The Task Management plugin is available as a Docker image and serves as a dedicated microservice within the FlowX platform ecosystem.

Dependencies

The plugin requires the following components:

  • A MongoDB database for task storage
  • A connection to the RuntimeDB for operational data
  • Access to the database used by the FlowX Engine
  • Connection to the Kafka instance used by the FlowX Engine
  • A Redis instance for caching and performance optimization

While many configuration properties come pre-configured, several environment variables must be explicitly set for proper functionality.

Configuration

Authorization configuration & access roles

Configure the following variables to connect to your identity management platform:

  • SECURITY_OAUTH2_BASE_SERVER_URL - Base URL of your OpenID Connect provider
  • SECURITY_OAUTH2_CLIENT_CLIENT_ID - Client ID for authentication
  • SECURITY_OAUTH2_CLIENT_CLIENT_SECRET - Client secret for authentication
  • SECURITY_OAUTH2_REALM - Security realm for the application

A dedicated service account must be configured in your OpenID provider to allow the Task Management microservice to access realm-specific data and perform operations:

OpenID connect settings

  • SECURITY_TYPE - Indicates the security type (default: oauth2)
  • SECURITY_PATHAUTHORIZATIONS_0_PATH - Defines which endpoints are protected (e.g., /api/**)
  • SECURITY_PATHAUTHORIZATIONS_0_ROLESALLOWED - Roles permitted to access the defined paths
  • SECURITY_OAUTH2_BASE_SERVER_URL - Base URL of the OpenID server
  • SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_CLIENT_ID - Service account client ID used for process initiation and plugin access (requires FLOWX_ROLE and role mapper)
  • SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_CLIENT_SECRET - Service account client secret

For more detailed information about configuring the service account:

Task Management Service Account

FlowX Engine datasource configuration

The service needs access to process instance data from the engine database. Configure these connection parameters:

  • SPRING_DATASOURCE_URL - JDBC URL for the engine database
  • SPRING_DATASOURCE_USERNAME - Database username
  • SPRING_DATASOURCE_PASSWORD - Database password

MongoDB configuration

Configure access to the primary MongoDB instance:

  • SPRING_DATA_MONGODB_URI - Connection URI for MongoDB

Task Manager requires a runtime connection to function correctly. Starting the service without a configured and active runtime MongoDB connection is not supported.

Runtime MongoDB configuration

Enable the Runtime MongoDB connection:

  • SPRING_DATA_MONGODB_RUNTIME_URI - URI for connecting to MongoDB Runtime (app-runtime)
    • Format: mongodb://${RUNTIME_DB_USERNAME}:${RUNTIME_DB_PASSWORD}@mongodb-0.mongodb-headless,mongodb-1.mongodb-headless,mongodb-arbiter-0.mongodb-arbiter-headless:27017/${RUNTIME_DB_NAME}?retryWrites=false
  • RUNTIME_DB_USERNAME - Username for runtime database (typically app-runtime)
  • RUNTIME_DB_NAME - Name of runtime database (typically app-runtime)
  • RUNTIME_DB_PASSWORD - Password for runtime database

Redis Configuration

Configure the Redis cache with these parameters:

  • SPRING_REDIS_HOST - Redis server hostname or IP address
  • SPRING_REDIS_PASSWORD - Authentication password for Redis
  • REDIS_TTL - Time-to-live for cached items

Kafka configuration

Configure the Kafka integration using these environment variables:

  • SPRING_KAFKA_BOOTSTRAP_SERVERS - Address of the Kafka server(s)
  • SPRING_KAFKA_CONSUMER_GROUP_ID - Consumer group identifier
  • KAFKA_CONSUMER_THREADS - Number of Kafka consumer threads
  • KAFKA_CONSUMER_EXCLUDE_USERS_THREADS - Number of threads for processing user exclusion events
  • KAFKA_AUTH_EXCEPTION_RETRY_INTERVAL - Time interval between retries after AuthorizationException
  • KAFKA_MESSAGE_MAX_BYTES - Maximum message size that can be received from producers

Kafka topics

Each action available in the service corresponds to a Kafka event. A separate Kafka topic must be configured for each use-case:

  • Process Management
    • KAFKA_TOPIC_PROCESS_START_OUT - used for running hooks; the engine receives a start process request for a hook on this topic (must be matched with the corresponding start_in topic on the engine side)
    • KAFKA_TOPIC_PROCESS_OPERATIONS_OUT - used to update the engine on task manager operations such as assignment, unassignment, hold, unhold and terminate (must be matched with the operations_in topic on the engine side)
    • KAFKA_TOPIC_PROCESS_OPERATIONS_BULK_OUT - used for bulk operations on tasks, sending multiple operations at once to the engine
  • Scheduling
    • KAFKA_TOPIC_PROCESS_SCHEDULE_IN - used to receive a message from the task manager when it’s time to run a hook (for hooks configured with SLA)
    • KAFKA_TOPIC_PROCESS_SCHEDULE_OUT_SET - sends a message to the scheduler to set hooks or exclude users from automatic assignment when they are assigned to out of office
    • KAFKA_TOPIC_PROCESS_SCHEDULE_OUT_STOP - sends a message to the scheduler to stop the schedule for previously set actions
  • User Management
    • KAFKA_TOPIC_EXCLUDE_USERS_SCHEDULE_IN - used to receive a message from the scheduler when users need to be excluded from assignments
  • Task Operations
    • KAFKA_TOPIC_TASK_IN - used to receive a message from the engine to start a new task (must be matched with the corresponding task_out topic on the engine side)
  • Events and Integration
    • KAFKA_TOPIC_EVENTS_GATEWAY_OUT_MESSAGE - outgoing messages for Events Gateway
    • KAFKA_TOPIC_RESOURCES_USAGES_REFRESH- used to trigger a refresh of resource usage information

The Engine listens for messages on topics with specific naming patterns. Ensure you use the correct outgoing topic names when configuring the Task Management plugin to maintain proper communication with the engine.

Logging configuration

Control logging verbosity with these environment variables:

  • LOGGING_LEVEL_ROOT - Root Spring Boot microservice logs
  • LOGGING_LEVEL_APP - Application-level logs
  • LOGGING_LEVEL_MONGO_DRIVER - MongoDB driver logs

Filtering feature

  • FLOWX_ALLOW_USERNAME_SEARCH_PARTIAL - Enables filtering possible assignees by partial names (default: true)

Scheduled jobs

The Task Management plugin includes scheduled maintenance jobs:

  • SCHEDULER_USERSCACHESCLEANUP_CRONEXPRESSION - Cron expression for user cache cleanup (default: 0 0 0 * *? - every day at midnight)

Resource usage monitoring

The plugin includes a resource usage monitoring feature that can be configured:

  • FLOWX_LIB_RESOURCES_USAGES_ENABLED - Enable resource usage tracking (default: true)
  • FLOWX_LIB_RESOURCES_USAGES_REFRESH_LISTENER_ENABLED - Enable refresh listener (default: true)
  • FLOWX_LIB_RESOURCES_USAGES_REFRESH_LISTENER_COLLECTOR_THREAD_COUNT - Number of threads for resource collection (default: 5)
  • FLOWX_LIB_RESOURCES_USAGES_REFRESH_LISTENER_COLLECTOR_MAX_BATCH_SIZE - Maximum batch size for collection (default: 1000)
  • FLOWX_LIB_RESOURCES_USAGES_KAFKA_CONSUMER_GROUP_ID_RESOURCES_USAGES_REFRESH - Consumer group for resource usage refresh events (default: taskMgmtResourcesUsagesRefreshGroup)
  • FLOWX_LIB_RESOURCES_USAGES_KAFKA_CONSUMER_THREADS_RESOURCES_USAGES_REFRESH - Number of threads for processing resource usage events (default: 3)

Database Migration

The Task Management plugin uses Mongock for MongoDB migrations:

  • MONGOCK_CHANGE_LOGS_SCAN_PACKAGE - Package to scan for database change logs

Was this page helpful?

Suggest editsRaise issue