Skip to content
Snippets Groups Projects
Normal view Permalink
README.md 3.15 KiB
Newer Older
  • Learn to ignore specific revisions
    • Dmitrii Novikov (EPAM)'s avatar
    Remove datastore tenant info provisioning from Notification service (EPAM GONRG-4242)
    Dmitrii Novikov (EPAM) committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 
    # Service Configuration for GCP

## Table of Contents <a name="TOC"></a>
* [Environment variables](#Environment-variables)
* [Common properties for all environments](#Common-properties-for-all-environments)
* [For Mappers to activate drivers](#For-Mappers-to-activate-drivers)
* [For Google Cloud only](#For-Google-Cloud-only)
* [GCS configuration](#GCS-configuration)
* [Google cloud service account configuration](#Google-cloud-service-account-configuration)

## Environment variables

### Common properties for all environments

| name | value | description | sensitive? | source |
| ---  | ---   | ---         | ---        | ---    |
| `APP_ENTITLEMENTS` | ex `https://entitlements.com/entitlements/v1` | Entitlements API endpoint | no | output of infrastructure deployment |
| `APP_REGISTER` | ex `https://register.com/api/register/v1` | Storage API endpoint | no | output of infrastructure deployment |
| `PARTITION_API` | ex `http://localhost:8081/api/partition/v1` | Partition service endpoint | no | - |
| `SERVICE_TOKEN_PROVIDER` | ex `GCP` or `OPENID` | Service token provider | no | - |

**System Environment required to run service**

| name | value | description | sensitive? | source |
| ---  | ---   | ---         | ---        | ---    |
| `SPRING_PROFILES_ACTIVE` | `gcp` | spring active profile | no |

### For Mappers to activate drivers

| name      | value     | description                                             |
|-----------|-----------|---------------------------------------------------------|
| OQMDRIVER | pubsub    | to activate **OQM** driver for **Google PubSub**        |
| OQMDRIVER | rabbitmq  | to activate **OQM** driver for **Rabbit MQ**            |


#### For Google Cloud only
| name                         | value                                 | description                                                        | sensitive? | source                                            |
|------------------------------|---------------------------------------|--------------------------------------------------------------------|------------|---------------------------------------------------|
| `APP_PROJECT` | ex `opendes` | Google Cloud Project Id | no | output of infrastructure deployment |
| `GOOGLE_AUDIENCES` | ex `*****.apps.googleusercontent.com` | Client ID for getting access to cloud resources | yes | https://console.cloud.google.com/apis/credentials |

##### service account IAM roles
Also, the following IAM roles should be assigned to the service's Google service account (SA)

| IAM role | The purpose                                                                   |
|----------|-------------------------------------------------------------------------------|
| Service Account Token Creator | To write yourself JWT for requesting neighbor microservices                   |
| Pub/Sub Editor | To fetch available PubSub topics and subscriptions and be able to create them |

## Pubsub configuration:

At Pubsub should be created topic with name:

**name:** `register-subscriber-control`

It can be overridden by:

- through the Spring Boot property `oqm-register-subscriber-control-topic-name`
- environment variable `OQM_REGISTER_SUBSCRIBER_CONTROL_TOPIC_NAME`