Red Hat SummitDieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 12. Design-Time Governance Configuration and Workflows
12.1. Overview
Link kopierenLink in die Zwischenablage kopiert!
Design-Time Governance consists of the following configurations that can be modified to suit a particular deployment and business.
- Design-Time Governance Back-End Configuration - includes
dtgov.propertiesfile - Design-Time Governance User Interface Configuration - includes
dtgov-ui.propertiesfile
This section describes the two configuration files so that the user can configure Design-Time Governance for their particular deployment environment and organization's unique business processes.
12.2. Design-Time Governance Back-End Configuration
Link kopierenLink in die Zwischenablage kopiert!
You can modify the configuration of the back-end system, after you make appropriate changes to an external configuration file located under the configuration directory of the JBoss EAP. However, by default, it is located under:
jboss-eap/standalone/configuration/dtgov.properties
If the configuration file does not exists, you can create the file and modify. The Design-Time Governance will automatically identify this file during the server startup. You can set the location of the configuration file by accessing the following Java system property:
governance.file.name12.3. Design-Time Governance User Interface (UI) Configuration
Link kopierenLink in die Zwischenablage kopiert!
You can configure the Design-Time Governance User Interface for a specific deployment and business environment. To modify the User Interface configuration, make the appropriate changes to an external configuration file located under the configuration directory of the JBoss EAP. However, by default, the JBoss EAP configuration file is located under:
jboss-eap/standalone/configuration/dtgov-ui.properties
You can set the location of the configuration file by accessing the following Java system property:
dtgov-ui.config.file.name12.4. Design-Time Governance Configuration Properties
Link kopierenLink in die Zwischenablage kopiert!
A number of configuration properties drive the integration between Design-Time Governance and S-RAMP.
Note
The Design-Time Governance back-end and the Design-Time Governance User Interface each have their own separate configuration. This is because the back-end and User Interface are separate applications that can be independently deployed.
Design-Time Governance Back-End Configuration Properties
# # S-RAMP Connection details
sramp.repo.url
sramp.repo.auth.provider
sramp.repo.user
sramp.repo.password
sramp.repo.validating
sramp.repo.auth.saml.issuer
sramp.repo.auth.saml.service
# Location of the DTGov WAR
governance.url
# Frequency with which to poll S-RAMP for query matches
governance.query.interval
# Location in JNDI of the email service
governance.jndi.email.reference
# "From" information to use when sending email (domain and address)
governance.email.domain
governance.email.from
# RHQ connection info
rhq.rest.user
rhq.rest.password
rhq.base.url
# BPM connection info
governance.bpm.user
governance.bpm.password
governance.bpm.url
# JAAS user used to invoke DTGov provided services
governance.user
governance.password
# Deployment targets configured for the DTGov deployment service
governance.targets
# Mapping of S-RAMP query to governance workflow
governance.queries
# Location of the DTGov UI
dtgov.ui.url
# S-RAMP
s-ramp-wagon
dtgov.s-ramp-wagon.snapshots
dtgov.s-ramp-wagon.releases
# DTGov Workflow maven info
dtgov.workflows.group
dtgov.workflows.name
dtgov.workflows.version
dtgov.workflows.packageDesign-Time Governance User Interface Configuration Properties
# # S-RAMP API connection endpoint
dtgov-ui.s-ramp.atom-api.endpoint
# Whether to validate the S-RAMP connection
dtgov-ui.s-ramp.atom-api.validating
# What kind of authentication to use (class name)
dtgov-ui.s-ramp.atom-api.authentication.provider
# Only used when the provider is basic auth
dtgov-ui.s-ramp.atom-api.authentication.basic.username
dtgov-ui.s-ramp.atom-api.authentication.basic.password
# Only used when the provider is SAML bearer token auth
dtgov-ui.s-ramp.atom-api.authentication.saml.issuer
dtgov-ui.s-ramp.atom-api.authentication.saml.service
dtgov-ui.s-ramp.atom-api.authentication.saml.sign-assertions
dtgov-ui.s-ramp.atom-api.authentication.saml.keystore
dtgov-ui.s-ramp.atom-api.authentication.saml.keystore-password
dtgov-ui.s-ramp.atom-api.authentication.saml.key-alias
dtgov-ui.s-ramp.atom-api.authentication.saml.key-password
# Task API connection endpoint
dtgov-ui.task-api.endpoint
# Implementation of a task client
dtgov-ui.task-client.class
# Authentication to use when invoking the task API
dtgov-ui.task-api.authentication.provider
# Only used when using basic auth
dtgov-ui.task-api.authentication.basic.username
dtgov-ui.task-api.authentication.basic.password
# Only used when using saml bearer token auth
dtgov-ui.task-api.authentication.saml.issuer
dtgov-ui.task-api.authentication.saml.service
dtgov-ui.task-api.authentication.saml.sign-assertions
dtgov-ui.task-api.authentication.saml.keystore
dtgov-ui.task-api.authentication.saml.keystore-password
dtgov-ui.task-api.authentication.saml.key-alias
dtgov-ui.task-api.authentication.saml.key-password
# Deployment lifecycle base classifier
dtgov-ui.deployment-lifecycle.classifiers.base
dtgov-ui.deployment-lifecycle.classifiers.initial
# Classifier to use when querying for all deployments
dtgov-ui.deployment-lifecycle.classifiers.all
dtgov-ui.deployment-lifecycle.classifiers.in-progress
# This next one is a prefix for any property that will indicate a possible classifier stage that
# should be displayed in the UI. In the dtgov ui configuration file, multiple properties would
# be specified that begin with this prefix and have a value of the format {label}:{classifier}
dtgov-ui.deployment-lifecycle.classifiers.stage
# And another one that is a prefix for any property that will indicate a possible deployment type
# that should be displayed in the UI. In the dtgov ui configuration file, multiple properties would
# be specified that begin with this prefix and have a value of the format {label}:{type}
dtgov-ui.deployment-lifecycle.types
# S-RAMP UI integration properties
dtgov-ui.s-ramp-browser.url-base12.5. Design-Time Governance Configuration Examples
Link kopierenLink in die Zwischenablage kopiert!
Back-End Configuration Example
Here is an example of the back-end configuration:
sramp.repo.url=http://localhost:8080/s-ramp-server/
sramp.repo.auth.provider=org.overlord.sramp.governance.auth.BasicAuthenticationProvider
sramp.repo.user=dtgov
sramp.repo.password=DTG_PASSWORD
sramp.repo.validating=true
The above configuration uses BASIC authentication when connecting to the S-RAMP repository. It connects to S-RAMP on localhost (port 8080).
User Interface Configuration Example
Here is an example of the User Interface configuration:
dtgov-ui.s-ramp.atom-api.endpoint=http://localhost:8080/s-ramp-server
dtgov-ui.s-ramp.atom-api.authentication.provider=org.overlord.dtgov.ui.server.services.sramp.SAMLBearerTokenAuthenticationProvider
dtgov-ui.s-ramp.atom-api.authentication.saml.issuer=/dtgov-ui
dtgov-ui.s-ramp.atom-api.authentication.saml.service=/s-ramp-server
dtgov-ui.s-ramp.atom-api.validating=true
The above configuration connects to S-RAMP on localhost (port 8080) and uses SAML bearer token authentication.
12.6. Governance Workflows
Link kopierenLink in die Zwischenablage kopiert!
One of the most important features of Design-Time Governance is the ability to trigger Governance Workflows based on changes detected in the S-RAMP repository. Once you have installed S-RAMP and Design-Time Governance, and configured the database for S-RAMP, you can:
- Create a new workflow, or adapt a sample workflow.
- Deploy the workflow to S-RAMP.
- Map S-RAMP query to BPMN2 process name. That is, configure a workflow to execute when repository content changes.
12.7. Installing Sample Workflow
Link kopierenLink in die Zwischenablage kopiert!
This section provides installation steps of a sample workflow called "SimpleReleaseProcess".
- Navigate to jboss-eap-6.1/dtgov-data and create a local
settings.xmlcontaining the user credentials for the S-RAMP repository. This file must also contain the Overlord admin password that you configured during installation. Here is an example:<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> <servers> <server> <id>local-sramp-repo</id> <username>admin</username> <password>cust0mpwd</password> </server> <server> <id>local-sramp-repo-snapshots</id> <username>admin</username> <password>cust0mpwd</password> </server> </servers> </settings> - Ensure that the server is up and running, and deploy the "SimpleReleaseProcess" sample workflow to the server by running the following command:
mvn -s local-settings.xml deploy
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}