yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2026-01-07 04:56:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenMetadata/conf/openmetadata.yaml

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

420 lines
18 KiB
YAML
Raw Normal View History

License header update (#1498) * updated liscense header * updated license header * updated license header * updated license header * addressing stylecheck findings
2021-12-01 12:46:28 +05:30
# Copyright 2021 Collate
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
applied license to the backend files
2021-08-02 15:08:30 +05:30
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
Fix#6517: Add clusterName property to the application config yaml (#6610) * Add cluster name in the app configuration and start using it to create secrets id * Update secret manager client in openmetadata for using default auth provider * Add missing property in test config file
2022-08-09 09:00:43 +02:00
clusterName: ${OPENMETADATA_CLUSTER_NAME:-openmetadata}
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
swagger:
Fix #7469: Refactor OpenMetadata code modules (#7474)
2022-09-14 23:14:02 -07:00
resourcePackage: org.openmetadata.service.resources
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
server:
rootPath: '/api/*'
applicationConnectors:
- type: http
Minor: add bindHost to configure the host ip for OpenMetadata Server (#17153)
2024-07-27 08:13:31 -07:00
bindHost: ${SERVER_HOST:-0.0.0.0}
Fix #2143: Allow environment variables to be substituted in OpenMetadata config (#2146) * Fix #2143: Allow environment variables to be substituted in OpenMetadata config
2022-01-11 10:13:49 -08:00
port: ${SERVER_PORT:-8585}
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
adminConnectors:
- type: http
Minor: add bindHost to configure the host ip for OpenMetadata Server (#17153)
2024-07-27 08:13:31 -07:00
bindHost: ${SERVER_HOST:-0.0.0.0}
Fix #2143: Allow environment variables to be substituted in OpenMetadata config (#2146) * Fix #2143: Allow environment variables to be substituted in OpenMetadata config
2022-01-11 10:13:49 -08:00
port: ${SERVER_ADMIN_PORT:-8586}
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
# Above configuration for running http is fine for dev and testing.
Fixes issue-11740: Added support for the om service to connect to AWS RDS using IAM roles (#11913) * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Changed intial implementation accordingly. Added better flexibility for different auth prodvider impl * ISSUE-11740: Clean up unnecessary classes * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Code formatting * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Moved docs to 1.2 version --------- Co-authored-by: artiom.darie <artiom.darie@adswizz.com> Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
2023-09-27 19:59:24 +03:00
# For production setup, where UI app will hit apis through DPS it
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
# is strongly recommended to run https instead. Note that only
# keyStorePath and keyStorePassword are mandatory properties. Values
# for other properties are defaults
#server:
#applicationConnectors:
# - type: https
# port: 8585
Fixes issue-11740: Added support for the om service to connect to AWS RDS using IAM roles (#11913) * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Changed intial implementation accordingly. Added better flexibility for different auth prodvider impl * ISSUE-11740: Clean up unnecessary classes * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Code formatting * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Moved docs to 1.2 version --------- Co-authored-by: artiom.darie <artiom.darie@adswizz.com> Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
2023-09-27 19:59:24 +03:00
# keyStorePath: ./conf/keystore.jks
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
# keyStorePassword: changeit
# keyStoreType: JKS
# keyStoreProvider:
# trustStorePath: /path/to/file
# trustStorePassword: changeit
# trustStoreType: JKS
# trustStoreProvider:
# keyManagerPassword: changeit
# needClientAuth: false
# wantClientAuth:
# certAlias: <alias>
# crlPath: /path/to/file
# enableCRLDP: false
# enableOCSP: false
# maxCertPathLength: (unlimited)
# ocspResponderUrl: (none)
# jceProvider: (none)
# validateCerts: true
# validatePeers: true
# supportedProtocols: SSLv3
# supportedCipherSuites: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
# allowRenegotiation: true
# endpointIdentificationAlgorithm: (none)
Fixes issue-11740: Added support for the om service to connect to AWS RDS using IAM roles (#11913) * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Changed intial implementation accordingly. Added better flexibility for different auth prodvider impl * ISSUE-11740: Clean up unnecessary classes * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Code formatting * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Moved docs to 1.2 version --------- Co-authored-by: artiom.darie <artiom.darie@adswizz.com> Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
2023-09-27 19:59:24 +03:00
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
#adminConnectors:
# - type: https
# port: 8586
Fixes issue-11740: Added support for the om service to connect to AWS RDS using IAM roles (#11913) * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Changed intial implementation accordingly. Added better flexibility for different auth prodvider impl * ISSUE-11740: Clean up unnecessary classes * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Code formatting * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Moved docs to 1.2 version --------- Co-authored-by: artiom.darie <artiom.darie@adswizz.com> Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
2023-09-27 19:59:24 +03:00
# keyStorePath: ./conf/keystore.jks
# keyStorePassword: changeit
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
# keyStoreType: JKS
# keyStoreProvider:
# trustStorePath: /path/to/file
# trustStorePassword: changeit
# trustStoreType: JKS
# trustStoreProvider:
# keyManagerPassword: changeit
# needClientAuth: false
# wantClientAuth:
# certAlias: <alias>
# crlPath: /path/to/file
# enableCRLDP: false
# enableOCSP: false
# maxCertPathLength: (unlimited)
# ocspResponderUrl: (none)
# jceProvider: (none)
# validateCerts: true
# validatePeers: true
# supportedProtocols: SSLv3
# supportedCipherSuites: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
# allowRenegotiation: true
# endpointIdentificationAlgorithm: (none)
# Logging settings.
# https://logback.qos.ch/manual/layouts.html#conversionWord
logging:
Add remote debug port (#8045) * Add remote debug port * Add remote debug port * Add remote debug port * Add remote debug port
2022-10-10 22:43:15 -07:00
level: ${LOG_LEVEL:-INFO}
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
loggers:
OpenMetadata Operations Command Line Utility (#14504) * Add new OpenMetadataSetup command line application to migrate/deploy and re-index * Add new OpenMetadataSetup command line application to migrate/deploy and re-index * Add deployPipelines option * Add reIndex option * add subcommands * add provision to store upgrade metrics * rename bootstrap script * fix styling checks * Add changelog and store metrics into SERVER_CHANGE_LOG * Cast jsonb * Cast jsonb --------- Co-authored-by: Pere Miquel Brull <peremiquelbrull@gmail.com>
2023-12-28 23:22:58 -08:00
org.openmetadata.service.util.OpenMetadataSetup:
level: INFO
appenders:
- type: console
logFormat: "%msg%n"
timeZone: UTC
- type: file
logFormat: "%level [%d{ISO8601,UTC}] [%t] %logger{5} - %msg%n"
Fix #14318: Add support of JSON logs (#14783)
2024-01-21 22:59:28 -08:00
layout:
type: json
OpenMetadata Operations Command Line Utility (#14504) * Add new OpenMetadataSetup command line application to migrate/deploy and re-index * Add new OpenMetadataSetup command line application to migrate/deploy and re-index * Add deployPipelines option * Add reIndex option * add subcommands * add provision to store upgrade metrics * rename bootstrap script * fix styling checks * Add changelog and store metrics into SERVER_CHANGE_LOG * Cast jsonb * Cast jsonb --------- Co-authored-by: Pere Miquel Brull <peremiquelbrull@gmail.com>
2023-12-28 23:22:58 -08:00
currentLogFilename: ./logs/openmetadata-operations.log
archivedLogFilenamePattern: ./logs/openmetadata-operations-%d{yyyy-MM-dd}-%i.log.gz
archivedFileCount: 7
timeZone: UTC
maxFileSize: 50MB
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
appenders:
Fix #7782: Add console appender to OpenMetadata logs (#7783) * Fix #7782: Add console appender to OpenMetadata logs * Add format Co-authored-by: Vivek Ratnavel Subramanian <vivekratnavel90@gmail.com>
2022-09-28 18:15:57 -07:00
- type: console
threshold: TRACE
Add log layout for tests and also printing ISO8601 timestamp (#8071)
2022-10-10 18:42:59 -07:00
logFormat: "%level [%d{ISO8601,UTC}] [%t] %logger{5} - %msg%n"
Fix #7782: Add console appender to OpenMetadata logs (#7783) * Fix #7782: Add console appender to OpenMetadata logs * Add format Co-authored-by: Vivek Ratnavel Subramanian <vivekratnavel90@gmail.com>
2022-09-28 18:15:57 -07:00
timeZone: UTC
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
- type: file
Fix #14318: Add support of JSON logs (#14783)
2024-01-21 22:59:28 -08:00
layout:
type: json
appendLineSeparator: true
Fix #4597: Log audit events into a separate log file (#4598) * Fix #4597: Log audit events into a separate log file * Fix #4597: Log audit events into a separate log file
2022-04-29 11:06:46 -07:00
filterFactories:
- type: audit-exclude-filter-factory
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
threshold: TRACE
Add log layout for tests and also printing ISO8601 timestamp (#8071)
2022-10-10 18:42:59 -07:00
logFormat: "%level [%d{ISO8601,UTC}] [%t] %logger{5} - %msg%n"
Add event handler configuration and make it optional
2021-08-11 14:54:13 -07:00
currentLogFilename: ./logs/openmetadata.log
archivedLogFilenamePattern: ./logs/openmetadata-%d{yyyy-MM-dd}-%i.log.gz
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
archivedFileCount: 7
timeZone: UTC
maxFileSize: 50MB
Fix #4597: Log audit events into a separate log file (#4598) * Fix #4597: Log audit events into a separate log file * Fix #4597: Log audit events into a separate log file
2022-04-29 11:06:46 -07:00
- type: file
Fix #14318: Add support of JSON logs (#14783)
2024-01-21 22:59:28 -08:00
layout:
type: json
appendLineSeparator: true
Fix #4597: Log audit events into a separate log file (#4598) * Fix #4597: Log audit events into a separate log file * Fix #4597: Log audit events into a separate log file
2022-04-29 11:06:46 -07:00
filterFactories:
- type: audit-only-filter-factory
threshold: TRACE
Add log layout for tests and also printing ISO8601 timestamp (#8071)
2022-10-10 18:42:59 -07:00
logFormat: "%level [%d{ISO8601,UTC}] [%t] %logger{5} - %msg%n"
Fix #4597: Log audit events into a separate log file (#4598) * Fix #4597: Log audit events into a separate log file * Fix #4597: Log audit events into a separate log file
2022-04-29 11:06:46 -07:00
currentLogFilename: ./logs/audit.log
archivedLogFilenamePattern: ./logs/audit-%d{yyyy-MM-dd}-%i.log.gz
archivedFileCount: 25
timeZone: UTC
maxFileSize: 50MB
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
database:
# the name of the JDBC driver, mysql in our case
Fix openmetadata conf (#5403) * Fix openmetadata conf
2022-06-09 22:08:01 -07:00
driverClass: ${DB_DRIVER_CLASS:-com.mysql.cj.jdbc.Driver}
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
# the username and password
Fix#6929: docker-compose services should wait until OpenMetadata DB is created (#7025) * Added the docker compose for postgres * Added changes as per the comments on PR * Airflow Connectivity to Postgres * Changes are done as per the comments * Replocate changes to local dockerfile * Fixed Airflow Dockerfile * docker-compose services should wait until OpenMetadata DB is created * remove unnecesary wait for db service * Add dependencies to airflow image * Add missing dependencies to airflow Dockerfile Co-authored-by: “Vijay” <“vijay.l@deuexsolutions.com”> Co-authored-by: ulixius9 <mayursingal9@gmail.com>
2022-08-30 23:55:46 +02:00
user: ${DB_USER:-openmetadata_user}
password: ${DB_USER_PASSWORD:-openmetadata_password}
replaced catalog to openmetadata #2 (#47) Co-authored-by: parthp2107 <parth.panchal@deuexsoultions.com>
2021-08-05 10:15:52 +05:30
# the JDBC URL; the database is called openmetadata_db
Fixes issue-11740: Added support for the om service to connect to AWS RDS using IAM roles (#11913) * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Changed intial implementation accordingly. Added better flexibility for different auth prodvider impl * ISSUE-11740: Clean up unnecessary classes * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Code formatting * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Moved docs to 1.2 version --------- Co-authored-by: artiom.darie <artiom.darie@adswizz.com> Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
2023-09-27 19:59:24 +03:00
url: jdbc:${DB_SCHEME:-mysql}://${DB_HOST:-localhost}:${DB_PORT:-3306}/${OM_DATABASE:-openmetadata_db}?${DB_PARAMS:-allowPublicKeyRetrieval=true&useSSL=false&serverTimezone=UTC}
Fix #17372: Add Connection Pooling config to database (#17373)
2024-08-10 09:37:57 -07:00
maxSize: ${DB_CONNECTION_POOL_MAX_SIZE:-50}
minSize: ${DB_CONNECTION_POOL_MIN_SIZE:-10}
initialSize: ${DB_CONNECTION_POOL_INITIAL_SIZE:-10}
checkConnectionWhileIdle: ${DB_CONNECTION_CHECK_CONNECTION_WHILE_IDLE:-true}
checkConnectionOnBorrow: ${DB_CONNECTION_CHECK_CONNECTION_ON_BORROW:-true}
evictionInterval: ${DB_CONNECTION_EVICTION_INTERVAL:-5 minutes}
minIdleTime: ${DB_CONNECTION_MIN_IDLE_TIME:-1 minute}
Fix#6929: docker-compose services should wait until OpenMetadata DB is created (#7025) * Added the docker compose for postgres * Added changes as per the comments on PR * Airflow Connectivity to Postgres * Changes are done as per the comments * Replocate changes to local dockerfile * Fixed Airflow Dockerfile * docker-compose services should wait until OpenMetadata DB is created * remove unnecesary wait for db service * Add dependencies to airflow image * Add missing dependencies to airflow Dockerfile Co-authored-by: “Vijay” <“vijay.l@deuexsolutions.com”> Co-authored-by: ulixius9 <mayursingal9@gmail.com>
2022-08-30 23:55:46 +02:00
Fix #2479 - Check migration at server start (#2489) * Validate migrations on start * Output to logs * Validate Flyway Migrations at Catalog start * Add flyway validation test config * Sonarcloud try stream * Revert migration validation
2022-02-01 08:31:34 +01:00
migrationConfiguration:
Deprecate Flyway and use Native migrations (#12865) * Add ascii_bin for fqnhash, Add Constraints on timeseries * Attemp of moving migrations to files * Deprecate Flyway and use Native migrations * Deprecate Flyway and use Native migrations * Deprecate Flyway and use Native migrations * Deprecate Flyway and use Native migrations * Deprecate Flyway and use Native migrations * Deprecate Flyway and use Native migrations * Deprecate Flyway and use Native migrations * Deprecate Flyway and use Native migrations * Move upstream migrations to new path
2023-08-17 14:39:05 -07:00
flywayPath: "./bootstrap/sql/migrations/flyway"
nativePath: "./bootstrap/sql/migrations/native"
Remove Migration Extension Path Env (#13908)
2023-11-09 14:04:28 +05:30
extensionPath: ""
Support migration extensions (#13436) * Support migration extensions * Prep test * Prep test
2023-10-08 01:00:47 +02:00
Fix #2807: Merge openmetadata.yaml and openmetadata-server.yaml (#2808) Co-authored-by: darth-coder00 <aashit@getcollate.io>
2022-02-28 05:34:39 -08:00
# Authorizer Configuration
authorizerConfiguration:
feat(ui): login via email and password - Basic auth (#7558) * feat(ui): login via email and password - Basic auth * create admin users * update basic auth * create user on bootstrap * update basic auth flow * fix lint * update basic auth ui forms * update error messages * fix cypress tests * Added private key /public key in conf Default invitation for invited users on bootstrapping user with invitation mail Added self/signup flags , handled login scenarios around it On migration persisting previous user auth mechanism also handled * Missing fixes * Move self signup to config Co-authored-by: mohitdeuex <mohit.y@deuexsolutions.com>
2022-09-23 16:05:54 +05:30
className: ${AUTHORIZER_CLASS_NAME:-org.openmetadata.service.security.DefaultAuthorizer}
containerRequestFilter: ${AUTHORIZER_REQUEST_FILTER:-org.openmetadata.service.security.JwtFilter}
fix: List Configuration from Environment Variable for Authorizer and Authentication Configuration (#4305) * ability to provide list from env in yaml config * remove security config file as we do not maintain
2022-04-21 11:29:26 +05:30
adminPrincipals: ${AUTHORIZER_ADMIN_PRINCIPALS:-[admin]}
[BasicAuth] Added Basic Authentication (#7390) * Fixed issue with testCases not posted in slack * Return empty string in case of faling to build url * [BasicAuth] Added Basic Authentication APIs * [BasicAuth] Checkstyle * [BasicAuth] Test yaml updated * [BasicAuth] Update review comments * [BasicAuth] Refresh logic added * [BasicAuth] Add sql updates * [BasicAuth] Maintain dependency version in main pom.xml * [BasicAuth] Updated as per new module * [BasicAuth] Fixes for refresh and missing edge scenario handled * [BasicAuth] remove quotes * [BasicAuth] Fix merge conflicts
2022-09-19 11:38:45 +05:30
allowedEmailRegistrationDomains: ${AUTHORIZER_ALLOWED_REGISTRATION_DOMAIN:-["all"]}
Docs: Updated Domain in Docker Compose & Docs (#17603) * Minor: Updating Domain in Docker Compose & Docs * replace openmetadata to open-metadata --------- Co-authored-by: Prajwal Pandit <prajwalpandit@Prajwals-MacBook-Air.local> Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com> Co-authored-by: Shailesh Parmar <shailesh.parmar.webdev@gmail.com>
2024-09-09 11:47:09 +05:30
principalDomain: ${AUTHORIZER_PRINCIPAL_DOMAIN:-"open-metadata.org"}
Backend: Enforce principal domain in the JWT filter (#5155)
2022-06-01 10:07:12 -07:00
enforcePrincipalDomain: ${AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN:-false}
[Backend] Websocket implementation added (#5440) * [Backend] Websocket implementation added * [Backend] Websocket implementation added [google formatter fix] * [backend] Updated Reiew Comments * [backend] Updated CheckStyle
2022-06-15 10:14:47 +05:30
enableSecureSocketConnection : ${AUTHORIZER_ENABLE_SECURE_SOCKET:-false}
Inherit sso roles (#15903) * Use Roles from Provider * Add Cache For Roles From Users * Fix Failing Test * Revert secrets Update Impl to use loggedInUser and CreateUser for Role assignment and resync * Revert Expiry check
2024-04-18 20:46:04 +05:30
useRolesFromProvider: ${AUTHORIZER_USE_ROLES_FROM_PROVIDER:-false}
Fix #2807: Merge openmetadata.yaml and openmetadata-server.yaml (#2808) Co-authored-by: darth-coder00 <aashit@getcollate.io>
2022-02-28 05:34:39 -08:00
authenticationConfiguration:
Using Backend for Oidc Flow (#15557) * - Initial Draft of Using Backend for Oidc Flow * - Review Comments * - Add Session Handler * - Add Nonce Validation * Typo * support backend auth flow from client side * Add Refresh Logic * Remove oidc Config from /auth * Auth Logout Handling * Add Refresh as separate endpoint * return empty on no refresh token * support refresh token and logout * fix route issues * fix path issues * Redirect to Logout on know session * fix store issues * exclude logout api from domain filter --------- Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com>
2024-03-19 17:15:30 +05:30
clientType: ${AUTHENTICATION_CLIENT_TYPE:-public}
feat(ui): login via email and password - Basic auth (#7558) * feat(ui): login via email and password - Basic auth * create admin users * update basic auth * create user on bootstrap * update basic auth flow * fix lint * update basic auth ui forms * update error messages * fix cypress tests * Added private key /public key in conf Default invitation for invited users on bootstrapping user with invitation mail Added self/signup flags , handled login scenarios around it On migration persisting previous user auth mechanism also handled * Missing fixes * Move self signup to config Co-authored-by: mohitdeuex <mohit.y@deuexsolutions.com>
2022-09-23 16:05:54 +05:30
provider: ${AUTHENTICATION_PROVIDER:-basic}
Add `code` flow Configuration (#14026)
2023-11-20 08:44:13 +05:30
# This is used by auth provider provide response as either id_token or code
responseType: ${AUTHENTICATION_RESPONSE_TYPE:-id_token}
Enable custom oidc provider name env override. (#4642)
2022-05-03 11:08:11 +05:30
# This will only be valid when provider type specified is customOidc
providerName: ${CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME:-""}
10041 Part1 - Refactor and clean up System APIs (#10042) * 10041 Part1 - Refactor and clean up System APIs * Update the config resource endpoint url
2023-02-03 16:25:40 -08:00
publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]}
Fix #2807: Merge openmetadata.yaml and openmetadata-server.yaml (#2808) Co-authored-by: darth-coder00 <aashit@getcollate.io>
2022-02-28 05:34:39 -08:00
authority: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com}
clientId: ${AUTHENTICATION_CLIENT_ID:-""}
callbackUrl: ${AUTHENTICATION_CALLBACK_URL:-""}
Backend: Enforce principal domain in the JWT filter (#5155)
2022-06-01 10:07:12 -07:00
jwtPrincipalClaims: ${AUTHENTICATION_JWT_PRINCIPAL_CLAIMS:-[email,preferred_username,sub]}
[Issue-16642] Add Claim Mapping to uniquely identifty username and email from claims (#16643) * - Add Claim Mapping to uniquely identift username and email from claims * - Null Check * - Add field to yaml * - Fix issue with token being null * - Auth Code Flow Fix * support jwtPrincipleClaimMapping from UI --------- Co-authored-by: Chira Madlani <chirag@getcollate.io>
2024-06-19 13:13:09 +05:30
jwtPrincipalClaimsMapping: ${AUTHENTICATION_JWT_PRINCIPAL_CLAIMS_MAPPING:-[]}
feat(ui): login via email and password - Basic auth (#7558) * feat(ui): login via email and password - Basic auth * create admin users * update basic auth * create user on bootstrap * update basic auth flow * fix lint * update basic auth ui forms * update error messages * fix cypress tests * Added private key /public key in conf Default invitation for invited users on bootstrapping user with invitation mail Added self/signup flags , handled login scenarios around it On migration persisting previous user auth mechanism also handled * Missing fixes * Move self signup to config Co-authored-by: mohitdeuex <mohit.y@deuexsolutions.com>
2022-09-23 16:05:54 +05:30
enableSelfSignup : ${AUTHENTICATION_ENABLE_SELF_SIGNUP:-true}
Using Backend for Oidc Flow (#15557) * - Initial Draft of Using Backend for Oidc Flow * - Review Comments * - Add Session Handler * - Add Nonce Validation * Typo * support backend auth flow from client side * Add Refresh Logic * Remove oidc Config from /auth * Auth Logout Handling * Add Refresh as separate endpoint * return empty on no refresh token * support refresh token and logout * fix route issues * fix path issues * Redirect to Logout on know session * fix store issues * exclude logout api from domain filter --------- Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com>
2024-03-19 17:15:30 +05:30
oidcConfiguration:
id: ${OIDC_CLIENT_ID:-""}
type: ${OIDC_TYPE:-""} # google, azure etc.
secret: ${OIDC_CLIENT_SECRET:-""}
scope: ${OIDC_SCOPE:-"openid email profile"}
discoveryUri: ${OIDC_DISCOVERY_URI:-""}
useNonce: ${OIDC_USE_NONCE:-true}
preferredJwsAlgorithm: ${OIDC_PREFERRED_JWS:-"RS256"}
responseType: ${OIDC_RESPONSE_TYPE:-"code"}
disablePkce: ${OIDC_DISABLE_PKCE:-true}
callbackUrl: ${OIDC_CALLBACK:-"http://localhost:8585/callback"}
serverUrl: ${OIDC_SERVER_URL:-"http://localhost:8585"}
clientAuthenticationMethod: ${OIDC_CLIENT_AUTH_METHOD:-"client_secret_post"}
- Add docker vars (#15619) - Modified Azure refresh token logic
2024-03-20 11:47:25 +05:30
tenant: ${OIDC_TENANT:-""}
maxClockSkew: ${OIDC_MAX_CLOCK_SKEW:-""}
Centralize OIDC Flow to handler, and refresh logic (#17082) * Centralize OIDC Flow to handler, and refresh logic * Remove forced condition * Return on success
2024-07-18 23:53:50 +05:30
tokenValidity: ${OIDC_OM_REFRESH_TOKEN_VALIDITY:-"3600"} # in seconds
- Remove default {} from openemtadata.yaml
2024-03-20 13:52:25 +05:30
customParams: ${OIDC_CUSTOM_PARAMS:-}
SAML feature (#10669) * Added Saml Feature * add localization * fix tests * added collate copyright * remove thread.getType * fixed keystore issues and updated review comments * remove private key getter * update test saml config * update test saml config * Update openmetadata-service/src/main/java/org/openmetadata/service/security/saml/OMMicrometerHttpFilter.java Co-authored-by: Nahuel <nahuel@getcollate.io> * review comments --------- Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com> Co-authored-by: Nahuel <nahuel@getcollate.io>
2023-03-24 21:56:49 +05:30
samlConfiguration:
debugMode: ${SAML_DEBUG_MODE:-false}
idp:
entityId: ${SAML_IDP_ENTITY_ID:-""}
ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-""}
idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""}
authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"}
nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress"}
sp:
entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"}
acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"}
spX509Certificate: ${SAML_SP_CERTIFICATE:-""}
Update SAML to have signed Messages (#17415) * Update SAML to have signed Messages * test fix
2024-08-13 11:38:37 +05:30
spPrivateKey: ${SAML_SP_PRIVATE_KEY:-""}
SAML feature (#10669) * Added Saml Feature * add localization * fix tests * added collate copyright * remove thread.getType * fixed keystore issues and updated review comments * remove private key getter * update test saml config * update test saml config * Update openmetadata-service/src/main/java/org/openmetadata/service/security/saml/OMMicrometerHttpFilter.java Co-authored-by: Nahuel <nahuel@getcollate.io> * review comments --------- Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com> Co-authored-by: Nahuel <nahuel@getcollate.io>
2023-03-24 21:56:49 +05:30
callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"}
security:
strictMode: ${SAML_STRICT_MODE:-false}
Update SAML to have signed Messages (#17415) * Update SAML to have signed Messages * test fix
2024-08-13 11:38:37 +05:30
validateXml: ${SAML_VALIDATE_XML:-false}
SAML feature (#10669) * Added Saml Feature * add localization * fix tests * added collate copyright * remove thread.getType * fixed keystore issues and updated review comments * remove private key getter * update test saml config * update test saml config * Update openmetadata-service/src/main/java/org/openmetadata/service/security/saml/OMMicrometerHttpFilter.java Co-authored-by: Nahuel <nahuel@getcollate.io> * review comments --------- Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com> Co-authored-by: Nahuel <nahuel@getcollate.io>
2023-03-24 21:56:49 +05:30
tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"}
sendEncryptedNameId: ${SAML_SEND_ENCRYPTED_NAME_ID:-false}
sendSignedAuthRequest: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false}
signSpMetadata: ${SAML_SIGNED_SP_METADATA:-false}
wantMessagesSigned: ${SAML_WANT_MESSAGE_SIGNED:-false}
wantAssertionsSigned: ${SAML_WANT_ASSERTION_SIGNED:-false}
wantAssertionEncrypted: ${SAML_WANT_ASSERTION_ENCRYPTED:-false}
keyStoreFilePath: ${SAML_KEYSTORE_FILE_PATH:-""}
keyStoreAlias: ${SAML_KEYSTORE_ALIAS:-""}
keyStorePassword: ${SAML_KEYSTORE_PASSWORD:-""}
Fixed#10211: Enable LDAP configuration to be configured via environment variable (#10252) * Fixed#10211: Enable LDAP configuration to be configured via environment variable * Fixed#10211: Enable LDAP configuration to be configured via environment variable
2023-02-22 12:53:24 +05:30
ldapConfiguration:
host: ${AUTHENTICATION_LDAP_HOST:-}
port: ${AUTHENTICATION_LDAP_PORT:-}
dnAdminPrincipal: ${AUTHENTICATION_LOOKUP_ADMIN_DN:-""}
dnAdminPassword: ${AUTHENTICATION_LOOKUP_ADMIN_PWD:-""}
userBaseDN: ${AUTHENTICATION_USER_LOOKUP_BASEDN:-""}
Allow user login using username and reassign roles based on users' ldap groups when login (#14550) * Allow users to login with their user name in LDAP mode, and assign roles to user according to their LDAP group while login * Fix #12503: Ldap feature: Allow user login using username and reassign roles based on users' ldap groups when login --------- Co-authored-by: wentian <zb-wentian@kingmed.com.cn> Co-authored-by: EricWent <135603556+EricWent@users.noreply.github.com>
2024-01-04 21:16:07 -08:00
groupBaseDN: ${AUTHENTICATION_GROUP_LOOKUP_BASEDN:-""}
roleAdminName: ${AUTHENTICATION_USER_ROLE_ADMIN_NAME:-}
allAttributeName: ${AUTHENTICATION_USER_ALL_ATTR:-}
Fixed#10211: Enable LDAP configuration to be configured via environment variable (#10252) * Fixed#10211: Enable LDAP configuration to be configured via environment variable * Fixed#10211: Enable LDAP configuration to be configured via environment variable
2023-02-22 12:53:24 +05:30
mailAttributeName: ${AUTHENTICATION_USER_MAIL_ATTR:-}
Allow user login using username and reassign roles based on users' ldap groups when login (#14550) * Allow users to login with their user name in LDAP mode, and assign roles to user according to their LDAP group while login * Fix #12503: Ldap feature: Allow user login using username and reassign roles based on users' ldap groups when login --------- Co-authored-by: wentian <zb-wentian@kingmed.com.cn> Co-authored-by: EricWent <135603556+EricWent@users.noreply.github.com>
2024-01-04 21:16:07 -08:00
usernameAttributeName: ${AUTHENTICATION_USER_NAME_ATTR:-}
groupAttributeName: ${AUTHENTICATION_USER_GROUP_ATTR:-}
groupAttributeValue: ${AUTHENTICATION_USER_GROUP_ATTR_VALUE:-}
groupMemberAttributeName: ${AUTHENTICATION_USER_GROUP_MEMBER_ATTR:-}
#the mapping of roles to LDAP groups
authRolesMapping: ${AUTH_ROLES_MAPPING:-""}
authReassignRoles: ${AUTH_REASSIGN_ROLES:-[]}
Fixed#10211: Enable LDAP configuration to be configured via environment variable (#10252) * Fixed#10211: Enable LDAP configuration to be configured via environment variable * Fixed#10211: Enable LDAP configuration to be configured via environment variable
2023-02-22 12:53:24 +05:30
#optional
maxPoolSize: ${AUTHENTICATION_LDAP_POOL_SIZE:-3}
sslEnabled: ${AUTHENTICATION_LDAP_SSL_ENABLED:-}
truststoreConfigType: ${AUTHENTICATION_LDAP_TRUSTSTORE_TYPE:-TrustAll}
trustStoreConfig:
customTrustManagerConfig:
trustStoreFilePath: ${AUTHENTICATION_LDAP_TRUSTSTORE_PATH:-}
trustStoreFilePassword: ${AUTHENTICATION_LDAP_KEYSTORE_PASSWORD:-}
trustStoreFileFormat: ${AUTHENTICATION_LDAP_SSL_KEY_FORMAT:-}
verifyHostname: ${AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST:-}
examineValidityDates: ${AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES:-}
hostNameConfig:
allowWildCards: ${AUTHENTICATION_LDAP_ALLOW_WILDCARDS:-}
acceptableHostNames: ${AUTHENTICATION_LDAP_ALLOWED_HOSTNAMES:-[]}
jvmDefaultConfig:
verifyHostname: ${AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST:-}
trustAllConfig:
examineValidityDates: ${AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES:-true}
Fix #2807: Merge openmetadata.yaml and openmetadata-server.yaml (#2808) Co-authored-by: darth-coder00 <aashit@getcollate.io>
2022-02-28 05:34:39 -08:00
Fix #4637: Support JWT Token generation for bot accounts (#4647) * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts
2022-05-05 03:02:33 -07:00
jwtTokenConfiguration:
feat(ui): login via email and password - Basic auth (#7558) * feat(ui): login via email and password - Basic auth * create admin users * update basic auth * create user on bootstrap * update basic auth flow * fix lint * update basic auth ui forms * update error messages * fix cypress tests * Added private key /public key in conf Default invitation for invited users on bootstrapping user with invitation mail Added self/signup flags , handled login scenarios around it On migration persisting previous user auth mechanism also handled * Missing fixes * Move self signup to config Co-authored-by: mohitdeuex <mohit.y@deuexsolutions.com>
2022-09-23 16:05:54 +05:30
rsapublicKeyFilePath: ${RSA_PUBLIC_KEY_FILE_PATH:-"./conf/public_key.der"}
rsaprivateKeyFilePath: ${RSA_PRIVATE_KEY_FILE_PATH:-"./conf/private_key.der"}
Fix #4637: Support JWT Token generation for bot accounts (#4647) * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts * Fix #4637: Support JWT Token generation for bot accounts
2022-05-05 03:02:33 -07:00
jwtissuer: ${JWT_ISSUER:-"open-metadata.org"}
keyId: ${JWT_KEY_ID:-"Gb389a-9f76-gdjs-a92j-0242bk94356"}
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
elasticsearch:
changed enum from Elastic/Open Search to elastic/open search (#12237)
2023-06-30 08:43:49 +05:30
searchType: ${SEARCH_TYPE:- "elasticsearch"}
Added env for airflow and elasticsearch (#2381)
2022-01-24 21:44:57 +05:30
host: ${ELASTICSEARCH_HOST:-localhost}
port: ${ELASTICSEARCH_PORT:-9200}
scheme: ${ELASTICSEARCH_SCHEME:-http}
Fix #2807: Merge openmetadata.yaml and openmetadata-server.yaml (#2808) Co-authored-by: darth-coder00 <aashit@getcollate.io>
2022-02-28 05:34:39 -08:00
username: ${ELASTICSEARCH_USER:-""}
password: ${ELASTICSEARCH_PASSWORD:-""}
fix domain propagation apiCollection -> apiEndpoint, remove default cluster alias, catch exceptions while counting the docs for reindex (#17516) * Minor: fix domain propagation apiCollection -> apiEndpoint, remove default cluster alias, catch exceptions while counting the docs for reindex * Minor: fix mlModelService domain propagation * Minor: optimize owner update
2024-08-21 06:33:46 -07:00
clusterAlias: ${ELASTICSEARCH_CLUSTER_ALIAS:-""}
Fix #2807: Merge openmetadata.yaml and openmetadata-server.yaml (#2808) Co-authored-by: darth-coder00 <aashit@getcollate.io>
2022-02-28 05:34:39 -08:00
truststorePath: ${ELASTICSEARCH_TRUST_STORE_PATH:-""}
truststorePassword: ${ELASTICSEARCH_TRUST_STORE_PASSWORD:-""}
connectionTimeoutSecs: ${ELASTICSEARCH_CONNECTION_TIMEOUT_SECS:-5}
socketTimeoutSecs: ${ELASTICSEARCH_SOCKET_TIMEOUT_SECS:-60}
Add ES RestHighLevelClient TCP keep alive timeout (#11731) * Add RestHighLevelClient TCP keep alive timeout * Merge RestHighLevelClient configs
2023-05-29 01:10:46 +08:00
keepAliveTimeoutSecs: ${ELASTICSEARCH_KEEP_ALIVE_TIMEOUT_SECS:-600}
Change Default Value of Batch Size and Payload Size (#17391)
2024-08-12 11:18:18 +05:30
batchSize: ${ELASTICSEARCH_BATCH_SIZE:-100}
payLoadSize: ${ELASTICSEARCH_PAYLOAD_BYTES_SIZE:-10485760} #max payLoadSize in Bytes
Added Index Factory Config (#14950) * Index Factory Config * CI handling * checkstyle
2024-02-01 19:50:51 +05:30
searchIndexMappingLanguage : ${ELASTICSEARCH_INDEX_MAPPING_LANG:-EN}
searchIndexFactoryClassName : org.openmetadata.service.search.SearchIndexFactory
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
Update webanalytics prometheus metrics (#9939) * feature: added web analytic events handler * feature: exclude web analytic events from audit logger * empty commit to re-run CI
2023-01-27 15:51:53 +01:00
eventMonitoringConfiguration:
eventMonitor: ${EVENT_MONITOR:-prometheus} # Possible values are "prometheus", "cloudwatch"
batchSize: ${EVENT_MONITOR_BATCH_SIZE:-10}
Fixed#10565: Make Prometheus Mappings Configurable (#10671) * Fixed#10565: Make Prometheus Mappings Configurable * Fixed#10565: Make Prometheus Mappings Configurable * Fixed#10565: Make Prometheus Mappings Configurable * Addressing comments and fixed nullpointer in tests * Fixed#10565: Make Prometheus Mappings Configurable * Addressing comments * Fixing tests
2023-03-28 12:51:52 +05:30
pathPattern: ${EVENT_MONITOR_PATH_PATTERN:-["/api/v1/tables/*", "/api/v1/health-check"]}
MINOR - Reconfigure app metrics (#15460) * MINOR - Reconfigure app metrics * Format
2024-03-07 15:19:21 +01:00
latency: ${EVENT_MONITOR_LATENCY:-[0.99, 0.90]} # For value p99=0.99, p90=0.90, p50=0.50 etc.
Fix #8571 - Log IngestionPipeline status change to CloudWatch (#9013) * Prep monitoring skeleton * Fix naming * Push Ingestion Pipeline status to cloudwatch * Review comments and tests * import * Remove singleton object * Format
2022-11-28 17:45:18 +01:00
# it will use the default auth provider for AWS services if parameters are not set
# parameters:
# region: ${OM_MONITOR_REGION:-""}
# accessKeyId: ${OM_MONITOR_ACCESS_KEY_ID:-""}
# secretAccessKey: ${OM_MONITOR_ACCESS_KEY:-""}
Add event handler configuration and make it optional
2021-08-11 14:54:13 -07:00
eventHandlerConfiguration:
eventHandlerClassNames:
Fix #7469: Refactor OpenMetadata code modules (#7474)
2022-09-14 23:14:02 -07:00
- "org.openmetadata.service.events.AuditEventHandler"
- "org.openmetadata.service.events.ChangeEventHandler"
Add event handler configuration and make it optional
2021-08-11 14:54:13 -07:00
Group airflowConfiguration into pipelineService config (#10120) Group airflowConfiguration into pipelineService config (#10120)
2023-02-07 16:30:42 +01:00
pipelineServiceClientConfiguration:
Register Ingestion pipelines just from YAML (#13501) * Register Ingestion pipelines just from YAML * Format
2023-10-10 07:04:04 +02:00
enabled: ${PIPELINE_SERVICE_CLIENT_ENABLED:-true}
Group airflowConfiguration into pipelineService config (#10120) Group airflowConfiguration into pipelineService config (#10120)
2023-02-07 16:30:42 +01:00
# If we don't need this, set "org.openmetadata.service.clients.pipeline.noop.NoopClient"
className: ${PIPELINE_SERVICE_CLIENT_CLASS_NAME:-"org.openmetadata.service.clients.pipeline.airflow.AirflowRESTClient"}
apiEndpoint: ${PIPELINE_SERVICE_CLIENT_ENDPOINT:-http://localhost:8080}
Revert Metadata API endpoint for pipeline (#14525)
2023-12-29 14:09:20 +05:30
metadataApiEndpoint: ${SERVER_HOST_API_URL:-http://localhost:8585/api}
Add ingestionIpInfoEnabled configuration (#10870) * Add ingestionIpInfoEnabled configuration * Format * hide ip address if api response if not 200 * removing dependancy on ip-modal and checking default state * updated status code for ip to 204 to check default state * fixed failing cypress --------- Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com> Co-authored-by: Shailesh Parmar <shailesh.parmar.webdev@gmail.com>
2023-04-06 16:27:07 +02:00
ingestionIpInfoEnabled: ${PIPELINE_SERVICE_IP_INFO_ENABLED:-false}
Group airflowConfiguration into pipelineService config (#10120) Group airflowConfiguration into pipelineService config (#10120)
2023-02-07 16:30:42 +01:00
hostIp: ${PIPELINE_SERVICE_CLIENT_HOST_IP:-""}
Add Pipeline Service Status Job to publish to Prometheus (#12046) * Add Pipeline Service Status Job to publish to Prometheus * Add Pipeline Service Status Job to publish to Prometheus * Add config for health check interval
2023-06-22 06:53:56 +02:00
healthCheckInterval: ${PIPELINE_SERVICE_CLIENT_HEALTH_CHECK_INTERVAL:-300}
Centralize SSL Schemas & Add SSL for Airflow REST (#11363)
2023-05-08 21:05:10 +02:00
# This SSL information is about the OpenMetadata server.
# It will be picked up from the pipelineServiceClient to use/ignore SSL when connecting to the OpenMetadata server.
Group airflowConfiguration into pipelineService config (#10120) Group airflowConfiguration into pipelineService config (#10120)
2023-02-07 16:30:42 +01:00
verifySSL: ${PIPELINE_SERVICE_CLIENT_VERIFY_SSL:-"no-ssl"} # Possible values are "no-ssl", "ignore", "validate"
Fix #7165 - Handle SSL certificates on ometa client (#7502) Fix #7165 - Handle SSL certificates on ometa client (#7502)
2022-09-16 09:39:27 +02:00
sslConfig:
Centralize SSL Schemas & Add SSL for Airflow REST (#11363)
2023-05-08 21:05:10 +02:00
certificatePath: ${PIPELINE_SERVICE_CLIENT_SSL_CERT_PATH:-""} # Local path for the Pipeline Service Client
Group airflowConfiguration into pipelineService config (#10120) Group airflowConfiguration into pipelineService config (#10120)
2023-02-07 16:30:42 +01:00
Fix #11548 - Secrets Managers comms with OMeta (#11602) * Remove secretsManagerCredentials from backend * Remove secretsManagerCredentials from backend * Add secrets manager loader * Load SM in the ometa client * Fix tests * Fix tests * Fix Lint * Mock AWS region --------- Co-authored-by: Ayush Shah <ayush@getcollate.io>
2023-05-19 09:43:11 +02:00
# Secrets Manager Loader: specify to the Ingestion Framework how to load the SM credentials from its env
# Supported: noop, airflow, env
secretsManagerLoader: ${PIPELINE_SERVICE_CLIENT_SECRETS_MANAGER_LOADER:-"noop"}
Group airflowConfiguration into pipelineService config (#10120) Group airflowConfiguration into pipelineService config (#10120)
2023-02-07 16:30:42 +01:00
# Default required parameters for Airflow as Pipeline Service Client
parameters:
username: ${AIRFLOW_USERNAME:-admin}
password: ${AIRFLOW_PASSWORD:-admin}
timeout: ${AIRFLOW_TIMEOUT:-10}
Centralize SSL Schemas & Add SSL for Airflow REST (#11363)
2023-05-08 21:05:10 +02:00
# If we need to use SSL to reach Airflow
truststorePath: ${AIRFLOW_TRUST_STORE_PATH:-""}
truststorePassword: ${AIRFLOW_TRUST_STORE_PASSWORD:-""}
Fix #4071: PUT IngestionPipeline missing property & error message (#4085) Fix #4071: PUT IngestionPipeline missing property & error message (#4085)
2022-04-12 23:40:21 -07:00
See #2486. Implement encryption at rest (#2488) * See #2486. Add fernet Java library to encrypt DatabaseService.DatabaseConnection.password * Add support for rotation. * Add support for CLI to rotate the key. * The fernet key can be null. No encryption will be done. * Add FernetConfiguration * Add env variable for Fernet. * Convert base64 to base64url * Decrypt (admin or bot) or nullify tokens for all methods including ListVersions and GetVersion * Fix test with owner USER to handle null in DatabaseConnection
2022-02-08 09:50:39 +01:00
# no_encryption_at_rest is the default value, and it does what it says. Please read the manual on how
# to secure your instance of OpenMetadata with TLS and encryption at rest.
fernetConfiguration:
Add fernet back (#6063)
2022-07-13 14:03:46 +02:00
fernetKey: ${FERNET_KEY:-jJ/9sz0g0OHxsfxOoSfdFdmk3ysNmPRnH3TUAbz3IHA=}
See #2486. Implement encryption at rest (#2488) * See #2486. Add fernet Java library to encrypt DatabaseService.DatabaseConnection.password * Add support for rotation. * Add support for CLI to rotate the key. * The fernet key can be null. No encryption will be done. * Add FernetConfiguration * Add env variable for Fernet. * Convert base64 to base64url * Decrypt (admin or bot) or nullify tokens for all methods including ListVersions and GetVersion * Fix test with owner USER to handle null in DatabaseConnection
2022-02-08 09:50:39 +01:00
Fix #5915: Implementation of AWS Secret Manager (#5925) * Implement Secrets Manager abstraction + refactor service repositories * Rename secrets manager factory method for consistency * Fix typo in openmetadata conf yaml file * Bump version * Fix SonarCloud code smells * Add secrets manager provider as an Enum + send it in the server configuration in the ingestion pipeline * Apply suggestions from code review Co-authored-by: Vivek Ratnavel Subramanian <vivekratnavel90@gmail.com> * Change secret manager implementations to be singleton Co-authored-by: Vivek Ratnavel Subramanian <vivekratnavel90@gmail.com>
2022-07-13 20:49:27 +02:00
secretsManagerConfiguration:
Fixes 9875: supporting gcp secret manager (#16505) * Split ExternalSecretsManagerTest to new ExternalSecretsManagerTest and AWSBasedSecretsManagerTest * implement SecretsManagerFactory to create GCPSecretsManager * implement GCPSecretsManager * implements gcp secret manager. * Fix it for the GCP's rule. * create a template of GCP * fix compile error * implements to use project_id * add library for the google cloud secret manager * add test code for using google credential in the docker container * modify docker-compose.yml for GCP * add google_crc32c module * modify ways to get project id * create a new docker-compose.yml for Google Cloud * create a new document * create compose file for gcp secret manager * fix invalid styles and formats * downgrade google library to avoid conflicting protoc versions
2024-06-29 13:09:02 +09:00
secretsManager: ${SECRET_MANAGER:-db} # Possible values are "db", "managed-aws","aws", "managed-aws-ssm", "aws-ssm", "managed-azure-kv", "azure-kv", "in-memory", "gcp"
#14340 & #13849 - Clean secret ID and improve encrypt/decrypt exception management (#14356) * Fix supported characters in SM * Update SM * Fixes * Fixes * Improve class conversion exceptions * Comments * Rename noop to db secrets manager providee * Update sm * Fix * db SM * db SM * Fix test * UI * Update openmetadata-ui/src/main/resources/ui/src/mocks/IngestionListTable.mock.ts * update default
2023-12-18 06:43:20 +01:00
prefix: ${SECRET_MANAGER_PREFIX:-""} # Define the secret key ID as /<prefix>/<clusterName>/<key>
#13985 - Azure KV Secrets Manager (#15192) * #13985 - Azure KV Secrets Manager * Format * #13985 - Azure KV Secrets Manager * #13985 - Azure KV Secrets Manager * Simplify credentials loading * Simplify credentials loading * Simplify credentials loading
2024-02-20 07:18:35 +01:00
tags: ${SECRET_MANAGER_TAGS:-[]} # Add tags to the created resource. Format is `[key1:value1,key2:value2,...]`
Fix#5919: Implementation of migration process when a Secrets Manager is configured (#6584) * Implementation of migration process when a Secrets Manager is configured * Update conf/openmetadata.yaml * Address PR comments * Minor change in SQL statment in CollectionDAO * Address Sonar security hotspot issue
2022-08-09 16:11:57 +02:00
# it will use the default auth provider for the secrets' manager service if parameters are not set
Minor fixes related to Secrets Manager implementation (#7046) * Minor fixes related to Secrets Manager implementation * Fix failing test
2022-08-31 14:14:55 +02:00
parameters:
#13985 - Azure KV Secrets Manager (#15192) * #13985 - Azure KV Secrets Manager * Format * #13985 - Azure KV Secrets Manager * #13985 - Azure KV Secrets Manager * Simplify credentials loading * Simplify credentials loading * Simplify credentials loading
2024-02-20 07:18:35 +01:00
## For AWS
Minor fixes related to Secrets Manager implementation (#7046) * Minor fixes related to Secrets Manager implementation * Fix failing test
2022-08-31 14:14:55 +02:00
region: ${OM_SM_REGION:-""}
accessKeyId: ${OM_SM_ACCESS_KEY_ID:-""}
secretAccessKey: ${OM_SM_ACCESS_KEY:-""}
#13985 - Azure KV Secrets Manager (#15192) * #13985 - Azure KV Secrets Manager * Format * #13985 - Azure KV Secrets Manager * #13985 - Azure KV Secrets Manager * Simplify credentials loading * Simplify credentials loading * Simplify credentials loading
2024-02-20 07:18:35 +01:00
## For Azure Key Vault
clientId: ${OM_SM_CLIENT_ID:-""}
clientSecret: ${OM_SM_CLIENT_SECRET:-""}
tenantId: ${OM_SM_TENANT_ID:-""}
vaultName: ${OM_SM_VAULT_NAME:-""}
Fixes 9875: supporting gcp secret manager (#16505) * Split ExternalSecretsManagerTest to new ExternalSecretsManagerTest and AWSBasedSecretsManagerTest * implement SecretsManagerFactory to create GCPSecretsManager * implement GCPSecretsManager * implements gcp secret manager. * Fix it for the GCP's rule. * create a template of GCP * fix compile error * implements to use project_id * add library for the google cloud secret manager * add test code for using google credential in the docker container * modify docker-compose.yml for GCP * add google_crc32c module * modify ways to get project id * create a new docker-compose.yml for Google Cloud * create a new document * create compose file for gcp secret manager * fix invalid styles and formats * downgrade google library to avoid conflicting protoc versions
2024-06-29 13:09:02 +09:00
## For GCP
projectId: ${OM_SM_PROJECT_ID:-""}
Fix #5915: Implementation of AWS Secret Manager (#5925) * Implement Secrets Manager abstraction + refactor service repositories * Rename secrets manager factory method for consistency * Fix typo in openmetadata conf yaml file * Bump version * Fix SonarCloud code smells * Add secrets manager provider as an Enum + send it in the server configuration in the ingestion pipeline * Apply suggestions from code review Co-authored-by: Vivek Ratnavel Subramanian <vivekratnavel90@gmail.com> * Change secret manager implementations to be singleton Co-authored-by: Vivek Ratnavel Subramanian <vivekratnavel90@gmail.com>
2022-07-13 20:49:27 +02:00
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
health:
delayedShutdownHandlerEnabled: true
shutdownWaitPeriod: 1s
healthChecks:
Fix #1607 Operational metrics for OpenMetadata system observability (#4386) Co-authored-by: Akash-Jain <Akash.J@deuexsolutions.com>
2022-05-27 03:09:13 -07:00
- name: OpenMetadataServerHealthCheck
OpenMetadata snapshot release 0.3
2021-08-01 14:27:44 -07:00
critical: true
schedule:
checkInterval: 2500ms
downtimeInterval: 10s
failureAttempts: 2
successAttempts: 1
Add ENV variable support for sandbox mode enabled config (#3687)
2022-03-25 17:23:07 -07:00
[BasicAuth] Added Basic Authentication (#7390) * Fixed issue with testCases not posted in slack * Return empty string in case of faling to build url * [BasicAuth] Added Basic Authentication APIs * [BasicAuth] Checkstyle * [BasicAuth] Test yaml updated * [BasicAuth] Update review comments * [BasicAuth] Refresh logic added * [BasicAuth] Add sql updates * [BasicAuth] Maintain dependency version in main pom.xml * [BasicAuth] Updated as per new module * [BasicAuth] Fixes for refresh and missing edge scenario handled * [BasicAuth] remove quotes * [BasicAuth] Fix merge conflicts
2022-09-19 11:38:45 +05:30
email:
emailingEntity: ${OM_EMAIL_ENTITY:-"OpenMetadata"}
supportUrl: ${OM_SUPPORT_URL:-"https://slack.open-metadata.org"}
enableSmtpServer : ${AUTHORIZER_ENABLE_SMTP:-false}
Fix Email Issues (#13962) * - Added Unauthenticated Server Emails - Removed redundant OM_URI - Add Test Email in SystemResources * remove default port * remove fernet
2023-11-14 09:04:53 +05:30
openMetadataUrl: ${OPENMETADATA_SERVER_URL:-"http://localhost:8585"}
[Email] Added explicit senderMail in configuration (#8126) * [Email] Added explicit senderMail in configuration * Fix failing tests Co-authored-by: Ayush Shah <ayush@getcollate.io>
2022-10-13 18:24:32 +05:30
senderMail: ${OPENMETADATA_SMTP_SENDER_MAIL:-""}
[BasicAuth] Added Basic Authentication (#7390) * Fixed issue with testCases not posted in slack * Return empty string in case of faling to build url * [BasicAuth] Added Basic Authentication APIs * [BasicAuth] Checkstyle * [BasicAuth] Test yaml updated * [BasicAuth] Update review comments * [BasicAuth] Refresh logic added * [BasicAuth] Add sql updates * [BasicAuth] Maintain dependency version in main pom.xml * [BasicAuth] Updated as per new module * [BasicAuth] Fixes for refresh and missing edge scenario handled * [BasicAuth] remove quotes * [BasicAuth] Fix merge conflicts
2022-09-19 11:38:45 +05:30
serverEndpoint: ${SMTP_SERVER_ENDPOINT:-""}
serverPort: ${SMTP_SERVER_PORT:-""}
username: ${SMTP_SERVER_USERNAME:-""}
password: ${SMTP_SERVER_PWD:-""}
transportationStrategy: ${SMTP_SERVER_STRATEGY:-"SMTP_TLS"}
Fetch templates for collate and oss. (#17254) * fetch template for oss and collate. * migrations.
2024-08-01 14:31:36 +05:30
templates: ${TEMPLATES:-"openmetadata"}
[BasicAuth] Added Basic Authentication (#7390) * Fixed issue with testCases not posted in slack * Return empty string in case of faling to build url * [BasicAuth] Added Basic Authentication APIs * [BasicAuth] Checkstyle * [BasicAuth] Test yaml updated * [BasicAuth] Update review comments * [BasicAuth] Refresh logic added * [BasicAuth] Add sql updates * [BasicAuth] Maintain dependency version in main pom.xml * [BasicAuth] Updated as per new module * [BasicAuth] Fixes for refresh and missing edge scenario handled * [BasicAuth] remove quotes * [BasicAuth] Fix merge conflicts
2022-09-19 11:38:45 +05:30
Pluggable API/Features Limits (#16782) * Limits * Limits * - Mismatched Types * Update Limits config response * Update Limits feature response * Limits * Limits * - Mismatched Types * Update Limits config response * Update Limits feature response * Limits: add entity resource enforcer * Limits: fix rebase * update limits enforcement * Add OperationContext to limits * chore: Bump versions to `1.4.0` * chore: Bump Ingestion Versions to `1.4.0.1` for Release * chore: Bump Ingestion Versions to `1.4.0.1` in Dockerfiles for Release * Remove Retry From Abstract Event Consumer (#16405) (cherry picked from commit f8ed079731cc238dc136306fe018c5df35dd2f3b) * Fix Migrations: Add postgres migrations (#16403) (cherry picked from commit 9416a7ac5fa8fd9695063b108501790d813e8e6e) * Add Null Check for isAdmin (#16407) * Remove Retry From Abstract Event Consumer * - Add Check for null Or Empty in isAdmin * - Fix Test (cherry picked from commit fe2db2d63c5495b6c288d4252a19ab77481b6de0) * Fix OpenLineage ingestor (#16416) * Fix OpenLineage ingestor * py format --------- Co-authored-by: ulixius9 <mayursingal9@gmail.com> * Minor: added whats new for 1.4.1 (#16420) * Minor: added whats new for 1.4.1 * added note in to whats new * Fix SSL issue (#16412) * chore: Bump Versions for `1.4.1` Release * chore(release): Prepare Branch for `1.4.2` * [MINOR] partition migration issue with redshift servics (#16452) * fix: partition migration issue with redshift servics * chore: typo in sql comment (cherry picked from commit 451d73593e813151c24f2c1d17efb3dcdebb71c8) * minor(ui): update what's new for 1.4.2 (#16457) (cherry picked from commit d55981adfd2321de706e4a043828bb473a4b05f1) * fix: ingestion for dbt > 1.8.0 resource_type is not an enum (#16415) * fix: resource_type is not an enum * feat: add log to display finis * improve readability * use getattr to be compatible * format * Add Cache Query Param for Limits * Only Parse view query (#16470) * add limit check during user creation via PUT * add limit check during user creation via PUT * MINOR: Kafka Setup SSL Arg Fix (#16469) * Fix#16404 - Show Node level lineage by default (#16445) * default to node layer * update cypress * code cleanup * fix cypress (cherry picked from commit f0cda8464f34a21f45f18fa557e980fb2f105d8e) * Invalidate count of data asset after hard delete. add limit exception to ingestion client * - Remove Change Description from Lineage (#16488) (cherry picked from commit 9e5c5529a84dfc781382b3a3b6abd80ee41f11f5) * - Non Indexable fields should be remvoed at the end (#16499) (cherry picked from commit f0b0f7a9426ca601d3bfee3989d4ce47e732a7af) * fix announcement not redirect from landing page (#16506) * fix announcement not redirect from landing page * minor changes * change in cypress test (cherry picked from commit ee7cddd169a3a1fb1e598e80035c2fc15a5a129b) * Fix Schema Field Null Issue (#16510) (cherry picked from commit 022772943f1b33f6230cb35547d1da6acfaf6cfa) * feat(ui): limits integration with application (#16206) * feat(ui): limits integration with application * support pipelineSchedules via limit api * enforce limit to all the modules * update banner styling * update * support disable option for ManageButton * limit version * fix spotlight * update tests * Add name and version history to resource limits Refactor the getEntityIcon function and add new icon mappings * limit version * hide access token tab * fix version for all the entity * fix tests * fix DQ tests * Add fallback for the icon * Revert the fallback icon changes * Apply the limit to the add ingestion button in the service details page * Fix the data quality tab add test button not working * fix banner styling * minor fix * Fix ingestion component unit test * Add InlineAlert component * update entityNameLabels mapping object * Fix the incorrect link in LimitBanner * update pricing page url * Create the GlobalSettingsClassBase * Update URLs for pricing page and upgrade options * fix global settings uncaught error * add parameters to the resource limit API * implement inline alerts for service and alert creation form * update PRIVILEGES for docker * fix layout issues * fix tests --------- Co-authored-by: Aniket Katkar <aniketkatkar97@gmail.com> * Add token limitations * Add token limitations * Add appType as part of schema in ingestion pipeline (#16519) * #16489: fix the redirect issue to new tab for tags and glossary (#16512) * fix the redirect issue to new tab for tags and glossary * fix the redirect on cancel icon and unit test issue * changes as per comments (cherry picked from commit 8d312f0853609cfef260739cf789d459838a3421) * Fix #16229 - Tag and Service filters for test cases (#16484) * fix: added test case support for tags (inherit from table/column)]" * feat: add tag and service filter for test cases * feat: add tier query param * fix: tests (cherry picked from commit 6b00dde90285924445567ee7c396c89f0fcf3f1d) * fix: None type is not iterable (#16496) (cherry picked from commit 656da03b14ca24171cf7924b9dd33663e6bed423) * minor(ui): refresh token for OIDC SSO (#16483) * minor(ui): refresh token for OIDC SSO * remove frame window timeout issue * increase iFrame timeout for oidc (cherry picked from commit 1a6c4c972052836a9b3cfa273b7ea1aa3202eafe) * feat(ui): support tag & tier filter for test case (#16502) * feat(ui): support tag & tier filter for test case * fix tag filter * allow single select for tier * added service name filter * update cypress for tags, tier & service * add specific add for filters * fix tier api call (cherry picked from commit 5b71d79e8ac2d08a154882dfe71b9b3a0f73bffc) * minor: sanitize activity feed editor content (#16533) * Add appType as part of schema in ingestion pipeline (#16519) * Fixed quicksight conn (#16537) * fix: saml auth for new user not created (#16543) * fix: saml auth for new user not created * doc: add comment * Fix#16491 - fix lineage edge description update (#16538) * fix lineage edge description update * fix tests (cherry picked from commit dff0aa8dbedcd4064ad63765cadda65bb998772e) * CYPRESS: fix announcement cypress (#16536) * fix announcement cypress * changes as per comments * fix the cypress failure (cherry picked from commit fcb87b5866ba06aa7a6db516677e311c24053db7) * [MINOR] Fix Test Failure for EventRegistration * [MINOR] Fix Test Failure for EventRegistration * [MINOR] Fix Test Failure for EventRegistration [MINOR] Fix Test Failure for EventRegistration * Fix Event Handlers registration Issue (#16544) * Fix Event Handlers Issue * Review Comments (cherry picked from commit d374e48b7938e8ad3514dc5cf8dff619a12595e3) * [MINOR] Fix Test Failure for EventRegistration (cherry picked from commit 4563ad4fd10f9790c21fe744d8fc131ebd028ac8) * Fix Topic Schema missing messageSchema (#16545) (cherry picked from commit b612dd90c07f564d38392b1ccfe0de1505a4867b) * Add limits exception cache in rest client * MINOR: Ignore Cluster Information from columns (#16495) * minor: improve the block editor initial content history (#16540) * Minor: fixed data quality page type issue (#16556) * #16521: fix issue in userProfilePage for roles. teams and displayName (#16527) * fix update on roles and backlink them in user profile page * fix teams, displayName and profile pic issue * sonar fix * fix cypress issue * minor changes (cherry picked from commit 98945cb2db87ebb325d3a72131f049abffcba345) * Empty quick filters (#16402) * initial commit for empty quick filters * update progress * fix field title * cleanup * add tests * unit tests * fix encoding of search query * add cypress tests * add cypress * fix flaky cypress * fix review comments * revert tooltip changes * fix tests * fix tests (cherry picked from commit 5930cd7a7a4bef73f6850848c85118eb64843e2d) * Fix #16278 : Search to display Draft glossaryTerms on Explore page (#16462) * Fix #16278 : Search to display Draft glossaryTerms as well on Explore page * add term status quick filter * change aggregation key for status field * change aggregation key for status field * add lowercase_normalizer in status filed for aggregate api * add cypress tests * fix cypress --------- Co-authored-by: karanh37 <karanh37@gmail.com> Co-authored-by: Karan Hotchandani <33024356+karanh37@users.noreply.github.com> (cherry picked from commit ae5e9d61cc9e6a39d65972987de9149a421395b1) * [FIX] GlossaryTerm reviewers should be user or team only (#16372) * add teams as reviewer * Check Users to be reviewers * Reviewers can be a team or user * Fix check by id or name * Review can be team or user both * Validate Reviewers * add multi select control * - Fix Reviewers * - Centralize Reviewer Relationship to EntityRepository * - Sort * add team as reviewer for glossary terms * locales * cleanup * - Update Reviewer should remove existing reviewers * fix selectable owner control * fix code smells * fix reviewer issue * add glossary cypress * fix patch issue on reviewers set to null * update cypress tests * fix cypress * fix cypress * fix reviewers in glossary task and supported cypress * fix pytest * Fix * fix cypress * fix code smells * Inherited Reviewers need to be present always * filter out inherited users * fix cypress * fix backend tests failure * fix backend tests failure -checkstyle * restrict owner to accept task in case of reviewer present * fix pytest --------- Co-authored-by: karanh37 <karanh37@gmail.com> Co-authored-by: Pere Miquel Brull <peremiquelbrull@gmail.com> Co-authored-by: Karan Hotchandani <33024356+karanh37@users.noreply.github.com> Co-authored-by: Ashish Gupta <ashish@getcollate.io> Co-authored-by: ulixius9 <mayursingal9@gmail.com> Co-authored-by: sonikashah <sonikashah94@gmail.com> (cherry picked from commit 9ec3d94e3b8445e63a7d77239c92c92a32536bf2) * Add testSuite tags, domain field and check for TestCase limits * fix owner not showing after refersh in teams page (#16567) (cherry picked from commit 119fcf8959732a980b75e1f795a9f2dc5288cd27) * [ISSUE-16503] Fix createUser to use EntityResource (#16549) * Fix createUser to use EntityResource * fix broken tests * Fix Tests - 3 (cherry picked from commit aeb020ae3b0cbab3a2ee5995c61480cdd1eae405) * what's new for 1.4.2 (#16568) (cherry picked from commit c86468d9929e433922886852381269b46d69c832) * address feedbacks * fix error for bots page * update banner text * allow force fetch limit * fix ingestion schedule * Revert "Merge branch '1.4.2' into limits" This reverts commit 8e965207a23ba527d0f5ba91463c1869077bf091, reversing changes made to 4d16531965fb0d489a4afdebd45ab5b7f3d1eb5c. * Merge 1.4.2 (#16578) * fix explore page conflicts * fix tests --------- Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com> Co-authored-by: Chira Madlani <chirag@getcollate.io> * fix subheader * Updating glossary reviewers should propagate reviewers in glossary term (#16580) * highlight inherited reviewer in glossary * locales * use glossary name for search query * fix glossary version cypress * add union datatype for subfields * Adding reviewer to glossary also adds them as an assignee to the task * add glossary approval cypress --------- Co-authored-by: sonikashah <sonikashah94@gmail.com> (cherry picked from commit 4c8bf1cac14074df87dafe7a719e2795b0a29895) * Update documentation for Search Index apis (#16539) (cherry picked from commit d3123c49143652015c416d271d9fd0f9cfa9e324) * cypress: fixed flakiness and announcment cypress (#16579) * fetch latest limit for create / delete operations * guard datAsset limit got topic, dashboard, mlmodel etc * Fix: Ensure correct index mapping in Elasticsearch for clusterAlias (#16589) * Fix: Ensure correct index mapping in Elasticsearch for clusterAlias * Fix: Ensure correct index mapping in Elasticsearch for clusterAlias (cherry picked from commit 8723b8c36afe31410c31d1ebbdafe7b1770921fa) * cypress: fixed cypress AUT for mysql (#16446) * cypress: fixed cypress AUT for mysql * minor fix * skip announcment redirection cypress * Minor: Ensure correct index mapping in Elasticsearch for clusterAlias (#16598) (cherry picked from commit 04543722a6f6e2b1eaf7a451ebb1c176862bc346) * Fix Postgres Application listing (#16600) * Fix Postgres Application listing * Fix Listing (cherry picked from commit 77dfe1f6af53d187ff7a61fdb1e1416de7178f5a) * fix limit related issue * Fix Automations limits invalidation during the uninstall * cypress: fixed 1.4.2 AUT cypress (#16602) * cypress: fixed 1.4.2 AUT cypress * fix cypress around announcement,user,glossary, lineage and mydata * searchIndexApplication fix and minor changes --------- Co-authored-by: Ashish Gupta <ashish@getcollate.io> * test: add updateJWTTokenExpiryTime util (#16606) (cherry picked from commit 8c173bed6a279cb0a648bd30632ea6ebdf4a2a90) * OSS changes for adding automator cypress tests (#16611) * Fix Test Suite Filter (#16615) Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com> (cherry picked from commit 3db41f08e27f388495040e5b23cc7bee5ae665f1) * MINOR: Fix Profiler for SSL Enabled Source (#16613) * Add Test Suite SSL (#16619) * MINOR: Fix ssl connection in usage & lineage (#16625) * Fix owner notification (#16629) * - Fix Task notification not getting sent to owners * - Fix Task notification not getting sent to owners (cherry picked from commit cc2d581eb0524604b6dcf0523e9ca96e0b8a6ce3) * chore(release): Prepare Branch for `1.4.3` * - Fix User Signup (#16667) (cherry picked from commit b4cba8a850ecd7a25aeff6ca7dea0dc432d43d86) * - Fix User Signup - p2 (cherry picked from commit d9ae6f6db9891f8e9bf7ad49c561a71dd50103da) * - Update What's new (#16669) - fix vulnerability (cherry picked from commit 1dcb1bd46f9da49764f4c61a7ac5048dd2fa956b) * Minor: Fix incorrect alert on signup page (#16666) * Fix Application enforceLimits during install * Wrap the add test button with limits wrapper for column profile tab * fix errors * fix tests * fix pylint * fix tests * fix limits * pylint * fix schedule options * fix glossary spec failure * Add domain & tags to testSuite * Update airflow-apis-tests-3_9.yml --------- Co-authored-by: mohitdeuex <mohit.y@deuexsolutions.com> Co-authored-by: Chira Madlani <chirag@getcollate.io> Co-authored-by: Pablo Takara <pjt1991@gmail.com> Co-authored-by: Akash-Jain <15995028+akash-jain-10@users.noreply.github.com> Co-authored-by: Mohit Yadav <105265192+mohityadav766@users.noreply.github.com> Co-authored-by: Ayush Shah <ayush@getcollate.io> Co-authored-by: Maxim Martynov <martinov_m_s_@mail.ru> Co-authored-by: ulixius9 <mayursingal9@gmail.com> Co-authored-by: Shailesh Parmar <shailesh.parmar.webdev@gmail.com> Co-authored-by: Teddy <teddy.crepineau@gmail.com> Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com> Co-authored-by: Antoine Balliet <antoine.balliet@gorgias.com> Co-authored-by: Suman Maharana <sumanmaharana786@gmail.com> Co-authored-by: Karan Hotchandani <33024356+karanh37@users.noreply.github.com> Co-authored-by: Ashish Gupta <ashish@getcollate.io> Co-authored-by: Aniket Katkar <aniketkatkar97@gmail.com> Co-authored-by: Sachin Chaurasiya <sachinchaurasiyachotey87@gmail.com> Co-authored-by: Onkar Ravgan <onkar.10r@gmail.com> Co-authored-by: Pere Miquel Brull <peremiquelbrull@gmail.com> Co-authored-by: Mayur Singal <39544459+ulixius9@users.noreply.github.com> Co-authored-by: sonika-shah <58761340+sonika-shah@users.noreply.github.com> Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2024-07-01 14:59:25 +05:30
limits:
enable: ${LIMITS_ENABLED:-false}
className: ${LIMITS_CLASS_NAME:-"org.openmetadata.service.limits.DefaultLimits"}
limitsConfigFile: ${LIMITS_CONFIG_FILE:-""}
Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Cont… (#10809) * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc.. * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc..
2023-04-05 07:50:12 -07:00
web:
Add Env for WebConfiguration and options available for response headers (#12474)
2023-07-18 14:25:04 +05:30
uriPath: ${WEB_CONF_URI_PATH:-"/api"}
Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Cont… (#10809) * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc.. * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc..
2023-04-05 07:50:12 -07:00
hsts:
Add Env for WebConfiguration and options available for response headers (#12474)
2023-07-18 14:25:04 +05:30
enabled: ${WEB_CONF_HSTS_ENABLED:-false}
maxAge: ${WEB_CONF_HSTS_MAX_AGE:-"365 days"}
includeSubDomains: ${WEB_CONF_HSTS_INCLUDE_SUBDOMAINS:-"true"}
preload: ${WEB_CONF_HSTS_PRELOAD:-"true"}
Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Cont… (#10809) * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc.. * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc..
2023-04-05 07:50:12 -07:00
frame-options:
Add Env for WebConfiguration and options available for response headers (#12474)
2023-07-18 14:25:04 +05:30
enabled: ${WEB_CONF_FRAME_OPTION_ENABLED:-false}
option: ${WEB_CONF_FRAME_OPTION:-"SAMEORIGIN"}
origin: ${WEB_CONF_FRAME_ORIGIN:-""}
Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Cont… (#10809) * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc.. * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc..
2023-04-05 07:50:12 -07:00
content-type-options:
Add Env for WebConfiguration and options available for response headers (#12474)
2023-07-18 14:25:04 +05:30
enabled: ${WEB_CONF_CONTENT_TYPE_OPTIONS_ENABLED:-false}
Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Cont… (#10809) * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc.. * Fix #10808: Add configuration to enable HSTS, X-Frame-Options, X-Content-Type-Options etc..
2023-04-05 07:50:12 -07:00
xss-protection:
Add Env for WebConfiguration and options available for response headers (#12474)
2023-07-18 14:25:04 +05:30
enabled: ${WEB_CONF_XSS_PROTECTION_ENABLED:-false}
on: ${WEB_CONF_XSS_PROTECTION_ON:-true}
block: ${WEB_CONF_XSS_PROTECTION_BLOCK:-true}
csp:
enabled: ${WEB_CONF_XSS_CSP_ENABLED:-false}
policy: ${WEB_CONF_XSS_CSP_POLICY:-"default-src 'self'"}
reportOnlyPolicy: ${WEB_CONF_XSS_CSP_REPORT_ONLY_POLICY:-""}
[SecurityHeaders] Fixed issue with Security Headers (#12921)
2023-08-18 17:48:17 +05:30
referrer-policy:
enabled: ${WEB_CONF_REFERRER_POLICY_ENABLED:-false}
option: ${WEB_CONF_REFERRER_POLICY_OPTION:-"SAME_ORIGIN"}
permission-policy:
enabled: ${WEB_CONF_PERMISSION_POLICY_ENABLED:-false}
option: ${WEB_CONF_PERMISSION_POLICY_OPTION:-""}
Security Fixes for Headers and Input Sanitisation (#16712) * - Security Fixes * Fix Vulnerability * Fix Vulnerability
2024-06-19 12:31:09 +05:30
cache-control: ${WEB_CONF_CACHE_CONTROL:-""}
pragma: ${WEB_CONF_PRAGMA:-""}
Reference in New Issue Copy Permalink