Integrated Camunda engine with Cockpit.
The following environment variables are required to load properties from AWS secrets manager
- AWS_SECRETS_MANAGER_ENABLED
- AWS_REGION
- AWS_ACCESS_KEY
- AWS_SECRET_KEY
- SPRING_PROFILES_ACTIVE
The following properties need to be configured in AWS secrets manager
{
"database.driver-class-name": "org.postgresql.Driver",
"database.password": "",
"database.username": "admin",
"auth.url": "https://keycloak.example.com",
"auth.clientId": "servicename",
"auth.clientSecret": "secret",
"auth.realm": "master",
"aws.s3.formData": "bucketName",
"aws.s3.pdfs": "bucketName2",
"formApi.url": "https://formApi.example.com",
"engine.webhook.url": "https://engine-service.example.com",
"gov.notify.api.key": "xxxxxx",
"database.url": "jdbc:postgresql://dbUrl.example.com:5432/engine?sslmode=require¤tSchema=public",
"camunda.bpmn.upload.roles": "process_admin,bpmn_uploader"
}
The REST API for deploying a BPMN to the REST endpoint has authorization checks. In order to upload you will need a role that is defined in the property camunda.bpmn.upload.roles. The default set up expects the user to have process_admin role
Example helm chart for install helm - workflowservice
Drone is only used for deployment as the Github Action workflow is used to push to quay. To deploy you will need to pass the commit tag
drone deploy --param WORKFLOW_SERVICE_TAG=sha UKHomeOffice/workflow-service <build number> <environment>
You can update the log levels at runtime by using the following POST command:
http://localhost:8080/camunda/actuator/loggers/org.springframework.security
with a payload:
{"configuredLevel": "DEBUG"}
You will need a valid JWT token
For more information please check here