Server configuration

the configuration is read from system properties, environment variables, …​.
talend.component.server.component.coordinates

A comma separated list of gav to locate the components

talend.component.server.component.documentation.translations

Default value: ${home}/documentations. A component translation repository. This is where you put your documentation translations. Their name must follow the pattern documentation_${container-id}_language.adoc where ${container-id} is the component jar name (without the extension and version, generally the artifactId).

talend.component.server.component.extend.dependencies

Default value: true. Should the component extensions add required dependencies.

talend.component.server.component.extension.maven.repository

If you deploy some extension, where they can create their dependencies if needed.

talend.component.server.component.extension.startup.timeout

Default value: 180000. Timeout for extension initialization at startup, since it ensures the startup wait extensions are ready and loaded it allows to control the latency it implies.

talend.component.server.component.registry

A property file where the value is a gav of a component to register (complementary with coordinates)

talend.component.server.documentation.active

Default value: true. Should the /documentation endpoint be activated. Note that when called on localhost the doc is always available.

talend.component.server.environment.active

Default value: true. Should the /api/v1/environment endpoint be activated. It shows some internal versions and git commit which are not always desirable over the wire.

talend.component.server.filter.secured.tokens

Default value: -. Accepted tokens in Authorization header for remote calls to secured endpoints (/api/v1/environment or /documentation).

talend.component.server.jaxrs.exceptionhandler.defaultMessage

Default value: false. If set it will replace any message for exceptions. Set to false to use the actual exception message.

talend.component.server.maven.repository

The local maven repository used to locate components and their dependencies

talend.component.server.request.log

Default value: false. Should the all requests/responses be logged (debug purposes - only work when running with CXF).

talend.component.server.security.command.handler

Default value: securityNoopHandler. How to validate a command/request. Accepted values: securityNoopHandler.

talend.component.server.security.connection.handler

Default value: securityNoopHandler. How to validate a connection. Accepted values: securityNoopHandler.

talend.component.server.user.extensions.location

A folder available for the server - don’t forget to mount it in docker if you are using the image - which accepts subfolders named as component plugin id (generally the artifactId or jar name without the version, ex: jdbc). Each family folder can contain:

  • a user-configuration.properties file which will be merged with component configuration system (see services). This properties file enables the function userJar(xxxx) to replace the jar named xxxx by its virtual gav (groupId:artifactId:version),

  • a list of jars which will be merged with component family classpath

talend.component.server.user.extensions.provisioning.location

Default value: auto. Should the implicit artifacts be provisionned to a m2. If set to auto it tries to detect if there is a m2 to provision - recommended, if set to skip it is ignored, else it uses the value as a m2 path.

Configuration mechanism

The configuration uses Microprofile Config for most entries. It means it can be passed through system properties and environment variables (by replacing dots with underscores and making the keys uppercase).

To configure a Docker image rather than a standalone instance, Docker Config and secrets integration allow you to read the configuration from files. You can customize the configuration of these integrations through system properties, as described below in this document.

Also note that Docker integration provides a secure: support to encrypt values when required. it also works for system properties.

Docker Config

org.talend.sdk.component.docker.secret.config.DockerConfigConfigSource.base

configuration location. Defaults to /.

org.talend.sdk.component.docker.secret.config.DockerConfigConfigSource.prefixes

file name prefixes to take into account. Defaults to nothing, which means that all prefixes but the common UNIx exclusions are taken into account.

For example, creating a /talend.foo.bar file makes its content available under the talend.foo.bar key.

Docker Secrets

org.talend.sdk.component.docker.secret.config.DockerSecretConfigSource

secrets location. Defaults to /run/secrets.

For example, creating a /run/secrets/talend.foo.bar file makes its content available under the talend.foo.bar key.

Secure values support

A security mechanism allows to use a ciphered value instead of a clear value for passing sensitive data (password, secret, token, etc.).

It relies on org.talend.sdk.component.configuration.converter.secured.ConfigurationMain, which allows you to:

  1. create a master_key file

  2. encrypt a value

  3. decrypt a value (for testing purposes)

A master password is stored and obfuscated in a master_key file. The algorithm AES/CBC/PKCS5Padding ciphers the value and encodes the result in base64. This mechanism allows to manage the value as plain text and easily pass it through all potential ways you can set the configuration.

The secure values support is managed through the org.talend.sdk.component:secured-string-converter artifact. You can find it for released versions on Central.

The command examples in the sections below assume you have set the alias in your profile:

alias tssc="java -cp secured-string-converter.jar org.talend.sdk.component.configuration.converter.secured.ConfigurationMain"

If it is not the case, replace tssc by the full command.

Generating the master key

To generate the master key, use the provided configuration in the org.talend.sdk.component:secured-string-converter artifact:

tssc --master-key /path/to/my_master_key [secret-value]
Set the talend.component.server.configuration.master_key.location system property on the server to ensure it uses this master key. Make sure that only the applications needing this key can read it.

Encrypting a value

To encrypt a value, use the provided configuration in the org.talend.sdk.component:secured-string-converter artifact:

tssc --encrypt /path/to/my_master_key my_credential_to_encrypt

Decrypting a value

To decrypt a value, use the provided configuration in the org.talend.sdk.component:secured-string-converter artifact:

tssc --decrypt /path/to/my_master_key secure:my_credential_to_encrypt
Scroll to top