Applying config updates for 3.184.2

Preamble

This section describes mandatory parameters the end users need to add to their configuration before upgrading to 3.185.0 release. Ideally, you need to update these parameters on 3.184.x release.

ALLURE_CRYPTO_PASSWORD (allure.crypto.password)

To satisfy our clients requirements for secure storage of the secrets in the database we’ve made a parameter called ALLURE_CRYPTO_PASSWORD (for packages it will be allure.crypto.password) a mandatory one.

Starting from the release 3.185.0 this parameter will be required to start Allure TestOps. This means the absence of this parameter in the configuration will lead to the application’s process termination.

We’re using AES-256-CBC to encrypt the data, and to ensure max security it’s advised using at least 64 characters in the passphrase.

There are two steps for implementing this parameter:

  1. Configuration update
  2. Triggering an API command to apply encryption to existing secrets.

Configuration update

ALLURE_CRYPTO_PASSWORD configuration parameter needs to be added to both - report and uaa services.

Deployment via docker-compose

  report:
    <snip>
    environment:
      # DB securty ALLURE_CRYPTO_PASSWORD value needs to be updated
      ALLURE_CRYPTO_PASSWORD: <64 symbols to encrypt the sensitive information>
      <snip>

  uaa:
    <snip>
    environment:
      # DB securty ALLURE_CRYPTO_PASSWORD value needs to be updated
      ALLURE_CRYPTO_PASSWORD: <64 symbols to encrypt the sensitive information>
      <snip>

Deployment via Kubernetes

values.yaml is to be updated as follows:

version: 3.184.3
uaa:
  <snip>
  env:
    open:
    <snip>
    secret:
      ALLURE_CRYPTO_PASSWORD: <64 symbols to encrypt the sensitive information>
    <snip>
      
report:
  <snip>
  env:
    open:
    <snip>
    secret:
      ALLURE_CRYPTO_PASSWORD: <64 symbols to encrypt the sensitive information>
    <snip>

Deployment via packages

  1. Add the following to the content of /opt/allure-ee/report/conf/allure-report.properties file:
allure.crypto.password=<add here 64 characters string>
  1. Add the following to the content of /opt/allure-ee/uaa/conf/allure-uaa.properties file:
allure.crypto.password=<add here 64 characters string>

Triggering API to encrypt existing secrets

After you’ve updated the configuration and successfully started Allure TestOps with the updated configuration, you need to proceed to the page with Allure TestOps’ API description ALLURE_URL/swagger-ui.html:

  1. Locate credentials-controller section
  2. Locate /api/rs/credentials/encrypt command
  3. Expand the command and click Try it out
  4. Click Execute

ALLURE_ENDPOINT (allure.endpoint)

ALLURE_ENDPOINT is the parameter providing the information about URL of Allure TestOps. Its value is used by Allure TestOps to provide the references to itself for integration purposes.

Updating the configuration

Deployment via docker-compose

  report:
    <snip>
    environment:
      # endpoint mandatory parameter
      ALLURE_ENDPOINT: https://<URL>:port
      <snip>

  uaa:
    <snip>
    environment:
      # endpoint mandatory parameter
      ALLURE_ENDPOINT: https://<URL>:port

Deployment via Kubernetes

values.yaml is to be updated as follows:

version: 3.184.3
uaa:
  <snip>
  env:
    open:
    ALLURE_ENDPOINT: https://<URL>:port
    <snip>
      
report:
  <snip>
  env:
    open:
    ALLURE_ENDPOINT: https://<URL>:port
    <snip>

Deployment via packages

  1. Add the following to the content of /opt/allure-ee/report/conf/allure-report.properties file:
allure.endpoint=https://<URL>:port
  1. Add the following to the content of /opt/allure-ee/uaa/conf/allure-uaa.properties file:
allure.endpoint=https://<URL>:port