api: version: 1 logging: config: classpath:logback.xml level: io: jaegertracing: DEBUG # lets listen on all ports to ensure we can be invoked from the pod ip address # contextPath: /api/v${api.version}/* server: address: 0.0.0.0 port: 8080 # ============================================= # spring configurations # --------------------------------------------- spring: application: name: ${OPENSHIFT_APP_NAME:product-api} jpa: # log generated sql database-platform: org.hibernate.dialect.H2Dialect properties: hibernate: show_sql: true use_sql_comments: true format_sql: true type: trace hibernate: ddl-auto: create-drop h2: # http://localhost:8080/h2-console # connection url: jdbc:h2:mem:testdb console: enabled: true path: /h2-console settings: trace: false web-allow-others: false jackson: # JACKSON (JacksonProperties) # Date format string or a fully-qualified date format class name #spring.jackson.date-format=yyyy-MM-dd'T'HH:mm:ss.SSSZ serialization: write_dates_as_timestamps: true # ============================================= # spring security configurations # --------------------------------------------- rest: security: enabled: true api-matcher: /api/v1/** cors: allowed-origins: '*' allowed-headers: '*' allowed-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS max-age: 3600 issuer-uri: ${OPENSHIFT_REST_SECURITY_ISSUER_URI:https://sso73.apps.arekkusu.io/auth/realms/3scale-api} security: oauth2: resource: # ---------------------------------------------------------------------------------------------------- # This API is a microservice that does not handle login negotiation! It is a bear-only API # access-type: bear-only # (this is the API that will be registered on RHSSO) # ---------------------------------------------------------------------------------------------------- id: ${OPENSHIFT_SECURITY_OAUTH2_RESOURCE:product_api} token-info-uri: ${rest.security.issuer-uri}/protocol/openid-connect/token/introspect user-info-uri: ${rest.security.issuer-uri}/protocol/openid-connect/userinfo jwt: key-value: ${OPENSHIFT_SECURITY_OAUTH2_PUBLIC_KEY:"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv18ZNpCtYUBFLaK/Ak1HLok1w3I+a/zm9qDyu903IRBd9FYzmZCGEKWJnhUAN8+T9OWqDHSkoe9MChP1dyTQi9gVp7IEv2MnEQTNCmBzGBN86XR2G1NDjELK0O8myuUdjimULAy2zNPX8ikF5Zzat47OtHSs2GLPxtqRqpS3QAmPaeI2R7NKxM7co8UmYbylpxZVO/PL05s3oJL2euKePbcUIXHPiH7b2epF5Ywe1ln8QpG3KnOjxSCFpobPDdBl82Rbby+XfTwzE+ixojspQJbdjEQKWCdgxrP/SUSLC6swva+Dq9ewelwyiSQQ1Y/ZkC2g833vNzp5goKGXkD0ywIDAQAB\n-----END PUBLIC KEY-----"} # ---------------------------------------------------------------------------------------------------- # Uncomment the following com.microservices.apigateway.security.configuration if this API will consume another APIs (as a com.microservices.apigateway.security.service account) # To allow this, this microservice must handle login negotiation. Change its access-type: # access-type: confidential # The RHSSO will provide a client-secret, so use it here. # PS. Remember to provide the proper roles to this client in com.microservices.apigateway.security.service account tab. # ---------------------------------------------------------------------------------------------------- # To access another secured micro-com.microservices.apigateway.security.service #client: #client-id: product_api #client-secret: 25c33006-e1b9-4fc2-a6b9-c43dbc41ecd0 #user-authorization-uri: ${rest.security.issuer-uri}/protocol/openid-connect/auth #access-token-uri: ${rest.security.issuer-uri}/protocol/openid-connect/token #scope: openid #grant-type: client_credentials # ============================================= # spring actuator configurations # --------------------------------------------- management: endpoint: metrics: enabled: true prometheus: enabled: true # if you want to change the default prometheus endpoint, just change the 'id' to another value. id: prometheus endpoints: web: exposure: include: ["*"] metrics: export: prometheus: enabled: true # ============================================= # opentracing configurations # --------------------------------------------- opentracing: jaeger: enabled: true enable-b3-propagation: true log-spans: true const-sampler: decision: true http-sender: url: http://jaeger-collector:14268/api/traces jaeger.tracer: host: ${OPENSHIFT_JAEGER_HOST:jaeger-agent.microservices.svc} port: 6831