...
| Code Block |
|---|
| breakoutMode | wide |
|---|
| language | yaml |
|---|
|
genoslcToolServiceVersionOverride: ""
global:
# Domain of the cluster or of the external reverse proxy
domain: "example.comdomain: "example.com"
oidc:
clientId: ""
clientSecret: ""
# Setup OIDC information
oidc cert:
# OIDC Client ID registerd for this applicationoverrideTruststorePassword: "changeit"
secretName: ""
clientIdcrtFullChain: ""
#key: OIDC""
Client Secret registeredidentity:
for this application clientSecretOIDC_ISSUER: ""
hosts:
# SSL certificatesgenoslc:
cert: overrideTruststorePasswordsubdomain: "changeitgenoslc-octane"
secretName port: ""
env:
tool:
crtFullChaintype: "octane"
keyadaptedToolApiUri: ""
identityadaptedToolRootUri: ""
# OIDC Issuer URL, taken from the /.well-known/openid-configuration endpoint adaptedToolTechnicalUserAuthorizationHeader: ""
configuration:
administrators: []
OIDC_ISSUERoauth10aEncryptionKey: ""
hostsoidc:
genoslcclientId: ""
clientSecret: #""
The subdomain where the OSLCsecretName: Connector""
for Codebeamer will be accessibleuserNameAttribute: "preferred_username"
clientAuthenticationScheme: "client_secret_basic"
subdomainuserInfoAuthenticationMethod: "genoslc-codebeamerheader"
clientScope: "openid"
portpkceEnabled: true
publicUri: "" env:
toolpluginUri: ""
allowedCorsOrigins: ""
# Possible valuesknownContextRoots: ""|"codebeamer"
globalConfigurationProvider: ""
# Setting it tolinkValidityProvider: "codebeamer" will tell the helm chart to setup the Codebeamer Widget container in the pod"
trsEnabled: false
containerPort: "8443"
port: "8443"
debugPortToolService: ""
# Required forDefines a completeproxy integrationused inby the CodebeamerOSLC Connector UIfor Octane.
typeproxy: "codebeamer"
# Codebeamerhttps:
API URL # UsuallyThe itURL isof the <codebeamerhttps instance URL>/api/v3/ or <codebeamer instance URL>/cb/api/v3/
adaptedToolApiUriproxy server
host: ""
# The URLport whereof the Codebeamerhttps applicationproxy isserver
accessible adaptedToolRootUri port: ""
# TimezoneA setlist inof CodebeamerIP addresses or URLs devided by #the Seepipe chapter 1.1.22.1 in https://codebeamer.com/cb/wiki/5848463sign '|'
adaptedToolToolTimeZonenonProxyHosts: "UTC"
# base64Sets encodedthe technicallogging userlevel credentialsin the application
# Requiredvalid whenvalues ifare: TRSINFO, isERROR, enabledDEBUG, TRACE
adaptedToolTechnicalUserAuthorizationHeaderloggingLevelSpringFramework: "INFO"
ingress:
# URL whereenabled: thetrue
Codebeamer Widget willclassName: be""
accessible; annotations: {}
# Musttls:
fill the base URL ofsecretName: the OSLC Connector for Codebeamer
""
widgetUrl: "<baseUrl>/cb"
# If the flag "manualLoginRequired" is set to "true", the plugin will not attempt to automatically login the user.
# This flag should be enabled if many users that do not have access to a third party app connected
# via the OSLC Connector.
manualLoginRequired: "false"
configuration:
# Give a list of up to 5 usernames of users which will have the administration right to change settings
# in the OSLC Connector. Inbound details and Outbound details can be managed only by administrators.
# At least one administrator user must be stated here.
administrators: []
# Key used to encrypt the oauth10a configuration data in the database
oauth10aEncryptionKey: ""
# oidc section overwrites the information set in the global.oidc section
oidc:
# OIDC Client ID registerd for this application
clientId: ""
# OIDC Client Secret registered for this application
clientSecret: ""
# Name of a Kubernetes secret containing clientId and clientSecret.
secretName: ""
# Sets the JWT claim to be used for user identification
# e.g. preferred_username, sub, oid
userNameAttribute: "preferred_username"
# Sets the client authentication method to be used in the authentication process
# Valid values are: client_secret_basic, client_secret_post, none
# Default value is "client_secret_basic"
clientAuthenticationScheme: "client_secret_basic"
# Sets the user info authentication method
# valid values are: header, form, query
userInfoAuthenticationMethod: "header"
# Sets the client scopes used in the authentication process
# Default value "openid"
clientScope: "openid" # comma separated list of scopes (e.g. "read, write")
# Sets the application to use PKCE when authenticating the user https://oauth.net/2/pkce/
# Default value is true
# Set pkceEnabled to false if the OIDC provider does not support PKCE
pkceEnabled: true
# Sets the URL where the OSLC Connector for Codebeamer is accessible
# Mandatory
publicUri: ""
# Sets the URL where the OSLC Connector for Codebeamer is accessible
# URL must be <publicUri>/spa
# Mandatory
pluginUri: ""
# Comma separate list of applications that are allowed to make requests to the OSLC Connector API
# Examples:
# Third party applications that connect to the OSLC Connector for Codebeamer
# Codebeamer
allowedCorsOrigins: ""
# URLs of other OSLC Connectors (Smartfacts, Jama, PREEvision, Octane, DOORS Classic) that are connected
# to this instance via an association.
knownContextRoots: ""
# Sets the Global Configuration provider
# Example: https://<ibm-elm>:9443/gc
# Optional
# Required if IBM ELM link validity is used
globalConfigurationProvider: ""
# Sets the Link Validity Provider
# Examples:
# https://<ibm-elm>:9443/jts/elm
# https://<smartfacts>/platform/elm
linkValidityProvider: ""
# Enables TRS feed generation
# Requires a technical user to be set if it's enabled
# TRS feed exposes base artifacts and changes occurend in syncronized Codebeamer projects
# Enable it only if a third party tool is accessing the TRS feed of this OSLC Connector to index data
trsEnabled: false
containerPort: "8443"
port: "8443"
debugPortToolService: ""
# Defines a proxy used by the OSLC Connector for Codebeamer.
proxy:
https:
# The URL of the https proxy server
host: ""
# The port of the https proxy server
port: ""
# A list of IP addresses or URLs devided by the pipe sign '|'
nonProxyHosts: ""
# Sets the logging level in the application
# valid values are: INFO, ERROR, DEBUG, TRACE
loggingLevelSpringFramework: "INFO"
ingress:
enabled: true
className: ""
annotations: {}
tls:
secretName: ""
# ----------------------------------------------------------------
# ------------------------- Library ------------------------------
# ----------------------------------------------------------------
# Special certtool configuration
certtool:
# certtool should only be activated on the first deployment and after a certificate update
enabled: true
mongodb
# Deployes a mongodb container inside the pod that the OSLC Connector will use
enabled: true |
Overwriting the installed version
Use genoslcToolServiceVersionOverride to change the default version set in the helm chart for the tool service. Overwrite the default value when you want to switch to another version, other than the one set as default via the helm chart
| Code Block |
|---|
genoslcToolServiceVersionOverride: "2024.07.4" |
SSL certificates
| Code Block |
|---|
|
# SSL certificates
cert:
overrideTruststorePassword: "changeit"
secretName: ""
crtFullChain: ""
key: "" |
Domain and subdomain
In the global section you must specify the domain and subdomain that form the base URL where the OSLC Connector for Octane will be accessible.
| Code Block |
|---|
|
global:
domain: "example.com"
hosts:
genoslc:
subdomain: "genoslc-octane"
port: "" |
This will result in genoslc-octane.example.com to become the URL where the OSLC Connector is established.
OIDC Issuer
The OIDC issuer must be configured in the global section in order to establish the connection between the application and the SSO. The issuer URL value has to be retrieved from the /.well-known/openid-configuration endpoint of the SSO (RFC 8414 - OAuth 2.0 Authorization Server Metadata (ietf.org))
| Code Block |
|---|
|
global:
identity:
OIDC_ISSUER: "https://keycloak.brand.de/realms/Connector" |
Configuring the OIDC client
After configuring the OIDC client in your SSO provider you must set the OIDC client ID and client secret.
| Code Block |
|---|
env:
oidc:
clientId: octaneClient
clientSecret: e932235d-2349-fd26-bcdb-93hw3f43aab9 |
| Note |
|---|
The OIDC client MUST fulfill the following requirements: has to be a private client (so it has a key and secret) grant type must be authorization code the redirect URI must be https://<oslc connector url>/login/oauth2/code/custom
|
Setting up a connection to the Octane instance
Adapting a Octane instance
There are two URLs that must be set before a integration with the API and UI of Octane can be achieved. The first one is adaptedToolRootUri and it represents the base URL of your Octane instance. The second one is adaptedToolApiUri and represents the API URL of Octane. This usually follows the following path formats:
https://<octane instance URL>/api/v3/
https://<octane instance URL>/cb/api/v3/
| Code Block |
|---|
|
env:
tool:
adaptedToolApiUri: "https://octane.com"
adaptedToolRootUri: "https://octane.com" |
Install the OSLC Connector for Octane
Execute the Installation
Enter the following command to execute the Installation:
| Code Block |
|---|
sudo helm upgrade --install genoslc-octane library/genoslc -f values-genoslc-octane.yaml --version 3.0.1 -n genoslc-octane --create-namespace# ----------------------------------------------------------------
# ------------------------- Library ------------------------------
# ----------------------------------------------------------------
# Special certtool configuration
certtool:
# certtool should only be activated on the first deployment and after a certificate update
enabled: true
mongodb
# Deployes a mongodb container inside the pod that the OSLC Connector will use
enabled: true |
Overwriting the installed version
Use genoslcToolServiceVersionOverride to change the default version set in the helm chart for the tool service. Overwrite the default value when you want to switch to another version, other than the one set as default via the helm chart
| Code Block |
|---|
|
genoslcToolServiceVersionOverride: "2024.07.4" |
SSL certificates
| Code Block |
|---|
|
global:
cert:
overrideTruststorePassword: "changeit"
secretName: ""
crtFullChain: ""
key: "" |
Domain and subdomain
In the global section you must specify the domain and subdomain that form the base URL where the OSLC Connector for Octane will be accessible.
| Code Block |
|---|
|
global:
domain: "example.com"
hosts:
genoslc:
subdomain: "genoslc-octane"
port: "" |
This will result in genoslc-octane.example.com to become the URL where the OSLC Connector is established.
OIDC Issuer
The OIDC issuer must be configured in the global section in order to establish the connection between the application and the SSO. The issuer URL value has to be retrieved from the /.well-known/openid-configuration endpoint of the SSO (RFC 8414 - OAuth 2.0 Authorization Server Metadata (ietf.org))
| Code Block |
|---|
|
global:
identity:
OIDC_ISSUER: "https://keycloak.brand.de/realms/Connector" |
Configuring the OIDC client
After configuring the OIDC client in your SSO provider you must set the OIDC client ID and client secret.
| Code Block |
|---|
|
env:
oidc:
clientId: octaneClient
clientSecret: e932235d-2349-fd26-bcdb-93hw3f43aab9 |
| Note |
|---|
The OIDC client MUST fulfill the following requirements: has to be a private client (so it has a key and secret) grant type must be authorization code the redirect URI must be https://<oslc connector url>/login/oauth2/code/custom
|
Setting up a connection to the Octane instance
Adapting a Octane instance
There are two URLs that must be set before a integration with the API and UI of Octane can be achieved. The first one is adaptedToolRootUri and it represents the base URL of your Octane instance. The second one is adaptedToolApiUri and represents the API URL of Octane. This usually follows the following path formats:
https://<octane instance URL>/
| Code Block |
|---|
|
env:
tool:
adaptedToolApiUri: "https://octane.com"
adaptedToolRootUri: "https://octane.com" |
Technical user authorization for TRS generation
The value for adaptedToolTechnicalUserAuthorizationHeader must be a valid Basic authorization header. The credentials are base64 encoded.
Setting the adaptedToolTechnicalUserAuthorizationHeaderis mandatory if TRS feed generation is required.
| Code Block |
|---|
|
env:
tool:
adaptedToolTechnicalUserAuthorizationHeader: "Basic dXNlcm5hbWU6cGFzc3dvcmQ=" |
List of OSLC Connector for Octane administrators
Provide a list of up to 5 usernames which will have the administration right to change protected settings in the OSLC Connector. Inbound details and Outbound details can be managed only by administrators. At least one administrator user must be stated here.
| Code Block |
|---|
|
env:
configuration:
administrators: [] |
Encrypt oauth10a configuration data
Set the encryption key used to encrypt and decrypt the oauth10a configuration data in the database.
| Code Block |
|---|
|
env:
configuration:
oauth10aEncryptionKey: "encryption-key" |
Overwrite global OIDC configuration
This optional section can be used to overwrite the OIDC client configuration used by the OSLC Connector for Octane when the helm chart bundles multiple applications together.
Set the env.oidc.clientId and env.oidc.clientSecret in order to overwrite the values from global.oidc.clientId and global.oidc.clientSecret respectively.
Alternatively you can provide the name of the Kubernetes secret and the values for clientId and clientSecret will be fetched from the specified secret.
| Code Block |
|---|
|
env:
oidc:
clientId: ""
clientSecret: ""
secretName: "" |
User name attribute
Used to set the JWT claim to be used for user identification. Examples are preferred_username, sub, oid.
| Code Block |
|---|
|
env:
userNameAttribute: "preferred_username" |
Client authentication scheme
Sets the client authentication method to be used in the authentication process. Valid values are: client_secret_basic, client_secret_post, none. Default value is "client_secret_basic"
| Code Block |
|---|
|
env:
clientAuthenticationScheme: "client_secret_basic" |
User info authentication method
Sets the user info authentication method. Valid values are: header, form, query
| Code Block |
|---|
|
env:
userInfoAuthenticationMethod: "header" |
Client scopes
Sets the client scopes used in the authentication process. Default value "openid". The value is a comma separated list of scopes (e.g. "read, write").
| Code Block |
|---|
|
env:
clientScope: "openid" |
PKCE
Sets the application to use PKCE when authenticating the user https://oauth.net/2/pkce/. Default value is true. Set pkceEnabled to false if the OIDC provider does not support PKCE.
| Code Block |
|---|
|
env:
pkceEnabled: true |
Public URI and Plugin URI
The env.publicUri variable sets the URL where the OSLC Connector for Octane is accessible. This is mandatory and has to be set.
The env.pluginUri sets the URL where the OSLC Connector for Octane is accessible and must be in the form of <env.publicUri>/spa. This variable is also mandatory and must be set.
| Code Block |
|---|
|
env:
publicUri: ""
pluginUri: "" |
Allowed CORS URLs
This is a comma separated list of applications that are allowed to make requests to the OSLC Connector API like third party applications that read data from the OSLC Connector for Octane.
| Code Block |
|---|
|
env:
allowedCorsOrigins: "https://smartfacts.com" |
Known context roots
This is a comma separated list URLs of other OSLC Connectors (Smartfacts, Jama, PREEvision, Octane, DOORS Classic) that are connect to this instance via an association.
| Code Block |
|---|
|
env:
knownContextRoots: "https://genoslc-codebeamer.smartfacts.com" |
Global Configuration Provider
Sets the Global Configuration provider. An example is https://<ibm-elm>/gc. Setting the value is optional but is mandatory if IBM ELM link validity is required.
| Code Block |
|---|
|
env:
globalConfigurationProvider: "" |
Link Validity Provider
Sets the Link Validity Provider. Examples:
https://<ibm-elm>/jts/elm
https://<smartfacts>/platform/elm
| Code Block |
|---|
|
env:
linkValidityProvider: "" |
Enabling TRS
Enables TRS feed generation. Requires a technical user to be set via the env.tool.adaptedToolTechnicalUserAuthorizationHeader if it's enabled.
TRS feed exposes base artifacts and changes that occurred in synchronized Octane projects.
| Note |
|---|
Enable it only if a third party tool is accessing the TRS feed of this OSLC Connector to index data. |
| Code Block |
|---|
|
env:
trsEnabled: false |
Install the OSLC Connector for Octane
Execute the Installation
Enter the following command to execute the Installation:
| Code Block |
|---|
|
sudo helm upgrade --install genoslc-octane library/genoslc -f values-genoslc-octane.yaml --version 3.0.1 -n genoslc-octane --create-namespace |
Enabling the plugin in Octane
To enable the OSLC Connector for Octane as an UI panel in Octane you need to navigate to Settings → External action editor.
| Note |
|---|
You must replace <genoslc-octane-url> with the correct URL of your OSLC Connector for Octane. |
In the following code sample two external actions have been configured - one for work items and one for requirements.
| Code Block |
|---|
| breakoutMode | full-width |
|---|
| language | json |
|---|
|
[
{
"name": "smartfacts_details_sidepanel_cm",
"title": "Smartfacts",
"entity_type": [
"work_item"
],
"views": [
"list"
],
"icon": "details",
"url": "https://<genoslc-octane-url>/spa?mode=query&componentId={shared_space}-{workspace}-cm&artifactId={entity_ids}&label={entity_name}&domain=http%3A%2F%2Fopen-services.net%2Fns%2Fcm%23",
"mode": {
"name": "side_panel",
"modules": [
"backlog"
]
},
"single_entity": true
},
{
"name": "smartfacts_details_sidepanel_rm",
"title": "Smartfacts",
"entity_type": [
"requirement"
],
"views": [
"list"
],
"icon": "details",
"url": "https://<genoslc-octane-url>/spa?mode=query&componentId={shared_space}-{workspace}-rm&artifactId={entity_ids}&label={entity_name}&domain=http:%2F%2Fopen-services.net%2Fns%2Frm",
"mode": {
"name": "side_panel",
"modules": [
"requirements"
]
},
"single_entity": true
},
{
"name": "smartfacts_details_sidepanel_qm",
"title": "Smartfacts",
"entity_type": [
"test_suites"
],
"views": [
"list"
],
"icon": "details",
"url": "https://<genoslc-octane-url>/spa?mode=query&componentId={shared_space}-{workspace}-rm&artifactId={entity_ids}&label={entity_name}&domain=http:%2F%2Fopen-services.net%2Fns%2Fqm",
"mode": {
"name": "side_panel",
"modules": [
"quality",
"backlog",
"team_backlog"
]
},
"single_entity": true
}
] |
For more details on how to create custom external actions check the Octane documentation.
OSLC Links field
OSLC Links could be stored in the Octane item. A field needs to be configured in the Octane space where the items that own the links exist.
To setup the OSLC Links field follow the steps:
Navigate to the space you want to configure
Image AddedSelect an entity to which you want to add the custom field
Image AddedNavigate to the Fields tab and press on + Field
Image AddedAdd the OSLC Links field as a String field
Image Added