Environment variables
Some application features are configured using environment variables.
Configuration variables
| Variable Name | Description | Default | Example value |
|---|---|---|---|
| AEID_CLIENTID | Azure Entra ID client ID. See Azure Authentication | 2222-2222-222-2222 |
|
| AEID_TENANTID | Azure Entra ID tenant ID. See Azure Authentication | 111-1111-1111-1111 |
|
| AEID_SCOPE | Azure Entra ID scope. See Azure Authentication | https://graph.microsoft.com/.default |
|
| API_RETRY_LIMIT | Number of API retries on error | 5 |
10 |
| ACCESS_TOKEN_SECRET | Access token secret. See Authentication | changeme |
|
| ACCESS_TOKEN_TTL | Access token time to live. Use syntax 1h (1 hour), 1m (1 min) etc. |
1h |
10m |
| AUTHENTICATOR_IMPL | Authentication implementation. See Authentication | file |
cognito |
| AWS_REGION | AWS region containing DynamoDB or Secrets Manager or CodePipeline | eu-west-1 |
|
| CACHE_PIPELINE_BUILDS | Whether to cache the pipeline builds from the pipelines provider | true |
|
| CACHE_REPO_LIST | Whether to cache the repository list from the VCS provider | true |
|
| CLIENT_SESSION_STORE | The mechanism for storing the client-side session. Can be cookie or sessionStorage |
cookie |
sessionStorage |
| COGNITO_USER_POOL_ID | Cognito authenticator settings | ||
| COGNITO_CLIENT_ID | Cognito authenticator settings | ||
| CONFIG_DIR | Override for *-config.json files | Current directory | /path/to/config/dir |
| CONFIG_AUTO_RELOAD | Whether to auto-reload config from file - useful for development | false |
true |
| CONFIG_REFRESH_MS | Requires CONFIG_AUTO_RELOAD - reload frequency in ms |
5000 |
30000 |
| CORS_ORIGIN | The CORS origin of the web UI | https://code-metrics.localhost:3001 |
|
| COVERAGE_THRESHOLD_DANGER | Lower coverage threshold | 30 |
40 |
| COVERAGE_THRESHOLD_WARNING | Upper coverage threshold | 80 |
90 |
| DATABASE_NAME | Prefix for DynamoDB tables or name of MongoDB database | CodeMetrics |
|
| DATASTORE_IMPL | Datastore implementation (one of: inmem, dynamodb, mongodb). See Datastores | inmem |
dynamodb |
| DATABASE_URI | MongoDB database URI | mongodb://code-metrics:changeme@localhost:27017 |
|
| EXPIRY_SECONDS | Time to cache data if it is for the current day. | 3600 |
7200 |
| KEYCLOAK_AUTH_METHOD | Keycloak auth method - currently always directgrant. See Keycloak Authentication |
||
| KEYCLOAK_URI | Keycloak URI. See Keycloak Authentication | ||
| KEYCLOAK_REALM | Keycloak realm. See Keycloak Authentication | ||
| KEYCLOAK_CLIENT_ID | Keycloak client ID. See Keycloak Authentication | ||
| LDAP_ADMIN_AUTH | LDAP authentication configuration. See LDAP Authentication | ||
| LDAP_URI | LDAP authentication configuration. See LDAP Authentication | ||
| LDAP_BIND_DN | LDAP authentication configuration. See LDAP Authentication | ||
| LDAP_BIND_PASSWORD | LDAP authentication configuration. See LDAP Authentication | ||
| LDAP_USER_SEARCH_BASE | LDAP authentication configuration. See LDAP Authentication | ||
| LDAP_ROOT_DN | LDAP authentication configuration. See LDAP Authentication | ||
| LDAP_USERNAME_ATTRIBUTE | LDAP authentication configuration. See LDAP Authentication | ||
| LDAP_TLS | LDAP authentication configuration. See LDAP Authentication | ||
| LOG_LEVEL | Logging level. Set to 0 (OFF), 1 (DEBUG) or 2 (VERBOSE) | 1 |
2 |
| LOG_RESPONSE_BODY | Whether to log response bodies from external API calls | false |
true |
| LOOKUP_CACHE_ENABLED | Whether the cache is enabled (requires datastore) | false |
true |
| OIDC_ISSUER_BASE_URL | The base URL for the OIDC server. See OIDC Authentication | https://accounts.google.com |
|
| OIDC_CLIENT_ID | The client ID. See OIDC Authentication | 000000000000-a1b2c3d4e5f6g7h8i9j10k11l12m13n14.apps.googleusercontent.com |
|
| OIDC_CLIENT_SECRET | The client secret. See OIDC Authentication | ABCDEF-ab12cd_aBcDeF12gH34-aB |
|
| OIDC_USER_CLAIM | The name of ID token claim containing the user email address. See OIDC Authentication | sub |
sub or email |
| OIDC_SCOPES | The required scopes. See OIDC Authentication | openid email |
openid email |
| OIDC_AUDIENCE | The desired value of the audience claim. See OIDC Authentication | 000000000000-a1b2c3d4e5f6g7h8i9j10k11l12m13n14.apps.googleusercontent.com |
|
| OIDC_USE_PKCE | Whether to use PKCE. See OIDC Authentication | false |
true |
| OIDC_REDIRECT_URI | Override the OIDC redirect URI. See OIDC Authentication | Derived from the UI base URL. | https://example.com/login/callback |
| PRECACHE_REPO_LIST | Whether to pre-cache the repository list from the VCS provider | true |
false |
| PORT | The port the backend listens on | 3001 |
3030 |
| REPO_LIST_EXPIRY_SECONDS | If CACHE_REPO_LIST is enabled - for how long the list is cached |
21600 |
10800 |
| SECRET_RESOLVER_IMPL | Secret resolver implementation. See Secret management | file |
file |
| UI_BASE_URL | The base URL for the UI | Uses value of CORS_ORIGIN |
http://localhost:3000 |
The .env file
As well as setting environment variables in the typical fashion, Code Metrics allows you to use an .env file in the working directory for the backend component.
To get started, copy the .env.template file and name the copy .env.