Contact synchronization

WorkZone offers a series of modules that manage automatic import and update of CPR (person) or CVR (company) contact data into WorkZone. For information about contact synchronization, see Contact lookup and synchronization (CPR and CVR).

This page describes the configuration that is needed to deploy containers that are required to run the contact synchronization modules.

Container deployment

In addition to the WorkZone values in the values.yaml (See Prepare environment files for WorkZone container installation), you need to prepare the values that are specific to contact synchronization containers. A sample values.yaml file is shown below:


wzlogic:
    oauth2:
      clientId: CvrUpdate.UpdateService
    contactlookupservice:
      url: https://wzlogic-contactlookupservice/
      latestApiUrl: https://wzlogic-contactlookupservice/api/v1/ContactLookup
    contactsyncconfigservice:
      url: https://wzlogic-contactsyncconfigservice/
      latestApiUrl: https://wzlogic-contactsyncconfigservice/api/v1/ContactSyncConfiguration
    cprsubscriptionservice:
      url: https://wzlogic-cprsubscriptionservice/
      schedule: "0 */3 * * *"
    cprupdateservice:
      url: https://wzlogic-cprupdateservice/
    subscriptionservice:
      url: https://wzlogic-subscriptionservice/
      schedule: "0 */3 * * *"
    updateservice:
      url: https://wzlogic-updateservice/
    datafordeler:
      CprBaseUri: https://s5-certservices.datafordeler.dk/
      CvrBaseUri: https://s5-certservices.datafordeler.dk/

You can configure the values of the cprsubscriptionservice and the updateservice variables. The remaining variables in the values.yaml file are global values and should not be changed.

Variable	Description	Value
cprsubscriptionservice	A service that checks Datafordeler for updated information on CPR contacts. You can configure the schedule for when the service should check for updates. If you want to change the default value, we recommend decreasing the frequency.	The default value is: url: https://wzlogic-cprsubscriptionservice/ schedule: "0 4 * * 1-5 which is 4 AM UTC, Monday to Friday.
subscriptionservice	A service that checks Datafordeler for updated information on CVR contacts. You can configure the schedule for when the service should check for updates. If you want to change the default value, we recommend decreasing the frequency.	The default value is: url: https://wzlogic-subscriptionservice/ schedule: "0 4 * * 1-5 which is 4 AM UTC, Monday to Friday.

Variable

Description

Value

cprsubscriptionservice

A service that checks Datafordeler for updated information on CPR contacts.

You can configure the schedule for when the service should check for updates.

If you want to change the default value, we recommend decreasing the frequency.

The default value is:

url: https://wzlogic-cprsubscriptionservice/ schedule: "0 4 * * 1-5

which is 4 AM UTC, Monday to Friday.

subscriptionservice

A service that checks Datafordeler for updated information on CVR contacts.

You can configure the schedule for when the service should check for updates.

If you want to change the default value, we recommend decreasing the frequency.

The default value is:

url: https://wzlogic-subscriptionservice/ schedule: "0 4 * * 1-5

which is 4 AM UTC, Monday to Friday.

The table below provides an overview of the of the global variables. Leave these variables as is.

Variable	Description	Value
oauth2	The URL of the WorkZone authentication service.	clientId: CvrUpdate.UpdateService
contactlookupservice	A service that looks up contacts in Datafordeler.	https://wzlogic-contactlookupservice/
contactsyncconfigservice	A service that provides the configuration API for contact synchronizations services, such as CPR/CVR lookup and update.	url: https://wzlogic-contactsyncconfigservice/
cprupdateservice	A service that synchronizes CPR contact changes in Datafordeler withWorkZone.	url: https://wzlogic-cprupdateservice/
updateservice	A service that synchronizes CVR contact changes in Datafordeler with WorkZone.	url: https://wzlogic-updateservice/
datafordeler	Base URIs to the Datafordeler service.	CprBaseUri: https://s5-certservices.datafordeler.dk/ CvrBaseUri: https://s5-certservices.datafordeler.dk/

Secrets

This section describes how to generate the secrets that are requires to deploy the contact synchronization containers.

Encryption secrets

There are two secrets that are used to encrypt and decrypt the passwords to the certificates that are used to communicate with Datafordeler.

Note: You must set the parameters as is, but you can adjust the output paths to the machine where the deployer generates them.

Use the Windows and Linux built-in tool ssh-keygen to generate the two secrets.

Private:

ssh-keygen -b 2048 -m pkcs8 -t rsa -f /var/prvkey

Public:

ssh-keygen -f /var/prvkey -e -m pem >> /var/pubkey

Add the values (secrets) to the keys:

WORKZONE-CONTACTSYNCCONFIG-DECRYPTION-KEY

The value is the private secret that was generated above.

WORKZONE-CONTACTSYNCCONFIG-ENCRYPTION-KEY

The value is the public secret that was generated above.

Note: Remove headers and line breaks before you add the values to Key Vault.

Example:

Key: WORKZONE-CONTACTSYNCCONFIG-DECRYPTION-KEY

Value: MIIJQwIBADANBgkqhkiG9w0BAQEFAA(...) #truncated, must be one line, no line breaks.

Key: WORKZONE-CONTACTSYNCCONFIG-ENCRYPTION-KEY

Value: MIICCgKCAgEAjEErCcSmqYDaSlD70/(...) #truncated, must be one line, no line breaks.

OAuth2 service user secret

This OAuth2 service user secret is needed to authenticate in WorkZone as a service.

WORKZONE-LOGIC-OAUTH2-SECRET

The value must be a strong secret that is used as OAuth2 client secret.

See Prepare the Key Vault for installing WorkZone.

Installing the contact synchronization containers

Using werf

Copy the values.yaml file above, and make changes to it as needed, for example changing the schedules.
Paste your changes in to the global values.yaml file.

See Preparing container installation and Installing the WorkZone containers using a master Helm chart.