CTK should be deployed with the required dockers.
compliance-toolkit-service: 1.0.0
compliance-toolkit-ui: 1.0.0
Dependent Service (dockers)
Artifactory: mosipid/artifactory-ref-impl: 1.2.0.1-B2
Audit manager: mosipid/kernel-auditmanager-service: 1.2.0.1-B1
Auth Manager: mosipid/kernel-authmanager: 1.2.0.1-B1
Key Manager: modipid/kernel-keymanager-service: 1.2.0.1-B1
Partner Management: mosipid/partner-management-service: 1.2.0.1-B1
KeyCloak: mosipid/keycloak-init: 1.2.0.1-B1
Postgres: mosipid/postgres-init: 1.2.0.1-B1
Config Server: config-server: mosipid/config-server: 1.1.2
Notification Service: mosipid/kernel-notification-service: 1.2.0.1-B1
ClamAV: clamav/clamav: latest
MinIO
Note:
Ensure that in the kernel-default.properties
, the value of mosip-toolkit-client
is set in auth.server.admin.allowed.audience
.If this was not set by default, then set it and restart kernel-auth-service
and compliance-toolkit-service
.
Check if the roles given to mosip-pms-client
should match with any of the roles for following config property.
This config property is available in: https://github.com/mosip/mosip-config/blob/${ENV_NAME}/kernel-default.properties
For Example:
mosip.role.keymanager.postverifycertificatetrust=ZONAL_ADMIN
, GLOBAL_ADMIN
, PMS_ADMIN
, PMS_USER
Then mosip-pms-client
should have any of the above roles.
Check that mosip-pms-client
has the role REGISTRATION_PROCESSOR
, PARTNER_ADMIN
, PMS_ADMIN
in Key Cloak.If this was not set by default, then set it and restart key manager
and compliance-toolkit-service
.
From the 1.0.0 version onwards, we need to generate an encryption key for CTK.
Create a new app id by directly inserting the below row.
Get the client token using auth manager swagger by calling endpoint.
https://api-internal.dev.mosip.net/v1/authmanager/authenticate/clientidsecretkey
Use generateMasterKey
endpoint to generate module-level certificate.
Directly download the certificate via key manager swagger getCertificate
with App Id as COMPLIANCE_TOOLKIT
and Ref Id as COMP-FIR
.
This certificate is to be used by SBI devices as the encryption key.
For Mock MDS, when running in Auth mode, update the below values in the application.properties file.
For REAL MDS/SBI.
You must communicate to the vendors to download the new encryption key from UI and give us an updated SBI which uses this encryption key.
It can be downloaded for Auth SBI projects from UI.
1. Browse to mosip-compliance-toolkit.
2. The resources folder would contain schemas, test data and test cases that need to be added to MinIO and DB.
1. Log in to MinIO from the browser.
2. Create a compliance-toolkit
bucket.
3. Create a new folder named testdata
in the above bucket and upload all test data zip files from the resources folder to this folder.
4. Create a new folder named schemas
in the above bucket and upload all sbi and sdk schemas, test case schema from the resources folder to this folder.
Note: There is no need to upload compliance_test_definitions_sbi.json
and compliance_test_definitions_sdk.json
.
5. Restart the pods after adding new files in MinIO.
1. Using Keycloak, create a new user for the compliance toolkit.
2. Make sure to add the email ID. Also, give the user GLOBAL_ADMIN
.
3. Log in to the compliance toolkit in your environment with above the Keycloak user.
4. Open the swagger.
5. Go to uploadResourceFile
the endpoint in ResourceManagementController
.
6. Select any one of the types which are mentioned in swagger and version (SBI or SDK).
7. Upload the schema and test data files from the resources folder in the project.
8. You can see the uploaded schema and test data files in the MinIO dev environment.
1. Open swagger and go to saveTestCases
in test-cases-controller
.
2. Open the resources folder in the project.
3. compliance_test_definitions_sbi.json
file has all the test cases in it.
4. Copy the test cases array from this file and prepare a request as shown below.
5. Request body for saveTestCases
request.
9. The same should be done for compliance_test_definitions_sdk.json
.