CloudScend Foresight Environment Variables
This is the list of environment variables that CloudScend Foresight creates. These are located in the foresight.env file and created during installation. This is provided in case you need to update a location, path, or value for some reason.
| Variable | Sample Value | Description |
|---|---|---|
| BASE_DOMAIN | test.saicappmod.com | This sets the ending of endpoint of the applications(i.e apps will be - sage.test.saicappmod.com) |
| NAMESPACE | test | This will create/use the listed namespace |
| DEPLOY_ENV | "staging" | This is part of the namespace that the applications will be deployed to |
| GITLAB_ACCESS_TOKEN | "gitlabaccesstoken" | This is the token to access the application images |
| CREATE_NAMESPACE | TRUE | This value will define whether a namespace needs to created based on the "NAMESPACE" variable |
| GIT_USERNAME | "oauth" | This is the first half of the authentication aspect to the Gitlab |
| GIT_PASSWORD | "tokenshouldgohere" | This is the second half of the authentication aspect to the Gitlab |
| GIT_USER_EMAIL | "test@example.com" | This is the email associated with your login of Gitlab. |
| IMAGE_PULL_SECRET | "regcred" | This value is the secret key that handles the pulling of images from a registry. Can be empty. |
| KEYCLOAK_BASE_DOMAIN | keycloak.saicappmod.com | This is the endpoint that Keycloak will be on |
| KEYCLOAK_NAME | "keycloak" | This will just be keycloak |
| KEYCLOAK_IMAGE_REPOSITORY | "registry.sif.com/ forerunner/keycloak" | This is the registry that holds the image. |
| KEYCLOAK_IMAGE_TAG | "develop-8e274da" | This is the tag the keycloak image has. |
| KEYCLOAK_SSL_REQUIRED | "none" | Keycloak SSL necessary or not |
| KEYCLOAK_RESOURCE | "sage" | This is the client name for the application for |
| KEYCLOAK_REALM | "appmod" | This is the name of the realm that will be created inside of the stood up keycloak |
| KEYCLOAK_BEARER_ONLY | "true" | Bearer-only access type means that the application only allows bearer token requests. |
| KEYCLOAK_AUTODETECT _BEARER_ONLY | "true" | Auto-detection of bearer token |
| KEYCLOAK_ENABLE _BASIC_AUTH | "false" | Enablement of basic authentication |
| KEYCLOAK_USE _RESOURCE_ROLE_MAPPINGS | "false" | Adapter will look inside the token for application level role mappings for the user |
| KEYCLOAK_PUBLIC_CLIENT | "true" | Adapter will not send credentials for the client to Keycloak. |
| KEYCLOAK_PRINCIPAL_ATTRIBUTE | "preferred_username" | OpenID Connect ID Token attribute |
| KEYCLOAK_AUTH _SERVER_URL | "https://keycloak. test.saicappmod.com/auth" | This is the URL for Keycloak |
| KEYCLOAK_USE _EXISTING_SECRETS | "false" | Usage of secrets that you already have |
| KEYCLOAK_EXISTING _SECRET_CREDENTIALS | "keycloak-credentials" | The credentials that are exported from another keycloak you want to load in |
| KEYCLOAK_EXISTING _SECRET_TRUSTSTORE | "keycloak-truststore" | The trust store that is exported from another keycloak |
| KEYCLOAK_EXISTING _SECRET_REALM_SECRET | "realm-secret" | The realm secret for existing realms |
| KEYCLOAK_EXISTING _SECRET_POSTGRES | "keycloak-postgresql" | The postgres of an existing keycloak |
| KEYCLOAK_REPLICAS | "1" | This is the number of keycloak pods stood up. |
| KEYCLOAK_ENABLE _PUBLIC_MASTER | "true" | |
| INGRESS_ENABLED | "true" | This enables nginx ingress |
| ISTIO_ENABLED | "false" This enables istio ingress | |
| ISTIO_GATEWAY | "istio-system/istio- autogenerated-k8s-ingress" | This is the gateway for istio |
| SONARQUBE_NAME | "sonarqube" | This is used to name the virtual service, does not need to be changed |
| SONARQUBE_BASE_DOMAIN | "sonarqube.staging. saicappmod.com" | This will be the endpoint for Sonarqube |
| SONARQUBE_PLUGINS | "$(cat Initial/sonarqube-values/ sonarqube-plugins.yaml)" | This is the file location for the plugins that will be installed. |
| GITLAB_NAME | "gitlab" | This is the name for Gitlab. Should be left alone |
| GITLAB_BASE_DOMAIN | "gitlab.saicappmod.com" | This is the endpoint for the gitlab that will be stood up |
| GITLAB_CERT _MANAGER_ISSUER_EMAIL | "appmodissuer@saic.com" | This is the email for the issuer of the cert manager |
| GITLAB_POSTGRES_PASSWORD | "gitlabpassword" | This is the gitlab password |
| METABASE_NAME | "metabase" | This is to handle the virtual service name. |
| METABASE_BASE_DOMAIN | "metabase.test. saicappmod.com" | This is the endpoint that metabase will be on. |
| METABASE_DATABASE_PORT | "5432" | This is the port that the database will be on. |
| METABASE_DATABASE_NAME | "postgres" | This is the name of the database within postgres |
| METABASE_DB_USERNAME | "postgres" | This is the username to the postgres |
| CAST_SERVER_NAME | "cast-hl" | This is the name associated with the deployment of Cast Highlight |
| CAST_BASE_DOMAIN | "https://cast.test. saicappmod.com" | This is the endpoint for cast highlight |
| CAST_SERVER_IMAGE | "358354085340.dkr.ecr.us-east-1.amazonaws.com/ cast/hl-war-vm:13" | Image repository of Cast |
| CAST_SERVER_PORT | 8080 | This is the port that Cast will be on |
| CAST_SERVER _ADMIN_USERNAME | "admin-cast- highlight@castsoftware.com" | This is the username that Cast will use |
| CAST_SERVER _ADMIN_PASSWORD | "adminpassword" | This is the password to the admin user |
| CAST_SERVER _ADDITIONAL_ACCOUNT_PASSWORD | "castadditionalpassword" | This is an additional password to set other users in CAST |
| CAST_SCA_HOST | "ec2-52-61-149-234.us-gov-west- 1.compute.amazonaws.com" | Cast SCA host |
| CAST_SCA_PORT | "80" | Cast SCA port |
| CAST_SCA_SSL | "false" | Cast SCA SSL enablement |
| CAST_DATABASE_PASSWORD | "password" | The password to the CAST database |
| KEYCLOAK_ADMIN_USERNAME | "admin" | This is the user for the admin account |
| KEYCLOAK_ADMIN_PASSWORD | "adminpassword" | This is the keycloak admin password |
| LICENSE_KEY | "licensekeyhere" | This is the license key that is provided to you |
| METABASE_URL | "metabase.test. saicappmod.com" | This is the endpoint of Metabase |
| METABASE_ DASHBOARD_NUMBER | "3" | This is the dashboard number that will display on Sage. This may change depending on the Metabase stood up. |
| METABASE _SECRET_KEY | "secretkeyhere" | This is a metabase key that is used to encrypt passwords |
| CASTHL TOKEN_USERNAME | "castusername" | This is the cast highlight username |
| CASTHL TOKEN_PASSWORD | "castpassword" | This is the cast highlight password |
| QUEUE_ANALYSIS _SERVER | "https://queueanalysis- api.test.saicappmod.com" | This is the queue analysis endpoint |
| SAGE_BACKEND _BASE_DOMAIN | "sage-api.test. saicappmod.com" | This will be the endpoint for sage backend |
| SONARQUBE_USERNAME | "username" | This is the username for sonarqube login |
| SONARQUBE_PASSWORD | "passwordforsonarqubeusername" | This is the sonarqube password for the username listed above |
| SAGE_BACKEND_NAME | "sage-backend" | This is the name of the things associated with the deployment of the backend |
| SAGE_BACKEND _BASE_DOMAIN | "sage-api.test.saicappmod.com" | This is the name of the endpoint associated with the deployment of the backend |
| SAGE_BACKEND _IMAGE_REPOSITORY | "registry.sif.com/ forerunner/sage-backend" | This will be the repository that sage backend will be found in |
| SAGE_BACKEND _IMAGE_TAG | "develop-61d104b" | This will be the tag for the image of the backend |
| SAGE_MACHINELEARNING _CLIENT_NAME | "sage-ml" | This is the keycloak name client for sage-ml |
| SAGE_MACHINELEARNING _CLIENT_PASSWORD | "sage-mlpassword" | This is the sage-ml password |
| SAGE_DB_POSTGRES_ENABLED | "true" | The enablement of the built-in helm chart for postgres |
| SAGE_DB_POSTGRES_USERNAME | "postgres" | The username for the postgres that will be created |
| SAGE_DB_POSTGRES_SECRET | "sagedbssecret" | Password for the username that will be created |
| SAGE_BACKEND_CLOUD _AWS_CREDS_ACCESSKEY | "awscredskey" | Credentials access key for AWS |
| SAGE_BACKEND_CLOUD _AWS_CREDS_SECRETKEY | "awssecretkey" | Secret Key for AWS |
| SAGE_BACKEND _HIGHLIGHT_TOKEN_USERNAME | "tokenusername" | This is the highlight token username |
| SAGE_BACKEND _HIGHLIGHT_TOKEN_PASSWORD | "tokenpassword" | This is the highlight token password |
| SAGE_FRONTEND_NAME | "sage-ui" | This is the name of the frontend items associated with deployments |
| SAGE_FRONTEND _BASE_DOMAIN | "sage.test.saicappmod" | This is the endpoint for the frontend |
| SAGE_FRONTEND _IMAGE_REPOSITORY | "registry.sif.com/ forerunner/sage-frontend" | This is the repository that the image is found |
| SAGE_FRONTEND _IMAGE_TAG | "develop-c9af0c2" | This is the tag that the image is associated with |
| ADVISOR_URL | "https://advisor. test.saicappmod.com" | This is the advisor endpoint |
| KIBANA_URL | "https://kibana. test.saicappmod.com/app/home" | This is the Kibana endpoint |
| HELP_CENTER_URL | "https://sage. test.saicappmod.com/help" | This is the help center endpoint |
| SAGE_ML_NAME | "sage-ml" | This is the name that will be associated with all of sage-ml items |
| SAGE_ML_BASE_DOMAIN | "sage-ml.test.saicappmod.com" | This is the endpoint for sage-ml |
| SAGE_ML_IMAGE _REPOSITORY | "registry.sif.com/ forerunner/sage-ml" | This is the repository that contains the image for sage-ml |
| SAGE_ML_IMAGE_TAG | "develop-372b846" | This is the image tag for sage-ml image |
| KEYCLOAK_CLIENT_SECRET | "keycloakclientsecret" | This is the client secret for Sage-ML |
| FLASK_APP_SECRET_KEY | "flaskappsecret" | This is the flask app secret specific to Sage-ML |
| SOURCE_CODE _UPLOADER_NAME | "uploader" | This is the name for all the services related to Uploader. |
| SOURCE_CODE_UPLOADER _BASE_DOMAIN | "uploader.test. saicappmod.com" | This is the endpoint that uploader will go to |
| SOURCE_CODE_UPLOADER _IMAGE_REPOSITORY | "registry.sif.com/ forerunner/source-code-uploader" | This is the image repository where Uploader lives |
| SOURCE_CODE_UPLOADER _IMAGE_TAG | "develop-375aa6f" | This is the tag for Uploader |
| COMMONDATA_NAME | "commondata-backend" | This will be the name of the services associated with Commondata |
| COMMONDATA_BASE_DOMAIN | "commondata-api. test.saicappmod.com" | This is the endpoint for Commondata when it comes up |
| COMMONDATA_IMAGE _REPOSITORY | "registry.sif.com/ forerunner/commondata-backend" | This is the registry that Commondata image lives in |
| COMMONDATA_IMAGE_TAG | "develop-0c85629" | This is the tag name for the image |
| COMMONDATA_POSTGRES _ENABLED | "true" | Enables a postgres to be stood up alongside commondata |
| COMMONDATA_POSTGRES _USERNAME | "commondata-db-user" | The database username that will be used |
| COMMONDATA_POSTGRES _PASSWORD | "password" | The database password associated with the username |
| COMMONDATA_POSTGRES _DATABASE_NAME | "commondata" | The name of the database |
| COMMONDATA_APP_CORS _ALLOWED_ORIGINS_2 | "http://localhost:4200" | This is one of the allowed origin variables. You can edit this one to your server. |
| REPORTS_SERVICE_NAME | "reports-service" | This is the name of the services involved with Report-Service |
| REPORTS_SERVICE _BASE_DOMAIN | "reports-service. saicappmod.com" | This is the endpoint of report service |
| REPORTS_SERVICE _IMAGE_REPOSITORY | "registry.sif.com/ forerunner/reports-service" | This is the repository that the Report-Service image is located at |
| REPORTS_SERVICE _IMAGE_TAG | "dev-361e9f7" | This is the tag that report service image has |
| REPORTS_SERVICE _WINDOWS_PROTOCOL | "http" | This is the protocol for the windows Reports-Service. |
| REPORTS_SERVICE _WINDOWS_HOST | "report-service- win.saicappmod.com" | This is the endpoint for the windows Reports-Service |
| REPORTS_SERVICE _WINDOWS_PORT | "8080" | This is the port of the windows Reports-service |
| HIGHLIGHT_AGENT_NAME | "highlight-agent" | This is the name of everything associated with highlight agent will be called |
| HIGHLIGHT_AGENT _BASE_DOMAIN | "highlightagent. test.saicappmod.com" | This is the endpoint that highlight agent will come up on |
| HIGHLIGHT_AGENT _IMAGE_REPOSITORY | "registry.sif.com/ forerunner/highlight-agent" | This is the repository that the highlight agent image will be in |
| HIGHLIGHT_AGENT _IMAGE_TAG | "develop-e1346ea" | This is the tag that the highlight agent image will have |