Skip to content
Snippets Groups Projects
Verified Commit 40c871e5 authored by Daniel Göbel's avatar Daniel Göbel
Browse files

Fix stage in CI pipeline

parent d5f6012c
No related branches found
No related tags found
No related merge requests found
Pipeline #52624 passed
......@@ -134,7 +134,7 @@ combine-test-coverage-job: # Combine coverage reports from different test jobs
path: $CI_PROJECT_DIR/coverage.xml
.publish-docker-container:
stage: deploy
stage: deploy-docker-images
image:
name: gcr.io/kaniko-project/executor:v1.22.0-debug
entrypoint: [ "" ]
......
# Configuration
## General
| Env variable | Config file key | Default | Value | Example | Description |
|-----------------------------|-----------------------|---------------|----------|------------------------|-----------------------------------------------------------------------------------------------------------------------|
| `CLOWM_CONFIG_FILE_YAML` | - | `config.yaml` | Filepath | `/path/to/config.yaml` | Path to a YAML file to read the config. See [example-config/example-config.yaml](example-config/example-config.yaml). |
| `CLOWM_CONFIG_FILE_TOML` | - | `config.toml` | Filepath | `/path/to/config.toml` | Path to a TOML file to read the config. See [example-config/example-config.toml](example-config/example-config.toml). |
| `CLOWM_CONFIG_FILE_JSON` | - | `config.json` | Filepath | `/path/to/config.json` | Path to a JSON file to read the config. See [example-config/example-config.json](example-config/example-config.json). |
| `CLOWM_API_PREFIX` | `api_prefix` | unset | URI path | `/api` | Prefix before every URL path |
| * `CLOWM_UI_URI` | `ui_uri` | unset | HTTP URL | `https://localhost` | HTTP URL of the CloWM website |
| `CLOWM_BLOCK_FOREIGN_USERS` | `block_foreign_users` | `false` | boolean | `false` | Block users that have no role |
## Database
| Env variable | Config file key | Default | Value | Example | Description |
|------------------------|-----------------|-------------|--------------------|---------------|----------------------------------------------------------------|
| `CLOWM_DB__HOST` | `db.host` | `localhost` | <db hostname / IP> | `localhost` | IP or Hostname Address of DB |
| `CLOWM_DB__PORT` | `db.port` | 3306 | Integer | 3306 | Port of the database |
| * `CLOWM_DB__USER` | `db.user` | unset | String | `db-user` | Username of the database user |
| * `CLOWM_DB__PASSWORD` | `db.password` | unset | String | `db-password` | Password of the database user |
| * `CLOWM_DB__NAME` | `db.name` | unset | String | `db-name` | Name of the database |
| `CLOWM_DB__VERBOSE` | `db.verbose` | `false` | Boolean | `false` | Enables verbose SQL output.<br>Should be `false` in production |
## Email
| Variable | Config file key | Default | Value | Example | Description |
|-----------------------------------|----------------------------|----------------------|-------------------------|----------------------|------------------------------------------------------------------------------------------------------------|
| `CLOWM_SMTP__SERVER` | `smtp.server` | unset | SMTP domain / `console` | `localhost` | Hostname of SMTP server. If `console`, emails are printed to the console. If not set, emails are not sent. |
| `CLOWM_SMTP__PORT` | `smtp.port` | 587 | Integer | 587 | Port of the SMTP server |
| `CLOWM_SMTP__SENDER_EMAIL` | `smtp.sender_email` | `no-reply@clowm.com` | Email | `no-reply@clowm.com` | Email address from which the emails are sent. |
| `CLOWM_SMTP__REPLY_EMAIL` | `smtp.reply_email` | unset | Email | `clowm@example.org` | Email address in the `Reply-To` header. |
| `CLOWM_SMTP__CONNECTION_SECURITY` | `smtp.connection_security` | unset | `starttls` / `ssl` | `starttls` | Connection security to the SMTP server. |
| `CLOWM_SMTP__LOCAL_HOSTNAME` | `smtp.local_hostname` | unset | String | `clowm.local` | Overwrite the local hostname from which the emails are sent. |
| `CLOWM_SMTP__CA_PATH` | `smtp.ca_path` | unset | Filepath | `/path/to/ca.pem` | Path to a custom CA certificate. |
| `CLOWM_SMTP__KEY_PATH` | `smtp.key_path` | unset | Filepath | `/path/to/key.pem` | Path to the CA key. |
| `CLOWM_SMTP__USER` | `smtp.user` | unset | String | `smtp-user` | Username to use for SMTP login. |
| `CLOWM_SMTP__PASSWORD` | `smtp.password` | unset | String | `smtp-password` | Password to use for SMTP login. |
## S3
| Env variable | Config file key | Default | Value | Example | Description |
|-----------------------------------------|----------------------------------|------------------|----------|----------------------------|----------------------------------------------------------------------------------|
| * `CLOWM_S3__URI` | `s3.uri` | unset | HTTP URL | `http://localhost` | URI of the S3 Object Storage |
| * `CLOWM_S3__ACCESS_KEY` | `s3.acess_key` | unset | String | `ZR7U56KMK20VW` | Access key for the S3 that owns the buckets and `user=*,bucket=*` capabilities |
| * `CLOWM_S3__SECRET_KEY` | `s3.secret_key` | unset | String | `9KRUU41EGSCB3H9ODECNHW` | Secret key for the S3 that owns the buckets |
| `CLOWM_S3__USERNAME` | `s3.username` | `bucket-manager` | String | `bucket-manager` | ID of the user in ceph who owns all the buckets. Owner of `CLOWM_S3__ACCESS_KEY` |
| `CLOWM_S3__INITIAL_BUCKET_SIZE_LIMIT` | `s3.initial_bucket_size_limit` | `100 GiB` | ByteSize | `10 KB`, `10 KiB`, `10 MB` | Size limit of the initial bucket. Between `1 KiB` and `4.3 TB` |
| `CLOWM_S3__INITIAL_BUCKET_OBJECT_LIMIT` | `s3.initial_bucket_object_limit` | `10000` | Integer | `10000` | Number of object limit in the initial bucket. Must be $<2^{32}$ |
| `CLOWM_S3__DEFAULT_BUCKET_SIZE_LIMIT` | `s3.default_bucket_size_limit` | `400 GiB` | ByteSize | `10 KB`, `10 KiB`, `10 MB` | Size limit of a new Bucket. Between `1 KiB` and `4.3 TB` |
| `CLOWM_S3__DEFAULT_BUCKET_OBJECT_LIMIT` | `s3.default_bucket_object_limit` | `40000` | Integer | `10000` | Maximum number of objects in a new bucket. Must be $<2^{32}$ |
## Security
| Env variable | Config file key | Default | Value | Example | Description |
|------------------------------------------------|------------------------------------|--------------------|---------------------------------|----------------|-----------------------------------------------------------------------------------------------|
| `CLOWM_PRIVATE_KEY` / `CLOWM_PRIVATE_KEY_FILE` | `private_key` / `private_key_file` | randomly generated | Public Key / Path to Public Key | `/path/to/key` | Private part of RSA Key in PEM format to sign JWTs. Public part is inferred from private key. |
| `CLOWM_JWT_TOKEN_EXPIRE_MINUTES` | `jwt_token_expire_minutes` | 8 days | number | 11520 | Minutes till a JWT expires |
| `CLOWM_SECRET_KEY` | `secret_key` | randomly generated | string | `xxxx` | Secret key to sign Session Cookies |
## Lifescience OIDC
| Env variable | Config file key | Default | Value | Example | Description |
|-----------------------------------------------|----------------------------------|-----------------------------------------------------------------------------|----------|---------------------------------------|-----------------------------------------------------------------------------|
| * `CLOWM_LIFESCIENCE_OIDC__CLIENT_ID` | `lifescience_oidc.client_id` | unset | string | `xxx` | OIDC Client secret |
| * `CLOWM_LIFESCIENCE_OIDC__CLIENT_SECRET` | `lifescience_oidc.client_secret` | unset | string | `xxx` | OIDC Client ID |
| `CLOWM_LIFESCIENCE_OIDC__SERVER_METADATA_URL` | `lifescience_oidc.base_uri` | `https://login.aai.lifescience-ri.eu/oidc/.well-known/openid-configuration` | HTTP URL | `https://login.aai.lifescience-ri.eu` | Lifescience OIDC Base URI. Will be concatenated with `CLOWM_META_INFO_PATH` |
## Monitoring
| Env variable | Config file key | Default | Value | Example | Description |
|-----------------------------|----------------------|---------|---------|-------------|----------------------------------------------------------------------------------------------|
| `CLOWM_OTLP__GRPC_ENDPOINT` | `otlp.grpc_endpoint` | unset | String | `localhost` | OTLP compatible endpoint to send traces via gRPC, e.g. Jaeger. If unset, no traces are sent. |
| `CLOWM_OTLP__SECURE` | `otlp.secure` | `false` | Boolean | `false` | Connection type |
......@@ -16,83 +16,7 @@ permissions there are and which roles has which permission.
## Configuration
### General
| Env variable | Config file key | Default | Value | Example | Description |
|-----------------------------|-----------------------|---------------|----------|------------------------|-----------------------------------------------------------------------------------------------------------------------|
| `CLOWM_CONFIG_FILE_YAML` | - | `config.yaml` | Filepath | `/path/to/config.yaml` | Path to a YAML file to read the config. See [example-config/example-config.yaml](example-config/example-config.yaml). |
| `CLOWM_CONFIG_FILE_TOML` | - | `config.toml` | Filepath | `/path/to/config.toml` | Path to a TOML file to read the config. See [example-config/example-config.toml](example-config/example-config.toml). |
| `CLOWM_CONFIG_FILE_JSON` | - | `config.json` | Filepath | `/path/to/config.json` | Path to a JSON file to read the config. See [example-config/example-config.json](example-config/example-config.json). |
| `CLOWM_API_PREFIX` | `api_prefix` | unset | URI path | `/api` | Prefix before every URL path |
| * `CLOWM_UI_URI` | `ui_uri` | unset | HTTP URL | `https://localhost` | HTTP URL of the CloWM website |
| `CLOWM_BLOCK_FOREIGN_USERS` | `block_foreign_users` | `false` | boolean | `false` | Block users that have no role |
### Database
| Env variable | Config file key | Default | Value | Example | Description |
|------------------------|-----------------|-------------|--------------------|---------------|----------------------------------------------------------------|
| `CLOWM_DB__HOST` | `db.host` | `localhost` | <db hostname / IP> | `localhost` | IP or Hostname Address of DB |
| `CLOWM_DB__PORT` | `db.port` | 3306 | Integer | 3306 | Port of the database |
| * `CLOWM_DB__USER` | `db.user` | unset | String | `db-user` | Username of the database user |
| * `CLOWM_DB__PASSWORD` | `db.password` | unset | String | `db-password` | Password of the database user |
| * `CLOWM_DB__NAME` | `db.name` | unset | String | `db-name` | Name of the database |
| `CLOWM_DB__VERBOSE` | `db.verbose` | `false` | Boolean | `false` | Enables verbose SQL output.<br>Should be `false` in production |
### Email
| Variable | Config file key | Default | Value | Example | Description |
|-----------------------------------|----------------------------|----------------------|-------------------------|----------------------|------------------------------------------------------------------------------------------------------------|
| `CLOWM_SMTP__SERVER` | `smtp.server` | unset | SMTP domain / `console` | `localhost` | Hostname of SMTP server. If `console`, emails are printed to the console. If not set, emails are not sent. |
| `CLOWM_SMTP__PORT` | `smtp.port` | 587 | Integer | 587 | Port of the SMTP server |
| `CLOWM_SMTP__SENDER_EMAIL` | `smtp.sender_email` | `no-reply@clowm.com` | Email | `no-reply@clowm.com` | Email address from which the emails are sent. |
| `CLOWM_SMTP__REPLY_EMAIL` | `smtp.reply_email` | unset | Email | `clowm@example.org` | Email address in the `Reply-To` header. |
| `CLOWM_SMTP__CONNECTION_SECURITY` | `smtp.connection_security` | unset | `starttls` / `ssl` | `starttls` | Connection security to the SMTP server. |
| `CLOWM_SMTP__LOCAL_HOSTNAME` | `smtp.local_hostname` | unset | String | `clowm.local` | Overwrite the local hostname from which the emails are sent. |
| `CLOWM_SMTP__CA_PATH` | `smtp.ca_path` | unset | Filepath | `/path/to/ca.pem` | Path to a custom CA certificate. |
| `CLOWM_SMTP__KEY_PATH` | `smtp.key_path` | unset | Filepath | `/path/to/key.pem` | Path to the CA key. |
| `CLOWM_SMTP__USER` | `smtp.user` | unset | String | `smtp-user` | Username to use for SMTP login. |
| `CLOWM_SMTP__PASSWORD` | `smtp.password` | unset | String | `smtp-password` | Password to use for SMTP login. |
### S3
| Env variable | Config file key | Default | Value | Example | Description |
|-----------------------------------------|----------------------------------|------------------|----------|----------------------------|----------------------------------------------------------------------------------|
| * `CLOWM_S3__URI` | `s3.uri` | unset | HTTP URL | `http://localhost` | URI of the S3 Object Storage |
| * `CLOWM_S3__ACCESS_KEY` | `s3.acess_key` | unset | String | `ZR7U56KMK20VW` | Access key for the S3 that owns the buckets and `user=*,bucket=*` capabilities |
| * `CLOWM_S3__SECRET_KEY` | `s3.secret_key` | unset | String | `9KRUU41EGSCB3H9ODECNHW` | Secret key for the S3 that owns the buckets |
| `CLOWM_S3__USERNAME` | `s3.username` | `bucket-manager` | String | `bucket-manager` | ID of the user in ceph who owns all the buckets. Owner of `CLOWM_S3__ACCESS_KEY` |
| `CLOWM_S3__INITIAL_BUCKET_SIZE_LIMIT` | `s3.initial_bucket_size_limit` | `100 GiB` | ByteSize | `10 KB`, `10 KiB`, `10 MB` | Size limit of the initial bucket. Between `1 KiB` and `4.3 TB` |
| `CLOWM_S3__INITIAL_BUCKET_OBJECT_LIMIT` | `s3.initial_bucket_object_limit` | `10000` | Integer | `10000` | Number of object limit in the initial bucket. Must be $<2^{32}$ |
| `CLOWM_S3__DEFAULT_BUCKET_SIZE_LIMIT` | `s3.default_bucket_size_limit` | `400 GiB` | ByteSize | `10 KB`, `10 KiB`, `10 MB` | Size limit of a new Bucket. Between `1 KiB` and `4.3 TB` |
| `CLOWM_S3__DEFAULT_BUCKET_OBJECT_LIMIT` | `s3.default_bucket_object_limit` | `40000` | Integer | `10000` | Maximum number of objects in a new bucket. Must be $<2^{32}$ |
### Security
| Env variable | Config file key | Default | Value | Example | Description |
|------------------------------------------------|------------------------------------|--------------------|---------------------------------|----------------|-----------------------------------------------------------------------------------------------|
| `CLOWM_PRIVATE_KEY` / `CLOWM_PRIVATE_KEY_FILE` | `private_key` / `private_key_file` | randomly generated | Public Key / Path to Public Key | `/path/to/key` | Private part of RSA Key in PEM format to sign JWTs. Public part is inferred from private key. |
| `CLOWM_JWT_TOKEN_EXPIRE_MINUTES` | `jwt_token_expire_minutes` | 8 days | number | 11520 | Minutes till a JWT expires |
| `CLOWM_SECRET_KEY` | `secret_key` | randomly generated | string | `xxxx` | Secret key to sign Session Cookies |
### Lifescience OIDC
| Env variable | Config file key | Default | Value | Example | Description |
|-----------------------------------------------|----------------------------------|-----------------------------------------------------------------------------|----------|---------------------------------------|-----------------------------------------------------------------------------|
| * `CLOWM_LIFESCIENCE_OIDC__CLIENT_ID` | `lifescience_oidc.client_id` | unset | string | `xxx` | OIDC Client secret |
| * `CLOWM_LIFESCIENCE_OIDC__CLIENT_SECRET` | `lifescience_oidc.client_secret` | unset | string | `xxx` | OIDC Client ID |
| `CLOWM_LIFESCIENCE_OIDC__SERVER_METADATA_URL` | `lifescience_oidc.base_uri` | `https://login.aai.lifescience-ri.eu/oidc/.well-known/openid-configuration` | HTTP URL | `https://login.aai.lifescience-ri.eu` | Lifescience OIDC Base URI. Will be concatenated with `CLOWM_META_INFO_PATH` |
### Monitoring
| Env variable | Config file key | Default | Value | Example | Description |
|-----------------------------|----------------------|---------|---------|-------------|----------------------------------------------------------------------------------------------|
| `CLOWM_OTLP__GRPC_ENDPOINT` | `otlp.grpc_endpoint` | unset | String | `localhost` | OTLP compatible endpoint to send traces via gRPC, e.g. Jaeger. If unset, no traces are sent. |
| `CLOWM_OTLP__SECURE` | `otlp.secure` | `false` | Boolean | `false` | Connection type |
## Getting started
This service depends on multiple other services. See [DEVELOPING.md](DEVELOPING.md) how to set these up for developing
on your local machine.
See [CONFIG.md](CONFIG.md) for configuration options of the system.
## License
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment