Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • trusted-EPMOSDU-1488-Added-headers-check protected
  • release/0.28 protected
  • cimpl-notification
  • solxget_core_lib_aws protected
  • cherry-pick-for-560 protected
  • cherry-pick-for-562 protected
  • cherry-pick-for-566 protected
  • trusted-cherry-pick-5d079eec protected
  • trusted-vs-version protected
  • trusted-aws-allow-some-indexer-failures protected
  • trusted-cimpl-notification protected
  • trusted-aws-fix-build protected
  • trusted-faid/transitionSinglePipeline protected
  • test-cimpl-notification
  • trusted-faid/acceptanceTestNotification protected
  • ibm-highVul-fix protected
  • trusted-vl/LatencyMetric protected
  • trusted-vl/not-found-subs protected
  • trusted-cache_ent protected
  • v0.28.1-gc.2 protected
  • v0.28.1-aws.2 protected
  • v0.28.1 protected
  • v0.28.0 protected
  • v0.27.0-azure.1 protected
  • v0.27.0 protected
  • v0.26.0 protected
  • v0.25.0-ibm.1 protected
  • v0.25.0-gc.1 protected
  • v0.25.0 protected
  • v0.24.0 protected
  • v0.23.0-gc.1 protected
  • v0.23.0 protected
  • v0.22.0-gc.1 protected
  • v0.22.0 protected
  • v0.21.0 protected
  • v0.20.1 protected
  • v0.20.0 protected
  • v0.19.0 protected
  • v0.18.0 protected
40 results
Blame Permalink
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
README.md 3.25 KiB

Service Configuration for GCP

Table of Contents

Environment variables

Common properties for all environments

name value description sensitive? source
APP_ENTITLEMENTS ex https://entitlements.com/entitlements/v1 Entitlements API endpoint no output of infrastructure deployment
APP_REGISTER ex https://register.com/api/register/v1 Storage API endpoint no output of infrastructure deployment
APP_PROJECT ex opendes Google Cloud Project Id no output of infrastructure deployment
PARTITION_API ex http://localhost:8081/api/partition/v1 Partition service endpoint no -
SERVICE_TOKEN_PROVIDER ex GCP or OPENID Service token provider no -

System Environment required to run service

name value description sensitive? source
SPRING_PROFILES_ACTIVE gcp spring active profile no

For Mappers to activate drivers

name value description
OQMDRIVER pubsub to activate OQM driver for Google PubSub
OQMDRIVER rabbitmq to activate OQM driver for Rabbit MQ

For Google Cloud only

name value description sensitive? source
APP_PROJECT ex opendes Google Cloud Project Id no output of infrastructure deployment
GOOGLE_AUDIENCES ex *****.apps.googleusercontent.com Client ID for getting access to cloud resources yes https://console.cloud.google.com/apis/credentials
service account IAM roles

Also, the following IAM roles should be assigned to the service's Google service account (SA)

IAM role The purpose
Service Account Token Creator To write yourself JWT for requesting neighbor microservices
Pub/Sub Editor To fetch available PubSub topics and subscriptions and be able to create them

Pubsub configuration:

At Pubsub should be created topic with name:

name: register-subscriber-control

It can be overridden by:

  • through the Spring Boot property oqm-register-subscriber-control-topic-name
  • environment variable OQM_REGISTER_SUBSCRIBER_CONTROL_TOPIC_NAME