This section describes how to install the tools needed to create and manage Workflows, Decisions, and Rules in your development environment:
- BAMOE Developer Tools for VS Code
-
to enable efficient development and collaboration on Business Services within an industry standard IDE.
- BAMOE Canvas and its backend services, BAMOE CORS proxy, BAMOE Extended Services
-
for browser-based authoring and testing of DMN, BPMN assets,
- BAMOE Maven repository
-
for accessing libraries to develop Business Services,
For more information on the product distribution see What’s New → Download Documentation.
Installing BAMOE Developer Tools for VS Code
You can find the developer tools at the Visual Studio Marketplace, as BAMOE Developer Tools for VS Code.
The visual editors in BAMOE Developer Tools for VS Code automatically update files to the latest version, making them incompatible with the BAMOE version used in Business Services. To control updates, turn off the Auto Update option.
If you are developing in Java, make sure you set up the following elements:
-
Your domain Java classes.
-
The activator Java class file
Activator.java(required to activate the functionality).
For more information on using the extensions, see Available features → BAMOE Developer Tools for VS Code.
The Dev environment Helm chart
The recommended way of installing BAMOE Maven repository and BAMOE Canvas is to install the pre-configured Helm charts for the BAMOE Offering that you have purchased licenses for, IBM Decision Manager Open Edition or IBM Process Automation Manager Open Edition:
-
pamoe-9.5.0-dev-environment-helm-chart
-
dmoe-9.5.0-dev-environment-helm-chart
These Helm charts include the necessary licensing annotations and do not require any manual configuration, as was the case in previous releases. Required annotations are injected into all deployed containers, ensuring accurate license tracking from deployment, and simplifying the installation process. The charts are pre-configured with the correct product IDs, product names, and metrics for each BAMOE offering.
The charts integrate Canvas configuration via Helm parameters, enabling centralized configuration in a single values.yaml, version-controlled settings, and automatic conversion to environment variables during deployment, eliminating manual configuration, see Configuration reference for Dev Helm Charts
Each Dev Helm chart contains four sub-charts which you can install individually but you will need to manage licensing and other configuration manually:
-
canvas: The main BAMOE Canvas application for modeling BPMN and DMN, available via quay.io/bamoe/canvas:9.5.0-ibm-0005
-
cors_proxy: The service for cross-origin requests, that enables BAMOE Canvas to communicate directly from the browser, with Git and Cloud providers, available via quay.io/bamoe/cors-proxy:9.5.0-ibm-0005
-
extended_services: The service that enhances BAMOE Canvas capabilities with the DMN Runner and BPMN and DMN model static validation services, available via quay.io/bamoe/extended-services:9.5.0-ibm-0005
-
maven_repository: The Maven artifact repository required to develop Business Services, available via quay.io/bamoe/maven-repository:9.5.0-ibm-0005
The only difference between the PAMOE and DMOE Dev environment Helm chart is the License Service annotations which contain different productID and productName. All sub-charts receive License Service annotations automatically through the global configuration of the parent chart. The annotations are applied to every pod deployment,
ensuring complete license tracking coverage for all BAMOE containers.
The BAMOE Dev Helm charts are architecture-agnostic and work for both:
-
Linux/s390x architecture which runs on the IBM Z platform
-
Linux/x86_64 architecture
If you prefer to install the Dev environment components individually using OpenShift CLI and Docker this can be done using the individual BAMOE container images. They are available as multi-architecture images on Quay.io. The host machine architecture is automatically resolved when you pull the container images. You can use the following command to specify a platform if required:
`docker pull --platform linux/s390x quay.io/bamoe/canvas:{IMAGE_VERSION}`
The following sections describe how to install the Dev environment components using the Helm chart or individually using OpenShift CLI and Docker.
Installing the Dev Environment Helm chart (recommended)
The Helm chart provides a simple way to deploy BAMOE Canvas and BAMOE Maven repository in Kubernetes, OpenShift, and Minikube with pre-configured licensing depending on your licensed product (see License Guide). For more information on using the Helm tool, see Helm Docs.
Choose the required helm chart based on your licensed product:
-
pamoe-9.5.0-dev-environment-helm-chart
-
dmoe-9.5.0-dev-environment-helm-chart
OpenShift Install
To install on OpenShift, first get the default OpenShift domain for your routes using the following command to define the YOUR_OCP_ROUTE_DOMAIN variable:
YOUR_OCP_ROUTE_DOMAIN=$(oc get ingresses.config cluster --output jsonpath={.spec.domain})
You can then install the Helm chart with the following commands:
helm pull oci://quay.io/bamoe/dmoe-dev-environment-helm-chart --version=9.5.0 --untar
helm install my-bamoe-dev-env ./dmoe-dev-environment-helm-chart --values ./dmoe-dev-environment-helm-chart/values-openshift.yaml --set global.openshiftRouteDomain="$YOUR_OCP_ROUTE_DOMAIN"
Where dmoe-dev-environment-helm-chart is replaced by pamoe-dev-environment-helm-chart if you are working with IBM Process Automation Manager Open Edition.
Generic Kubernetes install
To install BAMOE Canvas directly on a Kubernetes cluster, you will need to get the default Kubernetes cluster domain for your Ingress (see Kubernetes Documentation for more information). This can vary depending on your cluster configuration.
Once you have the domain information, you can run the following helm commands:
helm pull oci://quay.io/bamoe/dmoe-dev-environment-helm-chart --version=9.5.0 --untar
helm install my-bamoe-dev-env ./dmoe-dev-environment-helm-chart --values ./dmoe-dev-environment-helm-chart/values-kubernetes.yaml --set global.kubernetesClusterDomain="$YOUR_KUBERNETES_CLUSTER_DOMAIN" --set global.kubernetesIngressClass="$YOUR_KUBERNETES_INGRESS_CLASS"
Where dmoe-dev-environment-helm-chart is replaced by pamoe-dev-environment-helm-chart if you are working with IBM Process Automation Manager Open Edition.YOUR_KUBERNETES_CLUSTER_DOMAIN and YOUR_KUBERNETES_INGRESS_CLASS are defined as the domain and the Ingress class of your cluster, respectively.
Minikube install
To install BAMOE Canvas Helm chart on a Minikube cluster, you will need:
Once you have the domain information, you can run the following helm commands to do a Minikube specific install:
helm pull oci://quay.io/bamoe/dmoe-dev-environment-helm-chart --version=9.5.0 --untar
helm install my-bamoe-dev-env ./dmoe-dev-environment-helm-chart --values ./dmoe-dev-environment-helm-chart/values-minikube-nginx.yaml
Where dmoe-dev-environment-helm-chart is replaced by pamoe-dev-environment-helm-chart if you are working with IBM Process Automation Manager Open Edition.
The BAMOE Canvas OpenShift topology
Your BAMOE Canvas instance is now up and accessible. To get the route run the following command:
oc get route $APP_NAME_BAMOE_CANVAS --output jsonpath={.spec.host}
Where $APP_NAME_BAMOE_CANVAS is bamoe-canvas, bamoe-extended-services or bamoe-cors-proxy if you haven’t changed the configuration of the Dev environment Helm chart.
|
Note
|
All services will be available through https, which means that if you are deploying them to a local OpenShift instance (i.e. through CRC), the BAMOE Canvas Web application, the BAMOE Extended Services, and BAMOE CORS proxy backends will all be using self-signed certificates, causing warnings in your browser. To fix this, access each URL individually and allow them in your browser.
|
Setting up the Maven Repository
The BAMOE Maven repository is deployed and configured by default during the Dev environment installation. After installation it can be accessed at:
You can disable the installation of the Maven Repository in the Helm chart deployment using this command:
helm install my-bamoe-dev-env ./dmoe-dev-environment-helm-chart --set maven_repository.enabled=false
Uninstalling the Chart
Follow the command to uninstall the my-bamoe-dev-env deployment:
helm uninstall my-bamoe-dev-env
Passing environment variables
This chart uses default environment variables from values.yaml file. You can override the variables by passing them through the command line. See Dev Helm Chart configuration reference for all options.
helm install my-bamoe-dev-env ./dmoe-dev-environment-helm-chart --set canvas.image.registry=quay.io
Where dmoe-dev-environment-helm-chart is replaced by pamoe-dev-environment-helm-chart if you are working with IBM Process Automation Manager Open Edition.
Several customization options are available. For more information on the configurations available by using the environment variables, see BAMOE Canvas image description on Quay.io.
|
Note
|
The configured URL addresses need to be accessible from your machine, as BAMOE Canvas will make requests to them directly from your browser. Using the internal IP/DNS services will not work. |
One of the important environment variable to consider when deploying BAMOE Canvas is KIE_SANDBOX_DEV_DEPLOYMENT_BASE_IMAGE_URL. It points to a container image that is used when creating a Dev Deployment.
By default, BAMOE Canvas is configured to fetch this image from https://quay.io/bamoe/canvas-dev-deployment-base:9.5.0.
If you are installing BAMOE Canvas in an air-gapped environment, you will need to configure KIE_SANDBOX_DEV_DEPLOYMENT_BASE_IMAGE_URL to point to an image in a registry where the Cloud providers used by BAMOE Canvas users can access it.
For example, imagine a user is creating Dev Deployments for Decisions on BAMOE Canvas to a local Kubernetes they have installed on their machine, for example Kind or Minikube.
This local Kubernetes instance must be able to download the image configured in KIE_SANDBOX_DEV_DEPLOYMENT_BASE_IMAGE_URL.
The same is true for remote Kubernetes and OpenShift instances that the users of BAMOE Canvas will configure to create their Dev Deployments for Decisions.
For more information on deploying BAMOE Canvas in an air-gapped OpenShift environment, see Deploy BAMOE Canvas in an air-gapped OpenShift environment.
For other customization options of BAMOE Canvas, see BAMOE Canvas’s image description on Quay.io.
Running BAMOE Canvas containers locally with Docker Compose
BAMOE Canvas and its related services can be run locally by using Docker Compose.
For more information, see Docker Installation, and Compose Plugin Installation.
The bamoe-9.5.0-canvas-docker-compose.zip can only be downloaded from IBM Passport Advantage, and you can find information on the BAMOE 9.5 Download Document.
To Run BAMOE Canvas with Docker Compose follow these steps:
-
Extract the downloaded
bamoe-9.5.0-canvas-docker-compose.zip. -
In a terminal, navigate to the extracted folder:
bamoe-9.5.0-canvas-docker-compose. -
Run the following command:
docker compose up
BAMOE Canvas will be available at http://localhost:9090.
Deploy BAMOE Canvas in an air-gapped OpenShift environment
If you have an air-gapped OpenShift cluster and need to deploy BAMOE Canvas using images from the internal registry, follow these steps. This procedure involves pulling images from Quay.io, pushing them to the OpenShift internal registry, and deploying the application.
-
Log in to the OpenShift cluster using the OpenShift CLI.
oc login <OPENSHIFT_API_URL> -
Select or create the target Namespace where the BAMOE Canvas application will be deployed.
oc project bamoecanvas -
Retrieve the OpenShift internal image registry route.
oc get route default-route -n openshift-image-registry --template='{{ .spec.host }}'If the default route is not enabled, enable it using the following command.
oc patch configs.imageregistry.operator.openshift.io/cluster --type=merge -p '{"spec":{"defaultRoute":true}}' -
Set environment variables for the registry and namespace.
REGISTRY=$(oc get route default-route -n openshift-image-registry --template='{{ .spec.host }}') NAMESPACE=$(oc project -q) -
Log in to the OpenShift image registry.
podman login -u kubeadmin -p $(oc whoami --show-token) $REGISTRY --tls-verify=false -
Pull the BAMOE Canvas images from the Quay repository.
podman pull --arch amd64 quay.io/bamoe/canvas:9.5.0-ibm-0005 podman pull --arch amd64 quay.io/bamoe/cors-proxy:9.5.0-ibm-0005 podman pull --arch amd64 quay.io/bamoe/extended-services:9.5.0-ibm-0005 -
Tag the images for the OpenShift internal registry.
podman tag quay.io/bamoe/canvas:9.5.0-ibm-0005 $REGISTRY/$NAMESPACE/canvas:9.5.0-ibm-0005 podman tag quay.io/bamoe/cors-proxy:9.5.0-ibm-0005 $REGISTRY/$NAMESPACE/cors-proxy:9.5.0-ibm-0005 podman tag quay.io/bamoe/extended-services:9.5.0-ibm-0005 $REGISTRY/$NAMESPACE/extended-services:9.5.0-ibm-0005 -
Push the images to the OpenShift internal registry.
podman push $REGISTRY/$NAMESPACE/canvas:9.5.0-ibm-0005 --tls-verify=false podman push $REGISTRY/$NAMESPACE/extended-services:9.5.0-ibm-0005 --tls-verify=false podman push $REGISTRY/$NAMESPACE/cors-proxy:9.5.0-ibm-0005 --tls-verify=false -
Verify that the images are available in the internal registry.
oc get imagestreamsExample outputNAME IMAGE REPOSITORY TAGS UPDATED canvas default-route-openshift-image-registry.apps.example.com/bamoecanvas/canvas 9.3.1-ibm-0006 2 minutes ago cors-proxy default-route-openshift-image-registry.apps.example.com/bamoecanvas/cors-proxy 9.3.1-ibm-0006 21 seconds ago extended-services default-route-openshift-image-registry.apps.example.com/bamoecanvas/extended-services 9.3.1-ibm-0006 About a minute ago -
Define environment variables for naming and labeling the resources.
export APP_PART_OF=bamoe-canvas-app export APP_NAME_EXTENDED_SERVICES=bamoe-extended-services export APP_NAME_CORS_PROXY=bamoe-cors-proxy export APP_NAME_BAMOE_CANVAS=bamoe-canvas -
Deploy Extended Services and label its resources.
oc new-app image-registry.openshift-image-registry.svc:5000/$NAMESPACE/extended-services:9.5.0-ibm-0005 --name=$APP_NAME_EXTENDED_SERVICES oc create route edge --service=$APP_NAME_EXTENDED_SERVICES oc label services/$APP_NAME_EXTENDED_SERVICES app.kubernetes.io/part-of=$APP_PART_OF oc label routes/$APP_NAME_EXTENDED_SERVICES app.kubernetes.io/part-of=$APP_PART_OF oc label deployments/$APP_NAME_EXTENDED_SERVICES app.kubernetes.io/part-of=$APP_PART_OF oc label deployments/$APP_NAME_EXTENDED_SERVICES app.openshift.io/runtime=golang -
Deploy the BAMOE CORS proxy and label its resources.
oc new-app image-registry.openshift-image-registry.svc:5000/$NAMESPACE/cors-proxy:9.5.0-ibm-0005 --name=$APP_NAME_CORS_PROXY oc create route edge --service=$APP_NAME_CORS_PROXY oc label services/$APP_NAME_CORS_PROXY app.kubernetes.io/part-of=$APP_PART_OF oc label routes/$APP_NAME_CORS_PROXY app.kubernetes.io/part-of=$APP_PART_OF oc label deployments/$APP_NAME_CORS_PROXY app.kubernetes.io/part-of=$APP_PART_OF oc label deployments/$APP_NAME_CORS_PROXY app.openshift.io/runtime=nodejs -
Deploy the BAMOE Canvas application and configure environment variables to connect to the backend services.
oc new-app image-registry.openshift-image-registry.svc:5000/$NAMESPACE/canvas:9.5.0-ibm-0005 --name=$APP_NAME_BAMOE_CANVAS \ -e KIE_SANDBOX_EXTENDED_SERVICES_URL=https://$(oc get route $APP_NAME_EXTENDED_SERVICES --output jsonpath={.spec.host}) \ -e KIE_SANDBOX_CORS_PROXY_URL=https://$(oc get route $APP_NAME_CORS_PROXY --output jsonpath={.spec.host}) oc create route edge --service=$APP_NAME_BAMOE_CANVAS oc label services/$APP_NAME_BAMOE_CANVAS app.kubernetes.io/part-of=$APP_PART_OF oc label routes/$APP_NAME_BAMOE_CANVAS app.kubernetes.io/part-of=$APP_PART_OF oc label deployments/$APP_NAME_BAMOE_CANVAS app.kubernetes.io/part-of=$APP_PART_OF oc label deployments/$APP_NAME_BAMOE_CANVAS app.openshift.io/runtime=js -
Retrieve the route details to access the deployed application.
oc get routeExample outputNAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD bamoe-canvas bamoe-canvas-bamoecanvas.apps.example.com bamoe-canvas 8080-tcp edge None bamoe-cors-proxy bamoe-cors-proxy-bamoecanvas.apps.example.com bamoe-cors-proxy 8080-tcp edge None bamoe-extended-services bamoe-extended-services-bamoecanvas.apps.example.com bamoe-extended-services 21345-tcp edge None
The BAMOE Canvas application is now accessible at the route URL shown in the output (for example, https://bamoe-canvas-bamoecanvas.apps.example.com).
Setting up the BAMOE Maven repository locally
If you have a Maven Repository Manager such as Artifactory or Nexus, you can import the compressed BAMOE Maven repository content into Maven Repository Manager. Note that you will need to add licensing annotations manually if you follow this procedure rather than using the Dev environment Helm chart.
For organizations without such infrastructure, it is highly recommended to use the Dev environment Helm chart to install the Container image and make it available internally for developers and continuous integration (CI) systems.
For organizations that already use a Maven Repository Manager, developers and the CI systems are usually configured to connect to it.
If you are using the Container image, ensure that it is made available and provide the URL that developers and CI systems need to specify in their settings.xml file.
|
Note
|
When you configure the repository by modifying the Maven settings.xml file, the changes apply to all of your Maven projects.
|
There are two ways to do this:
-
Set up a Maven repository with a Container image
-
Configure your local Maven repository
Configuring Maven with the Dev Environment helm chart
Once the Dev Environment Helm chart is installed and the Maven container up and running you will need to update your Maven settings to reference this repository.
There are a few options and your choice will depend on your work environment and the tools that are available to you.
Configure Maven with the container image URL
To configure Maven with a container image installed via the Dev environment helm chart follow these steps:
-
Open your local Maven
~/.m2/settings.xmlfile in a text editor or IDE.NoteIf there is no settings.xmlfile in the~/.m2/directory, copy thesettings.xmlfile from the$MAVEN_HOME/.m2/conf/directory into the~/.m2/directory. -
Add the following lines to the
<profiles>element of thesettings.xmlfile:<profile> <id>ibm-bamoe-enterprise-maven-repository</id> <repositories> <repository> <id>ibm-bamoe-enterprise-maven-repository</id> <url>https://container-URL-here</url> <releases> <enabled>true</enabled> </releases> <snapshots> <enabled>false</enabled> </snapshots> </repository> </repositories> <pluginRepositories> <pluginRepository> <id>ibm-bamoe-enterprise-maven-repository</id> <url>https://container-URL-here/</url> <releases> <enabled>true</enabled> </releases> <snapshots> <enabled>false</enabled> </snapshots> </pluginRepository> </pluginRepositories> </profile> -
Add the following lines to the
<activeProfiles>element of thesettings.xmlfile and save the file:<activeProfile>ibm-bamoe-enterprise-maven-repository</activeProfile>
Configuring a local Maven repository for BAMOE
If you prefer not to use containers, you can download and configure the BAMOE Maven repository from the compressed file. The BAMOE Maven repository contains the libraries that Java developers need to build Business Services projects.
To configure the BAMOE Maven repository locally follow these steps:
-
Download the Maven Repository
bamoe-9.5.0-maven-repository.zip. -
Extract the downloaded archive.
-
Go to the
~/.m2/directory and open the Mavensettings.xmlfile in a text editor or IDE. -
Add the following lines to the
<profiles>element of the Maven settings.xml file, where<MAVEN_REPOSITORY>is the path of the Maven repository that you downloaded. The format of<MAVEN_REPOSITORY>must befile://$PATH. For example,file:///home/userX/bamoe-{VERSION}-maven-repository/:<profile> <id>ibm-bamoe-enterprise-maven-repository</id> <repositories> <repository> <id>ibm-bamoe-enterprise-maven-repository</id> <url><MAVEN_REPOSITORY></url> <releases> <enabled>true</enabled> </releases> <snapshots> <enabled>false</enabled> </snapshots> </repository> </repositories> <pluginRepositories> <pluginRepository> <id>ibm-bamoe-enterprise-maven-repository</id> <url><MAVEN_REPOSITORY></url> <releases> <enabled>true</enabled> </releases> <snapshots> <enabled>false</enabled> </snapshots> </pluginRepository> </pluginRepositories> </profile> -
Add the following lines to the
<activeProfiles>element of the Mavensettings.xmlfile and save the file:
<activeProfile>ibm-bamoe-enterprise-maven-repository</activeProfile>
If your Maven repository contains outdated artifacts, you might encounter Maven error messages when you build or deploy the project, such as:
-
Missing artifact <PROJECT_NAME> -
[ERROR] Failed to execute goal on project <ARTIFACT_NAME>; Could not resolve dependencies for <PROJECT_NAME>
To resolve these issues, delete the cached version of your local repository that is located in the ~/.m2/repository directory to force a download of the latest Maven artifacts.
Your Maven repository is now properly configured and ready to build Business Service projects using a standard Maven workflow.
Configure Gradle with the container image URL
To configure Gradle with a container image installed via the Dev environment helm chart follow these steps:
-
Create the
~/.gradle/init.d/directory, if it does not exist. Any Gradle build executed on this machine will automatically run any scripts placed in this directory during the initialization phase, allowing you to apply BAMOE configuration globally. -
Create a
bamoe.gradlefile in theinit.ddirectory. -
Add the following lines in the
bamoe.gradlefile:// ~/.gradle/init.d/bamoe.gradle def bamoeRepoUrl = "http://localhost:9999/" // Add BAMOE repository to all projects for dependency resolution allprojects { repositories { mavenLocal() gradlePluginPortal() mavenCentral() maven { url = uri(bamoeRepoUrl) allowInsecureProtocol = true } } } gradle.settingsEvaluated { settings -> // Add BAMOE repository for plugin resolution settings.pluginManagement.repositories { mavenLocal() gradlePluginPortal() mavenCentral() maven { url = uri(bamoeRepoUrl) allowInsecureProtocol = true } } // Centralize repository declarations (Gradle 9.x) settings.dependencyResolutionManagement { repositories { mavenLocal() mavenCentral() maven { url = settings.uri(bamoeRepoUrl) } } } } -
Replace the value assigned to
bamoeRepoUrlvariable with the real BAMOE Maven repositoryurl: -
If you use HTTPS for the BAMOE Maven repository, you must import your internal CA certificate into one of the following:
-
Java truststore ,recommended for all OSes, or use a merged custom truststore and point Java/Gradle to it.
-
OS truststore, only if your OS supports it.
-
|
Note
|
Do not replace Java’s default truststore (cacerts) with your own. Only add your CA or use a merged custom truststore. Replacing the default keystore can break Java security and other tools on the system. |
Configuring a local Gradle repository for BAMOE
If you prefer not to use containers, you can download the BAMOE Maven repository as a compressed archive and configure it locally. The BAMOE Maven repository includes all libraries required for Java developers to build Business Services projects.
To configure the BAMOE Maven repository locally, follow these steps:
-
Download the BAMOE Maven repository,
bamoe-9.5.0-maven-repository.zip. -
Extract the downloaded archive.
-
Create the
~/.gradle/init.d/directory, if it does not exist. Any Gradle build executed on this machine will automatically run any scripts placed in this directory during the initialization phase, allowing you to apply BAMOE configuration globally. -
Create a
bamoe.gradlefile in theinit.ddirectory. -
Add the following lines in the
bamoe.gradlefile:// ~/.gradle/init.d/bamoe.gradle def bamoeRepoUrl = "http://localhost:9999/" // Add BAMOE repository to all projects for dependency resolution allprojects { repositories { mavenLocal() gradlePluginPortal() mavenCentral() maven { url = uri(bamoeRepoUrl) allowInsecureProtocol = true } } } gradle.settingsEvaluated { settings -> // Add BAMOE repository for plugin resolution settings.pluginManagement.repositories { mavenLocal() gradlePluginPortal() mavenCentral() maven { url = uri(bamoeRepoUrl) allowInsecureProtocol = true } } // Centralize repository declarations (Gradle 9.x) settings.dependencyResolutionManagement { repositories { mavenLocal() mavenCentral() maven { url = settings.uri(bamoeRepoUrl) } } } } -
Replace the value assigned to
bamoeRepoUrlvariable with the real BAMOE Maven repositoryurl.
Configuring Dev containers with Passthrough Transport Layer Security (TLS)
BAMOE container images can optionally serve traffic directly over HTTPS using a TLS certificate and a key provided by the customer. This enables end-to-end encryption between the user browser and the container on OpenShift, through a passthrough Route. By default TLS not active and your existing deployment behavior is maintained.
In the Dev environment the following BAMOE container images support this:
| Container | Certificate environment variable | Key environment variable |
|---|---|---|
Canvas |
|
|
CORS Proxy |
|
|
Extended Services |
|
|
When both variables are set, the container serves HTTPS on port 8443 (Canvas, Extended Services). CORS Proxy is the exception as it reuses its existing port (default 8080) and serves HTTPS on the same port when TLS is enabled. When the variables are unset, the container behaves exactly as before, serving HTTP only.
The matching Helm subcharts for each container expose a new tls block that wires this up automatically:
tls:
enabled: false # set to true to turn on in-container TLS
secretName: "" # name of an existing kubernetes.io/tls Secret (required when enabled)
mountPath: /etc/tls
certPath: /etc/tls/tls.crt
keyPath: /etc/tls/tls.key
httpsPort: 8443 # not present for CORS Proxy; CORS Proxy reuses service.port (default 8080)
When tls.enabled=true, the chart mounts the TLS Secret into the container, sets the TLS environment variables, exposes the HTTPS port on the Service, and the OpenShift Route is configured for Passthrough termination using openshiftRoute.tls.termination=passthrough.
When installing through the Helm chart the procedure is:
-
Create a Kubernetes TLS Secret in the target namespace:
oc create secret tls bamoe-tls \ --cert=path/to/tls.crt \ --key=path/to/tls.key -
In the Helm values file for the BAMOE component, enable TLS and reference the Secret:
tls: enabled: true secretName: bamoe-tls openshiftRoute: enabled: true tls: termination: passthrough insecureEdgeTerminationPolicy: Redirect -
Run
helm install(orhelm upgrade) as usual.
The Secret must be of type kubernetes.io/tls and contain both tls.crt and tls.key keys. If tls.enabled=true is set without a secretName, the chart aborts with a clear error message before reaching the cluster.
For more information on how to implement this in the Runtime environment Helm chart containers see Configuring Runtime containers with Passthrough Transport Layer Security (TLS)
Configuring BAMOE Canvas to work with supported Git providers
To integrate GitHub, GitHub Enterprise Server, GitLab, or Bitbucket Data Center with BAMOE Canvas, you must configure the KIE_SANDBOX_AUTH_PROVIDERS environment variable using the canvas.env Helm configuration parameter (see Configuration reference for Dev environment Helm Charts).
Example configuration:
canvas:
env: "KIE_SANDBOX_AUTH_PROVIDERS"
value: |
[
{
"id": "unique identifier",
"domain": "https://your-git-provider.com",
"supportedGitRemoteDomains": ["your-git-provider.com"],
"type": "gitlab | githubEnterprise | bitbucketDataCenter",
"name": "readable name for displaying in the BAMOE UI",
"enabled": true,
"group": "git",
"disableEncoding": true,
}
]
- id
-
A unique identifier for this authentication provider configuration.
- domain
-
The base URL of your Git provider instance.
- supportedGitRemoteDomains
-
A list of Git remote domains that this provider can authenticate with.
- type
-
Specifies the provider type (GitHub Enterprise Server, GitLab, or BitBucket Data Center).
- name
-
A readable name displayed in the BAMOE UI.
- enabled
-
A boolean flag that enables or disables this provider.
- group
-
Categorizes the provider for grouping similar services.
- disableEncoding (GitLab only)
-
If set to true, adds Accept-Encoding.
- insecurelyDisableTlsCertificateValidation (BitBucket Data Center only)
-
If set to true, skips TLS certificate validation.
After completing the configuration, you can access the features provided by each integration. For more information see Connecting to Git and Cloud providers.
Configuring custom Accelerators for your organization
Accelerators are Git repositories that contain a skeleton of an application and that are used to convert a working directory with your .dmn and .bpmn files into a fully functional application that can be built and deployed. They can be used to store configurations that are common to all new Business Services projects within an organization, making them available in BAMOE Canvas and BAMOE Developer Tools for VS Code for all users in your organization.
The default Quarkus and Spring Boot accelerators, available in BAMOE Canvas and BAMOE Developer Tools for VS Code, can be found in the IBM Business Automation Manager Open Editions Accelerators repository by selecting the branch that corresponds to 9.5.0. In BAMOE, you can use Accelerators that correspond to the cloud development frameworks it supports, including Quarkus and Spring Boot with either Maven or Gradle. Use these default accelerators to help identify what you want to modify in your own custom accelerator.
Accelerators are published as part of the release. You can access the following elements:
-
A downloadable ZIP file contains all accelerators templates,
-
Branches for each accelerator in the public GitHub repository,
-
Version-tagged GitHub releases that correspond to BAMOE product version.
For more information, see Accessing Accelerators.
The KIE_SANDBOX_ACCELERATORS environment variable comes pre-configured with the default accelerators, accepting an array of Accelerator configurations.
You can create your custom Accelerators by overwriting the default values or by appending new accelerator definitions.
Your custom Accelerator must be a public Git repository. After creating it, write a specific JSON configuration to be used in the KIE_SANDBOX_ACCELERATORS environment variable for BAMOE Canvas:
canvas:
env: "KIE_SANDBOX_ACCELERATORS"
value: |
[
{
"name": "Your Accelerator name",
"iconUrl": "https://link.to/your/logo/image",
"gitRepositoryUrl": "https://github.com/...",
"gitRepositoryGitRef": "branchName",
"dmnDestinationFolder": "path/to/place/dmn/files",
"bpmnDestinationFolder": "path/to/place/bpmn/files",
"otherFilesDestinationFolder": "path/to/place/other/files",
"scesimDestinationFolder": "path/to/place/scesim/files"
}
]
- name
-
This is how the Accelerator is known inside BAMOE Canvas.
- iconUrl
-
An optional parameter to add an image/logo along with your Accelerator name.
- gitRepositoryUrl
-
This is where your Accelerator is hosted. Must be an URL that can be used with Git clone.
- gitRepositoryGitRef
-
Specifies where in your repository the Accelerator is located. Could be a branch, commit, tag, anything that can be used with Git checkout.
- dmnDestinationFolder
-
Specifies where your DMN and PMML files will be moved after applying the Accelerator (relative to the project root).
- bpmnDestinationFolder
-
Specifies where your BPMN files will be moved after applying the Accelerator (relative to the project root).
- otherFilesDestinationFolder
-
Specifies where other files will be moved after applying the Accelerator (relative to the project root).
- scesimDestinationFolder
-
Specifies where Scesim files will be moved after applying the Accelerator (relative to the project root).
For more information on using accelerators, see Using Accelerators
Configuration reference for Dev environment Helm Charts
The following table lists and describes the configurable parameters of the two Dev Helm charts (IBM Process Automation Manager Open Edition and IBM Decision Manager Open Edition) and their default values.
Global Configuration
| Key | Type | Default | Description |
|---|---|---|---|
global.ingressSource |
string |
"" |
Which ingress source is being used (none/"minikube"/"kubernetes"/"openshift") - For NOTES generation only |
global.kubernetesClusterDomain |
string |
"" |
If using Minikube or Kubernetes, set the cluster domain |
global.kubernetesIngressClass |
string |
"" |
If using Minikube or Kubernetes, set the Ingress class (i.e: nginx) |
global.openshiftRouteDomain |
string |
"" |
If using OpenShift Routes, set the Route domain |
global.chargedProductValues.productID |
string |
"46b14c7f2f894218a7879b3f6416024f" (DMOE) / "72984f114b54496a8a44be139154a988" (PAMOE) |
Product ID for License Service tracking |
global.chargedProductValues.productMetric |
string |
"VIRTUAL_PROCESSOR_CORE" |
Product metric for License Manager tracking |
global.chargedProductValues.productName |
string |
"IBM Decision Manager Open Edition" (DMOE) / "IBM Process Automation Manager Open Edition" (PAMOE) |
Product name for License Service tracking |
nameOverride |
string |
"" |
Overrides chart name |
fullnameOverride |
string |
"" |
Overrides chart full name |
BAMOE Canvas Configuration
| Key | Type | Default | Description |
|---|---|---|---|
canvas.name |
string |
"canvas" |
The BAMOE Canvas application name |
canvas.env |
list |
[{"name":"KIE_SANDBOX_EXTENDED_SERVICES_URL","value":"http://127.0.0.1:21345"},{"name":"KIE_SANDBOX_CORS_PROXY_URL","value":"http://127.0.0.1:8081"}] |
Env variables for BAMOE Canvas deployment |
canvas.image |
object |
{"account":"bamoe","name":"canvas","pullPolicy":"IfNotPresent","registry":"quay.io","tag":"main"} |
Image source configuration for the BAMOE Canvas image |
canvas.imagePullSecrets |
list |
[] |
Pull secrets, used when pulling BAMOE Canvas image |
BAMOE CORS proxy Configuration
| Key | Type | Default | Description |
|---|---|---|---|
cors_proxy.name |
string |
"cors-proxy" |
The CORS Proxy application name |
cors_proxy.env |
list |
[{"name":"CORS_PROXY_ALLOWED_ORIGINS","value":"http://127.0.0.1:8080"},{"name":"CORS_PROXY_ALLOWED_HOSTS","value":"*"}] |
Env variables: CORS_PROXY_ALLOWED_ORIGINS - List of origins that can use the CORS Proxy service. Requests from origins not specified will be rejected. Defaults to the Canvas origin when deployed via Helm Chart, empty when deployed manually. CORS_PROXY_ALLOWED_HOSTS - List of hosts that the CORS Proxy service can proxy to. Requests to hosts not specified will be rejected. Defaults to the * wildcard, which means that any host can be proxied. Recommend changing this environment variable to list only the hosts that will be proxied (OpenShift clusters, Git providers, AI providers, etc). |
cors_proxy.image |
object |
{"account":"bamoe","name":"cors-proxy","pullPolicy":"IfNotPresent","registry":"quay.io","tag":"main"} |
Image source configuration for the CORS Proxy image |
Extended Services Configuration
| Key | Type | Default | Description |
|---|---|---|---|
extended_services.name |
string |
"extended-services" |
The BAMOE Extended Services application name |
extended_services.image |
object |
{"account":"bamoe","name":"extended-services","pullPolicy":"IfNotPresent","registry":"quay.io","tag":"main"} |
Image source configuration for the BAMOE Extended Services image |
Maven Repository Configuration
| Key | Type | Default | Description |
|---|---|---|---|
maven_repository.enabled |
bool |
TRUE |
Enable or disable BAMOE Maven repository installation |
maven_repository.name |
string |
"maven-repository" |
The BAMOE Maven repository application name |
maven_repository.image |
object |
{"account":"bamoe","name":"maven-repository","pullPolicy":"IfNotPresent","registry":"quay.io","tag":"main"} |
Image source configuration for the BAMOE Maven repository image |
Next steps
Once you have successfully installed and configured BAMOE Canvas and BAMOE Maven repository via the Dev environment Helm chart, as well as BAMOE Developer Tools for VS Code, see the following sections:
-
Getting Started → Business Service project setup for more information on Business Service projects.
-
BAMOE Canvas for more information the main features available in BAMOE Canvas to configure before starting to develop your BPMN and DMN business artifacts.
-
BAMOE Developer Tools for VS Code for more information on the main features available in BAMOE Developer Tools for VS Code.