Application Environmental variables

Please update the Environmental Variable mentioned for various containers.

All containers marked in RED are mandatory, rest are optional and needed only if respective tools are in use.

MongoDB service

If you are installing for first time pass all the bellow values:

• MONGO_INITDB_ROOT_USERNAME=<DB ROOT USER>

• MONGO_INITDB_ROOT_PASSWORD=<DB ROOT PASSWORD>

CustomAPI

i . If you are Upgrading KnowHOW update the bellow env var only:

• mongock.start-system-version = Your current version of knowhow installed.

• mongock.end-system-version = The Version you want TO Upgrade to.

• mongock.migration-scan-package=com.publicissapient.kpidashboard.apis.mongock.upgrade

• versionnumber=<Version number you are Upgrading to>

ii. If you are installing for first time pass all the bellow values:

• mongock.migration-scan-package=com.publicissapient.kpidashboard.apis.mongock.installation

• mongock.end-system-version= <Knowhow version number which you want to install> You can find the latest version number here

• forgotPassword.uiHost=<DNS > (DNS of the Knowhow server without https://)

• corsFilterValidOrigin=<DNS> (DNS of the Knowhow server without https://)

• spring.data.mongodb.uri=<pass mongo db connection url in this format mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard> If your password contains special characters, they need to be URL-encoded. For example, if your password includes '@', like pass@123, it should be encoded as pass%40123. You can URL-encode your password here: https://www.urlencoder.org/

• aesEncryptionKey=<aesEncryptionKey> An AES (Advanced Encryption Standard) encryption key is essential for securing data through encryption. To generate an AES encryption key, use the Random Key Generator tool at https://acte.ltd/utils/randomkeygen. For AES-256 encryption, select "Encryption Key 256." The passphrase used as the AES key cannot be changed during the application's lifetime (minimum length - 8; sample value - 7DLHllMii14pId0FSSwGWwtga5dckGHW).

• auth.secret=<auth secret>(this the passphrase used to generate sign jwt token)
  (min length -4, sample value - C0GNAIDS8upDNnkE)

• isRepoToolEnable= <true for scm(developer tab) enable or false for scm disable>

• versionnumber=<Latest Version number > You can find the latest version number here

If you want authenticate and authorize knowhow users using SAML pass the bellow Vars:

• auth.subDomainCookie= true

• auth.domain= <auth service parent domain>

• auth.centralAuthBaseURL= https://<central Auth Backend DNS>

• auth.resourceAPIKey= <resource api key for the Auth Service API used in Knowhow BE> You have to generate API Key - follow mention Steps Sample Value - BKQI07DExY6m0nblPSIYGCentral AUTH Service (required only when running central auth)

If you are installing knowhow along with SCM Processor pass this vars: i.e when isRepoToolEnable=true

• exposed_api_key= < api key for the exposed kpi like repo tool, sample value:UvcP8HOTwcJVFR4DYVZZwwSh5p6dVue7DExY6m0nblPSIYGCl1K/c89oQMVD2nVqN1N443vkDofkROBFiHjDxw==>

• repoToolAPIKey= follow this docs to generate Key SCM Processor Setup

OPTIONAL CustomApi ENV VAR:

• JAVA_OPTS= <set options for the Java Virtual Machine> This variable allows you to pass various parameters and configurations to the JVM, such as memory settings, system properties, garbage collection options, and more.

UI service

• DNS_SSL=<Your IP/DNS address>

• API_HOST=<customapi’s k8s service name/docker container name>

• API_PORT= <port of customapi>

If you want to authenticate and authorize knowhow users using SAML pass the bellow Vars: i.e whenAUTHENTICATION_SERVICE=true

• AUTHENTICATION_SERVICE= true

• CENTRAL_LOGIN_URL= https://< url DNS of central authentication service >

Jira-Processor

• spring.data.mongodb.uri=<pass mongo db connection url in this format “mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard“>

• aesEncryptionKey=<aesEncryptionKey>( same Key as defined in CustomAPI)

devops-processor

• spring.data.mongodb.uri=<pass mongo db connection url in this format “mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard“>

• aesEncryptionKey=<aesEncryptionKey>(same Key as defined in CustomAPI)

azure-board-processor

• spring.data.mongodb.uri=<pass mongo db connection url in this format “mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard“>

• aesEncryptionKey=<aesEncryptionKey>(same Key as defined in CustomAPI)

azure-pipeline-repo

• spring.data.mongodb.uri=<pass mongo db connection url in this format “mongodb://<DB USER NAME>:<DB PASSWORD>@mongodb:27017/kpidashboard“>

• aesEncryptionKey=<aesEncryptionKey>(same Key as defined in CustomAPI)

AuthnAuth Specific Variables: Use Only When Deploying Knowhow with Auth Application

Authdb:

• POSTGRES_USER=<DB ROOT USER>(Specify the Postgres user name)

• POSTGRES_PASSWORD=<DB ROOT PASSWORD>(Specify the Postgres user password)

• POSTGRES_DB=authNauth

• HOST=<Host IP> Pass the host IP when running as docker

authnauth:

• auth.baseUrl=https://<Central auth UI DNS url>

• auth.baseUiUrl=https://<Central auth UI DNS url>

• auth.secret=<auth secret>(this should be same passphrase used to generate sign jwt token in customapi)

• forgotPassword.uiHost=https://<Central auth UI DNS url>

• auth.corsFilterValidOrigin=https://<Central auth UI DNS url>

• spring.datasource.url=jdbc:postgresql://<Auth DB service/container name>:<Port>/authNauth

• spring.datasource.username=authdb

• spring.datasource.password= < postgres db passowrd>

• spring.kafka.producer.bootstrap-servers= <kafka service/container name>

• spring.kafka.consumer.bootstrap-servers= <kafka service/container name:port>

• KAFKA_CFG_ZOOKEEPER_CONNECT= <zookeeper service/container name:port>

• ZOO_SERVERS=<zookeeper service/container name:port>

• flag.mailWithoutKafka= <true for the smtp or false for the kafka>

• auth.domain= <Add to parent domain> example: tools.publicis.sapient.com

For SAML Integration get the bellow values from your company’s azure AD provider for reference look for this docs SSO Integration

• auth.holdingEntityId= <SAML Entity ID>

• auth.assertingEntityId = <SAML Url of the tenent ID>

• auth.alias = <alias of the saml>

• auth.samlLoginUrl= <login url saml>

For auth 1.0.0

For auth 2.0.0

• auth.serverApiKey= <resource api key for the Auth Service API used in Knowhow BE> You have to use same API Key - follow mention Steps Sample Value - BKQI07DExY6m0nblPSIYGCentral AUTH Service

• auth.rpCertificate= The credentials used in the SAML SSO signing process, you can use the examples provided by Spring Boot from here

• auth.rpPrivateKey= The credentials used in the SAML SSO signing process

• spring.security.saml2.relyingparty.registration.azure.assertingparty.metadata-uri= <login url saml>

• spring.security.saml2.relyingparty.registration.azure.entity-id= <SAML Entity ID>

• AUTH_BASE_URL= <Auth ui URL>

authnauth-ui:

• REACT_APP_DNS=https://<Central Auth UI Url>

• DNS_SSL=https://<Central Auth UI Url>

• REACT_APP_PSKnowHOW=https://< Knowhow UI Url>

SCM tool:

PostgreSQL config:

POSTGRES_USER=<Postgres user name>
POSTGRES_PASSWORD= <postgres db password>
POSTGRES_DB=debbie

Django config:

DEBUG=True
DEBUG_TOOLBAR=True
ALLOWED_HOSTS=*
DATABASE_URL= < postgres database url>
CORS_ORIGIN_WHITELIST=http://localhost < handling cors origin whitelist>

RESULT_SEND_TYPE=mq <rabbitmq message key>

RABBITMQ_DEFAULT_USER=admin <default user of rabbitmq>
RABBITMQ_DEFAULT_PASS= <default pass of rabbitmq>
RABBITMQ_DEFAULT_VHOST=debbie <default host of rabbitmq>
RABBIT_BROKER_HOST=repotool-rabbitmq <rabbitmq container name>
RABBIT_BROKER_PORT=5672
RABBIT_QUEUE=repos <name of the rabbitmq job queue>

BASE_HOST_URL=https://4bdf-89-136-52-54.ngrok-free.app

SCAN_STATUS_APIS=http://customapi:8080/api/processor/saveRepoToolsStatus <api to save scanning detail>
SCAN_STATUS_APIS_TOKEN= <api token used by customapi>

DEBBIE_INTERNAL_API_KEY= <api key generated by repotool>