2021-12-01 07:16:28 +00:00
|
|
|
# Copyright 2021 Collate
|
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
|
# You may obtain a copy of the License at
|
2021-10-09 17:58:33 +00:00
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
|
# limitations under the License.
|
|
|
|
|
|
2025-01-09 10:04:07 +00:00
|
|
|
version: "3.9"
|
|
|
|
|
volumes:
|
|
|
|
|
ingestion-volume-dag-airflow:
|
|
|
|
|
ingestion-volume-dags:
|
|
|
|
|
ingestion-volume-tmp:
|
|
|
|
|
es-data:
|
|
|
|
|
services:
|
|
|
|
|
mysql:
|
|
|
|
|
build:
|
|
|
|
|
context: ../../.
|
|
|
|
|
dockerfile: docker/mysql/Dockerfile_mysql
|
|
|
|
|
command: "--sort_buffer_size=10M"
|
|
|
|
|
container_name: openmetadata_mysql
|
|
|
|
|
restart: always
|
|
|
|
|
depends_on:
|
|
|
|
|
- elasticsearch
|
|
|
|
|
environment:
|
|
|
|
|
MYSQL_ROOT_PASSWORD: password
|
|
|
|
|
expose:
|
|
|
|
|
- 3306
|
|
|
|
|
ports:
|
|
|
|
|
- "3306:3306"
|
|
|
|
|
networks:
|
|
|
|
|
- local_app_net
|
|
|
|
|
healthcheck:
|
|
|
|
|
test: mysql --user=root --password=$$MYSQL_ROOT_PASSWORD --silent --execute "use openmetadata_db"
|
|
|
|
|
interval: 15s
|
|
|
|
|
timeout: 10s
|
|
|
|
|
retries: 10
|
|
|
|
|
volumes:
|
|
|
|
|
- ./docker-volume/db-data:/var/lib/mysql
|
|
|
|
|
|
|
|
|
|
elasticsearch:
|
2026-02-07 13:24:13 +00:00
|
|
|
image: docker.elastic.co/elasticsearch/elasticsearch:9.3.0
|
2025-01-09 10:04:07 +00:00
|
|
|
container_name: openmetadata_elasticsearch
|
|
|
|
|
environment:
|
|
|
|
|
- discovery.type=single-node
|
Fix column filtering on Lineage (#25353)
* Fix Column Filtering and add path preserve
* Preserve only column with matching filter
* Add Test
* update param
* Add UI work
* Lanaguage
* Add proper translations for column-filter locale keys (#25360)
* Initial plan
* Add proper translations for column-filter locale keys across all 18 languages
Co-authored-by: karanh37 <33024356+karanh37@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: karanh37 <33024356+karanh37@users.noreply.github.com>
* fix filtering
* Fix ui : Dropdown filters (Domains, Owners, Tag, Tier, Service, etc.) were not showing in the Impact Analysis view and normal lineage view.
* put back searchbox for column level
* Fix query_filter not working for tag/domain/tier in lineage APIs -> table level filtering
* fix: hasNodeLevelFilters bypassing ES filters causing empty results
* fix: tag filter incorrectly sent to column_filter on table-level page
* Fix Impact Analysis search and filtering with path preservation
Summary of changes:
- Backend: Path preservation for search, accurate pagination counts, wildcard query parsing, OR logic for name/displayName
- Frontend: Column-level search now matches both table names and column names
* Table level: Search → query_filter (matches table names) Column level: Search → column_filter only (matches column names)
* Fix column impact analysis: depth-aware filtering, tag aggregation, and nested column support
* address gitar bot feedback : lineage filter — add service to path preservation, fix OR semantics, rename preserve_paths, guard NPE on fromEntity
* fix: use unfiltered depth counts in lineage pagination info, remove 10k doc fetch
* fix: Impact Analysis — fix upstream BFS, always run BFS unfiltered and apply query filter as in-memory post-filter to support multi-depth traversal, fix column
filter OR-within-type semantics, rename preserve_paths param, and add integration tests
instead of passing queryFilter into the BFS (which blocked traversal through non-matching intermediate nodes), we now run BFS with no
filter to discover the full graph topology, then apply the filter after all nodes and edges are collected using the existing
applyInMemoryFiltersWithPathPreservationForEntityCount.
* fix: lineage Impact Analysis — unfiltered BFS with post-filter for multi-depth traversal, upstream BFS direction fix, remove dead ES query column filter code, fix stale useCallback deps, add SDK methods and integration tests
* fix: remove column_filter from UI calls where backend doesn't support it (exportAsync, platformLineage, dataQualityLineage, paginationInfo), fix stale useCallback deps in LineageProvider
* fix: Impact Analysis — unfiltered BFS for multi-depth filter traversal, upstream direction fix, table/column tag separation, dead code cleanup, stale UI deps, node depth dropdown fix
* fix: remove dead columnFilter plumbing from CustomControls, clear column filters on Table mode switch, fix QueryFilterParser search+filter OR logic, add search combo integration tests, log warn on tag fetch failure
* fix: depth-based pagination sort
* ui: performance optimization — avoids redundant lookups
* handle matchesMultipleFiltersWithMetadata
* fix: upstream/downstream count not updating in table view
* fix UI changes
* fix api issues
* fix: Impact Analysis — move to ES-native filtering with unfiltered BFS, filtered pagination counts, tag name enrichment
* address comments
* fix: Impact Analysis — ES-native filtered traversal, batch tag enrichment, depth filtering with filters, SDK entityType support
* fix tests
* fix failing tests
* fix backend test
* add tests for code coverage
* add tests for code coverage
* fix: add id.keyword sub-field to ES index mappings to fix lineage filter dropdowns for topics, dashboards, and other non-table entities
* address comments
* fix service type filter case
* address gitar bot feedback
* fix tests
* fix build
* Fix the bugs
* Fix the bugs
* Fix all things related to Lineag, Impact Analysis
* Update generated TypeScript types
* Fix all things related to Lineag, Impact Analysis
* Fix Mapping for ids for container and test suite
* test: enhance lineage spec to cover all the missing cases (#26796)
* test: enhance lineage spec to cover all the missing cases
* fix searchIndex mapping
* fix tests
* added filter spec
* fix filter issues
* fix lineageSearchSelect
* update database service filter tests
* iterate over all the entity for service filter
* update impact analysis fixes
* update tests management
* add missing test case
* fix tests
* fix column level lineage tests
* fix apiEndpoint issue
* improved lineage connection assertion
* fix tests
* fix column level linage issues
* fix missing import
* update test import from pages
* fix mlModel spell issue
* fix node pagination and right panel spec
* refactor lineage tests to improve entity creation and visibility checks
* fix license header
* fix build
* fix tests
* fix tests
* UI linter fixes
* address comments
* fix unit tests
* remove redundant method
* improve tests
* fix impact analysis tests
* fix impact analysis
* Fix Export via Async and add tests
* update tests
* fix issues
* Spotless fix
* fix impact analysis
* Fix issue with lineage export
* Fix serviceType filtering
* fix multiple calls issue
* fix lint issues
* fix uni tests
* fix test issues
* fix lineage settings spec
* fix all the tests
* Remove fix me
* fix lint issue
* fix failing specs
---------
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: karanh37 <33024356+karanh37@users.noreply.github.com>
Co-authored-by: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com>
Co-authored-by: sonika-shah <58761340+sonika-shah@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Sriharsha Chintalapani <harsha@getcollate.io>
Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-04-06 16:01:15 +00:00
|
|
|
- ES_JAVA_OPTS=${ES_JAVA_OPTS:--Xms1024m -Xmx1024m}
|
2025-01-09 10:04:07 +00:00
|
|
|
- xpack.security.enabled=false
|
|
|
|
|
networks:
|
|
|
|
|
- local_app_net
|
|
|
|
|
expose:
|
|
|
|
|
- 9200
|
|
|
|
|
- 9300
|
|
|
|
|
ports:
|
|
|
|
|
- "9200:9200"
|
|
|
|
|
- "9300:9300"
|
|
|
|
|
healthcheck:
|
|
|
|
|
test: "curl -s http://localhost:9200/_cluster/health?pretty | grep status | grep -qE 'green|yellow' || exit 1"
|
|
|
|
|
interval: 15s
|
|
|
|
|
timeout: 10s
|
|
|
|
|
retries: 10
|
|
|
|
|
volumes:
|
|
|
|
|
- es-data:/usr/share/elasticsearch/data
|
|
|
|
|
|
|
|
|
|
execute-migrate-all:
|
|
|
|
|
build:
|
|
|
|
|
context: ../../.
|
|
|
|
|
dockerfile: docker/development/Dockerfile
|
|
|
|
|
container_name: execute_migrate_all
|
|
|
|
|
command: "./bootstrap/openmetadata-ops.sh -d migrate --force"
|
|
|
|
|
environment:
|
2023-08-03 10:31:20 +00:00
|
|
|
OPENMETADATA_CLUSTER_NAME: ${OPENMETADATA_CLUSTER_NAME:-openmetadata}
|
|
|
|
|
SERVER_PORT: ${SERVER_PORT:-8585}
|
|
|
|
|
SERVER_ADMIN_PORT: ${SERVER_ADMIN_PORT:-8586}
|
|
|
|
|
LOG_LEVEL: ${LOG_LEVEL:-INFO}
|
2026-01-12 20:18:29 +00:00
|
|
|
|
|
|
|
|
# Migration
|
2025-01-09 10:04:07 +00:00
|
|
|
MIGRATION_LIMIT_PARAM: ${MIGRATION_LIMIT_PARAM:-1200}
|
|
|
|
|
|
2023-08-03 10:31:20 +00:00
|
|
|
# OpenMetadata Server Authentication Configuration
|
|
|
|
|
AUTHORIZER_CLASS_NAME: ${AUTHORIZER_CLASS_NAME:-org.openmetadata.service.security.DefaultAuthorizer}
|
|
|
|
|
AUTHORIZER_REQUEST_FILTER: ${AUTHORIZER_REQUEST_FILTER:-org.openmetadata.service.security.JwtFilter}
|
|
|
|
|
AUTHORIZER_ADMIN_PRINCIPALS: ${AUTHORIZER_ADMIN_PRINCIPALS:-[admin]}
|
|
|
|
|
AUTHORIZER_ALLOWED_REGISTRATION_DOMAIN: ${AUTHORIZER_ALLOWED_REGISTRATION_DOMAIN:-["all"]}
|
|
|
|
|
AUTHORIZER_INGESTION_PRINCIPALS: ${AUTHORIZER_INGESTION_PRINCIPALS:-[ingestion-bot]}
|
2025-01-09 10:04:07 +00:00
|
|
|
AUTHORIZER_PRINCIPAL_DOMAIN: ${AUTHORIZER_PRINCIPAL_DOMAIN:-"open-metadata.org"}
|
2025-03-19 12:43:22 +00:00
|
|
|
AUTHORIZER_ALLOWED_DOMAINS: ${AUTHORIZER_ALLOWED_DOMAINS:-[]}
|
2023-08-03 10:31:20 +00:00
|
|
|
AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN: ${AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN:-false}
|
|
|
|
|
AUTHORIZER_ENABLE_SECURE_SOCKET: ${AUTHORIZER_ENABLE_SECURE_SOCKET:-false}
|
|
|
|
|
AUTHENTICATION_PROVIDER: ${AUTHENTICATION_PROVIDER:-basic}
|
2023-11-20 03:14:13 +00:00
|
|
|
AUTHENTICATION_RESPONSE_TYPE: ${AUTHENTICATION_RESPONSE_TYPE:-id_token}
|
2023-08-03 10:31:20 +00:00
|
|
|
CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME: ${CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME:-""}
|
|
|
|
|
AUTHENTICATION_PUBLIC_KEYS: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]}
|
|
|
|
|
AUTHENTICATION_AUTHORITY: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com}
|
|
|
|
|
AUTHENTICATION_CLIENT_ID: ${AUTHENTICATION_CLIENT_ID:-""}
|
|
|
|
|
AUTHENTICATION_CALLBACK_URL: ${AUTHENTICATION_CALLBACK_URL:-""}
|
|
|
|
|
AUTHENTICATION_JWT_PRINCIPAL_CLAIMS: ${AUTHENTICATION_JWT_PRINCIPAL_CLAIMS:-[email,preferred_username,sub]}
|
2024-06-24 17:45:19 +00:00
|
|
|
AUTHENTICATION_JWT_PRINCIPAL_CLAIMS_MAPPING: ${AUTHENTICATION_JWT_PRINCIPAL_CLAIMS_MAPPING:-[]}
|
2025-01-09 10:04:07 +00:00
|
|
|
AUTHENTICATION_ENABLE_SELF_SIGNUP: ${AUTHENTICATION_ENABLE_SELF_SIGNUP:-true}
|
2024-03-20 06:17:25 +00:00
|
|
|
AUTHENTICATION_CLIENT_TYPE: ${AUTHENTICATION_CLIENT_TYPE:-public}
|
|
|
|
|
#For OIDC Authentication, when client is confidential
|
|
|
|
|
OIDC_CLIENT_ID: ${OIDC_CLIENT_ID:-""}
|
|
|
|
|
OIDC_TYPE: ${OIDC_TYPE:-""} # google, azure etc.
|
|
|
|
|
OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET:-""}
|
|
|
|
|
OIDC_SCOPE: ${OIDC_SCOPE:-"openid email profile"}
|
|
|
|
|
OIDC_DISCOVERY_URI: ${OIDC_DISCOVERY_URI:-""}
|
|
|
|
|
OIDC_USE_NONCE: ${OIDC_USE_NONCE:-true}
|
|
|
|
|
OIDC_PREFERRED_JWS: ${OIDC_PREFERRED_JWS:-"RS256"}
|
|
|
|
|
OIDC_RESPONSE_TYPE: ${OIDC_RESPONSE_TYPE:-"code"}
|
|
|
|
|
OIDC_DISABLE_PKCE: ${OIDC_DISABLE_PKCE:-true}
|
|
|
|
|
OIDC_CALLBACK: ${OIDC_CALLBACK:-"http://localhost:8585/callback"}
|
|
|
|
|
OIDC_SERVER_URL: ${OIDC_SERVER_URL:-"http://localhost:8585"}
|
|
|
|
|
OIDC_CLIENT_AUTH_METHOD: ${OIDC_CLIENT_AUTH_METHOD:-"client_secret_post"}
|
|
|
|
|
OIDC_TENANT: ${OIDC_TENANT:-""}
|
|
|
|
|
OIDC_MAX_CLOCK_SKEW: ${OIDC_MAX_CLOCK_SKEW:-""}
|
|
|
|
|
OIDC_CUSTOM_PARAMS: ${OIDC_CUSTOM_PARAMS:-{}}
|
2025-04-09 09:39:57 +00:00
|
|
|
OIDC_MAX_AGE: ${OIDC_MAX_AGE:-"0"}
|
2025-04-25 03:07:25 +00:00
|
|
|
OIDC_PROMPT_TYPE: ${OIDC_PROMPT_TYPE:-"consent"}
|
2025-07-08 09:37:52 +00:00
|
|
|
OIDC_SESSION_EXPIRY: ${OIDC_SESSION_EXPIRY:-"604800"}
|
2023-12-26 02:08:38 +00:00
|
|
|
# For SAML Authentication
|
|
|
|
|
# SAML_DEBUG_MODE: ${SAML_DEBUG_MODE:-false}
|
|
|
|
|
# SAML_IDP_ENTITY_ID: ${SAML_IDP_ENTITY_ID:-""}
|
|
|
|
|
# SAML_IDP_SSO_LOGIN_URL: ${SAML_IDP_SSO_LOGIN_URL:-""}
|
|
|
|
|
# SAML_IDP_CERTIFICATE: ${SAML_IDP_CERTIFICATE:-""}
|
|
|
|
|
# SAML_AUTHORITY_URL: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"}
|
|
|
|
|
# SAML_IDP_NAME_ID: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress"}
|
|
|
|
|
# SAML_SP_ENTITY_ID: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"}
|
|
|
|
|
# SAML_SP_ACS: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"}
|
|
|
|
|
# SAML_SP_CERTIFICATE: ${SAML_SP_CERTIFICATE:-""}
|
|
|
|
|
# SAML_SP_CALLBACK: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"}
|
|
|
|
|
# SAML_STRICT_MODE: ${SAML_STRICT_MODE:-false}
|
|
|
|
|
# SAML_SP_TOKEN_VALIDITY: ${SAML_SP_TOKEN_VALIDITY:-"3600"}
|
|
|
|
|
# SAML_SEND_ENCRYPTED_NAME_ID: ${SAML_SEND_ENCRYPTED_NAME_ID:-false}
|
|
|
|
|
# SAML_SEND_SIGNED_AUTH_REQUEST: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false}
|
|
|
|
|
# SAML_SIGNED_SP_METADATA: ${SAML_SIGNED_SP_METADATA:-false}
|
|
|
|
|
# SAML_WANT_MESSAGE_SIGNED: ${SAML_WANT_MESSAGE_SIGNED:-false}
|
|
|
|
|
# SAML_WANT_ASSERTION_SIGNED: ${SAML_WANT_ASSERTION_SIGNED:-false}
|
|
|
|
|
# SAML_WANT_ASSERTION_ENCRYPTED: ${SAML_WANT_ASSERTION_ENCRYPTED:-false}
|
|
|
|
|
# SAML_WANT_NAME_ID_ENCRYPTED: ${SAML_WANT_NAME_ID_ENCRYPTED:-false}
|
|
|
|
|
# SAML_KEYSTORE_FILE_PATH: ${SAML_KEYSTORE_FILE_PATH:-""}
|
|
|
|
|
# SAML_KEYSTORE_ALIAS: ${SAML_KEYSTORE_ALIAS:-""}
|
|
|
|
|
# SAML_KEYSTORE_PASSWORD: ${SAML_KEYSTORE_PASSWORD:-""}
|
|
|
|
|
# For LDAP Authentication
|
|
|
|
|
# AUTHENTICATION_LDAP_HOST: ${AUTHENTICATION_LDAP_HOST:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_PORT: ${AUTHENTICATION_LDAP_PORT:-}
|
|
|
|
|
# AUTHENTICATION_LOOKUP_ADMIN_DN: ${AUTHENTICATION_LOOKUP_ADMIN_DN:-""}
|
|
|
|
|
# AUTHENTICATION_LOOKUP_ADMIN_PWD: ${AUTHENTICATION_LOOKUP_ADMIN_PWD:-""}
|
|
|
|
|
# AUTHENTICATION_USER_LOOKUP_BASEDN: ${AUTHENTICATION_USER_LOOKUP_BASEDN:-""}
|
|
|
|
|
# AUTHENTICATION_USER_MAIL_ATTR: ${AUTHENTICATION_USER_MAIL_ATTR:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_POOL_SIZE: ${AUTHENTICATION_LDAP_POOL_SIZE:-3}
|
|
|
|
|
# AUTHENTICATION_LDAP_SSL_ENABLED: ${AUTHENTICATION_LDAP_SSL_ENABLED:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_TRUSTSTORE_TYPE: ${AUTHENTICATION_LDAP_TRUSTSTORE_TYPE:-TrustAll}
|
|
|
|
|
# AUTHENTICATION_LDAP_TRUSTSTORE_PATH: ${AUTHENTICATION_LDAP_TRUSTSTORE_PATH:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_KEYSTORE_PASSWORD: ${AUTHENTICATION_LDAP_KEYSTORE_PASSWORD:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_SSL_KEY_FORMAT: ${AUTHENTICATION_LDAP_SSL_KEY_FORMAT:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_ALLOW_WILDCARDS: ${AUTHENTICATION_LDAP_ALLOW_WILDCARDS:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_ALLOWED_HOSTNAMES: ${AUTHENTICATION_LDAP_ALLOWED_HOSTNAMES:-[]}
|
|
|
|
|
# AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST: ${AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES: ${AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES:-true}
|
2025-01-09 10:04:07 +00:00
|
|
|
|
2023-08-03 10:31:20 +00:00
|
|
|
# JWT Configuration
|
|
|
|
|
RSA_PUBLIC_KEY_FILE_PATH: ${RSA_PUBLIC_KEY_FILE_PATH:-"./conf/public_key.der"}
|
|
|
|
|
RSA_PRIVATE_KEY_FILE_PATH: ${RSA_PRIVATE_KEY_FILE_PATH:-"./conf/private_key.der"}
|
|
|
|
|
JWT_ISSUER: ${JWT_ISSUER:-"open-metadata.org"}
|
|
|
|
|
JWT_KEY_ID: ${JWT_KEY_ID:-"Gb389a-9f76-gdjs-a92j-0242bk94356"}
|
|
|
|
|
# OpenMetadata Server Pipeline Service Client Configuration
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_ENDPOINT: ${PIPELINE_SERVICE_CLIENT_ENDPOINT:-http://ingestion:8080}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_HEALTH_CHECK_INTERVAL: ${PIPELINE_SERVICE_CLIENT_HEALTH_CHECK_INTERVAL:-300}
|
|
|
|
|
SERVER_HOST_API_URL: ${SERVER_HOST_API_URL:-http://openmetadata-server:8585/api}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_VERIFY_SSL: ${PIPELINE_SERVICE_CLIENT_VERIFY_SSL:-"no-ssl"}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_SSL_CERT_PATH: ${PIPELINE_SERVICE_CLIENT_SSL_CERT_PATH:-""}
|
|
|
|
|
# Database configuration for MySQL
|
|
|
|
|
DB_DRIVER_CLASS: ${DB_DRIVER_CLASS:-com.mysql.cj.jdbc.Driver}
|
|
|
|
|
DB_SCHEME: ${DB_SCHEME:-mysql}
|
2024-01-29 13:58:07 +00:00
|
|
|
DB_PARAMS: ${DB_PARAMS:-allowPublicKeyRetrieval=true&useSSL=false&serverTimezone=UTC}
|
2023-08-03 10:31:20 +00:00
|
|
|
DB_USE_SSL: ${DB_USE_SSL:-false}
|
|
|
|
|
DB_USER: ${DB_USER:-openmetadata_user}
|
|
|
|
|
DB_USER_PASSWORD: ${DB_USER_PASSWORD:-openmetadata_password}
|
|
|
|
|
DB_HOST: ${DB_HOST:-mysql}
|
|
|
|
|
DB_PORT: ${DB_PORT:-3306}
|
|
|
|
|
OM_DATABASE: ${OM_DATABASE:-openmetadata_db}
|
|
|
|
|
# ElasticSearch Configurations
|
|
|
|
|
ELASTICSEARCH_HOST: ${ELASTICSEARCH_HOST:- elasticsearch}
|
|
|
|
|
ELASTICSEARCH_PORT: ${ELASTICSEARCH_PORT:-9200}
|
|
|
|
|
ELASTICSEARCH_SCHEME: ${ELASTICSEARCH_SCHEME:-http}
|
|
|
|
|
ELASTICSEARCH_USER: ${ELASTICSEARCH_USER:-""}
|
|
|
|
|
ELASTICSEARCH_PASSWORD: ${ELASTICSEARCH_PASSWORD:-""}
|
|
|
|
|
SEARCH_TYPE: ${SEARCH_TYPE:- "elasticsearch"}
|
2025-01-09 10:04:07 +00:00
|
|
|
ELASTICSEARCH_CLUSTER_ALIAS: ${ELASTICSEARCH_CLUSTER_ALIAS:- "openmetadata"}
|
2023-08-03 10:31:20 +00:00
|
|
|
ELASTICSEARCH_TRUST_STORE_PATH: ${ELASTICSEARCH_TRUST_STORE_PATH:-""}
|
|
|
|
|
ELASTICSEARCH_TRUST_STORE_PASSWORD: ${ELASTICSEARCH_TRUST_STORE_PASSWORD:-""}
|
|
|
|
|
ELASTICSEARCH_CONNECTION_TIMEOUT_SECS: ${ELASTICSEARCH_CONNECTION_TIMEOUT_SECS:-5}
|
|
|
|
|
ELASTICSEARCH_SOCKET_TIMEOUT_SECS: ${ELASTICSEARCH_SOCKET_TIMEOUT_SECS:-60}
|
|
|
|
|
ELASTICSEARCH_KEEP_ALIVE_TIMEOUT_SECS: ${ELASTICSEARCH_KEEP_ALIVE_TIMEOUT_SECS:-600}
|
2025-01-09 10:04:07 +00:00
|
|
|
ELASTICSEARCH_BATCH_SIZE: ${ELASTICSEARCH_BATCH_SIZE:-100}
|
2024-08-12 05:48:18 +00:00
|
|
|
ELASTICSEARCH_PAYLOAD_BYTES_SIZE: ${ELASTICSEARCH_PAYLOAD_BYTES_SIZE:-10485760} #max payLoadSize in Bytes
|
2023-08-03 10:31:20 +00:00
|
|
|
ELASTICSEARCH_INDEX_MAPPING_LANG: ${ELASTICSEARCH_INDEX_MAPPING_LANG:-EN}
|
2026-01-14 07:05:53 +00:00
|
|
|
# AWS IAM Authentication for OpenSearch (auto-enabled when AWS_DEFAULT_REGION is set)
|
|
|
|
|
# Uses standard AWS env vars: https://docs.aws.amazon.com/cli/v1/userguide/cli-configure-envvars.html
|
|
|
|
|
AWS_DEFAULT_REGION: ${AWS_DEFAULT_REGION:-""}
|
|
|
|
|
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID:-""}
|
|
|
|
|
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY:-""}
|
|
|
|
|
AWS_SESSION_TOKEN: ${AWS_SESSION_TOKEN:-""}
|
|
|
|
|
SEARCH_AWS_SERVICE_NAME: ${SEARCH_AWS_SERVICE_NAME:-"es"}
|
2025-01-09 10:04:07 +00:00
|
|
|
|
2023-08-03 10:31:20 +00:00
|
|
|
#eventMonitoringConfiguration
|
|
|
|
|
EVENT_MONITOR: ${EVENT_MONITOR:-prometheus}
|
|
|
|
|
EVENT_MONITOR_BATCH_SIZE: ${EVENT_MONITOR_BATCH_SIZE:-10}
|
|
|
|
|
EVENT_MONITOR_PATH_PATTERN: ${EVENT_MONITOR_PATH_PATTERN:-["/api/v1/tables/*", "/api/v1/health-check"]}
|
|
|
|
|
EVENT_MONITOR_LATENCY: ${EVENT_MONITOR_LATENCY:-[]}
|
2025-01-09 10:04:07 +00:00
|
|
|
|
2023-08-03 10:31:20 +00:00
|
|
|
#pipelineServiceClientConfiguration
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_CLASS_NAME: ${PIPELINE_SERVICE_CLIENT_CLASS_NAME:-"org.openmetadata.service.clients.pipeline.airflow.AirflowRESTClient"}
|
|
|
|
|
PIPELINE_SERVICE_IP_INFO_ENABLED: ${PIPELINE_SERVICE_IP_INFO_ENABLED:-false}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_HOST_IP: ${PIPELINE_SERVICE_CLIENT_HOST_IP:-""}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_SECRETS_MANAGER_LOADER: ${PIPELINE_SERVICE_CLIENT_SECRETS_MANAGER_LOADER:-"noop"}
|
|
|
|
|
#airflow parameters
|
|
|
|
|
AIRFLOW_USERNAME: ${AIRFLOW_USERNAME:-admin}
|
|
|
|
|
AIRFLOW_PASSWORD: ${AIRFLOW_PASSWORD:-admin}
|
|
|
|
|
AIRFLOW_TIMEOUT: ${AIRFLOW_TIMEOUT:-10}
|
|
|
|
|
AIRFLOW_TRUST_STORE_PATH: ${AIRFLOW_TRUST_STORE_PATH:-""}
|
|
|
|
|
AIRFLOW_TRUST_STORE_PASSWORD: ${AIRFLOW_TRUST_STORE_PASSWORD:-""}
|
|
|
|
|
FERNET_KEY: ${FERNET_KEY:-jJ/9sz0g0OHxsfxOoSfdFdmk3ysNmPRnH3TUAbz3IHA=}
|
2025-01-09 10:04:07 +00:00
|
|
|
|
2023-08-03 10:31:20 +00:00
|
|
|
#secretsManagerConfiguration
|
2023-12-18 05:43:20 +00:00
|
|
|
SECRET_MANAGER: ${SECRET_MANAGER:-db}
|
2025-01-09 10:04:07 +00:00
|
|
|
#parameters:
|
2023-08-03 10:31:20 +00:00
|
|
|
OM_SM_REGION: ${OM_SM_REGION:-""}
|
|
|
|
|
OM_SM_ACCESS_KEY_ID: ${OM_SM_ACCESS_KEY_ID:-""}
|
|
|
|
|
OM_SM_ACCESS_KEY: ${OM_SM_ACCESS_KEY:-""}
|
2025-01-09 10:04:07 +00:00
|
|
|
|
2023-08-03 10:31:20 +00:00
|
|
|
#email configuration:
|
|
|
|
|
OM_EMAIL_ENTITY: ${OM_EMAIL_ENTITY:-"OpenMetadata"}
|
|
|
|
|
OM_SUPPORT_URL: ${OM_SUPPORT_URL:-"https://slack.open-metadata.org"}
|
|
|
|
|
AUTHORIZER_ENABLE_SMTP : ${AUTHORIZER_ENABLE_SMTP:-false}
|
|
|
|
|
OPENMETADATA_SERVER_URL: ${OPENMETADATA_SERVER_URL:-""}
|
|
|
|
|
OPENMETADATA_SMTP_SENDER_MAIL: ${OPENMETADATA_SMTP_SENDER_MAIL:-""}
|
|
|
|
|
SMTP_SERVER_ENDPOINT: ${SMTP_SERVER_ENDPOINT:-""}
|
|
|
|
|
SMTP_SERVER_PORT: ${SMTP_SERVER_PORT:-""}
|
|
|
|
|
SMTP_SERVER_USERNAME: ${SMTP_SERVER_USERNAME:-""}
|
|
|
|
|
SMTP_SERVER_PWD: ${SMTP_SERVER_PWD:-""}
|
|
|
|
|
SMTP_SERVER_STRATEGY: ${SMTP_SERVER_STRATEGY:-"SMTP_TLS"}
|
2025-01-09 10:04:07 +00:00
|
|
|
|
2023-08-03 10:31:20 +00:00
|
|
|
#extensionConfiguration
|
|
|
|
|
OM_RESOURCE_PACKAGES: ${OM_RESOURCE_PACKAGES:-[]}
|
|
|
|
|
OM_EXTENSIONS: ${OM_EXTENSIONS:-[]}
|
2025-01-09 10:04:07 +00:00
|
|
|
|
|
|
|
|
|
2023-08-03 10:31:20 +00:00
|
|
|
# Heap OPTS Configurations
|
|
|
|
|
OPENMETADATA_HEAP_OPTS: ${OPENMETADATA_HEAP_OPTS:--Xmx1G -Xms1G}
|
2025-01-09 10:04:07 +00:00
|
|
|
# Mask passwords values in UI
|
|
|
|
|
MASK_PASSWORDS_API: ${MASK_PASSWORDS_API:-false}
|
|
|
|
|
|
|
|
|
|
#OpenMetadata Web Configuration
|
|
|
|
|
WEB_CONF_URI_PATH: ${WEB_CONF_URI_PATH:-"/api"}
|
2023-08-03 10:31:20 +00:00
|
|
|
#HSTS
|
|
|
|
|
WEB_CONF_HSTS_ENABLED: ${WEB_CONF_HSTS_ENABLED:-false}
|
|
|
|
|
WEB_CONF_HSTS_MAX_AGE: ${WEB_CONF_HSTS_MAX_AGE:-"365 days"}
|
|
|
|
|
WEB_CONF_HSTS_INCLUDE_SUBDOMAINS: ${WEB_CONF_HSTS_INCLUDE_SUBDOMAINS:-"true"}
|
|
|
|
|
WEB_CONF_HSTS_PRELOAD: ${WEB_CONF_HSTS_PRELOAD:-"true"}
|
2025-01-09 10:04:07 +00:00
|
|
|
#Frame Options
|
|
|
|
|
WEB_CONF_FRAME_OPTION_ENABLED: ${WEB_CONF_FRAME_OPTION_ENABLED:-false}
|
|
|
|
|
WEB_CONF_FRAME_OPTION: ${WEB_CONF_FRAME_OPTION:-"SAMEORIGIN"}
|
|
|
|
|
WEB_CONF_FRAME_ORIGIN: ${WEB_CONF_FRAME_ORIGIN:-""}
|
|
|
|
|
#Content Type
|
|
|
|
|
WEB_CONF_CONTENT_TYPE_OPTIONS_ENABLED: ${WEB_CONF_CONTENT_TYPE_OPTIONS_ENABLED:-false}
|
|
|
|
|
#XSS-Protection
|
|
|
|
|
WEB_CONF_XSS_PROTECTION_ENABLED: ${WEB_CONF_XSS_PROTECTION_ENABLED:-false}
|
|
|
|
|
WEB_CONF_XSS_PROTECTION_ON: ${WEB_CONF_XSS_PROTECTION_ON:-true}
|
|
|
|
|
WEB_CONF_XSS_PROTECTION_BLOCK: ${WEB_CONF_XSS_PROTECTION_BLOCK:-true}
|
|
|
|
|
#CSP
|
|
|
|
|
WEB_CONF_XSS_CSP_ENABLED: ${WEB_CONF_XSS_CSP_ENABLED:-false}
|
|
|
|
|
WEB_CONF_XSS_CSP_POLICY: ${WEB_CONF_XSS_CSP_POLICY:-"default-src 'self'"}
|
|
|
|
|
WEB_CONF_XSS_CSP_REPORT_ONLY_POLICY: ${WEB_CONF_XSS_CSP_REPORT_ONLY_POLICY:-""}
|
2023-08-18 12:18:17 +00:00
|
|
|
#Referrer-Policy
|
|
|
|
|
WEB_CONF_REFERRER_POLICY_ENABLED: ${WEB_CONF_REFERRER_POLICY_ENABLED:-false}
|
|
|
|
|
WEB_CONF_REFERRER_POLICY_OPTION: ${WEB_CONF_REFERRER_POLICY_OPTION:-"SAME_ORIGIN"}
|
|
|
|
|
#Permission-Policy
|
|
|
|
|
WEB_CONF_PERMISSION_POLICY_ENABLED: ${WEB_CONF_PERMISSION_POLICY_ENABLED:-false}
|
|
|
|
|
WEB_CONF_PERMISSION_POLICY_OPTION: ${WEB_CONF_PERMISSION_POLICY_OPTION:-""}
|
2025-01-09 10:04:07 +00:00
|
|
|
#Cache
|
|
|
|
|
WEB_CONF_CACHE_CONTROL: ${WEB_CONF_CACHE_CONTROL:-""}
|
|
|
|
|
WEB_CONF_PRAGMA: ${WEB_CONF_PRAGMA:-""}
|
2023-08-03 10:31:20 +00:00
|
|
|
depends_on:
|
|
|
|
|
elasticsearch:
|
2024-02-05 12:58:00 +00:00
|
|
|
condition: service_healthy
|
2023-08-03 10:31:20 +00:00
|
|
|
mysql:
|
|
|
|
|
condition: service_healthy
|
|
|
|
|
networks:
|
|
|
|
|
- local_app_net
|
2021-10-30 16:05:30 +00:00
|
|
|
|
2021-10-09 17:58:33 +00:00
|
|
|
openmetadata-server:
|
|
|
|
|
build:
|
|
|
|
|
context: ../../.
|
2023-03-06 16:58:53 +00:00
|
|
|
dockerfile: docker/development/Dockerfile
|
2021-12-10 16:01:08 +00:00
|
|
|
container_name: openmetadata_server
|
2022-01-27 08:25:54 +00:00
|
|
|
environment:
|
2025-01-09 10:04:07 +00:00
|
|
|
OPENMETADATA_CLUSTER_NAME: ${OPENMETADATA_CLUSTER_NAME:-openmetadata}
|
|
|
|
|
SERVER_PORT: ${SERVER_PORT:-8585}
|
|
|
|
|
SERVER_ADMIN_PORT: ${SERVER_ADMIN_PORT:-8586}
|
|
|
|
|
LOG_LEVEL: ${LOG_LEVEL:-INFO}
|
|
|
|
|
|
|
|
|
|
# OpenMetadata Server Authentication Configuration
|
|
|
|
|
AUTHORIZER_CLASS_NAME: ${AUTHORIZER_CLASS_NAME:-org.openmetadata.service.security.DefaultAuthorizer}
|
|
|
|
|
AUTHORIZER_REQUEST_FILTER: ${AUTHORIZER_REQUEST_FILTER:-org.openmetadata.service.security.JwtFilter}
|
|
|
|
|
AUTHORIZER_ADMIN_PRINCIPALS: ${AUTHORIZER_ADMIN_PRINCIPALS:-[admin]}
|
|
|
|
|
AUTHORIZER_ALLOWED_REGISTRATION_DOMAIN: ${AUTHORIZER_ALLOWED_REGISTRATION_DOMAIN:-["all"]}
|
|
|
|
|
AUTHORIZER_INGESTION_PRINCIPALS: ${AUTHORIZER_INGESTION_PRINCIPALS:-[ingestion-bot]}
|
|
|
|
|
AUTHORIZER_PRINCIPAL_DOMAIN: ${AUTHORIZER_PRINCIPAL_DOMAIN:-"open-metadata.org"}
|
2025-03-19 12:43:22 +00:00
|
|
|
AUTHORIZER_ALLOWED_DOMAINS: ${AUTHORIZER_ALLOWED_DOMAINS:-[]}
|
2025-01-09 10:04:07 +00:00
|
|
|
AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN: ${AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN:-false}
|
|
|
|
|
AUTHORIZER_ENABLE_SECURE_SOCKET: ${AUTHORIZER_ENABLE_SECURE_SOCKET:-false}
|
|
|
|
|
AUTHENTICATION_PROVIDER: ${AUTHENTICATION_PROVIDER:-basic}
|
|
|
|
|
AUTHENTICATION_RESPONSE_TYPE: ${AUTHENTICATION_RESPONSE_TYPE:-id_token}
|
|
|
|
|
CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME: ${CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME:-""}
|
|
|
|
|
AUTHENTICATION_PUBLIC_KEYS: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]}
|
|
|
|
|
AUTHENTICATION_AUTHORITY: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com}
|
|
|
|
|
AUTHENTICATION_CLIENT_ID: ${AUTHENTICATION_CLIENT_ID:-""}
|
|
|
|
|
AUTHENTICATION_CALLBACK_URL: ${AUTHENTICATION_CALLBACK_URL:-""}
|
|
|
|
|
AUTHENTICATION_JWT_PRINCIPAL_CLAIMS: ${AUTHENTICATION_JWT_PRINCIPAL_CLAIMS:-[email,preferred_username,sub]}
|
|
|
|
|
AUTHENTICATION_JWT_PRINCIPAL_CLAIMS_MAPPING: ${AUTHENTICATION_JWT_PRINCIPAL_CLAIMS_MAPPING:-[]}
|
|
|
|
|
AUTHENTICATION_ENABLE_SELF_SIGNUP : ${AUTHENTICATION_ENABLE_SELF_SIGNUP:-true}
|
|
|
|
|
AUTHENTICATION_CLIENT_TYPE: ${AUTHENTICATION_CLIENT_TYPE:-public}
|
|
|
|
|
#For OIDC Authentication, when client is confidential
|
|
|
|
|
OIDC_CLIENT_ID: ${OIDC_CLIENT_ID:-""}
|
|
|
|
|
OIDC_TYPE: ${OIDC_TYPE:-""} # google, azure etc.
|
|
|
|
|
OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET:-""}
|
|
|
|
|
OIDC_SCOPE: ${OIDC_SCOPE:-"openid email profile"}
|
|
|
|
|
OIDC_DISCOVERY_URI: ${OIDC_DISCOVERY_URI:-""}
|
|
|
|
|
OIDC_USE_NONCE: ${OIDC_USE_NONCE:-true}
|
|
|
|
|
OIDC_PREFERRED_JWS: ${OIDC_PREFERRED_JWS:-"RS256"}
|
|
|
|
|
OIDC_RESPONSE_TYPE: ${OIDC_RESPONSE_TYPE:-"code"}
|
|
|
|
|
OIDC_DISABLE_PKCE: ${OIDC_DISABLE_PKCE:-true}
|
|
|
|
|
OIDC_CALLBACK: ${OIDC_CALLBACK:-"http://localhost:8585/callback"}
|
|
|
|
|
OIDC_SERVER_URL: ${OIDC_SERVER_URL:-"http://localhost:8585"}
|
|
|
|
|
OIDC_CLIENT_AUTH_METHOD: ${OIDC_CLIENT_AUTH_METHOD:-"client_secret_post"}
|
|
|
|
|
OIDC_TENANT: ${OIDC_TENANT:-""}
|
|
|
|
|
OIDC_MAX_CLOCK_SKEW: ${OIDC_MAX_CLOCK_SKEW:-""}
|
|
|
|
|
OIDC_CUSTOM_PARAMS: ${OIDC_CUSTOM_PARAMS:-{}}
|
2025-04-09 09:39:57 +00:00
|
|
|
OIDC_MAX_AGE: ${OIDC_MAX_AGE:-"0"}
|
2025-04-25 03:07:25 +00:00
|
|
|
OIDC_PROMPT_TYPE: ${OIDC_PROMPT_TYPE:-"consent"}
|
2025-07-08 09:37:52 +00:00
|
|
|
OIDC_SESSION_EXPIRY: ${OIDC_SESSION_EXPIRY:-"604800"}
|
2025-01-09 10:04:07 +00:00
|
|
|
# For SAML Authentication
|
|
|
|
|
# SAML_DEBUG_MODE: ${SAML_DEBUG_MODE:-false}
|
|
|
|
|
# SAML_IDP_ENTITY_ID: ${SAML_IDP_ENTITY_ID:-""}
|
|
|
|
|
# SAML_IDP_SSO_LOGIN_URL: ${SAML_IDP_SSO_LOGIN_URL:-""}
|
|
|
|
|
# SAML_IDP_CERTIFICATE: ${SAML_IDP_CERTIFICATE:-""}
|
|
|
|
|
# SAML_AUTHORITY_URL: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"}
|
|
|
|
|
# SAML_IDP_NAME_ID: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress"}
|
|
|
|
|
# SAML_SP_ENTITY_ID: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"}
|
|
|
|
|
# SAML_SP_ACS: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"}
|
|
|
|
|
# SAML_SP_CERTIFICATE: ${SAML_SP_CERTIFICATE:-""}
|
|
|
|
|
# SAML_SP_CALLBACK: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"}
|
|
|
|
|
# SAML_STRICT_MODE: ${SAML_STRICT_MODE:-false}
|
|
|
|
|
# SAML_SP_TOKEN_VALIDITY: ${SAML_SP_TOKEN_VALIDITY:-"3600"}
|
|
|
|
|
# SAML_SEND_ENCRYPTED_NAME_ID: ${SAML_SEND_ENCRYPTED_NAME_ID:-false}
|
|
|
|
|
# SAML_SEND_SIGNED_AUTH_REQUEST: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false}
|
|
|
|
|
# SAML_SIGNED_SP_METADATA: ${SAML_SIGNED_SP_METADATA:-false}
|
|
|
|
|
# SAML_WANT_MESSAGE_SIGNED: ${SAML_WANT_MESSAGE_SIGNED:-false}
|
|
|
|
|
# SAML_WANT_ASSERTION_SIGNED: ${SAML_WANT_ASSERTION_SIGNED:-false}
|
|
|
|
|
# SAML_WANT_ASSERTION_ENCRYPTED: ${SAML_WANT_ASSERTION_ENCRYPTED:-false}
|
|
|
|
|
# SAML_WANT_NAME_ID_ENCRYPTED: ${SAML_WANT_NAME_ID_ENCRYPTED:-false}
|
|
|
|
|
# SAML_KEYSTORE_FILE_PATH: ${SAML_KEYSTORE_FILE_PATH:-""}
|
|
|
|
|
# SAML_KEYSTORE_ALIAS: ${SAML_KEYSTORE_ALIAS:-""}
|
|
|
|
|
# SAML_KEYSTORE_PASSWORD: ${SAML_KEYSTORE_PASSWORD:-""}
|
|
|
|
|
# For LDAP Authentication
|
|
|
|
|
# AUTHENTICATION_LDAP_HOST: ${AUTHENTICATION_LDAP_HOST:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_PORT: ${AUTHENTICATION_LDAP_PORT:-}
|
|
|
|
|
# AUTHENTICATION_LOOKUP_ADMIN_DN: ${AUTHENTICATION_LOOKUP_ADMIN_DN:-""}
|
|
|
|
|
# AUTHENTICATION_LOOKUP_ADMIN_PWD: ${AUTHENTICATION_LOOKUP_ADMIN_PWD:-""}
|
|
|
|
|
# AUTHENTICATION_USER_LOOKUP_BASEDN: ${AUTHENTICATION_USER_LOOKUP_BASEDN:-""}
|
|
|
|
|
# AUTHENTICATION_USER_MAIL_ATTR: ${AUTHENTICATION_USER_MAIL_ATTR:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_POOL_SIZE: ${AUTHENTICATION_LDAP_POOL_SIZE:-3}
|
|
|
|
|
# AUTHENTICATION_LDAP_SSL_ENABLED: ${AUTHENTICATION_LDAP_SSL_ENABLED:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_TRUSTSTORE_TYPE: ${AUTHENTICATION_LDAP_TRUSTSTORE_TYPE:-TrustAll}
|
|
|
|
|
# AUTHENTICATION_LDAP_TRUSTSTORE_PATH: ${AUTHENTICATION_LDAP_TRUSTSTORE_PATH:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_KEYSTORE_PASSWORD: ${AUTHENTICATION_LDAP_KEYSTORE_PASSWORD:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_SSL_KEY_FORMAT: ${AUTHENTICATION_LDAP_SSL_KEY_FORMAT:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_ALLOW_WILDCARDS: ${AUTHENTICATION_LDAP_ALLOW_WILDCARDS:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_ALLOWED_HOSTNAMES: ${AUTHENTICATION_LDAP_ALLOWED_HOSTNAMES:-[]}
|
|
|
|
|
# AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST: ${AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST:-}
|
|
|
|
|
# AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES: ${AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES:-true}
|
|
|
|
|
|
|
|
|
|
# JWT Configuration
|
|
|
|
|
RSA_PUBLIC_KEY_FILE_PATH: ${RSA_PUBLIC_KEY_FILE_PATH:-"./conf/public_key.der"}
|
|
|
|
|
RSA_PRIVATE_KEY_FILE_PATH: ${RSA_PRIVATE_KEY_FILE_PATH:-"./conf/private_key.der"}
|
|
|
|
|
JWT_ISSUER: ${JWT_ISSUER:-"open-metadata.org"}
|
|
|
|
|
JWT_KEY_ID: ${JWT_KEY_ID:-"Gb389a-9f76-gdjs-a92j-0242bk94356"}
|
|
|
|
|
# OpenMetadata Server Pipeline Service Client Configuration
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_ENDPOINT: ${PIPELINE_SERVICE_CLIENT_ENDPOINT:-http://ingestion:8080}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_HEALTH_CHECK_INTERVAL: ${PIPELINE_SERVICE_CLIENT_HEALTH_CHECK_INTERVAL:-300}
|
|
|
|
|
SERVER_HOST_API_URL: ${SERVER_HOST_API_URL:-http://openmetadata-server:8585/api}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_VERIFY_SSL: ${PIPELINE_SERVICE_CLIENT_VERIFY_SSL:-"no-ssl"}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_SSL_CERT_PATH: ${PIPELINE_SERVICE_CLIENT_SSL_CERT_PATH:-""}
|
|
|
|
|
# Database configuration for MySQL
|
|
|
|
|
DB_DRIVER_CLASS: ${DB_DRIVER_CLASS:-com.mysql.cj.jdbc.Driver}
|
|
|
|
|
DB_SCHEME: ${DB_SCHEME:-mysql}
|
|
|
|
|
DB_PARAMS: ${DB_PARAMS:-allowPublicKeyRetrieval=true&useSSL=false&serverTimezone=UTC}
|
|
|
|
|
DB_USE_SSL: ${DB_USE_SSL:-false}
|
|
|
|
|
DB_USER: ${DB_USER:-openmetadata_user}
|
|
|
|
|
DB_USER_PASSWORD: ${DB_USER_PASSWORD:-openmetadata_password}
|
|
|
|
|
DB_HOST: ${DB_HOST:-mysql}
|
|
|
|
|
DB_PORT: ${DB_PORT:-3306}
|
|
|
|
|
OM_DATABASE: ${OM_DATABASE:-openmetadata_db}
|
|
|
|
|
# ElasticSearch Configurations
|
|
|
|
|
ELASTICSEARCH_HOST: ${ELASTICSEARCH_HOST:- elasticsearch}
|
|
|
|
|
ELASTICSEARCH_PORT: ${ELASTICSEARCH_PORT:-9200}
|
|
|
|
|
ELASTICSEARCH_SCHEME: ${ELASTICSEARCH_SCHEME:-http}
|
|
|
|
|
ELASTICSEARCH_USER: ${ELASTICSEARCH_USER:-""}
|
|
|
|
|
ELASTICSEARCH_PASSWORD: ${ELASTICSEARCH_PASSWORD:-""}
|
|
|
|
|
SEARCH_TYPE: ${SEARCH_TYPE:- "elasticsearch"}
|
|
|
|
|
ELASTICSEARCH_CLUSTER_ALIAS: ${ELASTICSEARCH_CLUSTER_ALIAS:- "openmetadata"}
|
|
|
|
|
ELASTICSEARCH_TRUST_STORE_PATH: ${ELASTICSEARCH_TRUST_STORE_PATH:-""}
|
|
|
|
|
ELASTICSEARCH_TRUST_STORE_PASSWORD: ${ELASTICSEARCH_TRUST_STORE_PASSWORD:-""}
|
|
|
|
|
ELASTICSEARCH_CONNECTION_TIMEOUT_SECS: ${ELASTICSEARCH_CONNECTION_TIMEOUT_SECS:-5}
|
|
|
|
|
ELASTICSEARCH_SOCKET_TIMEOUT_SECS: ${ELASTICSEARCH_SOCKET_TIMEOUT_SECS:-60}
|
|
|
|
|
ELASTICSEARCH_KEEP_ALIVE_TIMEOUT_SECS: ${ELASTICSEARCH_KEEP_ALIVE_TIMEOUT_SECS:-600}
|
|
|
|
|
ELASTICSEARCH_BATCH_SIZE: ${ELASTICSEARCH_BATCH_SIZE:-100}
|
|
|
|
|
ELASTICSEARCH_PAYLOAD_BYTES_SIZE: ${ELASTICSEARCH_PAYLOAD_BYTES_SIZE:-10485760} #max payLoadSize in Bytes
|
|
|
|
|
ELASTICSEARCH_INDEX_MAPPING_LANG: ${ELASTICSEARCH_INDEX_MAPPING_LANG:-EN}
|
2026-01-14 07:05:53 +00:00
|
|
|
# AWS IAM Authentication for OpenSearch (auto-enabled when AWS_DEFAULT_REGION is set)
|
|
|
|
|
# Uses standard AWS env vars: https://docs.aws.amazon.com/cli/v1/userguide/cli-configure-envvars.html
|
|
|
|
|
AWS_DEFAULT_REGION: ${AWS_DEFAULT_REGION:-""}
|
|
|
|
|
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID:-""}
|
|
|
|
|
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY:-""}
|
|
|
|
|
AWS_SESSION_TOKEN: ${AWS_SESSION_TOKEN:-""}
|
|
|
|
|
SEARCH_AWS_SERVICE_NAME: ${SEARCH_AWS_SERVICE_NAME:-"es"}
|
2025-01-09 10:04:07 +00:00
|
|
|
|
|
|
|
|
#eventMonitoringConfiguration
|
|
|
|
|
EVENT_MONITOR: ${EVENT_MONITOR:-prometheus}
|
|
|
|
|
EVENT_MONITOR_BATCH_SIZE: ${EVENT_MONITOR_BATCH_SIZE:-10}
|
|
|
|
|
EVENT_MONITOR_PATH_PATTERN: ${EVENT_MONITOR_PATH_PATTERN:-["/api/v1/tables/*", "/api/v1/health-check"]}
|
|
|
|
|
EVENT_MONITOR_LATENCY: ${EVENT_MONITOR_LATENCY:-[]}
|
|
|
|
|
|
|
|
|
|
#pipelineServiceClientConfiguration
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_CLASS_NAME: ${PIPELINE_SERVICE_CLIENT_CLASS_NAME:-"org.openmetadata.service.clients.pipeline.airflow.AirflowRESTClient"}
|
|
|
|
|
PIPELINE_SERVICE_IP_INFO_ENABLED: ${PIPELINE_SERVICE_IP_INFO_ENABLED:-false}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_HOST_IP: ${PIPELINE_SERVICE_CLIENT_HOST_IP:-""}
|
|
|
|
|
PIPELINE_SERVICE_CLIENT_SECRETS_MANAGER_LOADER: ${PIPELINE_SERVICE_CLIENT_SECRETS_MANAGER_LOADER:-"noop"}
|
|
|
|
|
#airflow parameters
|
|
|
|
|
AIRFLOW_USERNAME: ${AIRFLOW_USERNAME:-admin}
|
|
|
|
|
AIRFLOW_PASSWORD: ${AIRFLOW_PASSWORD:-admin}
|
|
|
|
|
AIRFLOW_TIMEOUT: ${AIRFLOW_TIMEOUT:-10}
|
|
|
|
|
AIRFLOW_TRUST_STORE_PATH: ${AIRFLOW_TRUST_STORE_PATH:-""}
|
|
|
|
|
AIRFLOW_TRUST_STORE_PASSWORD: ${AIRFLOW_TRUST_STORE_PASSWORD:-""}
|
|
|
|
|
FERNET_KEY: ${FERNET_KEY:-jJ/9sz0g0OHxsfxOoSfdFdmk3ysNmPRnH3TUAbz3IHA=}
|
|
|
|
|
|
|
|
|
|
#secretsManagerConfiguration
|
|
|
|
|
SECRET_MANAGER: ${SECRET_MANAGER:-db}
|
|
|
|
|
# AWS:
|
|
|
|
|
OM_SM_REGION: ${OM_SM_REGION:-""}
|
|
|
|
|
OM_SM_ACCESS_KEY_ID: ${OM_SM_ACCESS_KEY_ID:-""}
|
|
|
|
|
OM_SM_ACCESS_KEY: ${OM_SM_ACCESS_KEY:-""}
|
|
|
|
|
# Azure:
|
|
|
|
|
OM_SM_VAULT_NAME: ${OM_SM_VAULT_NAME:-""}
|
|
|
|
|
OM_SM_CLIENT_ID: ${OM_SM_CLIENT_ID:-""}
|
|
|
|
|
OM_SM_CLIENT_SECRET: ${OM_SM_CLIENT_SECRET:-""}
|
|
|
|
|
OM_SM_TENANT_ID: ${OM_SM_TENANT_ID:-""}
|
|
|
|
|
# GCP:
|
|
|
|
|
OM_SM_PROJECT_ID: ${OM_SM_PROJECT_ID:-""}
|
|
|
|
|
|
|
|
|
|
#email configuration:
|
|
|
|
|
OM_EMAIL_ENTITY: ${OM_EMAIL_ENTITY:-"OpenMetadata"}
|
|
|
|
|
OM_SUPPORT_URL: ${OM_SUPPORT_URL:-"https://slack.open-metadata.org"}
|
|
|
|
|
AUTHORIZER_ENABLE_SMTP : ${AUTHORIZER_ENABLE_SMTP:-false}
|
|
|
|
|
OPENMETADATA_SERVER_URL: ${OPENMETADATA_SERVER_URL:-""}
|
|
|
|
|
OPENMETADATA_SMTP_SENDER_MAIL: ${OPENMETADATA_SMTP_SENDER_MAIL:-""}
|
|
|
|
|
SMTP_SERVER_ENDPOINT: ${SMTP_SERVER_ENDPOINT:-""}
|
|
|
|
|
SMTP_SERVER_PORT: ${SMTP_SERVER_PORT:-""}
|
|
|
|
|
SMTP_SERVER_USERNAME: ${SMTP_SERVER_USERNAME:-""}
|
|
|
|
|
SMTP_SERVER_PWD: ${SMTP_SERVER_PWD:-""}
|
|
|
|
|
SMTP_SERVER_STRATEGY: ${SMTP_SERVER_STRATEGY:-"SMTP_TLS"}
|
|
|
|
|
|
|
|
|
|
#extensionConfiguration
|
|
|
|
|
OM_RESOURCE_PACKAGES: ${OM_RESOURCE_PACKAGES:-[]}
|
|
|
|
|
OM_EXTENSIONS: ${OM_EXTENSIONS:-[]}
|
|
|
|
|
|
|
|
|
|
# Heap OPTS Configurations
|
|
|
|
|
OPENMETADATA_HEAP_OPTS: ${OPENMETADATA_HEAP_OPTS:--Xmx1G -Xms1G}
|
|
|
|
|
MASK_PASSWORDS_API: ${MASK_PASSWORDS_API:-true}
|
2021-10-09 17:58:33 +00:00
|
|
|
expose:
|
|
|
|
|
- 8585
|
2022-05-27 10:09:13 +00:00
|
|
|
- 8586
|
2022-10-11 05:43:15 +00:00
|
|
|
- 5005
|
2021-10-09 17:58:33 +00:00
|
|
|
ports:
|
2022-08-31 19:30:24 +00:00
|
|
|
- "8585:8585"
|
|
|
|
|
- "8586:8586"
|
2022-10-11 05:43:15 +00:00
|
|
|
- "5005:5005"
|
2021-10-09 17:58:33 +00:00
|
|
|
depends_on:
|
2022-08-30 21:55:46 +00:00
|
|
|
elasticsearch:
|
2024-02-05 12:58:00 +00:00
|
|
|
condition: service_healthy
|
2022-08-30 21:55:46 +00:00
|
|
|
mysql:
|
|
|
|
|
condition: service_healthy
|
2023-08-03 10:31:20 +00:00
|
|
|
execute-migrate-all:
|
|
|
|
|
condition: service_completed_successfully
|
2021-10-09 17:58:33 +00:00
|
|
|
networks:
|
2022-09-19 03:50:54 +00:00
|
|
|
- local_app_net
|
2022-08-30 21:55:46 +00:00
|
|
|
healthcheck:
|
2023-07-21 17:04:47 +00:00
|
|
|
test: [ "CMD", "wget", "-q", "--spider", "http://localhost:8586/healthcheck" ]
|
2024-06-29 04:09:02 +00:00
|
|
|
|
2021-10-09 17:58:33 +00:00
|
|
|
ingestion:
|
|
|
|
|
build:
|
2021-10-14 14:46:24 +00:00
|
|
|
context: ../../.
|
2022-09-19 03:50:54 +00:00
|
|
|
dockerfile: ingestion/Dockerfile.ci
|
2022-05-02 10:39:44 +00:00
|
|
|
args:
|
|
|
|
|
INGESTION_DEPENDENCY: ${INGESTION_DEPENDENCY:-all}
|
2021-12-10 16:01:08 +00:00
|
|
|
container_name: openmetadata_ingestion
|
2022-09-19 03:50:54 +00:00
|
|
|
environment:
|
2022-12-16 14:46:25 +00:00
|
|
|
AIRFLOW__API__AUTH_BACKENDS: "airflow.api.auth.backend.basic_auth,airflow.api.auth.backend.session"
|
2022-09-19 03:50:54 +00:00
|
|
|
AIRFLOW__CORE__EXECUTOR: LocalExecutor
|
2025-12-19 15:27:12 +00:00
|
|
|
AIRFLOW__LOGGING__LOGGING_LEVEL: ${AIRFLOW_LOGGING_LEVEL:-DEBUG}
|
2022-09-19 03:50:54 +00:00
|
|
|
AIRFLOW__OPENMETADATA_AIRFLOW_APIS__DAG_GENERATED_CONFIGS: "/opt/airflow/dag_generated_configs"
|
2026-03-26 16:15:41 +00:00
|
|
|
# OpenLineage transport config (optional - enable for lineage via OL)
|
|
|
|
|
# AIRFLOW__OPENLINEAGE__TRANSPORT: '{"type": "http", "url": "http://openmetadata-server:8585/api/v1/openlineage/", "endpoint": "lineage", "auth": {"type": "api_key", "api_key": "<OM_JWT_TOKEN>"}}'
|
|
|
|
|
# AIRFLOW__OPENLINEAGE__NAMESPACE: local_airflow
|
2022-10-19 05:30:11 +00:00
|
|
|
DB_HOST: ${AIRFLOW_DB_HOST:-mysql}
|
|
|
|
|
DB_PORT: ${AIRFLOW_DB_PORT:-3306}
|
2022-09-19 03:50:54 +00:00
|
|
|
AIRFLOW_DB: ${AIRFLOW_DB:-airflow_db}
|
2025-02-18 06:56:46 +00:00
|
|
|
DB_SCHEME: ${AIRFLOW_DB_SCHEME:-mysql+mysqldb}
|
2022-10-19 05:30:11 +00:00
|
|
|
DB_USER: ${AIRFLOW_DB_USER:-airflow_user}
|
|
|
|
|
DB_PASSWORD: ${AIRFLOW_DB_PASSWORD:-airflow_pass}
|
2023-12-01 05:29:44 +00:00
|
|
|
|
2023-12-04 12:39:42 +00:00
|
|
|
# extra connection-string properties for the database
|
|
|
|
|
# EXAMPLE
|
|
|
|
|
# require SSL (only for Postgres)
|
|
|
|
|
# properties: "?sslmode=require"
|
2023-12-06 14:26:19 +00:00
|
|
|
DB_PROPERTIES: ${AIRFLOW_DB_PROPERTIES:-}
|
2023-12-04 12:39:42 +00:00
|
|
|
|
2023-12-01 05:29:44 +00:00
|
|
|
# To test the lineage backend
|
|
|
|
|
# AIRFLOW__LINEAGE__BACKEND: airflow_provider_openmetadata.lineage.backend.OpenMetadataLineageBackend
|
|
|
|
|
# AIRFLOW__LINEAGE__AIRFLOW_SERVICE_NAME: local_airflow
|
|
|
|
|
# AIRFLOW__LINEAGE__OPENMETADATA_API_ENDPOINT: http://openmetadata-server:8585/api
|
|
|
|
|
# AIRFLOW__LINEAGE__JWT_TOKEN: ...
|
2025-11-21 11:28:28 +00:00
|
|
|
# AIRFLOW__CORE__AUTH_MANAGER: airflow.providers.fab.auth_manager.fab_auth_manager.FabAuthManager
|
|
|
|
|
# AIRFLOW__CORE__SIMPLE_AUTH_MANAGER_ALL_ADMINS: true
|
2023-12-01 05:29:44 +00:00
|
|
|
|
2024-02-20 06:18:35 +00:00
|
|
|
## Secrets Manager
|
|
|
|
|
# To integrate Azure Key Vault
|
|
|
|
|
AIRFLOW__OPENMETADATA_SECRETS_MANAGER__AZURE_KEY_VAULT_NAME: ${OM_SM_VAULT_NAME:-""}
|
|
|
|
|
AIRFLOW__OPENMETADATA_SECRETS_MANAGER__AZURE_TENANT_ID: ${OM_SM_TENANT_ID:-""}
|
|
|
|
|
AIRFLOW__OPENMETADATA_SECRETS_MANAGER__AZURE_CLIENT_ID: ${OM_SM_CLIENT_ID:-""}
|
|
|
|
|
AIRFLOW__OPENMETADATA_SECRETS_MANAGER__AZURE_CLIENT_SECRET: ${OM_SM_CLIENT_SECRET:-""}
|
|
|
|
|
# To Integrate with AWS SSM
|
|
|
|
|
AIRFLOW__OPENMETADATA_SECRETS_MANAGER__AWS_REGION: ${OM_SM_AWS_REGION:-""}
|
|
|
|
|
AIRFLOW__OPENMETADATA_SECRETS_MANAGER__AWS_ACCESS_KEY_ID: ${OM_SM_AWS_ACCESS_KEY_ID:-""}
|
|
|
|
|
AIRFLOW__OPENMETADATA_SECRETS_MANAGER__AWS_SECRET_ACCESS_KEY: ${OM_SM_AWS_SECRET_ACCESS_KEY:-""}
|
2024-06-29 04:09:02 +00:00
|
|
|
# To integrate GCP
|
|
|
|
|
AIRFLOW__OPENMETADATA_SECRETS_MANAGER__GCP_PROJECT_ID: ${OM_SM_PROJECT_ID:-""}
|
2024-02-20 06:18:35 +00:00
|
|
|
|
2025-05-06 10:41:24 +00:00
|
|
|
# Apps
|
|
|
|
|
ENABLE_APP_HelloPipelines: "true"
|
2024-02-20 06:18:35 +00:00
|
|
|
|
2022-09-19 03:50:54 +00:00
|
|
|
entrypoint: /bin/bash
|
|
|
|
|
command:
|
|
|
|
|
- "/opt/airflow/ingestion_dependency.sh"
|
2021-10-30 16:05:30 +00:00
|
|
|
depends_on:
|
2022-08-30 21:55:46 +00:00
|
|
|
elasticsearch:
|
|
|
|
|
condition: service_started
|
|
|
|
|
mysql:
|
|
|
|
|
condition: service_healthy
|
|
|
|
|
openmetadata-server:
|
2023-01-18 07:45:15 +00:00
|
|
|
condition: service_started
|
2021-10-09 17:58:33 +00:00
|
|
|
expose:
|
2021-10-14 14:46:24 +00:00
|
|
|
- 8080
|
2021-10-09 17:58:33 +00:00
|
|
|
ports:
|
2022-08-31 19:30:24 +00:00
|
|
|
- "8080:8080"
|
2021-10-09 17:58:33 +00:00
|
|
|
networks:
|
2021-11-11 05:22:32 +00:00
|
|
|
- local_app_net
|
2021-12-18 15:41:38 +00:00
|
|
|
volumes:
|
2022-09-30 12:50:38 +00:00
|
|
|
- ingestion-volume-dag-airflow:/opt/airflow/dag_generated_configs
|
2022-09-29 16:14:12 +00:00
|
|
|
- ingestion-volume-dags:/opt/airflow/dags
|
|
|
|
|
- ingestion-volume-tmp:/tmp
|
2022-10-11 05:50:49 +00:00
|
|
|
- /var/run/docker.sock:/var/run/docker.sock:z # Need 600 permissions to run DockerOperator
|
2022-09-29 16:14:12 +00:00
|
|
|
|
2022-08-30 21:55:46 +00:00
|
|
|
|
2026-04-10 00:45:00 +00:00
|
|
|
mock-oidc-provider:
|
|
|
|
|
build:
|
|
|
|
|
context: ./mock-oidc-provider
|
|
|
|
|
dockerfile: Dockerfile
|
|
|
|
|
container_name: mock_oidc_provider
|
|
|
|
|
environment:
|
|
|
|
|
PORT: "9090"
|
|
|
|
|
ISSUER: ${MOCK_OIDC_ISSUER:-http://localhost:9090}
|
|
|
|
|
INTERNAL_BASE_URL: ${MOCK_OIDC_INTERNAL_BASE_URL:-http://mock-oidc-provider:9090}
|
|
|
|
|
expose:
|
|
|
|
|
- 9090
|
|
|
|
|
ports:
|
|
|
|
|
- "9090:9090"
|
|
|
|
|
networks:
|
|
|
|
|
- local_app_net
|
|
|
|
|
healthcheck:
|
|
|
|
|
test: ["CMD", "wget", "-q", "--spider", "http://localhost:9090/health"]
|
|
|
|
|
interval: 10s
|
|
|
|
|
timeout: 5s
|
|
|
|
|
retries: 5
|
|
|
|
|
profiles:
|
|
|
|
|
- sso-test
|
|
|
|
|
|
2021-10-09 17:58:33 +00:00
|
|
|
networks:
|
2021-11-11 05:22:32 +00:00
|
|
|
local_app_net:
|
2022-02-14 15:53:42 +00:00
|
|
|
name: ometa_network
|
2021-10-09 17:58:33 +00:00
|
|
|
ipam:
|
|
|
|
|
driver: default
|
|
|
|
|
config:
|
2021-10-14 14:46:24 +00:00
|
|
|
- subnet: "172.16.239.0/24"
|