Feature: Improve automated containerized deployment

Adding a prefix (DT) for all dependency track specific env variable name with backward compatibility for templates

Signed-off-by: syalioune <[email protected]>

docs/_docs/getting-started/configuration.md

@@ -472,7 +472,7 @@ DEPENDENCY_TRACK_ADMIN_EMAIL
 Besides the technical configuration (i.e `application.properties`) described above, Dependency Track allow administrators to configure various part of the application behaviour through the UI. Those configuration items are saved in the database in table `CONFIGPROPERTY`.
 On the first startup, this table is loaded with default values that you can find in [ConfigPropertyConstants.java](https://github.com/DependencyTrack/dependency-track/blob/master/src/main/java/org/dependencytrack/model/ConfigPropertyConstants.java).
 
-For containerized deployments, the config properties default values can also be specified as environment variables. All environment variables are based on uppercase property group joined with uppercase property name by an underscore (_). Periods (.) and hyphens (-) replaced with underscores (_). Most of the times, the enumeration name follow this convention.
+For containerized deployments, the config properties default values can also be specified as environment variables. All environment variables are based on `DT` prefix joined with uppercase property group and uppercase property name by an underscore (_). Periods (.) and hyphens (-) replaced with underscores (_). Most of the time, the enumeration name follow this convention.
 
 For example enumeration
 
@@ -483,7 +483,7 @@ VULNERABILITY_SOURCE_NVD_ENABLED("vuln-source", "nvd.enabled", "true", PropertyT
 translate to environment variable
 
 ```
-VULN_SOURCE_NVD_ENABLED
+DT_VULN_SOURCE_NVD_ENABLED
 ```
 
 **Please note that the environment variables will be processed only on the first startup**. Once loaded up, the database table `CONFIGPROPERTY` is the single source of truth. 

docs/_docs/getting-started/deploy-docker.md

@@ -154,8 +154,8 @@ services:
     # - ALPINE_METRICS_AUTH_PASSWORD=
     #
     # Optional environmental variables to enable default notification publisher templates override and set the base directory to search for templates
-    # - DEFAULT_TEMPLATES_OVERRIDE_ENABLED=false
-    # - DEFAULT_TEMPLATES_OVERRIDE_BASE_DIRECTORY=/data
+    # - DT_DEFAULT_TEMPLATES_OVERRIDE_ENABLED=false
+    # - DT_DEFAULT_TEMPLATES_OVERRIDE_BASE_DIRECTORY=/data
     #
     # Optional configuration for the Snyk analyzer
     # - SNYK_THREAD_POOL_SIZE=10

src/main/docker/docker-compose.yml

@@ -83,12 +83,29 @@ services:
     # - ALPINE_METRICS_AUTH_PASSWORD=
     #
     # Optional environmental variables to enable default notification publisher templates override and set the base directory to search for templates
-    # - DEFAULT_TEMPLATES_OVERRIDE_ENABLED=false
-    # - DEFAULT_TEMPLATES_OVERRIDE_BASE_DIRECTORY=/data
+    # - DT_DEFAULT_TEMPLATES_OVERRIDE_ENABLED=false
+    # - DT_DEFAULT_TEMPLATES_OVERRIDE_BASE_DIRECTORY=/data
     #
     # Optional configuration for the Snyk analyzer
-    # - SNYK_THREAD_BATCH_SIZE=10
+    # - SNYK_THREAD_POOL_SIZE=10
+    # - SNYK_RETRY_MAX_ATTEMPTS=6
+    # - SNYK_RETRY_EXPONENTIAL_BACKOFF_MULTIPLIER=2
+    # - SNYK_RETRY_EXPONENTIAL_BACKOFF_INITIAL_DURATION_SECONDS=1
+    # - SNYK_RETRY_EXPONENTIAL_BACKOFF_MAX_DURATION_SECONDS=60
     #
+    # Optional configuration for the OSS Index analyzer
+    # - OSSINDEX_REQUEST_MAX_PURL=128
+    # - OSSINDEX_RETRY_BACKOFF_MAX_ATTEMPTS=50
+    # - OSSINDEX_RETRY_BACKOFF_MULTIPLIER=2
+    # - OSSINDEX_RETRY_BACKOFF_MAX_DURATION=600000
+    #
+    # Optional configuration for the repository metadata analyzer cache stampede for high concurrency workloads
+    # - REPO_META_ANALYZER_CACHESTAMPEDEBLOCKER_ENABLED=true
+    # - REPO_META_ANALYZER_CACHESTAMPEDEBLOCKER_LOCK_BUCKETS=1000
+    # - REPO_META_ANALYZER_CACHESTAMPEDEBLOCKER_MAX_ATTEMPTS=10
+    #
+    # Optional configuration for the system requirements
+    # - SYSTEM_REQUIREMENT_CHECK_ENABLED=true
     # Optional environmental variables to provide more JVM arguments to the API Server JVM, i.e. "-XX:ActiveProcessorCount=8"
     # - EXTRA_JAVA_OPTIONS=
     deploy:

src/main/java/org/dependencytrack/model/ConfigPropertyConstants.java

@@ -79,8 +79,8 @@ public enum ConfigPropertyConstants {
     KENNA_TOKEN("integrations", "kenna.token", null, PropertyType.ENCRYPTEDSTRING, "The token to use when authenticating to Kenna Security"),
     KENNA_CONNECTOR_ID("integrations", "kenna.connector.id", null, PropertyType.STRING, "The Kenna Security connector identifier to upload to"),
     ACCESS_MANAGEMENT_ACL_ENABLED("access-management", "acl.enabled", "false", PropertyType.BOOLEAN, "Flag to enable/disable access control to projects in the portfolio"),
-    NOTIFICATION_TEMPLATE_BASE_DIR("notification", "template.baseDir", SystemUtils.getEnvironmentVariable("DEFAULT_TEMPLATES_OVERRIDE_BASE_DIRECTORY", System.getProperty("user.home")), PropertyType.STRING, "The base directory to use when searching for notification templates"),
-    NOTIFICATION_TEMPLATE_DEFAULT_OVERRIDE_ENABLED("notification", "template.default.override.enabled", SystemUtils.getEnvironmentVariable("DEFAULT_TEMPLATES_OVERRIDE_ENABLED", "false"), PropertyType.BOOLEAN, "Flag to enable/disable override of default notification templates"),
+    NOTIFICATION_TEMPLATE_BASE_DIR("notification", "template.baseDir", SystemUtils.getEnvironmentVariable("DT_DEFAULT_TEMPLATES_OVERRIDE_BASE_DIRECTORY", SystemUtils.getEnvironmentVariable("DEFAULT_TEMPLATES_OVERRIDE_BASE_DIRECTORY", System.getProperty("user.home"))), PropertyType.STRING, "The base directory to use when searching for notification templates"),
+    NOTIFICATION_TEMPLATE_DEFAULT_OVERRIDE_ENABLED("notification", "template.default.override.enabled", SystemUtils.getEnvironmentVariable("DT_DEFAULT_TEMPLATES_OVERRIDE_ENABLED", SystemUtils.getEnvironmentVariable("DEFAULT_TEMPLATES_OVERRIDE_ENABLED", "false")), PropertyType.BOOLEAN, "Flag to enable/disable override of default notification templates"),
     TASK_SCHEDULER_LDAP_SYNC_CADENCE("task-scheduler", "ldap.sync.cadence", "6", PropertyType.INTEGER, "Sync cadence (in hours) for LDAP"),
     TASK_SCHEDULER_GHSA_MIRROR_CADENCE("task-scheduler", "ghsa.mirror.cadence", "24", PropertyType.INTEGER, "Mirror cadence (in hours) for Github Security Advisories"),
     TASK_SCHEDULER_OSV_MIRROR_CADENCE("task-scheduler", "osv.mirror.cadence", "24", PropertyType.INTEGER, "Mirror cadence (in hours) for OSV database"),

src/main/java/org/dependencytrack/persistence/DefaultObjectGenerator.java

@@ -23,6 +23,7 @@
 import alpine.model.Permission;
 import alpine.model.Team;
 import alpine.server.auth.PasswordService;
+import org.apache.commons.lang3.SystemUtils;
 import org.dependencytrack.RequirementsVerifier;
 import org.dependencytrack.auth.Permissions;
 import org.dependencytrack.model.ConfigPropertyConstants;
@@ -64,6 +65,8 @@ public class DefaultObjectGenerator implements ServletContextListener {
 
     static final String ADMIN_EMAIL_ENV_VARIABLE = "DEPENDENCY_TRACK_ADMIN_EMAIL";
 
+    static final String ENV_VARIABLE_NAME_PREFIX = "DT";
+
     /**
      * {@inheritDoc}
      */
@@ -163,10 +166,10 @@ private void loadDefaultPersonas() {
                 return;
             }
             LOGGER.info("Adding default users and teams to datastore");
-            String adminUsername = getEnvVariable(ADMIN_USERNAME_ENV_VARIABLE, DEFAULT_ADMIN_USERNAME);
-            String adminPassword = getEnvVariable(ADMIN_PASSWORD_ENV_VARIABLE, DEFAULT_ADMIN_PASSWORD);
-            String adminFullName = getEnvVariable(ADMIN_FULL_NAME_ENV_VARIABLE, DEFAULT_ADMIN_FULL_NAME);
-            String adminEmail = getEnvVariable(ADMIN_EMAIL_ENV_VARIABLE, DEFAULT_ADMIN_EMAIL);
+            String adminUsername = SystemUtils.getEnvironmentVariable(ADMIN_USERNAME_ENV_VARIABLE, DEFAULT_ADMIN_USERNAME);
+            String adminPassword = SystemUtils.getEnvironmentVariable(ADMIN_PASSWORD_ENV_VARIABLE, DEFAULT_ADMIN_PASSWORD);
+            String adminFullName = SystemUtils.getEnvironmentVariable(ADMIN_FULL_NAME_ENV_VARIABLE, DEFAULT_ADMIN_FULL_NAME);
+            String adminEmail = SystemUtils.getEnvironmentVariable(ADMIN_EMAIL_ENV_VARIABLE, DEFAULT_ADMIN_EMAIL);
 
             LOGGER.debug("Creating user: "+adminUsername);
             ManagedUser admin = qm.createManagedUser(adminUsername, adminFullName, adminEmail,
@@ -253,7 +256,7 @@ private void loadDefaultConfigProperties() {
                 LOGGER.debug("Creating config property: " + cpc.getGroupName() + " / " + cpc.getPropertyName());
 
                 if (qm.getConfigProperty(cpc.getGroupName(), cpc.getPropertyName()) == null) {
-                    qm.createConfigProperty(cpc.getGroupName(), cpc.getPropertyName(), getEnvVariable(generateEnvVariableName(cpc), cpc.getDefaultPropertyValue()), cpc.getPropertyType(), cpc.getDescription());
+                    qm.createConfigProperty(cpc.getGroupName(), cpc.getPropertyName(), SystemUtils.getEnvironmentVariable(generateEnvVariableName(cpc), cpc.getDefaultPropertyValue()), cpc.getPropertyType(), cpc.getDescription());
                 }
             }
         }
@@ -273,15 +276,11 @@ private void loadDefaultNotificationPublishers() {
 
     String generateEnvVariableName(ConfigPropertyConstants configProperty) {
         StringBuilder sb = new StringBuilder();
+        sb.append(ENV_VARIABLE_NAME_PREFIX).append("_");
         sb.append(configProperty.getGroupName().toUpperCase().replaceAll("[\\-\\.]", "_"));
         sb.append("_");
         sb.append(configProperty.getPropertyName().toUpperCase().replaceAll("[\\-\\.]", "_"));
         LOGGER.debug("Environment variable name for property group "+configProperty.getGroupName()+" and property name "+configProperty.getPropertyName()+" is "+sb);
         return sb.toString();
     }
-
-    String getEnvVariable(String name, String defaultValue) {
-        String value = System.getenv(name);
-        return value != null ? value : defaultValue;
-    }
 }