This repository has been archived by the owner on Nov 6, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
settings.yaml
133 lines (95 loc) · 3.55 KB
/
settings.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
enabled_features:
redirect_legacy_api_urls:
_DEFAULT: true
s3_folders:
_DEFAULT: false
_HOST_dev: false
_HOST_prod: false
_HOST_alpha: false
AWS_SERVICE_URL:
_HOST_dev: "https://aws.services.dev.analytical-platform.service.justice.gov.uk"
_HOST_alpha: "https://aws.services.analytical-platform.service.justice.gov.uk"
_HOST_prod: "https://aws.services.analytical-platform.service.justice.gov.uk"
USER_GUIDANCE_BASE_URL: 'https://user-guidance.services.alpha.mojanalytics.xyz'
GOOGLE_ANALYTICS_ID:
_HOST_dev: 'UA-151666116-4'
_HOST_prod: 'UA-151666116-3'
_HOST_alpha: 'UA-151666116-2'
# Helm repo where tool charts are hosted
HELM_REPO: 'mojanalytics'
HELM_REPOSITORY_CACHE: "/tmp/helm/cache/repository"
# The number of seconds helm should wait for helm delete to complete.
HELM_DELETE_TIMEOUT: 10
# domain where tools are deployed
TOOLS_DOMAIN:
_DEFAULT: tools.dev.analytical-platform.service.justice.gov.uk
_HOST_alpha: tools.analytical-platform.service.justice.gov.uk
KIBANA_BASE_URL: 'https://kibana.cloud-platform.service.justice.gov.uk/_plugin/kibana'
GRAFANA_BASE_URL: 'https://grafana.live.cloud-platform.service.justice.gov.uk'
# Name of S3 bucket where logs are stored
LOGS_BUCKET_NAME:
_DEFAULT: 'moj-analytics-s3-logs-dev'
_HOST_prod: 'moj-analytics-s3-logs'
_HOST_alpha: 'moj-analytics-s3-logs'
BUCKET_REGION: 'eu-west-1'
# -- Airflow
AIRFLOW_REGION: "eu-west-1"
AWS_DEFAULT_REGION: "eu-west-1"
APP_DOMAIN_BEFORE_MIGRATION: apps.alpha.mojanalytics.xyz
APP_DOMAIN: apps.live.cloud-platform.service.justice.gov.uk
SLACK_CHANNEL: "#data-platform-notifications"
AWS_ROLES_MAP:
DEFAULT: AWS_APP_ACCOUNT_ROLE
USER:
DEFAULT: AWS_APP_ACCOUNT_ROLE
AWSROLE: AWS_APP_ACCOUNT_ROLE
AWSBUCKET: AWS_APP_ACCOUNT_ROLE
AWSPOLICY: AWS_APP_ACCOUNT_ROLE
AWSSECRETMANAGER: AWS_APP_ACCOUNT_ROLE
APP:
DEFAULT: AWS_APP_ACCOUNT_ROLE
AWSROLE: AWS_APP_ACCOUNT_ROLE
AWSBUCKET: AWS_APP_ACCOUNT_ROLE
AWSPOLICY: AWS_APP_ACCOUNT_ROLE
AWSPARAMETERSTORE: AWS_APP_ACCOUNT_ROLE
AWSSECRETMANAGER: AWS_APP_ACCOUNT_ROLE
CUSTOM_AUTH_CONNECTIONS: "auth0_nomis"
AUTH0_NOMIS_GATEWAY_URL: "https://testing.com"
BROADCAST_MESSAGE: >
We are on the edge of hitting the limit of AWS S3 bucket (1000). | Before we implement the long term solution,
could you make sure you remove the buckets you do not need any more? also make sure not create more buckets than your need,
try to use sub-folders to manage different datasets rather than multiple buckets.
GITHUB_VERSION: "2022-11-28"
OTHER_SYSTEM_SECRETS:
- ECR_
- KUBE_
AUTH_SETTINGS_SECRETS:
- AUTH0_CLIENT_ID
- AUTH0_CLIENT_SECRET
- IP_RANGES
AUTH_SETTINGS_NO_EDIT:
- AUTH0_CLIENT_ID
- AUTH0_CLIENT_SECRET
- AUTH0_DOMAIN
- AUTH0_PASSWORDLESS
AUTH_SETTINGS_ENVS:
- AUTH0_DOMAIN
- AUTHENTICATION_REQUIRED
- AUTH0_PASSWORDLESS
SECRET_DISPLAY_VALUE: "*******"
AUTH0_CLIENT_NAME_PATTERN: "data-platform-app-{app_name}-{env}"
AUTH0_CLIENT_NAME_LIMIT: 31
APP_URL_NAME_PATTERN:
DEFAULT: "{app_name}-{env}"
PROD: "{app_name}"
# This prefix should prevent overlap with other secret/parameter names stored in GitHub
# It will be removed in the app deployment workflow so that users won't need to use it in their code
APP_SELF_DEFINE_SETTING_PREFIX: "XXX_"
S3_FOLDER_BUCKET_NAME:
# TODO temp folder - update when real bucket has been created
_DEFAULT: "dev-folder-migration-spike"
_HOST_test: "test-folder-bucket"
_HOST_dev: "dev-folder-migration-spike"
WORKER_HEALTH_FILENAME: "/tmp/worker_health.txt"
USE_LOCAL_MESSAGE_BROKER: false
BROKER_URL: "sqs://"