Configure ISW Custom Resource

To install an instance of IBM Industry Solutions Workbench, you have to create an ISW Custom Resource like described in the installation process. The Custom Resource provides different configurations for the product which can be edited at any time. The IBM Industry Solutions Workbench Operator always applies the current configuration of the Custom Resource. The following page will give you a description about the configuration possibilities.

Description

Main configuration

The following values are the main configuration for IBM Industry Solutions Workbench and should be thought of at installation. They will most likely not change.


Variable	Description	Required	Default
`designer.enabled`	A boolean value that enables or disables the Solution Designer	no	true
`domain`	A value that defines the ingress domain which is used to create routes. It can be retrieved by calling `oc get ingresses.config/cluster -o jsonpath={.spec.domain}`	yes	-
`license.accept`	A value that confirms that you accept the license. Value must be "true"!	yes	-

Extended configuration

For more detailed configuration, there is the values key because it gives the opportunity to freely configure multiple aspects of IBM Industry Solutions Workbench. All values are optional and can be edited at any time.


Variable	Description	Default
`values.global.endpoints.assetManager.host`	A String value that defines the url for the k5-asset-manager Route	'k5-asset-manager-YOUR_INGRESS_DOMAIN'
`values.global.endpoints.configurationManagement.host`	A String value that defines the url for the k5-configuration-management Route	'k5-configuration-YOUR_INGRESS_DOMAIN'
`values.global.endpoints.designer.host`	A String value that defines the url for the k5-designer Route	'k5-designer-YOUR_INGRESS_DOMAIN'
`values.global.endpoints.hub.host`	A String value that defines the url for the k5-hub Route	'k5-hub-YOUR_INGRESS_DOMAIN'
`values.global.endpoints.query.host`	A String value that defines the url for the k5-query Route	'k5-query-YOUR_INGRESS_DOMAIN'
`values.global.frontend.changePasswordLink`	A String value that defines the url to change the password in your OIDC provider	'/account/#/security/signingin'
`values.global.frontend.defaultTimeout`	A Integer value that defines the default timeout in the frontend in milliseconds.	30000
`values.global.network.egressPolicy.allowList`	A list with domains that IBM Industry Solutions Workbench is allowed to connect to. Each entry in the list is a key-value pair that has either the key `dnsName` with a domain name as value (without protocol) or `cidrSelector` with an IP address range in CIDR format as value. See also Network Policies	-
`values.global.network.egressPolicy.enabled`	A boolean value that enables or disables the EgressNetworkPolicy	true
`values.global.network.ingressPolicy.enabled`	A boolean value that enables or disables the NetworkPolicy	true
`values.global.routes.annotations`	Key-value pairs that are added as annotations to every route (Care: Adding annotations removes the default ones, see right column)	`haproxy.router.openshift.io/hsts_header: max-age=31536000;includeSubDomains;preload` `haproxy.router.openshift.io/rate-limit-connections: 'true'` `haproxy.router.openshift.io/rate-limit-connections.concurrent-tcp: '25'`
`values.service-builder.k5-asset-manager.routingExpose.enabled`	A boolean value that enables or disables the route for k5-asset-manager	false
`values.service-builder.k5-designer-backend.mongoDb.dbName`	A String value that defines the used database name for the k5-designer-backend	'k5-solution-designer'
`values.service-builder.k5-git-integration-controller.mongoDb.dbName`	A String value that defines the used database name for the k5-git-integration-controller	'k5-git-integration'
`values.service-builder.k5-pipeline-manager.tekton.imageStreams.initialize`	A boolean value that defines whether needed ImageStreams for the base images are created automatically or not	true

Example ISW Custom Resource

The following describes an exemplary ISW Custom Resource:

apiVersion: k5.ibm.com/v1beta1
kind: ISW
metadata:
  name: k5-tools
  namespace: k5-tools
spec:
  designer:
    enabled: true
  domain: apps.openshift.my.cloud
  license:
    accept: true
  values:
    global:
      endpoints:
        assetManager:
          host: k5-asset-manager.apps.openshift.my.cloud
        configurationManagement:
          host: k5-configuration-management.apps.openshift.my.cloud
        designer:
          host: k5-designer.apps.openshift.my.cloud
        hub:
          host: k5-hub.apps.openshift.my.cloud
        query:
          host: k5-query.apps.openshift.my.cloud
      frontend:
        changePasswordLink: "accounts/password/change"
        defaultTimeout: 30000
      network:
        egressPolicy:
          enabled: true
          allowList:
            - dnsName: auth.openshift.my.cloud
            - cidrSelector: 1.2.3.0/24
        ingressPolicy:
          enabled: false
      routes:
        annotations:
          haproxy.router.openshift.io/rate-limit-connections: 'false'
    service-builder:
      k5-asset-manager:
        routingExpose:
          enabled: true
      k5-designer-backend:
        mongoDb:
          dbName: my-designer-database
      k5-git-integration-controller:
        mongoDb:
          dbName: my-gic-database
      k5-pipeline-manager:
        tekton:
          imageStreams:
            initialize: false