-
Notifications
You must be signed in to change notification settings - Fork 11
Environment Variables
Tami Takamiya edited this page Feb 14, 2024
·
35 revisions
This page contains the list of environment variables read by Wisdom Service. Note that these variables are also specified in
-
Resources used in deployment
- ansible-wisdom-ops/applications/wisdom-service/configmap.yaml
- ansible-wisdom-ops/applications/wisdom-service/secret.yaml
- For ENV vars coming from secrets, please refer to secret structure
- Docker (Podman) Compose file
When you add/modify/delete any environment variables read by Wisdom Service, please consider to spend ten minutes to update this page so that the information remains updated.
- Django-specific
- Model Server/Inference
- watsonx Code Assistant (WCA)
- Attributions
- Health Check
- Authentication/Authorization
- Postprocessing/Ansible Risk Insight (ARI)
- Production Environment/Pilot-related/Deployment
- API Rate Throttle, Analytics
- Documentation
- Mock Model/Client
| Name | Default | Description | Read by |
|---|---|---|---|
| ANSIBLE_AI_DATABASE_HOST | None | Location of Django DB host (Postgres) | base.py |
| ANSIBLE_AI_DATABASE_NAME | None | Name of Django DB | base.py |
| ANSIBLE_AI_DATABASE_PASSWORD | None | Password of Django DB | base.py |
| ANSIBLE_AI_DATABASE_PORT | 5432 | Port of Django DB | base.py |
| ANSIBLE_AI_DATABASE_USER | None | User name of Django DB | base.py |
| DJANGO_SETTINGS_MODULE | main.settings.development | Django settings module | wsgi.py, asgi.py, manage.py |
| SECRET_KEY | None | A secret used for Django | base.py, development.py, production.py |
| ALLOWED_CIDR_NETS | 10.0.0.0/8 | Alloed CIDR (Classless Inter-Domain Routing) networks. (Used for allowing Prometheus to scrape metrics) | base.py |
| MULTI_TASK_MAX_REQUESTS | 10 | Specifies the maximum # of tasks that can be sent at one time for multi-task generation | base.py |
| DJANGO_LOG_LEVEL | WARNING | Defines the logging level used for the root logger | base.py |
| LAUNCHDARKLY_SDK_KEY | None | SDK key for LaunchDarkly | base.py |
| Name | Default | Description | Read by | PR Link |
|---|---|---|---|---|
| ANSIBLE_AI_MODEL_MESH_API_TIMEOUT | None (=no timeout) | Inference API timeout in secs | base.py | |
| ANSIBLE_AI_MODEL_MESH_API_TYPE | http | Protocol used for AI Model backend ("http", "grpc", "mock" [=mock server backend], or "wca") | development.py, production.py | |
| ANSIBLE_AI_MODEL_MESH_HOST | (This URL) (development), None (production) | Location of Model server | development.py, production.py | |
| ANSIBLE_AI_MODEL_MESH_INFERENCE_PORT | 443 (development), None (production) | Port number of Model server | development.py production.py | |
| ANSIBLE_AI_MODEL_NAME | wisdom | AI model name | base.py | |
| ENABLE_ADDITIONAL_CONTEXT | False | Specify whether additional context (variable definitions) is added or not | base.py | #646 |
| Name | Default | Description | Read by | PR Link |
|---|---|---|---|---|
| ANSIBLE_WCA_INFERENCE_URL | None | WCA inference API URL | base.py | |
| ANSIBLE_WCA_HEALTHCHECK_API_KEY | None | WCA API key for healthcheck (previously named as ANSIBLE_WCA_FREE_API_KEY) | base.py | #811 |
| ANSIBLE_WCA_HEALTHCHECK_MODEL_ID | None | WCA Model ID for healthcheck (previously named as ANSIBLE_WCA_FREE_MODEL_ID) | base.py | #811 |
| ANSIBLE_WCA_RETRY_COUNT | 4 | Maximum retry count for WCA API calls | base.py | |
| WCA_SECRET_MANAGER_ACCESS_KEY | '' (empty string) | Access key for WCA Secret Manager | base.py | |
| WCA_SECRET_MANAGER_SECRET_ACCESS_KEY | '' (empty string) | Secret Access key for WCA Secret Manager | base.py | |
| WCA_SECRET_MANAGER_KMS_KEY_ID | '' (empty string) | KMS key ID for WCA Secret Manager | base.py | |
| WCA_SECRET_MANAGER_PRIMARY_REGION | '' (empty string) | AWS primary region for WCA Secret Manager | base.py | |
| WCA_SECRET_MANAGER_REPLICA_REGIONS | '' (empty string) | AWS replica regions for WCA Secret Manager | base.py | |
| WCA_CLIENT_BACKEND_TYPE | wcaclient (production), dummy (development) | WCA client backend type | base.py development.py | #720 |
| WCA_SECRET_BACKEND_TYPE | aws_sm (production), dummy (development) | WCA secret backend type | base.py development.py | #720 |
| WCA_SECRET_DUMMY_SECRETS | '' (empty string) | WCA dummy secrets | development.py | #720 |
| Name | Default | Description | Read by |
|---|---|---|---|
| ANSIBLE_AI_SEARCH_HOST | '' (empty string) | Elasticsearch hostname used for Attributions API | base.py |
| ANSIBLE_AI_SEARCH_PORT | 443 | Elasticsearch port number used for Attributions API | base.py |
| ANSIBLE_AI_SEARCH_KEY | None | Search key for Attributions API | base.py |
| ANSIBLE_AI_SEARCH_SECRET | None | Search secret for Attributions API | base.py |
| ANSIBLE_AI_SEARCH_REGION | None | Search region for Attributions API | base.py |
| ANSIBLE_AI_SEARCH_INDEX | attribution | Search index for Attributions API | base.py |
| ANSIBLE_AI_SEARCH_MODEL | all-MiniLM-L6-v2 | Search model for Attributions API | base.py |
| ANSIBLE_AI_SEARCH_DIMENSION | 384 | Search dimension for Attributions API | base.py |
| ANSIBLE_AI_SEARCH_METHOD | 'name:hnsw,space_type:innerproduct,engine:nmslib | Search methods for Attributions API | base.py |
| Name | Default | Description | Read by | PR Link |
|---|---|---|---|---|
| ANSIBLE_AI_MODEL_MESH_API_HEALTHCHECK_PROTOCOL | https | Protocol used for health check on model server (grpc) | development.py, production.py | #211 |
| ANSIBLE_AI_MODEL_MESH_API_HEALTHCHECK_PORT | 8443 | Port number used for health check on model server (grpc) | development.py, production.py | #211 |
| ENABLE_HEALTHCHECK_ATTRIBUTION | True | Enable health check for attribution | base.py | #693 |
| ENABLE_HEALTHCHECK_AUTHORIZATION | True | Enable health check for authorization | base.py | #693 |
| ENABLE_HEALTHCHECK_MODEL_MESH | True | Enable health check for model mesh | base.py | #693 |
| ENABLE_HEALTHCHECK_SECRET_MANAGER | True | Enable health check for secret manager | base.py | #693 |
| ENABLE_HEALTHCHECK_WCA | True | Enable health check for WCA | base.py | #693 |
| Name | Default | Description | Read by | PR Link |
|---|---|---|---|---|
| SOCIAL_AUTH_GITHUB_TEAM_ID | 7188893 | GitHub team ID for authentication | base.py | |
| SOCIAL_AUTH_GITHUB_TEAM_KEY | None | GitHub team Key for authentication | base.py | |
| SOCIAL_AUTH_GITHUB_TEAM_SECRET | None | GitHub team secret for authentication | base.py | |
| SOCIAL_AUTH_GITHUB_KEY | None | GitHub Key for authentication | base.py | |
| SOCIAL_AUTH_GITHUB_SECRET | None | GitHub secret for authentication | base.py | |
| SOCIAL_AUTH_OIDC_OIDC_ENDPOINT | None | OpenID Connect Endpoint (for Red Hat SSO) | base.py | |
| SOCIAL_AUTH_OIDC_KEY | None | OpenID Connect key | base.py | |
| SOCIAL_AUTH_OIDC_SECRET | None | OpenID Connect secret | base.py | |
| AUTHZ_BACKEND_TYPE | None | Backend type for authorization (authz) One of "ams", "ciam", "mock_true", "mock_false" or "dummy" | base.py development.py | |
| AUTHZ_SSO_CLIENT_ID | None | Client ID for authz | base.py | |
| AUTHZ_SSO_CLIENT_SECRET | None | Client secret for authz | base.py | |
| AUTHZ_SSO_SERVER | None | SSO server address for authz | base.py | |
| AUTHZ_API_SERVER | None | API server address for authz | base.py | |
| AMS_ORG_CACHE_TIMEOUT_SEC | 60 * 60 * 24 | Timeout value for AMS org cache in seconds | base.py | #755 |
Postprocessing / Ansible Risk Insight (ARI)
| Name | Default | Description | Read by |
|---|---|---|---|
| ARI_KB_PATH | /etc/ari/kb/ | Default KB (?) path for ARI | base.py |
| ARI_RULE_FOR_OUTPUT_RESULT | W007 | ARI rule for output result | base.py |
| ARI_RULES | [ P001, P002, P003, P004, W001, W003, W004, W005, W006, W007, W008, W009, W010, W012, W013] | Rules to be used with ARI | base.py |
| ENABLE_ARI_POSTPROCESS | False | Enables ARI | base.py |
| ENABLE_ANSIBLE_LINT_POSTPROCESS | False | Enables ansible-lint postprocess | base.py |
| Name | Default | Description | Read by | PR Link |
|---|---|---|---|---|
| ANSIBLE_WISDOM_DOMAIN | None | Domain for allowed hosts | production.py | |
| SIGNUP_URL | (This URL) | Sign-up page for Wisdom Pilot | base.py | |
| TERMS_NOT_APPLICABLE | false | Allow terms bypass for local users | base.py | #780 |
| DEPLOYMENT_MODE | "saas" | Specifies the deployment mode ("saas" or "upstream") | base.py | #801 |
| Name | Default | Description | Read by | PR Link |
|---|---|---|---|---|
| COMPLETION_USER_RATE_THROTTLE | 10/minute | User rate throttle for the completion API | base.py | |
| SEGMENT_WRITE_KEY | None | Write key for sending analytic data to Segment.com | base.py | |
| SEGMENT_ANALYTICS_WRITE_KEY | None | Write key for sending analytic data to Segment.com for analytics telemetry | base.py | #741 |
| ME_USER_CACHE_TIMEOUT_SEC | 30 | Timeout value for the /me API in seconds | base.py | #751 |
| ME_USER_RATE_THROTTLE | 50/minute | Rate throttle for the /me API | base.py | #751 |
| Name | Default | Description | Read by | PR Link |
|---|---|---|---|---|
| DOCUMENTATION_URL | https://docs.ai.ansible.redhat.com | Documentation URL | base.py | #660 |
| COMMERCIAL_DOCUMENTATION_URL | https://www.redhat.com/en/engage/ansible-lightspeed | Commercial Documentation URL | base.py | #660 |
| Name | Default | Description | Read by | PR Link |
|---|---|---|---|---|
| MOCK_MODEL_RESPONSE_BODY | '{"predictions":[" ansible.builtin.apt:\n name: nginx\nupdate_cache: true\n state: present\n"]}' | Response body returned by the mock model | base.py | |
| MOCK_MODEL_RESPONSE_MAX_LATENCY_MSEC | 3000 | Latency used by the mock client | base.py | |
| MOCK_MODEL_RESPONSE_LATENCY_USE_JITTER | False | Whether jitter is used in latency by the mock client | base.py | |
| AUTHZ_DUMMY_USERS_WITH_SEAT | '' (empty string) | Dummy users with seat | development.py | #720 #734 |
| AUTHZ_DUMMY_RH_ORG_ADMINS | '' (empty string) | Dummy Red Hat org admins | development.py | #720 #734 |
| AUTHZ_DUMMY_ORGS_WITH_SUBSCRIPTION | '' (empty string) | Dummy orgs with subscription | development.py | #720 #734 |