...
elm-sync server configuration
This section defines the elm-
...
elm-sync uses SQLite for persisting information about the CDCM configuration areas and ELM GCM project areas that are being synchronized. The information includes:
The Configuration Area id
The ELM Server URL and corresponding project area URL
The trs:order number of the last trs:change event processed by elm-sync. Changes after this event will be processed on the next elm-sync scan cycle.
| Code Block |
|---|
datasource: # tge /SQLite data source used by elm-sync
url: jdbc:sqlite:/data/sqlite/elmsync.db
driver-class-name: org.sqlite.JDBC
username: sa
password: sa
jpa:
database-platform: org.hibernate.community.dialect.SQLiteDialect
hibernate:
ddl-auto: update
show-sql: true |
CDCM sever and API
IBM ELM server and API information
CDCM Security Configuration
Access to CDCM uses AOuth 2 which is configured for the Spring Boot application
| Code Block |
|---|
spring:
security:
oauth2:
client:
registration:
custom: #'custom' here can be anything
client-id: ${CLIENT_ID:genoslc-development} #genoslc-development
client-secret: ${CLIENT_SECRET:z0AMmptqxxuQBBiZc7FMJVAisvGmMadD}
redirect-uri: http://localhost:${server.port}/${server.servlet.context-path}/login/oauth2/code/custom
scope: ${CLIENT_SCOPE:openid}
authorization-grant-type: authorization_code
provider:
custom: #'custom' here can be anything
issuer-uri: https://keycloak.mid.de/realms/Smartfacts-Development
user-name-attribute: ${USER_NAME_ATTRIBUTE:preferred_username}
user-info-authentication-method: ${USER_INFO_AUTHENTICATION_METHOD:form} # header, form, query
resourceserver:
jwt:
issuer-uri: https://keycloak.mid.de/realms/Smartfacts-Development |
ELM GCM OAuth1.0a Security Configuration
elm-sync uses OAuth1.0a to access ELM GCM through the REST APIs. This access is done through a functional user whose ID is associated with a consumer key and secret.
...
server configuration including the server port and context-path for accessing the elm-sync controllers, and server instance information.
| Code Block |
|---|
elm-sync: # configuration for the elm-sync server
instance:
name: ELM-SYNC-1
configuration:
cdcm-configuration-url: http://localhost:8080/api/v1/objectMappings
cdcm-url: https://www.example.com/
max-number-of-retries: 6
retry-backoff: 2
max-number-of-unique-title-retries: 50
server:
port: ${PORT:8080}
servlet:
context-path: "/sandbox" |
elm-syn SQLite database configuration
elm-sync uses SQLite for persisting information about the CDCM configuration areas and ELM GCM project areas that are being synchronized. The information includes:
The Configuration Area id
The ELM Server URL and corresponding project area URL
The trs:order number of the last trs:change event processed by elm-sync. Changes after this event will be processed on the next elm-sync scan cycle.
| Code Block |
|---|
datasource: # tge /SQLite data source used by elm-sync
url: jdbc:sqlite:/data/sqlite/elmsync.db
driver-class-name: org.sqlite.JDBC
username: sa
password: sa
jpa:
database-platform: org.hibernate.community.dialect.SQLiteDialect
hibernate:
ddl-auto: update
show-sql: true |
CDCM Server and API
This section defines the CDCM server and space that is the source of configuration areas that will be synced to ELM GCM project areas.
| Code Block |
|---|
cdcm: # the CDCM server instance and Space to use, one instance per elm-sync server
api:
host: https://cdcm.demo.smartfacts.com
space-key: CDCM-IPKvRuZYUps1 |
IBM ELM server and API information
This section specifies the IBM ELM GCM server that will be synchronized with the CDCM space.
| Code Block |
|---|
ibm-elm: # the IBM ELM server instance to use, corresponds to a CDCM Space
api:
host: https://elmdemo.smartfacts.com:9443
pa-creation-path: /gc/service/com.ibm.team.process.internal.service.web.IProcessWebUIService/projectArea
pa-get-path: /gc/service/com.ibm.team.process.internal.service.web.IProcessWebUIService/allProjectAreas
config-update-path: /gc/gc.webui.updateConfiguration |
Future consideration: The pa-creation-path, pa-get-path and config-update-path are specified in ELM GCM private API. These paths are unlikely to change or could possibly be discovered and may not need to be configured manually. See https://jazz.net/gc/doc/scenarios.
CDCM Security Configuration
Access to CDCM uses AOuth 2 which is configured for the Spring Boot application
| Code Block |
|---|
spring: security: oauth2: client: registration: - namecustom: elmdemo.smartfacts.com #'custom' here can be anything protectedclient-url-rootsid: https://elmdemo.smartfacts.com:9443/jts/**,https://elmdemo.smartfacts.com:9443/rm/**,https://elmdemo.smartfacts.com:9443/gc/**${CLIENT_ID:genoslc-development} #genoslc-development consumerclient-keysecret: jamsden_auth${CLIENT_SECRET:z0AMmptqxxuQBBiZc7FMJVAisvGmMadD} consumerredirect-secret: some_password rootservices: https://elmdemo.smartfacts.com:9443/jts/rootservicesuri: http://localhost:${server.port}/${server.servlet.context-path}/login/oauth2/code/custom - name: ibm-elm-qmscope: ${CLIENT_SCOPE:openid} protected authorization-urlgrant-roots: https://elmdemo.smartfacts.com:9443/qmtype: authorization_code provider: consumer-key: consumer-key custom: #'custom' here can be anything consumer-secret: secret rootservicesissuer-uri: https://elmdemokeycloak.smartfactsmid.com:9443de/qmrealms/rootservicesSmartfacts-Development inbound: realmuser-name-attribute: sandbox-realm${USER_NAME_ATTRIBUTE:preferred_username} auto-approve-consumer-keys: true auto-approve-tokens: true details:user-info-authentication-method: ${USER_INFO_AUTHENTICATION_METHOD:form} # header, form, query resourceserver: - name: mid-elm-inbound consumer-key: bc2a6767-af53-417a-a97c-c9487804d5dfjwt: consumerissuer-secreturi: secret |
The outbound.details provide the information elm-sync need to be able to access ELM GCM services using OAuth1.0a for authentication.
The inbound.relm-name is used for the elm-sync REST API services defined in the com.mid.smartfacts.cdcm.elmc.controllers classes:
ElmApplicationController: provides rootservices, service provider catalog and about information for elm-sync
TestConfigurationAreaReaderController: implements various fixed test cases for accessing CDCM Configuration Areas
TestController: implements various test cases for accessing CDCM and ELM GCM resources, useful for developing automate test cases and for exploring implementation options and issues
Creating the ELM GCM functional id
elm-sync access the ELM GCM REST APIs using OAuth1.0a and a functional id. The is the most reliable way to do server to server communication with ELM servers because they all use OAuth1.0a to configure consumer/friend relationships to allow the ELM servers to talk to each other. OAuth1.0a can be reliably depended on to be supported by ELM servers.
For elm-sync to access ELM GCM, you must register elm-sync with the ELM Jazz Team Server (JTS) as a consumer (inbound) connection, with consumer key and secret. Then you need to associate that consumer with a functional id that has JazzAdmins, JazzUsers and JazzProjectAdmins repository permissions. Here a brief summary of the steps
Navigate to the Jazz Team Server Administration Home page
Manage or create users and create the functional id with JazzAdmins, JazzUsers and JazzProjectAdmins repository permissions
Click Manage Server and then Communication > Consumers (Inbound)
Use the Register Consumer form to create a Trusted Consumer Key with a Consumer Secret. This is the same information that will be used in the smartfacts.oauth10a.outbound.details entry in the application.yml file.
Edit the newly created Authorized Key and set the Functional User ID to the Id you create above:
...
https://keycloak.mid.de/realms/Smartfacts-Development |
ELM GCM OAuth1.0a Security Configuration
elm-sync uses OAuth1.0a to access ELM GCM through the REST APIs. This access is done through a functional user whose ID is associated with a consumer key and secret.
| Code Block |
|---|
smartfacts:
oauth10a:
active: true
outbound:elm
details:
- name: elmdemo.smartfacts.com
protected-url-roots: https://elmdemo.smartfacts.com:9443/jts/**,https://elmdemo.smartfacts.com:9443/rm/**,https://elmdemo.smartfacts.com:9443/gc/**
consumer-key: jamsden_auth
consumer-secret: some_password
rootservices: https://elmdemo.smartfacts.com:9443/jts/rootservices
- name: ibm-elm-qm
protected-url-roots: https://elmdemo.smartfacts.com:9443/qm
consumer-key: consumer-key
consumer-secret: secret
rootservices: https://elmdemo.smartfacts.com:9443/qm/rootservices
inbound:
realm-name: sandbox-realm
auto-approve-consumer-keys: true
auto-approve-tokens: true
details:
- name: mid-elm-inbound
consumer-key: bc2a6767-af53-417a-a97c-c9487804d5df
consumer-secret: secret |
The outbound.details provide the information elm-sync need to be able to access ELM GCM services using OAuth1.0a for authentication.
The inbound.relm-name is used for the elm-sync REST API services defined in the com.mid.smartfacts.cdcm.elmc.controllers classes:
ElmApplicationController: provides rootservices, service provider catalog and about information for elm-sync
TestConfigurationAreaReaderController: implements various fixed test cases for accessing CDCM Configuration Areas
TestController: implements various test cases for accessing CDCM and ELM GCM resources, useful for developing automate test cases and for exploring implementation options and issues
Creating the ELM GCM functional id
elm-sync access the ELM GCM REST APIs using OAuth1.0a and a functional id. The is the most reliable way to do server to server communication with ELM servers because they all use OAuth1.0a to configure consumer/friend relationships to allow the ELM servers to talk to each other. OAuth1.0a can be reliably depended on to be supported by ELM servers.
For elm-sync to access ELM GCM, you must register elm-sync with the ELM Jazz Team Server (JTS) as a consumer (inbound) connection, with consumer key and secret. Then you need to associate that consumer with a functional id that has JazzAdmins, JazzUsers and JazzProjectAdmins repository permissions. Here a brief summary of the steps
Navigate to the Jazz Team Server Administration Home page
Manage or create users and create the functional id with JazzAdmins, JazzUsers and JazzProjectAdmins repository permissions
Click Manage Server and then Communication > Consumers (Inbound)
Use the Register Consumer form to create a Trusted Consumer Key with a Consumer Secret. This is the same information that will be used in the smartfacts.oauth10a.outbound.details entry in the application.yml file.
Edit the newly created Authorized Key and set the Functional User ID to the Id you create above:
CDCM Configuration Area to ELM GCM Server Mappings
This section maps the CDCM configuration area to the ELM GCM server used to create the corresponding project area.
| Code Block |
|---|
configuration:
area:
mapping:
-
source: 664f38242aac9257b5b0c79c
target: https://elmdemo.smartfacts.com:9443
-
source: 664f383b2aac9257b5b0c7a0
target: https://elmdemo.smartfacts.com:9443
-
source: 664c7d15f7eb227a1021a7ce
target: https://elmdemo.smartfacts.com:9443 |
Note: Although a configuration.area.mapping.target specifies the URL of the ELM GCM server, this URL must be the same as ibm-elm.api.host. elm-sync is currently configured to sync one CDCM server with one ELM GCM server. A different instance of elm-sync could be used to sync different CDCM and ELM GCM servers.
...