Raven
Configuration
Runtime configuration and environment variables for Raven
Settings file
services/raven/config/settings.py- Local overrides can be placed in
services/raven/.env(loaded by Pydantic).
Environment variables
| Variable | Required | Default | Purpose |
|---|---|---|---|
DEBUG | No | false | Enables debug logging |
GCP_PROJECT_ID | No | resolved via metadata | GCP project id |
SPANNER_INSTANCE_ID | Yes | none | Spanner instance id |
SPANNER_DATABASE_ID | Yes | none | Spanner database id |
SEARCH_DEFAULT_LIMIT | No | 10 | Default search limit |
SEARCH_MAX_LIMIT | No | 15 | Max search limit |
SPANNER_SEARCH_STALENESS_SECONDS | No | 15 | Staleness window for search |
SEARCH_STREAM_BATCH_SIZE | No | 1 | Stream batch size |
MICROSOFT_TENANT_ID | No | common | Tenant id for OIDC |
MICROSOFT_CLIENT_ID | No | none | OIDC client id (fallback) |
SEARCH_STREAM_BATCH_SIZE must be >= 1.
Credentials
Raven relies on Application Default Credentials (ADC) for:
- Cloud Spanner access
- Secret Manager access
- Firebase Admin initialization
For local development, set GOOGLE_APPLICATION_CREDENTIALS to a service
account JSON with Spanner + Secret Manager + Firebase permissions, or run
gcloud auth application-default login.
Secrets (Secret Manager)
| Secret | Required | Purpose |
|---|---|---|
RAVEN_BUBBLE_API_TOKEN | Yes | Bubble API token for login/SSO |
MICROSOFT_CLIENT_ID | Optional | Preferred source for OIDC client id |
If MICROSOFT_CLIENT_ID is missing in Secret Manager and env, SSOLogin is
disabled and the API returns UNAVAILABLE.
Last updated on