From dcd4b282c4bbb2107ab176364b8ca864eff96f82 Mon Sep 17 00:00:00 2001 From: Alexandre Bouchard Date: Tue, 9 Dec 2025 21:05:34 -0500 Subject: [PATCH 1/4] fix: Fix documentation incorrect information --- docs/pages/features/tenant-user-portal.mdx | 2 +- docs/pages/references/configuration.mdx | 28 +++------------------- internal/config/portal.go | 2 +- 3 files changed, 5 insertions(+), 27 deletions(-) diff --git a/docs/pages/features/tenant-user-portal.mdx b/docs/pages/features/tenant-user-portal.mdx index c4cc48b5..2f049883 100644 --- a/docs/pages/features/tenant-user-portal.mdx +++ b/docs/pages/features/tenant-user-portal.mdx @@ -18,7 +18,7 @@ The portal is a React SPA that is distributed via the API. ## Required Config -`PORTAL_REFERER_URL` is used to redirect the user when the JWT token is expired or when the user clicks "back". +`PORTAL_REFERER_URL` is used to redirect the user when the JWT token is expired or when the user clicks 'back'. `PORTAL_ORGANIZATION_NAME` is used to display the name of the organization deploying the portal. diff --git a/docs/pages/references/configuration.mdx b/docs/pages/references/configuration.mdx index 240f57da..c9ef8565 100644 --- a/docs/pages/references/configuration.mdx +++ b/docs/pages/references/configuration.mdx @@ -93,7 +93,7 @@ Global configurations are provided through env variables or a YAML file. ConfigM | `PORTAL_LOGO_DARK` | URL for the dark-mode logo to be displayed in the Outpost Portal. | `nil` | No | | `PORTAL_ORGANIZATION_NAME` | Organization name displayed in the Outpost Portal. | `nil` | No | | `PORTAL_PROXY_URL` | URL to proxy the Outpost Portal through. If set, Outpost serves the portal assets, and this URL is used as the base. Must be a valid URL. | `nil` | No | -| `PORTAL_REFERER_URL` | The expected Referer URL for accessing the portal. This is a security measure. Required if the Outpost Portal is enabled/used. Example: 'https://admin.example.com'. | `nil` | Conditional | +| `PORTAL_REFERER_URL` | The URL were the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used. | `nil` | Conditional | | `POSTGRES_URL` | Connection URL for PostgreSQL, used for log storage. Example: 'postgres://user:pass@host:port/dbname?sslmode=disable'. | `nil` | Yes | | `PUBLISH_AWS_SQS_ACCESS_KEY_ID` | AWS Access Key ID for the SQS publish queue. Required if AWS SQS is the chosen publish MQ provider. | `nil` | Conditional | | `PUBLISH_AWS_SQS_ENDPOINT` | Custom AWS SQS endpoint URL for the publish queue. Optional. | `nil` | No | @@ -137,6 +137,7 @@ Global configurations are provided through env variables or a YAML file. ConfigM ## YAML {/* BEGIN AUTOGENERATED CONFIG YAML */} + ```yaml # Outpost Configuration Example (Generated) # This example shows all available keys with their default values where applicable. @@ -166,7 +167,6 @@ alert: # Number of consecutive delivery failures for a destination before triggering an alert and potentially disabling it. consecutive_failure_count: 20 - # Enables or disables audit logging for significant events. audit_log: true @@ -191,7 +191,6 @@ destinations: # If true, includes Outpost metadata (event ID, topic, etc.) within the Kinesis record payload. metadata_in_payload: true - # If true, includes a 'timestamp-ms' field with millisecond precision in destination metadata. Useful for load testing and debugging. include_millisecond_timestamp: false @@ -231,9 +230,7 @@ destinations: signature_encoding: "hex" # Go template for the value of the signature header. Only applies to 'default' mode. - signature_header_template: "t={{.Timestamp.Unix}},v0={{.Signatures | join \",\"}}" - - + signature_header_template: 't={{.Timestamp.Unix}},v0={{.Signatures | join ","}}' # Global flag to disable all telemetry (anonymous usage statistics to Hookdeck and error reporting to Sentry). If true, overrides 'telemetry.disabled'. disable_telemetry: false @@ -260,7 +257,6 @@ idgen: # ID generation type for all entities: uuidv4, uuidv7, nanoid. Default: uuidv4 type: "uuidv4" - # Maximum number of log entries to batch together before writing to storage. log_batch_size: 1000 @@ -297,7 +293,6 @@ mqs: # Required: Conditional secret_access_key: "" - # Whether Outpost should create and manage message queue infrastructure. Set to false if you manage infrastructure externally (e.g., via Terraform). Defaults to true for backward compatibility. auto_provision: # <*bool> @@ -342,7 +337,6 @@ mqs: # Required: Y tenant_id: "" - # Configuration for using GCP Pub/Sub as the message queue. Only one MQ provider should be configured. gcp_pubsub: # Name of the GCP Pub/Sub subscription for delivery events. @@ -365,7 +359,6 @@ mqs: # Required: Conditional service_account_credentials: "" - # Configuration for using RabbitMQ as the message queue. Only one MQ provider should be configured. rabbitmq: # Name of the RabbitMQ queue for delivery events. @@ -381,8 +374,6 @@ mqs: # Required: Conditional server_url: "" - - # Maximum number of destinations allowed per tenant/organization. max_destinations_per_tenant: 20 @@ -397,7 +388,6 @@ otel: # Required: Conditional protocol: "" - # OpenTelemetry configuration specific to metrics. metrics: # Specifies the OTLP exporter to use for this telemetry type (e.g., 'otlp'). Typically used with environment variables like OTEL_EXPORTER_OTLP_TRACES_ENDPOINT. @@ -408,7 +398,6 @@ otel: # Required: Conditional protocol: "" - # The service name reported to OpenTelemetry. If set, OpenTelemetry will be enabled. service_name: "" @@ -422,8 +411,6 @@ otel: # Required: Conditional protocol: "" - - # Name of the organization, used for display purposes and potentially in user agent strings. organization_name: "" @@ -456,7 +443,6 @@ portal: # Required: Conditional referer_url: "" - # Connection URL for PostgreSQL, used for log storage. Example: 'postgres://user:pass@host:port/dbname?sslmode=disable'. # Required: Y postgres: "" @@ -486,7 +472,6 @@ publishmq: # Required: Conditional secret_access_key: "" - # Configuration for using Azure Service Bus as the publish message queue. Only one publish MQ provider should be configured. azure_servicebus: # Azure Service Bus connection string for the publish queue. Required if Azure Service Bus is the chosen publish MQ provider. @@ -501,7 +486,6 @@ publishmq: # Required: Conditional topic: "" - # Configuration for using GCP Pub/Sub as the publish message queue. Only one publish MQ provider should be configured. gcp_pubsub: # GCP Project ID for the Pub/Sub publish topic. Required if GCP Pub/Sub is the chosen publish MQ provider. @@ -520,7 +504,6 @@ publishmq: # Required: Conditional topic: "" - # Configuration for using RabbitMQ as the publish message queue. Only one publish MQ provider should be configured. rabbitmq: # Name of the RabbitMQ exchange for the publish queue. @@ -534,8 +517,6 @@ publishmq: # Required: Conditional server_url: "" - - # Maximum number of messages to process concurrently from the publish queue. publish_max_concurrency: 1 @@ -565,7 +546,6 @@ redis: # Enable TLS encryption for Redis connection. tls_enabled: false - # Interval in seconds for exponential backoff retry strategy (base 2). Ignored if retry_schedule is provided. retry_interval_seconds: 30 @@ -597,10 +577,8 @@ telemetry: # Sentry DSN for error reporting. If provided and telemetry is not disabled, Sentry integration will be enabled. sentry_dsn: "https://examplePublicKey@o0.ingest.sentry.io/0" - # Comma-separated list of topics that this Outpost instance should subscribe to for event processing. topics: [item1, item2] - ``` {/* END AUTOGENERATED CONFIG YAML */} diff --git a/internal/config/portal.go b/internal/config/portal.go index 9d43bfbf..7ff0eb31 100644 --- a/internal/config/portal.go +++ b/internal/config/portal.go @@ -9,7 +9,7 @@ import ( type PortalConfig struct { ProxyURL string `yaml:"proxy_url" env:"PORTAL_PROXY_URL" desc:"URL to proxy the Outpost Portal through. If set, Outpost serves the portal assets, and this URL is used as the base. Must be a valid URL." required:"N"` - RefererURL string `yaml:"referer_url" env:"PORTAL_REFERER_URL" desc:"The expected Referer URL for accessing the portal. This is a security measure. Required if the Outpost Portal is enabled/used. Example: 'https://admin.example.com'." required:"C"` + RefererURL string `yaml:"referer_url" env:"PORTAL_REFERER_URL" desc:"The URL were the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used." required:"C"` FaviconURL string `yaml:"favicon_url" env:"PORTAL_FAVICON_URL" desc:"URL for the favicon to be used in the Outpost Portal." required:"N"` BrandColor string `yaml:"brand_color" env:"PORTAL_BRAND_COLOR" desc:"Primary brand color (hex code) for theming the Outpost Portal (e.g., '#6122E7'). Also referred to as Accent Color in some contexts." required:"N"` Logo string `yaml:"logo" env:"PORTAL_LOGO" desc:"URL for the light-mode logo to be displayed in the Outpost Portal." required:"N"` From 62f17456fc8ffc4b502947386cb2745f61bd8102 Mon Sep 17 00:00:00 2001 From: Alexandre Bouchard Date: Tue, 9 Dec 2025 21:07:48 -0500 Subject: [PATCH 2/4] fix: Fix default header --- docs/pages/features/event-delivery.mdx | 2 +- examples/demos/dashboard-integration/README.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/pages/features/event-delivery.mdx b/docs/pages/features/event-delivery.mdx index 6b265647..07d9f4d5 100644 --- a/docs/pages/features/event-delivery.mdx +++ b/docs/pages/features/event-delivery.mdx @@ -33,7 +33,7 @@ The following environment variables can be used to customize the webhook behavio | Environment Variable | Default Value | Required | | ------------------------------------------------ | ------------------------------------------------------ | -------- | -| `DESTINATIONS_WEBHOOK_HEADER_PREFIX` | `x-` | No | +| `DESTINATIONS_WEBHOOK_HEADER_PREFIX` | `x-outpost-` | No | | `DESTINATIONS_WEBHOOK_DISABLE_EVENT_ID_HEADER` | `false` | No | | `DESTINATIONS_WEBHOOK_DISABLE_SIGNATURE_HEADER` | `false` | No | | `DESTINATIONS_WEBHOOK_DISABLE_TIMESTAMP_HEADER` | `false` | No | diff --git a/examples/demos/dashboard-integration/README.md b/examples/demos/dashboard-integration/README.md index 5489a284..dc32ba59 100644 --- a/examples/demos/dashboard-integration/README.md +++ b/examples/demos/dashboard-integration/README.md @@ -184,7 +184,7 @@ For detailed implementation guidance with code examples, see **[INTEGRATION_DETA | `RABBITMQ_SERVER_URL` | RabbitMQ connection | `amqp://guest:guest@rabbitmq:5672` | | `TOPICS` | Available event topics (comma-separated) | `user.created,order.completed,payment.processed` | | `PORTAL_ORGANIZATION_NAME` | Portal branding | `API Platform Demo` | -| `PORTAL_REFERER_URL` | Dashboard URL for "Back to" navigation link in portal | `http://localhost:3000` | +| `PORTAL_REFERER_URL` | The URL were the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used. | `http://localhost:3000` | ## Docker Services @@ -294,4 +294,4 @@ This demo demonstrates several integration patterns: - Form validation with user-friendly error messages - API error responses with appropriate HTTP status codes - Loading states and skeleton screens for data fetching -- Fallback UI for failed API calls \ No newline at end of file +- Fallback UI for failed API calls From 8673852166981ac854dfed6c656b903546627ffb Mon Sep 17 00:00:00 2001 From: Alex Luong Date: Thu, 11 Dec 2025 01:05:33 +0700 Subject: [PATCH 3/4] chore: typo --- docs/pages/references/configuration.mdx | 2 +- examples/demos/dashboard-integration/README.md | 2 +- internal/config/portal.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/pages/references/configuration.mdx b/docs/pages/references/configuration.mdx index c9ef8565..2e811c77 100644 --- a/docs/pages/references/configuration.mdx +++ b/docs/pages/references/configuration.mdx @@ -93,7 +93,7 @@ Global configurations are provided through env variables or a YAML file. ConfigM | `PORTAL_LOGO_DARK` | URL for the dark-mode logo to be displayed in the Outpost Portal. | `nil` | No | | `PORTAL_ORGANIZATION_NAME` | Organization name displayed in the Outpost Portal. | `nil` | No | | `PORTAL_PROXY_URL` | URL to proxy the Outpost Portal through. If set, Outpost serves the portal assets, and this URL is used as the base. Must be a valid URL. | `nil` | No | -| `PORTAL_REFERER_URL` | The URL were the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used. | `nil` | Conditional | +| `PORTAL_REFERER_URL` | The URL where the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used. | `nil` | Conditional | | `POSTGRES_URL` | Connection URL for PostgreSQL, used for log storage. Example: 'postgres://user:pass@host:port/dbname?sslmode=disable'. | `nil` | Yes | | `PUBLISH_AWS_SQS_ACCESS_KEY_ID` | AWS Access Key ID for the SQS publish queue. Required if AWS SQS is the chosen publish MQ provider. | `nil` | Conditional | | `PUBLISH_AWS_SQS_ENDPOINT` | Custom AWS SQS endpoint URL for the publish queue. Optional. | `nil` | No | diff --git a/examples/demos/dashboard-integration/README.md b/examples/demos/dashboard-integration/README.md index dc32ba59..a8026b4e 100644 --- a/examples/demos/dashboard-integration/README.md +++ b/examples/demos/dashboard-integration/README.md @@ -184,7 +184,7 @@ For detailed implementation guidance with code examples, see **[INTEGRATION_DETA | `RABBITMQ_SERVER_URL` | RabbitMQ connection | `amqp://guest:guest@rabbitmq:5672` | | `TOPICS` | Available event topics (comma-separated) | `user.created,order.completed,payment.processed` | | `PORTAL_ORGANIZATION_NAME` | Portal branding | `API Platform Demo` | -| `PORTAL_REFERER_URL` | The URL were the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used. | `http://localhost:3000` | +| `PORTAL_REFERER_URL` | The URL where the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used. | `http://localhost:3000` | ## Docker Services diff --git a/internal/config/portal.go b/internal/config/portal.go index 7ff0eb31..52408063 100644 --- a/internal/config/portal.go +++ b/internal/config/portal.go @@ -9,7 +9,7 @@ import ( type PortalConfig struct { ProxyURL string `yaml:"proxy_url" env:"PORTAL_PROXY_URL" desc:"URL to proxy the Outpost Portal through. If set, Outpost serves the portal assets, and this URL is used as the base. Must be a valid URL." required:"N"` - RefererURL string `yaml:"referer_url" env:"PORTAL_REFERER_URL" desc:"The URL were the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used." required:"C"` + RefererURL string `yaml:"referer_url" env:"PORTAL_REFERER_URL" desc:"The URL where the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used." required:"C"` FaviconURL string `yaml:"favicon_url" env:"PORTAL_FAVICON_URL" desc:"URL for the favicon to be used in the Outpost Portal." required:"N"` BrandColor string `yaml:"brand_color" env:"PORTAL_BRAND_COLOR" desc:"Primary brand color (hex code) for theming the Outpost Portal (e.g., '#6122E7'). Also referred to as Accent Color in some contexts." required:"N"` Logo string `yaml:"logo" env:"PORTAL_LOGO" desc:"URL for the light-mode logo to be displayed in the Outpost Portal." required:"N"` From fa2d4dbb090a4004b75f9ef823bbb882724f8a45 Mon Sep 17 00:00:00 2001 From: Alex Luong Date: Thu, 11 Dec 2025 01:06:42 +0700 Subject: [PATCH 4/4] docs: generate config docs --- docs/pages/references/configuration.mdx | 28 ++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/docs/pages/references/configuration.mdx b/docs/pages/references/configuration.mdx index 2e811c77..435fb435 100644 --- a/docs/pages/references/configuration.mdx +++ b/docs/pages/references/configuration.mdx @@ -137,7 +137,6 @@ Global configurations are provided through env variables or a YAML file. ConfigM ## YAML {/* BEGIN AUTOGENERATED CONFIG YAML */} - ```yaml # Outpost Configuration Example (Generated) # This example shows all available keys with their default values where applicable. @@ -167,6 +166,7 @@ alert: # Number of consecutive delivery failures for a destination before triggering an alert and potentially disabling it. consecutive_failure_count: 20 + # Enables or disables audit logging for significant events. audit_log: true @@ -191,6 +191,7 @@ destinations: # If true, includes Outpost metadata (event ID, topic, etc.) within the Kinesis record payload. metadata_in_payload: true + # If true, includes a 'timestamp-ms' field with millisecond precision in destination metadata. Useful for load testing and debugging. include_millisecond_timestamp: false @@ -230,7 +231,9 @@ destinations: signature_encoding: "hex" # Go template for the value of the signature header. Only applies to 'default' mode. - signature_header_template: 't={{.Timestamp.Unix}},v0={{.Signatures | join ","}}' + signature_header_template: "t={{.Timestamp.Unix}},v0={{.Signatures | join \",\"}}" + + # Global flag to disable all telemetry (anonymous usage statistics to Hookdeck and error reporting to Sentry). If true, overrides 'telemetry.disabled'. disable_telemetry: false @@ -257,6 +260,7 @@ idgen: # ID generation type for all entities: uuidv4, uuidv7, nanoid. Default: uuidv4 type: "uuidv4" + # Maximum number of log entries to batch together before writing to storage. log_batch_size: 1000 @@ -293,6 +297,7 @@ mqs: # Required: Conditional secret_access_key: "" + # Whether Outpost should create and manage message queue infrastructure. Set to false if you manage infrastructure externally (e.g., via Terraform). Defaults to true for backward compatibility. auto_provision: # <*bool> @@ -337,6 +342,7 @@ mqs: # Required: Y tenant_id: "" + # Configuration for using GCP Pub/Sub as the message queue. Only one MQ provider should be configured. gcp_pubsub: # Name of the GCP Pub/Sub subscription for delivery events. @@ -359,6 +365,7 @@ mqs: # Required: Conditional service_account_credentials: "" + # Configuration for using RabbitMQ as the message queue. Only one MQ provider should be configured. rabbitmq: # Name of the RabbitMQ queue for delivery events. @@ -374,6 +381,8 @@ mqs: # Required: Conditional server_url: "" + + # Maximum number of destinations allowed per tenant/organization. max_destinations_per_tenant: 20 @@ -388,6 +397,7 @@ otel: # Required: Conditional protocol: "" + # OpenTelemetry configuration specific to metrics. metrics: # Specifies the OTLP exporter to use for this telemetry type (e.g., 'otlp'). Typically used with environment variables like OTEL_EXPORTER_OTLP_TRACES_ENDPOINT. @@ -398,6 +408,7 @@ otel: # Required: Conditional protocol: "" + # The service name reported to OpenTelemetry. If set, OpenTelemetry will be enabled. service_name: "" @@ -411,6 +422,8 @@ otel: # Required: Conditional protocol: "" + + # Name of the organization, used for display purposes and potentially in user agent strings. organization_name: "" @@ -439,10 +452,11 @@ portal: # URL to proxy the Outpost Portal through. If set, Outpost serves the portal assets, and this URL is used as the base. Must be a valid URL. proxy_url: "" - # The expected Referer URL for accessing the portal. This is a security measure. Required if the Outpost Portal is enabled/used. Example: 'https://admin.example.com'. + # The URL where the user is redirected when the JWT token is expired or when the user clicks 'back'. Required if the Outpost Portal is enabled/used. # Required: Conditional referer_url: "" + # Connection URL for PostgreSQL, used for log storage. Example: 'postgres://user:pass@host:port/dbname?sslmode=disable'. # Required: Y postgres: "" @@ -472,6 +486,7 @@ publishmq: # Required: Conditional secret_access_key: "" + # Configuration for using Azure Service Bus as the publish message queue. Only one publish MQ provider should be configured. azure_servicebus: # Azure Service Bus connection string for the publish queue. Required if Azure Service Bus is the chosen publish MQ provider. @@ -486,6 +501,7 @@ publishmq: # Required: Conditional topic: "" + # Configuration for using GCP Pub/Sub as the publish message queue. Only one publish MQ provider should be configured. gcp_pubsub: # GCP Project ID for the Pub/Sub publish topic. Required if GCP Pub/Sub is the chosen publish MQ provider. @@ -504,6 +520,7 @@ publishmq: # Required: Conditional topic: "" + # Configuration for using RabbitMQ as the publish message queue. Only one publish MQ provider should be configured. rabbitmq: # Name of the RabbitMQ exchange for the publish queue. @@ -517,6 +534,8 @@ publishmq: # Required: Conditional server_url: "" + + # Maximum number of messages to process concurrently from the publish queue. publish_max_concurrency: 1 @@ -546,6 +565,7 @@ redis: # Enable TLS encryption for Redis connection. tls_enabled: false + # Interval in seconds for exponential backoff retry strategy (base 2). Ignored if retry_schedule is provided. retry_interval_seconds: 30 @@ -577,8 +597,10 @@ telemetry: # Sentry DSN for error reporting. If provided and telemetry is not disabled, Sentry integration will be enabled. sentry_dsn: "https://examplePublicKey@o0.ingest.sentry.io/0" + # Comma-separated list of topics that this Outpost instance should subscribe to for event processing. topics: [item1, item2] + ``` {/* END AUTOGENERATED CONFIG YAML */}