mirror of
https://github.com/open-metadata/OpenMetadata.git
synced 2025-12-31 17:37:50 +00:00
195 lines
6.5 KiB
YAML
195 lines
6.5 KiB
YAML
# Copyright 2021 Collate
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
swagger:
|
|
resourcePackage: org.openmetadata.catalog.resources
|
|
|
|
|
|
server:
|
|
rootPath: '/api/*'
|
|
applicationConnectors:
|
|
- type: http
|
|
port: ${SERVER_PORT:-8585}
|
|
adminConnectors:
|
|
- type: http
|
|
port: ${SERVER_ADMIN_PORT:-8586}
|
|
|
|
# Above configuration for running http is fine for dev and testing.
|
|
# For production setup, where UI app will hit apis through DPS it
|
|
# is strongly recommended to run https instead. Note that only
|
|
# keyStorePath and keyStorePassword are mandatory properties. Values
|
|
# for other properties are defaults
|
|
#server:
|
|
#applicationConnectors:
|
|
# - type: https
|
|
# port: 8585
|
|
# keyStorePath: ./conf/keystore.jks
|
|
# keyStorePassword: changeit
|
|
# keyStoreType: JKS
|
|
# keyStoreProvider:
|
|
# trustStorePath: /path/to/file
|
|
# trustStorePassword: changeit
|
|
# trustStoreType: JKS
|
|
# trustStoreProvider:
|
|
# keyManagerPassword: changeit
|
|
# needClientAuth: false
|
|
# wantClientAuth:
|
|
# certAlias: <alias>
|
|
# crlPath: /path/to/file
|
|
# enableCRLDP: false
|
|
# enableOCSP: false
|
|
# maxCertPathLength: (unlimited)
|
|
# ocspResponderUrl: (none)
|
|
# jceProvider: (none)
|
|
# validateCerts: true
|
|
# validatePeers: true
|
|
# supportedProtocols: SSLv3
|
|
# supportedCipherSuites: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
|
# allowRenegotiation: true
|
|
# endpointIdentificationAlgorithm: (none)
|
|
|
|
#adminConnectors:
|
|
# - type: https
|
|
# port: 8586
|
|
# keyStorePath: ./conf/keystore.jks
|
|
# keyStorePassword: changeit
|
|
# keyStoreType: JKS
|
|
# keyStoreProvider:
|
|
# trustStorePath: /path/to/file
|
|
# trustStorePassword: changeit
|
|
# trustStoreType: JKS
|
|
# trustStoreProvider:
|
|
# keyManagerPassword: changeit
|
|
# needClientAuth: false
|
|
# wantClientAuth:
|
|
# certAlias: <alias>
|
|
# crlPath: /path/to/file
|
|
# enableCRLDP: false
|
|
# enableOCSP: false
|
|
# maxCertPathLength: (unlimited)
|
|
# ocspResponderUrl: (none)
|
|
# jceProvider: (none)
|
|
# validateCerts: true
|
|
# validatePeers: true
|
|
# supportedProtocols: SSLv3
|
|
# supportedCipherSuites: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
|
# allowRenegotiation: true
|
|
# endpointIdentificationAlgorithm: (none)
|
|
|
|
# Logging settings.
|
|
# https://logback.qos.ch/manual/layouts.html#conversionWord
|
|
logging:
|
|
level: INFO
|
|
loggers:
|
|
org.openmetadata.catalog.common: DEBUG
|
|
io.swagger: ERROR
|
|
appenders:
|
|
- type: file
|
|
threshold: TRACE
|
|
logFormat: "%level [%d{HH:mm:ss.SSS}] [%t] %logger{5} - %msg %n"
|
|
currentLogFilename: ./logs/openmetadata.log
|
|
archivedLogFilenamePattern: ./logs/openmetadata-%d{yyyy-MM-dd}-%i.log.gz
|
|
archivedFileCount: 7
|
|
timeZone: UTC
|
|
maxFileSize: 50MB
|
|
|
|
database:
|
|
# the name of the JDBC driver, mysql in our case
|
|
driverClass: com.mysql.cj.jdbc.Driver
|
|
# the username and password
|
|
user: ${MYSQL_USER:-openmetadata_user}
|
|
password: ${MYSQL_USER_PASSWORD:-openmetadata_password}
|
|
# the JDBC URL; the database is called openmetadata_db
|
|
url: jdbc:mysql://${MYSQL_HOST:-localhost}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-openmetadata_db}?allowPublicKeyRetrieval=true&useSSL=false&serverTimezone=UTC
|
|
|
|
migrationConfiguration:
|
|
path: "./bootstrap/sql/mysql"
|
|
|
|
# Authorizer Configuration
|
|
authorizerConfiguration:
|
|
className: ${AUTHORIZER_CLASS_NAME:-org.openmetadata.catalog.security.NoopAuthorizer}
|
|
containerRequestFilter: ${AUTHORIZER_REQUEST_FILTER:-org.openmetadata.catalog.security.NoopFilter}
|
|
adminPrincipals:
|
|
- ${AUTHORIZER_ADMIN_PRINCIPALS:-admin}
|
|
botPrincipals:
|
|
- ${AUTHORIZER_INGESTION_PRINCIPAL:-ingestion-bot}
|
|
principalDomain: ${AUTHORIZER_PRINCIPAL_DOMAIN:-""}
|
|
|
|
authenticationConfiguration:
|
|
provider: ${AUTHENTICATION_PROVIDER:-no-auth}
|
|
publicKeyUrls:
|
|
- ${AUTHENTICATION_PUBLIC_KEY:-https://www.googleapis.com/oauth2/v3/certs}
|
|
authority: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com}
|
|
clientId: ${AUTHENTICATION_CLIENT_ID:-""}
|
|
callbackUrl: ${AUTHENTICATION_CALLBACK_URL:-""}
|
|
|
|
elasticsearch:
|
|
host: ${ELASTICSEARCH_HOST:-localhost}
|
|
port: ${ELASTICSEARCH_PORT:-9200}
|
|
scheme: ${ELASTICSEARCH_SCHEME:-http}
|
|
username: ${ELASTICSEARCH_USER:-""}
|
|
password: ${ELASTICSEARCH_PASSWORD:-""}
|
|
truststorePath: ${ELASTICSEARCH_TRUST_STORE_PATH:-""}
|
|
truststorePassword: ${ELASTICSEARCH_TRUST_STORE_PASSWORD:-""}
|
|
connectionTimeoutSecs: ${ELASTICSEARCH_CONNECTION_TIMEOUT_SECS:-5}
|
|
socketTimeoutSecs: ${ELASTICSEARCH_SOCKET_TIMEOUT_SECS:-60}
|
|
batchSize: ${ELASTICSEARCH_BATCH_SIZE:-10}
|
|
|
|
eventHandlerConfiguration:
|
|
eventHandlerClassNames:
|
|
- "org.openmetadata.catalog.events.AuditEventHandler"
|
|
- "org.openmetadata.catalog.events.ChangeEventHandler"
|
|
|
|
airflowConfiguration:
|
|
apiEndpoint: http://${AIRFLOW_HOST:-localhost}:${AIRFLOW_PORT:-8080}
|
|
username: ${AIRFLOW_USERNAME:-admin}
|
|
password: ${AIRFLOW_PASSWORD:-admin}
|
|
metadataApiEndpoint: http://${SERVER_HOST:-localhost}:${SERVER_PORT:-8585}/api
|
|
authProvider: "no-auth"
|
|
|
|
slackEventPublishers:
|
|
- name: "slack events"
|
|
webhookUrl: "slackIncomingWebhook URL"
|
|
openMetadataUrl: http://${SERVER_HOST:-localhost}:${SERVER_PORT:-8585}
|
|
filters:
|
|
- eventType: "entityCreated"
|
|
entities:
|
|
- "*"
|
|
- eventType: "entityUpdated"
|
|
entities:
|
|
- "*"
|
|
- eventType: "entitySoftDeleted"
|
|
entities:
|
|
- "*"
|
|
- eventType: "entityDeleted"
|
|
entities:
|
|
- "*"
|
|
|
|
# no_encryption_at_rest is the default value, and it does what it says. Please read the manual on how
|
|
# to secure your instance of OpenMetadata with TLS and encryption at rest.
|
|
fernetConfiguration:
|
|
fernetKey: ${FERNET_KEY:-no_encryption_at_rest}
|
|
|
|
health:
|
|
delayedShutdownHandlerEnabled: true
|
|
shutdownWaitPeriod: 1s
|
|
healthCheckUrlPaths: ["/api/v1/health-check"]
|
|
healthChecks:
|
|
- name: UserDatabaseCheck
|
|
critical: true
|
|
schedule:
|
|
checkInterval: 2500ms
|
|
downtimeInterval: 10s
|
|
failureAttempts: 2
|
|
successAttempts: 1
|
|
|
|
sandboxModeEnabled: ${SANDBOX_MODE_ENABLED:-false}
|