Starting Web server Docker container by retrieving parameters from Vault
Learn about how to start Web server Docker container by specifying
CONFIGURE_MODE=Vault
.
Mandatory environment variables
Environment variable name | Description | Comments |
---|---|---|
TENANT | The name of the group that contains your set of environments. For example, MyCompany. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.tenant . |
ENVIRONMENT | The name of the environment. For example, Non-production. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.environmentName . |
ENVTYPE | The environment type. Accepted values are auth and live. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.environmentType . |
VAULT_TOKEN | The Vault token to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultToken . |
VAULT_URL | The Vault URL to use to connect to Vault and request certification from Vault PKI. | Container environment variable. This can be specified in the
values.yaml configuration file under
common.vaultUrl . |
CONFIGURE_MODE | The configure mode. Accepted values are:
|
Container environment variable. This can be specified in the
values.yaml configuration file under
common.configureMode . |
EXTERNAL_DOMAIN_NAME | The external domain name for the Web server Docker container (ts-web ).For
example, |
Container environment variable. This can be specified in the
values.yaml configuration file under
common.externalDomain .
|
Optional Vault configuration variables
These are the optional Vault key values that you can specify within Vault to configure the Web server Docker container when used with the Vault configuration mode.
Vault path | Description | Reference Environment Variable |
---|---|---|
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/domainName |
Specify the internal service domain name. If the deployed
environment is on a special namespace on Kubernetes, then the domain name should
be .svc.cluster.local. If no value is specified, then the
default, |
DOMAIN_NAME |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txHost |
The Transaction server host name. The default value
is |
TX_HOST |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txPort |
The Transaction server port number. The default
value is |
TX_PORT |
${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ts-web/extraContentSecurityPolicySource |
Specify additional host names for
the Content Security Policy (CSP) for the Web server Docker container
(ts-web ). The format of this value must conform to the content security policy source list
standard.Failure to specify CSP correctly will trigger Cross Site Scripting (XSS) protection in browsers. Third-party analytics, images, style sheets, or other scripts that are hosted on a secondary domain or third-party domain will fail to load in the browser, resulting in features of your site failing otherwise gracefully. The default values supplied by
HCL Commerce include your domain
(EXTERNAL_DOMAIN_NAME), as well as analytics and file
hosting from Google. Additional hostnames supplied via this variable include
For
example: or
|
EXTRA_CSP_SOURCE |