In [1]:
from dotenv import load_dotenv
import os
load_dotenv()
os.environ["OPENAI_API_KEY"] = os.getenv('OPEN_AI_KEY')

In [2]:
from ragas.llms import LangchainLLMWrapper
from ragas.embeddings import LangchainEmbeddingsWrapper
from langchain_openai import ChatOpenAI
from langchain_openai import OpenAIEmbeddings
evaluator_llm = LangchainLLMWrapper(ChatOpenAI(model="gpt-4o"))
evaluator_embeddings = LangchainEmbeddingsWrapper(OpenAIEmbeddings())

In [8]:
questions = [
    "How to deploy a webapp?",
    "How to resolve \"\"Module not found error\"\" during the deployment of a Python project?",
    "How to add authentication to my service?",
    "How to add a custom domain to my web app?",
    "How can I test my service?",
    "How can I add environment variables to python webapp?",
    "How to connect the React frontend to the backend?",
    "How can I deploy my backend and then connect it to the frontend deployed in github pages?",
    "How can I implement testing for a full-stack application including automated testing for both frontend and backend components?",
    "I'm getting \"\"procfile not found\"\" error for my python service. How do I resolve this?",
    "I'm getting .choreo/endpoints.yaml not found error. How do I resolve this?",
    "Tell me how I can configure a readiness probe?",
    "How to configure Azure as an external IdP?",
    "How can I implement rate limiting on my APIs?",
    "How can i resolve trivy security check errors?",
    "How can I add a config file to react web app?",
    "How can I secure my web app?",
    "What are the steps to secure an API in Choreo?",
    "How can I set up alerts for my service?",
    "How can I add members to my organization",
    "How can I create a new environment for deployment",
    "How to make sure that an api is only visible to admins in my organization?",
    "How to use Choreo CLI locally?",
    "How do I set up automatic scaling for my applications?",
    "What options are available for data storage in Choreo?",
    "How can I create a webhook?",
    "Can I set usage limits for my API based on different tiers",
    "How can I monitor the performance of my services deployed on Choreo?",
    "How can I deploy a new version of my service from a different branch in the same component?",
    "What are the available pricing plans in Choreo?",
    "How can I limit requests coming to my API?",
    "I want to control traffic coming to my API.",
    "My build fails during trivy scan",
    "I get build errors during vulnerability scan stage",
    "I have secret keys as configs for my react web app. How to manage them securely?",
    "What steps can I take to protect my web app?",
    "What methods can I use to protect an API in Choreo?",
    "How do I invite new people to join my organization?",
    "How do I restrict my API so that only admins can see it?",
    "How do I get started with using Choreo CLI on my computer?",
    "How do I configure my applications to scale automatically?",
    "My service gets overloaded with requests how to fix this?"
]

ground_truths = [
"To deploy a web application in Choreo, follow the steps below:\n\n1. **Create a project**:  On the organization home page, click **+ Create Project**. Enter a display name, unique name, and description for the project. Click **Create**. This creates the project and opens the project home page. \n\n2. **Create a Web Application component**: On the project home page, click **Web Application** under **Create a Single Component**. Enter a unique name and a description for the web application. \n\n3. **Connect to GitHub**: Go to the **GitHub** tab and click **Authorize with GitHub**. If you have not already connected your GitHub repository to Choreo, enter your GitHub credentials and select the repository. You can also paste the repository URL in the **Provide Repository URL** field to connect to it without requiring authorization. \n\n4. **Enter the required information**: Enter the required information such as your GitHub account in the **Organization** field, repository name in the **Repository** field, and the branch name in the **Branch** field. \n\n5. **Select Buildpack**: Select a build Buildpack (eg: NodeJS, React, Python,PHP, etc.) as the **Buildpack** and provide the necessary details (eg: Project Directory, Language Version, Port, etc.). \n\n6. **Create the component**: Click **Create**. Choreo initializes the component with the sample implementation and opens the **Overview** page of the component.\n\n7. **Build your web application**: In the left navigation menu, click **Build**.In the Builds pane, click **Build**. This opens the Commits pane, where you can see all the commits related to the component. Select the latest commit and click **Build**. This triggers the build process and displays the progress in the **Build Logs pane**.\n\n8. **Deploy the web application**: In the left navigation menu, click **Deploy**. In the **Set Up** card, click **Configure and Deploy**. Click **Next** to move to the **Authentication Settings** pane. Keep the default settings and click **Deploy**. \n\n9. **Verify the deployment**: To verify that you have successfully hosted the web application, click the **Web App URL** in the **Development** card. This takes you to the web application.",
"To resolve a **Module not found""** error during the deployment of a Python project in Choreo:\n\n1. **Verify Dependencies:**\n - Ensure all required Python modules are in `requirements.txt`\n - Example `requirements.txt`:\n ```plaintext\n flask\n requests\n numpy\n ```\n\n2. **Check File Paths:**\n - Verify that the modules and packages being imported in your Python code have the correct file paths\n\n3. **Rebuild the Component:**\n - Trigger a rebuild after updating `requirements.txt` or file paths. This will ensure that any changes made to the dependencies are included in the new build.\n\n4. **Inspect Logs:**\n - . If the error persists check build logs in Choreo Console UI for detailed error messages. The logs can provide more context on which module is not found and why. \n\n5. **Environment Configuration:**\n - Ensure correct setup of environment variables in Choreo. Sometimes environment variables might be needed for certain modules to work correctly.you can follow these steps:\n\n**Steps to Implement Custom Authentication:**\n\n1. **Add the Connection Configuration:**\n```window.configs = {\napiUrl: '<SERVICE_URL>'",
"To add **authentication** to a service in **Choreo**, you can utilize **Choreo's managed authentication** or configure **custom authentication**. Here are the steps for integrating managed authentication and custom authentication:\n\n**Managed Authentication**\nManaged authentication is a feature provided by **Choreo** that simplifies the process of adding authentication and authorization to your web application. It supports web applications created with **React**, **Angular**, or **Vue.js** buildpacks.\n\n**Steps to Implement Managed Authentication:**\n\n1. **Implement Sign-in Functionality:**\n```<button onClick={() => { window.location.href = ""/auth/login"" }}>Login</button>```\nThis redirects users to the **login path** where **Choreo** handles the authentication process.\n\n2. **Obtain User Information Claims:**\n\n**Via Cookie:**\n```import Cookies from 'js-cookie';\nconst encodedUserInfo = Cookies.get('userinfo');\nconst userInfo = JSON.parse(atob(encodedUserInfo));\nCookies.remove('userinfo', { path: '/' });```\n\n**Via GET Endpoint:**\n```const response = await fetch('/auth/userinfo');```\n\n3. **Implement Sign-out Functionality:**\n```<button onClick={async () => { window.location.href = `/auth/logout?session_hint=${Cookies.get('session_hint')}`;}}>Logout</button>```\n\n4. **Invoke APIs:**\n```const response = await fetch('/choreo-apis/<api-suffix>');```\n\n**Custom Authentication**\nIf you prefer to handle authentication manually or use custom authentication mechanisms, you can follow these steps:\n\n**Steps to Implement Custom Authentication:**\n\n1. **Add the Connection Configuration:**\n```window.configs = {\napiUrl: '<SERVICE_URL>',\nconsumerKey: '<CONSUMER_KEY>',\nconsumerSecret: '<CONSUMER_SECRET>',\ntokenUrl: '<TOKEN_URL>',\n};```\n\n2. **Read the Configuration:**\n```const serviceURL = window?.configs?.apiUrl ? window.configs.apiUrl : ""/"";```\n\n3. **Acquire an OAuth 2.0 Access Token:**\n\n**Using a cURL Command:**\n```CONSUMER_KEY=""your_consumer_key""\nCONSUMER_SECRET=""your_consumer_secret""\nTOKEN_URL=""your_token_url""\nCLIENT_CREDENTIALS=$(echo -n ""$CLIENT_ID:$CLIENT_SECRET"" | base64)\ncurl -X POST $TOKEN_URL \n-H ""Content-Type: application/x-www-form-urlencoded"" \n-H ""Authorization: Basic $CLIENT_CREDENTIALS"" \n--data-urlencode ""grant_type=client_credentials""```\n\n4. **Invoke the Service:**\n```const response = await axios.get(serviceURL/{RESOURCE_PATH}, {\nheaders: {\n'Authorization': `Bearer ${accessToken}`\n}\n});```\n\nBy following these steps, you can successfully add **authentication** to your service in **Choreo** using either **managed authentication** or **custom authentication** methods.",
"to add a custom domain to a web app in Choreo:\n\nPrerequisites:\n1. Ensure you have organization administrator privileges.\n2. Make sure your web app is deployed in the desired environment.\n\nSteps to Add a Custom Domain:\n1. **Sign in to the Choreo Console**.\n2. **Access Organization Settings**:\n * Click the **Organization** list in the Choreo Console header.\n * In the left navigation menu, click **Settings**.\n * Go to the **URL Settings** tab and then click the **Active Domains** tab.\n3. **Add the Custom Domain**:\n * Click **+ Add Domains**.\n * In the **Add a Custom Domain** pane, enter your domain name.\n * Select the environment where you want to apply the domain name.\n * Select the entity type as **Web App**.\n * Note the generated CNAME target value displayed and create a DNS record associating your domain name to the CNAME target value with your DNS provider.\n4. **Verify the Domain**:\n * Once the CNAME type DNS record is created, click **Verify**.\n5. **Configure TLS Certificates**:\n * On successful verification, click **Next**.\n * Select a TLS certificate provider. You can either import your own TLS certificates or allow Choreo to generate and manage the certificates using **Let's Encrypt**.\n6. **Save the Custom Domain**:\n * Click **Add** to save the custom domain.\n\nConfigure a Custom URL for Your Web App:\n1. **Request a Custom URL**:\n * Sign in to the Choreo Console.\n * In the **Component Listing** pane, click on your web app.\n * Click **Settings** in the left navigation menu.\n * Go to the **URL Settings** tab. If an active custom domain is available, the **Edit URL Mapping** icon in the corresponding **Action** column will be enabled.\n2. **Configure the URL**:\n * Click the **Edit URL Mapping** icon under the **Action** column for the desired environment.\n * Select the domain from the **Domain** drop-down list.\n * Click **Configure** to create the custom URL mapping. The custom URL request will be in **Pending** status until approved by an organization administrator.\n3. **Approval**:\n * The organization administrator needs to approve the custom URL request from the organization-level settings page under the **Pending URL Requests** tab.\n\nOnce the custom URL request is approved, the custom domain will be applied to your web app.",
"To test your service in **Choreo**, you can use the integrated **OpenAPI Console** within the **Choreo Console UI**. Here are the detailed steps to perform the test:\n\n**Steps to Test the Service in Choreo Console**\n\n1. **Navigate to the Test Console**:\n - In the **Choreo Console** left navigation menu, click **Test** and then click **Console**.\n\n2. **Select the Environment**:\n - In the **OpenAPI Console** that opens, select **Development** from the environment drop-down list.\n\n3. **Choose the Endpoint**:\n - In the **Endpoint** list, select the relevant **REST endpoint** for your service.\n\n4. **Test the GET Method**:\n - Expand the **GET /** method (e.g., **GET /books**).\n - Click **Try it out**.\n - Click **Execute**.\n - Check the **Server Response** section to see the response from the server.\n\n5. **Test the POST Method**:\n - Expand the **POST /** method (e.g., **POST /books**).\n - Click **Try it out**.\n - Update the **request body** with the necessary parameters. For example:\n ```\n {\n ""author"": ""Your Author"",\n ""status"": ""to_read"",\n ""title"": ""Your Title""\n }\n ```\n - Click **Execute**.\n - Check the **Server Response** section. On successful invocation, you should receive a **201 HTTP status code**.\n\n6. **Additional Methods**:\n - Similarly, you can expand and test other methods (e.g., **PUT**, **DELETE**) available for your service by following the **Try it out** and **Execute** steps.",
"To set up environment variables in **Choreo**, follow these steps:\n\n**Steps to Apply Environment Variables**\n\n1. **Navigate to Your Component in Choreo Console**:\n - Go to the **Component Listing** pane and click on the component you want to configure.\n\n2. Access **Configurations & Secrets**:\n - In the left navigation menu, click **DevOps** and then click **Configs & Secrets**.\n\n3. **Create a New Environment Variable**:\n - Click **+ Create**.\n - In the **Create a Config or Secret** pane, select **Environment Variables**.\n\n4. **Mark as a Secret (Optional)**:\n - If you need the environment variable values to be secrets, select **Mark as a Secret**. Note that you will not be able to read these values after setting them.\n\n5. **Specify the Environment Variables**:\n - Enter the **Display Name** for your configuration or secret.\n - Under **Add Environment Variables**, specify the environment variables as **key-value pairs**.\n - Click **Add Item** to add more variables if needed.\n\n6. **Finalize Creation**:\n - Click **Create** to save your environment variables.\n\n**Additional Tips**\n\n- **Ballerina Configurables**: If you are dealing with Ballerina components, you can manage configurables separately. Configurables can be used instead of environment variables for file mounts in Ballerina components. \n\n**Security Note**\n\n- All configurations and secrets are stored in an encrypted secret vault managed by **WSO2** in the cloud data plane. If you are on a private data plane, they are stored in an **Azure key vault** or **AWS secret manager** attached to your data plane in your cloud environment.",
"1: Create and Deploy Your Backend Service\nFirst, ensure your backend service is deployed in Choreo. If you don't have a service yet, you can create one by following these steps:\n1. **Connect to Your Repository:**\n * On the project home page, click **Start** under **Create Multiple Components**.\n * Go to the **GitHub** tab and authorize Choreo to connect to your GitHub account.\n * Enter the repository URL and branch details.\n * Select and configure the backend service component.\n2. **Build and Deploy the Service:**\n * Click the service component listed under **Component Listing** on the project home page.\n * In the left navigation menu, click **Build** and then **Build Latest**.\n * Once the build is complete, proceed to deploy the service.\n\nStep 2: Create a React Frontend Application in Choreo\nNext, create a web application component for your React frontend:\n1. **Create the Web Application Component:**\n * In the Choreo Console header, select your project.\n * Click **+ Create** under **Component Listing**.\n * Select **Web Application** and fill in the necessary details (display name, unique name, description).\n * Authorize with GitHub to connect your repository.\n * Enter your GitHub account, repository, and branch details.\n * Select **React** as the buildpack.\n * Enter the build configuration details (`Project Directory`, `Build Command`, `Build Path`, `Node Version`).\n2. **Build the Web Application Component:**\n * In the left navigation menu, click **Build** and then **Build Latest**.\n\nStep 3: Connect the Web Application to the Backend Service\nTo establish a connection between your React frontend and the backend service:\n1. **Create a Connection:**\n * In the left navigation menu, click **Dependencies** and then **Connections**.\n * Click **+ Create** and select your backend service.\n * Provide a name and description for the connection and click **Create**.\n * Copy the service URL displayed for the Development environment.\n2. **Configure the Web Application:**\n * In the left navigation menu, click **Deploy** and then **Configure and Deploy**.\n * In the `config.js` file mount, replace `<Service URL>` with the copied service URL:\n ```javascript\n window.configs = {\n apiUrl: '<Service URL>',\n };\n ```\n * Ensure managed authentication is enabled and configure authentication settings (Post Login Path, Post Logout Path, Error Path).\n3. **Deploy the Web Application:**\n * Click **Deploy** in the **Authentication** pane.\n * Once deployed, copy the **Web App URL**.\n\nStep 4: Access and Test Your Application\n* Navigate to the web app URL to verify that your React frontend is successfully connected to the backend service.",
"To deploy a backend service on Choreo and connect it to a frontend hosted on GitHub Pages, follow these steps:\n\nStep 1: Deploy the Backend Service on Choreo\n1. Create a Project in Choreo:\n * Go to the Choreo Console and sign in.\n * On the organization home page, click **+ Create Project**.\n * Enter a display name, unique name, and description for the project.\n * Click **Create** to create the project and open the project home page.\n\n2. Connect Your GitHub Repository and Configure the Service:\n * On the project home page, click **Start** under **Create Multiple Components**.\n * Go to the **GitHub** tab.\n * Click **Authorize with GitHub** to allow Choreo to connect to your GitHub account.\n * Enter the GitHub account details, repository, and branch.\n * In the **Add Component Directories** pane, click the + icon corresponding to your backend service directory.\n * Configure the service component by specifying details such as Component Display Name, Component Name, Path, Component Type, Buildpack, and Language Version.\n * Click **Save** and then **Finish** to initialize the service.\n\n3. Build and deploy the service\n 3.1: Build\n * On the project home page, click the service component you created. This takes you to the component overview page.\n * In the left navigation, click **Build**.\n * Click **Build Latest**. The build process may take a while, and you can track the progress via the logs in the Build Details pane.\n * Once the build process is complete, the build status changes to Success.\n\n 3.2: Deploy\n * In the left navigation menu, click **Deploy**.\n * On the **Set Up** card, click **Configure & Deploy**.\n * In the **Environment Configurations** pane, click **Next**.\n * In the **File Mount** pane, click **Next**.\n * Review the **Endpoint Details** and click **Deploy**. In the Endpoint Details pane that opens, ensure that the Network Visibility is set to Public. This setting securely exposes the endpoint for external consumption.\n * The deployment process may take some time, and you can track the progress by observing the logs.\n * Once the deployment is complete, the build status changes to Active on the Development environment card.\n\n Ensure that your backend service is configured to allow CORS (Cross-Origin Resource Sharing) requests from your frontend's domain (GitHub Pages). \n This is crucial for enabling communication between the two different domains.\n To do that follow these steps\n\n 3.3.: Enable CORS\n * From your Development card access endpoint details. \n * In the Endpoint Details pane Go to settings. \n * From the security tab in the settings you can allow CORS.\n\nTo connect your service to the frontend deployed outside choreo in this case github pages you need to get the public url for your service.\n\n4. Getting the Public URL:\n * Once the deployment is complete, navigate to the component overview page where you can find the service URL.\n * Copy the public URL of the service from the development environment card.\n\n5. Then you have to manually add this public URL as the API URL in your frontend code.\n Use this API URL in your frontend to make HTTP requests (e.g., GET, POST) to interact with your backend service.",
"To implement automated testing for both frontend and backend components in a full-stack application using Choreo, follow these steps:\n\n**Backend Testing with Test Runner**\n\n**Create a Test Runner Component:**\n1. Go to the Choreo Console.\n2. **Click `+Create`** in the Component Listing section.\n3.Select **`Test Runner`.**\n4. Enter a unique name and description for the test runner component.\n5. Go to the `GitHub` tab and enter:\n - **GitHub Account**\n - **GitHub Repository**\n - **Branch**\n6. Select a buildpack based on the language of your choice.\n7. Enter the relevant values based on the selected buildpack.\n8. **Click `Create`.\n**Build and Deploy the Test Runner Component:**\n1. Navigate to `Build` on the left panel.\n2. **Click `Build`** and select the latest commit.\n3. Once the build completes, go to `Deploy`.\n4. **Click `Deploy`** to deploy the Test Runner component, or use `Configure and Deploy` for additional configurations.\n5. After deployment, go to `Execute` and select the environment.\n6. **Click `Run Now`** to trigger the test execution.\n7. Once execution is completed, click on a particular execution to view the test results.\n\n**Frontend Testing**\n\n**Access and Test Frontend Application:**\n1. Access the frontend application via its web URL.\n2. Perform manual testing by interacting with the application (e.g., adding items, checking user-specific data).",
"The error you're encountering is because Choreo requires a `Procfile` in your Python project's root directory. A `Procfile` is a configuration file used to declare the commands that are run by your application's containers. \n\nFor a Python project, your `Procfile` might look something like this:\n```\nweb: <command to start your application>\n``` \nFor example, if you're using Flask, your `Procfile` should look like this:\n```\nweb: flask run --host=0.0.0.0\n```\n\nPlease ensure that you have a `Procfile` in your project root directory and that it contains the appropriate command to start your application. You can refer more on this from the [Choreo documentation](https://wso2.com/choreo/docs/develop-components/deploy-an-application-with-buildpacks/#develop-a-component).",
"The error message you're seeing, '.choreo/endpoints.yaml not found', indicates that the `endpoints.yaml` file is missing from your project's root directory in the `.choreo` folder. This file is required to define the endpoints for your service component. \n\nTo resolve this error, you need to create an `endpoints.yaml` file in the `.choreo` directory at the build context path and commit it to the source repository. The `endpoints.yaml` file should contain details about the endpoints that your service component will expose. Here is a sample `endpoints.yaml` file:\n\n```yaml\nversion: 0.1\nendpoints:\n- name: Your Service\n port: 9090\n type: REST\n networkVisibility: Project\n context: /your_service\n schemaFilePath: your_service_openapi.yaml\n```\n\nIn this file:\n\n- `name` is a unique name for the endpoint, which Choreo will use to generate the managed API.\n- `port` is the numeric port value that gets exposed via this endpoint.\n- `type` is the type of traffic this endpoint is accepting, such as `REST`, `GraphQL`, `gRPC`, `UDP`or `TCP`.\n- `networkVisibility` is the network level visibility of this endpoint, which defaults to `Public` if not specified. Accepted values are `Project`, `Organization`, or `Public`.\n- `context` is the context (base path) of the API that Choreo exposes via this endpoint. \n- `schemaFilePath` is the swagger definition file path. This field should be a relative path to the project path.\n\nPlease make sure to replace 'Your Service' and '/your_service' with the actual name and context of your service, and 'your_service_openapi.yaml' with the actual OpenAPI schema file.\n\nFor more detailed information about the `endpoints.yaml` file and its structure, you can refer to the following documentation",
"To configure a readiness probe in Choreo, follow these steps:\n\n1. In the **Component Listing** pane, click on the component for which you want to configure readiness probes.\n2. In the left navigation menu, click **DevOps** and then click **Health Checks**.\n3. On the **Health Checks** page, click **+ Create**.\n4. Configure the readiness probe depending on your requirement.\n5. Click **Save**. \n\nYou can update or remove a probe at any time. After setting up the probe, you can ensure that the container works as expected by clicking **Runtime** under **DevOps** in the left navigation menu. On the **Runtime** page, check the details to confirm that the container works as expected. If the container does not start, check the **events and conditions** to see if any of the probes are causing the container to fail.\n\nReadiness probes run periodically throughout the lifecycle of a container. Unlike liveness probes, these probes do not restart the container if the probe fails. Instead, they stop the container from receiving network traffic. Be mindful when you configure readiness probes on a single-running replica. If the readiness probe fails, your application stops receiving traffic because there is only one active replica. The application may not recover unless the liveness probe fails and restarts the container.\n\nYou can configure the following probe types for readiness probes:\n\n- HTTP `GET` request: This probe sends an HTTP `GET` request to a specified port and path on the container. A response status code in the range of 200-399 indicates that the request is a success. Depending on your requirement, you can configure additional HTTP headers. The recommended approach is to create a `/healthz` or `/health` endpoint in your service for this purpose.\n- TCP connection probe: This probe attempts to open a socket to the container on the specified port. If it cannot establish a TCP connection, it becomes a failure.\n- Execute a command: This probe executes a given script inside the container. A non-zero return from the command is considered a failure. For example, `[\"\"cat\"\", \"\"/tmp/healthy\"\"]` is considered healthy if the file `/tmp/healthy` is present. If not, it becomes a failure (non-zero exit code). In such scenarios, the application is responsible for writing and maintaining this file in the specified location.\n\nFor more details, please refer to the [Set Up Health Checks] documentation.",
"To configure Azure Active Directory (Azure AD) as an external Identity Provider (IdP) in Choreo, you need to follow a sequence of steps. Before you begin, ensure that you have the following prerequisites:\n\n1. An Azure Active Directory account. You can set up an Azure Active Directory account at [Azure's website](https://azure.microsoft.com/en-gb/) if you don't already have one.\n2. Administrator rights to your Choreo organization. This is required to configure the Azure AD account in your organization.\n\nHere are the steps to add Azure AD as an IdP in Choreo:\n\n1. Sign in to the Choreo Console at [Choreo Console](https://console.choreo.dev/).\n2. In the left navigation menu, click **Settings**.\n3. In the header, click the **Organization** list. This will open the organization level settings page.\n4. On the **Application Security** tab, click **Identity Providers** and then click **+ Identity Provider**.\n5. Select **Microsoft Entra ID (Azure AD)** as the Identity Provider.\n6. Provide a name and a description for the IdP.\n7. To obtain the `Well-Known URL` of your Azure AD instance, on your Azure account, under **Azure Active Directory** go to **App registrations**, and then **Endpoints**. Copy the URI under`OpenID Connect metadata document`.\n8. Leave the **Apply to all environments** checkbox selected. However, if you want to restrict the use of the external IdP to a certain environment, you can select them from the **Environments** list.\n9. Review the endpoints and click **Next**.\n\nPlease note that in Azure, there are two versions of access tokens available. By default, the IDP applications you create use the v1 access token. Therefore, if you intend to use the v1 access token, when providing the `Well-Known URL`, omit the v2.0 path segment from the URL. If you intend to work with v2.0, then the IDP application's manifest should be changed as explained in the access token documentation.\n\nFor more detailed steps, you can refer to the [official documentation]",
"Implementing rate limiting on APIs in Choreo involves the following steps: Access your component from the Component Listing pane. Navigate to the Deploy section in the left menu. In the required environment card, click the view icon for the endpoint you want to apply rate limiting to. In the Endpoint Details pane, click the settings icon. Expand the Rate Limiting section under Manage. Select a Rate Limiting Level and click Apply. Choreo offers two rate-limiting levels: API-level Rate Limiting: Applies the allocated request count for the specified time unit to all operations in the API. Operation-level Rate Limiting: Allows configuring different rate-limiting values for each operation. When rate limiting is enabled, Choreo provides four response headers: x-ratelimit-limit: Shows the request count allocated for the specified time unit. x-ratelimit-reset: Indicates the time remaining to start the next rate-limiting time unit. x-ratelimit-remaining: Shows the remaining request count for the specified time unit. x-ratelimit-enforced: Appears after exceeding the allocated request count. For API Proxy components, the process differs slightly. After step 2, click the settings icon next to API Configuration and proceed directly to selecting the Rate Limiting Level.",
"To resolve Trivy security check errors in Choreo, you can follow these steps: Identify the Vulnerabilities: Review the Trivy Scan Results: During the deployment process, Choreo uses Trivy to scan for vulnerabilities. If critical vulnerabilities are found, the deployment process will halt. The Trivy scan status and any security failures are displayed in the deployment pane. Click on the Library (Trivy) vulnerable scan step to view the details of the vulnerabilities. Fix the Vulnerabilities: Fix the Identified Vulnerabilities: The best approach to resolving these errors is to address the identified vulnerabilities in your code or dependencies. Update or replace the vulnerable libraries with their secure versions. Ignore the Vulnerabilities (Temporarily): Create a .trivyignore File: If you cannot fix a critical CVE immediately, you can choose to ignore the vulnerability by creating a .trivyignore file. Add the .trivyignore file to your Docker build context path. For example, {buildContextPath}/.trivyignore. In the .trivyignore file, list the CVEs you want to ignore, one per line: CVE-2023-xxxx CVE-2023-yyyy CVE-2023-xxxx Redeploy the Component: Rebuild and Redeploy the Component: After fixing or ignoring the vulnerabilities: Rebuild your component by triggering a new build in the Builds pane.",
"To add configurations to a React web application in Choreo, follow these steps: Step 1: Create Configuration File . Create config.js File: Navigate to the public directory of your React application. Create and commit a new file named config.js in the public directory. This file should contain the runtime configuration variables you want to expose to your application. For example: window.config = { apiUrl: 'https://api.example.com', featureFlags: { enableNewFeature: true, enableExperimentalFeature: false, }, }; Step 2: Update index.html Include config.js in index.html: In the public directory, open the index.html file. Add a script tag to include the config.js file within the <body> tag: <!DOCTYPE html> <html lang='en'> <head> <meta charset='utf-8' /> <title>My React App</title> </head> <body> <div id='root'></div> <script src='%PUBLIC_URL%/config.js'></script> </body> </html> Step 3: Access Configuration in React Component Access Configuration Variables: In your React components, you can access the configuration variables by referencing the window.config object. For example: import React from 'react'; function MyComponent() { const apiUrl = window.config.apiUrl; const enableNewFeature = window.config.featureFlags.enableNewFeature; const enableExperimentalFeature = window.config.featureFlags.enableExperimentalFeature; // Your component logic here return ( <div> {/* Your component JSX here */} </div> ); } export default MyComponent; Step 4: Deploy the Application Deploy the Application: When deploying your React application to Choreo, ensure that the config.js file is correctly mounted in the specified path for each environment where your index.html expects it. You can create a config file mount via the Configurations pane on the Deploy page in the Choreo Console.",
"To secure your web application in Choreo, you can utilize Choreo's managed authentication feature. Here’s how you can set it up: Step 1: Implement Managed Authentication 1.1 Implement the Sign-in Functionality Add a sign-in button to your web application which redirects users to the /auth/login path. Here's a sample code snippet: <button onClick={() => { window.location.href='/auth/login' }}>Login</button> When the user clicks this button, Choreo will handle the authentication process with the configured identity provider. 1.2 Obtain User Information Claims You can get user information after a successful sign-in through a userinfo cookie or a GET endpoint. Using userinfo cookie: import Cookies from 'js-cookie'; // Read userinfo cookie value. const encodedUserInfo = Cookies.get('userinfo'); // Decode the value. const userInfo = JSON.parse(atob(encodedUserInfo)); // Clear the cookie. Cookies.remove('userinfo', { path: '/' }); Using GET endpoint: const response = await fetch('/auth/userinfo'); 1.3 Implement the Sign-out Functionality Add a sign-out button to your web application which redirects users to the /auth/logout path. Here's a sample code snippet: <button onClick={async () => { window.location.href = `/auth/logout?session_hint=${Cookies.get('session_hint')}`; }}>Logout</button> Choreo will clear the session cookies and handle the sign-out process. 1.4 Invoke APIs To invoke Choreo APIs, use the relative path /choreo-apis/<api-suffix>. For example: const response = await fetch('/choreo-apis/<api-suffix>'); If managed authentication is enabled, you don’t need to manually attach an access token to the API call. 1.5 Handle Session Expiry To handle session expiry, you can encapsulate the request with re-login logic: export const performGet = async (url) => { try { return await fetch('/choreo-apis/<api-suffix>'); } catch (error) { if (error instanceof HttpError && error.status === 401) { window.location.href = '/auth/login'; } else { throw error; } } }; 1.6 Set Up a Custom Error Page Choreo allows you to set up a custom error page for redirection during errors. Configure the error path in your managed authentication settings. Step 2: Enable Managed Authentication and Configure Paths Go to your web application component in the Choreo Console. Click on Deploy. Click Configure & Deploy on the Set Up card. Ensure the Managed Authentication with Choreo toggle is enabled. Configure the following fields: Field Description Default Value Post Login Path Path to redirect after successful sign-in. / Post Logout Path Path to redirect after successful sign-out. / Error Path Path to redirect when an error occurs. Built-in error page Session Expiry Time Time in minutes after which the session expires. 10080 Minutes (7 Days) Additional Scopes Additional scopes required by the web application. none After configuring these settings, deploy the component. Using this method you can secure your web application.",
"To secure an API in Choreo, you can leverage various methods such as integrating with external Identity Providers (IdPs) like Microsoft Azure Active Directory (Azure AD) or Asgardeo, and implementing Role-Based Access Control (RBAC). Below are the general steps for each approach: Securing API Access with Microsoft Azure Active Directory (Azure AD) Assign Scopes to an API in Choreo: In the Component Listing pane, click on your API component. Navigate to Manage > Permissions. Click + Add Permission (Scope). Enter the permission value in the Permission List pane and click + Add New. Copy the fully qualified name of the scope for future reference. Attach the scope to a resource by selecting it from the Select Permissions list under the respective resource. Click Save and Deploy. Navigate to Manage > Lifecycle. Click Publish to publish your API to the Choreo Developer Portal. Create an API and Application in Azure AD: Follow Azure AD documentation to create an API and register an application. Configure the application to consume the Azure AD API. Enable External IdP Authentication in Choreo: Create an application in Choreo and configure it to use Azure AD as an external IdP. Invoke the API with Scopes: Use the assigned scopes to authenticate and authorize API invocations. For detailed steps, refer to the Secure API Access with Microsoft Azure Active Directory (Azure AD) documentation. Securing API Access with Asgardeo Assign Scopes to an API in Choreo: Similar to the Azure AD steps, assign scopes to your API in Choreo by navigating to Manage > Permissions and following the same steps to add permissions. Create an API and Application in Asgardeo: Follow Asgardeo documentation to create an API and register an application. Configure the application to consume the Asgardeo API. Enable External IdP Authentication in Choreo: Create an application in Choreo and configure it to use Asgardeo as an external IdP. Invoke the API with Scopes: Use the assigned scopes to authenticate and authorize API invocations. For detailed steps, refer to the Secure API Access with Asgardeo documentation.",
"To set up alerts for your service in Choreo, you can configure either latency alerts or traffic alerts. Here’s a step-by-step guide on how to do both: Setting Up Traffic Alerts Traffic alerts notify you when the request count of an API exceeds a predefined threshold. This is useful for managing APIs with backend traffic limits or monetized backends that require proactive scaling based on incoming traffic. Ensure you are in the correct organization where you have a project with the API to configure a traffic alert. In the Choreo Console left navigation menu, click Usage Insights. In the left navigation menu on the Usage Insights page, click Alerts. Click the Environment list and select the required environment. Click Alert Configuration. This opens the Alert Configuration pane. Click the Traffic tab. In the API Name field, select the API for which you want to configure the alert. Only the APIs that you have invoked at least once are listed here. For other APIs, you need to give the API name in the required format as instructed in the UI. In the Metric field, select the required metric against which you want to evaluate the alert configuration. In the Threshold field, specify the threshold number of requests per minute. If required, specify the list of emails that should be notified when the alert is generated in the Emails field. Click Add. Once an alert is successfully added, the alert configuration is listed in the Alert Configuration pane. Each configuration can be edited and removed via this pane. Setting Up Latency Alerts Latency alerts notify you if the response latency of an API exceeds a predefined threshold. This is useful for APIs that need to meet specific SLAs and for proactively identifying slow APIs. Ensure you are in the correct organization where you have a project with the API to configure a latency alert. In the Choreo Console left navigation menu, click Usage Insights. In the left navigation menu on the Usage Insights page, click Alerts. Click the Environment list and select the required environment. Click Alert Configuration. This opens the Alert Configuration pane with the Latency tab open by default. In the API Name field, select the API for which you want to configure the alert. Only the APIs that you have invoked at least once are listed here. For other APIs, you need to give the API name in the required format as instructed in the UI. In the Metric field, select the required metric against which you want to evaluate the alert configuration. In the Latency field, specify the threshold in milliseconds. Alerts are triggered when the 95th percentile of the selected metric exceeds the threshold provided. In the Emails field, specify the list of emails that should be notified when the alert is added. Click + Add. Once an alert is successfully added, the alert configuration is listed in the Alert Configuration pane. Each configuration can be edited and removed via this pane. Important Information You can configure a maximum of 20 alerts per organization, environment, and tenant combination. Adding email addresses to an alert configuration is optional, and you can add a maximum of 5 email addresses per alert. Alerts are subject to a suppression policy to prevent duplicate notifications within a specific time frame (default 10-minute suppression window).",
"To add members to your organization in Choreo, you need to follow these steps: Invite Users: Only an organization administrator can invite users to the organization. When inviting users, you can assign them to specific groups within the organization. Invited users will receive an invitation via email, which they must accept to join the organization and access its resources. Here is a step-by-step process: Go to the Choreo Console: Navigate to the organization settings. Invite Users: Find the option to invite users. Enter the email addresses of the users you wish to invite. Assign them to specific groups as necessary. Send Invitations: Send the invitations. The users will receive an email invitation which they need to accept.",
"To create a new environment for deployment in Choreo, follow these steps: Prerequisites Choreo Subscription or Private Data Plane: Ensure you have a Choreo subscription or a private data plane. Permissions: Ensure you have the ENVIRONMENT-MANAGEMENT permission. By default, this permission is granted to Admin and Choreo DevOps roles. Steps to Create a New Environment Navigate to Choreo Console: Sign in to the Choreo Console. Switch to the organization where you want to create a new environment. Access the Environments Section: In the left navigation menu, click on DevOps. Then click on Environments (ensure this is the Environments page under your organization). Create a New Environment: On the Environments page, click on Create. Provide the following details to create a new environment: Name: Enter a display name for the new environment. Data Plane: Select the data plane where you want to create the new environment. The Data Plane list shows all private data planes registered under your organization. DNS Prefix: Enter a DNS prefix to identify the exposed APIs in the environment. The base domain depends on the custom domain attached to the API gateways provisioned on the selected data plane. Mark environment as a Production environment: Select this option if you want the environment to be a production environment. You can have multiple non-production and production environments in Choreo. To work in a production environment, you need privileged permissions to access and deploy to production environments. Here is a summarized list of the fields you need to fill out: Field Description Name A display name for the new environment. Data Plane The data plane to create the new environment. DNS Prefix A DNS prefix to identify the exposed APIs in the environment. Mark as Production Option to mark the environment as a production environment. By following these steps, you can create a new environment in Choreo.",
"To restrict API visibility to admin users in an organization using Choreo, follow these steps: Step-by-Step Guide Navigate to the API Info Page: In the Choreo Console, go to the Component Listing pane and select the REST API (Service) for which you want to control visibility. In the left navigation menu, click Manage and then select API Info. Change API Visibility Settings: On the API Info page, click the Developer Portal tab. Under General Details, you will find the Visibility list. Here, you can change the visibility settings of your API. Select Restricted Visibility and Specify Roles: To restrict the API visibility to admin users, select Restricted from the Visibility list. Once Restricted is selected, you will see the Visible Roles list. From this list, select the Admin role. This ensures that only users with the admin role can access the APIs through the Developer Portal. Create a New Role (Optional): If you need to create a new role specifically for this purpose, click + Create New Role in the list. Add the role name and description, then click Next. Assign the relevant permissions to the new role and click Create. Select the newly created role from the Visible Roles list. Save Changes: After selecting the appropriate visibility setting and roles, click Save to apply the changes.",
"To use Choreo CLI locally, follow these steps: Installing Choreo CLI Download and Install: You can install the Choreo CLI by running the following command in your terminal: curl -o- https://cli.choreo.dev/install.sh | bash Update Choreo CLI: If you already have the CLI installed and want to update it, you can use the same command: curl -o- https://cli.choreo.dev/install.sh | bash Using Choreo CLI The Choreo CLI supports various component types such as Service, Web Application, Webhook, Scheduled Task, and Manual Task. Here are some common commands you might find useful: Getting Help: To get help with a specific command, use: choreo <command> --help Creating a Component: You can create a component with specific build configurations using: choreo create component <name> --project <name> --build-configs='key1=value1,key2=value2' Build Configurations Depending on the type of component you are creating, you might need specific build configurations. Here are a few examples: Service (Python): choreo create component <name> --project <name> --build-configs='buildPackLangVersion=3.8' Web Application (Node.js): choreo create component <name> --project <name> --build-configs='buildPackLangVersion=14,port=3000' Webhook (Docker): choreo create component <name> --project <name> --build-configs='dockerFilePath=./Dockerfile' Uninstalling Choreo CLI If you need to uninstall the Choreo CLI, you can do so by deleting the .choreo directory in your home directory: rm -rf ~/.choreo",
"To set up automatic scaling for your applications in Choreo, you have two main options: scaling component replicas and scale-to-zero. Here's a comprehensive guide on how to configure each: Autoscale Component Replicas Choreo allows you to automatically scale your component replicas up or down based on resource consumption. This ensures high availability and efficient resource usage. Note that autoscaling capabilities are only available in paid plans and private data plane organizations. Steps to Configure Autoscale Component Replicas: 1. Navigate to DevOps: In the Choreo Console, go to the DevOps section for your deployed component. 2. Set Scaling Parameters: Min Replicas: Set the minimum number of replicas (recommended minimum is 2). Max Replicas: Set the maximum number of replicas (up to 5 on the cloud data plane, no limit on private data planes). CPU Threshold: Set the average CPU utilization threshold to trigger scaling. Memory Threshold: Set the average memory usage threshold for scaling. 3. Save Configuration: Save the settings. Note that changes may take some time to apply. Scale-to-Zero Choreo also supports the scale-to-zero feature, which allows applications to scale down to zero replicas during inactivity. This is enabled by default for components created after February 23, 2024. How to Enable Scale-to-Zero: 1. Select Component: In the Component Listing pane, click the component you want to scale to zero. 2. Access Scaling Settings: In the left navigation menu, go to DevOps > Scaling. 3. Enable Scale-to-Zero: Click the scale-to-zero card to enable the feature. How Scale-to-Zero Works: Idle Timeout: The application scales down to zero after being idle for ~5 minutes. Request Handling: Scales up when an HTTP request is received. Pending Requests: Adds replicas if pending requests exceed a threshold. Considerations: Services with at least one endpoint with network visibility set to Project won't automatically scale to zero. HTTP services running on non-standard ports (e.g., 5000, 6000) won't scale to zero automatically.",
"Choreo offers several options for data storage. These options can be broadly categorized into volume mounts for file system storage and managed databases and caches for structured data storage. Volume Mounts Choreo allows you to create volume mounts, which can be used as temporary or persistent writable file system storage locations for your applications. Volume Mount Types: Empty Directory (In-Memory): Description: A fast, temporary in-memory (tmpfs) storage location. Availability: Available on all data planes. Note: This volume gets erased when you restart or remove the attached container. Empty Directory (Disk): Description: A temporary storage location on disk. Availability: Only available on private data planes. Note: This volume gets destroyed when you restart or remove the attached container. Persistent Volume: Description: A permanent storage location. Availability: Only available on private data planes. Note: This volume persists even if you restart or remove the attached container. Choreo-Managed Databases Choreo offers fully managed relational databases with MySQL, which are flexible and hosted across multiple cloud providers such as AWS, Azure, GCP, and Digital Ocean. These databases are managed by Choreo, ensuring scalability, security, and ease of use. Choreo-Managed Cache Choreo provides managed cache services to offer high-speed data access: Cloud Providers: AWS, Azure, GCP, and Digital Ocean. Regions: US and EU regions are supported across all providers. Service Plans: Vary in terms of CPU, memory, storage space, and high-availability configurations. By leveraging these storage options, you can effectively manage both temporary and persistent storage needs for your applications in Choreo.",
"To create a webhook in Choreo, follow these steps: Prerequisites: GitHub repository where you have the webhook implementation or Forked Choreo samples repository which contains the sample integration for this guide. Step 1: Create a Webhook Component: Go to Choreo Console and sign in. If you already have one or more components in your project, click + Create. Otherwise, proceed to the next step. Select the Webhook card and click Create. In the Create a Webhook pane, enter a unique name and description for the webhook component. Go to the GitHub tab. Click Authorize with GitHub to connect your GitHub account to Choreo. If you have not already connected your GitHub repository, enter your GitHub credentials and select the repository you created in the prerequisites. Choose the Access Mode depending on your requirement. Enter the following information: GitHub Account: Your account, GitHub Repository: choreo-samples, Branch: main, Buildpack: Ballerina, Project Path: github-event-to-email-webhook. Click Create. Choreo will create the webhook component with the sample implementation and open the component Overview page. Step 2: Deploy the Webhook: On the component Overview page, click Deploy. In the Configuration Types pane, leave the default selection (Use default configuration values) unchanged unless you need to specify custom values. Click Next. In the webhookSecret field, enter any value and save it for later use. In the toEmail field, enter the email address to send notification emails. Click Deploy. Step 3: Modify the Webhook Implementation Connect the webhook to GitHub to enable it to act in response to selected GitHub-related events. This typically involves editing the webhook code to handle specific events, such as issue creation. For sample implementations, refer to Choreo's samples repository. Step 4: Test the Webhook Create a GitHub issue with the desired label (e.g., Bug) in the repository that you connected to the webhook. You should receive an email notification to the address provided in the deployment step. Step 5: Promote the Webhook to Production: On the Deploy page, go to the Development card and click Promote. In the Configuration Types pane, leave the default selection (Use default configuration values) unchanged. Click Next. In the webhookSecret field, enter any value. In the toEmail field, enter the email address to send notification emails. Click Promote. Once the webhook is promoted to production, the Production card will display the deployment status as Active. You have now successfully created, deployed, tested, and promoted a webhook component in Choreo.",
"Yes, you can set usage limits for your API based on different tiers using API subscription plans in Choreo. Here's how you can do it: Creating API Subscription Plans: API subscription plans allow you to define rules and limitations on how clients can interact with your APIs. These plans can include rate limits and burst controls to manage traffic and prevent misuse. Follow these steps to create a subscription plan: Navigate to Subscription Plans: In the Choreo Console header, go to the Organization list and select your organization. In the left navigation menu, click Settings. Click the API Management tab and then click Subscription Plans. Create a New Subscription Plan: Click + Add Subscription Plan. In the Create Subscription Plan pane, enter the appropriate values for each field: Name: Specify a unique name for the subscription plan. Stop on Quota Reach: Selected by default. If the request count exceeds the limit, it will return an HTTP 429 response. Burst Control: Useful for preventing sudden spikes in requests. Click Create to finalize the subscription plan. Assigning Subscription Plans to APIs: Once you have created the subscription plans, you can assign them to your APIs to provide different levels of access. Here’s how: Select the Component: In the Component Listing pane, click on the component for which you want to assign subscription plans. Manage Subscription Plans: In the left navigation menu, click Manage and then click Subscription Plans. Enable the Subscription Plan Status toggle corresponding to the subscription plans you want to assign to the API. Click Save. Once assigned, API consumers can select the subscription plan that best fits their requirements during the subscription process. By following these steps, you can effectively manage API usage limits based on different tiers in Choreo.",
"To monitor the performance of services deployed on Choreo, you can utilize the Choreo Observability Dashboard. The Observability Dashboard in Choreo provides a comprehensive interface to visualize and monitor the performance of your services. Here's a step-by-step guide on how to effectively use this feature: Accessing Observability:Navigate to the Observability section in the left navigation menu of the Choreo Console UI.Viewing Metrics:Throughput and Latency: Observe graphs that depict throughput and latency of requests over the chosen period. Logs: Review logs for detailed diagnostic information over a specific period. Flame Graph: Utilize the diagnostics view to detect performance bottlenecks. Insights for APIs: Choreo also provides insights into API performance, including traffic, error rates, and latency. These insights help you: Analyze API traffic to understand usage patterns. Track and analyze errors to improve reliability. Monitor and optimize latency to ensure efficient API response times. Generate detailed reports for stakeholders. Configure alerts for specific events or thresholds. Obtain granular insights on a per-application, per-API, and per-user basis.",
"To deploy a new version of a service from a different branch within the same component in Choreo, you can use deployment tracks. Here are the steps you need to follow: Step-by-Step Guide: Navigate to the Component: Go to the Choreo Console. In the Component Listing pane, click on the component for which you want to manage deployment tracks. Create a Deployment Track: On the header of the component overview page, click the Deployment Track drop-down list. Click + Create New to open the Create Deployment Track dialog. In the dialog, select the branch from which you want to deploy the new version (e.g., your feature branch). Optionally, specify a description and a unique API version for the deployment track. Click Create. Deploy the New Version: After creating the deployment track, you can now build and deploy the service from the new branch. In the left navigation, click Build. Click Build Latest to build the service from the selected branch. Once the build is successful, click Deploy in the left navigation menu. On the Set Up card, click Configure & Deploy. Follow the prompts in the Environment Configurations and File Mount panes. Review the Endpoint Details and click Deploy. Example Scenario: Let's consider you have a branch named feature-x that you want to deploy: Create a Deployment Track for feature-x: Select feature-x as the branch. Provide a version number (e.g., 1.1.0) indicating it’s a new feature release. Create the deployment track. Build and Deploy: Build the service from the feature-x branch. Deploy the service following the deployment steps. Tips: You can manage different versions by unlinking and relinking deployment tracks to the respective branches. For ongoing development and testing, create deployment tracks for development branches like dev.",
"Choreo offers three main pricing plans: Developer Plan, PAYG (Pay-As-You-Go) Plan, and Enterprise Plan. Below are the details for each plan: Developer Plan: Cost: Free, Ideal for: Proof of concept (PoC) tasks or workloads with limited transactions. Limitations: Up to 5 free components, Provides US$1,000/year of Choreo data plane (CDP) credits, Unlimited paid components can be added. PAYG (Pay-As-You-Go) Plan: Cost: Based on usage, Ideal for: Users who require flexibility in the number of components and resources used. Limitations: Unlimited paid components. Enterprise Plan: Cost: Custom pricing based on requirements, Ideal for: Large-scale organizations requiring extensive resources and support. Limitations: Unlimited paid components. Additional Information: Support is not included by default but can be purchased separately. For more details, see Choreo Customer Support. If you have any billing-related questions, you can contact Choreo support at cloud-billing-support@wso2.com or create a support ticket via the support portal.",
"Implementing rate limiting on APIs in Choreo involves the following steps: Access your component from the Component Listing pane. Navigate to the Deploy section in the left menu. In the required environment card, click the view icon for the endpoint you want to apply rate limiting to. In the Endpoint Details pane, click the settings icon. Expand the Rate Limiting section under Manage. Select a Rate Limiting Level and click Apply. Choreo offers two rate-limiting levels: API-level Rate Limiting: Applies the allocated request count for the specified time unit to all operations in the API. Operation-level Rate Limiting: Allows configuring different rate-limiting values for each operation. When rate limiting is enabled, Choreo provides four response headers: x-ratelimit-limit: Shows the request count allocated for the specified time unit. x-ratelimit-reset: Indicates the time remaining to start the next rate-limiting time unit. x-ratelimit-remaining: Shows the remaining request count for the specified time unit. x-ratelimit-enforced: Appears after exceeding the allocated request count. For API Proxy components, the process differs slightly. After step 2, click the settings icon next to API Configuration and proceed directly to selecting the Rate Limiting Level.",
"Implementing rate limiting on APIs in Choreo involves the following steps: Access your component from the Component Listing pane. Navigate to the Deploy section in the left menu. In the required environment card, click the view icon for the endpoint you want to apply rate limiting to. In the Endpoint Details pane, click the settings icon. Expand the Rate Limiting section under Manage. Select a Rate Limiting Level and click Apply. Choreo offers two rate-limiting levels: API-level Rate Limiting: Applies the allocated request count for the specified time unit to all operations in the API. Operation-level Rate Limiting: Allows configuring different rate-limiting values for each operation. When rate limiting is enabled, Choreo provides four response headers: x-ratelimit-limit: Shows the request count allocated for the specified time unit. x-ratelimit-reset: Indicates the time remaining to start the next rate-limiting time unit. x-ratelimit-remaining: Shows the remaining request count for the specified time unit. x-ratelimit-enforced: Appears after exceeding the allocated request count. For API Proxy components, the process differs slightly. After step 2, click the settings icon next to API Configuration and proceed directly to selecting the Rate Limiting Level.",
"To resolve Trivy security check errors in Choreo, you can follow these steps: Identify the Vulnerabilities: Review the Trivy Scan Results: During the deployment process, Choreo uses Trivy to scan for vulnerabilities. If critical vulnerabilities are found, the deployment process will halt. The Trivy scan status and any security failures are displayed in the deployment pane. Click on the Library (Trivy) vulnerable scan step to view the details of the vulnerabilities. Fix the Vulnerabilities: Fix the Identified Vulnerabilities: The best approach to resolving these errors is to address the identified vulnerabilities in your code or dependencies. Update or replace the vulnerable libraries with their secure versions. Ignore the Vulnerabilities (Temporarily): Create a .trivyignore File: If you cannot fix a critical CVE immediately, you can choose to ignore the vulnerability by creating a .trivyignore file. Add the .trivyignore file to your Docker build context path. For example, {buildContextPath}/.trivyignore. In the .trivyignore file, list the CVEs you want to ignore, one per line: CVE-2023-xxxx CVE-2023-yyyy CVE-2023-xxxx Redeploy the Component: Rebuild and Redeploy the Component: After fixing or ignoring the vulnerabilities: Rebuild your component by triggering a new build in the Builds pane.",
"To resolve Trivy security check errors in Choreo, you can follow these steps: Identify the Vulnerabilities: Review the Trivy Scan Results: During the deployment process, Choreo uses Trivy to scan for vulnerabilities. If critical vulnerabilities are found, the deployment process will halt. The Trivy scan status and any security failures are displayed in the deployment pane. Click on the Library (Trivy) vulnerable scan step to view the details of the vulnerabilities. Fix the Vulnerabilities: Fix the Identified Vulnerabilities: The best approach to resolving these errors is to address the identified vulnerabilities in your code or dependencies. Update or replace the vulnerable libraries with their secure versions. Ignore the Vulnerabilities (Temporarily): Create a .trivyignore File: If you cannot fix a critical CVE immediately, you can choose to ignore the vulnerability by creating a .trivyignore file. Add the .trivyignore file to your Docker build context path. For example, {buildContextPath}/.trivyignore. In the .trivyignore file, list the CVEs you want to ignore, one per line: CVE-2023-xxxx CVE-2023-yyyy CVE-2023-xxxx Redeploy the Component: Rebuild and Redeploy the Component: After fixing or ignoring the vulnerabilities: Rebuild your component by triggering a new build in the Builds pane.",
"To add configurations to a React web application in Choreo, follow these steps: Step 1: Create Configuration File . Create config.js File: Navigate to the public directory of your React application. Create and commit a new file named config.js in the public directory. This file should contain the runtime configuration variables you want to expose to your application. For example: window.config = { apiUrl: 'https://api.example.com', featureFlags: { enableNewFeature: true, enableExperimentalFeature: false, }, }; Step 2: Update index.html Include config.js in index.html: In the public directory, open the index.html file. Add a script tag to include the config.js file within the <body> tag: <!DOCTYPE html> <html lang='en'> <head> <meta charset='utf-8' /> <title>My React App</title> </head> <body> <div id='root'></div> <script src='%PUBLIC_URL%/config.js'></script> </body> </html> Step 3: Access Configuration in React Component Access Configuration Variables: In your React components, you can access the configuration variables by referencing the window.config object. For example: import React from 'react'; function MyComponent() { const apiUrl = window.config.apiUrl; const enableNewFeature = window.config.featureFlags.enableNewFeature; const enableExperimentalFeature = window.config.featureFlags.enableExperimentalFeature; // Your component logic here return ( <div> {/* Your component JSX here */} </div> ); } export default MyComponent; Step 4: Deploy the Application Deploy the Application: When deploying your React application to Choreo, ensure that the config.js file is correctly mounted in the specified path for each environment where your index.html expects it. You can create a config file mount via the Configurations pane on the Deploy page in the Choreo Console.",
"To secure your web application in Choreo, you can utilize Choreo's managed authentication feature. Here’s how you can set it up: Step 1: Implement Managed Authentication 1.1 Implement the Sign-in Functionality Add a sign-in button to your web application which redirects users to the /auth/login path. Here's a sample code snippet: <button onClick={() => { window.location.href='/auth/login' }}>Login</button> When the user clicks this button, Choreo will handle the authentication process with the configured identity provider. 1.2 Obtain User Information Claims You can get user information after a successful sign-in through a userinfo cookie or a GET endpoint. Using userinfo cookie: import Cookies from 'js-cookie'; // Read userinfo cookie value. const encodedUserInfo = Cookies.get('userinfo'); // Decode the value. const userInfo = JSON.parse(atob(encodedUserInfo)); // Clear the cookie. Cookies.remove('userinfo', { path: '/' }); Using GET endpoint: const response = await fetch('/auth/userinfo'); 1.3 Implement the Sign-out Functionality Add a sign-out button to your web application which redirects users to the /auth/logout path. Here's a sample code snippet: <button onClick={async () => { window.location.href = `/auth/logout?session_hint=${Cookies.get('session_hint')}`; }}>Logout</button> Choreo will clear the session cookies and handle the sign-out process. 1.4 Invoke APIs To invoke Choreo APIs, use the relative path /choreo-apis/<api-suffix>. For example: const response = await fetch('/choreo-apis/<api-suffix>'); If managed authentication is enabled, you don’t need to manually attach an access token to the API call. 1.5 Handle Session Expiry To handle session expiry, you can encapsulate the request with re-login logic: export const performGet = async (url) => { try { return await fetch('/choreo-apis/<api-suffix>'); } catch (error) { if (error instanceof HttpError && error.status === 401) { window.location.href = '/auth/login'; } else { throw error; } } }; 1.6 Set Up a Custom Error Page Choreo allows you to set up a custom error page for redirection during errors. Configure the error path in your managed authentication settings. Step 2: Enable Managed Authentication and Configure Paths Go to your web application component in the Choreo Console. Click on Deploy. Click Configure & Deploy on the Set Up card. Ensure the Managed Authentication with Choreo toggle is enabled. Configure the following fields: Field Description Default Value Post Login Path Path to redirect after successful sign-in. / Post Logout Path Path to redirect after successful sign-out. / Error Path Path to redirect when an error occurs. Built-in error page Session Expiry Time Time in minutes after which the session expires. 10080 Minutes (7 Days) Additional Scopes Additional scopes required by the web application. none After configuring these settings, deploy the component. Using this method you can secure your web application.",
"To secure an API in Choreo, you can leverage various methods such as integrating with external Identity Providers (IdPs) like Microsoft Azure Active Directory (Azure AD) or Asgardeo, and implementing Role-Based Access Control (RBAC). Below are the general steps for each approach: Securing API Access with Microsoft Azure Active Directory (Azure AD) Assign Scopes to an API in Choreo: In the Component Listing pane, click on your API component. Navigate to Manage > Permissions. Click + Add Permission (Scope). Enter the permission value in the Permission List pane and click + Add New. Copy the fully qualified name of the scope for future reference. Attach the scope to a resource by selecting it from the Select Permissions list under the respective resource. Click Save and Deploy. Navigate to Manage > Lifecycle. Click Publish to publish your API to the Choreo Developer Portal. Create an API and Application in Azure AD: Follow Azure AD documentation to create an API and register an application. Configure the application to consume the Azure AD API. Enable External IdP Authentication in Choreo: Create an application in Choreo and configure it to use Azure AD as an external IdP. Invoke the API with Scopes: Use the assigned scopes to authenticate and authorize API invocations. For detailed steps, refer to the Secure API Access with Microsoft Azure Active Directory (Azure AD) documentation. Securing API Access with Asgardeo Assign Scopes to an API in Choreo: Similar to the Azure AD steps, assign scopes to your API in Choreo by navigating to Manage > Permissions and following the same steps to add permissions. Create an API and Application in Asgardeo: Follow Asgardeo documentation to create an API and register an application. Configure the application to consume the Asgardeo API. Enable External IdP Authentication in Choreo: Create an application in Choreo and configure it to use Asgardeo as an external IdP. Invoke the API with Scopes: Use the assigned scopes to authenticate and authorize API invocations. For detailed steps, refer to the Secure API Access with Asgardeo documentation.",
"To add members to your organization in Choreo, you need to follow these steps: Invite Users: Only an organization administrator can invite users to the organization. When inviting users, you can assign them to specific groups within the organization. Invited users will receive an invitation via email, which they must accept to join the organization and access its resources. Here is a step-by-step process: Go to the Choreo Console: Navigate to the organization settings. Invite Users: Find the option to invite users. Enter the email addresses of the users you wish to invite. Assign them to specific groups as necessary. Send Invitations: Send the invitations. The users will receive an email invitation which they need to accept.",
"To restrict API visibility to admin users in an organization using Choreo, follow these steps: Step-by-Step Guide Navigate to the API Info Page: In the Choreo Console, go to the Component Listing pane and select the REST API (Service) for which you want to control visibility. In the left navigation menu, click Manage and then select API Info. Change API Visibility Settings: On the API Info page, click the Developer Portal tab. Under General Details, you will find the Visibility list. Here, you can change the visibility settings of your API. Select Restricted Visibility and Specify Roles: To restrict the API visibility to admin users, select Restricted from the Visibility list. Once Restricted is selected, you will see the Visible Roles list. From this list, select the Admin role. This ensures that only users with the admin role can access the APIs through the Developer Portal. Create a New Role (Optional): If you need to create a new role specifically for this purpose, click + Create New Role in the list. Add the role name and description, then click Next. Assign the relevant permissions to the new role and click Create. Select the newly created role from the Visible Roles list. Save Changes: After selecting the appropriate visibility setting and roles, click Save to apply the changes.",
"To use Choreo CLI locally, follow these steps: Installing Choreo CLI Download and Install: You can install the Choreo CLI by running the following command in your terminal: curl -o- https://cli.choreo.dev/install.sh | bash Update Choreo CLI: If you already have the CLI installed and want to update it, you can use the same command: curl -o- https://cli.choreo.dev/install.sh | bash Using Choreo CLI The Choreo CLI supports various component types such as Service, Web Application, Webhook, Scheduled Task, and Manual Task. Here are some common commands you might find useful: Getting Help: To get help with a specific command, use: choreo <command> --help Creating a Component: You can create a component with specific build configurations using: choreo create component <name> --project <name> --build-configs='key1=value1,key2=value2' Build Configurations Depending on the type of component you are creating, you might need specific build configurations. Here are a few examples: Service (Python): choreo create component <name> --project <name> --build-configs='buildPackLangVersion=3.8' Web Application (Node.js): choreo create component <name> --project <name> --build-configs='buildPackLangVersion=14,port=3000' Webhook (Docker): choreo create component <name> --project <name> --build-configs='dockerFilePath=./Dockerfile' Uninstalling Choreo CLI If you need to uninstall the Choreo CLI, you can do so by deleting the .choreo directory in your home directory: rm -rf ~/.choreo",
"To set up automatic scaling for your applications in Choreo, you have two main options: scaling component replicas and scale-to-zero. Here's a comprehensive guide on how to configure each: Autoscale Component Replicas Choreo allows you to automatically scale your component replicas up or down based on resource consumption. This ensures high availability and efficient resource usage. Note that autoscaling capabilities are only available in paid plans and private data plane organizations. Steps to Configure Autoscale Component Replicas: 1. Navigate to DevOps: In the Choreo Console, go to the DevOps section for your deployed component. 2. Set Scaling Parameters: Min Replicas: Set the minimum number of replicas (recommended minimum is 2). Max Replicas: Set the maximum number of replicas (up to 5 on the cloud data plane, no limit on private data planes). CPU Threshold: Set the average CPU utilization threshold to trigger scaling. Memory Threshold: Set the average memory usage threshold for scaling. 3. Save Configuration: Save the settings. Note that changes may take some time to apply. Scale-to-Zero Choreo also supports the scale-to-zero feature, which allows applications to scale down to zero replicas during inactivity. This is enabled by default for components created after February 23, 2024. How to Enable Scale-to-Zero: 1. Select Component: In the Component Listing pane, click the component you want to scale to zero. 2. Access Scaling Settings: In the left navigation menu, go to DevOps > Scaling. 3. Enable Scale-to-Zero: Click the scale-to-zero card to enable the feature. How Scale-to-Zero Works: Idle Timeout: The application scales down to zero after being idle for ~5 minutes. Request Handling: Scales up when an HTTP request is received. Pending Requests: Adds replicas if pending requests exceed a threshold. Considerations: Services with at least one endpoint with network visibility set to Project won't automatically scale to zero. HTTP services running on non-standard ports (e.g., 5000, 6000) won't scale to zero automatically.",
"Implementing rate limiting on APIs in Choreo involves the following steps: Access your component from the Component Listing pane. Navigate to the Deploy section in the left menu. In the required environment card, click the view icon for the endpoint you want to apply rate limiting to. In the Endpoint Details pane, click the settings icon. Expand the Rate Limiting section under Manage. Select a Rate Limiting Level and click Apply. Choreo offers two rate-limiting levels: API-level Rate Limiting: Applies the allocated request count for the specified time unit to all operations in the API. Operation-level Rate Limiting: Allows configuring different rate-limiting values for each operation. When rate limiting is enabled, Choreo provides four response headers: x-ratelimit-limit: Shows the request count allocated for the specified time unit. x-ratelimit-reset: Indicates the time remaining to start the next rate-limiting time unit. x-ratelimit-remaining: Shows the remaining request count for the specified time unit. x-ratelimit-enforced: Appears after exceeding the allocated request count. For API Proxy components, the process differs slightly. After step 2, click the settings icon next to API Configuration and proceed directly to selecting the Rate Limiting Level."
]

## rtweera/2025-May-22_12-10-49_Qwen2.5-3B-Instruct-unsloth-bnb-4bit_LoRA

In [12]:
from datasets import Dataset 
from ragas.metrics import answer_correctness
from ragas import evaluate

answers = [
"To deploy a web application on the Choreo platform, follow these steps:\n\n### Prerequisites\n1. Ensure you have the required permissions for your organization. Typically, the minimum required permissions are: **Organization Read**, **Project Read**, and **Project Write**.\n\n### Steps to Deploy a Web Application in Choreo\n1. **Create a Web Application Component**: If you already have an application connected to your Git repository, proceed to the next step. Otherwise, connect your GitHub repository to Choreo by following the [Choreo Connect GitHub Repositories](https://wso2.com/choreo/docs/develop-components/develop-web-applications/connect-github-repos-choreo/#connect-github-repos-to-choreo) guide.\n   \n2. In the left navigation menu of the Choreo Console, click **Deploy**.\n3. Select your component from the list of components to view the **Deploy** page.\n4. In the **Set Up** card on the **Deploy** page, ensure you have filled in the mandatory fields such as a display name, name, version, project, label, description, and build pack.\n5. Click on **Deploy** to start the deployment process. The build configuration will appear once the deployment completes successfully.\n\n### Additional Notes\n- Choreo automatically applies best practices like microservices architecture and follows a modular design principle.\n- After the initial deployment, you can update the source code, apply new configurations, or rebuild your container image when changes are made in the source code repositories linked to the respective components.\n\nFor more detailed guidance, you can refer to the official documentation here: [Deploy Your First Web Application](https://wso2.com/choreo/docs/develop-components/deploy-your-first-web-application/#step-3-deploy-the-web-application).",
"The \"Module not found error\" typically occurs when your application cannot locate or access the necessary libraries or files that it needs to run properly. This issue can occur both at the time of deployment and while running the deployed application. Here are some strategies you can use to resolve this error:\n\n### Steps to Troubleshoot and Resolve Module Not Found Errors During Deployment:\n\n1. **Verify File Paths**: Ensure that all required files (such as configurations, scripts, etc.) are stored in the correct directory. Sometimes, relative paths may cause the module to be inaccessible.\n\n   Example: If your `main.py` is located in `/my/project/main.py`, make sure that any other files or directories are accessible through the same path.\n\n2. **Check Libraries**: Confirm that all dependencies are included correctly. Missing or incorrectly referenced third-party libraries can cause a `ModuleNotFoundError`.\n\n   - Make sure your Dockerfile contains commands to install any necessary dependencies listed in your `requirements.txt` (if you're using a Python project). For example:\n     ```bash\ncp requirements.txt .\npip install --upgrade pip\npip install -r requirements.txt\n```\n\n3. **Dockerfile Structure**: If you are using a Dockerfile, ensure it follows best practices:\n\n   - Use an explicit `WORKDIR` to avoid potential confusion with environment variables.\n   - Ensure the command section is clean and separates from the `COPY` section for better readability and maintainability.\n   \n   ```Dockerfile\nFROM python:3.7\nRUN cp requirements.txt .\nRUN pip install --upgrade pip && pip install -r requirements.txt\nCOPY . /app\nWORKDIR /app\nENTRYPOINT [\"python\", \"main.py\"]\n# Add other commands here if needed\n``` \n\n4. **Container Image Build Failure**: If there are issues during container image build, the command will return with a non-zero exit status, leading to a `ModuleNotFoundError`. To troubleshoot:\n\n   - Clean the cache before building (`docker build -f <path-to-Dockerfile> -t <image-name>:<tag> -ci .`).\n   - Check if there are any permission errors or file corruption during the build process.\n\n5. **CI/CD Process**: Ensure your Continuous Integration and Continuous Deployment processes are configured correctly:\n\n   - Check if your component has set up a proper build pack. The build pack handles compiling your code, packaging it into a container image, and pushing it to your preferred cloud environment.\n   - Verify that all environment variables are properly defined and assigned to their respective components.\n\n6. **Logging and Monitoring**: Use logging and monitoring tools within your Choreo Console to track any deployment failures and monitor application logs for clues.\n\n### Common Error Messages:\n- **No module named 'some_module'**: This indicates that `some_module.py` cannot be found.\n- **Error reading the manifest file**: This may occur if there are missing or incorrectly formatted dependencies.\n\nFor more detailed troubleshooting, you can refer to the following links in the Choreo documentation:\n- [Builds & Deployments](https://wso2.com/choreo/docs/choreo-concepts/ci-cd/#build-and-deploy)\n- [Build a Container Image From Scratch](https://wso2.com/choreo/docs/develop-components/create-container-image-from-scratch/)",
"To enhance the security and privacy of your service interactions in Choreo, incorporating authentication mechanisms is essential. Here’s how to configure basic security for REST services, which can then be extended to service-to-service and service-to-user communication.\n\n### Adding Basic Security to a Service\n\n1. **Select Your Component**: In the Choreo Console, locate the component you wish to secure. If you need to generate new credentials, navigate to **Deploy** > **Endpoint Configurations** under the **Set Up** card.\n\n2. **Define Endpoints**: Identify the endpoints that require protection from unauthorized access. Ensure these endpoints include GET, POST, PUT, DELETE, or TRACE operations, as they may be exposed via standard API proxies.\n\n3. **Configure Endpoint Scopes**: Specify scopes for each endpoint. These are identifiers that describe permissions attached to a resource. This is crucial because you will later apply roles to these scopes during role-based access control. Note that scopes must be defined explicitly, similar to setting tags for a cloud-native database connection. Use appropriate names for scopes to define permissions effectively.\n\n4. **Set Authentication Level**: In the **Deploy** section, select **Basic Security with OAuth** as the authentication level. Configure the necessary options for this method, including selecting your identity provider.\n\n5. **Protect the Endpoint**: To test your secured endpoint, go back to the **Develop** section, click on **Test**, set up test users, and initiate a test request. Upon successful deployment, the Invoke page will display details about the deployed endpoint.\n\n### Extending Authentication\n\nOnce basic authentication is configured, it’s advisable to upgrade your component to an OAuth application if you plan on implementing a full OAuth2.0 flow. This allows you to manage user tokens effectively and handle API subscriptions more rigorously.\n\nFor detailed guidance on configuring an Identity Provider for your service, please refer to the [Choreo documentation on adding basic authentication](https://wso2.com/choreo/docs/authentication-and-authorization/configure-basic-authentication-for-a-component/#step-3-set-up-the-identity-provider-for-your-component).\n\nBy following these steps, you can secure your service with appropriate measures ensuring safe interaction and enhanced protection against unauthorized access.",
"To add a custom domain for your web application in Choreo, follow these steps:\n\n### Prerequisites\n1. **Admin Privileges**: Ensure you have admin privileges in your organization.\n2. **Custom Domain Ready to Use**: You should have already created a domain for your web application in the Choreo Developer Portal.\n\n### Steps to Add a Custom Domain\n\n1. In the Choreo Console, go to the top navigation menu and click on **Organization**. Then select your organization from the list.\n2. In the left navigation menu, click **Settings**.\n3. On the Organization Settings page, click on the **URL Settings** tab and then the **Active Domains** tab.\n4. Click on **+ Add Domains**.\n5. In the **Add a Custom Domain** pane, specify your desired domain name, select the environment, and choose the entity type (API, Web App, etc.) and the component.\n6. After that, generate the requisite SSL certificates and add them to the DNS provider. Once done, verify the CNAME record during the next step.\n7. Copy the custom URL template generated by Choreo and paste it into your DNS settings. This will allow you to create a DNS record for your domain.\n8. Upon successful verification of the CNAME mapping, a custom URL will be provisioned for your application in the Developer Portal and your component in the Choreo console.\n9. Finally, redirect your user traffic via the generated custom URL.\n\nFor detailed steps and additional options related to the TLS certificate, refer to the [Choreo documentation](https://wso2.com/choreo/docs/administer/configure-a-custom-domain-for-your-organization/#add-a-custom-domain-for-an-organization).",
"To test your service in Choreo, you can use both the **Choreo DevOps** and **Test Cloud** environments. Below are the steps to deploy and test your service using these environments:\n\n### Testing Your Service in Choreo DevOps Environment\n\n1. **Deploy the Service**: Follow the steps to deploy your service to the Choreo DevOps environment.\n   - Connect your GitHub repository, either through the UI or API.\n   - Fill in the necessary details like display name, description, labels, color theme, etc.\n   - Ensure that your service builds and deploys successfully.\n   - Access your component in the **Project** section and click on **Test**.\n\n   ![Test component](https://wso2.com/choreo/docs/assets/img/choreo-samples/test-component.png)\n\n2. **Invoke the API**: In the **Test Configurations** pane, configure the endpoint as needed (e.g., production credentials for secure testing). You can specify parameters, headers, or JSON payloads to interact with the API.\n\n   ![Configure endpoint](https://wso2.com/choreo/docs/assets/img/choreo-samples/configure-endpoint.png)\n\n3. **Execute Tests**: Click **Run All** to execute tests against all endpoints. Alternatively, select an endpoint to run specific tests.\n\n4. **View Test Results**: If any failures occur, they will be marked in red, providing feedback on how to troubleshoot. The results will list the tests performed along with their statuses.\n\n5. **Log Level Tuning**: Adjust the log level in the **Logging & Monitoring** tab if the service generates more logs than expected. This prevents flooding the output with unnecessary log information during testing.\n\n### Testing Your Service in Test Cloud Environment\n\nIn addition to the Choreo DevOps environment, you can also test your components in the Test Cloud environment for further validation.\n\n#### Steps to Deploy Your Component in Test Cloud:\n\n1. Sign in to the Choreo console.\n2. From the top navigation menu, click **Organization**, select your organization.\n3. Go to the left navigation menu and select **Components** then choose your component to view its card.\n4. Under the **Create Version** card, click **Deploy**.\n5. In the **Set Up** card, provide the necessary configuration details and deploy your component to the Test Cloud environment.\n\nFor detailed guidance, refer to the documentation on [Testing Services](https://wso2.com/choreo/docs/testing/test-services/#test-the-service-in-the-choreo-cloud-data-plane).\n\n### Additional Tips\n- Ensure that your service has appropriate permissions configured, especially if it interacts with other services. This involves assigning scopes during deployment.\n\nFor a comprehensive understanding, please refer to the documentation here: [Test Components Manually](https://wso2.com/choreo/docs/testing/test-components-manually/#test-your-service).",
"To add environment variables to a Python web application in Choreo, follow these steps:\n\n### Prerequisites\n1. **Build Configurations**: Ensure your project is set up for Buildpacks or builds from source code.\n2. **Dockerfile**: If using Docker, verify that it includes the necessary environment variables.\n3. **Environment Variables**: Ensure that you do not include sensitive credentials in the code repository; instead, use environment variables or Choreo secrets.\n\n### Step 1: Connect Your GitHub Repository\n1. In the **Component Listing** pane, click on the component you want to configure.\n2. Navigate to **Settings** and then to the **GitHub Account** tab.\n3. Choose the GitHub account connected to your organization, if you don't have one, add a new account linked to your personal GitHub account.\n4. Click on **+Connect New Account**.\n5. Enter your GitHub account credentials or sign in via **Desktop App**.\n6. Select the repository containing your source code and authorize access to it through the provided OAuth keys.\n7. Click **OK** to confirm access.\n\n### Step 2: Configure & Deploy\n1. Click on the **Deploy** option under the **Build Area** card.\n2. In the **Set Up** card, select **Configure & Deploy**.\n3. If you want to specify Docker arguments during build, check the **Allow Dockerfile to Be Overridden** checkbox and enter any values required.\n   \n   | **Field**                   | **Description**                                                                                           |\n|-------------------------------|-------------------------------------------------------------------------------------------------------|\n| **Dockerfile Update**         | **Optional** field to allow you to override the default Dockerfile with your own image.             |\n| **Ballerina Package**         | **Optional** field to upload your Ballerina project file.                                           |\n| **Docker Configuration**      | **Optional** to add additional environment variables needed for the build process.                   |\n| **Create Build Directory**    | **Optional** checkbox when you have added other configurations/directories.                          |\n\n4. In the **Container Settings** pane, expand the **File Mount** list and click **+ Add File Mount**.\n5. Select your **config.toml** file and choose **Environment Path** from the Type list, indicating that it should be placed in the `.env` file in the file system.\n6. Click **Save**. Note that this does not apply changes until the next build.\n\n### Step 3: Update Environment Variables (Optional)\nIf you need to change the configuration files later:\n1. Go back to **Set Up** and click **Update Image** to modify the environment variables.\n2. To replace existing configurations, remove them first and add your new ones.\n\nThese steps will effectively manage environment variables for your Python web applications within Choreo. For further details, refer to the [Set Up a Container with Build Configurations documentation](https://wso2.com/choreo/docs/develop-components/deploy-an-application#step-3-set-up-a-container-with-build-configurations).",
"To establish connectivity between your React frontend and your backend in Choreo, you need to follow several steps, including configuring APIs, creating user accounts, and integrating them seamlessly.\n\n### Steps to Connect the React Frontend to the Backend:\n\n1. **Create a User Account in Choreo**:\n   - If you haven’t already created a user account, do so by signing in to the Choreo Console.\n\n2. **Connect Your React Application**:\n   - Ensure you have set up your React application correctly.\n\n3. **Add the Back-end URL as a Domain**: \n   - Go to your React project’s settings where you can add a custom domain if needed.\n\n4. **Register the Application in Choreo**:\n   - In the Choreo Developer Portal, click the **Application** tab and register your React application with the respective API key.\n   - Note the application name and create a short-lived test access token from the **Production** environment. This token will be used later for testing.\n\n5. **Set Up Environment Variables**:\n   - To ensure secure configuration management, set up environment variables that will store your backend URL and API key.\n\n6. **Deploy Your Backend**:\n   - Deploy the backend component of your Choreo REST API in the desired environment. For example:\n     1. Click on **Deploy** under **Build Area**.\n     2. Select **Development** from the deployment environment list.\n     3. Confirm the build success before clicking **Deploy**.\n\n7. **Obtain a Token from Your Frontend**:\n   - Use your access token obtained earlier to call your backend services. You can retrieve this token from a JSON web token (JWT) library in Node.js.\n\nHere’s a simple example of how to retrieve a JWT using a library like `jose` in Node.js:\n\n```javascript\nvar jose = require('jose');\n\n// Your access token here\nconst accessToken = 'your_access_token';\n\n// Load secret from file\nlet credentials = require('../credentials.json').keys[0];\n\n// Construct the JWE\nlet jwe = new jose.JWTDecipher(accessToken, credentials);\n\n// Resolve to payload\njwe.getPayload().then(function(decodedClaims) {\n    console.log('decodedClaims', decodedClaims);\n});\n```\n\n8. **Use Postman to Test API Connectivity**:\n   - Utilize tools like Postman to invoke your API from the Choreo Developer Portal. This will help you confirm the connection and the ability to call the backend successfully.\n\nThese steps should help you connect your React frontend to the backend service within Choreo. If you need more detailed configurations or face specific issues, feel free to ask!",
"To connect a backend application deployed on the Choreo platform to a frontend application deployed on GitHub Pages, you will need to create a Webhook in Choreo that triggers the corresponding webhook implementation on your GitHub account.\n\n### Steps to Follow:\n\n1. **Authorize the Connection**: In the Choreo Console, navigate to the **Dependencies** section, then to **Message Bubbling**. Click **Configure & Connect** to authorize the Choreo webhook to interact with your webhook on GitHub.\n\n   - After authorizing, you will be directed to the [Verify URL](https://githubsettings.choreo.dev). \n   - Copy the full invoke URL from there. For reference, your URL might look like this:\n     ```sh\n     https://devops-choreo.apps.wso2.org/losgalchoreodev/losgalchoreodev-github-webhook\n     ```\n\n2. **Deploy Your Frontend Application**: Ensure that your GitHub Pages frontend application is deployed successfully.\n\n3. **Implement the Backend Webhook**: Create the necessary webhook in your backend development environment to handle API calls. This webhook will take the following parameters:\n   - `body`: The payload data sent from your frontend application.\n   - `event`: The type of event triggering the webhook.\n   - `challenge`: Used for security purposes; ignore if not applicable.\n\n4. **Triggering the Webhook**: When a user interacts with your frontend application, the request should trigger the corresponding webhook on your backend server, which in turn invokes your GitHub webhook. Ensure proper error handling is implemented to manage scenarios like network issues.\n\n5. **Deployment of the Frontend App**: To publish your frontend app to GitHub Pages, navigate to your GitHub repository under **Settings**, then to **Webhooks** and **Automation Settings** to enable the necessary configurations. Commit any changes associated with the frontend build.\n\n### Important Considerations:\n- Make sure that both the backend and frontend components are authenticated to interact with each other securely.\n- Test the setup thoroughly to ensure that requests flow smoothly between your backend and frontend applications.\n\nFor more detailed instructions and visual aids, you may refer to the official documentation here: [Develop Webhooks](https://wso2.com/choreo/docs/develop-components/develop-webhooks/#develop-a-backend-webhook-and-integrate-it-with-your-github-account).",
"To implement comprehensive testing for a full-stack application, including automated testing for both the frontend and backend components in Choreo, you can follow these structured steps:\n\n### Steps to Implement Testing\n\n#### 1. Set Up Continuous Integration (CI)\n   - You need to set up your project in Choreo. This involves:\n     - Creating a project with relevant repositories for your frontend and backend components.\n     - Ensure that all required Choreo components (projects) are set up with proper configurations like component builds and deployments.\n   - You may also consider creating a [self-signing certificate](https://wso2.com/choreo/docs/authentication-and-authorization/configure-a-self-signed-certificate/) for SSL security during your development process.\n\n#### 2. Create Components\n   - Create your frontend and backend components using Choreo’s user interface:\n     - Go to **Component Listing** under the **Project** pane in the Choreo Console.\n     - Click **+ Create** and choose your component types (API Proxy for backend and Web Application for frontend).\n     - Follow the prompts to fill out the necessary details, such as display name, version, and description for both components.\n\n#### 3. Build the Project\n   - To build your application, navigate to the Build page of your project settings:\n     - Under the **Builds** tab, click **Build Latest**. \n     - Alternatively, you can build a specific commit or tag by selecting the corresponding **Commit** or **Tag** in the **Builds** list.\n   - The `Dockerfile` content will reflect any updated images, and the successful build will create an image tagged with the current build version.\n\n#### 4. Deploy the Application\n   - After successfully building, deploy your application through Choreo.\n   - For deployment, ensure that your application is configured correctly in terms of buildpack versions, secrets, and endpoint configurations.\n\n#### 5. Implement Unit Tests\n   - Write test cases to check individual components, especially critical ones such as the user API proxy. Use tools like JUnit for writing and executing unit tests.\n\n#### 6. Set Up Automation Pipelines\n   - Utilize a combination of continuous integration and continuous deployment (CI/CD) processes. \n   - Consider integrating external CI systems, like Jenkins or GitLab, to further automate and optimize testing processes.\n\n#### 7. Monitor Performance and Response Time\n   - Use metrics like response time and status codes to evaluate the performance of your applications. Tools such as JMeter and Gatling can help in monitoring and optimizing frontend performance.\n\n#### 8. Automated Security Scanning\n   - Incorporate security scanning techniques to ensure code safety and compliance. Tools like TruffleHog can be utilized for finding and patching vulnerabilities efficiently.\n\n### Summary\nThe implementation of a comprehensive testing strategy involves setting up CI pipelines, building and deploying applications, writing test cases, setting up automated pipelines, and monitoring performance and security aspects. These practices collectively enhance the quality assurance of your full-stack application.\n\nFor more detailed guidance on testing and CI/CD practices in Choreo, you can refer to the following documents:\n- [Set Up Continuous Integration (CI)](https://wso2.com/choreo/docs/develop-components/testing/set-up-continuous-integration-cibuilds/build-component-in-choreo/)\n- [Test Applications](https://wso2.com/choreo/docs/testing/test-applications/)\n- [Security Scanning Overview](https://wso2.com/choreo/docs/security-scanning/)",
"I'm sorry, but I can only assist with issues related to Python components deployed in Choreo. Could you please clarify if your service is written in a different language or is there any other specific issue you are facing besides the \"procfile not found\" error?",
"The error message \".choreo/endpoints.yaml not found\" typically indicates that there may be an issue with the configuration or setup of your component within Choreo, particularly related to API configuration files.\n\nHere are some steps to troubleshoot and resolve this issue:\n\n### Step 1: Verify Component Configuration\nEnsure that the component has the necessary configurations enabled:\n- **Component Configurations**: Under \"Application,\" ensure that environment-specific configurations are applied.\n- **Endpoint Configurations**: Under \"Endpoints,\" verify that the endpoint configurations are set up correctly. If you are creating new configurations, make sure to fill out the required fields such as:\n  - **name**: The unique name for this configuration across all environments.\n  - **display name**: A friendly name for referencing this configuration.\n  - **environment variables**: Define the environment variables you want to associate with this configuration.\n  - **file paths**: Specify any file paths you need to create.\n  - **context**: Enter the appropriate context for the file path. For example, if you are mounting a volume, define a relative file mount path.\n\n   ![Endpoint configuration](https://wso2.com/choreo/docs/assets/img/devops-and-ci-cd/component-configurations/configure-endpoint-configurations.png)\n\n### Step 2: Create Component.yaml\nIf your component does not have a `.choreo/endpoints.yaml` file, it will default to the `Component.yaml` file, which will contain the endpoint configurations.\n\n### Step 3: Apply Changes\nAfter configuring the necessary settings, click **Apply** to save your changes.\n\n### Additional Considerations\n- Make sure you have configured the components appropriately in each environment.\n- Ensure that you have committed and pushed your component's source code if applicable.\n\nIf you still encounter issues after following these steps, you may want to check if there are any recent changes in Choreo's infrastructure that could be affecting how component configurations are handled.\n\nFor more details, you can refer to the documentation here: [Configure Endpoints](https://wso2.com/choreo/docs/develop-components/configure-endpoints/).",
"In Choreo, you can configure various probe types for setting up a readiness probe to manage the health status of your Containerized Application (CCA). Here are some key configurations for the readiness probe:\n\n### Types of Probe\n1. **HTTP GET Request**: \n   - This probe sends an HTTP `GET` request to a specified port and path on the container. A successful response status code is in the range of 200-399.\n   - **Sample script**: `\n      |curl -H \"Content-Type: application/json\" -X GET -d {}\n      |--http-port\n      |<port>\n      |<path>`\n   - **Configuration**: [here](https://wso2.com/choreo/docs/devops-and-ci-cd/set-up-health-checks/#configure-an-http-get-request-body)\n\n2. **TCP Connection Probe**:\n   - This probe establishes a TCP connection on the specified port. If it cannot open a socket, it is considered a failure.\n   - **Sample script**: `\n      |[[[probe-tcp-connection-port]]] <port> [\n      |<port>]`\n   - **Configuration**: [here](https://wso2.com/choreo/docs/devops-and-ci-cd/set-up-health-checks/#configure-a-tcp-connection-body)\n\n3. **Execute a Command**: \n   - Executes a given command inside the container. A non-zero return from the command indicates a failure.\n   - **Sample script**: `|[command]`\n   - **Configuration**: [here](https://wso2.com/choreo/docs/devops-and-ci-cd/set-up-health-checks/#configure-an-execute-a-command-body)\n\n4. **File Creation Probe**: \n   - Checks if a specific file exists at a designated location in the container. If not found, it is considered a failure.\n   - **Sample script**: `|-p [/absolute/path/to/file]|[\n       |[-m|--must-exist] |[\n       |[-n|--no-to-file]|[\n       |<directory>]`\n   - **Configuration**: [here](https://wso2.com/choreo/docs/devops-and-ci-cd/set-up-health-checks/#configure-create-a-file-body)\n\n### Steps to Configure Readiness Probes\n1. In the Choreo Console, navigate to **DevOps** and then **Health Checks** under the **Probe Configurations** tab.\n2. Click on **+ Create** to add a new probe configuration.\n3. Choose the type of probe that best suits your needs (HTTP, TCP, Execute Command, or File Creation).\n4. Specify the necessary parameters for the selected probe type, and save your settings.\n\nBy properly configuring the readiness probes, you ensure that your containerized applications receive proper health checks, allowing effective management of application availability in the Choreo environment.\n\nFor further details, you can refer to the [Set Up Health Checks documentation](https://wso2.com/choreo/docs/devops-and-ci-cd/set-up-health-checks/).",
"To configure Azure Active Directory (Azure AD) as an external identity provider (IdP) in Choreo, follow these steps:\n\n### Prerequisites\nBefore you begin the configuration, ensure you have done the following:\n1. **Sign in to the Choreo Console**.\n2. **Select your Organization** from the top right corner.\n3. **Select Settings**.\n4. Click the **Application Security** tab and then navigate to the **Identity Providers** section to view existing IdPs. If no IdPs are listed, proceed to the next step.\n5. Ensure you have administrator rights in your Azure account.\n\n### Steps to Configure Azure AD as an External IdP in Choreo\n\n1. **Obtain Principal and Client IDs from Azure AD**:\n   - In the [Azure portal](https://azure.microsoft.com/en-gb/), go to your Azure AD account under **Azure Active Directory** > **App registrations** > **Endpoints**.\n   - Copy the `UPN-based access token` and save it temporarily. You will need this later for configuring the role mapping.\n\n2. **Add Azure AD as an External Identity Provider**:\n   - In the Choreo Console, go to **Settings** > **Identity Providers**.\n   - Click **+ Identity Provider**.\n   - Select **Microsoft Entra ID (Azure AD)** as the identity provider.\n   - Enter a name and a description for the IdP.\n\n3. **Connect Azure AD to Choreo**:\n   - Under **Connection details**, select your Azure AD instance.\n   - Leave the **Apply whitelists** option selected if you want to allow Choreo to generate the necessary keys itself.\n   - Alternatively, enter the public client secret for your Azure AD application. For guidance on obtaining this secret, see [Obtain a Public Client Secret](#obtain-a-public-client-secret).\n\n4. **Configure Scopes and Role Assignment Rules**:\n   - If your API needs to be secured based on roles, configure scopes and role assignment rules.\n   - Choose an appropriate access model (API or application).\n   - Click **Test** in the **Test Connection** pane to verify connectivity with your Azure AD instance.\n\n### Important Considerations\n- The permissions granted via the OAuth flow will determine the resources accessed through the API, and proper management of roles and groups is crucial to control user access effectively.\n- For detailed guidance on managing users and groups in Choreo, refer to [Manage Users and Groups](https://wso2.com/choreo/docs/administer/configure-an-external-idp/#manage-users-and-groups).\n\nBy following these steps, you will successfully configure Azure AD as an external IdP in Choreo, allowing secure API access.",
"To implement rate limiting for your APIs in Choreo, you need to enable API throttling via the Choreo Console's settings. Here's how you can do it:\n\n### Steps to Enable Rate Limiting\n\n1. **Navigate to Project Settings**: In the Choreo Console, click on the **Project** list in the header and select your project.\n\n2. **Open API Settings**: Click on the **Component Listing** dropdown and select the API component you wish to restrict access to. This will take you to the **Deploy** page of the API component.\n\n3. **Enable API Throttling**:\n   - Scroll down to the **Test** tab and click on **Throttle Requests**.\n   - Adjust the throttling parameters based on your requirements. You can set the options according to your bandwidth, duration of usage, or specific requests per time unit, depending on the scenario best fit for your application.\n\n4. **Save Changes**: After setting the appropriate values, click **Save** to apply the changes.\n\nBy implementing these steps, you will effectively manage the rate limits on your APIs, ensuring optimal performance and preventing unintended API usage.\n\nFor more detailed information, you can refer to the documentation here: [API Throttling](https://wso2.com/choreo/docs/api-management/api-throttling/#enable-api-throttling).",
"The Trivy scan results indicate critical vulnerabilities that need immediate attention. The critical vulnerability in your component, 'cisco-iottac-pdp', has a high severity level and could potentially compromise the security of your IoT application. To address this issue, you should implement a strategy to manage and mitigate these vulnerabilities effectively.\n\n### Steps to Resolve Critical Vulnerabilities in Choreo Components:\n\n1. **Fix the Vulnerability**:\n   - Identify the root cause of the vulnerabilities in the 'cisco-iottac-pdp' component.\n   - Implement patches to fix the vulnerabilities. This might involve updating dependencies or applying software updates.\n\n   For example, the vulnerability is related to a JSON serialization library used in your code. You may need to update your `choreo-component.yaml` file to use a more secure JSON library, such as JOSEv3.\n\n   ```yaml\n   - name: cisco-iottac-pdp\n     builder: \"choreo/java-builder:v18.9.10\"\n     buildPackVersion: \"5.3.0\"\n     components:\n       - buildpack: https://github.com/choreo-labs/buildpacks-java.git#5.3.0\n         vendorDir: /app/\n         packageFile: <your_package_file>\n         packages:\n           - org.json:org.json:2024.06.27.01\n         args: [\"--java-version\", \"17\"]\n\n   ![Secure Library](https://wso2.com/choreo/docs/assets/img/security/secure-library.png)\n   ```\n\n   After making changes, redeploy your component to apply the updates:\n   ```sh\n   choreo-deploy --apply-changes\n   ```\n\n2. **Manage and Mitigate Vulnerabilities**:\n   - Regularly perform scans on all your components to detect and fix vulnerabilities promptly.\n   - Utilize security advisors to get recommendations for patching known vulnerabilities and to ensure your components remain secure.\n   - Monitor the vulnerability checker logs for any new security alerts to stay informed about any emerging threats.\n\n   Here’s how to configure your component for automatic vulnerability updates:\n\n   1. In the left navigation menu, click **DevOps** and then click **Security Advisor**.\n   2. Under **Configure Advisories**, select **Automatic** to automatically update your component’s image with the latest available updates from the advisories.\n   \n   ![Automatic Advisor](https://wso2.com/choreo/docs/assets/img/security/scanners/automatic-security-advisor.png)\n\n3. **Deploy the Component**:\n   After making necessary changes, redeploy your component:\n   ```sh\n   choreo-deploy --apply-changes\n   ```\n\n4. **Monitor and Alert Settings**:\n   - Enable alerts for security-related messages and configure them to notify you when vulnerabilities occur.\n   - Go to the **Settings** of your component and enable alerts under the **Observability** tab:\n\n   ![Alert Settings](https://wso2.com/choreo/docs/assets/img/alerts/alert-settings.png)\n\n   Finally, verify that all critical vulnerabilities have been addressed before deploying the component again.\n\nBy following these steps, you can effectively address and mitigate the security risks associated with critical vulnerabilities in your components. For more details, please refer to the following documentation:\n- [Vulnerability Scanning and Remediation](https://wso2.com/choreo/docs/monitoring-and-insights/scanning-and-testing/vulnerability-scanning-and-remediation/#fix-critical-and-high-severity-vulnerabilities).\n- [Enable Alerts](https://wso2.com/choreo/docs/monitoring-and-insights/alerts-overview/#configure-an-alert-for-your-component).",
"To add a config file to a React web application using the Choreo console, you need to follow these steps:\n\n### Step 1: Add Config Files to Your Component\n1. **Navigate to your React Component**: In the Choreo Console, go to the **Component Listing** pane and select the React component you want to add configuration files for.\n2. **Open Build Configurations**:\n   - Click on **Build Settings** under the **Build Area** section.\n3. **Enable Config Files**:\n   - Under **Build Configurations**, enable the **Configs & env vars** toggle.\n4. **Add Config File**:\n   - Click on **+ Add Config** and upload the necessary configuration files. \n5. **Specify Output Directory**:\n   - Choose where to output the config file (default is build).\n6. **Save**:\n   - Click **Save** to apply the changes. This will trigger a new deployment of your component with the added configs and env vars.\n7. **Redeploy**:\n   - Click on **Re-deploy** to update your component in the environment.\n\n### Step 2: Mount Config Files to Container\nBy default, you can add both configuration and environment variables as mountable files into the container, but this option is disabled by default. \n\n### Note:\nConfig files should be included as source code, committed in their own Git repository, and published via an external Git provider or via [Choreo's Git Integration](https://wso2.com/choreo/docs/develop-components/develop-components-with-git/#choreos-built-in-git-integration).\n\nThis process allows you to manage configurations effectively within your deployed applications in Choreo. For more details, you can refer to the documentation here: [Manage Configuration Files and Environment Variables](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-configuration-files-and-environment-variables/#add-config-and-env-vars-to-your-component).",
"To secure your web application in Choreo, there are several steps you can take depending on your specific needs regarding security measures. Here’s a structured approach:\n\n### 1. Implement Authentication\nAuthentication is crucial for securing web applications as it verifies the user’s identity before granting access. The following methods can be used:\n\n   - **Ballerina Built-In Security Token Service**\n     - Set up the Ballerina built-in security token service to manage API keys securely.\n     - Use API key-based security to restrict resource access via project scopes.\n   - **WSO2 Identity Server**\n     - Integrate Choreo components with the WSO2 Identity server for user authentication.\n     - Create users in the identity server, assign roles, and configure an OIDC/OAuth 2.0 authentication flow to protect your resources.\n\n   **Steps to set up Ballerina Built-In Security Token Service**: \n   1. Go to the Choreo console, click on your organization, and select Settings.\n   2. Navigate to the Access Tokens tab, choose to enable Secure Token Storage, and configure the path for the security token file.\n\n   **Steps to integrate WSO2 Identity Server**:\n   1. In the Choreo console, navigate to Settings under Organization.\n   2. Go to the Application Security tab and create a Security Token Handler.\n   3. Assign roles to specific groups through the Identity Provider management under Role Management.\n\n### 2. Implement Authorization\nAuthorization determines who can perform what actions on your web application. You can manage this through roles and permissions.\n\n   - **Define Roles**: Assign roles to users, allowing them to inherit the permissions associated with those roles. For instance, grant admin privileges to selected users.\n   - **Set Permissions**: Assign permissions to roles. This ensures that only designated users can execute specific operations based on their roles.\n\n   **Steps to define Roles and Permissions**: \n   1. Under Organization, go to Settings and then Application Security.\n   2. Click to add new roles and map permissions to these roles.\n\n### 3. Encrypt Data at Rest\nTo protect sensitive data from unauthorized access, it's essential to encrypt it both in transit and at rest.\n\n- **Enable Transport Layer Encryption**: \n  - For API Gateways, ensure that transport layer encryption is enabled across major cloud providers and private data planes.\n  - Implement TLS certificates to secure connections.\n\n- **Encryption at Rest**: \n  - Enable storage encryption for databases like MySQL, MariaDB, SQL Server, PostgreSQL, Oracle, and Cassandra.\n\n### 4. Monitor and Alert Configuration\nImplementing monitoring and alert configurations can help detect and mitigate threats:\n\n- **Configure Alerts**: \n  - Create alerts to monitor specific metrics like CPU and memory usage thresholds and set notification levels accordingly.\n  - Subscribe to logs to gain insights into any potential breaches.\n\n### Additional Tips\n- Regularly review and update your application’s security measures to stay ahead of emerging threats.\n- Consider using OAuth 2.0 for better authorization practices and API security.\n\nFor further details on configuring authentication, authorization, encryption, and setting up monitoring and alerts in Choreo, please refer to the [Choreo Security Documentation](https://wso2.com/choreo/docs/authentication-and-authorization/authentication-and-authorization-overview/#set-up-basic-authentication-and-secure-api-access).",
"To secure an API in Choreo, you can utilize various methods that incorporate built-in security functions or implement JWT-based security tokens. Here’s a comprehensive guide on how to secure an API:\n\n### 1. **Use Built-In Security Functions for API Level Authentication**\n   - When creating an API component in Choreo, you have the option to enable security through the following mechanisms:\n     - **Basic Authentication**: For this, set the `username` and `password` fields to define who can access the API. \n     - **Bearer Token Authentication**: Generate a secret key and attach it to the endpoint URL to ensure secure communication.\n   - To configure these settings:\n     1. In the **Component Listing** pane, click on the REST API you want to secure.\n     2. In the left navigation menu, click **Develop**, then select **Endpoints**.\n     3. Under **Security Overview**, click **Configure New Token** to set up appropriate roles and assign them to specific endpoints.\n\n### 2. **Implement JWT-Based API Security**\n   - To implement JSON Web Tokens (JWTs) for securing APIs:\n   - Ensure you have an identity provider (IdP) set up, which can either be built-in or an external IdP. Choreo supports popular IdPs like Asgardeo, Azure AD, AWS Identity and Access Management, GitHub, and OpenID Connect applications.\n   - In the Choreo Console, navigate to the project level under **Settings** > **Authentication Keys** and generate the necessary keys to test your JWT implementation.\n   - After deployment, you can invoke the API securely via the generated endpoint URL. \n\n### 3. **Deploying Your Application**\n   - Once you have secured your API component, you need to deploy it to create the necessary keys for testing. This involves:\n   - Creating an API in Developer Portal: \n     1. Click on the API component in the **Component Listing** pane.\n     2. Click **Manage**, then select **Endpoint** and copy the endpoint URL.\n   - Invoking the API with the generated token to test its functionality.\n\n### Important Considerations\n- Always ensure that the application is deployed before attempting to generate the test URL and invoking the API.\n- Properly handle secrets and tokens to maintain security throughout the API lifecycle.\n\nFor further details on this topic, please refer to the official documentation:\n- [Secure API Access](https://wso2.com/choreo/docs/authentication-and-authorization/secure-api-access/)\n- [Secure an HTTP Service with Managed Identity](https://wso2.com/choreo/docs/authentication-and-authorization/secure-an-http-service-with-managed-idp/#step-4-generate-the-secrete-token-and-attach-it-to-the-http-service-endpoint) \n- [Configure Endpoints for Your API](https://wso2.com/choreo/docs/tutorials/expose-a-service-as-a-managed-api/#configure-endpoints-for-your-api)",
"To set up alerts for your service in Choreo, follow these steps:\n\n1. **Navigate to Your Service**: Go to the specific service for which you want to configure alerts.\n  \n2. **Access Observability**: In the left menu of the Choreo Console, click on **Observability**.\n\n3. **Alert Configurations**: Click on the **Alerts** tab.\n\n4. **Create a New Alert Rule**: Click on **Create Alert Rule**.\n\n5. **Select Alert Type**: Choose the type of alert you wish to create, including:\n   - **Log threshold alerts**: Notify when a defined threshold for log count or severity level is exceeded.\n   - **Metric alerts**: Trigger alerts when predefined metrics deviate from expectations.\n   - **Condition-based alerts**: Trigger alerts based on specified conditions.\n\n6. **Configure Alert Parameters**: Provide the necessary configurations for your chosen alert type, ensuring they are appropriate for your monitoring needs.\n\n7. **Save Your Alert**: After configuring, you can save your alert rule and view its details in the **Pending Alerts** section.\n\n8. **Manage Alerts**: Once configured, you can manage your alerts through various actions such as enabling, disabling, or reviewing past alerts.\n\nBy following these steps, you can effectively set up alerts to monitor and react to your service's performance. For further details on configuring alerts, you can refer to the documentation [here](https://wso2.com/choreo/docs/monitoring-and-insights/alerts-overview/#configure-alerts).",
"To manage members in your Choreo organization, you can follow these steps to either invite new members or remove existing ones:\n\n### Adding New Members\n\n1. **Navigate to Organization Settings**:\n   - In the Choreo Console, go to the top navigation menu.\n   - Click on the **Organization** list and select the organization you want to manage.\n\n2. **Access Member Management**:\n   - In the left navigation menu, click on **Settings**.\n   - Click on the **Members** tab. This will display the existing members of the organization.\n\n3. **Inviting New Users**:\n   - To invite new members, click on **+ Add Members**.\n   - Specify the email addresses of the new members you wish to invite. \n   - Optionally, choose appropriate groups for these new members in the **Groups** dropdown.\n\n4. **Sending Invitations**:\n   - Click on **Send Invitation** to send the invitations. The invited members will receive emails with instructions on accepting the invitation.\n\n### Removing Existing Members\n\nIf you need to remove an existing member from your organization:\n\n1. Locate the member you want to remove.\n2. Under the member’s username in the Members tab, click on the **Remove Member** icon corresponding to that member.\n3. Follow the confirmation prompts to proceed with removing the member.\n\nBy following these steps, you can effectively manage the members within your organization.\n\nFor more detailed guidance, you can refer to the documentation [here](https://wso2.com/choreo/docs/administer/control-members-of-an-organization/).",
"To create a new environment for deployment in Choreo, follow these steps:\n\n### Step 1: Create an Environment in the Choreo Console\n1. **Access the Organization Home Page**: In the top navigation menu, click on **Organization** and select your organization.\n2. **Navigate to DevOps Settings**: In the left navigation menu, click on **DevOps** and then select **Environments**.\n3. **Create a New Environment**:\n   - Click **+ Create**.\n   - Specify the environment details:\n     - **Name**: Enter a unique name for the environment.\n     - **Mark as Active**: Select this option if you want to use this environment for ongoing deployments.\n4. **Add Tags**: Optionally, you can add tags for search/filtering purposes.\n5. **Click Create**: This will finalize the creation of the new environment.\n\n### Important Considerations for Deployment Environments\nWhen creating an environment, it's essential to ensure that there are at least two deployment environments: one for development and another for production. This separation allows for proper control over environments used for ongoing testing and live services. \n\n### Additional Information\nDeployment environments are isolated from each other, ensuring that services running in one environment cannot access components in another. Additionally, these environments can be linked to specific project components for seamless deployment.\n\nFor more detailed instructions, you can refer to the [Create an environment documentation](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-environments/#create-an-environment).",
"To restrict API access to users with specific roles, such as administrators within your organization, you can follow these steps in Choreo:\n\n1. **Select Your Component**: In the **Component Listing** pane, click on the component for which you want to manage permissions.\n\n2. **Navigate to Settings**: In the left navigation menu, click on **Manage**, then select **Permissions**.\n\n3. **Manage Roles**: Click on **+ Manage Roles**.\n\n4. **Add Admin Role**: From the list of roles, select **Administrator** and click **+ Add Role**. This will add the Administrator role to the component.\n\n5. **Save Changes**: Finally, click **Save** to apply the new permission settings.\n\nThis process ensures that only users who have the Administrator role can access the component, maintaining control over who can interact with it.\n\nFor more details, you can refer to the [Control API Access documentation](https://wso2.com/choreo/docs/authentication-and-authorization/control-api-access/).",
"To utilize the Choreo CLI locally, follow these steps:\n\n### 1. **Set Up Your Development Environment**\nEnsure you have:\n- **Node.js** installed, which automatically sets up `yarn` as a global package if Node.js 16 or later is used.\n- The latest version of Git and Docker available on your operating system. You can install them from [GitHub](https://github.com/) and [Docker](https://www.docker.com/) respectively.\n\n### 2. **Configure Your Git Repository**\nYou can either set up Choreo with a public repository by using your GitHub account or initialize a private Git repository on your local machine.\n\n### 3. **Install Choreo CLI**\nUse the following command to install the Choreo CLI globally:\n```bash\n# On Windows\nchoco install wso2-choreo-cli \n\n# On Unix/Linux/Mac\ncurl -o- https://cli.wso2.com/install.sh | bash \n```\n\n### 4. **Connect Your Git Repository**\nTo connect your Git repository, run the following command:\n```bash\nchoreo connect <YOUR_GIT_REPOSITORY_URL>\n```\nThis command will ask for your credentials; ensure you have saved the Git URL in advance.\n\n### 5. **Add a Repository Path**\nOnce connected, use this command to add a repository path:\n```bash\nchoreo repo add <PATH_TO_YOUR_CODE>\n```\nReplace `<PATH_TO_YOUR_CODE>` with the relative or absolute path to your repository's root directory.\n\n### 6. **Deploying Your Component**\nAfter adding your files, you can proceed with building and deploying your component:\n```bash\nchoreo build\nchoreo deploy\n```\nThis sequence builds your components, copies their output artifacts into the built project directories, and then deploys them using a docker image with the specified name.\n\n### Additional Resources\nFor more details on connecting your Git repository, adding repository paths, and deploying your components, refer to the documentation:\n- [Consume Components Published in Choreo Developer Portal](https://wso2.com/choreo/docs/develop-components/sharing-and-reusing/components-consume-a-public-component/#consume-the-component)\n- [Choreo CLI Quick Start](https://wso2.com/choreo/docs/references/faq/#choreo-cli)\n\nThese resources should provide you with comprehensive guidance on getting started with the Choreo CLI.",
"To enable automatic scaling for your applications in Choreo, follow these steps:\n\n1. **Select Your Component**: In the **Component Listing** pane of the Choreo Console, select the component for which you want to enable scaling.\n\n2. **Access DevOps Settings**: On the left navigation menu, click on **DevOps**, and then select **Scaling**.\n\n3. **Set Up Scaling Plans**: Define the desired CPU and memory limits for scaling, including how to automatically adjust these limits. For instance, you might set:\n   - A minimum CPU and memory allocation of 100, with a maximum of 400.\n\n4. **Enable Automatic Scaling**: Turn on the toggle next to the scaling plan you want to apply. This will start scaling based on conditions like CPU and memory utilization.\n\n5. **Configure Health Checks**: To prevent service failures, configure liveness and readiness probes under the **Health Checks** section. You can use cURL commands and implement appropriate configurations such as no network traffic allowed during deployment.\n\n6. **Optional: Auto-Scale Minima**: If you wish to avoid scaling below a threshold, click **Configure Minimum Scaling** to set it to 2.\n\n7. **Save Changes**: Click **Update** to apply the changes. If there's a need to update the scaling plan later, simply navigate back to **Scaling Plans**.\n\n### Important Considerations\n- It's crucial to ensure that your component is in the **Active** state before enabling auto-scaling.\n- The number of replicas is determined based on CPU usage thresholds across the defined scaling plans.\n- Be aware that you can have a single replica running in a development environment.\n\nThis process allows your applications to scale effectively based on their needs while maintaining critical functionalities like health checks and minimum thresholds.\n\nFor more detailed information, you can refer to the [Automatic Scaling documentation](https://wso2.com/choreo/docs/devops-and-ci-cd/configure-autoscale/#set-up-automatic-scaling-for-your-application).",
"In Choreo, there are several options for data storage depending on the level of access control you need:\n\n1. **Public (Open Access)**: This setting allows anyone to read and write data from any location globally. It is useful when you want to share data openly but may be less secure.\n\n2. **Private (Organization Access)**: In this case, only components within your organization can access and modify the data. This provides some level of security as access is restricted to internal resources.\n\n3. **Private (Restricted Access)**: This option restricts data access to specific users defined within your organization. Only those assigned roles will have the ability to read or write data, making it more secure compared to private (organization access).\n\nAdditionally, it's important to note that the level of access you choose will determine how you connect your service, web application, or API to your backend database:\n\n- For connections with **Public** access, you can use URLs in formats like `https://public.example.com/test`.\n- For **Private (Organization Access)**, you will need a fully qualified domain name (FQDN) like `http://org1-postgresql-ex/sampledb`.\n- With **Private (Restricted Access)**, you need an FQDN like `http://priv-restricted-postgresql-sample/postgres-sampledb`, which will require additional configuration using a CNAME mapping for the service hostname in your DNS settings.\n\nFor further details on configuring data stores and the steps involved, you can refer to the [Choreo Documentation on Creating a Connection](https://wso2.com/choreo/docs/develop-components/sharing-and-reusing/create-a-connection).",
"To create a webhook using Choreo, follow these steps:\n\n1. In the Choreo Console, click on the **Organization** list header.\n2. In the left navigation menu, click **Dependencies** and then click **Webhooks**.\n3. Click **+ Create Webhook**.\n4. On the **Create Webhook** page, configure the required fields according to your use case:\n   - **Endpoint**: Define where to deliver the payload.\n   - **Access Token**: This token provides permissions to the webhook. You can define roles and grant them the necessary permissions.\n5. After filling out all the fields, click **Create**.\n\n### Important Notes:\n- Ensure you have the required permissions to create webhooks within your organization, as this might depend on the API publisher’s permissions.\n- To generate a secret key, navigate to **Applications** > **Credentials** in the Choreo Developer Portal and follow the process under the **Production** tab.\n\nThis comprehensive guide will allow you to effectively create and manage webhooks in Choreo.\n\nFor more detailed information, you can refer to the following documentation: [Create a Webhook](https://wso2.com/choreo/docs/develop-components/develop-webhooks/#create-a-webhook).",
"Yes, users can set usage limits for APIs based on different API tiers in Choreo, allowing for varied access permissions depending on subscription types. Here's how it works:\n\n1. **API Tiers**: You can define different tiers for your APIs, each with unique subscription models and associated usage limits.\n  \n2. **Usage Limit Settings**:\n   - For every API tier, you can set:\n     - Minimum invocation count\n     - Maximum invocation count\n     - Request time limit (in minutes)\n\n3. **Automatic Enforcement**:\n   - Once you configure the usage limits and create an API component with that specific API tier, those limits will be enforced automatically for all users purchasing plans under that tier.\n\n### Steps to Configure API Usage Limits:\nTo configure API usage limits, follow these general steps:\n\n1. Navigate to the component you want to manage.\n2. Access the API settings and ensure that `BOTH` mode is enabled in the access control settings. This allows backend authentication tokens to be used without specifying an OAuth scope.\n3. Set up API usage limits according to the selected API tier, including defining:\n   - `maxInvocations`: The maximum number of allowed requests within a specified timeframe. A common setting is `500` requests per minute.\n   - `timeUnit`: Choose the desired time unit (such as minutes).\n   - `requestTimeLimitInMinutes`: Specify the request time limit in minutes.\n\n4. Save your changes.\n\n5. Publish your API component to apply the settings.\n\n6. Create an API plan with the applicable tiers and assign the appropriate limits for those tiers.\n\n7. Finally, promote the API to production and deploy the backend service.\n\n### Visual Representation:\n![Configure API Usage Limits](https://wso2.com/choreo/docs/assets/img/administer/configure-api-usage-limits.png)\n\nFor more detailed information and guidance, you can refer to the official documentation [here](https://wso2.com/choreo/docs/administer/configure-api-usage-limits/).",
"To monitor the performance of your services running on the Choreo platform, you have access to several built-in monitoring capabilities, along with options to integrate additional third-party services. Here’s how you can do this effectively:\n\n### Built-In Monitoring\nChoreo provides the following key metrics for performance monitoring:\n\n| **Metric**                     | **Unit**           | **Description**                                                     |\n|-------------------------------|--------------------|-------------------------------------------------------------------|\n| **Requests per second**       | RPS                | Number of API requests handled in a specified time unit.      |\n| **99th percentile response time| ns                 | 99th percentile response time during the measurement time unit.   |\n| **Response size**             | B                 | Response payload size.                                             |\n| **Latency**                    | ms                 | Time taken from request arrival to first byte of response.     |\n| **Errors**                     | # of errors         | Error count during the specified measurement time unit.          |\n| **5xx errors**                 | Count               | Count of network errors.                                           |\n| **700-799 status codes**      | Count               | Count of status codes in the range 700-799.                   |\n| **Total request duration**    | Duration            | Total request duration including network latency and processing time. |\n\nThese metrics can be accessed through the **Observability** page in Choreo, which displays a dashboard with real-time data visualization of these metrics.\n\n### Integrating Third-Party Services\nIf you need to gather deeper insights, you can integrate additional third-party services. Currently, Choreo supports integrating the following tools for enhanced monitoring:\n\n1. **New Relic**\n   - This service monitors application performance across multiple environments while identifying bottlenecks that could impact user experience.\n\n   ![Third party services - New Relic](https://wso2.com/choreo/docs/assets/img/monitoring-and-insights/third-party-services/new-relic.png)\n\n2. **Datadog**\n   - This tool allows you to observe logs in real time, visualize resource usage, and gain valuable insights into your application’s performance.\n\n   ![Third party services - Datadog](https://wso2.com/choreo/docs/assets/img/monitoring-and-insights/third-party-services/datadog.png)\n\n### Conclusion\nBy leveraging the built-in monitoring capabilities and integrating third-party services, you can effectively monitor the performance of your services on the Choreo platform. For further details and visual representations of the metrics, you can check out the [Observability Overview documentation](https://wso2.com/choreo/docs/monitoring-and-insights/observability-overview/#built-in-monitoring).",
"To deploy a new version of your service from a different branch in the same component using Choreo, follow these steps:\n\n### Prerequisites\nBefore you begin, ensure you have the necessary permissions for promoting components. Specifically:\n- You need **ENVIRONMENT-MANAGEMENT** permission to promote components.\n- You should have **PROJECT-MANAGEMENT** permission if you plan to create a new environment while promoting the component.\n\n### Steps to Deploy from a Different Branch\n1. In the **Component Listing** pane, select the component you want to deploy.\n2. Navigate to **Deploy** in the left menu of the Choreo console.\n3. In the **Build Area** card, click **Configure & Deploy**.\n4. In the **Set Up** pane that appears, click the **Branch List** dropdown to view branches linked to your GitHub account repository.\n5. Select the desired branch that contains the updated code for your service.\n6. Click **Deploy**.\n\n### Important Notes\n- When deploying from a different branch, you might need to update any references or configurations to accommodate changes made in that branch.\n- Ensure you have tested the application locally before promoting it to verify that the deployment works as expected.\n\nFor further details, you can refer to the documentation [here](https://wso2.com/choreo/docs/develop-components/develop-services/bring-your-own-image/#deploy-the-service).",
"In Choreo, pricing plans are primarily categorized into three main types: Pay-per-use, Startup+ Monthly, and Startup+ Annual. Here's a breakdown of each plan:\n\n1. **Pay-per-use**: This plan is suitable for users who prefer to consume cloud resources on demand and do not require dedicated infrastructure. It allows for flexible consumption and does not involve any upfront commitment.\n\n2. **Startup+ Monthly**: For organizations requiring lower resource requirements, this option is available at an annual subscription rate of US$300 per year. It includes usage limits across compute, database, storage, and API boxes to ensure that users do not exceed their needs.\n\n3. **Startup+ Annual**: Similar to the Monthly plan but with a longer contract period. The annual subscription rate remains US$300, providing benefits for long-term planning while also being more cost-effective over a year-long commitment.\n\nPlease note that these plans can vary based on the geographical region and other factors, so it's essential to check the exact rates applicable in your area.\n\nFor detailed information regarding billing and payment options in Choreo, you can refer to the [Choreo Billing & Payment Options documentation](https://wso2.com/choreo/docs/references/billing-and-payment-options/).",
"To limit the number of requests coming to your API in Choreo, you can use the rate-limiting features provided by the environment where your components are deployed. Choreo automatically applies certain rate-limiting settings to improve the performance and stability of your deployments. While Choreo does enforce rate limits, it does not allow for customization via configuration files or source code. The specific rate limits vary depending on the region and environment you are in:\n\n| Region  | Default Rate Limit for API Requests | Default Rate Limit for WebSocket Connections |\n|---------|-----------------------------------|-------------------------------------------|\n| US-South| 10 requests per second            | 10 requests per second                   |\n| EU       | 30 requests per second            | 10 requests per second                   |\n| US-East | 30 requests per second            | 10 requests per second                   |\n\nIf your application consumes a significant number of outgoing messages, you may also encounter throttling for outgoing request traffic, which might affect performance. This default behavior may not meet the requirements of critical applications, so you should consider implementing additional measures if needed.\n\nFor more detailed information about managing incoming and outgoing traffic, please refer to the [Control Traffic](https://wso2.com/choreo/docs/devops-and-ci-cd/control-traffic/) documentation.",
"To manage the traffic entering your API in Choreo, you can utilize two primary traffic control modes: **Request Throttling** and **Rate Limiting**. Both modes help ensure that the load on your backend is managed effectively. Here’s how you can apply each:\n\n### Request Throttling\n- **Definition**: This mode limits the number of requests allowed during a specified time window.\n- **How it Works**: You set a threshold, and Choreo automatically adjusts based on this limit, allowing requests without further restrictions once the quota is met.\n- **Use Cases**: Ideal for situations where you want to prevent unexpected spikes in traffic, particularly during promotional periods or for testing purposes.\n\n![Request throttling](https://wso2.com/choreo/docs/assets/img/api-management/manage-api-traffic/request-throttling.png)\n\n- **Important Consideration**: It’s essential to configure user-based quotas to avoid blocking legitimate requests unnecessarily.\n\n### Rate Limiting\n- **Definition**: Rate limiting controls the maximum number of requests allowed within a given timeframe.\n- **How it Works**: It prevents single users from overwhelming your backend service. By setting specific rate limits, you can ensure that critical services remain responsive and available to users.\n- **Use Cases**: Suitable when managing sudden traffic spikes, ensuring optimal performance, and protecting your services against abuse.\n- **Advanced Configuration**: In addition to basic settings, you can apply custom headers to better manage request flow.\n\n![Rate-limiting settings](https://wso2.com/choreo/docs/assets/img/api-management/manage-api-traffic/configure-rate-limiting.png)\n\n### Implementation Steps\n1. In the left navigation menu, click **Traffic Control**.\n2. To enable Request Throttling, choose the environment from the list and specify a user-based quota.\n3. Click **Apply** to apply the new settings. The request count will now be monitored, and a warning notification will appear when the limit is reached.\n4. To enable Rate Limiting, go to **Settings**, then to the **API Management** section under **Advanced Configurations** and follow similar steps to apply rate limits.\n\nBy implementing these traffic management techniques, you can effectively control how incoming traffic is handled for your APIs.\n\nFor more detailed information, you can refer to the documentation on [Control Traffic to Your API](https://wso2.com/choreo/docs/api-management/manage-api-traffic/) and [Throttle API Requests with Request Throttling](https://wso2.com/choreo/docs/api-management/manage-api-traffic/throttle-api-requests-with-request-throttling/).",
"To perform vulnerability scanning in Choreo using Trivy, there are different approaches depending on whether your component is a service or a Web Application. Here's a step-by-step guide for each scenario:\n\n### Vulnerability Scanning Methodologies\n\n1. **Built-in Vulnerability Scanner**:\n   - This scans your container images to detect vulnerabilities.\n   - The default behavior is to scan new images upon build, allowing you to view past results in the scan history tab.\n   - To enable built-in vulnerability scanning, go to the **DevOps** section in the Choreo Console, navigate to the **Scanners** pane, and then to the **Trivy** card.\n\n2. **Trivy CI Secrets**:\n   - Alternatively, you can enable vulnerability scans through Trivy CI secrets.\n   - In this case, Trivy automatically triggers scans for every commit.\n   - This requires generating a secret at your Git provider and copying the generated token, which must be stored securely (e.g., in GitHub Actions).\n   - You need to include this token in your Dockerfile or CI pipeline script for the scan to run during each deployment.\n\n   ![Trigger image scan with trivy](https://wso2.com/choreo/docs/assets/img/references/image-scan-with-trivy.png)\n\n### Building a Container Image\nBefore running the scan, ensure you have built the container image associated with your component. You can do this from the **Component Listing** pane, select your component, click **Build**, and complete the build process.\n\nFor more detailed instructions on building a container image, see the [Build a Container Image](./build-a-container-image.md) document.\n\n### Running a Trivy Scan\nOnce you have enabled vulnerability scanning, running a scan varies depending on your setup:\n\n#### For Built-in Scans:\n1. Navigate to the **Scan History** page in the DevOps section of your component.\n2. Click on **Run Scan** and choose your desired scan type.\n\n![Trivy scan icon](https://wso2.com/choreo/docs/assets/img/references/trivy-icon.png)\n\n![Trivy scan icon](https://wso2.com/choreo/docs/assets/img/references/trivy-run.png)\n\n#### For Trivy CI Secrets:\nYou run the Trivy scan automatically when a new commit is pushed, so it typically does not require manual triggering.\n\nFor a comprehensive understanding of vulnerability scanning configurations, including enabling secrets and managing access keys, visit the following documentation:\n- [Enable Security Context Secret Mount](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-secrets-and-security-context/#step-3-enable-security-context-secret-mount)\n- [Create a Container Registry Secret](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-secrets-and-security-context/#step-4-create-a-container-registry-secret)\n\nIf your issue persists, consider checking the following:\n- Ensure that your Git repository URL is configured correctly in the Choreo console.\n- Verify that your component is deployed and ready for scanning.\n\nIf you need further assistance, feel free to ask!",
"To troubleshoot issues related to the vulnerability scan in the Choreo console, it's important to address the following common causes:\n\n### 1. **Container Images Missing or Unauthorized Access**\n   - Ensure that your container images are present in the image repository, whether in a private registry or publicly available via Docker Hub.\n   - If your images are stored in a private container registry, ensure that the credentials for accessing these images are set up correctly in the Choreo Console settings under **Credentials**.\n   \n   ![Set credentials](https://wso2.com/choreo/docs/assets/img/reports-and-insights/security/set-credentials.png)\n\n   Additionally, verify that you have set the necessary permissions to view and list your private images from the Container Registries section.\n\n   ![Verify permissions](https://wso2.com/choreo/docs/assets/img/reports-and-insights/security/verify-permissions.png)\n\n### 2. **Incorrect Component Image Mapping**\n   - Make sure that the component name entered in the Vulnerability Scan Wizard matches the name of your component exactly as it is listed in the Choreo console.\n\n### 3. **Unauthorized Container Scan Permissions**\n   - The default permission for the vulnerability scanning component does not allow scans for all components. Therefore, ensure that you have either:\n     - Updated the component-level permission to grant scan access for your project. Click **Edit Permissions**, select **Scan**, and apply the group. If no permission is granted, check the **+ Add Role** dropdown to include the `SCAN_IMAGE_SECURITY` role, which grants permission for scanning all components.\n   \n     ![Update component permissions](https://wso2.com/choreo/docs/assets/img/reports-and-insights/security/update-component-permissions.png)\n\n     OR\n\n   - Assigned the `SCAN_IMAGE_SECURITY` group level permission to specific groups.\n\n   ![Update group level permissions](https://wso2.com/choreo/docs/assets/img/reports-and-insights/security/update-group-permissions.png)\n\nIf after following these steps the issue persists, you can reach out to support for further assistance. Here’s the link for support: [Choreo Support](mailto:support@wso2.com).",
"To securely manage your secrets and configuration files like secret keys for a React web application in Choreo, you can follow these best practices:\n\n1. **Use Configurations:**\n   - Instead of storing sensitive information directly in your source code, use the built-in configurations feature provided by Choreo. This allows you to manage sensitive data separately from your application logic.\n\n2. **Environment Variables:**\n   - Set environment variables as configurations, which will enable security through encryption during transmission. Environment variables are particularly useful when you need to expose configuration and secret values to components within your project while keeping them confidential.\n\n3. **Secrets:**\n   - Use secrets for data that should not be exposed, such as database passwords or API keys. Secrets are not encrypted on their own, but you can set a token to decrypt them, making them available via environment variables. Note that this means that secrets are only secure if they are not copied into buildpack secrets caches or committed to Git repositories.\n\n4. **Manage Secrets and Configurations:**\n   - To create a configuration or secret, go to the **Component Listing** pane, select your component, and then navigate to the appropriate environments to add configurations or secrets.\n\n5. **Use a Secret Store (if necessary):**\n   - If you have secrets that require management beyond simple configurations and secrets, you can utilize the integrated Secret Store. This feature allows you to define a secret as per its intended usage type and provides options to view, edit, or delete it later if needed.\n\nHere’s a brief overview of the process for adding configurations or secrets:\n\n- **For Configurations**: \n  1. In the left navigation menu, click on **DevOps** and then **Configs & Secrets**.\n  2. Click on **+ Create**.\n  3. Define your configuration or secret and follow the prompts to save it.\n\n- **For Secrets**: \n  1. In the left navigation menu, click on **Security** and then **Secrets**.\n  2. Click on **+ Add**.\n  3. Define your secret details and store it.\n\nBy following these guidelines, you can ensure that your secret keys and configurations remain secure and managed effectively within Choreo.\n\nFor more detailed steps, you can refer to the official documentation: [Secure Storage Options](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-configurations-and-secrets/#secure-storage-options).",
"To secure your web application effectively within the Choreo environment, follow these recommended steps:\n\n1. **Implement Authentication**: Use the built-in identity provider (IdP) in Choreo for managing user authentication. This includes setting up user management, groups, and roles, which will facilitate secure access control.\n   \n2. **Enable Two-Factor Authentication (2FA)**: To add an extra layer of security to your web app, enable two-factor authentication for user accounts. This helps prevent unauthorized access by requiring additional verification beyond just a password.\n\n3. **Secure Web Applications**:\n   - Use the provided web application component types to create your application and configure the necessary security settings during deployment.\n   - Ensure that any API invoked through your web application has proper security measures in place, such as rate limiting, throttling, and JWT validations to safeguard against API abuse and potential vulnerabilities.\n\n4. **Use Service Chain for Single Sign-On (SSO)**: Implement a service chain with your external identity provider for integrating with Choreo. This allows you to manage user sessions across different applications seamlessly.\n\n5. **Observe Application Security**: Monitor application-level logs and alerts to detect and mitigate any security threats. This can include identifying unusual activity that may indicate a breach or unauthorized access attempt.\n\nFor more detailed information on implementing security measures within Choreo, you can refer to the following documentation:\n- [Protect Your Web App with Managed Identity](https://wso2.com/choreo/docs/authentication-and-authorization/secure-web-applications-with-managed-idp/#step-1-configure-the-built-in-idp-for-your-choreo-account)\n- [Manage Applications](https://wso2.com/choreo/docs/consuming-services/manage-application/#configure-built-in-idp-for-self-sign-up-and-manage-users-in-your-organization)\n- [Develop a Secure Web Application](https://wso2.com/choreo/docs/develop-components/develop-web-applications/develop-a-secure-web-application/)",
"To protect an API in Choreo, you can utilize various methods depending on your requirements, primarily through two approaches: OAuth 2.0 Authentication and Asgardeo. Here’s how each works:\n\n### 1. Using Choreo's Built-In Authentication Functionality\nChoreo provides a built-in method for securing APIs that uses the `x-api-key` header. This method grants restricted APIs to authorized keys rather than implementing OAuth. The steps include:\n\n1. **Create an API Proxy**: Deploy the API proxy and define the API path under **Set Up** > **Endpoint Mapping**.\n   \n2. **Enable Security Context**: Go to **Develop** > **Deploy**, where you can enable security context.\n\n3. **Set Up the API Key**: In the **API Info** tab under **Basic Details**, set the **Key Name** and click **Generate** to create the API key.\n\n4. **Deploy the API**: Click **Deploy** to register the API with Choreo.\n\nThis approach allows for secure access without integrating additional tools like Asgardeo.\n\n### 2. Using OAuth 2.0 Authentication\nOAuth 2.0 is another effective method to protect your APIs. It involves creating an application in Choreo and assigning permissions to the API components you wish to secure. Here are the steps:\n\n1. **Assign Permissions**: In the Choreo console, select the component you want to secure under **Deploy**.\n   - Click on **Endpoint Configurations**.\n   - In the **Permissions List**, enter a permission name and click **+Add New**.\n   - Assign the desired permissions to the relevant endpoints.\n\n2. **Manage API Key Settings**: After deploying the API, manage API key settings under **Manage** > **API Keys** to retrieve the necessary keys.\n\nBy following these steps, you can effectively protect your APIs in Choreo using either built-in security or OAuth 2.0.\n\nFor more detailed instructions, you can refer to the documentation on [securing an API with Choreo built-in security](https://wso2.com/choreo/docs/authentication-and-authorization/secure-api-access-with-choreo-built-in-security-token-service/) and [secure API access with Asgardeo](https://wso2.com/choreo/docs/authentication-and-authorization/secure-api-access-with-asgardeo/#set-up-an-asgardeo-application).",
"To invite new members to your organization in Choreo, follow these steps:\n\n1. **Navigate to Organization Settings**: In the Choreo Console header, click on the **Organization** list and select your organization.\n\n2. **Access Members Section**: Click on the **Members** tab under the **Organization Home** section.\n\n3. **Invite New Members**: \n   - To invite new users, you need to create a **Choreo account** for them if they don't already have one. You can do this by inviting them via email.\n   - Alternatively, you can copy their invitation link and share it with them so they can join through that invitation.\n\n4. **Inviting Existing Users**: If you want to invite users from existing accounts, ensure they have a valid email address.\n\n5. **Add Invited Members**: After entering the details of the new member, click the **+ Add Members** button to finalize the invitation.\n\nOnce the invitations are confirmed, the invited members will receive an email with further instructions to join your organization in Choreo.\n\nFor detailed steps and additional information, you can refer to the documentation here: [Invite members](https://wso2.com/choreo/docs/administer/invitations/#invite-members).",
"To restrict your API in Choreo such that only administrators can view it, follow these steps:\n\n1. **Navigate to Your Component**: In the **Component Listing** pane, click on the component for which you want to set the visibility.\n   \n2. **Open Settings**: Click on **Settings** in the left navigation menu.\n\n3. **Select Security Level**: Go to the **Authentication Details** tab and select **API-Level Security Policy**.\n\n4. **Adjust Access Control**: Set the access control level according to your requirements. Here, you should choose **Administrator** as the permission level.\n\n5. **Finalize Configuration**: Click **Apply** to save your changes.\n\nThis process ensures that only users with the `ROLE_SUPER_ADMIN` permission will be able to access the API.\n\nFor more detailed instructions, you can refer to the official documentation: [Restrict API access](https://wso2.com/choreo/docs/authentication-and-authorization/test-secure-api-access-with-choreo-built-in-security-token-service/#step-3-restrict-api-access).",
"To get started with the Choreo CLI on your computer, follow these steps:\n\n### Prerequisites\nBefore you begin, ensure you have met the following requirements:\n- Basic knowledge of command-line interfaces.\n- Access to a computer running an operating system (Windows, macOS, or Linux).\n- An internet connection, as you will need an active Google account to register and activate your project.\n\n### Step 1: Register Your Project\n1. In the Choreo Console, navigate to the **Organization** section.\n2. Click on **+ Create Project**.\n3. Fill in the required details such as:\n   - **Organization Name**: This can be set up later, but for example, you might enter **Acme Corp**.\n   - **Project Name**: Choose a suitable name, like **Choreo Demo**.\n4. Click **Create**.\n5. You will receive an activation key that you need to add as a GitHub account in the next step. To generate an access token, go to the [Choreo Developer Portal](https://devportal.choreo.dev), navigate to the **Credentials** tab under **Tokens**, and copy the `Consumer Key` for use later.\n\n### Step 2: Add Credentials for Your Component\nThis step depends on the type of component you want to create. You can add credentials while creating a new API or service by specifying:\n- **Vendor Endpoint**: Choreo allows connecting to various cloud providers.\n- **Credential Type**: You can configure different types such as those specific to AWS, Azure, GCP, and others.\n- **Environment Variables**: Define any required environment variables necessary for deployment.\n\n### Step 3: Connect Your Git Repository\n1. Ensure your GitHub repository is publicly accessible or fork it to make it public.\n2. In the Choreo Console, go to **Dependencies** under the left navigation menu, then select **Connect a Git Repository**.\n3. Choose **Microsoft GitHub Enterprise Cloud** from the list.\n4. Select the **Organization** you registered earlier and enter the **Repository Name**.\n5. Click on **Next** and confirm that the **Branch Tracking** option should match your repository's main branch.\n6. Click **Add Branches** to enable all branches automatically.\n7. Finally, choose the **Commit Branch** you want to use and save your connections.\n\nOnce these steps are completed, you will have successfully installed and activated the Choreo CLI on your system and set up your basic development environment.\n\nFor further details on specific commands and configurations, you may refer to the official documentation: [Quick Start Guide](https://wso2.com/choreo/docs/references/quick-start-guide/#prerequisites) and [Add a Git Repository](https://wso2.com/choreo/docs/develop-components/develop-components-with-git/#add-a-git-repository).",
"To configure auto-scaling for your applications in Choreo, you need to ensure that you have selected a suitable managed database for your backend service and applied appropriate configurations during the deployment process. This allows Choreo to dynamically adjust the scaling of your application based on resource allocation and request load.\n\nHere are the key steps to enable auto-scaling:\n\n1. **Component Deployment**: After deploying your application in Choreo, make sure it is running on a private data plane.\n   - Note: Automatic scaling is currently supported only on private data planes; HPUX and public cloud data planes do not support auto-scaling.\n\n2. **Select Managed Database**: Ensure you have a managed database available in your backend service. Choreo supports various managed databases, including PostgreSQL, MySQL, Redis, and TiDB.\n\n3. **Deployment Process**: During the deployment of your service:\n   - Navigate to the **Deploy** section in the Choreo Console UI and click on **Configure & Deploy**.\n   - In the environment card, go to **Scaling** and set up the desired scaling configurations, which include:\n     - Minimum replicas\n     - Maximum replicas\n   - If you wish to utilize auto-scaling, select **ScaleToFit Requests**, which adjusts the number of replicas based on average incoming traffic.\n\nOnce these steps are completed, Choreo will automatically manage the scaling of your application, providing better resource management and performance based on your workload needs.\n\nFor further details, you can refer to the [Manage autoscale settings](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-autoscale-settings/) guide.",
"To address the issue of your service receiving too many requests leading to performance degradation or overload, there are several strategies you can implement:\n\n1. **Implement Rate Limiting**: Use Choreo's ability to apply rate limiting to protect your backend from overwhelming traffic.\n   - **API-level Rate Limiting**: This allows you to set limits on the number of requests a client can make to your API, regardless of the user making the requests.\n   - **User-based Rate Limiting**: This restricts requests from a specific user or application ID, which is useful if you want to control specific applications without affecting others.\n\n   For detailed steps on configuring rate limiting:\n   - [Configure API Rate Limits](https://wso2.com/choreo/docs/api-management/api-rate-limiting/#configure-api-rate-limits)\n   - [Configure User-Based Rate Limiting](https://wso2.com/choreo/docs/api-management/configure-user-based-rate-limiting-for-api-access/)\n\n2. **Optimize Backend Resources**: Ensure that your backend service can handle sudden spikes in requests by:\n   - Upgrading hardware resources if necessary.\n   - Scaling horizontally to distribute load effectively. \n\n3. **Implement Throttling on the Frontend**: If your backend is already under control, you can also apply throttling at the frontend level to limit connections.\n   - You can utilize tools like NGINX to manage the connection limits. For further details:\n     - [Prevent API Connection Storm with Throttling](https://wso2.com/choreo/docs/performance-and-scaling/prevent-api-connection-storm-with-throttling/) \n     - [Rate Limiting on the NGINX Edge Side with BPF](https://github.com/NginxEdge/limiter)\n\n4. **Use Caching**: Implement caching techniques to reduce the load on your backend. This can significantly decrease response times, especially during peak loads.\n   - [Cache Options in Choreo](https://wso2.com/choreo/docs/develop-components/configure-caches/#cache-options-in-choreo)\n\nBy implementing these strategies, you can effectively manage the request volume and ensure optimal performance even under heavy traffic.\n\nFor additional insights into optimizing services and handling incoming requests efficiently, please visit the following pages:\n- [Curl - A Powerful CLI Tool](https://curl.haxx.se/docs/why_curl.html)\n- [Optimize Your Service Performance](https://wso2.com/choreo/docs/optimize/overview/#optimize-your-service-performance)"
]

data_samples = {
    'question': questions,
    'answer': answers,
    'ground_truth': ground_truths
}
dataset = Dataset.from_dict(data_samples)
score = evaluate(dataset,metrics=[answer_correctness])
score.to_pandas()

Evaluating:   0%|          | 0/42 [00:00<?, ?it/s]

Unnamed: 0,user_input,response,reference,answer_correctness
0,How to deploy a webapp?,To deploy a web application on the Choreo plat...,"To deploy a web application in Choreo, follow ...",0.426212
1,"How to resolve """"Module not found error"""" duri...","The ""Module not found error"" typically occurs ...",To resolve a **Module not found** error during...,0.35876
2,How to add authentication to my service?,To enhance the security and privacy of your se...,To add **authentication** to a service in **Ch...,0.532304
3,How to add a custom domain to my web app?,To add a custom domain for your web applicatio...,to add a custom domain to a web app in Choreo:...,0.438149
4,How can I test my service?,"To test your service in Choreo, you can use bo...","To test your service in **Choreo**, you can us...",0.308353
5,How can I add environment variables to python ...,To add environment variables to a Python web a...,"To set up environment variables in **Choreo**,...",0.394154
6,How to connect the React frontend to the backend?,To establish connectivity between your React f...,1: Create and Deploy Your Backend Service\nFir...,0.536937
7,How can I deploy my backend and then connect i...,To connect a backend application deployed on t...,To deploy a backend service on Choreo and conn...,0.3858
8,How can I implement testing for a full-stack a...,To implement comprehensive testing for a full-...,To implement automated testing for both fronte...,0.421185
9,"I'm getting """"procfile not found"""" error for m...","I'm sorry, but I can only assist with issues r...",The error you're encountering is because Chore...,0.21162


## rtweera/2025-May-22_15-43-18_Qwen2.5-7B-Instruct-unsloth-bnb-4bit_LoRA

In [24]:
from datasets import Dataset 
from ragas.metrics import answer_correctness
from ragas import evaluate

answers = [
"To deploy a web application using Choreo, you can follow these steps:\n\n### Step 1: Create a New Project\n1. In the Choreo Console, click on **Create**.\n2. Choose the **Web Application** card.\n3. Select your preferred programming language (such as Go, Java, Node.js, Python, etc.).\n4. Provide a name, description, and other project details to complete the creation of your web application project.\n\n### Step 2: Build the Web Application\n- Choreo automatically builds the source code you provide via a Dockerfile. It follows best practices for secure container building and provides enhanced security features for container creation.\n- Ensure your web application can be deployed to a specified URL, which will be part of the configuration required during deployment.\n\n### Step 3: Deploy the Web Application\n- To deploy your web application, go to the **Deploy** section in the Choreo Console.\n- The deployment process may take some time. You will need to provide configurations for the application, such as domain and port.\n- After the deployment, verify the URL of your web application to ensure it's accessible.\n\n### Additional Information\n- If your web application is in an HTTP service, you can invoke it directly through the URL.\n- For more detailed instructions, you can refer to the documentation on deploying and managing a web application: [Deploy and Manage a Web Application](https://wso2.com/choreo/docs/develop-components/deploy-and-manage-a-web-application).\n\nBy following these steps, you should be able to successfully deploy your web application using Choreo.",
"The \"Module not found error\" encountered during the deployment of a Python project in Choreo can typically be resolved by ensuring that all required dependencies are correctly specified in your project’s requirements file and that they are included in the buildpack.\n\n### Steps to Resolve \"Module Not Found Error\":\n\n1. **Specify Dependencies**: Ensure that your `requirements.txt` file includes all the necessary packages needed for your Python application. For example:\n   ```txt\n   fastapi>=0.78.0\n   pydantic>=1.10.3\n   uvicorn>=0.20.0\n   ```\n   This file should be placed at the root of your source code directory. If it isn’t there, make sure to include it.\n\n2. **Ensure Correct Build Configuration**: When building your component, verify that the necessary buildpack settings for Python are properly configured to include all dependencies. \n\n3. **Check Component Configuration**: If applicable, update the **Component Configurations** to reflect any specific settings related to your deployment.\n\n4. **Redeploy Your Component**: After making these changes, go to the **Deploy** page and click on **Configure & Deploy** to apply the updates.\n\nIf the issue persists despite these steps, consider checking the logs for more detailed error messages that might provide additional insights into what is missing or incorrect.\n\nFor further details, you can refer to the following documents:\n- [Choreo Build and Deployment Architecture](https://wso2.com/choreo/docs/references/choreo-build-and-deployment-architecture/#build-process)\n- [Build Python Projects](https://wso2.com/choreo/docs/develop-components/build-and-deploy-python-code/)",
"To add authentication to your service in Choreo, follow these steps to enable OAuth 2.0-based security:\n\n### Prerequisites\nBefore you start, ensure you have the following:\n- **Valid OAuth application credentials**: You can generate these from the [Choreo Developer Portal](https://devportal.choreo.dev/).\n- **Credentials for the backend**: You will need to set this in the **Secrets** tab when configuring the application.\n\n### Steps to Enable OAuth Authentication\n1. In the **Component Listing** pane of the Choreo Console, select the component that you want to secure.\n2. Navigate to the left menu and click on **Manage**.\n3. Click on the **Endpoints** tab and then select **Security Settings**.\n4. In the Security Settings pane, select the **OAuth2secured** list to enable OAuth security at the endpoint level.\n5. Click **Next** to proceed.\n6. If your component needs access tokens to interact with other services, select appropriate roles that will have the necessary permissions. Ensure that you use roles that you created within the same project for this purpose.\n7. Finally, click **Apply**. The endpoint will be secured, and a configuration page will be displayed with relevant endpoints required for OAuth authorization.\n\n### Important Notes\n- If your application uses Choreo’s built-in Identity Provider (IdP), Choreo generates the secret automatically, and you won't need to enter a client ID or secret in the **Choreo Built-in IdP** tab.\n- It's crucial to remember that when OAuth is enabled, the `GET` method will be applied to the endpoint to retrieve the `token_endpoint`. If the endpoint does not support `GET` method calls, the OAuth flow will fail.\n\nBy following these steps, you can successfully implement OAuth authentication for your service in Choreo.\n\nFor more detailed instructions, you can refer to the documentation here: [Secure APIs with OAuth 2.0](https://wso2.com/choreo/docs/authentication-and-authorization/secure-apis-with-oauth-2-0/#step-1-enable-oauth20-security-for-the-rest-api-you-created).",
"To add a custom domain to your web application in Choreo, follow these steps:\n\n1. In the Choreo Console, go to the top navigation menu and click **Organization**. Then select your organization.\n2. In the left navigation menu, click **Settings** to access the organization-level settings page.\n3. Click the **URL Settings** tab, then navigate to the **Active Domains** tab. Here, you will see the available domains for your organization.\n4. Click **Add Domains**.\n5. Under **Environment Selection**, choose the appropriate environments for your web application.\n6. Select the specific project where your web application is located.\n7. Choose the **webapp.pizza.choreoapis.dev** option from the Available Domains list.\n8. Specify the port number, which defaults to 80.\n9. Enter a domain name that reflects your brand. For example, `yourbrand.webapp.pizza.choreoapis.dev`.\n10. Click **Next** to proceed.\n11. Choose whether to use an external DNS provider or the cloud DNS managed by Choreo. If you opt for cloud DNS, Choreo will automatically generate CNAME target values during the verification process.\n12. Create DNS records linking your custom domain with the provided CNAME target value using your DNS provider.\n13. Once the DNS records are created, return to the Choreo console and click **Verify** to check the mapping. If the verification is successful, proceed to the next step. \n   > **Warning**: The custom domain is not applied immediately. Wait until it is enabled in production for your component to be accessible through the configured custom domain.\n14. Finally, click **Add** to complete the process.\n\nThis sequence will successfully add a custom domain to your web application in Choreo.\n\nFor more detailed instructions, you can refer to the following documentation: [Configure a Custom Domain for Your Organization](https://wso2.com/choreo/docs/administer/configure-a-custom-domain-for-your-organization/#configure-a-custom-domain-for-an-organization).",
"To effectively test a service in Choreo, you can follow several approaches depending on your specific requirements and the nature of your service:\n\n### 1. **Manual Testing**\n   - This involves invoking your component manually from the [Component Listing](https://devportal.choreo.dev/choreo/applications/{application-id}/components) page to verify its functionality.\n   - Steps:\n     1. Navigate to the **Component Listing**.\n     2. Click on the desired component to open the **Overview** page.\n     3. Use the **Try it Out** option under the desired endpoint to test it directly.\n\n### 2. **Integration Testing via the Choreo Console**\n   - Utilize the Choreo Console to facilitate automated testing of service components.\n   - This allows for testing the interactions between different services efficiently.\n   - Note that integration tests can run on specific environments (Development, Staging, Production).\n\n### 3. **Creating a Dedicated Test Component**\n   - Develop a dedicated component solely for testing purposes within your Choreo project.\n   - This approach helps isolate testing activities, ensuring they do not interfere with production systems.\n\n### 4. **API Management Testing**\n   - For API management, focus on validating endpoint functionalities, response statuses, latency, security features, and error conditions during testing.\n   - Ensure that the API behavior meets expectations across different scenarios.\n\n### 5. **Observability Insights**\n   - Monitor your services using the observability insights in Choreo, which include logs, usage patterns, latency details, errors, and warnings.\n   - This data can significantly enhance your testing process by providing real-time feedback.\n\nBy combining these methods, you can thoroughly test your services in various scenarios and ensure their reliability. \n\nFor more detailed steps and guidelines, please refer to the [Testing Services and Components Documentation](https://wso2.com/choreo/docs/testing/test-services-and-components/) in the Choreo documentation.",
"To manage environment variables for a Python web application deployed on Choreo, follow these steps:\n\n1. **Update your Python source code**: Modify your `main.py` file to include the necessary logic for accessing the environment variables. For example, you can retrieve an API key as follows:\n   ```python\n   from flask import Flask\n   from flask_restx import Api, Resource\n\n   app = Flask(__name__)\n   api = Api(app)\n\n   @api.route('/key')\n   class Key(Resource):\n       def get(self):\n           return {\"api_key\": os.environ.get('MY_API_KEY', 'defaultValue')}\n\n   if __name__ == '__main__':\n       app.run(port=5000)\n   ```\n\n2. **Deploy your application**: After updating your code, redeploy your web application so that the changes take effect.\n\nFor more detailed instructions on deploying your first Python application on Choreo, you can refer to the documentation [here](https://wso2.com/choreo/docs/develop-components/deploy-your-first-python-service/#deploy-the-component). Additionally, you may find helpful details about adding environment variables during deployment [here](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-configurations-and-secrets/#add-environment-variables-to-your-container).",
"To connect your React frontend to your backend service in Choreo, follow these steps:\n\n### 1. Generate an Application Token in Choreo\nFirst, you need to create an application token for API access.\n\n#### Steps to Generate an Application Token:\n1. Go to the [Choreo Developer Portal](https://devportal.choreo.dev).\n2. In the **Applications** tab, select your application.\n3. Navigate to the **Credentials** tab and then click on the **Application Tokens** tab.\n4. Click on **Generate Token**.\n\nThis will generate an access token that you can use to authenticate API requests.\n\n### 2. Use Axios to Handle HTTP Requests\nAxios is a popular library for making HTTP requests in JavaScript applications. It simplifies handling asynchronous network requests and integrates well with modern JavaScript frameworks like React.\n\nHere’s how you can use Axios to call your backend API from a React component:\n\n```javascript\nimport axios from 'axios';\n\nfunction YourComponent() {\n  // Use the access token generated in Choreo for authentication\n  const config = {\n    headers: {\n      'Authorization': `Bearer <YOUR_ACCESS_TOKEN>`,\n    }\n  };\n\n  useEffect(() => {\n    // Make a GET request to your backend API\n    axios.get('/api/backend-endpoint', config)\n      .then(response => {\n        console.log('Response:', response.data);\n      })\n      .catch(error => {\n        console.error('Error:', error);\n      });\n  }, []);\n\n  return (\n    <div>\n      {/* Your component content here */}\n    </div>\n  );\n}\n```\n\n### 3. Deploying Your Frontend\nOnce you've set up the necessary configurations, you can deploy your React frontend to production using your preferred CI/CD pipeline. Ensure you have the correct endpoints configured in your environment to communicate with your backend services effectively.\n\nFor further details and best practices, you can refer to the documentation:\n- [Generating an Access Token](https://wso2.com/choreo/docs/consuming-services/generate-an-access-token/#steps-to-generate-an-access-token-via-the-developer-portal-ui)\n- [Calling Services With an Access Token](https://wso2.com/choreo/docs/consuming-services/consuming-a-sevice-api-with-an-access-token/#call-the-service)\n- [Connecting a Single-Page Web Application](https://wso2.com/choreo/docs/tutorials/build-and-deploy-single-page-web-applications/#step-4-connect-the-front-end-to-the-back-end)",
"To connect your backend deployed in Choreo to your frontend application hosted on GitHub Pages, you need to follow a structured approach. Here’s how you can do it:\n\n### Steps to Connect Frontend and Backend\n\n1. **Ensure Your Frontend is Deployed**:\n   - Make sure that your frontend application is already deployed on GitHub Pages. This means it should be accessible via its URL.\n\n2. **Obtain the Backend URL**:\n   - After successfully deploying your backend in Choreo, note down the `Endpoint` URL provided during the deployment process. This will be the endpoint from which your frontend can communicate.\n\n3. **Update your Frontend Application**:\n   - In your frontend code, update any references to your backend services. Typically, this would involve hardcoding the backend URL if your frontend and backend are separate components (like in your case). \n   - For example, if you have hardcoded a relative URL, replace it with the absolute URL of the Choreo endpoint.\n\n4. **Set Up Environment Variables (if needed)**:\n   - If there is a need to pass sensitive data or configuration specific to the production environment, you can use environment variables in GitHub Actions to manage these securely. This helps maintain good practices regarding secrets management.\n\n5. **Implement CORS (if necessary)**:\n   - Ensure that your backend allows cross-origin requests from your frontend by configuring CORS settings. This might require updating the network configurations within Choreo.\n\n6. **Testing**:\n   - After making the necessary changes, perform testing to ensure that the frontend can successfully interact with the backend as expected.\n\n### Important Considerations\n- The connection between the two must be done post-deployment, so it's crucial to have both applications functional and ready before establishing communication.\n- If you face any network-related issues, check the permissions and any firewall settings both on Choreo and your GitHub Pages site.\n\n### Additional Resources\nFor more details on managing configurations and secrets, you can refer to the documentation on [Managing Configurations and Secrets](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-configurations-and-secrets/#use-environment-variables-in-github-actions).\n\nBy following these steps, you should be able to connect your backend deployed in Choreo with your frontend application hosted on GitHub Pages effectively.",
"I'm here to assist with questions related to Choreo. Could you clarify how your question relates to Choreo or provide more details on how Choreo can be used for testing full-stack applications? If your question is meant to be asked regarding how to use Choreo for testing purposes, please let me know!",
"To resolve the issue of a \"procfile not found\" error when deploying your Python service in Choreo, you can try the following steps:\n\n1. **Enable Automatic Deployment**: Make sure that the \"Auto Deploy on Build\" option is enabled in the settings of your Choreo component. This allows Choreo to automatically handle deployments without the need for a Procfile.\n\n2. **Check File Mounting Permissions**: If you are manually triggering deployment by uploading a binary or triggering a promotion, ensure that the required file mounting permissions are set correctly. This can be configured under **Build Configurations** -> **File Mounts**.\n\n3. **Use an Entrypoint for Interactive Applications**: Since your service appears to be intended for interactive use through a webhook, make sure to specify an entrypoint or command that runs your main application. This is essential for ensuring your service starts correctly.\n\n4. **Review Configuration**: If none of these steps resolves the issue, it may be helpful to check the configurations again to ensure everything is set up as intended.\n\nIf you continue to face issues after these steps, it might be beneficial to consult the Choreo documentation for more detailed guidance on deployment processes.\n\nFor further assistance, please refer to the relevant documentation: [Autodeploy components without building](https://wso2.com/choreo/docs/develop-components/develop-python-components/deploy-and-test-your-python-service/#autodeploy-components-without-building).",
"The `.choreo/endpoints.yaml` file is crucial as it provides details about your deployed service endpoints, including network visibility settings, which can impact how these endpoints are accessible.\n\nIf you encounter an error indicating that `.choreo/endpoints.yaml` cannot be found, this typically suggests there might be an issue with the data plane during the deployment process. However, there's not enough specific information provided to determine the root cause of the problem conclusively.\n\nHere are some steps you can take to troubleshoot:\n\n1. **Check Logs**: Review the [Choreo console logs](https://console.choreo.dev) for any errors or indications of what went wrong during the deployment. This can provide clues on whether the problem is related to the endpoints configuration or another factor.\n\n2. **Data Plane Status**: Ensure that your data plane is functioning correctly by verifying its status on the [Runtime page](https://choreo.dev/environments/runtime) under your project. A failed health check could indicate that the infrastructure needs attention.\n\n3. **Redeploy the Component**: If the error persists after reviewing logs, consider redeploying your component via the DevOps page, ensuring that all configurations and endpoint visibility settings are correctly applied.\n\n4. **Endpoint Visibility Settings**: Verify the settings related to the endpoints within the **Deploy** -> **Set Up** -> **Create Endpoints** section. Ensure that the network visibility level (Public, Organization, or Project) is set appropriately for the services you are trying to access.\n\nIf you need further assistance or have additional symptoms of the problem, please provide more details so I can better assist you. For more comprehensive troubleshooting and information regarding the endpoints, you may refer to the following documentation: [Troubleshoot endpoint visibility](https://wso2.com/choreo/docs/devops-and-ci-cd/configure-endpoints-body/#endpoints-visibility).",
"In Choreo, a **readiness probe** is crucial for determining whether your application is ready to handle user traffic, particularly in scenarios where you have a single replica. This probe is especially beneficial when implementing horizontal pod autoscaling.\n\nTo configure a readiness probe, follow these steps:\n\n1. **Select Your Component**: In the **Component Listing** pane of the Choreo Console, select the component you wish to configure probes for.\n2. **Access Health Checks**: Click on **DevOps** in the left navigation menu, then select **Health Checks**.\n3. **Create a New Probe**: Click **+ Create** to initiate the configuration of a new probe.\n4. **Choose Readiness Probe**: Under the probe types, select the readiness probe to customize its settings.\n5. **Configure the Probe**: \n   - **Connectivity Check**: Set the probe to check the health by ensuring a TCP connection to a specified port on your container. A failed connection will trigger the readiness probe.\n   - **HTTP GET Request**: You can send an HTTP `GET` request to a path on your container. For instance, `/healthz` or `/health` are common paths to query.\n   - **HTTP POST Request**: This option allows sending an `HTTP POST` request to a specified port and path, which is less commonly used for readiness checks.\n   - **Execute Command**: Running a script inside the container, like checking file permissions or CPU/RAM utilization, is also an option.\n\n6. **Set Conditions**: Define any conditions that must be met for the readiness probe to trigger.\n7. **Save Your Settings**: Once configured, click **Save** to apply the readiness probe.\n8. **Redeploy if Necessary**: If your component does not already have network visibility, go to the **Deploy** page and click **Update Image & Deploy** to ensure the probe is activated.\n\n### Important Notes:\n- Readiness probes do not run at regular intervals like liveness probes but execute only once per deployment lifecycle unless manually triggered or the status of a resource changes.\n- These probes are essential for managing load balancing and ensuring smooth application operations, particularly in auto-scaling configurations.\n\nFor further details, you can refer to the [Configure Health Checks](https://wso2.com/choreo/docs/devops-and-ci-cd/configure-health-checks/) documentation.",
"To configure Azure Active Directory (Azure AD) as an external Identity Provider (IdP) in Choreo, you need to follow these steps. Azure AD can be configured as both the assignment-type and self-sign-in-type IdP depending on your requirements.\n\n### Steps to Configure Azure AD as an External IdP\n\n1. **Access Organization Settings**:\n   - In the Choreo Console header, click on the **Organization** list. This will take you to the organization level **Settings** page.\n\n2. **Navigate to Identity Providers**:\n   - Click on the **Application Security** tab and then go to **Identity Providers**.\n\n3. **Add a New Identity Provider**:\n   - Click on **+ Identity Provider**.\n\n4. **Select Azure AD**:\n   - Choose **Microsoft Entra ID (Azure AD)** as the identity provider.\n\n5. **Specify Well-Known URL**:\n   - In the **Well-Known URL** field, enter the endpoint for Azure AD. It should look like this:\n     ```\n     https://login.microsoftonline.com/<your-tenant-id>/v2.0/.well-known/openid-configuration\n     ```\n   - Alternatively, you can select **Use discovery document** for easier integration.\n\n6. **Fill Required Fields**:\n   - Enter values for the mandatory fields as per your Azure account settings.\n   \n7. **Configure Asymmetric Encryption Keys**:\n   - Ensure that your Azure keys are aligned with the recommendations mentioned in the [Asymmetric encryption keys](https://wso2.com/choreo/docs/administer/configure-asymmetric-pki-certs-for-managed-identity-and-security/#asymmetric-encryption-keys) section.\n\n8. **Review Configuration**:\n   - Verify the configurations before proceeding.\n\n9. **Enable Self-Sign-In for Choreo Applications**:\n   - If needed, navigate back to the applications in your Choreo project and enable auto-login.\n\nBy following these steps, you will successfully configure Azure AD as an external IdP in Choreo. For further details, you can refer to the official documentation here: [Configure Azure Active Directory (Azure AD) as an External Identity Provider (IdP)](https://wso2.com/choreo/docs/administer/configure-an-external-idp/configure-azure-ad-as-an-external-idp/#configure-azure-active-directory-azure-ad-as-an-external-idp-in-choreo).",
"To implement rate-limiting on APIs in Choreo, you can utilize two different methods based on the nature of your rate-limiting requirements: **API-level Rate Limiting** and **API Path Level Rate Limiting**.\n\n### 1. API-Level Rate Limiting\nThis approach applies the same rate-limiting policy to all operations within a single API. Here’s how you can set it up:\n\n#### Steps to Configure API-Level Rate Limiting:\n1. Navigate to the left navigation menu and click **Deploy**.\n2. In the **Build Area** card, click **Rate Limiting** to expand the section.\n3. Select **API Level Rate Limiting** as the **Rate Limiting Level**.\n4. Adjust the request count and time unit slider to set your desired limits. For example, you might choose `1000 requests`, with a `time unit` of `5 minutes`.\n5. Click **Add & Deploy**.\n6. Once successful, view the deployment status in the **Build Area** card. After a short latency period, the endpoint should become available.\n\n![Configure rate-limiting](https://wso2.com/choreo/docs/assets/img/api-management/manage-rate-limiting/configure-rate-limiting.png)\n\nFor more details, refer to the [API Level Rate Limiting documentation](https://wso2.com/choreo/docs/api-management/manage-rate-limiting/#api-level-rate-limiting).\n\n### 2. API Path Level Rate Limiting\nThis option allows you to apply different rate-limiting policies to various endpoints within the same API. This is particularly useful for critical APIs that need enhanced protection from API call spikes.\n\n#### Steps to Configure API Path Level Rate Limiting:\n1. In the left navigation menu, click **Deploy**.\n2. Go to the **Endpoint Details** card and click **Manage** under **Rate Limiting**.\n3. Select **API Path Level Rate Limiting** as the **Rate Limiting Level**.\n4. Choose `1000 requests`, with a `time unit` of `5 minutes`.\n5. Specify which endpoints should be rate-limited by checking their respective checkboxes. For instance, if your API has multiple GET endpoints, select them individually.\n6. Click **Apply** and redeploy the component by clicking **Configure & Deploy** and then clicking **Deploy**.\n\n![Configure API path-level rate limiting](https://wso2.com/choreo/docs/assets/img/api-management/manage-rate-limiting/configure-api-path-rate-limiting.png)\n\nFor further details, check the [API Path Level Rate Limiting documentation](https://wso2.com/choreo/docs/api-management/manage-rate-limiting/#api-path-level-rate-limiting).\n\n### Key Considerations\n- Ensure to test your APIs under load to determine the appropriate rate-limiting thresholds. \n- Be mindful of the implications of API rate limiting on API management and usage. \n\nBy following these steps, you can effectively manage rate-limiting on your APIs in Choreo.\n\nFor comprehensive guidance, you may also refer to the [Choreo API Management documentation](https://wso2.com/choreo/docs/api-management/manage-rate-limiting/).",
"If you are encountering Trivy security check errors in Choreo, you can troubleshoot these issues by following several steps to identify and resolve potential problems.\n\n### Troubleshooting Steps\n\n1. **Check Component Configuration**:\n   - Ensure that your component's configuration correctly specifies the required ports, network types, and other parameters necessary for secure connections. This can vary based on the type of project you have (for instance, it differs between Service projects and Web Application projects).\n   - Verify that the project-level endpoints are configured properly to reflect how your services will interact with each other.\n   - Make sure to enable the **Health Check** and configure the health probe if needed, as failing health checks can cause errors during deployments.\n\n2. **Use Dependency Track UI for Security Vulnerabilities**:\n   - If your component has dependencies with known vulnerabilities, consider using the [Dependency Track UI](https://security.trivy.io/) to analyze your project's dependencies.\n   - Identify the libraries with security vulnerabilities and determine if they are being used incorrectly, such as passing sensitive data without proper encoding.\n   \n3. **Scan Configurations and Build Logs**:\n   - If you're facing \"build scan failed\" errors, check the **Build Logs** pane for specific error messages and ensure that the credentials or configurations used in the build process are correct.\n\n4. **Manage Network Visibility Settings**:\n   - Be aware that visibility settings (Public, Organization, or Project) for API components can impact connectivity. If there are network visibility mismatches, you may encounter errors related to unauthorized access or connection refused.\n\n5. **Review Build and Scan Pipelines**:\n   - It's crucial to validate your builds before running scans or pushing to production. If a scan detects security vulnerabilities, review the build pipeline to confirm it successfully completes.\n\nBy carefully reviewing these steps and ensuring that all configurations and network settings are appropriate for your application, you should be able to resolve the Trivy security check errors effectively.\n\nFor more detailed information on handling Trivy scan results and managing vulnerability notifications, you can refer to the following documentation:\n- [Configure and Manage Vulnerability Scanning](https://wso2.com/choreo/docs/scan/dependency-scan/configure-and-manage-vulnerability-scanning/)\n- [Handle Vulnerability Notifications](https://wso2.com/choreo/docs/monitoring-and-insights/alerts-and-notifications/manage-vulnerability-notifications/#handle-vulnerability-notifications)",
"To configure a **.json** or **.yaml** configuration file for a web application deployed to Choreo, follow these guidelines and steps:\n\n### Configuration File Support\nChoreo supports configuration files in either JSON or YAML format, with a file extension that matches the content type. The configuration files should be stored in Git. These files allow you to manage variable configurations that can vary across different environments like development, staging, and production.\n\n### Best Practices\n1. **Keep sensitive data secure**: Use configuration files instead of environment variables for sensitive information like passwords, access tokens, and keys.\n2. **Environment-specific values**: Override default values defined in your configuration file by defining environment-specific variables during deployment.\n3. **Version control**: Ensure that your configuration files are committed to your repository but exclude sensitive information from being published.\n\n### Excluding Files from Version Control\nIf your project contains sensitive information like database credentials or OAuth tokens in the configuration files, you can exclude them from version control by using the following approaches:\n\n#### `.gitignore` File\n1. Create a `.gitignore` file in your root directory if you don't have one already.\n2. Add the paths to the configuration files you want to exclude, for example:\n   ```\n   config/credentials.yaml\n   config/secrets.json\n   ```\n3. Commit the `.gitignore` file and the configuration files to ensure they are excluded from being committed to the repository.\n\n#### `github-secrets` GitHub Action (recommended)\nFor added security, you can utilize the `github-secrets` GitHub Action to manage secrets efficiently:\n1. Go to the **Settings** of your GitHub repository and click on **Secrets**.\n2. Create a new secret with a name that reflects its purpose.\n3. Paste the content of your configuration file into the **Raw Secret** editor window.\n4. Click **Add Secret**.\n\n### Example Configuration File\nHere's a sample configuration file to give you an idea:\n```yaml\nserver:\n  host: \"0.0.0.0\"\n  port: 8090\nendpoints:\n  - name: Endpoint 1\n    host: \"endpoint1-host\"\n    port: 8080\n  - name: Endpoint 2\n    host: \"endpoint2-host\"\n    port: 8070\n```\n\nBy adhering to these best practices and guidelines, you can effectively manage configuration files for your web application within Choreo.\n\nFor more detailed information, you can refer to the [Manage Configurations and Secrets documentation](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-configurations-and-secrets/#best-practices).",
"To secure your web application within the Choreo environment, you can utilize a variety of built-in security features provided by Choreo. Here are the main approaches you can take:\n\n### 1. Implement Authentication and Authorization\nChoreo allows you to set up managed authentication for both API and web applications. Here’s how to enable it:\n\n1. **Access Component:** In the **Component Listing** pane, click on the web application you want to configure.\n2. **Manage Settings:** Go to the **Settings** option in the left navigation menu.\n3. **Authentication Keys Tab:** Navigate to the **Authentication Keys** tab.\n4. **Choose Identity Provider:** Select **Choreo Built-in Identity Provider** as the identity provider and specify the appropriate audiences.\n5. **Configure:** Click **Configure** to generate client keys and copy the discovery URL.\n6. **Enable Secure Web App:** Turn on the **Secure Web Application** toggle and paste the discovery URL you copied earlier.\n7. **Save Changes:** Finally, click **Apply**.\n\nThis configuration ensures that your web application securely handles user authentication using industry-standard protocols.\n\nFor detailed steps, check [Configure Managed Authentication for a Web Application](https://wso2.com/choreo/docs/authentication-and-authorization/secure-web-applications-with-managed-authentication/#step-1-set-up-managed-authentication-for-the-web-application).\n\n### 2. Enable External Authentication with a Third-Party Identity Provider (IdP)\nYou can also integrate an external identity provider to manage user authentication. Follow these general steps:\n\n1. **Select Your Organization:** From the **Project Listing** pane, select your project.\n2. **Navigate to Component:** In the left navigation menu, click on **Settings** and then select the **Authentication Keys** tab.\n3. **Add IdP Credentials:** Under the **Identity Providers** section, add your chosen IdP’s credentials and follow the respective guidelines for the IdP you are using (e.g., Azure Active Directory, Asgardeo, etc.).\n\nEnsure to select the appropriate audiences and set the `code` as the grant type. After this setup, Choreo will redirect users to your configured IdP for authentication, and upon successful sign-in, it will callback with the tokens needed for authorization.\n\nFor more details, visit [Configure Third-Party Authentication for the Web Application](https://wso2.com/choreo/docs/authentication-and-authorization/secure-web-applications-with-managed-authentication/#step-2-enable-external-authentication-for-the-web-application).\n\n### 3. Leverage Role-Based Access Control (RBAC)\nYou can assign roles to users via your external IdP or through Choreo’s built-in Identity Provider. Ensure that the roles assigned correspond to the necessary permissions for the services users will access.\n\nFor further information on configuring role-based access control, see the documentation [here](https://wso2.com/choreo/docs/authentication-and-authorization/secure-web-applications-with-managed-authentication/#step-3-set-up-role-based-access-control-for-your-web-application).\n\nBy following these steps, you can enhance the security of your web application within the Choreo ecosystem effectively.\n\nFor comprehensive guides, refer to the full documentation at: [Secure Web Applications with Managed Authentication](https://wso2.com/choreo/docs/authentication-and-authorization/secure-web-applications-with-managed-authentication/).",
"To secure an API in Choreo, you can implement security measures at both the project level and component level. Here's how to do it:\n\n### Secure an API at the Project Level\n1. In the **Component Listing** pane, select the API Proxy you want to secure.\n2. Navigate to **Manage** > **Endpoints**.\n3. Click the edit icon corresponding to the desired endpoint.\n4. Choose your security mechanism from the following options:\n   - **Application Security**: Protects internal components using API proxies. It allows secure communication even without shared authentication among them, reducing the risk of exposure.\n   - **OAuth2.0 Security**: Requires clients to obtain an access token before invoking the backend, ensuring secure API calls.\n5. Optionally, you can set different audience values to restrict which applications can invoke the API.\n6. Click **Update** and then deploy the proxy via the **Deploy** option to apply the changes.\n\n### Secure an API at the Component Level\n1. Select the API Proxy in the **Component Listing** pane.\n2. Navigate to **Manage** > **Endpoints**.\n3. Select the appropriate security scheme (similar options as above: Application Security or OAuth2.0 Security).\n4. Click **Update**, then redeploy the API using the **Deploy** option.\n\n### Additional Information\nChoreo provides various authentication methods such as API Key, OAuth2.0, and Google JSON Web Token (JWT). By implementing one of these, you can effectively secure your API. \n\nFor detailed steps and more information, you can refer to the documentation here: [Secure APIs in Choreo](https://wso2.com/choreo/docs/authentication-and-authorization/secure-api-access/#step-1-secure-an-api-in-choreo).",
"To set up alerts for your services in Choreo, follow these steps:\n\n1. In the left navigation menu, click **Observability**.\n2. Click **Alerts** to open the active alert list.\n3. Click **Create Alert Rule** and choose the **Service Metrics** tab. Here, you can create rules for monitoring service metrics.\n4. In the **Create Alert Rule** pane, select the metrics that are most critical for your service and create appropriate thresholds. The following are some commonly used metric groups for service metrics:\n   - **HTTP requests**: This measures incoming traffic to the endpoint and helps identify potential performance issues before they cause disruptions.\n   - **Dapr components**: These help monitor Dapr applications deployed in the data plane.\n   - **Container metrics**: These monitor resource usage such as CPU, memory, and disk usage, which are crucial for detecting resource bottlenecks and infrastructure-related issues.\n\n5. Select severity labels, email alerts, and notification lists for critical conditions.\n6. Click **Create** to save and activate the alert rule.\n\nAlert rules will be listed under **Rule Book** after creation, allowing you to edit or delete them if needed.\n\n### Important Notes:\n- Alerts apply at the project level, so ensure you have organization-level permissions to create them. If not, request permissions from your organization administrator.\n- Ensure your service's health check probes succeed; failing probes will trigger the \"Runtime Health Checks Failed\" alert.\n- Monitor alerts through email notifications and use the alert dashboard for visualization and analysis of alert details over time.\n\nFor further details, refer to the [Observability Overview](https://wso2.com/choreo/docs/monitoring-and-insights/observability-overview/) section.",
"To invite members to your organization in Choreo, follow these steps:\n\n1. In the Choreo Console header, go to the **Organization** list and select your organization.\n2. On the left navigation menu, click **Settings**. This will open the organization-level settings page.\n3. Click on the **Access Control** tab.\n4. Click the **Invited Users** tab, then click **+ Invite Users**.\n5. In the **Invite Users** dialog, specify the user details and select the groups you want to assign them to by choosing one or more from the **Groups** drop-down list.\n6. Click **Invite**. The invited members will receive an invitation via email. Once they accept the invitation, they will gain access to the resources in the specific group they belong to.\n\nNote that new members will need to accept the invitation sent to their email before they can interact with the resources in the organization.\n\nFor more detailed information, you can refer to the documentation here: [Invite members](https://wso2.com/choreo/docs/administer/inviting-members/#invite-members).",
"To create a new environment for deployment in Choreo, follow these steps:\n\n1. In the Choreo Console left navigation menu, click **Organization**, and then select your organization.\n2. Click **DevOps** and then click **Environments**.\n3. Click **+ Create Environment**. \n4. In the Create an Environment pane, enter the required values:\n   - **Environment Name**: This is an alias name for identification purposes. It can be useful when invoking the API.\n   - **Name**: Specify a unique name that must be globally unique across the project or organization. You cannot change this name after creating the environment.\n   - **Data Plane**: Choose the data plane where the environment will be provisioned. This choice determines the infrastructure resources allocated for your applications and their accessibility.\n5. Click **Create** to complete the creation process.\n\n**Important Notes**:\n- The default environments are read-only and cannot be deleted once created.\n- When deploying multiple environments for different projects, it is recommended to utilize separate environments to avoid configuration drift and minimize operational complexities.\n\nFor more details, you can refer to the documentation [here](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-environments/#create-an-environment).",
"To configure API visibility settings in Choreo so that an API is only accessible to administrators in your organization, follow these steps:\n\n1. In the **Component Listing** pane of the Choreo Console, click on the API component that you want to manage.\n2. In the left navigation menu, select **Manage** and then choose **Permissions**. This will display the permissions assigned to the API.\n3. Click on **Roles** under **Role Management** to navigate to the roles assigned to the API.\n4. To create a new role or edit existing ones, click **New Role**. \n   - If you want to assign roles to existing developers in the organization, choose **Organization Developer**; otherwise, select a specific role if you have designated roles available.\n5. After selecting the role, click **Next**.\n6. Choose the appropriate groups from the **Groups** list. By default, any user can assume their role within the organization. If you wish to restrict access, uncheck the **Any Role in Project** checkbox.\n7. Finally, click **Add** to save the configuration.\n\nBy configuring the role and group assignments appropriately, you ensure that only users with administrator privileges can access the API, as per your requirements.\n\nFor more detailed instructions, you can refer to the documentation here: [Control Access in the Choreo Console](https://wso2.com/choreo/docs/administer/control-access-in-the-choreo-console/#configure-role-and-group-assignments-for-controlled-access).",
"To use the Choreo CLI for local development or testing, you need to follow these steps:\n\n### Prerequisites\nBefore you start, make sure you have the following installed and set up on your local machine:\n1. **Go** (Go 1.20+)\n2. **A container runtime** (e.g., Docker)\n3. **Git**\n4. **Ballerina Buildpacks** (which will be downloaded automatically if you don't have them).\n\n### Step 1: Install the Choreo CLI\n1. Navigate to your project directory using the terminal.\n   ```sh\n   cd your-project-directory\n   ```\n2. Initialize the Choreo CLI by running the following command:\n   ```sh\n   curl -o- https://cli.choreo.dev/install.sh | bash\n   ```\n\n### Step 2: Create a New Project\nOnce the CLI is installed, you can create a new project:\n```sh\nchoreo new -p <your-git-repo-url> -r <GitHub repository name>\n```\nThis command will initialize a new Choreo project with the necessary configurations.\n\n### Step 3: Build and Deploy Your Component Locally\nChoreo utilizes a Buildpack architecture to build components without requiring any specific build files. After setting up your project, you can build and run your application locally. \n\nFor instance, if you have created a Web Application, you would typically run:\n```sh\nchoreo build && choreo run\n```\nThis process compiles your application using the Ballerina language and runs it in a local environment.\n\n### Additional Notes\n- If you want to update the Choreo CLI to the latest version later, you can simply run:\n  ```sh\n  curl -o- https://cli.choreo.dev/install.sh | bash\n  ```\n- If you need further details about the CLI commands or how to use specific features, you can check the CLI command reference documentation here: [Choreo CLI Command Reference](https://wso2.com/choreo/docs/references/cli-command-reference/).\n\nThis should give you a comprehensive overview of how to set up and use the Choreo CLI locally. For more detailed steps and specific scenarios, you can refer to the official documentation.",
"To set up automatic scaling for your applications in Choreo, follow these steps:\n\n### 1. Configure Horizontal Pod Autoscaler (HPA)\nHorizontal pod autoscaler automatically scales the replicas of a component based on resource consumption metrics like CPU and memory thresholds. This allows your application to handle varying loads dynamically.\n\n**Steps to configure HPA:**\n- In the **Component Listing** pane, select the component you want to scale.\n- Navigate to the **DevOps** section and click on **Autoscale**.\n- Click on **Configure** next to **Horizontal Scaling** to set up the HPA.\n  \n  ![Configure HPA](https://wso2.com/choreo/docs/assets/img/devops-and-ci-cd/autoscale/configure-approach-02.png)\n\n#### Setting Min & Max Replicas:\n| Container Running Status | Meaning                                                        |\n|--------------------------|---------------------------------------------------------------|\n| Minimum Replicas        | Ensures there is at least one replica available. <br> If CPU/memory threshold is not crossed, it will be increased up to this limit.<br> Set to `1` for production use cases.<br>(Default: `1`).<br>|<br> |Maximum Replicas    | Prevents the replicas from exceeding this number, even if CPU/memory threshold is crossed. <br> The value is used after reaching the minimum. <br>(Default: `5`).<br>| <br>\n\n### 2. Configure Dynamic Provisions Storage Class\nFor components that require a persistent volume (like databases), Choreo uses **Dynamic Provisioning** to automatically create storage volumes when the required space exceeds the allocated limit.\n\n**Steps to enable Dynamic Provisioning for storage:**\n- In the **DevOps** section, go to **Storage**.\n- Create a storage class and ensure the **Dynamic Provisioning** checkbox is selected. Specify a **Storage Capacity Limit**.\n\n  ![Create Storage](https://wso2.com/choreo/docs/assets/img/devops-and-ci-cd/storage/create-storage-class.png)\n\n#### Storage Classes and Priorities:\nWhen requesting storage, lower-priority classes can automatically upgrade to a higher class if space reaches the allocated limit.\n\n### Additional Information\n- If a request is made to a lower priority storage class, it will not affect other critical services running in the same namespace.\n- Ensure that your deployment does not run out of storage abruptly by setting appropriate capacity limits.\n\nBy following these steps, you can effectively set up automatic scaling for your applications in Choreo, ensuring efficient resource management.\n\nFor more detailed information, refer to the documentation here: [Auto-scaling components with Horizontal Pod Autoscaler](https://wso2.com/choreo/docs/devops-and-ci-cd/autoscale/aut-scale-with-hpa/#auto-scale-components-with-horizontal-pod-autoscaler).",
"In Choreo, there are several options for storing and managing data within your applications, primarily focusing on cloud-based databases and NoSQL data stores. Here’s an overview of the available data storage solutions:\n\n1. **Choreo-built PostgreSQL Service**:\n   - This is a fully managed cloud database service.\n   - It supports popular SQL features, high availability, and backup & restore functionalities.\n   - It integrates seamlessly with other Choreo services, allowing you to create database connections via the Choreo Console. \n   - The Choreo PostgreSQL service provides different service plans tailored to various requirements, including dedicated nodes.\n   - You can connect databases across different environments and manage user access and permissions.\n\n2. **Choreo-built MongoDB Service**:\n   - A fully managed cloud NoSQL database service.\n   - It supports document-based data models, scalability, and sharding capabilities for larger data sets.\n   - The MongoDB service offers various service plans with different configurations and backup retention periods.\n   - It allows for connection creation and management similar to the PostgreSQL service, enabling secure data storage and retrieval.\n\nBoth of these services allow you to attach additional capacity in the form of read replicas for both production and development purposes, providing insights into resource utilization and performance.\n\nThese options enable developers to choose the right data storage solution based on their project needs and preferences regarding database types. For more detailed information on how to create and manage PostgreSQL or MongoDB services, you can refer to the following links:\n- [Create a PostgreSQL service](https://wso2.com/choreo/docs/manage-databases-and-caches/choreo-built-postgresql-service/#create-a-postgresql-service)\n- [Create a MongoDB service](https://wso2.com/choreo/docs/manage-databases-and-caches/choreo-built-mongodb-service/#create-a-mongodb-service)\n\nThis will give you a comprehensive guide on setting up and managing your databases within the Choreo environment.",
"To create a webhook in Choreo, you need to follow a series of steps that involve defining your webhook, specifying its parameters, and creating the corresponding resource. Here's how you can do it:\n\n### Step 1: Define Your Webhook\n\n1. In the **Component Listing** pane of the Choreo Console, click on the REST API Proxy component for which you want to create a webhook.\n2. Navigate to the left menu and click on **Develop**.\n3. Select **Webhooks** from the list.\n4. Click on **+ Create** to start defining a new webhook.\n\n### Step 2: Configure the Webhook Parameters\n\n1. Fill in the **New Webhook** pane with the following required parameters:\n   - **Name**: Specify a unique name for your webhook. This name will be used to identify the webhook in your API call definitions and when invoking it programmatically.\n   - **Webhook URL**: This is the endpoint where your webhook's logic resides.\n   - **Message Body Type**: Choose the type of content your webhook will handle.\n   - **Select Deployment Track**: Choose the specific release track you wish to associate with this webhook.\n   - **Enable Secure Connection with the Backend**: If you need to secure the connection between the client and server with a valid SSL certificate, select this option and provide the appropriate TLS certificate content.\n\n   ![Define webhook parameters](https://wso2.com/choreo/docs/assets/img/api-management/webhooks/configure-webhook-parameters.png)\n\n### Step 3: Create the Webhook\n\n1. After entering all necessary details, click **Create**. This action will add your webhook to the **Webhooks** tab in the respective API proxy view.\n\nNow that you've successfully created the webhook, you can proceed to register it under a specific resource.\n\nFor more detailed information, you can refer to the full documentation here: [Create a webhook](https://wso2.com/choreo/docs/api-management/create-a-webhook).",
"Yes, in Choreo, you can configure usage limits for your APIs across different tiers. The ability to set these limits helps ensure that your API remains available to all subscribers while allowing you to manage resource allocation effectively.\n\n### Steps to Set Usage Limits for an API:\n1. In the **Component Listing** pane, select the component (API) for which you want to define rate limits.\n2. In the left navigation menu, click **Deploy**.\n3. Go to the required environment card and click **Configure & Deploy**.\n4. In the **Configure Component** dialog, select the required environment tab. Look for the **Rate Limiting** tab within this dialog.\n5. Select a **Rate Limiting Tier** that best fits your API's needs. \n   - **Api Gatekeeper**:\n     - **Request count**: Number of requests allowed within a specified time unit.\n     - **Burst Control**: Helps manage sudden spikes in requests, preventing overload.\n     - **Time Unit**: Defines the duration during which request counts are tracked (e.g., minute, hour).\n   - Note that the higher the **Request count** threshold, the lower the priority of requests when a limit is reached.\n\nThis setup allows you to optimize resource management and enhance subscriber satisfaction by ensuring that the API performs well even under varying loads.\n\nFor more detailed instructions, you can refer to the documentation [here](https://wso2.com/choreo/docs/api-management/manage-api-rate-limiting/#set-usage-limits-for-an-api).",
"To monitor the performance of services deployed on Choreo, you have access to various observability tools and metrics provided through the Choreo console. Here are the key methods and features available for performance monitoring:\n\n### Key Observability Features\n1. **Real-time Insights:**\n   - Choreo provides real-time insights into the performance of your services. You can view key metrics such as usage statistics, latency, and resource utilization in the environment you deployed your service.\n   \n2. **API Metrics:**\n   - The **Overview** page in the Choreo console allows you to monitor important metrics like:\n     - API hit count\n     - Success rate\n     - Latency\n     - Request and response size\n   \n3. **Log Viewer:**\n   - You can view logs from the **Logs** section in the Choreo console. This feature enables you to view application and gateway logs, aiding in troubleshooting and performance analysis.\n\n4. **Diagnostics View:**\n   - For detailed diagnostics, the **Diagnostics View** offers visual representations of logs for specific periods, which can help identify any anomalies.\n\n5. **Observability Dashboard:**\n   - The observability dashboard provides a comprehensive overview of your service's health, including:\n     - Throughput and request counts\n     - Errors and latency percentiles\n     - Resource utilization\n   - You can view this data for a selected period and utilize advanced filters for specific analysis.\n\n### Viewing Observability Data\nTo access observability data, follow these steps:\n- In the Choreo Console, click the **Observability** tab in the left navigation menu.\n- From there, select the desired timeframe, and use the available filters to refine your data viewing experience.\n\nBy leveraging these observability features, you can effectively monitor and troubleshoot the performance of your deployed services in Choreo.\n\nFor more details, you can refer to the documentation here: [Monitor service traffic](https://wso2.com/choreo/docs/monitoring-and-insights/observe-message-traffic/#monitor-service-traffic).",
"To deploy a new version of your service from a different branch within the same component in Choreo, you need to follow these steps:\n\n### Steps to Deploy a New Version from a Different Branch\n\n1. **Build and Promote the Initial Image**:\n   - Ensure you have built and promoted the initial image associated with the first commit to your component. This sets up the necessary configurations and metadata required for deployment.\n\n2. **Navigate to Deploy Section**:\n   - In the left navigation menu, click on **Deploy**.\n\n3. **Update Image Tag Manually**:\n   - You will need to manually update the image tag before deploying from the new branch.\n   - If auto-builds are enabled, Choreo automatically generates tags based on Git commits. If not, you can create a dedicated tag for manual deployments.\n\n4. **Promote the Image Tag**:\n   - After successfully building the image, you can promote it to the desired environment by clicking **Promote** under the corresponding environment card.\n   - This action will take you to the **Promote Page** where you select the new image tag.\n\n### Important Considerations\n\n- Ensure that your new branch contains the updated code that you want to deploy. This may involve committing new changes to the repository.\n- If you haven't built an image from the new branch yet, you'll need to do so before promoting it.\n- If auto-builds are disabled, remember to manually create a tag for your deployment.\n\nBy following these steps, you can effectively manage and deploy new versions of your services in Choreo from different branches.\n\nFor more details, you can refer to the official documentation: [Develop a Containerized Application](https://wso2.com/choreo/docs/develop-components/develop-containerized-applications/#step-2-develop-the-containerized-application).",
"Choreo offers three different pricing plans: Startup, Business, and Premium. These plans vary primarily in terms of resource allocations, service options, and support levels, which are crucial factors to consider when choosing one. The available pricing plans are summarized as follows:\n\n| **Attribute**       | **Startup**             | **Business**            | **Premium**              |\n|---------------------|-------------------------|-------------------------|--------------------------|\n| **Hours/Month**     | Unmetered (up to 30 Hrs) | 150 Hours                | 800 Hours                |\n| **Storage**          | 1 GiB                   | 5 GiB                   | 20 GiB                  |\n| **CPU**              | 1 CPU core               | 2 CPU cores             | 4 CPU cores             |\n| **Memory (RAM)**    | 2 GB                     | 4 GB                    | 8 GB                     |\n| **Log Retention Time** | 1 day                   | 7 days                  | 30 days                 |\n| **Priority Support** | None                    | 10+ Hour Response Time  | 2+ Hour Response Time    |\n| **Total Request Count** | Unlimited               | 20,000 Requests         | 200,000 Requests        |\n| **Rate Limiting**    | Rate limiting disabled   | 100 requests/minute      | 5,000 requests/minute   |\n\nTo get more detailed information about each plan, including the benefits and limits, you can visit the [Choreo pricing page](https://wso2.com/choreo/pricing/). \n\nIf you need further details or have any specific questions, feel free to ask!",
"To limit requests coming to your API in Choreo, you have two primary methods: utilizing rate limiting at the API level or applying a blackout time at the API key level.\n\n### 1. **Rate Limiting at the API Level**\nYou can apply different rate limit plans when you deploy your API. This is essential for preventing API overload and ensuring smooth performance for users. Here’s how to do it:\n\n- Navigate to the **Deploy** section.\n- On the **Set Up** card, click **Rate Limiting** to expand the settings.\n- Select a rate limit plan that suits your requirements from the available options and apply it to your API.\n\nThis will help manage the load and prevent any single user from consuming too much of the API's resources.\n\n### 2. **Blackout Time at the API Key Level**\nIf you want to further control the usage of your API by limiting the amount of time that the API key is active, you can set a blackout period. This is useful if you observe high traffic during specific times or need to manage sudden spikes in usage.\n\n- In the left navigation menu, click **Settings**.\n- Go to the **API Configuration** tab and then to the **Developer Portal** tab.\n- Here, you can edit the API key details and set the appropriate blackout time as per your needs.\n\nThis feature ensures that if too many requests are made within a short time frame, it helps to mitigate any potential overload.\n\nFor more detailed instructions, you can refer to the following documents:\n- [Limit Requests Coming to My API - Rate Limiting](https://wso2.com/choreo/docs/api-management/api-rate-limiting/#limit-requests-coming-to-my-api)\n- [Limit Requests Coming to My API - Black Out Time](https://wso2.com/choreo/docs/api-management/api-rate-limiting/#limit-requests-coming-to-my-api--blackout-time)\n\nThese steps should help you effectively manage the request load on your API.",
"To manage traffic coming to your API in Choreo, you can implement both rate limiting and throttling mechanisms depending on your needs.\n\n### Rate Limiting\nRate limiting helps protect your backend from being overwhelmed by requests and can also serve as a protective measure against malicious attacks. When rate limiting is enabled, every API invocation consumes units of quota defined in the subscription plan. Once the specified quota is exceeded, the request will return an `HTTP 429 Too Many Requests` status.\n\nHere’s how you can enable **API rate-limiting** during deployment:\n\n1. Go to the left navigation menu, click **Deploy**.\n2. In the **Set Up** card, click **API Configuration**.\n3. Select the **Rate Limiting** tab, choose **Request Limiting**, and specify:\n   - **Limit Type**: Select `Bucket`.\n   - **Duration**: Choose a time unit (like minute, hour, day).\n   - **Requests**: Enter the number of requests.\n4. Click **Apply** to save your changes.\n5. Build and deploy the component again.\n6. Publish the API.\n\nFor more details, you can refer to the documentation here: [Control Traffic with Rate Limiting](https://wso2.com/choreo/docs/api-management/control-traffic-with-rate-limiting/#enable-api-rate-limiting-during-deployment).\n\n### Throttling\nThrottling allows you to manage the load on your API by controlling the rate at which client applications can submit requests. It helps prevent denial-of-service (DoS) attacks and ensures fair usage.\n\nYou can set up API throttling through subscription plans:\n\n1. When creating or updating a subscription plan, go to the desired plan's **Create Subscription Plan** page.\n2. Under the **Developer Portal** section, select a minimum and maximum limit under **Throttle Levels**.\n\nFor further details on managing throttling, you can check this documentation: [Control Traffic with API Throttling](https://wso2.com/choreo/docs/api-management/control-traffic-with-api-throttling/).\n\nIn summary, you can effectively control the traffic coming to your API by leveraging rate limiting to manage request quotas and throttling to monitor and restrict API usage, thereby ensuring optimal performance and security.",
"To troubleshoot and resolve a failed build caused by a Trivy scan failure in Choreo, you can follow these steps:\n\n1. **Review Error Logs**: Carefully check the error logs to identify the specific issue that prevented the Trivy scan from completing successfully. Common causes might include network connectivity problems, unauthorized access, or limitations on scan parameters.\n\n2. **Check Image Tags**: Ensure that the image tags specified in your configuration are correct and accessible. Incorrect tags could lead to scans being skipped, which may be falsely interpreted as a failure.\n\n3. **Scan Exclusions**: If you wish to skip specific directories or files during the scan (for instance, ignoring the `/.docker-build-cache`), make sure to add the respective file paths in the exclusions list under the advanced configurations. This can be done while creating the scan task.\n\n4. **Adjust Scan Parameters**: If necessary, adjust any scan parameters to improve performance or compatibility with your images. For example, you might need to modify the period between scans, the criticality levels, or the sensitivity settings.\n\n5. **Contact Support**: If you continue to face issues despite checking configurations and review processes, consider reaching out to Choreo support for further assistance.\n\nFor detailed instructions on setting up and configuring Trivy scans, refer to the following documentation: [Configure Vulnerability Scanning with Trivy](https://wso2.com/choreo/docs/develop-components/scan-images-with-trivy/#set-up-vulnerability-scanning).",
"The error you're encountering is related to the build configuration in the Choreo console. Specifically, the issue stems from the `<copy>` command in your `build.sh` script. The error message indicates that the destination folder specified for copying files already exists and contains some files.\n\n### Potential Solutions:\n\n1. **Adjust the Target Directory**: Modify the `copy` command in your `build.sh` script to specify a different output directory that does not exist prior to the copy operation.\n\n   Example modification:\n   ```sh\n   #!/bin/bash\n   cp -R . $PWD/build\n   # Original command:\n   # copy . $HOME/build\n   # Modified command:\n   # copy . $PWD/myCustomBuildDirectory\n   ```\n\n2. **Remove Existing Files**: If you want to ensure that the destination directory is empty, add commands to delete its contents before copying.\n\n   Example modification:\n   ```sh\n   rm -rf /tmp/build\n   cp -R . /tmp/build\n   ```\n\n### General Recommendations:\n\n- **Check the Build Path**: Ensure that the paths used in your build script do not interfere with the environment or existing configurations. This helps prevent any runtime errors due to file paths.\n\n- **CI/CD Processes**: Understand that CI/CD processes handle builds differently. Make sure your scripts are compatible with automated build processes to avoid such issues.\n\nIf you need further details or clarification, you can find more information on vulnerability scanning and the build process in the Choreo console [here](https://wso2.com/choreo/docs/devops-and-ci-cd/scanning-source-code-for-vulnerabilities/#vulnerability-scanning-in-the-choreo-console).",
"To securely manage secret keys and configurations for your React web application within the Choreo platform, you can follow these recommended practices:\n\n1. **Utilize Configurations and Secrets**: Choreo recommends storing sensitive information like secret keys, database passwords, etc., using configurations and secrets instead of environment variables. This ensures better security and management.\n\n2. **Mount Configurations and Secrets**: You can mount configurations and secrets as file mounts or environment variables to your web application during deployment. This helps maintain separation between configuration and code, ensuring that sensitive data is not hard-coded and exposed.\n\n3. **Set Up Configurations**: To set up configurations for your web application component:\n   - Click on the **Deploy** option in the left navigation menu.\n   - On the **Build Area** card, click **Configure & Deploy**.\n   - If you are setting up configurations during the initial deployment, you will automatically expand the **Set Up** card and proceed to fill in the configuration values.\n   - You can specify the configuration values based on the defined keys during this process.\n\n4. **Manage Keys and Secret Values**: Keep in mind that once you create a key, its name cannot be changed. Be sure to save and commit any changes made to the configuration values, as these will be automatically detected by Choreo and applied during your next deployment.\n\nBy following these guidelines, you can effectively manage your secret keys and configurations in a secure manner while using Choreo.\n\nFor more detailed steps on managing configurations and secrets, you can refer to the [Choreo documentation](https://wso2.com/choreo/docs/devops-and-ci-cd/manage-configurations-and-secrets/#set-up-configurations-to-manage-values-via-environment-variables).",
"To enhance security measures for your web application in Choreo, consider the following recommendations:\n\n1. **Configure an HTTPS endpoint**:\n   - Enable secure traffic by setting up an HTTPS endpoint for your web application.\n   - Follow the guide for [securing APIs with SSL/TLS](https://wso2.com/choreo/docs/authentication-and-authorization/secure-apis-with-managed-authentication/#step-2-configure-an-https-endpoint-for-your-web-application).\n\n2. **Use the built-in authentication feature**:\n   - Implement a simple authentication mechanism using Choreo’s built-in authentication feature.\n   - Refer to the documentation on [Testing Secure Web Applications with Built-In Authentication](https://wso2.com/choreo/docs/authentication-and-authorization/test-secure-web-applications-with-built-in-authentication/) for more details.\n\n3. **Utilize a proxy for additional security**:\n   - Consider using Choreo's proxy services for added security when calling external APIs.\n   - The proxy can serve as an intermediary, allowing you to configure URL mappings for easier access while adding security features like API protection.\n   - Check the guide on [Creating a Proxy](https://wso2.com/choreo/docs/tutorials/create-a-proxy/) for implementation.\n\n4. **Apply advanced security measures for critical applications**:\n   - If your web application requires extra security, such as multi-factor authentication or stronger data encryption, contact Choreo support for guidance on how to set these up.\n\nBy following these steps, you can significantly enhance the security measures for your web application within Choreo.\n\nFor further information on securing APIs and web applications, you may also refer to the related documentation links provided above.",
"There are several methods and best practices you can utilize to secure APIs in Choreo. Here’s a comprehensive overview:\n\n### 1. API Security Levels\nChoreo provides varying security levels for APIs:\n- **Public**: Open to anyone who requests it.\n- **Internal**: Accessible only within the organization's data plane.\n- **Private**: Only accessible via an API key or shared secret within the same application.\n\n### 2. Protecting APIs with Roles and Access Control\nYou can implement roles and access control to manage user permissions effectively:\n\n#### A. Implement Role-Based Access Control\n1. Define roles in your identity provider (IdP) with appropriate permissions.\n2. Configure Choreo components to use these roles:\n   - Navigate to the **Project** page.\n   - Click on the component to configure access.\n   - Specify application groups and select roles from the IdP.\n3. Assign users to application groups in the IdP.\n4. Manage role assignments through the Choreo Console.\n\nFor more detailed steps, you can refer to [Configure Role-Based Access Control](https://wso2.com/choreo/docs/authentication-and-authorization/secure-api-access-with-role-based-authorization/).\n\n### 3. Secure API Invocation Using an Application\n1. Create an application in Choreo:\n   - Click **+ Create** under Applications in the Developer Portal.\n   - Fill in the details and set the application level permissions.\n\n2. Configure API Access:\n   - Go to **Settings** of your API.\n   - Navigate to the **Subscription Key Generation** tab.\n   - Generate an API subscription.\n\n### 4. Implement OAuth 2.0 for API Security\nUsing OAuth 2.0 is a robust way to secure APIs:\n- Ensure your application supports authorization codes with PKCE.\n- Use a JWT audience claim for endpoint-specific access.\n- Implement a refresh token to automatically renew API keys if necessary.\n\nFor further details on securing APIs with OAuth 2.0, check out the [Secure API Access With OAuth 2.0 documentation](https://wso2.com/choreo/docs/authentication-and-authorization/secure-api-access-with-oauth2/).\n\n### Additional Recommendations\n- Regularly update authentication libraries to prevent vulnerabilities.\n- Employ secure coding practices to minimize risks.\n- Monitor API usage and response times to identify any anomalies.\n\nBy implementing these methods, you can significantly enhance the security of your APIs in Choreo. For further information, please refer to the following documentation links:\n- [Secure API Access With OAuth 2.0](https://wso2.com/choreo/docs/authentication-and-authorization/secure-api-access-with-oauth2/#generate-an-access-token-via-the-authentication-flow)\n- [Protect APIs With Role-Based Access Control](https://wso2.com/choreo/docs/authentication-and-authorization/secure-api-access-with-role-based-authorization/)",
"To invite new members to your organization in Choreo, follow these steps:\n\n1. **Access Settings**:\n   - Go to the top navigation menu and click on **Organization**.\n   - In the left navigation menu, select **Settings**. This will take you to the organization-level settings page.\n\n2. **Navigate to Access Control**:\n   - Click on the **Access Control** tab, and then select the **Members** tab.\n\n3. **Invite Members**:\n   - In the **Members** section, click on **+ Invite Member**.\n   - Specify the email addresses of the members you want to invite.\n   - Assign them relevant groups by selecting the group from the **Groups** list. The roles associated with the selected group will be automatically assigned to the invited members.\n\n4. **Send Invitation**:\n   - After entering the necessary details, click **Invite** to send the invitations to the specified members.\n\n### Important Notes:\n- The invited members must accept the invitation to join your organization and access its resources.\n- Ensure you have the necessary permissions (admin or organization manager role) to invite members, otherwise, your invitations may not be visible to some members.\n\nFor more detailed information, you can refer to the [Inviting Members](https://wso2.com/choreo/docs/administer/inviting-members/#inviting-members-to-an-organization) section in the documentation.",
"To restrict access to an API in Choreo so that only admins can see it, you can manage the permissions attached to the API via the Choreo Console. This allows you to define which roles have access to the API and specify what actions those roles can perform.\n\n### Steps to Restrict API Access:\n\n1. **Navigate to Your Component**: In the Choreo Console, go to the **Components Listing** pane and click on the component for which you want to control API access.\n\n2. **Access the Manage Section**: In the left navigation menu, click on **Manage**, then select **Permissions**.\n\n3. **Add Permissions**: On the **Permissions** page, click on **+ Add Permission (Role)**.\n\n4. **Specify Permission Value**: In the **Permission List** section, enter the permission value in the **Search Permission List** field. \n   - For example, if you want to allow the API to be visible to administrators, a suitable permission value could be `\"WORKFLOW-MANAGEMENT\"`. \n\n5. **Assign Roles**: Click **+ Add Role** next to the permission value.\n   - Enter **Role Name** and **Role Description** in the respective fields and click **Next**. You can assign multiple roles if needed.\n\n6. **Save Changes**: Click **Save and Deploy** to apply the changes.\n\nBy defining the appropriate permissions and roles, you ensure that only users with admin privileges will be able to access the API.\n\nFor more detailed steps, you can refer to the following documentation link: [Control API Access](https://wso2.com/choreo/docs/authentication-and-authorization/control-api-access/#step-3-attach-permissions-to-the-api-in-choreo).",
"To get started with the Choreo CLI on your computer, follow these steps:\n\n1. **Install the Latest Release of Choreo CLI**: You can download and install the latest release from the [Choreo CLI release page](https://github.com/wso2/choreo-cli/releases). Make sure you have a Git client installed as it is required to clone the sample repository.\n\n   ![Choreo CLI](https://wso2.com/choreo/docs/assets/img/cli/choreo-cli.png)\n\n2. **Verify the Installation**: Open your terminal and check the version of the CLI by running the following command:\n   ```bash\necho \"Choreo CLI Version: $(choreo --version)\"\n```\n   If the installation is successful, it should return the version number of the CLI.\n\n3. **Run the Sample**: Follow the sample steps to proceed with your desired activities using the Choreo CLI.\n\nFor more detailed instructions, you can refer to the official documentation: [Getting Started with Choreo CLI](https://wso2.com/choreo/docs/references/faq/#getting-started-with-choreo-cli).",
"To enable automatic scaling for your applications in Choreo, follow these steps:\n\n1. **Navigate to Your Component**: In the left navigation menu, click on the component for which you want to manage scaling.\n  \n2. **Access DevOps Settings**: In the left navigation menu, click **DevOps** and then select **Scaling**.\n\n3. **Enable Scaling**: Turn on the **scale-to-zero** toggle. This setting allows your application to automatically scale down to zero replicas when there is no traffic, while ensuring it scales up to handle incoming requests when needed.\n\n4. **Set Minimum and Maximum Replicas**: Adjust the **Minimum replicas** slider to define the least number of active replicas you want to maintain. Set the **Maximum replicas** slider to indicate the maximum number of replicas your application should have, which will depend on your infrastructure setup.\n\n5. **Manage Scale-to-Zero Settings**: Expand the **Scale-to-Zero** section to access additional settings:\n   - **Requests on the Health Endpoint**: Set a request size limit (in bytes) for the health check endpoint. If the response exceeds this limit, the endpoint is considered unhealthy.\n   - **Health Check Types**: Choose between different health checks:\n     - **Port TCP Probe**: Establishes a TCP connection on a specified port; a failed attempt indicates a health issue.\n     - **HTTP GET Request**: Sends an HTTP GET request to the configured `health endpoint`. A status code outside the range of 200-399 is considered a failure.\n     - **HTTP GET Heartbeat Probe**: Similar to the HTTP GET request but periodically sends heartbeat messages instead of checking the status code.\n     - **Execute a Command**: Runs a shell command; a non-zero return value indicates an error. Note that these commands run inside a non-root `Linux` container.\n\n6. **Apply Changes**: Click **Update** to save your changes.\n\nThis process enables your application to scale dynamically, reducing costs during low demand and ensuring availability during peak usage.\n\nFor more detailed guidance, you can refer to the documentation [here](https://wso2.com/choreo/docs/devops-and-ci-cd/autoscale/autoscale-components-with-scaling-to-zero/#set-up-autoscaling-for-your-container).",
"If your service is getting overloaded with requests in Choreo, there are several strategies you can employ to manage or prevent further issues:\n\n1. **Implement Rate Limiting**: This is a common technique to control the rate at which clients can access your service. By setting rate limits, you can protect your backend from receiving more requests than it can handle.\n   \n2. **Request Queuing**: If rate limiting isn’t sufficient, request queuing allows incoming requests to queue when the server reaches its maximum connection limit, thereby ensuring requests don’t get lost.\n\n3. **Horizontal Scaling**: Increasing the number of replicas of your service can help distribute the load more efficiently across multiple instances. This method is particularly effective when demand spikes suddenly.\n\n4. **Dynamic Scaling**: Automate the scaling of replicas based on resource consumption and traffic. This ensures that your service can scale up automatically during periods of high activity, thus managing the load better.\n\n5. **API Throttling**: If necessary, you can apply throttling levels to limit API usage, especially if it’s causing performance issues.\n\n6. **Check Logs**: Monitor the logs to identify patterns and understand the nature of the overload. This may provide insights into what triggers the overload and guide your mitigation efforts.\n\n7. **Communication**: Keep your users informed about any capacity limitations through appropriate error messages or notifications.\n\nBy considering these methods, you can effectively manage your service's response to high traffic and ensure it operates optimally.\n\nFor more details, you can refer to the following documentation:\n- [Manage API rate limiting](https://wso2.com/choreo/docs/api-management/api-rate-limiting/)\n- [Set Up Dynamic Scaling](https://wso2.com/choreo/docs/devops-and-ci-cd/autoscale/set-up-dynamic-scaling-for-your-container/#configure-autoscaling-for-container-components)"
]


data_samples = {
    'question': questions,
    'answer': answers,
    'ground_truth': ground_truths
}
dataset = Dataset.from_dict(data_samples)
score = evaluate(dataset,metrics=[answer_correctness])
score.to_pandas()

Evaluating:   0%|          | 0/42 [00:00<?, ?it/s]

Unnamed: 0,user_input,response,reference,answer_correctness
0,How to deploy a webapp?,"To deploy a web application using Choreo, you ...","To deploy a web application in Choreo, follow ...",0.465266
1,"How to resolve """"Module not found error"""" duri...","The ""Module not found error"" encountered durin...",To resolve a **Module not found** error during...,0.574758
2,How to add authentication to my service?,To add authentication to your service in Chore...,To add **authentication** to a service in **Ch...,0.367311
3,How to add a custom domain to my web app?,To add a custom domain to your web application...,to add a custom domain to a web app in Choreo:...,0.668884
4,How can I test my service?,"To effectively test a service in Choreo, you c...","To test your service in **Choreo**, you can us...",0.407384
5,How can I add environment variables to python ...,To manage environment variables for a Python w...,"To set up environment variables in **Choreo**,...",0.338149
6,How to connect the React frontend to the backend?,To connect your React frontend to your backend...,1: Create and Deploy Your Backend Service\nFir...,0.42883
7,How can I deploy my backend and then connect i...,To connect your backend deployed in Choreo to ...,To deploy a backend service on Choreo and conn...,0.312171
8,How can I implement testing for a full-stack a...,I'm here to assist with questions related to C...,To implement automated testing for both fronte...,0.203345
9,"I'm getting """"procfile not found"""" error for m...","To resolve the issue of a ""procfile not found""...",The error you're encountering is because Chore...,0.22715
