broadleaf:
environment:
report:
disabled: 'true'
- v1.0.0-latest-prod
In a pre-production or production environment, you will want to enable certain properties specific for these higher level environments and disable those that are meant purely for development.
Below is a list of properties to consider specifying in a production profile (e.g. application-production.yml) as well as production configuration to review and verify.
It’s recommended that in production environments that the environment report is disabled.
broadleaf:
environment:
report:
disabled: 'true'Broadleaf provides the ability to create default/demo AdminUsers and Customers. While these users can be helpful in non-production environments, they should not be present in production environments. To disable the creation of these users, the following Auth Service properties must be declared:
broadleaf:
auth:
data:
load:
default-users: false
default-master-global-admin-user: false
register-demo-application-clients: false
see this KB Article for more details: https://ms-support.broadleafcommerce.com/article/86-demo-data-disabling-demo-data
You can disable the demo liquibase change-sets from loading by specifying the liquibase context.
spring:
liquibase:
contexts='!demo'
see this KB Article for more details: https://ms-support.broadleafcommerce.com/article/86-demo-data-disabling-demo-data
If you are utilizing Broadleaf’s Auth Service and would like to allow auto-discovery of the Public Key (instead of configuring it for each deployable). You will want to specify the URI of the well-known JWKs endpoint for your application to hit. For example:
broadleaf:
resource:
security:
oauth2:
encodedPublicKey:
jwkSetUri: http://my-auth-app.default.svc.cluster.local:8080/.well-known/jwks.json
See configuration of JWT Keys for more details: https://developer.broadleafcommerce.com/production/configuration/generating-private-public-key-jwt. See the configuration of the Auth Service for more details: https://developer.broadleafcommerce.com/services/authentication-services
If the system detects that you are running the "file-based" camel-cluster service, then you may see the following WARNING in your logs:
CommonMessagingAutoConfiguration : ***** WARNING - broadleaf.messaging.cluster-service-implementation-type is set to `file``. This prevents cluster detection beyond a single node, which is only appropriate for local development. This value should be changed to `kubernetes` or `zookeeper` (usually `kubernetes` via manifest environment variable when deploying to k8s). *****
See the documentation on Camel Cluster Configuration for more details: https://developer.broadleafcommerce.com/production/configuration/camel-cluster-service
If the system detects that you are still using the sample tax configuration for the SimpleTaxProvider, you may see the following WARNING in your logs:
SimpleTaxProvider : The default simple tax configuration is the same as the sample or there is no default simple tax configuration available. This is not recommended for production environments.
See the documentation on SimpleTaxProvider for more details on how to configure: https://developer.broadleafcommerce.com/services/cart-operation-services/pricing/tax-service