Defining docker composition (docker-compose.yml)
\nThe docker composition defines which image and how the container is started. It is defined in a configuration file in YAML format and holds the information about for your docker image, the HIRO instance and the type of actions you seek to execute.
\nversion: \"3.7\"\nservices:\n actionhandler:\n image: almatoai/hiro-actionhandler:latest # Please update version number to the most recent tagged version\n container_name: actionhandler\n env_file: ~/[path to your environment file]/config.env\n restart: always\n volumes: #required for SSH only\n - type: bind\n source: [absolute path]/[private key file]\n target: /home/hiro/.ssh/id_rsa\n environment:\n USE_DEFAULT_AH_CONFIGS: ExecuteCommand,HTTPRequest\n AH_CONFIG: >\n {}The next sections walk you through the required adjustments: We will pass an environment variable file with HIRO credentials, mount the SSH private key and pass environment (when required) and define the Action Handler configuration map.
\nCreating environment variable file (config.env)
\nYou need to create an ActionHandler environment variable file for the docker image, typically named config.env. This file holds the credentials for your HIRO instance.
HIRO_USER=XXXXXXX\nHIRO_PASS=XXXXXXX\nHIRO_EXTERNAL_USER=XXXXXXX\nHIRO_EXTERNAL_PASS=XXXXXXXEach ActionHandler should have a dedicated service user account for the respective HaaS instance.\nIn case you do not have the credentials ready, please login to the arago account management application Almato ID,\nnavigate to Member tab and search for users named 'actionhandler'.
\n![\"Search](\"/7.0/images/actionhandler/search_user.png\")
\nIf a dedicated ActionHandler user does not exist for your haas-instance yet, please contact\nyour organization admin. Make a note of the username and password and enter them in the environment variable file for HIRO_USER and HIRO_PASS. You can change the password by clicking the\noptions icon and select Edit Profile. In case of questions, you can also contact the HIRO Support.
The HIRO_EXTERNAL_USER and HIRO_EXTERNAL_PASS environment variables are optional if the \"supply_token\" functionality is required and the token passed to the actual handler should use a different user account than the ActionHandler itself.
Mounting RSA private key (for SSH only)
\nIf you want to invoke SSH commands using the ActionHandler, you need to mount an RSA private key into the container and exchange the public key with the target system.\nThe key needs to be in pkcs8 format and should not have a passphrase. You can generate a new key pair with the following command:
\nssh-keygen -m pkcs8Save the key pair to the server running docker and set the source attributes in the docker composition to the location of the private key- and cert-file. Make sure the files are readable for the ActionHandler (by default, the ActionHandler is run as user hiro with id 1000).\nDo not forget to add the content of the generated public key into ~/.ssh/authorized_keys on your the target system.
Please note: From a container perspective, even the local host is a remote target system, so you should be following the same steps. However, you might find some shortcuts in the DockerHub help pages for network configuration.
\nAction Handler configuration map (AH_CONFIG)
\nYour connector needs a configuration of which actions or capabilities to\nprocess and how to execute them. This is configured in a configuration variable\ncalled AH_CONFIG.
Please refer to How to configure capabilities in the standard Action Handler (Docker image)\nfor details on the configuration map.
\n