Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 2 Current »

Overview

This document outlines the environment variables required for various containers during the installation or upgrade of KnowHOW. Few sections are marked mandatory, while the rest are optional and depending on the tools in use.

 MongoDB Service

Mandatory configurations

If installing for the first time, provide the following:

  • MONGO_INITDB_ROOT_USERNAME = <DB ROOT USER>

  • MONGO_INITDB_ROOT_PASSWORD = <DB ROOT PASSWORD>

 CustomAPI

Mandatory configurations

For Upgrading KnowHOW:

  • mongock.start-system-version = <Your current KnowHOW version>

  • mongock.end-system-version = <Version to upgrade to>

  • mongock.migration-scan-package = com.publicissapient.kpidashboard.apis.mongock.upgrade

  • versionnumber = <Version number you are upgrading to>

For First-time Installation:

  • mongock.migration-scan-package = com.publicissapient.kpidashboard.apis.mongock.installation

  • mongock.end-system-version = <KnowHOW version number>

  • forgotPassword.uiHost = <KnowHOW server DNS without https://>

  • corsFilterValidOrigin = <KnowHOW server DNS without https://>

  • spring.data.mongodb.uri = mongodb://<DB USER>:<DB PASSWORD>@mongodb:27017/kpidashboard (URL-encode special characters in the password.)

  • aesEncryptionKey = <AES Encryption Key> (Generate using a random key generator; minimum length: 8.)

  • auth.secret = <JWT token signing secret> (Minimum length: 4.)

  • isRepoToolEnable = <true|false> (Enable or disable SCM.)

  • versionnumber = <Latest version number>

SAML Authentication:

To authenticate and authorize KnowHOW users using SAML

  • auth.subDomainCookie = true

  • auth.domain = <Auth service parent domain>

  • auth.centralAuthBaseURL = https://<Central Auth Backend DNS>

  • auth.resourceAPIKey = <Resource API key> (Generate an API Key by following the steps outlined here. This is required only when running central authentication.)

SCM Processor Setup:

When installing KnowHOW with the SCM Processor (i.e., when isRepoToolEnable=true)

  • exposed_api_key = <API key>

  • repoToolAPIKey = <API key> (Generate an API Key by following the steps outlined here. )

Optional Variables:

  • JAVA_OPTS = <JVM options>

 UI Service

  • DNS_SSL = <Your IP/DNS address>

  • API_HOST = <CustomAPI container name>

  • API_PORT = <CustomAPI port>

SAML Authentication:

To authenticate and authorize KnowHOW users using SAML

  • AUTHENTICATION_SERVICE = true

  • CENTRAL_LOGIN_URL = https://<Central Authentication Service URL>

 Jira Processor

  • spring.data.mongodb.uri = mongodb://<DB USER>:<DB PASSWORD>@mongodb:27017/kpidashboard

  • aesEncryptionKey = <Same key as defined in CustomAPI>

 DevOps Processor

  • spring.data.mongodb.uri = mongodb://<DB USER>:<DB PASSWORD>@mongodb:27017/kpidashboard

  • aesEncryptionKey = <Same key as defined in CustomAPI>

 Azure Board Processor

  • spring.data.mongodb.uri = mongodb://<DB USER>:<DB PASSWORD>@mongodb:27017/kpidashboard

  • aesEncryptionKey = <Same key as defined in CustomAPI>

 AuthnAuth Specific Variables

Applicable only when deploying KnowHOW with the AuthnAuth application

For PostgreSQL Configuration:

  • POSTGRES_USER = <DB ROOT USER>

  • POSTGRES_PASSWORD = <DB ROOT PASSWORD>

  • POSTGRES_DB = authNauth

  • HOST = <Host IP>

AuthnAuth Configuration:

  • auth.baseUrl = https://<Central Auth UI DNS>

  • auth.baseUiUrl = https://<Central Auth UI DNS>

  • auth.secret = <Same JWT token signing secret> (This should be the same passphrase used to generate the signed JWT token in CustomAPI.)

  • forgotPassword.uiHost = https://<Central Auth UI DNS>

  • auth.corsFilterValidOrigin = https://<Central Auth UI DNS>

  • spring.datasource.url = jdbc:postgresql://<Auth DB service/container name>:<Port>/authNauth

  • spring.datasource.username = authdb

  • spring.datasource.password = <Postgres DB password>

  • spring.kafka.producer.bootstrap-servers = <Kafka service/container>

  • spring.kafka.consumer.bootstrap-servers = <Kafka service/container:port>

  • KAFKA_CFG_ZOOKEEPER_CONNECT = <Zookeeper service/container:port>

  • ZOO_SERVERS = <Zookeeper service/container:port>

  • flag.mailWithoutKafka = <true|false>

  • auth.domain = <Parent domain>

SAML Integration:

For SAML integration, obtain the following values from your company’s Azure AD provider. Refer to the SSO Integration documentation for guidance.

  • auth.holdingEntityId = <SAML Entity ID>

  • auth.assertingEntityId = <SAML Tenant URL>

  • auth.alias = <SAML alias>

  • auth.samlLoginUrl = <SAML login URL>

For Auth 2.0.0 Configuration:

  • auth.serverApiKey: <Resource API key for the Auth Service API used in KnowHOW Backend>
    (Use the same API key as specified. Follow the mentioned steps.)

  • auth.rpCertificate: <Credentials for SAML SSO signing>

  • auth.rpPrivateKey: <Credentials for SAML SSO signing>

  • spring.security.saml2.relyingparty.registration.azure.assertingparty.metadata-uri: <Login URL for SAML>

  • spring.security.saml2.relyingparty.registration.azure.entity-id: <SAML Entity ID>

  • AUTH_BASE_URL: <Auth UI URL>

UI Application:

  • REACT_APP_DNS: https://<Central Auth UI URL>

  • DNS_SSL: https://<Central Auth UI URL>

  • REACT_APP_PSKnowHOW: https://<KnowHOW UI URL>

 SCM Tool Configuration

PostgreSQL Configuration:

  • POSTGRES_USER = <Postgres username>

  • POSTGRES_PASSWORD = <Postgres password>

  • POSTGRES_DB = debbie

Django Configuration:

  • DEBUG = True

  • DEBUG_TOOLBAR = True

  • ALLOWED_HOSTS = *

  • DATABASE_URL = <Postgres DB URL>

  • CORS_ORIGIN_WHITELIST = http://localhost (Specifies the allowed origins for handling CORS)

  • RESULT_SEND_TYPE = mq (Specifies the RabbitMQ message key)

  • RABBITMQ_DEFAULT_USER = admin

  • RABBITMQ_DEFAULT_PASS = <RabbitMQ password>

  • RABBITMQ_DEFAULT_VHOST = debbie (Specifies the default host of RabbitMQ)

  • RABBIT_BROKER_HOST = repotool-rabbitmq (Specifies the RabbitMQ container name)

  • RABBIT_BROKER_PORT = 5672

  • RABBIT_QUEUE = repos (Specifies the name of the RabbitMQ job queue)

  • BASE_HOST_URL = https://<Your base host>

  • SCAN_STATUS_APIS = http://customapi:8080/api/processor/saveRepoToolsStatus (API endpoint for saving scanning details)

  • SCAN_STATUS_APIS_TOKEN = <API token> (Token used by CustomAPI)

  • DEBBIE_INTERNAL_API_KEY = <API key> (Generated by RepoTool)

  • No labels

© 2022 Publicis Sapient. All rights reserved.