-
Notifications
You must be signed in to change notification settings - Fork 7
/
.env.sample
97 lines (75 loc) · 3.28 KB
/
.env.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# Sample environment for FIDC config management
#####################################################
# Basic config #
#####################################################
# Base URL of tenant
TENANT_BASE_URL=https://openam-demo.forgeblocks.com
# Proxy server to use for HTTP requests
#HTTP_PROXY_SERVER=https://proxy.local:8443
# Directory to write configuration data to
CONFIG_DIR=identity-cloud-config
# Realms to pull config from
REALMS=["alpha","bravo"]
# Script prefixes - only pull scripts with matching names
SCRIPT_PREFIXES=["acme-corp-","custom-"]
# Service account ID
SERVICE_ACCOUNT_ID=d9d3922b-0e77-4589-b86e-1a1446712fdf
# System wide OAuth2 client ID for service account
SERVICE_ACCOUNT_CLIENT_ID=service-account
# Scope to request for service account access
SERVICE_ACCOUNT_SCOPE=fr:idm:* fr:am:* fr:idc:esv:*
# SERVICE_ACCOUNT_KEY - either JWK or PEM private key
SERVICE_ACCOUNT_KEY='{
"kty": "RSA",
"n": "gRtjwICtIC...nwLehh-kEg7ARITmrBO0iAjFU",
"e": "AQAB",
"d": "WfQZdmCxP0...X7i-hyfrl8zmPD4uE3qfo96Gk",
"p": "04YyuClFD0...9uKHUQBqfQcVQNsWWab7Pox5w",
"q": "nEDirTjo_i...gaeDXBM3cBOMhwnjCdfiN7AYw",
"dp": "yr0ime88e...YE_xQMs0RffnAA29o1pwD6iWw",
"dq": "AnNyGs19u...30fFY7hZckScO7IIAauFPOJiQ",
"qi": "gDGal7lIc...i331JFnbKbkhzZ3TsWWsBzTRA"
}'
#####################################################
# Safety catches #
#####################################################
# Readonly tenant - set to true to prevent push (specific to fr-config-push)
TENANT_READONLY=false
# Only allow push for named config
PUSH_NAMED_ONLY=false
# Allowed push commands
#ALLOWED_PUSH_COMMANDS=["endpoints", "test"]
#####################################################
# Miscellaneous #
#####################################################
ACTIVE_ONLY_SECRETS=true
#RAW_CONFIG=pull-config/raw-config.json
#####################################################
# Dynamic config #
#####################################################
# OAuth2 agents
#OAUTH2_AGENTS_CONFIG=pull-config/oauth2-agents.json
# Authorisation policy sets
#AUTHZ_POLICY_SETS_CONFIG=pull-config/policy-sets.json
# System users
#SERVICE_OBJECTS_CONFIG=pull-config/service-objects.json
# CSP overrides
#CSP_OVERRIDES=pull-config/csp-overrides.json
#####################################################
# Promotion config #
#####################################################
TENANT_ENV_UPPER_FQDN=https://openam-demo-staging.forgeblocks.com
SERVICE_ACCOUNT_UPPER_CLIENT_ID=service-account
SERVICE_ACCOUNT_UPPER_ID=34a09375-efa3-4b98-b849-.....
SERVICE_ACCOUNT_UPPER_KEY='{
"d": "BjHnTd4i0GseOFRyQeQYH4...",
"dp": "lmoD-TRn4K5A09UD133V_kND...",
"dq": "IzxPZVsGCf5z4C0tDoxEuXfJ....",
"e": "AQAB",
"kty": "RSA",
"n": "yvKw81LRjfjJm1_b9Min2E_pVQc0udG_sNTxWsLEHdLRjl64l0x6PEdt5pYprfgmTg05lOopEKly18Umt7RfRuNQfAkDopD....",
"p": "6Naye30I2lkNmX67Morm8vP9k_Im09bNEcp7OTiwbwSb3FY3QI-3alDUgrTD4dI4F6WAghybs-1b2pb7eyCuG01uMyVofPzMq-WwTPK9R.....",
"q": "3yLR9O2ntxahfyXaWAvBtNzRqHoz0gIsNUA1Eb753TjV3hEYQvPZyy6_hrEr0ClHdpuLaZxCXP6DeU8Ny....",
"qi": "JCylU0r58aXJo6vWIkaVxhTmEcLDYJUE..."
}'
SERVICE_ACCOUNT_PROMOTION_SCOPE=fr:idc:promotion:*