Versions Compared

Version Old Version 7 New Version Current
Changes made by

Jim Amsden

Jim Amsden

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

elm-sync configuration is done in the Spring Boot application.yml file. The configuration associates one CDCM space with one or more ELM GCM serverservers, and lists the CDCM Configuration Areas that should be synchronized with ELM GCM. Configuration includes the following topics:

  • The elm-sync server configurationThe

  • spring application configuration including

    • security for oauth2 for CDCM access

    • SQLite database configuration for elm-sync

  • cdcm sever and API

  • ibm-elm server and API information

  • spring security for oauth2 for CDCM access

  • OAuth1.0a configuration for access to ELM GCM

  • The cdcm Configuration Area to ELM GCM server mappings

...

elm-sync uses the configuration information in the application.yml file to configure the CDCM and ELM GCM server URLs, access control and API information, and the list of CDCM Configuration Areas to sync. elm-sync then uses the CDCM TRS provider to read the change long log to replicate changes in CDCM in the corresponding project areas and resources in ELM GCM. elm-sync does not use the CDCM TRS base to determine what configuration areas to sync. Rather these the CDCM Configuration Areas to sync are explicitly defined in the configuration.area.mapping elements.

elm-sync also does not currently use the trs:cutoffEvent, assuming as it is always 0. This effectively means elm-sync assumes the TRS base is empty and all the TRS provider information is in the change log. This may need to be updated if when CDCM implements change log pruning.

...

The application.yml defines various information elm-sync uses to determine what CDCM configuration areas should be synced to ELM GCM and how to access them through their authenticated APIs. Here’s an example application.yml file.

Code Block
springelm-sync:  # security:configuration for the elm-sync server
oauth2:  instance:
    clientname: ELM-SYNC-1
       registration:
          custom: #'custom' here can be anything
max-number-of-retries: 100
  retry-backoff: 100
  max-number-of-unique-title-retries: 100

server:
  port: 8080
  servlet:
    context-path: "/sandbox"

spring:
  security:
    oauth2:
      client-id: ${CLIENT_ID:genoslc-development} #genoslc-development
 
        registration:
          cdcm-client-secret:
${CLIENT_SECRET:z0AMmptqxxuQBBiZc7FMJVAisvGmMadD}             redirectclient-uri: http://localhost:${server.port}/${server.servlet.context-path}/login/oauth2/code/customid: cdcm-client-id
            scope: ${CLIENT_SCOPE:openid}client-secret: secret
            scope: service-user-roles
            authorization-grant-type: authorizationclient_codecredentials
        provider:
          customcdcm-client:
#'custom' here can be anything
            issuer-uri: https://keycloak.mid.de/realms/Smartfacts-Developmentcdcm
            user-name-attribute: ${USER_NAME_ATTRIBUTE:preferred_username}
      resourceserver:
     user-info-authentication-method: ${USER_INFO_AUTHENTICATION_METHOD:form} # header, form, query
      resourceserver:
        jwt:
          issuer-uri: https://keycloak.mid.de/realms/Smartfacts-Developmentcdcm
   elm-syncdatasource:
 # configuration for the elm-sync server
  instance:
url: "jdbc:sqlite:/opt/elmsync/data/elmsync.db"
    driver-class-name: org.sqlite.JDBC
    nameusername: ELM-SYNC-1sa
  configuration:  password: sa
 cdcm-configuration-url: http://localhost:8080/api/v1/objectMappings jpa:
    cdcmdatabase-urlplatform: https://www.example.com/
  max-number-of-retries: 6
  retry-backoff: 2
  max-number-of-unique-title-retries: 50

server:
  port: ${PORT:8080}
  servlet:
    context-path: "/sandbox"

cdcm:  # the CDCM server instance and Space to use, org.hibernate.community.dialect.SQLiteDialect
    hibernate:
      ddl-auto: update
    show-sql: false

cdcm:  # the CDCM server instance and Space to use, one instance per elm-sync server
  api:
    host: https://cdcm.demo.smartfacts.com
    space-key: CDCM-IPKvRuZYUps1space_key

ibm-elm:  # the IBM ELM server instance to use, corresponds to a CDCM Space
  api:
    host: https://elmdemo.smartfactselm.com:9443
    pa-creation-path: /gc/service/com.ibm.team.process.internal.service.web.IProcessWebUIService/projectArea
    pa-get-path: /gc/service/com.ibm.team.process.internal.service.web.IProcessWebUIService/allProjectAreas
    config-update-path: /gc/gc.webui.updateConfiguration

smartfacts:
datasource  oauth10a:
    urlactive: jdbc:sqlite:/Users/jamsden/data/sqlite/elmsync.dbtrue
    outbound:
     driver-class-name: org.sqlite.JDBC
    username details:
sa     password: sa  - jpaname:     database-platform: org.hibernate.community.dialect.SQLiteDialectelm.com
    hibernate:       ddl-auto: updateprotected-url-roots: https://elm.com:9443/jts/**,https://elm.com:9443/rm/**,https://elm.com:9443/gc/**
    show-sql: true  smartfacts:   oauth10aconsumer-key: key
   active:  true     outboundconsumer-secret:elm secret
     details:     rootservices: https://elm.com:9443/jts/rootservices

 - name: elmdemo.smartfacts.com
      inbound:
      realm-name: sandbox-realm
      auto-approve-consumer-keys: true
      protectedauto-urlapprove-rootstokens: https://elmdemo.smartfacts.com:9443/jts/**,https://elmdemo.smartfacts.com:9443/rm/**,https://elmdemo.smartfacts.com:9443/gc/**true
      details:
        - name: elm-inbound
          consumer-key: jamsden_authkey
          consumer-secret: Chajas3mat#secret

configuration:
  area:
    mapping:
rootservices: https://elmdemo.smartfacts.com:9443/jts/rootservices      -
    - name: ibm-elm-qm  source: cdcm_area_id
       protected-url-roots target: https://elmdemoelm.smartfacts.com:9443/qm
      -
   consumer-key: consumer-key    source: cdcm_area_id
     consumer-secret: secret           rootservicestarget: https://elmdemoelm.smartfacts.com:9443/qm/rootservices
     inbound: -
     realm-name: sandbox-realm  source: cdcm_area_id
   auto-approve-consumer-keys: true       auto-approve-tokens: true
      details:
        - name: mid-elm-inbound
          consumer-key: bc2a6767-af53-417a-a97c-c9487804d5df
          consumer-secret: secret

configuration:
  area:
    mapping:
      -
        source: 664f38242aac9257b5b0c79c
        target: https://elmdemo.smartfacts.com:9443
      -
        source: 664f383b2aac9257b5b0c7a0
        target: https://elmdemo.smartfacts.com:9443
      -
        source: 664c7d15f7eb227a1021a7ce
        target: https://elmdemo.smartfacts.com:9443

elm-sync server configuration

This section defines the elm-server configuration including the server port and context-path for accessing the elm-sync controllers, and server instance information.

Code Block
 elm-sync:  # configuration for the elm-sync server
  instance:
    name: ELM-SYNC-1
  configuration:
    cdcm-configuration-url: http://localhost:8080/api/v1/objectMappings
    cdcm-url: https://www.example.com/
  max-number-of-retries: 6
  retry-backoff: 2
  max-number-of-unique-title-retries: 50

server:
  port: ${PORT:8080}
  servlet:
    context-path: "/sandbox"

elm-syn SQLite database configuration

elm-sync uses SQLite for persisting information about the CDCM configuration areas and ELM GCM project areas that are being synchronized. The information includes:

  • The Configuration Area id

  • The ELM Server URL and corresponding project area URL

  • The trs:order number of the last trs:change event processed by elm-sync. Changes after this event will be processed on the next elm-sync scan cycle.

Code Block
  datasource:  # tge /SQLite data source used by elm-sync
    url: jdbc:sqlite:/data/sqlite/elmsync.db
    driver-class-name: org.sqlite.JDBC
    username: sa
    password: sa
  jpa:
    database-platform: org.hibernate.community.dialect.SQLiteDialect
    hibernate:
      ddl-auto: update
    show-sql: true

CDCM Server and API

This section defines the CDCM server and space that is the source of configuration areas that will be synced to ELM GCM project areas.

Code Block
cdcm:  # the CDCM server instance and Space to use, one instance per elm-sync server
  api:
    host: https://cdcm.demo.smartfacts.com
    space-key: CDCM-IPKvRuZYUps1

IBM ELM server and API information

This section specifies the IBM ELM GCM server that will be synchronized with the CDCM space.

Code Block
ibm-elm:  # the IBM ELM server instance to use, corresponds to a CDCM Space
  api:
    host: https://elmdemo.smartfacts.com:9443
    pa-creation-path: /gc/service/com.ibm.team.process.internal.service.web.IProcessWebUIService/projectArea
    pa-get-path: /gc/service/com.ibm.team.process.internal.service.web.IProcessWebUIService/allProjectAreas
    config-update-path: /gc/gc.webui.updateConfiguration

Future consideration: The pa-creation-path, pa-get-path and config-update-path are specified in ELM GCM private API. These paths are unlikely to change or could possibly be discovered and may not need to be configured manually. See https://jazz.net/gc/doc/scenarios.

CDCM Security Configuration

Access to CDCM uses AOuth 2 which is configured for the Spring Boot application

Code Block
spring:
  security:
    oauth2:
      client:
        registration:
          custom: #'custom' here can be anything
            client-id: ${CLIENT_ID:genoslc-development} #genoslc-development
            client-secret: ${CLIENT_SECRET:z0AMmptqxxuQBBiZc7FMJVAisvGmMadD}
            redirect-uri: http://localhost:${server.port}/${server.servlet.context-path}/login/oauth2/code/custom
            scope: ${CLIENT_SCOPE:openid}
            authorization-grant-type: authorization_code
        provider:
          custom: #'custom' here can be anything
            issuer-uri: https://keycloak.mid.de/realms/Smartfacts-Development
            user-name-attribute: ${USER_NAME_ATTRIBUTE:preferred_username}
            user-info-authentication-method: ${USER_INFO_AUTHENTICATION_METHOD:form} # header, form, query
      resourceserver:
        jwt:
          issuer-uri: https://keycloak.mid.de/realms/Smartfacts-Development

ELM GCM OAuth1.0a Security Configuration

elm-sync uses OAuth1.0a to access ELM GCM through the REST APIs. This access is done through a functional user whose ID is associated with a consumer key and secret.

Code Block
smartfacts:
  oauth10a:
    active: true
    outbound:elm
      details:
        - name: elmdemo.smartfacts.com
          protected-url-roots: https://elmdemo.smartfacts.com:9443/jts/**,https://elmdemo.smartfacts.com:9443/rm/**,https://elmdemo.smartfacts.com:9443/gc/**
          consumer-key: jamsden_auth
          consumer-secret: some_password
          rootservices: https://elmdemo.smartfacts.com:9443/jts/rootservicestarget: https://elm.com:9443

elm-sync server configuration

This section defines the elm-server configuration including the server port and context-path for accessing the elm-sync controllers, and server instance information. Note: the elm-sync controllers are only used for development and unit testing, there are no elm-sync REST services intended for customer use.

Code Block
elm-sync:  # configuration for the elm-sync server
  instance:
    name: ELM-SYNC-1
  max-number-of-retries: 6
  retry-backoff: 2
  max-number-of-unique-title-retries: 50

server:
  port: 8080
  servlet:
    context-path: "/sandbox"

elm-syn Spring Boot Application Configuration

The elm-sync Spring Boot application configuration specifies information about:

  1. CDCM OAuth2.0 security information

  2. An SQLite database for persisting information about the CDCM configuration areas and ELM GCM project areas that are being synchronized.

Access to CDCM uses AOuth 2 which is configured for the Spring Boot application using the cdcm-client. Your CDCM administrator can provide your client-id and client-secret, and information on the provider.cdcm-client that does the authentication.

The database information includes:

  • The Configuration Area id

  • The ELM Server URL and corresponding project area URL

  • The trs:order number of the last trs:change event processed by elm-sync. Changes after this event will be processed on the next elm-sync scan cycle.

Code Block
spring:
  security:
    oauth2:
      client:
        registration:
          cdcm-client:
            client-id: cdcm-client-id
            client-secret: secret
            scope: service-user-roles
            authorization-grant-type: client_credentials
        provider:
          cdcm-client:
            issuer-uri: https://keycloak/realms/cdcm
            user-name-attribute: preferred_username
      resourceserver:
        jwt:
          issuer-uri: https://keycloak/realms/cdcm
  datasource:
    url: "jdbc:sqlite:/opt/elmsync/data/elmsync.db"
    driver-class-name: org.sqlite.JDBC
    username: sa
    password: sa
  jpa:
    database-platform: org.hibernate.community.dialect.SQLiteDialect
    hibernate:
      ddl-auto: update
    show-sql: false

CDCM Server and API

This section defines the CDCM server and space that is the source of configuration areas that will be synced to ELM GCM project areas.

Code Block
cdcm:  # the CDCM server instance and Space to use, one instance per elm-sync server
  api:
    host: https://cdcm.com
    space-key: space_key

IBM ELM server and API information

This section specifies the IBM ELM GCM server that will be synchronized with the CDCM space.

Code Block
ibm-elm:  # the IBM ELM server instance to use, corresponds to a CDCM Space
  api:
    host: https://elm.com
    pa-creation-path: /gc/service/com.ibm.team.process.internal.service.web.IProcessWebUIService/projectArea
    pa-get-path: /gc/service/com.ibm.team.process.internal.service.web.IProcessWebUIService/allProjectAreas
    config-update-path: /gc/gc.webui.updateConfiguration

Future considerations:

  1. The pa-creation-path, pa-get-path and config-update-path are specified in ELM GCM private API. These paths are unlikely to change or could possibly be discovered and may not need to be configured manually. See https://jazz.net/gc/doc/scenarios.

  2. The ibm-elm.api.host property limits elm-sync to syncing a single CDCM space to a single ELM GCM server. This will be updated to support multiple ELM GCM servers and this property will be removed, instead getting the value from the configuration.area.mapping.target value.

ELM GCM OAuth1.0a Security Configuration

elm-sync uses OAuth1.0a to access ELM GCM through the REST APIs. This access is done through a functional user whose ID is associated with a consumer key and secret.

Code Block
smartfacts:
  oauth10a:
    active: true
    outbound:
      details:
        - name: ibm-elm-qm.com
          protected-url-roots: -roots: https://elm.com:9443/jts/**,https://elm.com:9443/rm/**,https://elmdemoelm.smartfacts.com:9443/gc/qm**
          consumer-key: consumer-key
          consumer-secret: secret
          rootservices: https://elmdemo.smartfactselm.com:9443/qmjts/rootservices

    inbound:
      realm-name: sandbox-realm
      auto-approve-consumer-keys: true
      auto-approve-tokens: true
      details:
        - name: mid-elm-inbound
          consumer-key: bc2a6767-af53-417a-a97c-c9487804d5df
      details:
       consumer-secret: secret

The outbound.details provide the information elm-sync need to be able to access ELM GCM services using OAuth1.0a for authentication.

The inbound.relm-name is used for the elm-sync REST API services defined in the com.mid.smartfacts.cdcm.elmc.controllers classes:

...

ElmApplicationController: provides rootservices, service provider catalog and about information for elm-sync

...

TestConfigurationAreaReaderController: implements various fixed test cases for accessing CDCM Configuration Areas

...

- name: elm-inbound
          consumer-key: key
          consumer-secret: secret

The outbound.details provide the information elm-sync need to be able to access ELM GCM services using OAuth1.0a for authentication.

The smartfacts.oauth10a.inbound.relm-name is required, but not currentluy used. It is included for future use.

Creating the ELM GCM functional id

...

Code Block
configuration:
  area:
    mapping:
      -
        source: 664f38242aac9257b5b0c79ccdcm_area_id
        target: https://elmdemoelm.smartfacts.com:9443
      -
        source: 664f383b2aac9257b5b0c7a0cdcm_area_id
        target: https://elmdemoelm.smartfacts.com:9443
      -
        source: 664c7d15f7eb227a1021a7cecdcm_area_id
        target: https://elmdemo.smartfactselm.com:9443

Note: Although a configuration.area.mapping.target specifies the URL of the ELM GCM server, this URL must currently be the same as ibm-elm.api.host. elm-sync is currently configured to sync one CDCM server with one ELM GCM server. A different instance of elm-sync could be used to sync different CDCM and ELM GCM servers.

...

  1. Change configuration.area.mapping.source to a URL link to the CDCM configuration area, instead of just its ID

  2. Derive the ibm-elm.api information for the configuration.area.mapping.target URL through discovery

Configuration

elm-sync is configured using the Spring Boot project file application.yml. This file has to be put in the application’s resources folderThe location of this files specified in the docker-compose.yaml file. Spring Boot profiles can be used for different configurations such as application-local.ymlfor local development, and application-prod.yml for production.

...

The application.yml contains security sensitive information such as consumer keys and secrets, and should be placed into a kubernetes secret, and mounted into the CDCM elm-sync container. The name of this secret is "elm-sync", the value of is the application.yml file.

To integrate the application.yml file into your CDCM elm-syn deployment, you need to create a secret called “elm-sync” in the namespace of your CDCM elm-sync deployment.

There are two ways to do this:

...

The following tables define each of the leave properties in the elm-sync configuration that users will need to provide. See the example above for the property paths.

...

Key

Description

elm-sync.instance.name

A name for this elm-sync server instance

elm-sync.configuration.cdcm_configuration-url

The URL to access the current CDCM to ELM Sync mapping information, the data from the SQLite object_mapping table.

elm-sync.configuration.cdcm-url

elm-sync.max-number-of-retriesmax-number-of-retries

Maximum number of retries for REST calls.

elm-sync.retry-backoffbackoff

Number of seconds between retries.

elm-sync.max-numer-of-unique-title-retries

Maximum number of retries for unique dcterms.title for an ELM GCM resource.

server.port

The port for the elm-sync server

server.servlet.context-path

/sandbox, the path for the elm-sync controllers e.g., http://localhost:8080/sandbox/api/v1/objectMappings

...

api/v1/objectMappings

elm-sync Persistance: datasource

Key

Description

url

URL of the SQLite database. This database will be created if it does not exist.

username

The SQLite database user name

password

The SQLite database password

CDCM Server: cdcm

Specifies the CDCM server and space key to synchronize with ELM GCM:

Key

Description

url

cdcm.api.host

URL of the

SQLite database. This database will be created if it does not exist.

driver-class-name

The SQLite driver class name, usually org.sqlite.JDBC.

Possible values are GET, POST, PUT, DELETE, OPTIONS, PATCH and ALL

username

The SQLite database user name

password

The SQLite database password

CDCM Server: cdcm

Specifies the CDCM server and space key to synchronize with ELM GCM:

Key

Description

cdcmCDCM server to synchronize

cdcm.api.space-key

The key of the Space containing the Configuration Areas to sync to ELM GCM

CDCM Security: spring.security.oauth2

Specifies the CDCM OAuth 2 security information.

Key

Description

client-id

The CDCM server OAuth 2 client id

client-secret

The CDCM server OAuth 2 client secret

IBM ELM Server: ibm-elm

Specifies the IBM ELM GCM server that will be synchronized with the CDCM Space.

Key

Description

ibm-elm.api.host

URL of the

CDCM

ELM GCM server to synchronize

cdcm.api.space-key

The key of the Space containing the Configuration Areas to sync to ELM GCM

CDCM Security: spring.security.oauth2

Specifies the CDCM OAuth 2 security information.

Key

Description

client-id

The CDCM server OAuth 2 client id

client-secret

The CDCM server OAuth 2 client secret

IBM ELM Server: ibm-elm

Specifies the IBM ELM GCM server that will be synchronized with the CDCM Space.

Key

Description

ibm-elm.api.host

URL of the ELM GCM server to synchronize with

ibm-elm.api.pa-creation-pathwith

Future consideration: these API paths are defined by the GCM REST API at https://jazz.net/gc/doc/scenarios and https://jazz.net/jts/doc/scenarios and may not be need to be configured manually.

ELM GCM Security Configuration: smartfacts.oauth10a

Provides the information needed for elm-sync to authenticate with ELM GCM and JTS using OAuth1.0a.

Key

Description

active

Whether the connection is active or not

outbound

outbound.details

A list of outbound connections to servers authenticated with OAuth1.0a

outbound.details.name

Path of the ELM GCM service to create a project area.

ibm-elm.api.pa-get-path

Path of the ELM GCM service to update a configuration.

ibm-elm.api.config-update-path

Path of the ELM GCM service to create a project area.

Future consideration: these API paths are defined by the GCM REST API at https://jazz.net/gc/doc/scenarios and https://jazz.net/jts/doc/scenarios and may not be need to be configured manually.

...

protected-url-roots

A comma separated list of URI patters to resources protected by this connection configuration

consumer-key

The consumer key for the consumer connection

consumer-secret

The consumer secret for the consumer-key

CDCM Configuration Area Mappings: configuration.area.mapping

This is a list of the CDCM configuration area IDs to ELM GCM server URI mappings.

Key

Description

source

CDCM Configuration Area ID

target

ELM GCM server URI, should be the same as ibm-elm.api.host.

...