Multi-module Maven project for the provenance storage system and trusted party service.
- distributed-prov-system-service: Provenance storage service (Spring Boot)
- trusted-party-service: Trusted party service (Spring Boot)
- Java 21+
- Maven 3.9+
- Neo4j (for distributed-prov-system-service)
- PostgreSQL (for trusted-party-service)
Local secrets should not be committed. Copy the templates below and keep your local profile files ignored by Git:
- distributed-prov-system-service/src/main/resources/application-local.yaml.example -> copy to application-local.yaml
- trusted-party-service/src/main/resources/application-local.yaml.example -> copy to application-local.yaml
Run with the local profile:
- IntelliJ: set environment variable
SPRING_PROFILES_ACTIVE=local - CLI:
--spring.profiles.active=local
You can also supply values via environment variables instead of a local profile. See:
- distributed-prov-system-service/src/main/resources/application.yaml
- trusted-party-service/src/main/resources/application.yaml
From the repo root:
./mvnw -pl distributed-prov-system-service spring-boot:run./mvnw -pl trusted-party-service spring-boot:run
Add -Dspring-boot.run.profiles=local if using local profile.
Ensure you have local certificates in ./certs:
certs/cert-dev/cert.pemcerts/cert-dev/ec_key.pemcerts/trusted_certs/
Then run:
docker compose up
After startup, the APIs are available at:
- Swagger UI (Trusted Party): http://localhost:8020/swagger-ui/index.html
- Swagger UI (Provenance Storage): http://localhost:8000/swagger-ui/index.html
Monitoring (Docker Compose):
- Prometheus: http://localhost:9090
- Grafana: http://localhost:3000 (admin/admin)
Both services expose Actuator endpoints. These are useful for health checks and Prometheus scraping:
- Health: http://localhost:8020/actuator/health and http://localhost:8000/actuator/health
- Metrics list: http://localhost:8020/actuator/metrics and http://localhost:8000/actuator/metrics
- Prometheus: http://localhost:8020/actuator/prometheus and http://localhost:8000/actuator/prometheus
Do not commit private keys. Keep certificates and local secrets outside Git or in ignored local profile files.