Deployment: hbf-knowledge-manager
Infrastructure config for this service. Full platform deployment:
docs/architecture/deployment.md
Runtime
- Port: 3000 (default; overridden by
PORTenv var) - Framework: NestJS (Node.js 22)
- Base image (build): node:22-slim
- Base image (runtime): node:22-slim
- Start command:
npm run start:prod→node dist/main - Local dev:
npm run start:dev(NestJS watch mode; setsELASTIC_APM_ACTIVE=false) - Health check: none configured (relies on K8s liveness/readiness probes in production)
Required Environment Variables
| Variable | Example | Description |
|---|---|---|
| PORT | 3000 | HTTP listen port (default: 3000) |
| CORE_BASE_URL | http://hbf-core:8080 | hbf-core base URL |
| CORE_TOKEN | <token> | Static service auth token for hbf-core |
| PINO_LOGGER_USE | true | Enable Pino structured logging |
| PINO_LOGGER_LEVEL | info | Log level (trace/debug/info/warn/error) |
| PINO_LOGGER_AUTO_LOGGING | false | Auto-log HTTP requests |
| ELASTIC_APM_ACTIVE | false | Enable Elastic APM agent |
| ELASTIC_APM_SERVER_URL | — | APM server endpoint (required if APM active) |
| ELASTIC_APM_SECRET_TOKEN | — | APM auth token (required if APM active) |
| ELASTIC_APM_SERVICE_NAME | — | Service identifier in APM |
| ELASTIC_APM_ENVIRONMENT | — | Environment name in APM |
| SHAREPOINT_CLIENT_ID | — | SharePoint OAuth app client ID |
| SHAREPOINT_CLIENT_SECRET | — | SharePoint OAuth app client secret |
| SHAREPOINT_WEBHOOK_BASE_URL | — | Base URL for SharePoint webhook callbacks |
| SHAREPOINT_WEBHOOK_SECRET | — | Shared secret for webhook validation |
Azure Blob Storage credentials (accountName, containerName, sasToken) are not service-level env vars. They are stored per-org in hbf-core and retrieved at runtime via the hbf-core-api.
Docker
# Build (requires GitHub PAT for @helvia npm scope)
docker build --build-arg GITHUB_TOKEN=<PAT> -t hbf-knowledge-manager .
# Run
docker run -p 3000:3000 --env-file .env hbf-knowledge-manager
CI/CD
No CI/CD configured yet (no .github/workflows/ directory).
External Dependencies
- Azure Blob Storage — source of knowledge base documents; accessed via per-org SAS tokens stored in hbf-core. Cloud-only; not in local infra.
- Azure Event Grid — delivers
BlobCreated/BlobDeletedwebhook events toPOST /webhooks/azure-blob. Cloud-only; not in local infra. - hbf-core — all KB read/write operations, integration config, and auth token validation go through hbf-core API.
Notes
- No database. No Kafka. No Redis. Stateless; all persistent state lives in hbf-core.
- No docker-compose.yml. Run standalone with
npm run start:devfor local development. - Azure credentials are per-org config, not service env vars. Adding a new Azure Blob integration is done via hbf-core, not by redeploying this service.