...

genoslcToolServiceVersionOverride: ""
genoslcCodebeamerPluginVersionOverride: ""

global:
  # Domain of the cluster or of the external reverse proxy
  domain: "example.com" 
  
  # Setup OIDC information
  oidc:
    # OIDC Client ID registerd for this application
    clientId: ""
    # OIDC Client Secret registered for this application
    clientSecret: ""
  
  # SSL certificates
  cert:
    overrideTruststorePassword: "changeit"
    secretName: ""
    crtFullChain: ""
    key: ""

  identity:
    # OIDC Issuer URL, taken from the /.well-known/openid-configuration endpoint 
    OIDC_ISSUER: ""
  hosts:
    genoslc:
      # The subdomain where the OSLC Connector for Codebeamer will be accessible
      subdomain: "genoslc-codebeamer"  
      port: ""

env:
  tool:
    # Possible valuestype: ""|"codebeamer"
    # Setting it toadaptedToolApiUri: "codebeamer"
will tell the helm chartadaptedToolRootUri: to""
setup the Codebeamer Widget container in the podadaptedToolToolTimeZone: "UTC"
    adaptedToolTechnicalUserAuthorizationHeader: ""
# Required for a complete integration in the Codebeamer UI
    typewidgetUrl: "<baseUrl>/cb"
  manualLoginRequired: "false"
  authorizationUri: "codebeamer"
  introspectionUri: ""
# Codebeamer APIconfiguration:
URL    administrators: #[]
Usually it is the <codebeameroauth10aEncryptionKey: instance URL>/api/v3/ or <codebeamer instance URL>/cb/api/v3/""  
  oidc:
    adaptedToolApiUriclientId: ""
    #clientSecret: URL""
where the   CodebeamersecretName: application""
is accessible userNameAttribute: "preferred_username"
  adaptedToolRootUriclientAuthenticationScheme: "client_secret_basic" 
  userInfoAuthenticationMethod: "header" 
#  Timezone set in Codebeamer
 clientScope: "openid"
  pkceEnabled: true
  #publicUri: See"" chapter 1.1.22.1
in https://codebeamer.com/cb/wiki/5848463
   pluginUri: ""
  allowedCorsOrigins: ""
  adaptedToolToolTimeZoneknownContextRoots: "UTC"
  globalConfigurationProvider: ""
# base64 encodedlinkIndexType: technical""
user credentials linkIndexUri: ""
  #linkValidityProvider: Required""
when if TRStrsEnabled: isfalse
enabled  
  adaptedToolTechnicalUserAuthorizationHeadercontainerPort: "8443"
  port: "8443"
# URL where the Codebeamer Widget will be accessible;debugPortToolService: ""
  
  # MustDefines filla theproxy baseused URLby of the OSLC Connector for Codebeamer. 
   widgetUrlproxy:
"<baseUrl>/cb"    https:
 # If the flag "manualLoginRequired" is# setThe to "true",URL of the pluginhttps willproxy notserver
attempt to automatically login the user. host: "" #
This flag should be enabled if many# usersThe thatport doof notthe havehttps access to a third party app connectedproxy server
     # via the OSLC Connector.
  manualLoginRequired port: "false"
      # ByA default,list theof authorizationIP URIaddresses willor beURLs retrieveddevided fromby the issuerpipe URIsign '|'
 # However, if you need tononProxyHosts: configure"" custom
query
parameters for the# authorizationSets requestthe logging level #in youthe canapplication
set it up# valid values # e.g. for acr_values
  # https://<auth_uri>/<path>?acr_values=<value>
  authorizationUri: "are: INFO, ERROR, DEBUG, TRACE
  loggingLevelSpringFramework: "INFO" 


ingress:
 # Theenabled: introspectiontrue
URI will beclassName: use""
to validate andannotations: retrieve{}
token data necessarytls:
for user identification   # Mandatory from OSLC Connector for Codebeamer 2024.09.1
  introspectionUrisecretName: ""


   configuration:
    # Give a list of up to 5 usernames of users which will have the administration right to change settings
    # in the OSLC Connector. Inbound details and Outbound details can be managed only by administrators. 
    # At least one administrator user must be stated here.
    administrators: []
    # Key used to encrypt the oauth10a configuration data in the database
    oauth10aEncryptionKey: ""  
  # oidc section overwrites the information set in the global.oidc section
  oidc:
    # OIDC Client ID registerd for this application
    clientId: ""
    # OIDC Client Secret registered for this application
    clientSecret# ----------------------------------------------------------------
  # ------------------------- Library ------------------------------
  # ----------------------------------------------------------------

# Special certtool configuration
certtool:
  # certtool should only be activated on the first deployment and after a certificate update
  enabled: true
  
mongodb
  # Deployes a mongodb container inside the pod that the OSLC Connector will use
  enabled: true

Overwriting the installed version

Use genoslcToolServiceVersionOverride to change the default version set in the helm chart for the tool service. Overwrite the default value when you want to switch to another version, other than the one set as default via the helm chart

genoslcToolServiceVersionOverride: "2024.07.4"

Use genoslcCodebeamerPluginVersionOverride to change the default version set in the helm chart for the Codebeamer plugin widget. Overwrite the default value when you want to switch to another version, other than the one set as default.

genoslcCodebeamerPluginVersionOverride: "2024.07.1"

SSL certificates

# SSL certificates
  cert:
    overrideTruststorePassword: "changeit"
    secretName: ""
    crtFullChain: ""
    # Name of a Kubernetes secret containing clientId and clientSecret.
    secretNamekey: ""
  # Sets the JWT claim to be used for user identification
  # e.g. preferred_username, sub, oid
  userNameAttribute: "preferred_username"
  # Sets the client authentication method to be used in the authentication process
  # Valid values are: client_secret_basic, client_secret_post, none
  # Default value is "client_secret_basic"
  clientAuthenticationScheme: "client_secret_basic" 
  # Sets the user info authentication method
  # valid values are: header, form, query
  userInfoAuthenticationMethod: "header" 
  # Sets the client scopes used in the authentication process
  # Default value "openid"
  clientScope: "openid" # comma separated list of scopes (e.g. "read, write")
  # Sets the application to use PKCE when authenticating the user https://oauth.net/2/pkce/
  # Default value is true
  # Set pkceEnabled to false if the OIDC provider does not support PKCE
  pkceEnabled: true
  
  # Sets the URL where the OSLC Connector for Codebeamer is accessible
  # Mandatory
  publicUri: ""  
  # Sets the URL where the OSLC Connector for Codebeamer is accessible
  # URL must be <publicUri>/spa
  # Mandatory
  pluginUri: ""
  # Comma separate list of applications that are allowed to make requests to the OSLC Connector API
  # Examples:
  # Third party applications that connect to the OSLC Connector for Codebeamer
  # Codebeamer
  allowedCorsOrigins: ""
  # URLs of other OSLC Connectors (Smartfacts, Jama, PREEvision, Octane, DOORS Classic) that are connected
  # to this instance via an association. 
  knownContextRoots: ""
  # Sets the Global Configuration provider
  # Example: https://<ibm-elm>:9443/gc
  # Optional
  # Required if IBM ELM link validity is used 
  globalConfigurationProvider: ""
  # Sets the type of link index used
  # type: "ibm-elm", "smartfacts", "none"
  linkIndexType: ""
  # Sets the URI of the link index 
  # e.g https://<ibm-elm>/ldx/sparql
  linkIndexUri: ""
  
  # Sets the Link Validity Provider
  # Examples:
  # https://<ibm-elm>:9443/jts/elm
  # https://<smartfacts>/platform/elm
  linkValidityProvider: ""
  # Enables TRS feed generation
  # Requires a technical user to be set if it's enabled
  # TRS feed exposes base artifacts and changes occurend in syncronized Codebeamer projects
  # Enable it only if a third party tool is accessing the TRS feed of this OSLC Connector to index data
  trsEnabled: false
  
  containerPort: "8443"
  port: "8443"
  debugPortToolService: ""
  
  # Defines a proxy used by the OSLC Connector for Codebeamer. 
  proxy:
    https:
      # The URL of the https proxy server
      host: "" 
      # The port of the https proxy server
      port: ""
      # A list of IP addresses or URLs devided by the pipe sign '|'
      nonProxyHosts: "" 

  # Sets the logging level in the application
  # valid values are: INFO, ERROR, DEBUG, TRACE
  loggingLevelSpringFramework: "INFO" 


ingress:
  enabled: true
  className: ""
  annotations: {}
  tls:
    secretName: ""


  # ----------------------------------------------------------------
  # ------------------------- Library ------------------------------
  # ----------------------------------------------------------------

# Special certtool configuration
certtool:
  # certtool should only be activated on the first deployment and after a certificate update
  enabled: true
  
mongodb
  # Deployes a mongodb container inside the pod that the OSLC Connector will use
  enabled: true

Overwriting the installed version

Use genoslcToolServiceVersionOverride to change the default version set in the helm chart for the tool service. Overwrite the default value when you want to switch to another version, other than the one set as default via the helm chart

genoslcToolServiceVersionOverride: "2024.07.4"

Use genoslcCodebeamerPluginVersionOverride to change the default version set in the helm chart for the Codebeamer plugin widget. Overwrite the default value when you want to switch to another version, other than the one set as default.

genoslcCodebeamerPluginVersionOverride: "2024.07.1"

SSL certificates

# SSL certificates
  cert:
    overrideTruststorePassword: "changeit"
    secretName: ""
    crtFullChain: ""
    key: ""

Domain and subdomain

In the global section you must specify the domain and subdomain that form the base URL where the OSLC Connector for Codebeamer will be accessible.

global:
  domain: "example.com" 
  hosts:
    genoslc:
      subdomain: "genoslc-codebeamer"  
      port: ""

This will result in genoslc-codebeamer.example.com to become the URL where the OSLC Connector is established.

OIDC Issuer

The OIDC issuer must be configured in the global section in order to establish the connection between the application and the SSO. The issuer URL value has to be retrieved from the /.well-known/openid-configuration endpoint of the SSO (RFC 8414 - OAuth 2.0 Authorization Server Metadata (ietf.org))

global:
  identity: 
    OIDC_ISSUER: "https://keycloak.brand.de/realms/Connector"

Configuring the OIDC client

After configuring the OIDC client in your SSO provider you must set the OIDC client ID and client secret.

env:
  oidc:
    clientId: codebeamerClient
    clientSecret: e932235d-2349-fd26-bcdb-93hw3f43aab9

Setting up a connection to the Codebeamer instance

Adapting a Codebeamer instance

There are two URLs that must be set before a integration with the API and UI of Codebeamer can be achieved. The first one is adaptedToolRootUri and it represents the base URL of your Codebeamer instance. The second one is adaptedToolApiUri and represents the API URL of Codebeamer. This usually follows the following path formats:

• https://<codebeamer instance URL>/api/v3/

• https://<codebeamer instance URL>/cb/api/v3/

env:
  tool:
    adaptedToolApiUri: "https://codebeamer.com/api/v3/"
    adaptedToolRootUri: "https://codebeamer.com"

Codebeamer Widget URL

OSLC Connector for Codebeamer comes up with a bundled widget that has to be installed in Codebeamer. The first step to achieve that is to set the widgetUrl - it must be in the format https://<connector base url>/cb

env:
  tool:
    widgetUrl: "<baseUrl>/cb"

Codebeamer time zone

The Codebeamer time zone must be set in the OSLC Connector for Codebeamer too. To do that use adaptedToolToolTimeZone. For more references on the Codebeamer tool time zone see the documentation.

env:
  tool:
    adaptedToolToolTimeZone: "UTC"

...

...

Domain and subdomain

In the global section you must specify the domain and subdomain that form the base URL where the OSLC Connector for Codebeamer will be accessible.

global:
  domain: "example.com" 
  hosts:
    genoslc:
      subdomain: "genoslc-codebeamer"  
      port: ""

This will result in genoslc-codebeamer.example.com to become the URL where the OSLC Connector is established.

OIDC Issuer

The OIDC issuer must be configured in the global section in order to establish the connection between the application and the SSO. The issuer URL value has to be retrieved from the /.well-known/openid-configuration endpoint of the SSO (RFC 8414 - OAuth 2.0 Authorization Server Metadata (ietf.org))

global:
  identity: 
    OIDC_ISSUER: "https://keycloak.brand.de/realms/Connector"

Configuring the OIDC client

After configuring the OIDC client in your SSO provider you must set the OIDC client ID and client secret.

env:
  oidc:
    clientId: codebeamerClient
    clientSecret: e932235d-2349-fd26-bcdb-93hw3f43aab9

Setting up a connection to the Codebeamer instance

Adapting a Codebeamer instance

There are two URLs that must be set before a integration with the API and UI of Codebeamer can be achieved. The first one is adaptedToolRootUri and it represents the base URL of your Codebeamer instance. The second one is adaptedToolApiUri and represents the API URL of Codebeamer. This usually follows the following path formats:

• https://<codebeamer instance URL>/api/v3/

• https://<codebeamer instance URL>/cb/api/v3/

env:
  tool:
    adaptedToolApiUri: "https://codebeamer.com/api/v3/"
    adaptedToolRootUri: "https://codebeamer.com"

Codebeamer Widget URL

OSLC Connector for Codebeamer comes up with a bundled widget that has to be installed in Codebeamer. The first step to achieve that is to set the widgetUrl - it must be in the format https://<connector base url>/cb

env:
  tool:
    widgetUrl: "<baseUrl>/cb"

Codebeamer time zone

The Codebeamer time zone must be set in the OSLC Connector for Codebeamer too. To do that use adaptedToolToolTimeZone. For more references on the Codebeamer tool time zone see the documentation.

env:
  tool:
    adaptedToolToolTimeZone: "UTC"

env:
  tool:
    adaptedToolToolTimeZone: "UTC"
    # base64 encoded technical user credentials
    # Required when if TRS is enabled
    adaptedToolTechnicalUserAuthorizationHeader: ""
    widgetUrl: "<baseUrl>/cb"
  
  # If the flag "manualLoginRequired" is set to "true", the plugin will not attempt to automatically login the user.
  # This flag should be enabled if many users that do not have access to a third party app connected
  # via the OSLC Connector.
  manualLoginRequired: "false"

Technical user authorization for TRS generation

The value for adaptedToolTechnicalUserAuthorizationHeader must be a valid Basic authorization header. The credentials are base64 encoded.

Setting the adaptedToolTechnicalUserAuthorizationHeaderis mandatory if TRS feed generation is required.

  env:
    tool:
      adaptedToolTechnicalUserAuthorizationHeader: "Basic dXNlcm5hbWU6cGFzc3dvcmQ="

List of OSLC Connector for Codebeamer administrators

Provide a list of up to 5 usernames which will have the administration right to change protected settings in the OSLC Connector. Inbound details and Outbound details can be managed only by administrators. At least one administrator user must be stated here.

env:
  configuration:
    administrators: []

Encrypt oauth10a configuration data

Set the encryption key used to encrypt and decrypt the oauth10a configuration data in the database.

env:
  configuration:
    oauth10aEncryptionKey: "encryption-key"  

Overwrite global OIDC configuration

This optional section can be used to overwrite the OIDC client configuration used by the OSLC Connector for Codebeamer when the helm chart bundles multiple applications together.

Set the env.oidc.clientId and env.oidc.clientSecret in order to overwrite the values from global.oidc.clientId and global.oidc.clientSecret respectively.

Alternatively you can provide the name of the Kubernetes secret and the values for clientId and clientSecret will be fetched from the specified secret.

env:
  oidc:
    clientId: ""
    clientSecret: ""
    secretName: ""

User name attribute

Used to set the JWT claim to be used for user identification. Examples are preferred_username, sub, oid.

env:
  userNameAttribute: "preferred_username"

Client authentication scheme

Sets the client authentication method to be used in the authentication process. Valid values are: client_secret_basic, client_secret_post, none. Default value is "client_secret_basic"

env:
  clientAuthenticationScheme: "client_secret_basic" 

User info authentication method

Sets the user info authentication method. Valid values are: header, form, query

env:
  userInfoAuthenticationMethod: "header" 

Client scopes

Sets the client scopes used in the authentication process. Default value "openid". The value is a comma separated list of scopes (e.g. "read, write").

env:
  clientScope: "openid" 

PKCE

Sets the application to use PKCE when authenticating the user https://oauth.net/2/pkce/ . Default value is true. Set pkceEnabled to false if the OIDC provider does not support PKCE.

env:
  pkceEnabled: true

Authorization URI

By default, the authorization URI will be retrieved from the issuer URI. However, if you need to configure custom query parameters for the authorization request you can set it up; e.g. for acr_values

env:
  authorizationUri: <https://<auth_uri>>/<path>?acr_values=<value>

Introspection URI

The introspection URI will be used to validate and retrieve token data necessary for user identification.

env:
  introspectionUri: ""

Public URI and Plugin URI

The env.publicUri variable sets the URL where the OSLC Connector for Codebeamer is accessible. This is mandatory and has to be set.

The env.pluginUri sets the URL where the OSLC Connector for Codebeamer is accessible and must be in the form of <env.publicUri>/spa. This variable is also mandatory and must be set.

env:
  publicUri: ""  
  pluginUri: ""

Allowed CORS URLs

This is a comma separated list of applications that are allowed to make requests to the OSLC Connector API like third party applications that read data from the OSLC Connector for Codebeamer.

env:
  allowedCorsOrigins: "https://smartfacts.com"

Known context roots

This is a comma separated list URLs of other OSLC Connectors (Smartfacts, Jama, PREEvision, Codebeamer, DOORS Classic) that are connect to this instance via an association.

env:
  knownContextRoots: "https://genoslc-codebeamer.smartfacts.com"

Global Configuration Provider

Sets the Global Configuration provider. An example is https://<ibm-elm>/gc. Setting the value is optional but is mandatory if IBM ELM link validity is required.

env:
  globalConfigurationProvider: ""

Link Index Type

Sets the type of link index used. A link index is generally used when links are retrieved by the OSLC Connector for Codebeamer from an external link index (e.g. LDX or Smartfacts Link Index).

e.g. Requirements are handled in Codebeamer and test cases in Jazz ETM - links must be read from LDX

Available options are: "ibm-elm", "smartfacts", "none"

env:
  linkIndexType: "none"

Links Index URI

Provides the querying endpoint for the link index.

Must be configured only if env.linkIndexType has been set to ibm-elm or smartfacts.

env:
  linkIndexUri: "https://<ibm-elm>/ldx/sparql"

Link Validity Provider

Sets the Link Validity Provider. Examples:

• https://<ibm-elm>/jts/elm

• https://<smartfacts>/platform/elm

env:
  linkValidityProvider: ""

Enabling TRS

Enables TRS feed generation. Requires a technical user to be set via the env.tool.adaptedToolTechnicalUserAuthorizationHeader if it's enabled.

TRS feed exposes base artifacts and changes that occurred in synchronized Codebeamer projects.

env:
  trsEnabled: false

Install the OSLC Connector for Codebeamer

...