Commit fee0bb86 authored by Abhishek Kumar (SLB)'s avatar Abhishek Kumar (SLB)
Browse files
parents 3c705f52 a5b19c1c
......@@ -25,6 +25,7 @@ variables:
DATA_PARTITION: opendes
AZURE_AD_APP_RESOURCE_ID: $AZURE_APP_ID
AZURE_STORAGE_CONNECTION_STRING: DefaultEndpointsProtocol=https;AccountName=${AZURE_BASE}data;AccountKey=${AZURE_STORAGE_KEY};EndpointSuffix=core.windows.net
AZURE_COVERAGE_THRESHOLD: 70
AWS_BUILD_SUBDIR: provider/schema-aws/build-aws
AWS_TEST_SUBDIR: testing/schema-test-core
......
export AZURE_SCHEMA_URL=https://${AZURE_DNS_NAME}/api/schema-service/v1/schema
# Cleanup function
cleanup() {
echo "Terminating istio sidecar"
curl -X POST "http://localhost:15020/quitquitquit"
exit
}
trap cleanup EXIT
if [[ -z "${NAMESPACE}" ]]; then
NAMESPACE="osdu-azure"
fi
export AZURE_SCHEMA_URL="http://schema.${NAMESPACE}.svc.cluster.local/api/schema-service/v1/schema/"
currentStatus="success"
currentMessage="All schemas uploaded successfully"
BEARER_TOKEN=`python $AZURE_DEPLOYMENTS_SUBDIR/Token.py`
......
......@@ -19,7 +19,7 @@ osdu-gcp-bootstrap:
- if: '$OSDU_GCP == "true" && $CI_COMMIT_TAG'
when: never
- if: '$OSDU_GCP == "true"'
when: always
when: on_success
osdu-gcp-bootstrap-dev2:
stage: bootstrap
......@@ -37,12 +37,9 @@ osdu-gcp-bootstrap-dev2:
- python $OSDU_GCP_DEPLOYMENTS_SCRIPTS_SUBDIR/DeploySharedSchemas.py -u $OSDU_GCP_SCHEMA_URL/schema
rules:
- if: '$OSDU_GCP == "true" && $CI_COMMIT_BRANCH =~ /^release/'
when: always
when: on_success
- if: '$OSDU_GCP == "true" && $CI_COMMIT_TAG'
when: always
# The variable DEV2="true" should be specified manually in GitLab before running a pipeline to test this job against a protected branch
- if: '$OSDU_GCP == "true" && $DEV2 == "true"'
when: always
when: on_success
osdu-gcp-test:
needs: ["osdu-gcp-bootstrap"]
......@@ -53,7 +50,7 @@ osdu-gcp-test:
- if: '$OSDU_GCP == "true" && $OSDU_GCP_INT_TEST_TYPE != "python" && $CI_COMMIT_TAG'
when: never
- if: '$OSDU_GCP == "true" && $OSDU_GCP_INT_TEST_TYPE != "python"'
when: always
when: on_success
osdu-gcp-dev2-test:
needs: ["osdu-gcp-bootstrap-dev2"]
......@@ -71,5 +68,8 @@ osdu-gcp-containerize-bootstrap-gitlab:
- docker push $CI_REGISTRY_IMAGE/osdu-gcp-bootstrap
rules:
- if: '$OSDU_GCP == "true" && $CI_COMMIT_BRANCH =~ /^master$/'
when: on_success
- if: '$OSDU_GCP == "true" && $CI_COMMIT_BRANCH =~ /.*bootstrap.*/'
when: on_success
- if: '$OSDU_GCP == "true" && $CI_COMMIT_TAG'
when: on_success
......@@ -7,9 +7,8 @@ metadata:
namespace: "{{ .Release.Namespace }}"
data:
LOG_LEVEL: "{{ .Values.data.log_level }}"
LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_WEB: "{{ .Values.data.log_level }}"
PARTITION_API: "{{ .Values.data.partition_api }}"
GOOGLE_AUDIENCES: "{{ .Values.data.google_audiences }}"
AUTHORIZE_API: "{{ .Values.data.authorize_api }}"
AUTHORIZE_API_KEY: "{{ .Values.data.authorize_api_key }}"
SHARED_TENANT_NAME: "{{ .Values.data.shared_tenant_name }}"
SPRING_PROFILES_ACTIVE: "{{ .Values.data.spring_profiles_active }}"
......@@ -5,10 +5,10 @@
data:
log_level: ""
authorize_api: ""
authorize_api_key: "Null"
partition_api: ""
google_audiences: ""
shared_tenant_name: ""
spring_profiles_active: "gcp"
conf:
configmap: "schema-config"
......
......@@ -3,8 +3,8 @@
# Declare variables to be passed into your templates.
data:
requests_cpu: "0.25"
requests_memory: "256M"
requests_cpu: "0.1"
requests_memory: "384M"
limits_cpu: "1"
limits_memory: "1G"
serviceAccountName: ""
......
......@@ -30,7 +30,7 @@
<properties>
<azure.version>2.1.7</azure.version>
<osdu.corelibazure.version>0.13.0-rc6</osdu.corelibazure.version>
<osdu.corelibazure.version>0.14.0-rc2</osdu.corelibazure.version>
<osdu.oscorecommon.version>0.13.0</osdu.oscorecommon.version>
<osdu.os-schema-core.version>0.14.0-SNAPSHOT</osdu.os-schema-core.version>
<mockito.version>1.10.19</mockito.version>
......@@ -210,7 +210,7 @@
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>5.3.7</version>
<version>5.3.12</version>
</dependency>
</dependencies>
......@@ -234,6 +234,14 @@
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<excludes>
<exclude>**/*org/opengroup/osdu/schema/azure/definitions/**</exclude>
<exclude>**/*org/opengroup/osdu/schema/azure/di/**Config.class</exclude>
<exclude>**/*org/opengroup/osdu/schema/azure/impl/messagebus/model/**</exclude>
<exclude>**/*org/opengroup/osdu/schema/azure/SchemaApplication.class</exclude>
</excludes>
</configuration>
<version>0.8.3</version>
<executions>
<execution>
......
......@@ -12,37 +12,13 @@ Pre-requisites
* Lombok 1.16 or later
* Maven
Schema service as per design uses two module from GCP. GCS or Google cloud storage to store actual schemas and Google cloud datastore to store schema metadata. It follows the multi tenancy
concept of DE, which means service is deployed in one GCP project and data is stored in client specific project. And permission to speccfic tenant project is decided based on data-partition-id user passes
as part of request header. So, to make it work from local we must have following setup done as prerequisite,
1. GCP project setup is done and local gcloud sdk configured by activating the account/user and pointing to correct GCP project. You can follow the steps from [here](https://cloud.google.com/deployment-manager/docs/step-by-step-guide/installation-and-setup)
2. Bucket with name <project-id>-schema (e.g opendes-schema) is created in tenant GCS and tenant datafier service account has read/write access to that bucket. Steps to create bucket and grant access can be followed from [here](https://cloud.google.com/storage/docs/creating-buckets)
3. Tenant datafier service account has read/write access to Google cloud datastore in tenant project. You can follow access control on datastore from [here](https://cloud.google.com/datastore/docs/access/iam). Permission required is ```roles/datastore.user```
4. Service-account/user activated as part of step 1 has service token creator role on datafier service-account of the data partition used. Details on service account creator role can be accessed from [here](https://cloud.google.com/iam/docs/service-accounts#the_service_account_token_creator_role)
5. TenantInfo table should be present in service GCP datastore under namespace ```datascosystem``` and kind ```tenantInfo``` and has entry corresponding to data-partition-id passed.
6. User/service-account that will be used to run the service has access to ```service.schema-service.editors``` group in the specified data-partition.
### Installation
In order to run the service locally or remotely, you will need to have the following environment variables defined.
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `LOG_PREFIX` | `schema` | Logging prefix | no | - |
| `SERVER_SERVLET_CONTEXPATH` | `/api/schema-service/v1` | Servlet context path | no | - |
| `AUTHORIZE_API` | ex `https://entitlements.com/entitlements/v1` | Entitlements API endpoint | no | output of infrastructure deployment |
| `ACCOUNT_ID_COMMON_PROJECT` | ex `common` | Shared account id | no | - |
| `SERVICE_PARTITION_ENABLED` | `true` OR `false` | Allow to configure TenantInfo provision by Partition service | no | - |
| `GOOGLE_AUDIENCES` | ex `*****.apps.googleusercontent.com` | Client ID for getting access to cloud resources | yes | https://console.cloud.google.com/apis/credentials |
| `PARTITION_API` | ex `http://localhost:8081/api/partition/v1` | Partition service endpoint | no | - |
| `GOOGLE_APPLICATION_CREDENTIALS` | ex `/path/to/directory/service-key.json` | Service account credentials, you only need this if running locally | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `GCLOUD_PROJECT` | `******` | Cloud project id, you only need this if running locally | no | https://console.cloud.google.com |
| `gcp.schema-changed.messagingEnabled` | `true` OR `false` | Allows to configure message publishing about schemas changes to Pub/Sub | no | - |
### Service Configuration
#### Anthos:
[Anthos service configuration ](docs/anthos/README.md)
#### GCP:
[Gcp service configuration ](docs/gcp/README.md)
### Run Locally
Check that maven is installed:
......
## Service Configuration for Anthos
## Environment variables:
Define the following environment variables.
Must have:
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `SPRING_PROFILES_ACTIVE` | ex `anthos` | Spring profile that activate default configuration for GCP environment | false | - |
| `<POSTGRES_PASSWORD_ENV_VARIABLE_NAME>` | ex `password` | Potgres user, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | yes | - |
| `<MINIO_SECRETKEY_ENV_VARIABLE_NAME>` | ex `password` | Minio password, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | yes | - |
| `<AMQP_PASSWORD_ENV_VARIABLE_NAME>` | ex `password` | RabbitMQ password, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | yes | - |
| `<AMQP_ADMIN_PASSWORD_ENV_VARIABLE_NAME>` | ex `password` | RabbitMQ Admin password, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | yes | - |
Defined in default application property file but possible to override:
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `LOG_PREFIX` | `schema` | Logging prefix | no | - |
| `LOG_LEVEL` | `DEBUG` | Logging level | no | - |
| `SERVER_SERVLET_CONTEXPATH` | `/api/schema-service/v1` | Servlet context path | no | - |
| `AUTHORIZE_API` | ex `https://entitlements.com/entitlements/v1` | Entitlements API endpoint | no | output of infrastructure deployment |
| `PARTITION_API` | ex `http://localhost:8081/api/partition/v1` | Partition service endpoint | no | - |
| `GOOGLE_APPLICATION_CREDENTIALS` | ex `/path/to/directory/service-key.json` | Service account credentials, you only need this if running locally | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `GCP_SCHEMA_CHANGED_MESSAGING_ENABLED` | `true` OR `false` | Allows to configure message publishing about schemas changes to Pub/Sub | no | - |
| `GCP_SCHEMA_CHANGED_TOPIC_NAME` | `schema_changed` | Topic for schema changes events | no | - |
These variables define service behavior, and are used to switch between `anthos` or `gcp` environments, their overriding
and usage in mixed mode was not tested. Usage of spring profiles is preferred.
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `PARTITION_AUTH_ENABLED` | ex `true` or `false` | Disable or enable auth token provisioning for requests to Partition service | no | - |
| `OQMDRIVER` | `rabbitmq` or `pubsub` | Oqm driver mode that defines which message broker will be used | no | - |
| `OSMDRIVER` | `datastore` or `postgres` | Osm driver mode that defines which KV storage will be used | no | - |
| `OBMDRIVER` | `gcs` or `minio` | Obm driver mode that defines which object storage will be used | no | - |
| `SERVICE_TOKEN_PROVIDER` | `GCP` or `OPENID` |Service account token provider, `GCP` means use Google service account `OPEIND` means use OpenId provider like `Keycloak` | no | - |
### Properties set in Partition service:
Note that properties can be set in Partition as `sensitive` in that case in property `value` should be present not value itself, but ENV variable name.
This variable should be present in environment of service that need that variable.
Example:
```
"elasticsearch.port": {
"sensitive": false, <- value not sensitive
"value": "9243" <- will be used as is.
},
"elasticsearch.password": {
"sensitive": true, <- value is sensitive
"value": "ELASTIC_SEARCH_PASSWORD_OSDU" <- service consumer should have env variable ELASTIC_SEARCH_PASSWORD_OSDU with elastic search password
}
```
## Postgres configuration:
### Properties set in Partition service:
**prefix:** `osm.postgres`
It can be overridden by:
- through the Spring Boot property `osm.postgres.partition-properties-prefix`
- environment variable `OSM_POSTGRES_PARTITION_PROPERTIES_PREFIX`
**Propertyset:**
| Property | Description |
| --- | --- |
| osm.postgres.datasource.url | server URL |
| osm.postgres.datasource.username | username |
| osm.postgres.datasource.password | password |
<details><summary>Example of a definition for a single tenant</summary>
```
curl -L -X PATCH 'http://partition.com/api/partition/v1/partitions/opendes' -H 'data-partition-id: opendes' -H 'Authorization: Bearer ...' -H 'Content-Type: application/json' --data-raw '{
"properties": {
"osm.postgres.datasource.url": {
"sensitive": false,
"value": "jdbc:postgresql://127.0.0.1:5432/postgres"
},
"osm.postgres.datasource.username": {
"sensitive": false,
"value": "postgres"
},
"osm.postgres.datasource.password": {
"sensitive": true,
"value": "<POSTGRES_PASSWORD_ENV_VARIABLE_NAME>" <- (Not actual value, just name of env variable)
}
}
}'
```
</details>
### Schema configuration:
```
-- Table: dataecosystem.authority
-- DROP TABLE IF EXISTS dataecosystem.authority;
CREATE TABLE IF NOT EXISTS dataecosystem.authority
(
id text COLLATE pg_catalog."default" NOT NULL,
pk bigint NOT NULL GENERATED ALWAYS AS IDENTITY ( INCREMENT 1 START 1 MINVALUE 1 MAXVALUE 9223372036854775807 CACHE 1 ),
data jsonb NOT NULL,
CONSTRAINT "Authority_pkey" PRIMARY KEY (pk),
CONSTRAINT authority_id UNIQUE (id)
)
TABLESPACE pg_default;
ALTER TABLE IF EXISTS dataecosystem.authority
OWNER to postgres;
-- Index: authority_datagin
-- DROP INDEX IF EXISTS dataecosystem.authority_datagin;
CREATE INDEX IF NOT EXISTS authority_datagin
ON dataecosystem.authority USING gin
(data)
TABLESPACE pg_default;
-- Table: dataecosystem.entityType
-- DROP TABLE IF EXISTS dataecosystem."entityType";
CREATE TABLE IF NOT EXISTS dataecosystem."entityType"
(
id text COLLATE pg_catalog."default" NOT NULL,
pk bigint NOT NULL GENERATED ALWAYS AS IDENTITY ( INCREMENT 1 START 1 MINVALUE 1 MAXVALUE 9223372036854775807 CACHE 1 ),
data jsonb NOT NULL,
CONSTRAINT "EntityType_pkey" PRIMARY KEY (pk),
CONSTRAINT entitytype_id UNIQUE (id)
)
TABLESPACE pg_default;
ALTER TABLE IF EXISTS dataecosystem."entityType"
OWNER to postgres;
-- Index: entitytype_datagin
-- DROP INDEX IF EXISTS dataecosystem.entitytype_datagin;
CREATE INDEX IF NOT EXISTS entitytype_datagin
ON dataecosystem."entityType" USING gin
(data)
TABLESPACE pg_default;
-- Table: dataecosystem.schema-osm
-- DROP TABLE IF EXISTS dataecosystem."schema-osm";
CREATE TABLE IF NOT EXISTS dataecosystem."schema-osm"
(
id text COLLATE pg_catalog."default" NOT NULL,
pk bigint NOT NULL GENERATED ALWAYS AS IDENTITY ( INCREMENT 1 START 1 MINVALUE 1 MAXVALUE 9223372036854775807 CACHE 1 ),
data jsonb NOT NULL,
CONSTRAINT "Schema_pkey" PRIMARY KEY (pk),
CONSTRAINT schemarequest_id UNIQUE (id)
)
TABLESPACE pg_default;
ALTER TABLE IF EXISTS dataecosystem."schema-osm"
OWNER to postgres;
-- Index: schemarequest_datagin
-- DROP INDEX IF EXISTS dataecosystem.schemarequest_datagin;
CREATE INDEX IF NOT EXISTS schemarequest_datagin
ON dataecosystem."schema-osm" USING gin
(data)
TABLESPACE pg_default;
-- Table: dataecosystem.source
-- DROP TABLE IF EXISTS dataecosystem.source;
CREATE TABLE IF NOT EXISTS dataecosystem.source
(
id text COLLATE pg_catalog."default" NOT NULL,
pk bigint NOT NULL GENERATED ALWAYS AS IDENTITY ( INCREMENT 1 START 1 MINVALUE 1 MAXVALUE 9223372036854775807 CACHE 1 ),
data jsonb NOT NULL,
CONSTRAINT "Source_pkey" PRIMARY KEY (pk),
CONSTRAINT source_id UNIQUE (id)
)
TABLESPACE pg_default;
ALTER TABLE IF EXISTS dataecosystem.source
OWNER to postgres;
-- Index: source_datagin
-- DROP INDEX IF EXISTS dataecosystem.source_datagin;
CREATE INDEX IF NOT EXISTS source_datagin
ON dataecosystem.source USING gin
(data)
TABLESPACE pg_default;
```
## RabbitMQ configuration:
### Properties set in Partition service:
**prefix:** `oqm.rabbitmq`
It can be overridden by:
- through the Spring Boot property `oqm.rabbitmq.partition-properties-prefix`
- environment variable `OQM_RABBITMQ_PARTITION_PROPERTIES_PREFIX`
**Property Set** (for two types of connection: messaging and admin operations):
| Property | Description |
| --- | --- |
| oqm.rabbitmq.amqp.host | messaging hostname or IP |
| oqm.rabbitmq.amqp.port | - port |
| oqm.rabbitmq.amqp.path | - path |
| oqm.rabbitmq.amqp.username | - username |
| oqm.rabbitmq.amqp.password | - password |
| oqm.rabbitmq.admin.schema | admin host schema |
| oqm.rabbitmq.admin.host | - host name |
| oqm.rabbitmq.admin.port | - port |
| oqm.rabbitmq.admin.path | - path |
| oqm.rabbitmq.admin.username | - username |
| oqm.rabbitmq.admin.password | - password |
<details><summary>Example of a single tenant definition</summary>
```
curl -L -X PATCH 'https://dev.osdu.club/api/partition/v1/partitions/opendes' -H 'data-partition-id: opendes' -H 'Authorization: Bearer ...' -H 'Content-Type: application/json' --data-raw '{
"properties": {
"oqm.rabbitmq.amqp.host": {
"sensitive": false,
"value": "localhost"
},
"oqm.rabbitmq.amqp.port": {
"sensitive": false,
"value": "5672"
},
"oqm.rabbitmq.amqp.path": {
"sensitive": false,
"value": ""
},
"oqm.rabbitmq.amqp.username": {
"sensitive": false,
"value": "guest"
},
"oqm.rabbitmq.amqp.password": {
"sensitive": true,
"value": "<AMQP_PASSWORD_ENV_VARIABLE_NAME>" <- (Not actual value, just name of env variable)
},
"oqm.rabbitmq.admin.schema": {
"sensitive": false,
"value": "http"
},
"oqm.rabbitmq.admin.host": {
"sensitive": false,
"value": "localhost"
},
"oqm.rabbitmq.admin.port": {
"sensitive": false,
"value": "9002"
},
"oqm.rabbitmq.admin.path": {
"sensitive": false,
"value": "/api"
},
"oqm.rabbitmq.admin.username": {
"sensitive": false,
"value": "guest"
},
"oqm.rabbitmq.admin.password": {
"sensitive": true,
"value": "<AMQP_ADMIN_PASSWORD_ENV_VARIABLE_NAME>" <- (Not actual value, just name of env variable)
}
}
}'
```
</details>
### Exchanges & queues configuration:
At RabbitMq should be created exchange with name:
**name:** `schema-changed`
It can be overridden by:
- through the Spring Boot property `gcp.schema-changed.topic-name`
- environment variable `GCP_SCHEMA_CHANGED_TOPIC_NAME`
![Screenshot](./pics/rabbit.PNG)
## Minio configuration :
### Properties set in Partition service:
**prefix:** `obm.minio`
It can be overridden by:
- through the Spring Boot property `obm.minio.partition-properties-prefix`
- environment variable `OBM_MINIO_PARTITION_PROPERTIES_PREFIX`
**Propertyset** (for two types of connection: messaging and admin operations):
| Property | Description |
| --- | --- |
| obm.minio.endpoint | - url |
| obm.minio.credentials.access.key | - username |
| obm.minio.credentials.secret.key | - password |
<details><summary>Example of a single tenant definition</summary>
```
curl -L -X PATCH 'https://dev.osdu.club/api/partition/v1/partitions/opendes' -H 'data-partition-id: opendes' -H 'Authorization: Bearer ...' -H 'Content-Type: application/json' --data-raw '{
"properties": {
"obm.minio.endpoint": {
"sensitive": false,
"value": "localhost"
},
"obm.minio.credentials.access.key": {
"sensitive": false,
"value": "minioadmin"
},
"obm.minio.credentials.secret.key": {
"sensitive": false,
"value": "<MINIO_SECRETKEY_ENV_VARIABLE_NAME>" <- (Not actual value, just name of env variable)
}
}
}'
```
</details>
### Bucket configuration:
At Minio should be created bucket:
**name:** `<project name from tenant info>-schema`
This bucket used to store full schemas in `.json` files.
\ No newline at end of file
## Service Configuration for GCP
## Environment variables:
Define the following environment variables.
Must have:
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `GOOGLE_AUDIENCES` | ex `*****.apps.googleusercontent.com` | Client ID for getting access to cloud resources | yes | https://console.cloud.google.com/apis/credentials |
| `SPRING_PROFILES_ACTIVE` | ex `gcp` | Spring profile that activate default configuration for GCP environment | false | - |
| `SHARED_TENANT_NAME` | ex `osdu` | Shared account id | no | - |
Defined in default application property file but possible to override:
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `LOG_PREFIX` | `schema` | Logging prefix | no | - |
| `LOG_LEVEL` | `DEBUG` | Logging level | no | - |
| `SERVER_SERVLET_CONTEXPATH` | `/api/schema-service/v1` | Servlet context path | no | - |
| `AUTHORIZE_API` | ex `https://entitlements.com/entitlements/v1` | Entitlements API endpoint | no | output of infrastructure deployment |
| `PARTITION_API` | ex `http://localhost:8081/api/partition/v1` | Partition service endpoint | no | - |
| `GOOGLE_APPLICATION_CREDENTIALS` | ex `/path/to/directory/service-key.json` | Service account credentials, you only need this if running locally | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `GCP_SCHEMA_CHANGED_MESSAGING_ENABLED` | `true` OR `false` | Allows to configure message publishing about schemas changes to Pub/Sub | no | - |
| `GCP_SCHEMA_CHANGED_TOPIC_NAME` | `schema_changed` | Topic for schema changes events | no | - |
These variables define service behavior, and are used to switch between `anthos` or `gcp` environments, their overriding
and usage in mixed mode was not tested. Usage of spring profiles is preferred.
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `PARTITION_AUTH_ENABLED` | ex `true` or `false` | Disable or enable auth token provisioning for requests to Partition service | no | - |
| `OQMDRIVER` | `rabbitmq` or `pubsub` | Oqm driver mode that defines which message broker will be used | no | - |
| `OSMDRIVER` | `datastore` or `postgres` | Osm driver mode that defines which KV storage will be used | no | - |
| `OBMDRIVER` | `gcs` or `minio` | Obm driver mode that defines which object storage will be used | no | - |
| `SERVICE_TOKEN_PROVIDER` | `GCP` or `OPENID` |Service account token provider, `GCP` means use Google service account `OPEIND` means use OpenId provider like `Keycloak` | no | - |
## Datastore configuration:
There must be a namespace `dataecosystem`.
Example:
![Screenshot](./pics/namespace.PNG)
Kind `schema-osm` `authority` `entityType` `source` will be created by service if it does not exist.
## Pubsub configuration:
At Pubsub should be created topic with name:
**name:** `schema-changed`
It can be overridden by:
- through the Spring Boot property `gcp.schema-changed.topic-name`
- environment variable `GCP_SCHEMA_CHANGED_TOPIC_NAME`
## GCS configuration:
At Google cloud storage should be created bucket:
**name:** `<project name from tenant info>-schema`
This bucket used to store full schemas in `.json` files.
## Google cloud service account configuration :
TBD
| Required roles |
| --- |
| - |
\ No newline at end of file
......@@ -29,22 +29,6 @@
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>osm</artifactId>
<version>0.13.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>oqm</artifactId>
<version>0.13.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>obm</artifactId>
<version>0.13.1-SNAPSHOT</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.google.cloud/google-cloud-storage -->
<dependency>