Welcome
Administering
Learn how to administer settings in HCL DevOps Deploy (Deploy) elements and communication between the elements.
Server settings and configuration
After you install HCL DevOps Deploy (Deploy), you can modify the server configuration and configure more options.
System settings
System settings allows you to manage global settings for components, clean up, password requirement, security, mail-server, and much more.

Release Notes
This section includes what's new, defect fixes, and deprecations and removals in all releases.
System Requirements
This document includes information about the hardware, containers, prerequisite software, supported operating system, and database requirements with component level detail for the HCL DevOps Deploy (Deploy).
Getting Started
Quickly become productive with HCL DevOps Deploy (Deploy).
Installing
A HCL DevOps Deploy (Deploy) installation consists of a Deploy server, a database server, and at least one agent.
Upgrading and Migrating
Stay updated with latest features and functionalities by upgrading HCL DevOps Deploy (Deploy) server, agents, and relays. This section also provides instruction on how to migrate your Deploy instance.
Integrating
HCL DevOps Deploy (Deploy) supports integrations with other IBM® and HCL products, products from others, and certain cloud systems.
Administering
Learn how to administer settings in HCL DevOps Deploy (Deploy) elements and communication between the elements.
- Backup and recover
  You can back up and recover the contents of your HCL DevOps Deploy (Deploy) installation.
- High availability and failover
  You can configure clustered HCL DevOps Deploy (Deploy) servers, and agents for high availability. You can also configure agents and agent relays for failover.
- Setting up high-availability clusters
  To configure a high-availability cluster, you store shared files on network storage. Then, you configure multiple servers, set each server to access the same files and database, and configure a load balancer to distribute the traffic between the servers.
- Adding cold standby servers
  You can add cold standby servers to serve as a backup server or for disaster recovery. You must start the secondary server or servers when the active server fails, and network traffic is routed to the secondary servers.
- Server settings and configuration
  After you install HCL DevOps Deploy (Deploy), you can modify the server configuration and configure more options.
  - Increasing the amount of memory that is available to the server
    If you see "Out of memory" errors or are using the server at high capacity, increase the amount of system memory that is available to the server.
  - Modifying the context root of the server
    After you install the server, you can modify the context root, if your server configuration requires it.
  - Enabling maintenance mode
    Maintenance mode stops activity on the server so you can run important tasks that require the server to be idle.
  - Changing the database password
    If you change the password for your database, you must update the password on the server.
  - Changing passwords for the server KeyStore
    You can change the Java™ KeyStore password for the server.
  - Changing passwords for the encryption KeyStore
    You can change passwords for the encryption KeyStore.
  - Changing or updating the JRE of servers
    You can change the JRE of active servers by editing their configuration files.
  - Working with Notifications
    HCL DevOps Deploy (Deploy) can send email notifications whenever user-defined trigger events occur on the server.
  - Managing locks
    A lock ensures that processes do not interfere with one another. Normally, locks are released after they are no longer needed. Sometimes, a lock is not released, and its associated process is unable to complete.
  - System settings
    System settings allows you to manage global settings for components, clean up, password requirement, security, mail-server, and much more.
- Setting your profile
  As a HCL DevOps Deploy (Deploy) user, you can manage teams and roles for your account, and preferences such as display options, language for the server, and how the server shows times and dates.
- Agents and agent relay configuration
  After you install an agent for HCL DevOps Deploy (Deploy), you can modify its configuration or create an agent relay to facilitate communication to remote relays.
- Licensing
  HCL DevOps Deploy (Deploy) provides a 60-day license-free evaluation period. You must have a license to use all product features after the evaluation period.
- Setting up the wizard for new users
  HCL DevOps Deploy (Deploy) includes a wizard to help users become familiar with the procedures and steps in creating a deployment. Some configuration is required before the wizard can be used.
- Customizing the table views
  Customize a table view in the HCL DevOps Deploy (Deploy) application by hiding or showing, and reordering of the table columns.
- Managing data
  This section gives details about how you can manage your data in HCL DevOps Deploy (Deploy)
Managing Security
HCL DevOps Deploy (Deploy) uses a flexible team-based and role-based security model that maps to your organizational structure.
Modeling Software Deployment
Modeling software deployment in HCL DevOps Deploy (Deploy) includes configuring components and component processes and adding those components to applications. Then, you use processes to deploy the components to environments.
Deploying
Learn how to deploy applications in HCL DevOps Deploy (Deploy).
Reporting
Provides several different deployment and security reports.
Extending Product Function
Learn how to extend the function of HCL DevOps Deploy (Deploy).
Troubleshooting and Support
Learn how to troubleshoot some common issues with HCL DevOps Deploy (Deploy).
Security Considerations
You can act to ensure that your installation is secure and set up user access controls.

System settings

System settings allows you to manage global settings for components, clean up, password requirement, security, mail-server, and much more.

The following tables list the settings for several system-wide settings for the server.

Table 1. General settings
Field	Description
External Agent URL*	Specify the URL that the HCL DevOps Deploy (Deploy) server provides to agents as their point of contact. When an agent wants to contact the server, it retrieves this URL and opens a connection on it. This URL must point to the HTTP or HTTPS port of the server.
External User URL*	Specify the URL that users enter to connect to the Deploy server. The URL is also used when creating a notification template.
Message of the Day	Enter a message that will be displayed on user login or user navigation within web UI.
Validate Agent IP	When enabled, the agent IP and host name are validated against values that are used the first time that the agent is connected to the Deploy server.
Skip Property Updates for Existing Agents	When enabled, as the new agents come online, the server does not update their properties. This improves the performance, but the agent properties can become out of date.
Create Default Children for Plugins	When enabled, empty groups are created when plug-ins use the auto discovery feature.
Default Locale	Select a default language for the user interface.
Default Snapshot Lock Type	Determines the default lock type when users create snapshots. Lock types are the following values: Only Component Versions, Only Configuration, or Component Versions and Configuration. The default value is Component Versions and Configuration. Changes are effective after the server is restarted.
Require a Comment For Process Design Changes	When enabled, prompts users to provide a comment when a process design is updated.
Enable Maintenance Mode	When enabled. stops activities on the server so you can run important tasks that require the server to be idle.

Table 2. Component settings
Field	Description
Components copy to CodeStation by default	When enabled, newly created components copy artifacts to CodeStation by default. You can change this setting on individual components even when this option is enabled.
Enforce Deployed Version Integrity	When enabled, deployed component version artifacts cannot be changed.
Automatic Version Import Check Period (seconds)*	Specify the time-period (in seconds) between the times that Deploy polls components for new versions. If this value is changed, the server must be restarted before the change becomes effective. You can set this value to 15 seconds or higher.
Use Agent Tag For Integration	When enabled, allows agent that is identified by a specific tag to import component versions. If this setting is selected, the Agent Tag for version imports field is shown. Otherwise, the Agent for Version Imports field is displayed. For information about tagging objects, see Adding tags to objects
Agent for Version Imports	Specify the agent that is used to import component versions. The agent must have access to component artifacts. The agent becomes the default agent for new components. This value can be overridden when a component is created. This field is displayed if the Use Agent Tag for Integration toggle button is set to Off. To import artifacts from the server location, install an agent in the same location and specify that agent.
Version Import Records to Retain	Specify the number of version import records to retain during cleanup. Default is 100.
Enable Safe Edit of Component Processes	When enabled, you can test component processes before making them available in normal environments. You can make updates to your component process, test those updates safely, and then promote to a new version when you are ready.
Require Approval to Promote Component Process	When enabled, any draft component process must be approved by an authorized user before it can be promoted and used in deployments.
Allow Process Locking	When enabled, users with 'Manage Process Lock' permission can lock component processes for editing. Users can also force unlock a process locked by another user.
Require Process Locking	When enabled, users will not be able to edit component processes without locking the process first.
Server Storage Display '100%' Size (MB)	Define the size in megabytes of '100%' storage in the dashboard server storage display. This setting only affects the dashboard display and does not enforce a limit for artifact uploads.

Table 3. Artifact cleanup settings
Field	Description
Daily Cleanup Start Time*	Enter the time when versions are cleaned. The value must be an integer from 0 (midnight) to 23 (11 pm). To preview the component versions that are scheduled for cleaning, click Preview Version Cleanup. See Cleaning up component versions.
Default Application Snapshot Retention (days)*	Enter the number of days application snapshots are kept by default. A value of `-1` means that they are kept indefinitely. Component and environment settings can override this setting.
Default Version Retention for Component (days)*	Enter the number of component versions to keep by default. A value of `-1` specifies that all are kept. Component settings can override this setting.
Default Number of Versions to Retain for Component*	Enter the number of versions to retain for each component.
Default Version Retention for Environment (days)*	Enter the number of environment versions to keep by default. A value of `-1` specifies that all are kept. Environment settings can override this setting.
Default Number of Versions to Retain for Environment*	Enter the number of versions to retain for each environment.
Archive Path	Specify the path where the compressed file that contains the archived component versions is written. If this field is blank, the compressed file is not written, and no archive is kept.
Preview Version Cleanup	Click Preview Version Cleanup to see the versions that are archived using the current settings. See Cleaning up component versions.

Table 4. Process history cleanup settings
Field	Description
Daily Cleanup Start Time	Specify the time that the daily cleanup process starts.
Daily Cleanup Duration (hours)	Specify the number of hours that the cleanup process runs daily.
Enable Deployment History Cleanup	When enabled, deployment history files are reduced. See Cleaning up deployment history files.
Days to Retain Deployment History	Enter the number of days to retain deployment history. This setting can be overridden with the related environment setting.
Enable Generic Process History Cleanup	When enabled, the generic process history files are set to delete as per the Days to Retain Generic Process History setting.
Days to Retain Generic Process History	Enter the number of days to retain generic process history. This setting can be overridden with the related environment setting.
Enable Process Step Log Cleanup	When enabled, the process step log cleanup starts. The process step logs are deleted according to the values that you set without deleting other history records.
Days to Retain Process Step Logs	Enter the default number of days to retain process step logs for generic processes not associated with deployments, and for environments if the number of days is not specified directly in the environment settings. Valid range is 0 or greater.

Table 5. Audit Log settings
Field	Description
Enable Audit Log Entries for Read Events	This option is enabled by default. When disabled, no READ events are recorded in the audit log.
Enable Audit Log Cleanup	When enabled, audit log entries older than the number of days specified in the Days to Retain Audit Log Entries field are removed beginning at the time specified by the Daily Cleanup Start Time field. See Configuring log rotation settings. Deleting audit logs from Settings > Audit Log > Cleanup Log creates a log entry of event type Audit Log Cleanup that are non-deletable.
Daily Cleanup Start Time	If Enable Audit Log Cleanup is enabled, specify the time the audit log cleanup starts. The default value is 12:00 AM.
Days to Retain Audit Log Entries	If Enable Audit Log Cleanup is enabled, specify the number of days that audit log records are retained. The default value is 30.

Table 6. Password requirement settings
Field	Description
Minimum Password Length*	Define the minimum length for passwords.
Require Uppercase Characters in Passwords	When enabled, passwords must contain at least one uppercase character.
Require Lowercase Characters in Passwords	When enabled, passwords must contain at least one lowercase character.
Require Special Characters in Passwords	When enabled, passwords must contain at least one special character.
Require Number Characters in Passwords	When enabled, passwords must contain at least one numeric character.
Require Password to be Unique From User Information	When enabled, passwords must not match username, actual name, or configured email.

Table 7. Security settings
Field	Description
Discovery Auth Token Expiration Delay(seconds)	Specify the delay in seconds for auth tokens that are created for Auto Discovery Steps to expire. The value must be 300 seconds or more.
Configure Auth Token Expiration Delay(seconds)	Specify the delay in seconds for auth tokens that are created for Auto Configure Steps to expire. The value must be 300 seconds or more.
Version Import Auth Token Expiration Delay(seconds)	Specify the delay in seconds for auth tokens that are created for Version Import Steps to expire. The value must be 300 seconds or more.
Plugin Step Auth Token Expiration Delay(seconds)	Specify the delay in seconds for auth tokens that are created for plug-in steps to expire. The value must be 300 seconds or more.
Use Default Auth Token Restriction if not specified	When enabled, the default authentication token restriction for processes that are created in Deploy is used. For these versions, the default token is applied to the most current process version but not other versions. For more information, see Restricting authentication tokens.
Require Token Restriction	When enabled, the None option is removed from the Auth Token Restriction drop-down when creating or editing an authentication token. This makes Auth Token Restriction a required field, but the user can still set a highly permissive token restriction.
"Remember me" duration (hours)	Specify the number of hours a user can optionally be remembered and remain logged in.
Logout should invalidate all "Remember Me" cookies	When enabled, invalidates all "Remember Me" cookies for a user when they explicitly log out.
Default Teams for New Objects	Select All Teams Available to User to add all teams that are available to user by default when a new object is created. When set to None, no teams are assigned to the users when new objects are created. Users can override this setting while creating objects.
Trusted proxy list	Enter a regular expression pattern to match IP of the trusted proxy servers. This value affects all servers. You must restart the servers for the changes to reflect. If left blank, the proxy headers are not trusted from incoming connections, which further may affect auth token IP restriction validation and IP logging.
User Idle Days to Lock	Specify the number of days after the user's last login date before locking the user account. You can enter 0 to disable user account locking.
User Idle Days to Delete	Specify the number of days after the user's last login date before deleting the user account. You can enter 0 to disable user account deletion.
Preview Idle User Lock	Click Preview Idle User Lock to load the information about user accounts that will be locked or deleted.

Table 8. Mail server settings
Field	Description
Mail Server Host	Enter the host name of the mail server that is used for notifications. Deploy can send notifications to users based on user-configured trigger events (to set up notifications, see Creating Notifications in a Notification Scheme). Deploy requires an external SMTP mail server to send messages. To disable notifications, leave the field blank.
Mail Server Port	Enter the SMTP port that is used by the notifications mail server.
Secure Mail Server Connection	When enabled, the SMTP server connection is secured.
Mail Server Sender Address	Enter the sender's email address for email notifications.
Mail Server Username	Enter the user name for sending email notifications. Some email servers and firewalls treat emails with different sender and user names suspiciously. Therefore, consider specifying the same name for both fields.
Mail Server Password	Enter the user password for sending email notifications.
Max Recipients Per Email	Specify the maximum number of recipients to include in a single email. Mutliple emails will be sent when this is exceeded.

Table 9. External Approval settings
Field	Description
Resource Type to Run External Approvals	Choose any of the following options: None: to use no agent or agent pool to run external approval processes. Agent: to use an agent as the default resource type to run external approvals. Specify agent in the Agent for External Approvals field which will be used for external approval processes. Agent Pool: to use an agent pool to specify a group of agents to run external approvals on instead of using a specific agent. Specify agent pool in the Agent Pool for External Approvals field which will be used for external approval processes. For more information, see Managing external approval processes.

Table 10. Legacy Configuration Options
Field	Description
Enable "Prompt On Use"	When enabled, the option to set Prompt On Use for properties in workflow steps is displayed.
Fail Processes With Unresolved Properties	When enabled, any running process which comes across a property which it cannot resolve will automatically fail.
Component Environment Properties Override Environment Properties	When enabled, component environment properties overrides environment properties when using `${p:propName}` notation as opposed to `${p:environment/propName}`.
Enable Deleting Resources From Environment Resource Tree	When enabled, allows you to delete resources that are mapped with environment while deleting that environment. Note that the resources are deleted globally and affects the other environments that uses the same resource tree.
Load Compliancies On Application Page	When enabled, environment compliancies are loaded in batch from the Application page rather than loading on demand.

To add feedback about this topic, select the following checkbox:

By clicking this box, you acknowledge that you are NOT a U.S. Federal Government employee or agency, nor are you submitting information with respect to or on behalf of one. HCL provides software and services to U.S. Federal Government customers through its partners Four, Inc. Contact this team at https://hcltechsw.com/resources/us-government-contact. Do not include any personal data in this Comment box. Note: To report a problem or question about the product software, do not use this form. Instead, go to the HCL Software Support site. Personal data should not be shared in this comment box. See our Privacy Statement to understand how personal data is used.