Candidate environments are any Pega environment that a Deployment Manager Pipeline manages. Most pipelines consist of Dev, QA,
Staging, and Production environments.
Before you begin: Install the PegaDevOpsFoundation
application on each candidate environment.
See below for setting up a candidate environment.Note: If
you did not enable SSL on the candidate environment, then you must deselect the
"Require TLS/SSL for REST services in this package" for both the
cicd and api service packages. Pega does not recommend this
- On each candidate system, enable the DMAppAdmin operator ID.
If you want to create your own operator IDs, ensure that they point to the
- Log in to each candidate system as an administrator.
- From the Dev Studio header, click , and then click DMAppAdmin.
- On the Edit Operator ID rule form, click the
- Clear the Disable Operator check box.
- Click Save.
- Click Update password.
- In the Change Operator ID Password dialog box,
enter a password, reenter it to confirm it, and then click
- Log out of each candidate system.
- For development environments, update the OrchestratorURL Dynamic System Setting
in the PegaDevopsShared ruleset to point to the
orchestrator. Use this setting for Dev Studio and App Studio integration. The URL should end in
/prweb (though this is customizable).
- Create and configure a keystore named DMKeyStore.
- If your target environment is SSL-enabled with private certificates, configure
the Deployment Manager connectors so that they can receive and process
information by setting the keystore:
- Click to create and configure a keystore. For more information,
see Creating a keystore for application data encryption
- Configure the
dynamic system setting to reference the keystore ID by clicking .
- If the candidate system is between Pega Platform 8.1 and Pega Platform 8.5.1,
the candidate must have 4.8.4 Pega DevOps Foundation. If candidates are managed
by an orchestrator on version 5 or later, you must create the PegaDevopsShared
configuration and set the value to True. If not set, the candidate will fall
back to using the older 4.x APIs for interactions with Deployment Manager and
the pipelines will not be functional if using a 5.x orchestrator. Having the
configuration created and set to true will ensure the candidates would leverage
the 5.x API service.
- Owning ruleset: PegaDevopsShared
- Purpose: deploymentmanager/orchestrator/managed_by_5x/enabled
- Value: True
Setting client secret on the candidate environment
Deployment Manager cannot automatically populate the client secret
to candidate environments as we do not recommend that you share this information across
To manually update the client secret information (from Step 2 above) on your
What to do next:
- In Dev Studio, from the Records Explorer, navigate to to receive a list of profile names on the candidate
- Select the DMReleaseAdmin_OAuth2 authentication
- Update client secret on the authentication profile, and follow the steps below
- If your candidate system is on Pega Platform 8.3 or
above, on the OAuth 2.0 tab under the Client
configuration section, enter the client secret in the
Client secret field.
- If your candidate system is on Pega Platform 8.2 or
below, update the client secret in the
DMReleaseAdmin_OAuth2 authentication profile.
Update Access token endpoint and
Revoke token endpoint in DMCustom
O Auth 2.0 Provider.
- Under the Endpoint configuration section, enter the
Access token endpoint and Revoke token
- Click Save.