feat: simplify Bruno collection, move cell/DS creation into seed job

README.md

@@ -114,10 +114,24 @@ kubectl wait --namespace edc-v \
 
 kubectl apply -k k8s/apps/
 
-# Wait for applications to be ready:
+# Wait for seed jobs to be ready:
+kubectl wait --namespace edc-v \
+            --for=condition=complete job --all \
+            --timeout=90s
+```
+
+Here's a copy-and-pasteable command to delete and redeploy everything:
+
+```shell
+kubectl delete -k k8s/ && \
+kubectl apply -f k8s/base && \
 kubectl wait --namespace edc-v \
             --for=condition=ready pod \
-            --selector=type=edcv-app \
+            --selector=type=edcv-infra \
+            --timeout=90s && \
+kubectl apply -f k8s/apps && \
+kubectl wait --namespace edc-v \
+            --for=condition=complete job --all \
             --timeout=90s
 ```
 
@@ -162,7 +176,8 @@ Those are needed to populate the databases and the vault with initial data.
 ### 4. Prepare the data space
 
 In addition to the initial seed data, a few bits and pieces are required for it to become fully operational. These can
-be put in place by running the REST requests in the `CFM - Provision Consumer` folder and in the `CFM - Provision Provider`
+be put in place by running the REST requests in the `CFM - Provision Consumer` folder and in the
+`CFM - Provision Provider`
 in the [Bruno collection](./requests/EDC-V%20Onboarding). Be sure to select the `"KinD Local"` environment in
 Bruno.
 
@@ -180,9 +195,9 @@ of the heavy lifting by doing the following:
 - registers the new `ParticipantContext` with the IssuerService
 - requests VerifiableCredentials from the IssuerService
 
-One word of caution: the `Query Orchestration by Profile ID` will only yield a result after the onboarding is complete.
-If it returns an empty response (i.e., the onboarding is still ongoing), simply wait a bit and try again. Do run all
-requests - each one is needed!
+N.B.: the `Get Participant Profile` may need to be run repeatedly until all entries in the `vpas` array have a
+`"state": "active"` field. This is because the deployment is an asynchronous process and all agents need to run before
+the profile is activated.
 
 ## Seeding EDC-V CEL Expressions
 

k8s/apps/participant-manager-seed-job.yaml

@@ -49,16 +49,14 @@ spec:
           env:
             - name: PM_BASE_URL
               value: "http://participant-manager.edc-v.svc.cluster.local:8080"
-            - name: TM_BASE_URL
-              value: "http://tenant-manager.edc-v.svc.cluster.local:8080"
           command:
             - sh
             - -c
             - |
               set -e
 
               echo "================================================"
-              echo "ParticipantManager & TenantManager Seeding"
+              echo "ParticipantManager Seeding"
               echo "================================================"
 
               echo ""
@@ -146,21 +144,14 @@ spec:
                 -H "Content-Type: application/json" \
                 -d '{
                   "activities": [
-                    {
-                      "dependsOn": [],
-                      "discriminator": "deploy",
-                      "inputs": [],
-                      "type": "network-activity",
-                      "id": "dns-provisioner"
-                    },
                     {
                       "id": "kc-client-provisioner",
                       "type": "keycloak-activity",
                       "discriminator": "deploy",
                       "dependsOn": []
                     },
                     {
-                      "id": "holder-entry-creator",
+                      "id": "registration-agent",
                       "type": "registration-activity",
                       "discriminator": "deploy",
                       "dependsOn": [
@@ -176,12 +167,12 @@ spec:
                       ]
                     },
                     {
-                      "id": "onboarder",
+                      "id": "onboarding-agent",
                       "type": "onboarding-activity",
                       "discriminator": "deploy",
                       "dependsOn": [
                         "connector-provisioner",
-                        "holder-entry-creator"
+                        "registration-agent"
                       ]
                     }
                   ],

k8s/apps/tenant-manager-seed-job.yaml

@@ -0,0 +1,102 @@
+#
+# Copyright (c) 2025 Metaform Systems, Inc.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+# Contributors:
+#      Metaform Systems, Inc. - initial API and implementation
+#
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: tenant-manager-seed
+  namespace: edc-v
+  labels:
+    app: tenant-manager-seed
+    platform: edcv
+    type: edcv-job
+spec:
+  backoffLimit: 5
+  template:
+    metadata:
+      labels:
+        app: tenant-manager-seed
+        platform: edcv
+        type: edcv-job
+    spec:
+      restartPolicy: OnFailure
+      initContainers:
+        # Wait for tenant-manager to be ready
+        - name: wait-for-tenant-manager
+          image: curlimages/curl:latest
+          command:
+            - sh
+            - -c
+            - |
+              until curl -sf http://tenant-manager.edc-v.svc.cluster.local:8080/api/v1alpha1/cells; do
+                echo "Waiting for tenant-manager to be ready..."
+                sleep 5
+              done
+              echo "Tenant Manager is ready!"
+      containers:
+        - name: seed-tenant-manager
+          image: curlimages/curl:latest
+          env:
+            - name: TM_BASE_URL
+              value: "http://tenant-manager.edc-v.svc.cluster.local:8080"
+          command:
+            - sh
+            - -c
+            - |
+              set -e
+
+              echo "================================================"
+              echo "TenantManager Seeding"
+              echo "================================================"
+
+              # Create Cell
+              echo "Creating Cell..."
+              CELL_RESPONSE=$(curl -s -X POST "$TM_BASE_URL/api/v1alpha1/cells" \
+                -H "Content-Type: application/json" \
+                -d '{
+                  "properties": {
+                    "newCellKey": "newCellValue"
+                  },
+                  "state": "active",
+                  "stateTimestamp": "'"$(date -u +"%Y-%m-%dT%H:%M:%SZ")"'"
+                }')
+
+              CELL_ID=$(echo "$CELL_RESPONSE" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
+              echo "Cell created with ID: $CELL_ID"
+
+              # Create Dataspace Profile
+              echo "Creating Dataspace Profile..."
+              PROFILE_RESPONSE=$(curl -s -X POST "$TM_BASE_URL/api/v1alpha1/dataspace-profiles" \
+                -H "Content-Type: application/json" \
+                -d '{
+                  "artifacts": [],
+                  "properties": {}
+                }')
+
+              DATASPACE_PROFILE_ID=$(echo "$PROFILE_RESPONSE" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
+              echo "Dataspace Profile created with ID: $DATASPACE_PROFILE_ID"
+
+              # Deploy Dataspace Profile
+              echo "Deploying Dataspace Profile..."
+              curl -s -X POST "$TM_BASE_URL/api/v1alpha1/dataspace-profiles/$DATASPACE_PROFILE_ID/deployments" \
+                -H "Content-Type: application/json" \
+                -d '{
+                  "profileId": "'"$DATASPACE_PROFILE_ID"'",
+                  "cellId": "'"$CELL_ID"'"
+                }'
+
+              echo "Dataspace Profile deployed successfully"
+              echo "================================================"
+              echo "TenantManager Seeding Complete"
+              echo "================================================"
+

k8s/base/nats.yaml

@@ -38,12 +38,51 @@ spec:
           image: nats:latest
           imagePullPolicy: IfNotPresent
           args:
-            - "-js"
+            - "-c"
+            - "/etc/nats/nats.conf"
           ports:
             - containerPort: 4222
               protocol: TCP
+              name: client
+            - containerPort: 8222
+              protocol: TCP
+              name: monitor
+          volumeMounts:
+            - name: nats-config
+              mountPath: /etc/nats
+            - name: jetstream-storage
+              mountPath: /tmp/jetstream
+      volumes:
+        - name: nats-config
+          configMap:
+            name: nats-config
+        - name: jetstream-storage
+          emptyDir: { }
       restartPolicy: Always
 
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nats-config
+  namespace: edc-v
+data:
+  nats.conf: |
+    # Basic server configuration
+    port: 4222
+    monitor_port: 8222
+
+    # JetStream configuration
+    jetstream {
+        store_dir: "/tmp/jetstream"
+        max_memory_store: 64MB
+        max_file_store: 512MB
+    }
+
+    # Enable debug/trace
+    debug: true
+    trace: false
+
 ---
 apiVersion: v1
 kind: Service
@@ -55,9 +94,12 @@ spec:
   selector:
     app: nats
   ports:
-    - name: nats
+    - name: client
       port: 4222
       targetPort: 4222
+    - name: monitor
+      port: 8222
+      targetPort: 8222
 
 ---
 apiVersion: networking.k8s.io/v1

requests/EDC-V Onboarding/CFM - Provision Consumer/Create a new Tenant.bru

@@ -1,7 +1,7 @@
 meta {
   name: Create a new Tenant
   type: http
-  seq: 3
+  seq: 2
 }
 
 post {
@@ -13,7 +13,7 @@ post {
 body:json {
   {
     "properties": {
-      "name": "{{participant_name}} tenant",
+      "name": "{{participant_name}}",
       "location": "eu"
     },
     "id":"foobar"