...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
please Please update the Environmental Variable mentioned for various containers.
All containers marked in RED are mandatory, rest are optional and needed only if respective tools are in use.
...
MongoDB service
NOTE: NO need to update if If you are upgrading the Knowhowinstalling for first time pass all the bellow values:
MONGO_INITDB_ROOT_USERNAME
=<DB ROOT USER> (used for DDL comands within the application.)MONGO_INITDB_ROOT_PASSWORD
=<DB ROOT PASSWORD>(password for admin user)MONGODB_APPLICATION_USER=<DB READ/Write User>
MONGODB_APPLICATION_PASS=<DB READ/WRITE PASSWORD>
...
CustomAPI
i . If you are Upgrading KnowHOW update the bellow env var only:
mongock.start-system-version
= Your current version of knowhow installed.mongock.end-system-version
= The Version you want TO Upgrade to.mongock.migration-scan-package=com.publicissapient.kpidashboard.apis.mongock.upgrade
versionnumber
=<Version number you are Upgrading to>
ii. If you are installing for first time pass all the bellow values:
mongock.migration-scan-package=com.publicissapient.kpidashboard.apis.mongock.installation
mongock.end-system-version=
<Knowhow version number which you want to install> You can find the latest version number hereforgotPassword.uiHost
=<DNS > (DNS of the Knowhow server without https://)corsFilterValidOrigin
=<DNS> (DNS of the Knowhow server without https://)spring.data.mongodb.uri
=<pass mongo db connection url in this formatmongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard
> Special char need to converted eg “@
" is%40
If your password contains special characters, they need to be URL-encoded. For example, if your password includes '@', like pass@123, it should be encoded as pass%40123. You can URL-encode your password here: https://www.urlencoder.org/aesEncryptionKey
=<aesEncryptionKey> (this is the passphrase for generating AES key, this can not be changed during lifetime of application)
(min lenght - 8, An AES (Advanced Encryption Standard) encryption key is essential for securing data through encryption. To generate an AES encryption key, use the Random Key Generator tool at https://acte.ltd/utils/randomkeygen. For AES-256 encryption, select "Encryption Key 256." The passphrase used as the AES key cannot be changed during the application's lifetime (minimum length - 8; sample value - 7DLHllMii14pId0FSSwGWwtga5dckGHW).auth.secret
=<auth secret>(this the passphrase used to generate sign jwt token)
(min length -4, sample value - C0GNAIDS8upDNnkE)isRepoToolEnable
= <true
for repotoolscm(developer tab) enable orfalse
for repotool scm disable>versionnumber
=<Latest Version number > You can find the latest version number here
If you want to install Knowhow to authenticate and authorize knowhow users using SAML pass the bellow Vars:
auth.subDomainCookie
= trueauth.domain
= <auth service is on then added to parent domain>auth.centralAuthBaseURL
= https://<central Auth Backend DNS>auth.resourceAPIKey
= <resource api key for the Auth Service API used in Knowhow BE> You have to generate API Key - follow mention Steps Sample Value - BKQI07DExY6m0nblPSIYGCentral AUTH Service (required only when running central auth)
If you are installing knowhow along with SCM Processor pass this vars: i.e when isRepoToolEnable=true
exposed_api_key
= < api key for the exposed kpi like repo tool, sample value:UvcP8HOTwcJVFR4DYVZZwwSh5p6dVue7DExY6m0nblPSIYGCl1K/c89oQMVD2nVqN1N443vkDofkROBFiHjDxw==> (required only when isRepoToolEnable=true
)repoToolAPIKey
= follow this docs to generate Key RepoTool SCM Processor Setup
OPTIONAL CustomApi ENV VAR:
JAVA_OPTS
= <set options for the Java Virtual Machine> This variable allows you to pass various parameters and configurations to the JVM, such as memory settings, system properties, garbage collection options, and more.
...
UI service
DNS_SSL
=<Your IP/DNS address>API_HOST
=<customapi backed host><customapi’s k8s service name/docker container name>API_PORT
= <port of api>customapi>
If you want to authenticate and authorize knowhow users using SAML pass the bellow Vars: i.e whenAUTHENTICATION_SERVICE=true
AUTHENTICATION_SERVICE
= <true
for central authentication service or false local authentication>CENTRAL_LOGIN_URL
= https://< url DNS of central authentication service (required only when AUTHENTICATION_SERVICE=true
) >
...
Jira-Processor
spring.data.mongodb.uri=<pass mongo db connection url in this format “
mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard
“>aesEncryptionKey=<aesEncryptionKey>( same Key as defined in CustomAPI)
...
devops-processor
spring.data.mongodb.uri=<pass mongo db connection url in this format “
mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard
“>aesEncryptionKey=<aesEncryptionKey>(same Key as defined in CustomAPI)
...
azure-board-processor
spring.data.mongodb.uri=<pass mongo db connection url in this format “
mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard
“>aesEncryptionKey=<aesEncryptionKey>(same Key as defined in CustomAPI)
...
azure-pipeline-repo
spring.data.mongodb.uri=<pass mongo db connection url in this format “
mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard
“>aesEncryptionKey=<aesEncryptionKey>(same Key as defined in CustomAPI)
...
AuthnAuth Specific Variables: Use Only When Deploying Knowhow with Auth Application
Authdb:
POSTGRES_USER
=<DB ROOT USER>(Specify the Postgres user name)POSTGRES_PASSWORD
=<DB ROOT PASSWORD>(Specify the Postgres user password)POSTGRES_DB
=authNauthHOST=<Host IP>
Pass the host IP when running as docker
...
authnauth:
auth.baseUrl
=https://<Central auth UI DNS url>auth.baseUiUrl
=https://<Central auth UI DNS url>auth.secret
=<auth secret>(this should be same passphrase used to generate sign jwt token in customapi)forgotPassword.uiHost
=https://<Central auth UI DNS url>auth.corsFilterValidOrigin
=https://<Central auth UI DNS url>spring.datasource.url
=jdbc:postgresql://<Auth DB service/container name>:<Port>/authNauthspring.datasource.username
=authdbspring.datasource.password
= < postgres db passowrd>spring.kafka.producer.bootstrap-servers
= <kafka service/container name>spring.kafka.consumer.bootstrap-servers
= <kafka service/container name:port>KAFKA_CFG_ZOOKEEPER_CONNECT
= <zookeeper service/container name:port>ZOO_SERVERS
=<zookeeper service/container name:port>flag.mailWithoutKafka
= <true for the smtp or false for the kafka>auth.domain
= <Add to parent domain> example: tools.publicis.sapient.com
For SAML Integration
...
get the bellow values from your company’s azure AD provider for reference look for this docs SSO Integration
auth.holdingEntityId
= <SAML Entity ID>auth.assertingEntityId
= <SAML Url of the tenent ID>auth.alias
= <alias of the saml>auth.samlLoginUrl
= <login url saml>
For auth 1.0.0
For auth 2.0.0
auth.serverApiKey
= <resource api key for the Auth Service API used in Knowhow BE> You have to use same API Key - follow mention Steps Sample Value - BKQI07DExY6m0nblPSIYGCentral AUTH Serviceauth.rpCertificate
= The credentials used in the SAML SSO signing process, you can use the examples provided by Spring Boot from hereauth.rpPrivateKey
= The credentials used in the SAML SSO signing processspring.security.saml2.relyingparty.registration.azure.assertingparty.metadata-uri
= <login url saml>spring.security.saml2.relyingparty.registration.azure.entity-id
= <SAML Entity ID>AUTH_BASE_URL
= <Auth ui URL>
...
authnauth-ui:
REACT_APP_DNS=https://<Central Auth UI Url>
DNS_SSL=https://<Central Auth UI Url>
REACT_APP_PSKnowHOW=https://< Knowhow UI Url>
...
SCM tool:
PostgreSQL config:
POSTGRES_USER
=<Postgres user name>POSTGRES_PASSWORD
= <postgres db password>POSTGRES_DB
=debbie
Django config:
DEBUG=True
DEBUG_TOOLBAR=True
ALLOWED_HOSTS=*
DATABASE_URL= < postgres database url>
CORS_ORIGIN_WHITELIST=http://localhost < handling cors origin whitelist>
...