 Jun 2021 07:44:48 GMT):
MichaelWiles
lohan.spies (Tue, 15 Jun 2021 07:44:48 GMT):
@MichaelWiles
etschelp (Tue, 15 Jun 2021 08:43:31 GMT):
Join us for our weekly BPA call today at 16:00 CET (14:00 UTC)
[Teams Link] (https://teams.microsoft.com/l/meetup-join/19%3ameeting_NTAyYTY1ZjktMzJlYS00ZThlLWE1NGItODBhMDRhNmExYmM2%40thread.v2/0?context=%7b%22Tid%22%3a%220ae51e19-07c8-4e4b-bb6d-648ee58410f4%22%2c%22Oid%22%3a%2222acfef8-21f4-4555-a7a7-5db725a9f554%22%7d)
Topics:
- PR: Customized UX
- Proof templates
- Tag a (verified) connection / Rules engine - Input needed here
- Endorser support
etschelp (Tue, 15 Jun 2021 08:43:31 GMT):
Join us for our weekly BPA call today at 16:00 CET (14:00 UTC)
Teams Link: https://teams.microsoft.com/l/meetup-join/19%3ameeting_NTAyYTY1ZjktMzJlYS00ZThlLWE1NGItODBhMDRhNmExYmM2%40thread.v2/0?context=%7b%22Tid%22%3a%220ae51e19-07c8-4e4b-bb6d-648ee58410f4%22%2c%22Oid%22%3a%2222acfef8-21f4-4555-a7a7-5db725a9f554%22%7d
Topics:
- PR: Customized UX
- Proof templates
- Tag a (verified) connection / Rules engine - Input needed here
- Endorser support
echsecutor (Tue, 15 Jun 2021 10:51:25 GMT):
Has joined the channel.
echsecutor (Tue, 15 Jun 2021 15:24:21 GMT):
I was wondering whether I need to rebuild every time I change some frontend setting in `frontend/.env` like the title or logo URL. Would it be possible do read those variables at container-runtime from the environment?
domwoe (Tue, 15 Jun 2021 15:39:56 GMT):
What's your goal? If you need that you probably should serve the frontend separately from the backend
domwoe (Tue, 15 Jun 2021 15:45:07 GMT):
ah, you want to change title/logo. This shouldn't be handled there.
domwoe (Tue, 15 Jun 2021 15:45:07 GMT):
ah, you want to change title/logo. This shouldn't be handled there. That's related to https://github.com/hyperledger-labs/business-partner-agent/pull/477
echsecutor (Tue, 15 Jun 2021 15:48:31 GMT):
slightly related, yes. There are already options that you can set in the frontend .env, namely `VUE_APP_TITLE` and `VUE_APP_LOGO_URL`. Those are sufficient for me in terms of white labeling. ;) But afaik you can add e.g. an imprint via an .env variable at runtime, which saves rebuilding the whole container. So I was wondering whether you can do the same for the variables in frontend .env
domwoe (Tue, 15 Jun 2021 15:50:26 GMT):
Currently you'd need to serve the frontend separately e.g. with npm run serve, then the VUE_APP_X Env variables can be accessed during runtime.
domwoe (Tue, 15 Jun 2021 15:55:10 GMT):
But we could add it to the settings similar to the imprint URL. If that helps you, you can write an issue
echsecutor (Tue, 15 Jun 2021 16:07:56 GMT):
Ah, I see, there is quite some effort forwarding the imprint through the application.yml in the backend to the UserController to the frontend... never mind. I will just rebuild the container. ;)
frank-bee (Wed, 16 Jun 2021 09:39:18 GMT):
@matthewhall78 @Jsyro @usingetechnology
Ca we start with a first release **23.6. for the 0.6.0** ( three weeks later 0.7.0 and so on)?
Just to get some experience on how we do releasing. We can later adopt the cycle time and so on.
frank-bee (Wed, 16 Jun 2021 09:39:18 GMT):
@matthewhall78 @Jsyro @usingetechnology
Ca we start with a first release **23.6. for the 0.6.0** ( three weeks later 0.7.0 and so on)?
Just to get some experience on how we do releasing We can later adopt the cycle time and so on.
frank-bee (Wed, 16 Jun 2021 09:39:18 GMT):
@matthewhall78 @Jsyro @usingetechnology
Ca we start with a first release 23.6. for the 0.6.0 ( three weeks later 0.7.0 and so on)?
Just to get some experience on how we do releasing We can later adopt the cycle time and so on.
frank-bee (Wed, 16 Jun 2021 09:43:34 GMT):
I would create a 0.6.0 docker image on the monday before (on 21.6.) and chart release ( 0.6.0_rc1 ) and leave a note here in the channel.
frank-bee (Wed, 16 Jun 2021 14:14:31 GMT):
@etschelp I configured VS Code launched by Gitpod for java development. Works quite nice , also debugging.
I could also add some configuration to the .gitpod.yml so that it works for every developer without even the need to configure anything.
my question is:
should I add 2 VS Code launch configs: one for backend and one for frontend? Or one combined one ? For the latter I'm not 100% sure how this works. Any help / hints wellcome
frank-bee (Wed, 16 Jun 2021 14:14:31 GMT):
@etschelp I configured VS Code launched by Gitpod for java development. Works quite nice , also debugging.
I could also add some configuration to the .gitpod.yml so that it works for every developer without even the need to configure anything.
my question is:
should I add 2 VS Code launch configs: one for backend and one for frontend? Or one combined one ? For the latter I'm not 100% sure how this works. Any help / hints welcome
frank-bee (Wed, 16 Jun 2021 14:14:31 GMT):
@etschelp I configured VS Code launched by Gitpod for java development. Works quite nice , also debugging.
I could also add some configuration to the .gitpod.yml so that it works for every developer without even the need to configure anything.
my question is:
should I add 2 VS Code launch configs: one for backend and one for frontend development? Or one combined one ? For the latter I'm not 100% sure how this works. Any help / hints welcome.
l-wegner (Wed, 16 Jun 2021 14:41:55 GMT):
Has joined the channel.
frank-bee (Wed, 16 Jun 2021 16:15:13 GMT):
maybe I try the following:
1) for the backend I provide a gitpod init task which pre-builds the dependencies (basically a `mvn clean install`).
Acapy and DB I start via docker-compose , also in the background.
Plus a vs-code launch config to have a run / debug configuration.
2) For the frontend I have a gitpod init task which installs the npm dependencies, basically an `npm install` as pre-build.
I start an npm development server in the background (`npm serve`), in a gitpod task where I can open it also in the browser or preview.
Hmmm , but this has the downside, that for frontend development always the backend has to be started.
frank-bee (Wed, 16 Jun 2021 16:16:18 GMT):
This seems to be not ideal.
@usingetechnology and @Jsyro , didn't one of you develop fronend and backend at the same time ? how?
usingetechnology (Wed, 16 Jun 2021 16:20:16 GMT):
I do basic development using a separate backend and frontend. The main issue is security is disabled. This allows you to run the backend and have it work with a frontend on a separate server. I run the backend and frontend through my IDE (IntelliJ) and I can debug with breakpoints in both.
usingetechnology (Wed, 16 Jun 2021 16:25:59 GMT):
it's a bit awkward, but i have full debugging. I use docker compose to stand up two agents and 1 bpa, then use my ide to run the second bpa (which has no security and i can debug using an Application configuration) and then i just do `npm serve` to run the frontend for my 2nd bpa, and I can launch a Javascript debug session against that frontend. Again, I am using IntelliJ, but I think the same could be done with VS Code.
usingetechnology (Wed, 16 Jun 2021 16:28:05 GMT):
I think that is fine. We have no pipeline yet.
frank-bee (Wed, 16 Jun 2021 17:04:33 GMT):
Cool, I thought of configuring something similar @usingetechnology .
BPA1 is anyway good for testing.
but BPA2 I wonder if I can run frontend and backend together but run the frontend in debugging mode (npm serve) , if I change this stuff here:
https://github.com/hyperledger-labs/business-partner-agent/blob/8f1bec60eec1475a065e06fae133f01972796e3c/backend/business-partner-agent/pom.xml#L404
But hot reloading probably won't work if started with maven? @etschelp
frank-bee (Wed, 16 Jun 2021 17:06:11 GMT):
@usingetechnology could you share this docker-compose file? I want to make sure that you can used the same file in your setup
frank-bee (Wed, 16 Jun 2021 17:06:11 GMT):
@usingetechnology could you share this docker-compose file? I want to make sure that you can use the same file in your setup than the one I will configure for gitpod
etschelp (Thu, 17 Jun 2021 07:42:40 GMT):
A couple of things. To setup the pod in the background i would simply use `mvn clean compile` as this does not run any checks it should speed up things.
To do reloads on changes i would propose you take a look at the micronaut maven plugin https://micronaut-projects.github.io/micronaut-maven-plugin/latest/examples/run.html
This is already in our poms and works for java.
If you want to server the frontend via the backend and have hot reload on both you have a couple of issues. First: npm serve needs to copy everything it compiles into the backends resource folder. and second the backend then needs to hot reload the jar. I do not know if this is doable, but it might work. maybe with also with symlinks or mounts.
An other discussion might be breaking up be and fe, but this changes the security setup, especially if you want to serve from multiple domains.
etschelp (Thu, 17 Jun 2021 07:42:40 GMT):
A couple of things. To setup the pod in the background i would simply use `mvn clean compile` as this does not run any checks it should speed up things.
To do reloads on changes i would propose you take a look at the micronaut maven plugin https://micronaut-projects.github.io/micronaut-maven-plugin/latest/examples/run.html
This is already in our poms and works for java.
If you want to serve the frontend via the backend and have hot reload on both you have a couple of issues. First: npm serve needs to copy everything it compiles into the backends resource folder. and second the backend then needs to hot reload the jar. I do not know if this is doable, but it might work. maybe with some symlink magic.
An other discussion might be breaking up be and fe, but this changes the security setup, especially if you want to serve from multiple domains.
l-wegner (Thu, 17 Jun 2021 15:46:04 GMT):
I wanted to write a @MicronautTest, where i mock `org/hyperledger/bpa/impl/aries/config/SchemaService.java` by this
` @Inject
SchemaService schemaService;
@MockBean
SchemaService schemaService(){
return Mockito.mock(SchemaService.class);
}`
But I get an ambiguity error for an inner class for my mock and the actual singleton of some aspect
` Multiple possible bean candidates found: [org.hyperledger.bpa.controller.api.prooftemplates.$ProofTemplateTest$SchemaService0Definition$Intercepted, org.hyperledger.bpa.impl.aries.config.$SchemaServiceDefinition$Intercepted]`
How do I mock that correctly?
l-wegner (Thu, 17 Jun 2021 15:46:04 GMT):
I wanted to write a @MicronautTest, where i mock `org/hyperledger/bpa/impl/aries/config/SchemaService.java` by this
``` @Inject
SchemaService schemaService;
@MockBean
SchemaService schemaService(){
return Mockito.mock(SchemaService.class);
}```
But I get an ambiguity error for an inner class for my mock and the actual singleton of some aspect
` Multiple possible bean candidates found: [org.hyperledger.bpa.controller.api.prooftemplates.$ProofTemplateTest$SchemaService0Definition$Intercepted, org.hyperledger.bpa.impl.aries.config.$SchemaServiceDefinition$Intercepted]`
How do I mock that correctly?
l-wegner (Thu, 17 Jun 2021 15:55:28 GMT):
Solved it. Instead of `@MockBean` I had to specify the class of the bean I want to replace `@MockBean(SchemaService.class)`
frank-bee (Fri, 18 Jun 2021 05:24:45 GMT):
ok good points @etschelp . Thanks!
frank-bee (Fri, 18 Jun 2021 05:26:57 GMT):
I will launch the backend and frontend seperatly
Hot-reloading works I think if the java debugging is used.
etschelp (Fri, 18 Jun 2021 07:49:09 GMT):
Yes thats how you replace an existing bean from the context with a mocked one. Or if you do not need the full context you can do it with plain mockito like:
```
@ExtendWith(MockitoExtension.class)
class MyTest {
@Mock
private DependencyOfFooService dep;
@InjectMocks
private FooService foo;
```
Like this you can mock the dependencies behavior.
frank-bee (Mon, 21 Jun 2021 09:15:09 GMT):
I created a new helm chart version **0.6.0-alpha09** based on the latest docker image created on our master.
Will bump it to our "first release" **0.6.0** tomorrow if I hear not veto here :-)
frank-bee (Mon, 21 Jun 2021 09:15:09 GMT):
I created a new helm chart version **0.6.0-alpha09** based on the latest docker image created on our master.
Will bump it to our "first release" **0.6.0** tomorrow if I hear no veto here :-)
frank-bee (Mon, 21 Jun 2021 09:15:09 GMT):
I created a new helm chart version ~~0.6.0-alpha09~~ 0.6.0-alpha11 based on the latest docker image created on our master.
Will bump it to our "first release" **0.6.0** tomorrow if I hear no veto here :-)
frank-bee (Mon, 21 Jun 2021 09:15:09 GMT):
I created a new helm chart version ~~0.6.0-alpha09~~ **0.6.0-alpha11** based on the latest docker image created on our master.
Will bump it to our "first release" **0.6.0** tomorrow if I hear no veto here :-)
usingetechnology (Mon, 21 Jun 2021 17:21:47 GMT):
When I opened a new workspace, `mvn clean compile` doesn't make the jar, so the backend never starts. i had to run `mvn clean install`. perhaps we can create a new task that creates the jar but does not run the tests.
usingetechnology (Mon, 21 Jun 2021 18:17:03 GMT):
docker-compose.txt
usingetechnology (Mon, 21 Jun 2021 18:18:17 GMT):
env-example.txt
usingetechnology (Mon, 21 Jun 2021 18:19:20 GMT):
My IDE BPA runs on 48080, and I run the run the frontend at 8080 without security to do breakpoints.
usingetechnology (Mon, 21 Jun 2021 18:20:17 GMT):
For my IDE BPA, i run the `org.hyperledger.bpa.Application` class with ```-Dbpa.acapy.url=http://host.docker.internal:48031
-Dmicronaut.security.enabled=false
-Dmicronaut.server.port=48080
-Dbpa.pg.url=jdbc:postgresql://host.docker.internal:45432/walletuser
-Dbpa.pg.username=walletuser
-Dbpa.pg.password=walletpassword
-Dbpa.host=host.docker.internal:48080
-Dbpa.scheme=http
-Dmicronaut.environments=dev
-Dmicronaut.config.files=classpath:application.yml,classpath:application-dev-bcgov.yml```
usingetechnology (Mon, 21 Jun 2021 18:21:06 GMT):
and pass in ENV VARS: ```BPA_WEB_MODE=false;BPA_RESOLVER_URL=https://resolver.stage.economyofthings.io;BPA_LEDGER_BROWSER=https://indy-test.bosch-digital.de;BPA_DID_PREFIX=did:sov:iil:;BPA_BOOTSTRAP_UN=admin;BPA_BOOTSTRAP_PW=changeme;ACAPY_ENDPOINT=http://host.docker.internal:48030;AGENT_NAME=Dev BPA;BPA_SCHEMA_BANK_ID=2chG7DuwJiKCXbScynLGZ6:2:bank_account:1.3;BPA_SCHEMA_COMREG_ID=UddsJpBYawZuKoREVGETps:2:commercialregister:1.3;BPA_CREDDEF_REVOCATION_REGISTRY_SIZE=50```
usingetechnology (Mon, 21 Jun 2021 18:21:46 GMT):
So the VM options and ENV VARs replace what I would do in the docker-compose
frank-bee (Tue, 22 Jun 2021 05:55:11 GMT):
thanks @usingetechnology for your hints.
The jar problem was introduced yesterday, I fix that.
How to launch a 2. BPA we can talk about tonight. I'd like to avoid having too many docker compose files in the code base with a lot of duplication of code.
etschelp (Tue, 22 Jun 2021 09:39:23 GMT):
Join us for our weekly BPA call today at 16:00 CET (14:00 UTC)
Teams Link: https://teams.microsoft.com/l/meetup-join/19:meeting_NTAyYTY1ZjktMzJlYS00ZThlLWE1NGItODBhMDRhNmExYmM2@thread.v2/0?context={"Tid":"0ae51e19-07c8-4e4b-bb6d-648ee58410f4","Oid":"22acfef8-21f4-4555-a7a7-5db725a9f554"}
Ongoing Work:
- Manually Tag a connection
- Proof templates, redesign of the partner details page
- Simple Rules and Actions to automatically tag a connection
Discussion:
- Should we upgrade to aca-py 0.7.0-pre.3?
- ???
frank-bee (Tue, 22 Jun 2021 10:51:14 GMT):
[teams link](https://teams.microsoft.com/l/meetup-join/19%3ameeting_NTAyYTY1ZjktMzJlYS00ZThlLWE1NGItODBhMDRhNmExYmM2%40thread.v2/0?context=%7b%22Tid%22%3a%220ae51e19-07c8-4e4b-bb6d-648ee58410f4%22%2c%22Oid%22%3a%2222acfef8-21f4-4555-a7a7-5db725a9f554%22%7d)
frank-bee (Tue, 22 Jun 2021 10:51:58 GMT):
BPA 0.6.0 released
https://github.com/hyperledger-labs/business-partner-agent/releases/tag/0.6.0
frank-bee (Tue, 22 Jun 2021 12:39:22 GMT):
We could also discuss about dev setup and its documentation:
- What do we propose to developers how the do development (local setup / ledger setup)? If ledger setup , which ledger?
frank-bee (Tue, 22 Jun 2021 12:39:22 GMT):
We could also discuss about dev setup and its documentation:
- What do we propose to developers how the do development (local setup / ledger setup)? If ledger setup , which ledger?
- Does this gitpod stuff make sense or better describe dev in a "normal IDE")?
- For a non-developer, which setup he/she should use do the tutorials? --> 2 BPAs required , Bank required
frank-bee (Tue, 22 Jun 2021 12:42:44 GMT):
If we agree on some "green path" / standard way here, we can afterwards adopt the docu to allow new developers ( and non-developers) to setup their environment
domwoe (Thu, 24 Jun 2021 06:49:13 GMT):
@channel Is anyone using the `docker-compose.dev.yml` or `docker-compose-backend-webonly.yml` files?
domwoe (Thu, 24 Jun 2021 06:51:19 GMT):
I'm using the `docker-compose.custom-acapy.yml` sometimes to build ACA-Py from master or a branch but if no one else needs that I could keep this one locally
frank-bee (Thu, 24 Jun 2021 08:14:01 GMT):
good point dom!
I refactored the docker compose-files a bit in a way that they can launch 1 or 2 agents.
One could use either `docker-compose.yml` or optionally `docker-compose.dev.yml` to overwrite some values.
frank-bee (Thu, 24 Jun 2021 08:14:01 GMT):
good point dom!
I refactored the docker compose-files a bit in a way that they can launch 1 or 2 agents.
One could use either `docker-compose.yml` plus optionally `docker-compose.dev.yml` to overwrite some values.
frank-bee (Thu, 24 Jun 2021 08:14:01 GMT):
good point dom!
I refactored the docker compose-files a bit in a way that they can launch 1 or 2 agents.
For dev purpose `docker-compose.yml` plus `docker-compose.override.yml` are merged and launched if you just run `docker-compose up` (But the do not contain code duplication)
frank-bee (Thu, 24 Jun 2021 08:18:15 GMT):
Examples of usage:
1) launch one agent
` docker-compose up`
2) launch 2 agents
`docker-compose --profile second_bpa up`
3) overwriting with dev values
`docker-compose -f docker-compose.yml -f docker-compose.dev.yml up`
frank-bee (Thu, 24 Jun 2021 08:18:15 GMT):
Examples of usage:
1) launch one agent for development
` docker-compose up`
2) launch 2 agents for development
`docker-compose --profile second_bpa up`
3) for "prod" usage the compose files are explicitly mentioned
`docker-compose -f docker-compose.yml up`
frank-bee (Thu, 24 Jun 2021 08:20:23 GMT):
Open point:
1) we could also get rid of `docker-compose.dev.yml` and consider dev setup as the default ?
2) make used of the new compose file(s) in the local setup.
@Jsy
frank-bee (Thu, 24 Jun 2021 08:20:23 GMT):
---------------------------------------
**Open points**:
1) make used of the new compose file(s) in the local setup.
@Jsyro or @usingetechnology , could one of you fix that?
2) write a proper developer docu which guides more nicely through the different options (local setup, gitpod, debugging,...)
3) Does anyone need
`docker-compose.custom-acapy.yml` or `docker-compose-backend-webonly.yml`?
4) Does anyone need the 2 additional Dockerfiles? @etschelp , maybe at least not in our repo root ?
frank-bee (Thu, 24 Jun 2021 08:20:23 GMT):
---------------------------------------
**Open points**:
1) we could also get rid of `docker-compose.dev.yml` and consider dev setup as the default ?
2) make used of the new compose file(s) in the local setup.
@Jsyro or @usingetechnology , could one of you fix that?
3) write a proper developer docu which guides more nicely through the different options (local setup, gitpod, debugging,...)
4) Does anyone need
`docker-compose.custom-acapy.yml` or `docker-compose-backend-webonly.yml`?
5) Does anyone need the 2 additional Dockerfiles? @etschelp , maybe at least not in our repo root ?
frank-bee (Thu, 24 Jun 2021 08:20:23 GMT):
**Open points**:
1) we could also get rid of `docker-compose.dev.yml` and consider dev setup as the default ?
2) make used of the new compose file(s) in the local setup.
@Jsyro or @usingetechnology , could one of you fix that?
3) write a proper developer docu which guides more nicely through the different options (local setup, gitpod, debugging,...)
matthewhall78 (Thu, 24 Jun 2021 16:59:37 GMT):
@channel after attending the Hyperledger Maintainers meeting this morning, it was suggested that we could have a wiki page on the Hyperledger Labs confluence site. So I reused the template and set up one for us. Please feel free to contribute to it. and I'd appreciate if someone did a quick review to make sure I haven't left anything from the boiler plate template. https://wiki.hyperledger.org/display/labs/Business+Partner+Agent
domwoe (Thu, 24 Jun 2021 18:14:26 GMT):
Good idea! i'll go over it tomorrow morning
frank-bee (Fri, 25 Jun 2021 06:57:25 GMT):
Awesome!
Here we recently had the idea to create a user docu for the BPA using https://readthedocs.org/ and host it via github pages. Jared is working on that.
Question would be , do we need both , WIKI and Readthedocs?
domwoe (Fri, 25 Jun 2021 07:18:05 GMT):
Did a few small changes.
frank-bee (Fri, 25 Jun 2021 12:53:33 GMT):
BTW, I changed the handling of env vars in the gitpod setup.
Before you start a new gitpod workspace, please clean up the variables here: https://gitpod.io/variables (the seeds you can keep)
frank-bee (Fri, 25 Jun 2021 12:53:45 GMT):
have a great weekend :-)
etschelp (Fri, 25 Jun 2021 14:42:05 GMT):
I'm nearly done with the aca-py 0.7 migration and the uniresolver dependency is now gone. If you want you can have a look on the PR to check if something is missing. https://github.com/hyperledger-labs/business-partner-agent/pull/467
Whats left is a PR in the helm charts repo to do the necessary changes there. When we merge this PR the implication is that everything is now did:sov or did:web, and the prefix is only needed to switch between indy and web modes.
usingetechnology (Fri, 25 Jun 2021 19:19:05 GMT):
i'm off for the weekend, I did not have enough time to review @etschelp PR or @domwoe PR. Hopefully @Jsyro can do it, or I will make it a priority Monday morning.
etschelp (Tue, 29 Jun 2021 12:43:55 GMT):
Join us for our weekly BPA call today at 16:00 CET (14:00 UTC)
Teams Link: https://teams.microsoft.com/l/meetup-join/19:meeting_NTAyYTY1ZjktMzJlYS00ZThlLWE1NGItODBhMDRhNmExYmM2@thread.v2/0?context={"Tid":"0ae51e19-07c8-4e4b-bb6d-648ee58410f4","Oid":"22acfef8-21f4-4555-a7a7-5db725a9f554"}
Topics:
- aca-py 0.7 pre release and native resolver usage
- Proof templates
Planned work:
- Initialise trust
- Endorser support
- Automatically tag a connection
etschelp (Tue, 29 Jun 2021 12:43:55 GMT):
Join us for our weekly BPA call today at 16:00 CET (14:00 UTC)
Teams Link: https://teams.microsoft.com/l/meetup-join/19%3ameeting_NTAyYTY1ZjktMzJlYS00ZThlLWE1NGItODBhMDRhNmExYmM2%40thread.v2/0?context=%7b%22Tid%22%3a%220ae51e19-07c8-4e4b-bb6d-648ee58410f4%22%2c%22Oid%22%3a%2222acfef8-21f4-4555-a7a7-5db725a9f554%22%7d
Topics:
- aca-py 0.7 pre release and native resolver usage
- Proof templates
Planned work:
- Initialise trust
- Endorser support
- Automatically tag a connection
etschelp (Tue, 29 Jun 2021 12:56:49 GMT):
i have merged the aca-py 0.7 upgrade and http resolver PR
usingetechnology (Tue, 29 Jun 2021 15:03:36 GMT):
@frank-bee is this what you were thinking for the name/title configuration in the chart?``` config:
security:
enabled: true
bootstrap:
username: admin
password: changeme
resolver:
url: "{{ printf \"https://resolver%s\" .Values.global.ingressSuffix }}"
ledger:
browserUrlOverride: ""
name: "{{ camelcase .Release.Name }}"
scheme: https
web:
only: false
did:
# -- Will be otherwise calculated based on global.ledger config
prefixOverride: ""
creddef:
revocationRegistrySize: 3000
imprint:
enabled: false
url: "{{ printf \"https://bpa%s/\" .Values.global.ingressSuffix }}"
privacyPolicy:
enabled: false
url: "{{ printf \"https://bpa%s/privacyPolicy\" .Values.global.ingressSuffix }}"
title: "{{ .Values.bpa.config.name }}"
i18n:
locale: en
fallbackLocale: en
```
usingetechnology (Tue, 29 Jun 2021 15:03:49 GMT):
set `title: "{{ .Values.bpa.config.name }}"`
usingetechnology (Wed, 30 Jun 2021 15:28:53 GMT):
@frank-bee thanks for touching up that PR, that will keep it consistent. And thanks for looking into that chart deployment/test issue. Yes, I was very confused why there was that node not being ready.
usingetechnology (Wed, 30 Jun 2021 17:29:33 GMT):
@etschelp just downloaded and ran the latest code. :clap: Ran @frank-bee docker-compose and connected to BCovrin DEV and the 2 partners resolved! Great work you guys! I will be updating my local dev scripts to use these same docker compose files.
matthewhall78 (Thu, 01 Jul 2021 00:39:35 GMT):
maybe readthedocs is for a different purpose than the wiki. and we can link to the readthedocs source from the wiki. I just thought it was important to have at least a pointer from the hyperledger labs wiki to our stuff.
frank-bee (Thu, 01 Jul 2021 05:28:10 GMT):
Indeed confusing! This problem still exist I fear. Will keep an eye on that.
I tested the modified chart against our cluster ( IDU config) and was able to install it. Will do some more tests today
frank-bee (Thu, 01 Jul 2021 05:29:55 GMT):
yeah @matthewhall78 , that was a great idea. Like this we will do it.
frank-bee (Thu, 01 Jul 2021 05:38:05 GMT):
Clipboard - July 1, 2021 7:38 AM
frank-bee (Thu, 01 Jul 2021 05:40:39 GMT):
Up and running @usingetechnology :-)
-> Browser name is shown ( "Title")
-> Name still shown as expected
-> Did not test the changes regarding Acapy 0.7 @etschelp
-> In the bottom status bar the link text seems to be not set. @usingetechnology does this have to do with internationalization?
frank-bee (Thu, 01 Jul 2021 06:37:33 GMT):
Jared prepared a nice concept on how we could do our technical documentation.
Would be great if you can review it:
https://wiki.hyperledger.org/pages/viewpage.action?pageId=54657774
Just leave a comments there (inline or on the bottom).
etschelp (Thu, 01 Jul 2021 08:47:07 GMT):
@frank-bee What seems odd is that the frank agent still has the did:sov:idu prefix. The only way that can happen is if this is set via java opts and not environment variables. In the chart I only see the environment variable. So this must be something that is specific to our setup.
frank-bee (Fri, 02 Jul 2021 08:24:24 GMT):
I did not delete the database which is typical for upgrades
frank-bee (Fri, 02 Jul 2021 08:28:26 GMT):
@etschelp Would be cool if you can test this. Install the chart in our kubeapps env. Ideally first install the latest release and than upgrade to the new alpha.
usingetechnology (Fri, 02 Jul 2021 22:08:51 GMT):
@frank-bee i'll take a look monday morning but yes, that appears to be with that localization PR
usingetechnology (Fri, 02 Jul 2021 22:08:51 GMT):
@frank-bee i'll take a look monday morning but yes, that appears to be with that localization PR. in the `locales/en.json`, the property is named incorrectly... change `imprintUrlText` to `imprintUrl`. I'll do a PR on Monday if that isn't fixed by anyone else
echsecutor (Sat, 03 Jul 2021 05:53:39 GMT):
I have used the `docker-compose.dev.yml` in order to build + run my local changed version. If you want to change trivial things such as the Logo through `frontend/.env` having such a build container is quite convenient
echsecutor (Sat, 03 Jul 2021 05:56:23 GMT):
maybe it would be useful to mention the regular meeting + link to this rocket chat in the wiki for people who want to get in touch
frank-bee (Mon, 05 Jul 2021 07:41:36 GMT):
@echsecutor not sure if I get you righ. dev configuration you would do in `docker-compose.override.yml`, this is what is recommended / described in the docker-compose docu.
I you call `docker-compose up` , both files `docker-compose.yml` and `docker-compose.override.yml` are merged .
frank-bee (Mon, 05 Jul 2021 07:41:36 GMT):
@echsecutor not sure if I get you right. dev configuration you would do in `docker-compose.override.yml`, this is what is recommended / described in the docker-compose docu.
I you call `docker-compose up` , both files `docker-compose.yml` and `docker-compose.override.yml` are merged .
frank-bee (Mon, 05 Jul 2021 07:43:11 GMT):
we could also gitignore `docker-compose.override.yml` if you mean that
usingetechnology (Tue, 06 Jul 2021 17:32:06 GMT):
i just ran the latest chart and BPA into our Openshift environment, set the ledger to use BCovrin Test, and partners resolved and connected to Trinisic wallet. :thumbsup: :thumbsup: Great work you guys!
usingetechnology (Tue, 06 Jul 2021 17:40:50 GMT):
Having an issue actually issuing a credential to the Trinisic Wallet though... will have to dig in to that. Probably a mismatch between Trinsic version and acapy version?
usingetechnology (Tue, 06 Jul 2021 17:41:29 GMT):
Example (I sent a message from Trinsic "Send a message" ```2021-07-06 17:37:54,694 aries_cloudagent.messaging.base_handler INFO Received basic message: Send a message
2021-07-06 17:37:54,694 aries_cloudagent.core.conductor ERROR Exception in message handler:
Traceback (most recent call last):
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/core/dispatcher.py", line 198, in handle_message
await handler(context, responder)
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/basicmessage/v1_0/handlers/basicmessage_handler.py", line 38, in handle
"connection_id": context.connection_record.connection_id,
AttributeError: 'NoneType' object has no attribute 'connection_id'
2021-07-06 17:37:54,694 aries_cloudagent.core.conductor ERROR DON'T shutdown on AttributeError 'NoneType' object has no attribute 'connection_id'
2021-07-06 17:37:54,694 aries_cloudagent.core.dispatcher ERROR Handler error: Dispatcher.handle_message
Traceback (most recent call last):
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/core/dispatcher.py", line 198, in handle_message
await handler(context, responder)
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/basicmessage/v1_0/handlers/basicmessage_handler.py", line 38, in handle
"connection_id": context.connection_record.connection_id,
AttributeError: 'NoneType' object has no attribute 'connection_id'```
usingetechnology (Tue, 06 Jul 2021 18:16:08 GMT):
Further update, Trinsic was just very slow to receive the credential (~30 minutes) but it did get there. I also connected and issued to esatus Wallet (and that was very quick). :rocket:
frank-bee (Wed, 07 Jul 2021 09:25:13 GMT):
I fixed the smoke tests for the helm chart.
Just upgraded the `kind` action to the latest version and the k8s nodes come up again. Let's see if this really solved the problem or if we encounter flaky tests ;-)
l-wegner (Wed, 07 Jul 2021 13:29:31 GMT):
Is there a reason we use gson and jackson? Which one should I prefer? I am trying to build a more generic org.hyperledger.aries.api.present_proof.PresentProofRequest.ProofRequest.ProofRestrictions using a Map
frank-bee (Wed, 07 Jul 2021 13:45:56 GMT):
Hi team!
I added a little milestone overview document [here](https://github.com/hyperledger-labs/business-partner-agent/blob/gh-pages/MILESTONES.md). Linked it in our main readme.md.
The document is automatically updated several times a day based on issues labeled with `epic` and assigned to a [milestone](https://github.com/hyperledger-labs/business-partner-agent/milestones)
We could use the milestones to do some kind of release planning!?
If you wanna try it , @MoritzKa and @Jsyro kindly create some issues labeled with `epic` - maybe for the next 3 milestones .
You could just take the most important headlines from your roadmap documents (description not important).
For the [milestones](https://github.com/hyperledger-labs/business-partner-agent/milestones) I created some with 3 weeks iteration cycle ( current bosch sprint cycle: 0.7, 0.8,...). But we can change this for sure at any time.
frank-bee (Wed, 07 Jul 2021 13:45:56 GMT):
Hi team!
I added a little milestone overview document [here](https://github.com/hyperledger-labs/business-partner-agent/blob/gh-pages/MILESTONES.md). Linked it in our main readme.md.
The document is automatically updated several times a day based on issues labeled with `epic` and assigned to a [milestone](https://github.com/hyperledger-labs/business-partner-agent/milestones)
We could use the milestones to do some kind of release planning!?
If you wanna try it , @MoritzKa and @Jsyro / @matthewhall78 kindly create some issues labeled with `epic` - maybe for the next 3 milestones .
You could just take the most important headlines from your roadmap documents (description not important).
For the [milestones](https://github.com/hyperledger-labs/business-partner-agent/milestones) I created some with 3 weeks iteration cycle ( current bosch sprint cycle: 0.7, 0.8,...). But we can change this for sure at any time.
frank-bee (Wed, 07 Jul 2021 13:45:56 GMT):
Hi team!
I added a little milestone overview document [here](https://github.com/hyperledger-labs/business-partner-agent/blob/gh-pages/MILESTONES.md). Linked it in our main readme.md.
The document is automatically updated several times a day based on issues labeled with `epic` and assigned to a [milestone](https://github.com/hyperledger-labs/business-partner-agent/milestones?direction=asc&sort=due_date&state=open)
We could use the milestones to do some kind of release planning!?
If you wanna try it , @MoritzKa and @Jsyro / @matthewhall78 kindly create some issues labeled with `epic` - maybe for the next 3 milestones .
You could just take the most important headlines from your roadmap documents (description not important).
For the [milestones](https://github.com/hyperledger-labs/business-partner-agent/milestones?direction=asc&sort=due_date&state=open) I created some with 3 weeks iteration cycle ( current bosch sprint cycle: 0.7, 0.8,...). But we can change this for sure at any time.
l-wegner (Wed, 07 Jul 2021 15:37:06 GMT):
I managed to make it work with gson and have put a pull request.
matthewhall78 (Thu, 08 Jul 2021 00:48:42 GMT):
@Jsyro, for these milestone, we should take that roadmap your facilitated building, and group the items, to come up with the milestones.
l-wegner (Thu, 08 Jul 2021 11:24:36 GMT):
Did anybody succed to make `@Micronaut` tests run in Intellij directly without executing `mvn compile` before?
I am facing this error:
`org.junit.jupiter.engine.execution.ConditionEvaluationException: Failed to evaluate condition [io.micronaut.test.extensions.junit5.MicronautJunit5Extension]: @MicronautTest used on test but no bean definition for the test present. This error indicates a misconfigured build or IDE. Please add the 'micronaut-inject-java' annotation processor to your test processor path (for Java this is the testAnnotationProcessor scope, for Kotlin kaptTest and for Groovy testCompile). See the documentation for reference: https://micronaut-projects.github.io/micronaut-test/latest/guide/`
After (or maybe before too?) I tried to fix it by fiddling in the Settings->Compiler-> Annotation Processors, I have this problem in `mvn compile` (intellij integration and standalone 3.8.1) more than 30 times.
l-wegner (Thu, 08 Jul 2021 11:24:36 GMT):
Did anybody succeed to make `@Micronaut` tests run in Intellij directly without executing `mvn compile` before?
I am facing this error:
`org.junit.jupiter.engine.execution.ConditionEvaluationException: Failed to evaluate condition [io.micronaut.test.extensions.junit5.MicronautJunit5Extension]: @MicronautTest used on test but no bean definition for the test present. This error indicates a misconfigured build or IDE. Please add the 'micronaut-inject-java' annotation processor to your test processor path (for Java this is the testAnnotationProcessor scope, for Kotlin kaptTest and for Groovy testCompile). See the documentation for reference: https://micronaut-projects.github.io/micronaut-test/latest/guide/`
After (or maybe before too?) I tried to fix it by fiddling in the Settings->Compiler-> Annotation Processors, I have this problem in `mvn compile` (intellij integration and standalone 3.8.1) more than 30 times.
l-wegner (Thu, 08 Jul 2021 11:24:36 GMT):
Did anybody succeed to make `@Micronaut` tests run in Intellij directly without executing `mvn compile` before?
I am facing this error:
`org.junit.jupiter.engine.execution.ConditionEvaluationException: Failed to evaluate condition [io.micronaut.test.extensions.junit5.MicronautJunit5Extension]: @MicronautTest used on test but no bean definition for the test present. This error indicates a misconfigured build or IDE. Please add the 'micronaut-inject-java' annotation processor to your test processor path (for Java this is the testAnnotationProcessor scope, for Kotlin kaptTest and for Groovy testCompile). See the documentation for reference: https://micronaut-projects.github.io/micronaut-test/latest/guide/`
After (or maybe before too?) I tried to fix it by fiddling in the Settings->Compiler-> Annotation Processors, I have this problem in `mvn test` (intellij integration and standalone 3.8.1) more than 30 times.
l-wegner (Thu, 08 Jul 2021 11:51:07 GMT):
I removed the project, deleted the .idea folder, then reimported the project.
Finally I added manually `$HOME/.m2/repository/io/micronaut/micronaut-inject-java/2.5.7/micronaut-inject-java-2.5.7.jar` to the Annotation Processors, and IntelliJ runs the tests fine now with the integration and mvn and the standalone mvn is working as expected now too.
ianco (Fri, 09 Jul 2021 15:52:02 GMT):
Hi folks, I'm (finally) starting to tackle adding Endorser support to the BPA. (Thanks to @Jsyro and @usingetechnology for giving me a walkthrough of the backend code yesterday). First steps - I'm going to:
- add some configuration to specify whether the BPA is an Author, Endorser, or *none* (i.e. current behaviour, just writes stuff to the ledger)
- add an API to the backend so the client can get this configuration (or is there an existing api I should update?)
- take a look at the connection support to see what I need to update (Endorser/Author connections need to be configured with meta-data)
... and that's it to start.
ianco (Fri, 09 Jul 2021 18:32:52 GMT):
Aha:
`/profile.jsonld`
or:
`/api/admin/config`
domwoe (Fri, 09 Jul 2021 19:52:37 GMT):
Awesome! The second one. I think at some point we'll get this config from ACA-Py itself if I understood @esune's plans. So the approach would probably the same as Frank did with the tails server config https://github.com/hyperledger-labs/business-partner-agent/pull/536
domwoe (Fri, 09 Jul 2021 19:52:37 GMT):
Awesome! The second one. I think at some point we'll get this config from ACA-Py itself if I understood @esune's plans. So the approach would probably be the same as Frank did with the tails server config https://github.com/hyperledger-labs/business-partner-agent/pull/536
ianco (Fri, 09 Jul 2021 20:00:25 GMT):
OK I'll take a look thanks
ianco (Fri, 09 Jul 2021 20:50:39 GMT):
I think we *also* need to include Endorser info in the `/profile.jsonld` endpoint, because Authors need to include the Endorser DID when they sign the transaction (before they send to the Endorser for endorsement), so would be helpful if this was part of the profile
etschelp (Mon, 12 Jul 2021 07:15:37 GMT):
This was working fine before and stopped working after the last IntelliJ update. The annotation processor config should be read from maven, because this is where micronaut-inject-java is defined.
domwoe (Mon, 12 Jul 2021 11:41:47 GMT):
ah, interesting thought! Would be good if we could talk about the flow tomorrow. To get the profile you'd already need the public DID. 1) If the TA starts with adding the endorser as a partner we already have the public DID
domwoe (Mon, 12 Jul 2021 11:41:47 GMT):
ah, interesting thought. Would be good if we could talk about the flow tomorrow. To get the profile you'd already need the public DID. So this would only help if you want to crawl the ledger for endorsers.
If the TA starts with adding the endorser as a partner we already have the public DID
If we want to start the process with an explicit invitation from the endorser we might need to add additional functionalities
ianco (Mon, 12 Jul 2021 13:26:32 GMT):
Ah right you already have the public DID
ianco (Mon, 12 Jul 2021 13:27:09 GMT):
I won't be able to make the call tomorrow unfortunately as I have a conflict now on Tuesday mornings
etschelp (Mon, 12 Jul 2021 13:50:08 GMT):
I think this is a bit tricky. If we think about what can happen in the UI, there we have:
1. Existing connections
2. New incoming connections
3. New outgoing connections
What all cases have in common is that we want to add the endorser capability to it. This step will then make the aca-py call to assign the metadata to the connection.
If we add this capability to the profile we could make this step dependent on this information. But then there are many places where we need to add this. So maybe to keep things simple we could start with the functionality to assign the endorser capability to an existing connection?
etschelp (Mon, 12 Jul 2021 13:55:49 GMT):
For the authors side of the API I do not think that there is the need for new endpoints. The only switch that is needed in the backend is to add the endorser related info.
As we have now pending author and endorser tasks I would build upon parc-json's PR https://github.com/hyperledger-labs/business-partner-agent/pull/523
ianco (Mon, 12 Jul 2021 14:01:02 GMT):
Re adding connections - I suggest for the first cut, for the Endorser side, when a connection is added it is automatically set as an "Author" connection (i.e. the partner is a Transaction Author). For the Author side, we add a checkbox to "make this partner an Endorser" and provide this option when the connection is added, or to add Endorser capability to an existing conection.
ianco (Mon, 12 Jul 2021 14:01:22 GMT):
For the transaction endorsing workflows, I agree to base on parc-jason's notifications PR
domwoe (Mon, 12 Jul 2021 14:06:37 GMT):
For the authors side: Do we want to support multiple endorsers? If not I would suggest to set the endorser in the settings and not have a set as endorser checkbox for every partner
domwoe (Mon, 12 Jul 2021 14:07:47 GMT):
So in settings you can select the endorser from your partners (with a public DID and endorser rights)
ianco (Mon, 12 Jul 2021 14:08:05 GMT):
In the next aca-py update we will probably set the Endorser as a configuration (for the Author aca-py), so there will be only one. This work isn't done yet so we don't know exactly what it will look like.
ianco (Mon, 12 Jul 2021 14:08:43 GMT):
... it will likely require changes to whatever we have implemented in BPA, so I suggest we just keep it simple for now.
domwoe (Mon, 12 Jul 2021 14:13:35 GMT):
Agreed. I don't think we need support for multiple endorsers. And because you probably set it only once (or its even preconfigured) I don't want to bother the user in every partner (add) view
domwoe (Mon, 12 Jul 2021 14:22:36 GMT):
+1 for using @usingetechnology's task list
echsecutor (Wed, 14 Jul 2021 13:19:39 GMT):
Hi! We are currently trying to use the BPA with the ID Union test network in order to connect to a mobile wallet (Lissi, eSatus,...). Is this currently possible?
domwoe (Wed, 14 Jul 2021 13:21:38 GMT):
Should be possible. Do you have issues?
domwoe (Wed, 14 Jul 2021 13:22:12 GMT):
BCGov Team is testing with Trinsic. We haven't tested it in a while.
echsecutor (Wed, 14 Jul 2021 13:23:29 GMT):
`# Uni Resolver URL
BPA_RESOLVER_URL=https://resolver.stage.economyofthings.io
# The ledger prefix that is configured with the Uni Resolver
BPA_DID_PREFIX=did:sov:idu:
BPA_LEDGER_BROWSER=https://idu.cloudcompass.ca
`
Seems to be working. We can e.g. write schemas to the ledger with the BPA. But connecting to a mobile wallet is not working
echsecutor (Wed, 14 Jul 2021 13:23:29 GMT):
```
# Uni Resolver URL
BPA_RESOLVER_URL=https://resolver.stage.economyofthings.io
# The ledger prefix that is configured with the Uni Resolver
BPA_DID_PREFIX=did:sov:idu:
BPA_LEDGER_BROWSER=https://idu.cloudcompass.ca
```
Seems to be working. We can e.g. write schemas to the ledger with the BPA. But connecting to a mobile wallet is not working
echsecutor (Wed, 14 Jul 2021 13:26:01 GMT):
The eSatus wallet says "Ungültige EInladung" after scanning the invite QR Code from BPA. The Lissi Wallet shows the BPA Name and the contact looks good, but no business partner ever shows up in the BPA
domwoe (Wed, 14 Jul 2021 13:28:44 GMT):
Are you sure that the wallet can reach the Aries endpoint ?
echsecutor (Wed, 14 Jul 2021 13:28:56 GMT):
I am currently running `docker-compose -f docker-compose.dev.yml up -d` ;)
etschelp (Wed, 14 Jul 2021 13:28:58 GMT):
This looks like an old state. Resolver url is not needed any more, ledger prefix is gone and the ledger browser is optional. You only have to configure the genesis url. Invalid Invite can happen in case the endpoint is not available.
echsecutor (Wed, 14 Jul 2021 13:29:18 GMT):
not sure what you mean by merging compose files
echsecutor (Wed, 14 Jul 2021 13:30:35 GMT):
we have been using the BPA on the iis network together with other BPA instances, but I will check the endpoint reachability
echsecutor (Wed, 14 Jul 2021 13:31:05 GMT):
I forgot
```
ACAPY_GENESIS_URL=https://idu.cloudcompass.ca/genesis
```
echsecutor (Wed, 14 Jul 2021 13:31:05 GMT):
I forgot to mention
```
ACAPY_GENESIS_URL=https://idu.cloudcompass.ca/genesis
```
etschelp (Wed, 14 Jul 2021 13:32:30 GMT):
I just tested with esatus app 1.11 on iPhone and it works.
etschelp (Wed, 14 Jul 2021 13:33:13 GMT):
and of course the esatus app needs to be on he same ledger as well
echsecutor (Wed, 14 Jul 2021 13:41:04 GMT):
ok, thanks for checking, I am also using eSatus 1.11 on Android. I will check whether there might be an issue with our aries endpoint
echsecutor (Wed, 14 Jul 2021 13:53:37 GMT):
ahhh... error in the routing on our side. Works with Lissi and eSatus wallet :+1:
echsecutor (Wed, 14 Jul 2021 13:54:55 GMT):
ah, ok, I used to. Now this file is gone. Is there still a build container?
domwoe (Wed, 14 Jul 2021 14:00:39 GMT):
(I think)what @frank-bee means is to use `docker-compose -f docker-compose.override.yml` This should produce a local build
domwoe (Wed, 14 Jul 2021 14:10:18 GMT):
ah wrong :) I should read before I write. docker-compose without specifying a file should already merge the override and the override should create a local image
usingetechnology (Wed, 14 Jul 2021 16:23:31 GMT):
@frank-bee - saw the PR for logging configuration. Is it possible to change the configuration/levels without a new build? either via environment variables or by a configMap? We should explore that option at some point.
frank-bee (Thu, 15 Jul 2021 08:27:51 GMT):
hi @usingetechnology ! I was ill for some days..back again
frank-bee (Thu, 15 Jul 2021 08:29:59 GMT):
yup..this was more of a 80% solution.
we can refine that for sure
frank-bee (Thu, 15 Jul 2021 08:30:18 GMT):
log level can be configured quite easily
```
Controlling Log Levels with Properties
Log levels can be configured via properties defined in application.yml (and environment variables) with the log.level prefix:
logger:
levels:
foo.bar: ERROR
```
echsecutor (Thu, 15 Jul 2021 08:31:12 GMT):
Since I have a connection to the BPA, lissi and esatus movile wallets are displaying push notifications every minute. Is there some regular background communication going on?
domwoe (Thu, 15 Jul 2021 08:32:39 GMT):
Good point, yes. There's a trust ping every minute
frank-bee (Thu, 15 Jul 2021 08:32:57 GMT):
but if we want change other logger configuration we should look how we could nicely do that ( in debug mode , compose and helm )
Probably the config file has to be mounted into the pod. but we could also check if log4j2 has alternatives ( it has ...)
domwoe (Thu, 15 Jul 2021 08:34:17 GMT):
We should be able to turn this off and probably deactivate it by default for connections with mobile wallets
echsecutor (Thu, 15 Jul 2021 08:35:11 GMT):
:thumbsup: I can drop an issue to keep track of this point?
domwoe (Thu, 15 Jul 2021 08:35:25 GMT):
that would be great! Thanks
frank-bee (Thu, 15 Jul 2021 08:35:42 GMT):
asked our POs to do some testing for the 0.7 pre-release.
They face things like
```
Unexpected error occurred: No resolver supprting DID "did:sov:idu:R6WR6n7CQVDjvvmwofHK6S" loaded.
501: No resolver supprting DID "did:sov:idu:R6WR6n7CQVDjvvmwofHK6S" loaded.
```
frank-bee (Thu, 15 Jul 2021 08:36:40 GMT):
anyone knows something about it? IDunion problem?
domwoe (Thu, 15 Jul 2021 08:38:01 GMT):
No, the "idu" prefix needs to be dropped
frank-bee (Thu, 15 Jul 2021 08:38:41 GMT):
we should write a developer docu after we tested the compose setup with a local setup ( the latter is still using its own -similar - compose files
frank-bee (Thu, 15 Jul 2021 08:39:19 GMT):
Ah I remember
etschelp (Thu, 15 Jul 2021 09:33:10 GMT):
Our PO's do not pay close attention to our presentations ;)
jaredweinfurtner (Thu, 15 Jul 2021 12:31:50 GMT):
Has joined the channel.
jaredweinfurtner (Thu, 15 Jul 2021 12:40:28 GMT):
I am trying to start the backend to connect my changes to the proof templates. I used the `docker-compose-backend-webonly.yml` and set the flag `-Dbpa.web.only=true` in my application. It fails:
```
14:16:37.822 [main] ERROR Micronaut - Error starting Micronaut server: Switching from aries to web mode is not supported
java.lang.RuntimeException: Switching from aries to web mode is not supported
```
Anyone able to get a local-only backend up and running?
domwoe (Thu, 15 Jul 2021 14:01:19 GMT):
I'd say this one of the docker-compose files we should get rid off :) if you really want to start the BPA in web mode, i.e. with a did:web you have to wipe the database (docker-compose down -v) and set the env variable BPA_WEB_MODE=true
domwoe (Thu, 15 Jul 2021 14:01:19 GMT):
I'd say this one of the docker-compose files we should get rid off :) if you really want to start the BPA in web mode, i.e. with a did:web identifier instead of a did:sov (indy) identifier you have to wipe the database (docker-compose down -v) and set the env variable BPA_WEB_MODE=true
frank-bee (Thu, 15 Jul 2021 14:33:20 GMT):
BPA 0.7.0 release :-)
https://github.com/hyperledger-labs/business-partner-agent/releases/tag/0.6.0
(feel free to adjust the release notes , they are more or less generated and randomly adjusted by me...)
frank-bee (Thu, 15 Jul 2021 14:33:20 GMT):
BPA 0.7.0 released :-)
https://github.com/hyperledger-labs/business-partner-agent/releases/tag/0.7.0
(feel free to adjust the release notes , they are more or less generated and randomly adjusted by me...)
matthewhall78 (Fri, 16 Jul 2021 00:06:02 GMT):
@frank-bee I would like to see the documentation on the Business Partner Connection State and how they move from one to the other. Is this an ACA-Py documentation thing? or is it something to document as part of our java api wrapper?
```
- abandoned
- active
- ?
```
matthewhall78 (Fri, 16 Jul 2021 00:06:02 GMT):
@frank-bee I would like to see the documentation on the Business Partner Connection State and how they move from one to the other. Is this an ACA-Py documentation thing? or is it something to document as part of our java api wrapper?
```
- abandoned
- active
- ?
```
While running an instance of BPA I made a connection to a trinsic wallet, issued a credential, and all was fine. But after a few minutes the State of the connection now shows "abandoned". But on the other connections we have with other BPA instances that are running the connection state still shows as "active".
frank-bee (Fri, 16 Jul 2021 06:46:10 GMT):
Hi Matth!
For me me this is clearly something we should document in the user documentation - which we currently do not really separate from developer documentation.
Let's wait until Jared is back from vacation, he will do the initial separation of user docu. And than there should be a chapter about partner handling ( adding, being added, "states",...)
If you connect to a trinsic wallet this is technically pure aries / didcom communication I assume . I'm not sure if connection handling is 100% the same as if you would connect to a full BPA. Maybe our experts here can answer that...
domwoe (Fri, 16 Jul 2021 06:56:45 GMT):
This is related to this issue: https://github.com/hyperledger-labs/business-partner-agent/issues/548 There BPA tries to performa a trust ping with every active connection and currently sets the state to abandoned if the trust ping is not answered (for a specific period?) I think we should give this state another name, because "abandoned" is a state defined in RFC 0023
domwoe (Fri, 16 Jul 2021 06:56:45 GMT):
This is related to this issue: https://github.com/hyperledger-labs/business-partner-agent/issues/548 There BPA tries to performa a trust ping with every active connection and currently sets the state to abandoned if the trust ping is not answered (for a specific period?) I think we should give this state another name, because "abandoned" is a state defined in RFC 0023 (https://github.com/hyperledger/aries-rfcs/blob/master/features/0023-did-exchange/README.md) and can only be arrived at due to a problem report message during the DIDX protocol
domwoe (Fri, 16 Jul 2021 06:56:45 GMT):
This is related to this issue: https://github.com/hyperledger-labs/business-partner-agent/issues/548 The BPA tries to perform a trust ping with every active connection and currently sets the state to abandoned if the trust ping is not answered (for a specific period?) I think we should give this state another name, because "abandoned" is a state defined in RFC 0023 (https://github.com/hyperledger/aries-rfcs/blob/master/features/0023-did-exchange/README.md) and can only be arrived at due to a problem report message during the DIDX protocol
echsecutor (Fri, 16 Jul 2021 15:35:47 GMT):
I have now downloaded the latest version and set only the settings from .env-example. Still working with esatus but I can not issue credentials to the lissi wallet any more
etschelp (Fri, 16 Jul 2021 15:52:18 GMT):
I can reproduce this, with the esatus app. No issues with trinsic. Its either the mediator or the wallet. I can not see anything in aca-py's logs. issuing works. the app probably cannot handle the format.
etschelp (Fri, 16 Jul 2021 15:54:11 GMT):
we upgraded to aca-py 0.7.0 btw. aca-py upgrades are always problematic with the esatus app.
etschelp (Fri, 16 Jul 2021 15:59:18 GMT):
We should distinguish between what the user needs to see and the aries connection states that we display to debug the states. Active/inactive states are probably enough. In the backend I have to set something. I do not care what. I can add the inactive state again or set the connection to error.
matthewhall78 (Fri, 16 Jul 2021 19:34:56 GMT):
For a mobile wallet connection, this seems more like a presence indicator. e.g. Online, Away, or Offline. But I'm not sure that what the point of the status was for. In my mind there are at least two separate sets of states. (Just brainstorming here...)
1. invitation to connect received, invitation to connect accepted, connection established, connection deleted
2. Connection active, connection away or idle, connection offline
echsecutor (Tue, 20 Jul 2021 08:34:14 GMT):
eSatus is working for me, but Lissi is not working any more. I will investigate if time permits ;)
domwoe (Tue, 20 Jul 2021 15:08:12 GMT):
@ianco This link should work: https://media.video.bosch.com/media/2021-04-15_BusinessPartnerAgent_technical_introduction/0_qzan5hy5
ianco (Tue, 20 Jul 2021 15:12:14 GMT):
That works, thanks! I'll watch this today
domwoe (Wed, 21 Jul 2021 06:52:41 GMT):
Btw. are there code walkthroughs for ACA-Py anywhere? I've been implementing minor changes and would be interested in something like this as well.
frank-bee (Wed, 21 Jul 2021 11:38:28 GMT):
@usingetechnology @Jsyro how you doing?
I plan you fix our docker-compose docu in the next days. Let's have it really clean and clear (KISS) ! @domwoe asked me to
Will add some sentences on how to launch with 2 agents ( default will be one agent).
Do you still need the local set-up folder? I can also delete it, currently it still has a lot of code duplication.
Ideally I'd ask you to "merge it" with the main compose file -> optionally launch a local agent.
frank-bee (Wed, 21 Jul 2021 11:39:32 GMT):
docker-compose.custom-acapy.yml I will also delete - if there is no veto here?
domwoe (Wed, 21 Jul 2021 11:55:01 GMT):
Would be great to not have different docker-compose files for the local network setup. Should be just an additional step to lunch the network and change the ledger in the env.
frank-bee (Wed, 21 Jul 2021 12:02:45 GMT):
yup, basically the refactoring would be:
- [start_infra.sh](https://github.com/hyperledger-labs/business-partner-agent/blob/master/scripts/local-network/start_infra.sh) could be moved up to the scripts folder
- small chapter in the compose readme on how to start local setup
- remove most of `local setup` folder
frank-bee (Wed, 21 Jul 2021 12:04:01 GMT):
@Jsyro could you do that?
frank-bee (Wed, 21 Jul 2021 12:07:38 GMT):
@matthewhall78 @Jsyro @MoritzKa shall we use these github milesstones and the related overview document?
Otherwise I would delete it
ianco (Wed, 21 Jul 2021 13:50:04 GMT):
Not that I know of but that would be a good idea too, I'll suggest it at our scrum
ianco (Wed, 21 Jul 2021 14:03:36 GMT):
Oh apparently I was actually on this call lol
domwoe (Wed, 21 Jul 2021 14:05:56 GMT):
haha
usingetechnology (Wed, 21 Jul 2021 14:58:08 GMT):
i have not been using the `local-network` at all. and i've just been running `docker-compose --profile second_bpa -f docker-compose.yml -f docker-compose.override.yml up bpa-agent1 bpa2` for my local development work. it's been great. so for me, everything can go except for those 2 compose files (and the register dids/env etc)
usingetechnology (Thu, 22 Jul 2021 04:17:33 GMT):
@etschelp @domwoe @frank-bee - @Jsyro and I are going to discuss the refactoring of the acapy events -> activity log -> frontend notifications tomorrow morning. do you, or anyone else on your team have thoughts on what you'd like to see or any implementation issues to look out for? anything that must be included?
frank-bee (Thu, 22 Jul 2021 05:00:02 GMT):
OK cool, let's wait another day and than I will use the chainsaw to clean up a bit :-)))
domwoe (Thu, 22 Jul 2021 07:25:58 GMT):
I think @ianco is working with the local network if I remember correctly. Also @jaredweinfurtner liked the approach of having no remote dependencies when developing.
etschelp (Thu, 22 Jul 2021 10:30:57 GMT):
I see a lot of interesting challenges with this task, but first some general thoughts.
1. I'm inclined to move decisions on the event state into the event classes itself e.g. connection.isIncoming(), connection.isInvitationRequest() etc. otherwise we will have the same checks all over the place
2. any code that is called from the activities event handler should never call business logic that is not event related e.g. update a Partner. therefore we should move this into an own package and really be careful about what is public/private.
3. Currently the BPA has no user concept. Open tasks have no issue with that, as they are either open or done, but things like new connection, new credential might be tricky
etschelp (Thu, 22 Jul 2021 10:42:02 GMT):
The more specific issue is the event handler design and how to track states. As events are plentiful they can cause performance and storage issues quickly. So filtering is key here. Also I would never store the whole event payload only types and references.
Another question is, if everything is event based only events can update the state of a task right? This can get hard to track. But anyhow, my first naive approach would be to split up incoming events into tasks and notifications and store them in one or two big collections where you can easily order by state and dates (here I strongly recommend indices)
ianco (Thu, 22 Jul 2021 13:12:21 GMT):
I've been working with the `local` setup. I can refactor/merge with the parent to remove the duplication. FYI I don't use `start_infra.sh`, I just start my local von-network manually.
usingetechnology (Thu, 22 Jul 2021 14:12:18 GMT):
great, thanks for all those points. really need the input to shine light on all the possible issues and tricky areas. hmm, i hadn't thought about about something like `connection.isIncoming()`... will have to think about that for sure - like you, a concern was having logic scattered about too much. one thought i had was to create a more BPA event model that the backend would raise to the frontend. Basing it around `ApplicationEventListener`, so any of our code would fire an event like `partnerAdded` and the Event listener would handle that, do whatever needs to be done as far as storage and then send a message over the socket. Just to isolate all the logic for building the activity/task lists and sending to the frontend.
usingetechnology (Thu, 22 Jul 2021 14:17:23 GMT):
that would open up the backend/frontend notifications to non-aca-py events, like anything we want to raise that is strictly a BPA mechanism (not sure what yet... maybe like public profile changed)
etschelp (Thu, 22 Jul 2021 15:45:09 GMT):
The application events are a great idea as they give us another design option. The first option would be to fire all frontend events in the webhook handler. Whereas application events could be triggered in the managers. Firing events in the managers might be better in scenarios where you want to be sure that something is in a defined state. As the event handlers are run simultaneously and you cannot rely on the state of the other thread.
frank-bee (Fri, 23 Jul 2021 10:09:32 GMT):
@ianco that would be great.
frank-bee (Fri, 23 Jul 2021 10:10:29 GMT):
Please also write a small chapter in the docker compose Readme on how to start the local setup.
frank-bee (Fri, 23 Jul 2021 10:13:52 GMT):
When we have all kinds of setups merged in the script folder we can think of a small CLI (shell script) which can ne used to start various scenarios (1 bpa, 2 bpa, register dids, local setup, expose ports, gitpod) or combinations
frank-bee (Fri, 23 Jul 2021 10:13:52 GMT):
When we have all kinds of setups merged in the script folder we can think of a small CLI (shell script) which can be used to start various scenarios (1 bpa, 2 bpa, register dids, local setup, expose ports, gitpod) or combinations
Jsyro (Fri, 23 Jul 2021 18:25:04 GMT):
I'm trying to add query parameters to the authentication URL that is sent to the oauth2 (keycloak) so they can be forwarded to the identity provider. Has anyone done this before. First pass through the docs (https://micronaut-projects.github.io/micronaut-security/1.2.3/guide/index.html#io.micronaut.security.oauth2.configuration.OauthClientConfigurationProperties$OpenIdClientConfigurationProperties$AuthorizationEndpointConfigurationProperties) only shows a full override the url. i'd rather just add the query param to whatever it does by default.
etschelp (Mon, 26 Jul 2021 07:43:42 GMT):
I guess you would have to add your own implementation of io.micronaut.security.oauth2.endpoint.authorization.request.AuthorizationRedirectHandler. But i would rather extend DefaultAuthorizationRedirectHandler than add a completely new implementation.
usingetechnology (Tue, 27 Jul 2021 16:26:29 GMT):
are you looking to add `kc_idp_hint=BLAH` to the login url?
Jsyro (Tue, 27 Jul 2021 16:28:06 GMT):
i need to add a query param `pres_conf_req_id` to the `authorization_url` redirect that micronaut sends to for authentication...
Is `kc_idp_hint` a query param as well?
usingetechnology (Tue, 27 Jul 2021 16:28:52 GMT):
kc_idp_hint is a query param for the login url, saying which provider to prefer
Jsyro (Tue, 27 Jul 2021 16:29:16 GMT):
ok, then i might be able to use/re-use/modify that. i'll look for that.
Jsyro (Tue, 27 Jul 2021 16:30:16 GMT):
i don't see `kc_idp_hint` in our repo at all.
usingetechnology (Tue, 27 Jul 2021 16:36:06 GMT):
maybe you can implement `OauthClientConfiguration` that implements the `Optional
matthewhall78 (Tue, 27 Jul 2021 23:21:57 GMT):
I'll ask our Scrum Master.
ianco (Wed, 28 Jul 2021 19:52:14 GMT):
Hi folks, FYI I created a hackmd document with a TOC of the materials covered in the overview video (linked above ^^^ somewhere) and some suggestions for further tutorial topics: https://hackmd.io/_fxYxnsJTuWxZxx1l16B9g?view ... this also includes a link to a demo of the endorser work, which is WIP ...
usingetechnology (Thu, 29 Jul 2021 22:42:20 GMT):
I've got a PR (https://github.com/hyperledger-labs/business-partner-agent/pull/561) that persists the tasks/activities (still reliant on partner existing - not sure if we want to handle when partners are removed), and re-work of the backend events -> front end notifications. In the backend, the managers publish events as their logic dictates (partner added, partner/connection requested, presentation requested etc), the event handler will then use the message service to push those to the front end (and initiate logic to persist tasks/activities as needed). All the frontend events/notifications are stored in 4 buckets for now (task, partner, presentation, credential) and those are used to show badges on the left hand side navigation and also in tables and the partner screen itself (ex. which presentation request/exchange has been updated). Once we have all used if for a bit, we may want to adjust what frontend notifications we actually need to surface to the users. The chat/messages will get re-worked next sprint as we put persistence in. I am off tomorrow (Friday) and Monday.
frank-bee (Fri, 30 Jul 2021 08:05:51 GMT):
OK cool
frank-bee (Fri, 30 Jul 2021 08:08:10 GMT):
@MoritzKa didn't find time yet, but will get back to me. I will fill the milestones a bit from Bosch sides together with him.
It is anyways just meant for a rough overview. If each of us (bcgov and bosch) thinks about 5 -10 epics ("headlines") and assigns a milesstone to them , we already have something to discuss.
As we'll see where we potentially land e.g. in september or end of the year
etschelp (Tue, 03 Aug 2021 15:53:07 GMT):
I put a little diagram together that should help to visualize the design I had in mind.
https://drive.google.com/file/d/1BhrWoUBtV-9Kn9IUyb2HsQ4t2DIToSK9/view?usp=sharing
choeppler (Tue, 03 Aug 2021 21:01:31 GMT):
Hi folks, there was a note on the Hyperledger Labs mailing list, that lab repos should move from `master` to `main for the default branch. (https://lists.hyperledger.org/g/labs/message/145)
We've got two repos which are affected:
- hyperledger-labs/business-partner-agent
- hyperledger-labs/acapy-java-client
The two chart repos already use `main` as the default branch.
choeppler (Tue, 03 Aug 2021 21:01:31 GMT):
Hi folks, there was a note on the Hyperledger Labs mailing list, that lab repos should move from `master` to `main` for the default branch. (https://lists.hyperledger.org/g/labs/message/145)
We've got two repos which are affected:
- hyperledger-labs/business-partner-agent
- hyperledger-labs/acapy-java-client
The two chart repos already use `main` as the default branch.
jaredweinfurtner (Thu, 05 Aug 2021 14:55:32 GMT):
Do we know why the von-network docker image (https://github.com/bcgov/von-network) is not on docker hub and must be pulled into the project and built locally?
l-wegner (Thu, 05 Aug 2021 17:08:37 GMT):
I started a PR to begin with the required changes in business-partner-agent
etschelp (Tue, 10 Aug 2021 12:34:24 GMT):
does someone know why we add ?t=1234 to every request that we make through axios? i will remove this.
```
export function appAxios(timeout = 0) {
const axiosOptions = {
timeout: timeout,
params: {
t: new Date().getTime()
}
};
```
usingetechnology (Thu, 12 Aug 2021 23:00:31 GMT):
was getting some weird caching, I couldn't figure it out where it was being cached, so this was to force a data refresh. remove it if you want, we can keep an eye out on any data refresh issues.
usingetechnology (Thu, 12 Aug 2021 23:03:10 GMT):
Screen Shot 2021-08-12 at 3.47.40 PM.png
usingetechnology (Thu, 12 Aug 2021 23:03:56 GMT):
We had some user feedback with a lot of confusion on what Credential Management was and they couldn't really see how to issue a new credential. We discussed this morning to rename the screen/navigation and remove the schema maintenance block (so all schema/cred def is done in settings). So we want to name the navigation and the screen as Issue Credentials and leave the Create/Import schema in Settings. Thoughts?
usingetechnology (Thu, 12 Aug 2021 23:03:56 GMT):
We had some user feedback with a lot of confusion on what Credential Management was and they couldn't really see how to issue a new credential. We discussed this morning to rename the screen/navigation and remove the schema maintenance block (so all schema/cred def is done in settings). So we want to name the navigation and the screen as Issue Credentials and leave the Create/Import schema in Settings.
domwoe (Fri, 13 Aug 2021 07:39:28 GMT):
I think that's a good idea. Create/Import schemas is an admin type action.
schlagtim (Fri, 13 Aug 2021 10:30:06 GMT):
Has joined the channel.
etschelp (Fri, 13 Aug 2021 15:57:29 GMT):
I'm currently refactoring the issuing part in the backend to also support issuing and receiving indy credentials via the v2 api. See https://github.com/hyperledger-labs/business-partner-agent/pull/574 I did a lot of cleaning up there. Also by doing this I fixed a new bug because the issue list still relies on the partners alias instead of the name to be set. I should be done with this early next week.
usingetechnology (Fri, 13 Aug 2021 16:04:00 GMT):
thanks for letting me know @etschelp. my pr will not change any functionality. just remove/move some UX pieces. i was going to rename the actual vue files from CredentialManagement to reflect that it is just issuance. But I think I will hold off on that to make it easier for your PR, we can come back and do a small file rename PR afterward.
etschelp (Fri, 13 Aug 2021 16:04:43 GMT):
cool, yes this would make things easier for me
usingetechnology (Tue, 17 Aug 2021 19:16:16 GMT):
I've kind of been ignoring this locally, but deployed to openshift today and it doesn't work? What is missing? ```19:09:23.683 [default-nioEventLoopGroup-1-2] ERROR AcaPyAuthFetcher - aca-py webhook authentication failed. Configured bpa.webhook.key: changeme, received x-api-key header: null
```
usingetechnology (Tue, 17 Aug 2021 19:18:54 GMT):
I am just using things out of the box, so the BPA is configured with it's webhook value of `changeme` so is this the agent not setting the header correctly? Log from agent: ```2021-08-17 19:10:04,658 aries_cloudagent.transport.outbound.manager ERROR >>> Outbound message failed to deliver, NOT Re-queued.
Traceback (most recent call last):
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/transport/outbound/http.py", line 86, in handle_message
f"Unexpected response status {response.status}, "
aries_cloudagent.transport.outbound.base.OutboundTransportError: Unexpected response status 401, caused by: Unauthorized
2021-08-17 19:10:04,659 aries_cloudagent.transport.outbound.manager ERROR Outbound message could not be delivered to http://demo1-bpa-core:80/log/topic/connections/
Traceback (most recent call last):
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/transport/outbound/http.py", line 86, in handle_message
f"Unexpected response status {response.status}, "
aries_cloudagent.transport.outbound.base.OutboundTransportError: Unexpected response status 401, caused by: Unauthorized```
usingetechnology (Tue, 17 Aug 2021 19:19:11 GMT):
Why isn't the agent setting the header?
echsecutor (Wed, 18 Aug 2021 07:14:50 GMT):
in the mean time i figured out how the current (3 weeks ago ;) ) setup works. Sorry for the confusion
etschelp (Wed, 18 Aug 2021 07:16:51 GMT):
are you using the latest chart version 0.8.1?
etschelp (Wed, 18 Aug 2021 08:25:46 GMT):
There was a typo in 0.8.0
etschelp (Wed, 18 Aug 2021 08:26:24 GMT):
Both deployments use the same property. https://github.com/hyperledger-labs/business-partner-agent-chart/blob/e69a787854ba2fe9f65cc1f380e9740afe32aab9/charts/bpa/templates/acapy_deployment.yaml#L43
usingetechnology (Wed, 18 Aug 2021 14:09:36 GMT):
yes, am using the latest. i found this didn't work using the docker compose files either. how is the agent adding the value to the header? i can't figure it out. also, you cannot set BPA_WEBHOOK_KEY to "" or empty, because that still triggers the class that the bpa.webhook.key is set and it won't load the AcaPyAuthFetcherAllowAll class. So a few things, on the helm charts we can add a conditional flag to add the BPA_WEBHOOK_KEY to the configmap only when needed. But that doesn't really help on the docker compose... I'll take a look today to see if i can change the compare logic for empty values to just let those pass through... still concerned about the x-api-key header.
etschelp (Wed, 18 Aug 2021 14:18:13 GMT):
have you updated your .env file?
etschelp (Wed, 18 Aug 2021 14:22:24 GMT):
i guess the issue happens when you do not set the key
usingetechnology (Wed, 18 Aug 2021 15:14:10 GMT):
by default, the env file has 'changeme' (both the docker compose and the helm charts), the bpa gets deployed with BPA_WEBHOOK_KEY env var of 'changeme' and the aca-py start up has the `--webhook-url` set with the same value. but the acapy agent can never successfully connect to bpa webhook, i always get the 401.
etschelp (Wed, 18 Aug 2021 15:21:29 GMT):
can this be an environment issue? where the url gets overwritten because fragments are not allowed.
I got 401 when the value is not set, because then BPA_WEBHOOK_KEY= gets translated into "". I added a fix for that case.
https://github.com/hyperledger-labs/business-partner-agent/pull/582/files
etschelp (Wed, 18 Aug 2021 15:22:35 GMT):
We have deployed the 0.8.1 helm chart with all the defaults and it works.
etschelp (Wed, 18 Aug 2021 15:25:13 GMT):
When the PR is merged and it is still not working you can set the property to "" and then everything is allowed.
usingetechnology (Wed, 18 Aug 2021 15:45:12 GMT):
so, when i set it to "", it triggers the AcaPyAuthFetcher class and it fails because the header and key compare fails (which looks like your above fix will correct). the real issue is why isn't the agent setting the header?
usingetechnology (Wed, 18 Aug 2021 15:46:30 GMT):
my preference would definitely be to just leave it all set and have it work, but i haven't been able to get it to work with a value. :man_shrugging_light_skin_tone:
etschelp (Wed, 18 Aug 2021 15:59:45 GMT):
its a aca-py bug as the header is not set any more. i tried this with an older version and it works
etschelp (Wed, 18 Aug 2021 16:01:37 GMT):
but i do not get it why its working when we deploy it from the helm chart. for now i propose to not set the property or set it to ""
usingetechnology (Wed, 18 Aug 2021 16:04:50 GMT):
ahhh, ok. we don't need that security, so we will set to "", thanks for that fix!
echsecutor (Fri, 20 Aug 2021 09:45:32 GMT):
Hi! I have just pulled the latest version of the BPA and I am missing the config key from the example through which I can set the did prefix (i.e. setting "did:sov:idu" instead of "did:sov"). Has the mechanism changed to do this?
jaredweinfurtner (Fri, 20 Aug 2021 10:11:58 GMT):
The docs structure changes were merged and I configured the github pages. The docs are now viewable @ https://labs.hyperledger.org/business-partner-agent/
etschelp (Fri, 20 Aug 2021 15:56:04 GMT):
Yes, BPA now uses the resolver capabilities of aca-py. All dids implicitly belong to the ledger against aca-py is configured. This will change once did:indy is implemented. For now everything is did:sov though.
usingetechnology (Tue, 24 Aug 2021 01:46:59 GMT):
i've been working on passing in a receive invitation url to the BPA and allowing it to connect. Been using BPA to BPA, Trinsic Studio to BPA. The BPA can receive an invitation url from another BPA and Trinsic Studio and connect. Although in both cases it kind of reverts to our old way of connecting, so the DIDs are the private ones. A bigger issue is trying to receive an OOB invitation, using the BPA to generate a OOB invitation, I can receive it in BPA and get up to the point where I need to turn it into an InvitationMessage and pass to Aries Client (call outOfBandReceiveInvitation). Issue is that the generated oob invitation returns a string array for services (which is valid according to aca-py), but our InvitationMessage.services is a list of InvitationMessageServices which is a complex object. That is also valid according to the aca-py spec, but since our java class can only use the complex object I can't build the message from the generated invitation. We should discuss tomorrow.
etschelp (Tue, 24 Aug 2021 15:27:39 GMT):
should be fixed now see https://github.com/hyperledger-labs/acapy-java-client/commit/a1a6b3019959246e39e99862fc48328d73f97039 the invitation is now typed, and depending on the type the service list is either a array of strings, or an array of complex objects.
usingetechnology (Tue, 24 Aug 2021 15:28:59 GMT):
awesome! thanks
usingetechnology (Wed, 25 Aug 2021 22:29:30 GMT):
Just a quick follow up, got that all working, except now there is another one... but i think simpler? The handshake protocols don't get serialized (doesn't matter if string or rfc0067)``` InvitationMessage
usingetechnology (Wed, 25 Aug 2021 22:31:30 GMT):
i've worked around it for now like the above.
etschelp (Thu, 26 Aug 2021 10:26:23 GMT):
If you use Gson gson = GsonConfig.defaultConfig(); you have the same deserialization behavior as the client.
usingetechnology (Thu, 26 Aug 2021 16:46:52 GMT):
thanks @etschelp - that worked perfectly.
echsecutor (Wed, 08 Sep 2021 15:20:26 GMT):
Currently BPA to BPA connections work but connections to Lissi / eSatus mobile wllets do not. possibly related to this did:sov resolution?
usingetechnology (Mon, 20 Sep 2021 18:55:47 GMT):
Having issues during the merge to main workflow, hitting a 403 trying to push the image. not sure if there are keys that require updating? ```#10 exporting to image
167
#10 exporting manifest sha256:0b88a6d47d3b03e47d45b7b6cc43c7b2f9efeed77a915d3ce35be8353d20be50 0.0s done
168
#10 exporting config sha256:7af8c88102b1835d4500f4f6864090accc20833907df72f90f4038c766be35d8 done
169
#10 pushing layers
170
#10 ...
171
172
#12 [auth] hyperledger-labs/business-partner-agent:pull,push token for ghcr.io
173
#12 DONE 0.0s
174
175
#10 exporting to image
176
#10 pushing layers 0.3s done
177
#10 ERROR: unexpected status: 403 Forbidden
178
------
179
> exporting to image:
180
------
181
error: failed to solve: unexpected status: 403 Forbidden
182
Error: buildx failed with: error: failed to solve: unexpected status: 403 Forbidden```
etschelp (Tue, 21 Sep 2021 09:28:29 GMT):
whats weird is that pushing the license image works without any issues just before the failing step. both use the same configuration. also others seem to have the same issue:
https://github.com/docker/build-push-action/issues/463
usingetechnology (Tue, 21 Sep 2021 15:16:56 GMT):
still failing, i wonder (and I have no idea how to do it) if we temporarily remove the "edge" tag, maybe that will work? perhaps it is a "lock" on that tag that repeatedly gets updated?
etschelp (Tue, 21 Sep 2021 15:45:14 GMT):
I think the tag is now broken
etschelp (Tue, 21 Sep 2021 15:45:28 GMT):
its more like: ghcr.io/hyperledger-labs/business-partner-agent:latest
usingetechnology (Tue, 21 Sep 2021 15:45:29 GMT):
i just updated to something different
usingetechnology (Tue, 21 Sep 2021 15:45:42 GMT):
ok, i'll put that in, thanks.
usingetechnology (Tue, 21 Sep 2021 15:46:32 GMT):
by the way, where is that set/configured? "${{ steps.preparetags.outputs.tag }}"
etschelp (Tue, 21 Sep 2021 15:47:10 GMT):
one sep before in the smart tag action
etschelp (Tue, 21 Sep 2021 15:49:10 GMT):
that one is not maintained any more, so maybe this is also causing issues. is latest works this could be the issue, otherwise i'm thinking its a rate limit
etschelp (Tue, 21 Sep 2021 15:49:10 GMT):
that one is not maintained any more, so maybe this is also causing issues. if latest works this could be the issue, otherwise i'm thinking its a rate limit
usingetechnology (Tue, 21 Sep 2021 15:50:13 GMT):
ok, i'll see ifa different tag works (I will reset later), otherwise, you're probably right about rate limits.
usingetechnology (Tue, 21 Sep 2021 16:02:16 GMT):
sigh, no change. will reset the tag.
etschelp (Tue, 21 Sep 2021 16:16:58 GMT):
i do not know if we have the permission to delete old packages. but we already have like 164 packages. what would make sense anyway is to set up a cleanup action that removes all the packages that are not released and are not latest.
https://github.com/marketplace/actions/delete-old-packages
etschelp (Wed, 22 Sep 2021 11:12:24 GMT):
btw. i fixed one of the issues from yesterdays presentation were it was not possible to add the same trusted issuer to a second schema.
https://github.com/hyperledger-labs/business-partner-agent/pull/624/commits/18d574b0d7e091502cf3a893b1387b6b62da005e
etschelp (Tue, 28 Sep 2021 09:42:54 GMT):
Join us for our weekly BPA call today at 16:00 CET (14:00 UTC)
Teams Link: https://teams.microsoft.com/l/meetup-join/19:meeting_NTAyYTY1ZjktMzJlYS00ZThlLWE1NGItODBhMDRhNmExYmM2@thread.v2/0?context={"Tid":"0ae51e19-07c8-4e4b-bb6d-648ee58410f4","Oid":"22acfef8-21f4-4555-a7a7-5db725a9f554"}
Topics so far:
- Upcoming team changes on the Bosch side
- Upcoming stories: e.g. Manual credential holder flows, v2 flows etc. any conflicts here?
- Any preferences on how to merge PR's (squash, vs. keeping the history)?
- Any ideas on how to fix/workaround the broken push to github packages action?
- If time permits. What is missing in the BPA to make it more production ready? e.g. distributed sessions, user roles, audit trail
etschelp (Tue, 28 Sep 2021 09:42:54 GMT):
Join us for our weekly BPA call today at 16:00 CET (14:00 UTC)
Teams Link: https://teams.microsoft.com/l/meetup-join/19%3ameeting_NTAyYTY1ZjktMzJlYS00ZThlLWE1NGItODBhMDRhNmExYmM2%40thread.v2/0?context=%7b%22Tid%22%3a%220ae51e19-07c8-4e4b-bb6d-648ee58410f4%22%2c%22Oid%22%3a%2222acfef8-21f4-4555-a7a7-5db725a9f554%22%7d
Topics so far:
- Upcoming team changes on the Bosch side
- Upcoming stories: e.g. Manual credential holder flows, v2 flows etc. any conflicts here?
- Any preferences on how to merge PR's (squash, vs. keeping the history)?
- Any ideas on how to fix/workaround the broken push to github packages action?
- If time permits. What is missing in the BPA to make it more production ready? e.g. distributed sessions, user roles, audit trail
etschelp (Wed, 29 Sep 2021 13:51:14 GMT):
Screen Shot 2021-09-29 at 15.48.23.png
etschelp (Wed, 29 Sep 2021 13:51:18 GMT):
Hey, just out of curiosity, why is there a edit button on the partners public profile when adding a new partner?
domwoe (Wed, 29 Sep 2021 15:15:23 GMT):
ha, good find. the org profile / public profile component is reused here. This recent PR added the possibility to edit (https://github.com/hyperledger-labs/business-partner-agent/pull/636https://github.com/hyperledger-labs/business-partner-agent/pull/636) but needs to be removed in this context
etschelp (Thu, 30 Sep 2021 09:06:13 GMT):
the only reason this button would make sense to me is if it would replace the pen in the partner details. or is this new functionality we want? correcting something in the partners public profile. this can have some unwanted side effects and we should discuss this first.
etschelp (Thu, 30 Sep 2021 12:13:04 GMT):
btw. I added -new to the package name and now it works again. this makes no sense at all.
usingetechnology (Tue, 05 Oct 2021 13:51:04 GMT):
Can someone post the link to today's BPA meeting? We can discuss the above or put a ticket in to make the button available only where it makes sense. The issue was users going to change their Org Name (or other org data) after the profile was created were getting lost. They expect that going to Public Profile would allow them to change it. So this was a compromise that they could immediately jump to the edit page. This button would/will be protected by appropriate roles/permissions. But should be hidden in the above case at all times.
etschelp (Tue, 05 Oct 2021 14:05:05 GMT):
one sec
usingetechnology (Tue, 05 Oct 2021 14:05:30 GMT):
got it from syro. thanks!
usingetechnology (Tue, 05 Oct 2021 14:36:43 GMT):
@etschelp - i rolled back that bad merge in the chart repo. i will be making some changes later today more related to ux configuration (I am simplifying the agent logo set up and removing some extra stuff we put in place for bcgov look and feel).
MoritzKa (Wed, 13 Oct 2021 10:33:23 GMT):
The description of the BPA in the GH repo mainly refers to the masterdata use case. Shouldn't we change it to a more general description: e.g
e.g. "The Business Partner Agent allows to manage and exchange company data between organizations in the form of Verifiable Credentials"?
Jsyro (Wed, 13 Oct 2021 18:32:36 GMT):
How do we demonstrate the Credential Offer functionality? we have set the `auto-respond-credential-offer:false` but don't see anything in the holder's FE.
etschelp (Thu, 14 Oct 2021 10:17:26 GMT):
This is the holder side, and what's not implemented yet, but also what I will do next. To see this you have to set: `auto-respond-credential-proposal: false` Then the flow is:
1. Holder: wallet/document/request verification
2. Issuer: New exchange pops up state proposal-received
3. Issuer: Clicks on the exchange accepts it or sends counter-offer
Denying the proposal is implemented in the backend, but missing in the frontend.
etschelp (Thu, 14 Oct 2021 10:17:54 GMT):
This is the holder side, and what's not implemented yet, but also what I will do next. To see this you have to set: auto-respond-credential-proposal: false Then the flow is:
1. Holder: wallet/document/request verification
2. Issuer: New exchange pops up state proposal-received
3. Issuer: Clicks on the exchange accepts it or sends counter-offer
Denying the proposal is implemented in the backend, but missing in the frontend.
etschelp (Thu, 14 Oct 2021 10:17:54 GMT):
This is the holder side, and what's not implemented yet, but also what I will do next. To see this you have to set: `auto-respond-credential-proposal: false` Then the flow is:
1. Holder: wallet/document/request verification
2. Issuer: New exchange pops up state proposal-received
3. Issuer: Clicks on the exchange accepts it or sends counter-offer
Denying the proposal is implemented in the backend, but missing in the frontend.
etschelp (Thu, 14 Oct 2021 15:31:48 GMT):
I have merged my latest changes. Issuer and holder exchanges are now using the same table. This should not cause any issues except that the wallet will be empty after the upgrade as I did not add a migration script to merge the tables.
usingetechnology (Thu, 14 Oct 2021 15:56:11 GMT):
ok, thanks @etschelp we will get that into our builds and wipe out our current instances. quick question, i can't seem to find any handling for the holder to accept or decline a credential offer? if i turn off the auto flag for respond to credential offer, as a holder the exchange just ends?
etschelp (Thu, 14 Oct 2021 15:59:38 GMT):
yes. i have just started working on the holder side :) only the issuer side is implemented atm. So it is:
`auto-respond-credential-proposal: false
auto-respond-credential-offer: true`
etschelp (Thu, 14 Oct 2021 15:59:38 GMT):
yes. i have just started working on the holder side :) only the issuer side is implemented atm. So it is:
```auto-respond-credential-proposal: false
auto-respond-credential-offer: true```
usingetechnology (Thu, 14 Oct 2021 16:00:41 GMT):
ok :thumbsup: sounds good, just wanted to make sure i wasn't missing something. :)
schlagtim (Thu, 18 Nov 2021 09:36:01 GMT):
Hi everyone, in our current sprint we are adding language settings and want to properly internationalize/link all the texts in the entire frontend. For now we won't touch the bcgov.json locale, but it might need adaptation afterwards.
leostereo (Mon, 29 Nov 2021 12:02:25 GMT):
Has joined the channel.
leostereo (Mon, 29 Nov 2021 14:54:49 GMT):
Hi guys , after rebooting my vps , can not get the platform working again.
after running the docker-compose up , I got stucked at:
"aca-py not ready yet, reason: Failed to connect to bpa-agent1"
How can I fix this ?
etschelp (Tue, 30 Nov 2021 08:33:30 GMT):
This means that either aca-py did not start up, or that the controller can not access aca-py's endpoint because of a routing issue within docker. Hard to tell without more information. Are you using the top level compose file? Are you running from a tag or the main branch? Do you have any log outputs?
leostereo (Tue, 30 Nov 2021 22:55:49 GMT):
dear etschelp;
I agree with you , problem is that the agent can not start.
This is what im doing: (on a fresh ubuntu 20)
from, (https://github.com/hyperledger-labs/business-partner-agent/tree/main/scripts)
git clone https://github.com/hyperledger-labs/business-partner-agent
cd business-partner-agent/scripts#
./register-dids.sh
docker-compose up
It beggin building the docker but get stuked at:
31
bpa1_1 | 22:44:43.928 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.029 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.131 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.232 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.333 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.435 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.537 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.639 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.740 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.842 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.943 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:45.045 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
After some time , the "micronaut is shown ant then continue same message".
g on IPv4 address "0.0.0.0", port 5432
bpa-wallet-db1_1 | 2021-11-30 22:48:09.383 UTC [1] LOG: listening on IPv6 address "::", port 5432
bpa-wallet-db1_1 | 2021-11-30 22:48:09.388 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
bpa-wallet-db1_1 | 2021-11-30 22:48:09.445 UTC [21] LOG: database system was shut down at 2021-11-30 22:47:47 UTC
bpa-wallet-db1_1 | 2021-11-30 22:48:09.457 UTC [1] LOG: database system is ready to accept connections
Strange thing is that after creating a fresh vps and run above steps it works again.
leostereo (Tue, 30 Nov 2021 22:55:49 GMT):
dear etschelp;
I agree with you , problem is that the agent can not start.
This is what im doing: (on a fresh ubuntu 20)
from, (https://github.com/hyperledger-labs/business-partner-agent/tree/main/scripts)
git clone https://github.com/hyperledger-labs/business-partner-agent
cd business-partner-agent/scripts#
./register-dids.sh
docker-compose up
It beggin building the docker but get stuked at:
31
bpa1_1 | 22:44:43.928 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.029 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.131 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.232 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.333 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.435 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.537 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.639 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.740 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.842 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.943 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:45.045 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
After some time , the "micronaut" banner is shown ant then continue same message".
Strange thing is that after creating a fresh vps and run above steps it works again.
leostereo (Tue, 30 Nov 2021 22:55:49 GMT):
dear etschelp;
I agree with you , problem is that the agent can not start.
This is what im doing: (on a fresh ubuntu 20)
from, (https://github.com/hyperledger-labs/business-partner-agent/tree/main/scripts)
git clone https://github.com/hyperledger-labs/business-partner-agent
cd business-partner-agent/scripts#
./register-dids.sh
docker-compose up
It beggin building the docker but get stuked at:
31
bpa1_1 | 22:44:43.928 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.029 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.131 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.232 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.333 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.435 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.537 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.639 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.740 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.842 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:44.943 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
bpa1_1 | 22:44:45.045 [main] TRACE AriesClient - aca-py not ready yet, reason: Failed to connect to bpa-agent1/172.19.0.3:8031
After some time , the "micronaut" banner is shown ant then continue same message".
Strange thing is that after creating a fresh vps and run above steps it works properly.
etschelp (Wed, 01 Dec 2021 14:43:32 GMT):
Can you provide the full log? There are multiple services defined in the compose file and this service depends on aca-py which is started beforehand and that one probably did not start. If aca-py starts up successfully you will see something like:
````
scripts-bpa-agent1-1 | :: Public DID Information: ::
scripts-bpa-agent1-1 | :: ::
scripts-bpa-agent1-1 | :: - DID: F6dB7dMVHUQSC64qemnBi7 ::
scripts-bpa-agent1-1 | :: ::
scripts-bpa-agent1-1 | :: Administration API: ::
scripts-bpa-agent1-1 | :: ::
scripts-bpa-agent1-1 | :: - http://0.0.0.0:8031 ::
scripts-bpa-agent1-1 | :: ::
scripts-bpa-agent1-1 | :: ver: 0.7.2 ::
scripts-bpa-agent1-1 | ::::::::::::::::::::::::::::::::::::::::::::::
scripts-bpa-agent1-1 |
scripts-bpa-agent1-1 | Listening...
scripts-bpa-agent1-1 |
````
leostereo (Wed, 01 Dec 2021 14:51:21 GMT):
Full , log is extremly large , in fact , it keeps looping.
I already make it work in other server.
I would be great for me if you can help me with other issue , can you ?
leostereo (Wed, 01 Dec 2021 14:52:28 GMT):
Im testing "demo scenario" and have some doubts.
leostereo (Wed, 01 Dec 2021 14:57:53 GMT):
my BPA_WEB_MODE=false so it means im running indy mode.
after reading documentation , it is not clear for me the differenci between both modes.
also ,
when starting demo scenario , it mention as pre requisite to run "aries" mode .... (please explain)
also Agent’s endpoint should be publicly available (does it means I need to launch it using the "start-with-tunnel.sh" script ?
thanks.
etschelp (Wed, 01 Dec 2021 15:52:34 GMT):
First, the start with tunnel script is for local development where you want to test connections to other bpa or aca-py instances that are not running in your local machine. If you run this on a cloud server for days it's better to expose the endpoints via a proxy (apache, nginx, caddy, traefik, haproxy etc) If this is to much of a hassle you should be aware that ngrok has a 2h limit on the tunnel and you need an account to work arround that.
Second, the docker-compose filr already starts two agents so you can test agent to agent connections locally.
etschelp (Wed, 01 Dec 2021 15:57:27 GMT):
The web mode is a speacial flavor where there is no write access to a ledger needed and connecting to the bpa happens via did:web and not did:sov. This means this is great for all usecases where you do not have the endorser role, but still want to be able to hold credentials that are bound to a certain ledger. And yes, publicly available means exposed to the www and not to the host only docker network.
leostereo (Wed, 01 Dec 2021 15:58:22 GMT):
thanks !!
leostereo (Wed, 01 Dec 2021 15:59:04 GMT):
is there other sample flow besides "demo scenario" ? to learn more.
etschelp (Wed, 01 Dec 2021 16:47:02 GMT):
I can strongly recommend the following youtube playlist: https://www.youtube.com/watch?v=TGiiNOoVoJs&list=PL9CV_8JBQHiooHv05idOTrR2eBAJM89LX
leostereo (Wed, 01 Dec 2021 22:11:48 GMT):
excelent!!!
leostereo (Fri, 03 Dec 2021 00:30:43 GMT):
Hi guys ,
I successfully ran both agents doing:
docker-compose --profile second_bpa up
Now I can notice that:
1 both agents share same login (if I login on first gui I got disconnected from the other and viceversa).
2 After creating an invitation on agent1 and paste its url in agent2 (adding partner), the invitation is accepted but it stays in "invitation" state.
3 When checking invitation details , I can see two strange things:
a _ div:sov:unknown
b _ Partner does not share a public profile.
Any ideas ? can you helpme checking my setup ? ... please ...
etschelp (Fri, 03 Dec 2021 09:49:11 GMT):
To answer your points:
1. This is how session cookies work, they are shared by domain and if both agents run for example on localhost they overwrite each others cookies. If you are running locally you can turn off security or open your browser tabs in incognito mode or use two different browsers to work arround that.
2. If you are using the start with tunnels script you need to be aware that only the first agents endpoint is exposed. I do not know on how many servers you are running where, but my guess is that now one endpoint is docker private and the other one is running on ngrok and hence both agents wont find each other. If you are running only the second bpa this is definitely the case. If you are running both agenty locally without start with tunnels there is another issue. If you are running on multiple servers you need to start the first bpa on both. But for debugging you can post me both invitation urls then we can have a closer look. And also some more details on your setup would be helpful.
3. These are the intricacies of the different flows. If you want full information you have to connect the agents by did:sov:111. You find the agents did in the settings section, only then the did exchange protocol is used and the bpa can resolve all the endpoints that are on the ledger and this also means resolving the public profile. By using the invitation url the connection protocol is used and only peer dids are exchanged. I can reproduce the unknown did issue on the receiving agent. I will have a closer look, but this should not cause any issues as it is only missing information to display.
leostereo (Fri, 03 Dec 2021 14:00:28 GMT):
Good;
1 ; you are right , issue is gone when running from incognit session.
2 ; Let me describe my scenario:
a Both agents are running on same centos vm.
b Centos vm does not have public ip (I wanted to test if agent to agent comunication is possible using local ips)
c Ngrok tunnes are NOT runnin for any instance.
I can set any scenario you sugest, just let me know wich should be the best setting to test bpa functions.
etschelp (Fri, 03 Dec 2021 15:45:15 GMT):
I think I see whats wrong. In the .env-example everything is set to localhost. This is of course relative to the container and hence the agents will not find each other. Can you set the following in your .env file?
````
BPA_HOST=bpa1:8080
BPA2_HOST=bpa2:8090
ACAPY_ENDPOINT=http://bpa-agent1:8030
ACAPY2_ENDPOINT=http://bpa-agent1::8040
````
etschelp (Fri, 03 Dec 2021 15:45:15 GMT):
I think I see whats wrong. In the .env-example everything is set to localhost. This is of course relative to the container and hence the agents will not find each other. Can you set the following in your .env file?
````
BPA_HOST=bpa1:8080
BPA2_HOST=bpa2:8090
ACAPY_ENDPOINT=http://bpa-agent1:8030
ACAPY2_ENDPOINT=http://bpa-agent2::8040
````
leostereo (Fri, 03 Dec 2021 15:57:08 GMT):
I got it working !!!
I ran one agent on sepàrate servers and using the ngrok tunnels.
leostereo (Fri, 03 Dec 2021 16:00:35 GMT):
I will test it:
now it is as follows:
[root@monitoreo_wiber scripts]# grep ACAPY2_ENDPOINT .env
ACAPY2_ENDPOINT=http://localhost:8040
[root@monitoreo_wiber scripts]# grep ACAPY_ENDPOINT .env
ACAPY_ENDPOINT=http://localhost:8030
leostereo (Fri, 03 Dec 2021 16:00:50 GMT):
I will change and let you kow.
leostereo (Fri, 03 Dec 2021 16:00:58 GMT):
im so happy ...
leostereo (Fri, 03 Dec 2021 16:01:34 GMT):
I will finish with the playlist you recommended and make more test, then come here again.
etschelp (Fri, 03 Dec 2021 16:02:48 GMT):
the ngrok script overwites the environment variables above, so they are not localhost during runtime in this case.
etschelp (Fri, 03 Dec 2021 16:04:14 GMT):
glad that it is working now. also you found two bugs, what is much appreciated.
LedgerXYZ (Fri, 10 Dec 2021 13:05:53 GMT):
Has joined the channel.
LedgerXYZ (Fri, 10 Dec 2021 13:09:24 GMT):
Hello Business Partner Agent friends. Is there a recommended / endorsed wallet that is fully compatible with the Business Partner Agent based on the following ledger configuration: BCovrin test network or Sovrin builder network?
`What apps have I tried?`
1. Lissi Wallet
2. Trinsic Wallet
3. Connect.me
`My initial result`
1. Agent to Wallet Connection:
Given a user that uses the `bpa` client application,
And the user initiates a partner connection,
And the user uses the qr code method,
And the `bpa` client generates a qr code,
When the user scans the qr code using an android wallet,
Then the following happens:
i. If Lissi, connection is successful. However, no DID is passed from wallet to bpa so subsequent communication is impossible.
ii. If Trinsic, connection fails. Trinsic Wallet receives bpa wallet data displaying agent name and intention to connect. However, when user chooses "approve", wallet warns of error interpreting connection request.
iii. If Connect.me, connection is successful without errors. `Bpa` initial trust pings are successful. Future trust pings aren't although communication is still successful.
2. Issue Credential:
Given a user that has successfully connected a `bpa` application agent with a connect.me wallet,
When the user issues a credential from bpa to Wallet,
Then the following occurs:
i. Credential is sent to Wallet successfully for approval
ii. Wallet displays credential to user for approval
iii. User chooses "approve"
iv. Wallet informs user that it is receiving the credential and it will take some time
v. Bpa errors to user that it has issued an "illegal" credential.
vi. Wallet informs user that credential receipt failed.
Other notes:
1. Lissi and Connect.me do not display what ledger they are connected to. I tested both sovrin builder and bcovrin test ledgers and my experience where as described above. Connect.me is somehow able to connect without preselecting the ledger used.
2. Trinsic gives the option to choose which ledger to use.
3. None of the wallets display user DID so that one can connect to bpa using the DID lookup method.
LedgerXYZ (Fri, 10 Dec 2021 13:11:04 GMT):
I initially posted this question on the Aries Cloud Agent Python channel but subsequently discovered this channel.
etschelp (Fri, 10 Dec 2021 13:49:02 GMT):
First of all there is no recommended app, all apps that use indy/aries as a basis should basically work but.
But for this to work both the app and the bpa need to be on the same ledger. The bpa uses a test ledger that we host and that is not known per default by any app. It could be that the Lissi app has it pre configured but the other two definitely not.
To switch the ledger of the bpa you have to point the ACAPY_GENESIS_URL property in the .env file to the genesis file of the desired ledger. Connecting and issuing might work even if both are on different ledgers but the app will never be able to save the credential as it can not verify it.
Also the wallet apps do not work with public dids, only with peer dids behind a mediator so the only way to connect is by way of invitation.
etschelp (Fri, 10 Dec 2021 13:51:39 GMT):
The Lissi app comes with a array of pre configured ledgers see https://lissi-id.medium.com/the-lissi-wallet-supports-multiple-networks-ledgers-3f46657e0652. Connect.me only is on sovrin main or sovrin builder. With the trinsic wallet you can either import a genesis file or select from a list.
LedgerXYZ (Fri, 10 Dec 2021 13:52:02 GMT):
I will also add that the Trinsic Wallet has a feature that allows a user to generate a connection link. When that link is input into the bpa `add partner by connection url` an error is also generated. The url appears to be redirect url
etschelp (Fri, 10 Dec 2021 13:53:12 GMT):
From what you are describing it sounds like you did not switch the bpas default ledger.
etschelp (Fri, 10 Dec 2021 13:53:40 GMT):
redirects are not supported.
LedgerXYZ (Fri, 10 Dec 2021 14:15:00 GMT):
@etschelp thanks for your reply. I missed it before my follow-up comment. In my .env configuration, I set the `ACAPY_GENESIS_URL` to point to the desired ledger as described in my tests. I am not aware that there is an unknown test ledger. I assume from your comment that the test ledger's value is replaced when `ACAPY_GENESIS_URL` is set?
LedgerXYZ (Fri, 10 Dec 2021 14:16:26 GMT):
@etschelp thanks also for pointing me to that link with Lissi's ledger connections
LedgerXYZ (Fri, 10 Dec 2021 14:22:31 GMT):
I will troubleshoot again and report back
etschelp (Tue, 14 Dec 2021 14:48:35 GMT):
I tested today with the Lissi, Trinsic and connect.me apps on sovrin builder net. Connecting works with all three apps. Issuing only with Trinsic and Lissi. The connect.me app behaves odd on the protocol level and sends a credential offer instead of a credential request, so the exchange fails. Btw. I fixed the invitation redirect with the trisic app, so it works now both ways.
Thats what I have set for the ledger:
````
ACAPY_GENESIS_URL=https://raw.githubusercontent.com/sovrin-foundation/sovrin/stable/sovrin/pool_transactions_builder_genesis
````
LedgerXYZ (Mon, 20 Dec 2021 07:44:51 GMT):
Late reply here sorry. I noticed a while back that the Trinsic redirect invitation url works and I just assumed that I was doing something wrong.
LedgerXYZ (Mon, 20 Dec 2021 07:44:51 GMT):
Late reply here sorry. I noticed a while back that the Trinsic redirect invitation url works now and I just assumed that I was doing something wrong. Thanks for adding that feature.
LedgerXYZ (Mon, 20 Dec 2021 07:46:58 GMT):
I still can't connect with the Trinsic app. I get the following error which suggests issues with their servers:
LedgerXYZ (Mon, 20 Dec 2021 07:47:50 GMT):
```aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: https://streetcred-mediator-agent.azurewebsites.net/; Error: (
LedgerXYZ (Mon, 20 Dec 2021 07:52:30 GMT):
As a work around I have tried to "connect" using the `BPA` - `vc-authn` login feature. All three wallet applications fail to respond to the presentation request as expected
LedgerXYZ (Mon, 20 Dec 2021 07:55:39 GMT):
Please enjoy your weekend and should you have time during the weekday next I would really appreciate any assistance / guidance you can offer me
LedgerXYZ (Fri, 24 Dec 2021 00:22:15 GMT):
Hello all. Can anyone that have successfully connected BPA to the Trinsic Wallet using the Sovrin Builder Net please kindly share the following configuration:
1. Environment configuration
2. Agent docker-compose configuration
3. BPA docker-compose configuration
I have had no success connecting the two. I want to use Trinsic specifically because it has the messaging functionality which BPA has as well. In all my attempts I either get an error from Trinsic when reading the BPA QR code connection invitation. Or I get a different error when I input the Trinsic connection invitation into the BPA application.
Below are my current configurations:
LedgerXYZ (Fri, 24 Dec 2021 00:23:50 GMT):
Environment -
LedgerXYZ (Fri, 24 Dec 2021 00:23:50 GMT):
`Environment` -
LedgerXYZ (Fri, 24 Dec 2021 00:24:28 GMT):
```
AGENT_NAME=Agent
DOCKERHOST=172.17.0.4
# localhost, ip address, dns name
BPA_SERVICE_NAME=agent-bpa
BPA_HOST={BPA-DIODE-URL}
BPA_PORT=9001
BPA_DEBUG_PORT=10001
BPA_SCHEME=https
BPA_CONFIG_FILES=classpath:application.yml,classpath:schemas.yml
# Security
BPA_SECURITY_ENABLED=true
BPA_BOOTSTRAP_UN=admin
BPA_BOOTSTRAP_PW=admin
BPA_WEB_MODE=false
# The Ledger Explorer
BPA_LEDGER_BROWSER=https://indyscan.io/home/SOVRIN_BUILDERNET
# Resolver
BPA_RESOLVER_URL=https://{DIODE-URL}.diode.link
BPA_IMPRINT_URL=https://indyscan.io/home/SOVRIN_BUILDERNET
BPA_PRIVACY_POLICY_URL=https://indyscan.io/home/SOVRIN_BUILDERNET
BPA_CREDDEF_REVOCATION_REGISTRY_SIZE=3000
# ------------------------------------------------------------
# ACA-PY
# ------------------------------------------------------------
ACAPY_GENESIS_URL=https://raw.githubusercontent.com/sovrin-foundation/sovrin/stable/sovrin/pool_transactions_builder_genesis
TAILS_URL=https://{DIODE-URL}.diode.link
#
# Identity
#
SEED={MY-SEED}
#
# Security
#
ACAPY_ADMIN_CONFIG=--admin-insecure-mode
#
# Connectivity
#
ACAPY_ADMIN_PORT=7001
ACAPY_HTTP_PORT=8001
AGENT_SERVICE_NAME=agent
ACAPY_ENDPOINT=https://{DIODE-URL}.diode.link
ACAPY_ADMIN_URL=https://{DIODE-URL}.diode.link
#
# Wallet Storage
#
ACAPY_WALLET_TYPE=postgres_storage
ACAPY_WALLET_DATABASE=wallet_db
ACAPY_WALLET_ENCRYPTION_KEY=key
# ------------------------------------------------------------
# Postgres Storage
# ------------------------------------------------------------
POSTGRESQL_HOST=agent-db
POSTGRESQL_PORT=5431
DATABASE_SERVICE_NAME=agent-db
DATABASE_VOLUME_NAME=agent-db
POSTGRESQL_USER=walletuser
POSTGRESQL_PASSWORD=walletpassword```
LedgerXYZ (Fri, 24 Dec 2021 00:25:21 GMT):
`AGENT`-
LedgerXYZ (Fri, 24 Dec 2021 00:25:57 GMT):
```version: "3"
services:
agent:
image: bcgovimages/aries-cloudagent:py36-1.16-1_0.7.2
ports:
- ${ACAPY_HTTP_PORT}:${ACAPY_HTTP_PORT}
- ${ACAPY_ADMIN_PORT}:${ACAPY_ADMIN_PORT}
depends_on:
- ${DATABASE_SERVICE_NAME}
hostname: ${AGENT_SERVICE_NAME}
entrypoint: /bin/bash
container_name: ${AGENT_SERVICE_NAME}
volumes:
- "./acapy-static-args.yml:/home/indy/acapy-static-args.yml"
command: [
"-c",
"sleep 5; \
aca-py start \
--tails-server-base-url '${TAILS_URL}' \
--tails-server-upload-url '${TAILS_URL}' \
--auto-respond-presentation-proposal \
--auto-store-credential \
--wallet-type 'indy' \
--log-level info \
--auto-verify-presentation \
--auto-ping-connection \
--auto-provision \
--monitor-ping \
--preserve-exchange-records \
--public-invites \
--plugin 'aries_cloudagent.messaging.jsonld' \
--inbound-transport http '0.0.0.0' ${ACAPY_HTTP_PORT} \
--endpoint '${ACAPY_ENDPOINT}' \
--outbound-transport ws \
--outbound-transport http \
--genesis-url '${ACAPY_GENESIS_URL}' \
--recreate-wallet \
--wallet-name '${ACAPY_WALLET_DATABASE}' \
--wallet-key '${ACAPY_WALLET_ENCRYPTION_KEY}' \
--wallet-storage-type '${ACAPY_WALLET_TYPE}' \
--wallet-storage-config '{\"url\":\"${DOCKERHOST}:${POSTGRESQL_PORT}\",\"max_connections\":5}' \
--wallet-storage-creds '{\"account\":\"${POSTGRESQL_USER}\",\"password\":\"${POSTGRESQL_PASSWORD}\",\"admin_account\":\"${POSTGRESQL_USER}\",\"admin_password\":\"${POSTGRESQL_PASSWORD}\"}' \
--seed '${SEED}' \
--admin '0.0.0.0' ${ACAPY_ADMIN_PORT} \
--admin-insecure-mode \
--label '${AGENT_NAME}' \
"
]
agent-db:
image: "postgres:12-alpine"
container_name: ${DATABASE_SERVICE_NAME}
hostname: ${DATABASE_SERVICE_NAME}
environment:
- POSTGRES_USER=${POSTGRESQL_USER}
- POSTGRES_PASSWORD=${POSTGRESQL_PASSWORD}
ports:
- ${POSTGRESQL_PORT}:5432
volumes:
- agent-db:/var/lib/postgresql/data
volumes:
agent-db:
```
LedgerXYZ (Fri, 24 Dec 2021 00:27:22 GMT):
`BPA` -
LedgerXYZ (Fri, 24 Dec 2021 00:27:58 GMT):
```version: "3"
services:
#######
# Business 1
#######
agent-bpa:
image: ghcr.io/hyperledger-labs/business-partner-agent-new:edge
container_name: ${BPA_SERVICE_NAME}
hostname: ${BPA_SERVICE_NAME}
environment:
JAVA_OPTS: >
-Dbpa.acapy.url=${ACAPY_ADMIN_URL}
-Dbpa.acapy.apiKey=${ACAPY_ADMIN_URL_API_KEY}
-Dmicronaut.security.enabled=${BPA_SECURITY_ENABLED}
-Dmicronaut.server.port=${BPA_PORT}
-Dmicronaut.environments=dev
-Dmicronaut.config.files=${BPA_CONFIG_FILES}
-Dbpa.pg.url=jdbc:postgresql://${POSTGRESQL_HOST}/${POSTGRESQL_USER}
-Dbpa.pg.username=${POSTGRESQL_USER}
-Dbpa.pg.password=${POSTGRESQL_PASSWORD}
-Dbpa.host=${BPA_HOST}
-Dbpa.scheme=${BPA_SCHEME}
-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:${BPA_DEBUG_PORT}
BPA_RESOLVER_URL: ${BPA_RESOLVER_URL}
BPA_LEDGER_BROWSER: ${BPA_LEDGER_BROWSER}
BPA_WEB_MODE: ${BPA_WEB_MODE}
BPA_BOOTSTRAP_UN: ${BPA_BOOTSTRAP_UN}
BPA_BOOTSTRAP_PW: ${BPA_BOOTSTRAP_PW}
ACAPY_ENDPOINT: ${ACAPY_ENDPOINT}
AGENT_NAME: ${AGENT_NAME}
BPA_IMPRINT_URL: ${BPA_IMPRINT_URL}
BPA_PRIVACY_POLICY_URL: ${BPA_PRIVACY_POLICY_URL}
BPA_CREDDEF_REVOCATION_REGISTRY_SIZE: ${BPA_CREDDEF_REVOCATION_REGISTRY_SIZE}
NODE_ENV: development
ports:
- ${BPA_PORT}:${BPA_PORT}
- ${BPA_DEBUG_PORT}:${BPA_DEBUG_PORT}
restart: always
```
LedgerXYZ (Fri, 24 Dec 2021 13:05:44 GMT):
Anyone?
etschelp (Mon, 03 Jan 2022 16:41:05 GMT):
Your config looks definitely weird as all your endpoints point to the same url and all the ports are missing. So my very first guess is that no endpoints are exposed and also the wrong endpoints end up on the ledger which will break any connection attempt. Or do you have another script that overwrites the environment variables again? If you are proxying with diode you need to have two tunnels, one for the BPA_HOST and one for the ACAPY_ENDPOINT. see start-with-tunnels.sh.
LedgerXYZ (Wed, 05 Jan 2022 14:29:35 GMT):
My configuration have real values. I removed them before posting due to privacy concerns. As for BPA not connecting to the Trinsic Wallet, I have concluded that the issue is likely on their side due to my ability to connect bpa to other wallets
LedgerXYZ (Wed, 05 Jan 2022 14:30:53 GMT):
You mentioned in your previous post that you were able to connect to Trinsic. Please test again with an updated trinsic Wallet to see if this is still the case
LedgerXYZ (Sat, 08 Jan 2022 21:42:53 GMT):
[as](as.com)
LedgerXYZ (Sat, 08 Jan 2022 21:42:53 GMT):
(as)[tas.com]
LedgerXYZ (Sat, 08 Jan 2022 22:12:33 GMT):
Dear @etschelp Can you please assist me in resolving my attempt at setting up multitenancy for BPA.
I am absolutely ignorant in Java so please excuse my code.
In trying to modify the base BPA code to support multitenancy, I edited 3 files. Using the following edits:
\href{https://github.com/hyperledger-labs/business-partner-agent/blob/a81d173a6b42ff3fa548030668b3ecbd49c4a536/backend/business-partner-agent/src/main/resources/application.yml}{application.yml }
```
bpa:
acapy:
url: ${ACAPY_URL:`http://localhost:8031`}
apiKey: ${ACAPY_API_KEY:empty}
bearerToken: ${TENANT_TOKEN:empty}
endpoint: ${ACAPY_ENDPOINT:`http://localhost:8030`}
```
\href{https://github.com/hyperledger-labs/business-partner-agent/blob/a81d173a6b42ff3fa548030668b3ecbd49c4a536/backend/business-partner-agent/src/main/java/org/hyperledger/bpa/config/AriesClientFactory.java}{AriesClientFactory.java}
```
public class AriesClientFactory {
private static final long FIVE = 300;
@Value("${bpa.acapy.url}")
private String url;
@Value("${bpa.acapy.apiKey}")
private String apiKey;
@Value("${bpa.acapy.bearerToken}")
private String bearerToken;
@Singleton
public AriesClient ariesClient() {
return AriesClient.builder()
.url(url)
.apiKey(apiKey)
.bearerToken(bearerToken)
.client(new OkHttpClient.Builder()
.writeTimeout(FIVE, TimeUnit.SECONDS)
.readTimeout(FIVE, TimeUnit.SECONDS)
.connectTimeout(FIVE, TimeUnit.SECONDS)
.callTimeout(FIVE, TimeUnit.SECONDS)
.build())
.build();
}
}
```
\href{https://github.com/hyperledger-labs/business-partner-agent/blob/a81d173a6b42ff3fa548030668b3ecbd49c4a536/backend/business-partner-agent/src/main/java/org/hyperledger/bpa/config/acapy/AcaPyAuthFetcher.java}{AcaPyAuthFetcher.java}
```
@Requires(property = "bpa.webhook.key")
@Requires(property = "bpa.webhook.token")
public class AcaPyAuthFetcher implements AuthenticationFetcher {
private static final String X_API_KEY = "x-api-key";
private static final String AUTHORIZATION = "Authorization";
public static final String ROLE_ACA_PY = "ROLE_ACA_PY";
@Value("${bpa.webhook.key}")
String apiKey;
@Value("${bpa.webhook.token}")
String bearerToken;
@Override
public Publisher
etschelp (Mon, 10 Jan 2022 08:45:25 GMT):
Please be aware that the bpa itself is not multi tenant ready. There is a story for that that we did not start so far. If you want to connect the bpa's Java backend to a aca-py instance that is running in multi tenant mode, then your first two changes above should be enough. Touching the auth fetcher is not necessary as it checks if aca-py is allowed to call the bpa's webhook not the other way round. Also be aware of all the changes that need to be done to the aca-py configuration and everything that changes in aca-py's behaviour when running in multi tenant mode - https://github.com/hyperledger/aries-cloudagent-python/blob/main/Multitenancy.md
LedgerXYZ (Mon, 10 Jan 2022 10:12:41 GMT):
I can confirm that you're right that the first two changes was all that was needed for multitenancy to work. My error was due to not supplying the TENANT_TOKEN variable with an actual token.
LedgerXYZ (Mon, 10 Jan 2022 10:13:34 GMT):
What are your concerns about the readiness of BPA for multitenancy?
LedgerXYZ (Mon, 10 Jan 2022 12:27:09 GMT):
For my setup to work, I created a separate postgres database instance to handle BPA concerns. So far everything seems to work just fine
etschelp (Mon, 10 Jan 2022 16:04:44 GMT):
No concerns. I just wanted to say that currently the bpa backend is always bound to a single aca-py wallet and did. But of course it is possible to use a single aca-py instance in multi tenancy mode with multiple bpa backends.
usingetechnology (Mon, 10 Jan 2022 17:40:06 GMT):
@etschelp @MoritzKa @schlagtim - happy new year! are we back on for meeting Jan 11 (7am PST)?
usingetechnology (Mon, 10 Jan 2022 17:40:06 GMT):
@etschelp @MoritzKa @schlagtim - happy new year! are we back on for meeting Jan 11 (7am PST)? (had to change username - it's jason sherman :)
LedgerXYZ (Mon, 10 Jan 2022 19:07:43 GMT):
Thanks a million you have been more helpful to me throughout this process than thanks could ever convey
etschelp (Tue, 11 Jan 2022 08:03:10 GMT):
you're very welcome
etschelp (Tue, 11 Jan 2022 09:07:44 GMT):
A happy new year to you too. There are no big news from our end as most people just came back from their holidays this week. But I think having a quick synch makes sense, so yes we are back on :smiley:
Mahadevan 3 (Tue, 11 Jan 2022 18:35:54 GMT):
Has joined the channel.
etschelp (Mon, 24 Jan 2022 18:15:26 GMT):
Reminder, feel free to join our weekly meeting which takes place every Tuesday at 16:00 CET (15:00 UTC). This is the place to discuss current development activities, ask questions, ask for new features, report a bug etc.
Teams Link:
https://teams.microsoft.com/l/meetup-join/19:meeting_MGU2YWJjNWYtZjQxOC00MjcxLThhMmQtOTMzNGZjOGE3NjFj@thread.v2/0?context={"Tid":"0ae51e19-07c8-4e4b-bb6d-648ee58410f4","Oid":"68c9b8cf-6b6f-42d1-918e-69f99cab31e3"}
etschelp (Mon, 24 Jan 2022 18:15:26 GMT):
Reminder, feel free to join our weekly meeting which takes place every Tuesday at 16:00 CET (15:00 UTC). This is the place to discuss current development activities, ask questions, ask for new features, report a bug etc.
Teams Link:
https://teams.microsoft.com/l/meetup-join/19:meeting_MGU2YWJjNWYtZjQxOC00MjcxLThhMmQtOTMzNGZjOGE3NjFj@thread.v2/0?context=%7B%22Tid%22:%220ae51e19-07c8-4e4b-bb6d-648ee58410f4%22,%22Oid%22:%2268c9b8cf-6b6f-42d1-918e-69f99cab31e3%22%7D
regiseloi (Wed, 02 Feb 2022 23:03:54 GMT):
Has joined the channel.
etschelp (Tue, 01 Mar 2022 16:04:13 GMT):
This chat is now also on discord, you can find it here: https://discord.com/channels/905194001349627914/948240184124788736
rjones (Wed, 23 Mar 2022 17:35:05 GMT):
rjones (Wed, 23 Mar 2022 17:35:05 GMT):
rjones (Wed, 23 Mar 2022 17:35:05 GMT):
